I'm the developer of a Perl module to interact with GnuPG, and I've had a
hard time deciding how certain options should be handled when giving them
to GnuPG, as GnuPG's argument handling seems to have changed a lot in the
long time I've known it. I understand that much of this arises from
GnuPG's notion of 'option' arguments versus 'command' arguments.
Currently, when the user want the module to clearsign a message, this is
considered a supplement to to general notion of signing the message. The
module implements this, however, by calling GnuPG with:
gpg --clearsign
I now notice that GnuPG now graciously handles:
gpg --sign --clearsign
What is the 'preferred' call? As I am developing for a module, I need to
heavily think about forward compatibility. The same question go for
detached signatures; interestingly, '--clearsign' seems to override
'--detach-sig'.
If there is any reference library that interacts with GnuPG I'd like to
know about it. I'd use mutt, except for the fact it is not a library; it
conforms to a strict routine, if I'm not mistaken. I've once looked at
pgpglue but that seems sorely out of date.
--
Frank Tobin http://www.neverending.org/~ftobin/
"To learn what is good and what is to be valued,
those truths which cannot be shaken or changed." Myst: The Book of Atrus
OpenPGP: 4F86 3BBB A816 6F0A 340F 6003 56FF D10A 260C 4FA3
hard time deciding how certain options should be handled when giving them
to GnuPG, as GnuPG's argument handling seems to have changed a lot in the
long time I've known it. I understand that much of this arises from
GnuPG's notion of 'option' arguments versus 'command' arguments.
Currently, when the user want the module to clearsign a message, this is
considered a supplement to to general notion of signing the message. The
module implements this, however, by calling GnuPG with:
gpg --clearsign
I now notice that GnuPG now graciously handles:
gpg --sign --clearsign
What is the 'preferred' call? As I am developing for a module, I need to
heavily think about forward compatibility. The same question go for
detached signatures; interestingly, '--clearsign' seems to override
'--detach-sig'.
If there is any reference library that interacts with GnuPG I'd like to
know about it. I'd use mutt, except for the fact it is not a library; it
conforms to a strict routine, if I'm not mistaken. I've once looked at
pgpglue but that seems sorely out of date.
--
Frank Tobin http://www.neverending.org/~ftobin/
"To learn what is good and what is to be valued,
those truths which cannot be shaken or changed." Myst: The Book of Atrus
OpenPGP: 4F86 3BBB A816 6F0A 340F 6003 56FF D10A 260C 4FA3