Re: Starting freeze for 2.2.0 release

2022-01-29 Thread Kevin J. McCarthy 

On Sat, Jan 29, 2022 at 10:03:33PM +, isdtor wrote:



   ! contrib/smime.rc now uses the cms utility for SMIME encryption/decryption.


Kevin, can you please clarify - what is the cms utility?


See 
 
for the commit.  It changed the openssl command parameter from "smime" 
to "cms" for encryption and decryption.



I cannot find it on my system. What does it replace in this context?
And, is this relevant for the "set crypt_use_gpgme=yes" use case?


No this doesn't affect gpgme.


   + --with-gsasl allows configuration with the GNU SASL library, as an
 alternative to Cyrus.




Cyrus has been around for a long time and it seems that development has 
either ceased or is proceeding at a glacial pace. Which is fine by me 
if the software is feature-complete and mature enough to have slowed 
the discovery of new bugs to a trickle. Are there any opinions on the 
list whether switching to gsasl is worthwhile for day-to-day users? It 
seems there are more than those two implementations out there, too.


I did this in response to 
.  Since the 
code is new, I invite you to test it.  But there are certainly going to 
be issues to work through, so don't feel obliged to use it.  :-)


--
Kevin J. McCarthy
GPG Fingerprint: 8975 A9B3 3AA3 7910 385C  5308 ADEF 7684 8031 6BDA


signature.asc
Description: PGP signature

Re: Starting freeze for 2.2.0 release

2022-01-29 Thread isdtor 


>! contrib/smime.rc now uses the cms utility for SMIME 
> encryption/decryption.
 
Kevin, can you please clarify - what is the cms utility? I cannot find it on my 
system. What does it replace in this context? And, is this relevant for the 
"set crypt_use_gpgme=yes" use case?

>+ --with-gsasl allows configuration with the GNU SASL library, as an
>  alternative to Cyrus.
 
Cyrus has been around for a long time and it seems that development has either 
ceased or is proceeding at a glacial pace. Which is fine by me if the software 
is feature-complete and mature enough to have slowed the discovery of new bugs 
to a trickle. Are there any opinions on the list whether switching to gsasl is 
worthwhile for day-to-day users? It seems there are more than those two 
implementations out there, too.

Thanks.