On Sun, Mar 18, 2012 at 8:00 AM, Allan McRae <allan@archlinux.org> wrote:
Now... has anyone proposing this actually done the work and noted which configure options get disabled when building gpgme against only one of gnupg or gnupg2. I remember there was differences when I was looking into this for the same request made back in 2010 (https://bugs.archlinux.org/task/22110). I can not remember the results, but I remember there was a difference.
I tried building it only against gnupg2, and as far as I could tell it made no difference. If I understood correctly building against gnupg1 means that we don't get support for gpgms (at least). Dropping gnupg2 does not sound like a good idea, as that means people would have to build a second verision of gpgme to get gnupg2 features. Furthermore, if we drop gnupg1, we could eventually drop it from the repos all together, which would not be the case for gnup2 as it has more features people might need. As to the stability, I don't know much about this. It seems that upstream needs to clarify their communication, in the release announcement of 2.0.18 they refer to it as "stable" and make no suggestions that version 1 should be better in this regard: "We are pleased to announce the availability of a new stable GnuPG-2 release: Version 2.0.18. [...] GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.11) in that it splits up functionality into several modules. However, both versions may be installed alongside without any conflict. In fact, the gpg version from GnuPG-1 is able to make use of the gpg-agent as included in GnuPG-2 and allows for seamless passphrase caching. The advantage of GnuPG-1 is its smaller size and the lack of dependency on other modules at run and build time. We will keep maintaining GnuPG-1 versions because they are very useful for small systems and for server based applications requiring only OpenPGP support." Cheers, Tom