From wk at gnupg.org Tue Oct 23 19:26:02 2001 From: wk at gnupg.org (Werner Koch) Date: Wed Feb 23 12:43:33 2005 Subject: [Announce] A new GnuPG snapshot (unstable) Message-ID: <877ktmtgkl.fsf@alberti.gnupg.de> Hi, after messing around with autoconf 1.5 for quite some time, I finally was able to release a new DEVELOPMENT snapshot of GnuPG: *PLEASE READ THIS ENTIRE ANNOUNCEMENT BEFORE YOU START TO PLAY* ftp://ftp.gnupg.org/gcrypt/devel/gnupg-1.0.6b.tar.gz (1.9M) ftp://ftp.gnupg.org/gcrypt/devel/gnupg-1.0.6b.tar.gz.sig Please find a list of mirrors at http://www.gnupg.org/mirrors.html Again I changed quite a lot of things. Using this version with a current keyring renders the keyring unreadable for any previous GnuPG versions. So I did WARN YOU ABOUT THESE INCOMPATIBLE CHANGES - please don't complain that it destroyed all your keys. Actually this incompatibility is due to a bug in the older versions which are not able to cope with trust packet larger than one byte. You can use --export as an escape hatch because trust packets are never exported. There are 2 major changes in this release: * The caching of the signature verification status changed from using special signature subpackets to the use of the trust packets. You can (and should) rebuild this key cache using the new command "gpg --rebuild-keydb-caches" * The format of the TrustDB and the way it works has entirely be rewritten. gpg tries to migrate to the new format but this code is obviously not very well tested, so you might want to make a backup of our ownertrust values first. The validity of the key is now checked every time you insert a new key or signature and when a key or a signature expires. This automatic check can be disabled and replaced by a cron job which does an "gpg --check-trustdb" every night or so. To assign an ownertrust, you can either do this in the edit menu or use the command "gpg --update-trustdb" which does the maintenance pass in a similar manner you probably know from PGP 2. Both changes should speed up the operation on large keyrings quite a lot so that "gpg --list-keys --with-colons" is actually usable. Also a couple of bug fixes and some other code cleanups are in this release. There is still a long list of open bugs but I think it is important to get the new code tested first. The Windows and Acorn ports won't work yet due to file sharing issues. Changes since 1.0.6a: * The way signature stati are store has changed, so that v3 signatures can be supported. To increase the speed of many operations for existing keys you can use the new --rebuild-keydb-caches command. * The entire key validation process (trustdb) has been revamped. See the man page entries for --update-trustdb, --check-trustdb and --no-auto-check-trustdb. * --trusted-keys is again obsolete, --edit can be used to set the ownertrust of any key to ultimately trusted. * A subkey is never used to sign keys. * Read only keyrings are now handled as expected. Changes since 1.0.6: * New tool gpgsplit to split OpenPGP data formats into packets. * New option --preserve-permissions. * Subkeys created in the future are not used for encryption or signing unless the new option --ignore-valid-from is used. * Revoked user-IDs are not listed unless signatures are listed too or we are in verbose mode. * There is no default comment string with ascii armors anymore except for revocation certificates and --enarmor mode. * The command "primary" in the edit menu can be used to change the primary UID, "setpref" and "updpref" can be used to change the preferences. * Fixed the preference handling; since 1.0.5 they were erroneously matched against against the latest user ID and not the given one. * RSA key generation. * Merged Stefan's patches for RISC OS in. See comments in scripts/build-riscos. * It is now possible to sign and conventional encrypt a message (-cs). * The MDC feature flag is supported and can be set by using the "updpref" edit command. * The status messages GOODSIG and BADSIG are now returning the primary UID, encoded using %XX escaping (but with spaces left as spaces, so that it should not break too much) * Support for GDBM based keyrings has been removed. * The entire keyring management has been revamped. * The way signature stati are store has changed, so that v3 signatures can be supported. To increase the speed of many operations for existing keys you can use the new --rebuild-keydb-caches command. * The entire key validation process (trustdb) has been revamped. See the man page entries for --update-trustdb, --check-trustdb and --no-auto-check-trustdb. * --trusted-keys is again obsolete, --edit can be used to set the ownertrust of any key to ultimately trusted. * A subkey is never used to sign keys. Take care, Werner -- Werner Koch Omnis enim res, quae dando non deficit, dum habetur g10 Code GmbH et non datur, nondum habetur, quomodo habenda est. Privacy Solutions -- Augustinus From wk at gnupg.org Sat Dec 22 19:05:02 2001 From: wk at gnupg.org (Werner Koch) Date: Wed Feb 23 12:43:33 2005 Subject: [Announce] A new GnuPG snapshot (unstable) Message-ID: <873d23uo1j.fsf@alberti.gnupg.de> Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 193 bytes Desc: not available Url : /pipermail/attachments/20011222/d4130a2a/attachment.pgp