kylehuff
Please explain how webpg depends on GnuPG
I see two option:
- developer have to install GnuPG in order to compile webpg
- each user that installs webpg have to install GnuPG on his PC.
Which option is correct?
I see compiled binaries here that webpg is depending on. So I guess that GnuPG library is needed only during compilation when header files are required. But at runtime webpg links with dynamic libraries and doesn't require GnuPG installed.
The build documentation should not reference GnuPG anymore. Before the project had the static libs integrated into the build environment, in order to build the GPGME library (and headers) needed to be on the development system. I have since changed the project to include the required libraries within the project tree.
On the end-user side, GnuPG is still a requirement. The libraries that are statically included into WebPG are for communicating with GnuPG (libgpgme) -- WebPG does not provide the GnuPG, or any other crypto engine.
One of the primary reasons for this is because even if WebPG provided an instance of GnuPG, I am not aware of a manner in which the installation of WebPG could install and configure a valid key agent. The key agent is one of more vital parts concerning WebPG, as WebPG does not handle passphrases. WebPG merely invokes an operation of the gnupg context and expects the key agent to pickup the event and unlock the keyring for the current operation.
