From dshaw at jabberwocky.com Fri Oct 18 18:29:02 2002 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Feb 23 12:43:33 2005 Subject: [Announce]GnuPG 1.3.0 released (development) Message-ID: <20021018134940.GA9701@jabberwocky.com> -----BEGIN PGP SIGNED MESSAGE----- Hello! The first release from the new development branch of GnuPG is ready for public consumption. This is a branch to create what will be GnuPG 1.4 someday. It will change much more frequently than the 1.2.x "stable" branch, which will mainly be updated for bug fix reasons. I encourage the more GnuPG-familiar user to try this release (and the ones that will follow in the 1.3.x branch), and report back any problems to gnupg-devel@gnupg.org. In return, you get the latest code with the latest features. However, it is always important to keep in mind that this is still development code - please do not use it on anything mission-critical. Critical applications should always use the 1.2.x stable branch. You may notice the smaller tarball size for this release - that is due to the translations other than de being removed. You may also notice the smaller size of the gpg binary, and that is due to some of the keyserver modifications. See the list below for more on these changes. The files are available from: ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.0.tar.gz (1432k) ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.0.tar.gz.sig MD5 checksums for the files are: 2dcd23aae21e1ff08ffc258d6f075d64 gnupg-1.3.0.tar.gz 006384951e566ffa4581251b538af154 gnupg-1.3.0.tar.gz.sig Noteworthy changes in version 1.3.0 (2002-10-18) - ------------------------------------------------ * The last piece of internal keyserver support has been removed, and now all keyserver access is done via the keyserver plugins. There is also a newer keyserver protocol used between GnuPG and the plugins, so plugins from earlier versions of GnuPG may not work properly. * The HKP keyserver plugin supports the new machine-readable key listing format for those keyservers that provide it. * When using a HKP keyserver with multiple DNS records (such as wwwkeys.pgp.net which has the addresses of multiple servers around the world), try all records until one succeeds. Note that it depends on the LDAP library used whether the LDAP keyserver plugin does this as well. * The library dependencies for OpenLDAP seem to change fairly frequently, and GnuPG's configure script cannot guess all the combinations. Use ./configure LDAPLIBS="-L libdir -l libs" to override the script and use the libraries selected. * Secret keys generated with --export-secret-subkeys are now indicated in key listings with a '#' after the "sec", and in --with-colons listings by showing no capabilities (no lowercase characters). * --trusted-key has been un-obsoleted, as it is useful for adding ultimately trusted keys from the config file. It is identical to using --edit and "trust" to change a key to ultimately trusted. * Translations other than de are no longer distributed with the development branch. This is due to the frequent text changes during development, which cause the translations to rapidly go out of date. Happy Hacking, The GnuPG team (David, Stefan, Timo and Werner) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3 (GNU/Linux) iQEVAwUBPbARc4ccwqs8s7QVAQGXKAgAo9UqRZ0HdH/HEiX1wRMJsNHWYL7E9Mxc ftYiThLyEvhZ/W0tTFDqsyqtd4fazzyuUgy7ECKl0nJLGdCM7whXnIyELQmqGxVB XOOiZ0RRMoBz0QbqsEkB46KWI+VeZkAxw7WK9Buib7UeC8BnUVIYHGpMItxPMlDa 3pCOg7gnaV450ad+24KkzMOt1uZ+TFYLSQmgUxczJ8Y1WMsh7LIsvIniWmIQWVFs MvMvx3i8Bdt2dO2H/jW8ezaPDQt6WcY84BZQeNRcZ6xD9bs3u6Cr96kNA41NPuM2 CmgqU5L2YAsJ1YE+ZmmrzxmlqWOOjQcRgmao9n9GYSQw72sc+ofsPw== =uhVf -----END PGP SIGNATURE----- From wk at gnupg.org Fri Oct 25 18:29:07 2002 From: wk at gnupg.org (Werner Koch) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce]GnuPG 1.2.1 released Message-ID: <874rbawklz.fsf@alberti.g10code.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! We are pleased to announce the availability of GnuPG version 1.2.1. This is mainly a bug fix release. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. GnuPG 1.2.1 can be downloaded from the GnuPG main server or one of its mirror sites (see below or http://www.gnupg.org/mirrors.html). These source packages are available: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.2.1.tar.bz2 (1.8M) ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.2.1.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.2.0.tar.gz (2.5M) ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.2.0.tar.gz.sig GnuPG source compressed using GZIP and OpenPGP signature. ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.2.0-1.2.1.diff.gz (374k) A patch file to upgrade a 1.2.0 GnuPG source. Select one of them. To shorten the download time, you probably want to get the BZIP2 compressed file. Please try another mirror if exceptional your mirror is not yet up to date. We also provide one binary package build from the above source: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.2.1.zip (1.1M) ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.2.1.zip.sig GnuPG compiled for Microsoft Windows and OpenPGP signature. Note that this is a command line version and comes without a graphical installer tool. You have to use an UNZIP utility to extract the files and install them manually. The included file README.W32 has further instructions. Please don't forget to check the integritry of the packages; either by verifying the provided signature or by comparing the MD5 checksum: e63add33e010b4224ba0841b21fe0bfe gnupg-1.2.1.tar.bz2 83e02b4905dab34c4dc25652936022f9 gnupg-1.2.1.tar.gz 0f57c5d13cc8c5cddcbfe9099d2551bc gnupg-1.2.0-1.2.1.diff.gz 00c9935497c69464e744bba030ce585f gnupg-w32cli-1.2.1.zip Here is a list of major user visible changes since 1.2.1: * The library dependencies for OpenLDAP seem to change fairly frequently, and GnuPG's configure script cannot guess all the combinations. Use ./configure LDAPLIBS="-L libdir -l libs" to override the script and use the libraries selected. * Secret keys generated with --export-secret-subkeys are now indicated in key listings with a '#' after the "sec", and in --with-colons listings by showing no capabilities (no lowercase characters). * --trusted-key has been un-obsoleted, as it is useful for adding ultimately trusted keys from the config file. It is identical to using --edit and "trust" to change a key to ultimately trusted. * The usual bug fixes as well as fixes to build problems on some systems. Many thanks to Swebase AB for now hosting ftp.gnupg.org. Happy Hacking, The GnuPG team (David, Stefan, Timo and Werner) p.s. If you want to help with further development by donating money and you feel that Werner and his company g10 Code does a reasonable job please visit https://order.kagi.com/?P3G . Donations to the Free Software Foundations are also welcome, see: https://donate.fsf.org and http://fsfeurope.org/help/donate-2002.html Here is a list of sites mirroring ftp://ftp.gnupg.org/gcrypt/ Please use them if you can; new releases should show up on these servers within a day. This mirror list is also available at http://www.gnupg.org/mirrors.html Australia Australia ftp://ftp.planetmirror.com/pub/gnupg/ http://ftp.planetmirror.com/pub/gnupg/ Asia Japan ftp://ftp.ring.gr.jp/pub/pgp/ ftp://pgp.iijlab.net/pub/pgp/gcrypt/ http://www.ring.gr.jp/pub/pgp/gnupg/ ftp://ftp.ayamura.org/pub/gnupg/ Europe Austria ftp://gd.tuwien.ac.at/privacy/gnupg/ http://gd.tuwien.ac.at/privacy/gnupg/ Belgium ftp://gnupg.x-zone.org/pub/gnupg Czechia ftp://ftp.gnupg.cz/pub/gcrypt Denmark ftp://sunsite.dk/pub/security/gcrypt/ Finland ftp://ftp.jyu.fi/pub/crypt/gcrypt/ ftp://trumpetti.atm.tut.fi/gcrypt/ http://trumpetti.atm.tut.fi/gcrypt/ rsync://trumpetti.atm.tut.fi/gcrypt/ France ftp://ftp.strasbourg.linuxfr.org/pub/gnupg/ Germany ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/ ftp://ftp.franken.de/pub/crypt/mirror/ftp.gnupg.org/gcrypt/ ftp://ftp.freenet.de/pub/ftp.gnupg.org/gcrypt/ Greece ftp://hal.csd.auth.gr/mirrors/gnupg/ ftp://igloo.linux.gr/pub/crypto/gnupg/ Iceland ftp://ftp.hi.is/pub/mirrors/gnupg/ Italy ftp://ftp3.linux.it/pub/mirrors/gnupg/ ftp://ftp.linux.it/pub/mirrors/gnupg/ http://ftp3.linux.it/pub/mirrors/gnupg/ http://ftp.linux.it/pub/mirrors/gnupg/ rsync://ftp3.linux.it/gnupg/ rsync://ftp.linux.it/gnupg/ Netherlands ftp://ftp.demon.nl/pub/mirrors/gnupg/ ftp://ftp.surfnet.nl/pub/security/gnupg/ Switzerland ftp://sunsite.cnlab-switch.ch/mirror/gcrypt/ United Kingdom ftp://ftp.mirror.ac.uk/sites/ftp.gnupg.org/gcrypt/ http://www.mirror.ac.uk/sites/ftp.gnupg.org/gcrypt/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE9uW/+bH7huGIcwBMRAvkcAJ9hwGc/T6+xAoQ6RKCIpAcJ6H/P6ACdEQ00 P5pDGs38ccpN8hX20y63QqE= =mB1n -----END PGP SIGNATURE----- From wk at gnupg.org Sat Oct 26 18:19:01 2002 From: wk at gnupg.org (Werner Koch) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce]GnuPG 1.2.1 Windows update Message-ID: <87adl1uqe7.fsf@alberti.g10code.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! Due to a bug in the recent mingw32/cpd toolkit the latest GnuPG binary for Windows did not work on Windows NT. I have build a new binary which is available at the primary server and hopefully soon at the mirrors. Please use this new version: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.2.1-1.zip ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.2.1-1.zip.sig md5sum is: d385797fd71e7fec960cd6fafbde4044 gnupg-w32cli-1.2.1-1.zip The old version (w/o the "-1" suffix) has been removed from the server. Note that the source is still the same, only the toolkit changed. To build it yourself, you need the latest mingw32/cpd from *CVS* - a new tarball will be available in a few days. It is also possible to use the old 0.3.1 version of the toolkit, but this won't build the LDAP support. Shalom-Salam, Werner -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE9ur/hbH7huGIcwBMRAjI0AJ9seErjNzKBWLk360kdKsaAzsCaiQCfU78Q e9NCBnx+4wRl3Gzw4SokW/M=6oju -----END PGP SIGNATURE----- From cova at ferrara.linux.it Mon Oct 28 00:09:02 2002 From: cova at ferrara.linux.it (Fabio Coatti) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce]RPMs Message-ID: <200210280009.54175.cova@ferrara.linux.it> I'm currently uploading RPMs packages for gnupg 1.2.1. At this moment I've uploaded src and mdk 9.0 packages. The latter is built with gcc 2.96. There is no support for ldap helper, to avoid dependencies issues. I'm planning to upload ldap enabled packages in a short time. I've seen some patches for spec files posted on mailing list; if someone has patches for the actual spec file and want to see it applied, I'll be more than happy to update the spec file itself, with full credito to contributors, of course :)); just send the diff file to my address. URLs: ftp://crypto.ferrara.linux.it/pub/gpg/gnupg-1.2.1-1mdk90.i586.rpm ftp://crypto.ferrara.linux.it/pub/gpg/gnupg-1.2.1-1.src.rpm The packages are signed with my GPG key -- Fabio Coatti http://www.ferrara.linux.it/members/cova Ferrara Linux Users Group http://ferrara.linux.it GnuPG fp:9765 A5B6 6843 17BC A646 BE8C FA56 373A 5374 C703 Old SysOps never die... they simply forget their password. From paul at soniq.net Wed Nov 6 04:00:01 2002 From: paul at soniq.net (Paul Boehm) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce]GPGRemail v0.1 initial announcement Message-ID: <20021104000227.GA18424@soniq.net> Current Version: 0.1 License: LGPL Author: Paul Boehm Available from: http://soniq.net/gpgremail/ GPGRemail is a minimalistic mailinglist software, meant for small, private, mailinglists that require strong cryptography via the GNU Privacy Guard. It achieves it's integration with GPG by implementing a technique we call 'Transparent GPG Reencryption'. The basic idea is this: * gpg encrypt mail with mailinglist public key. * send to mailinglist. * gpgremail decrypts the mail with its private key. * gpgremail reencrypts the mail with each recipients private key, and delivers the mail. * decrypt mail with your own private key. This is the first public release, so feedback of all kinds (especially security related after-thoughts) are more than welcome! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : /pipermail/attachments/20021106/8848c59d/attachment.pgp From dshaw at jabberwocky.com Wed Nov 13 11:31:01 2002 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce]GnuPG 1.3.1 released (development) Message-ID: <20021112171314.GA17958@jabberwocky.com> -----BEGIN PGP SIGNED MESSAGE----- Hello! The latest release from the development branch of GnuPG is ready for public consumption. This is a branch to create what will be GnuPG 1.4 someday. It will change much more frequently than the 1.2.x "stable" branch, which will mainly be updated for bug fix reasons. The more GnuPG-familiar user is encouraged try this release (and the ones that will follow in the 1.3.x branch), and report back any problems to gnupg-devel@gnupg.org. In return, you get the latest code with the latest features. However, it is always important to keep in mind that this is still development code - please do not use it on anything mission-critical. Critical applications should always use the 1.2.x stable branch. You may notice the smaller tarball size for these development releases. This is due to the translations other than de being removed. You may also notice the smaller size of the compiled gpg binary, and that is due to some of the keyserver modifications. See the list below for more changes. The files are available from: ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.1.tar.gz (1506k) ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.1.tar.gz.sig ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.0-1.3.1.diff.gz (167k) MD5 checksums for the files are: bbfd0613a3309e10b2d8b9d7d08bbe8a gnupg-1.3.1.tar.gz.sig eaf6fd07ca5088c3f1589c20718b81d7 gnupg-1.3.1.tar.gz 55ef3ce7ae7532e5f377ea963b33d20e gnupg-1.3.0-1.3.1.diff.gz Noteworthy changes in version 1.3.1 (2002-11-12) - ------------------------------------------------ * Trust signature support. This is based on the Maurer trust model where a user can specify the trust level along with the signature with multiple levels so users can delegate certification ability to other users, possibly restricted by a regular expression on the user ID. Note that full trust signature support requires a regular expression parsing library. The regexp code from glibc 2.3.1 is included for those platforms that don't have working regexp functions available. The configure option --disable-regex may be used to disable any regular expression code, which will make GnuPG ignore any trust signature with a regular expression included. * Two new commands --hidden-recipient (-R) and --hidden-encrypt-to encrypt to a user, but hide the identity of that user. This is the same functionality as --throw-keyid, but can be used on a per-user basis. * Full algorithm names (e.g. "3DES", "SHA1", "ZIP") can now be used interchangeably with the short algorithm names (e.g. "S2", "H2", "Z1") anywhere algorithm names are used in GnuPG. Happy Hacking, The GnuPG team (David, Stefan, Timo and Werner) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.1-cvs (GNU/Linux) iQEVAwUBPdE2qoccwqs8s7QVAQFkzggAs//YhGaDx+CNkdRLKE9lqF0dqqQ43d4J Qq1DUivQMwgtfECuo4NJeNWQXdGxj786Ll5Yo+XiKineIbK6167Ha9D8ZjUoIyZ9 Bv5a72osNoUqaDmsfDp718pkQpl76Olx1RUwwCwogu2ypocBlPhMxL74jpX0EeZk cKwZHOVCZ6qgsEeg/p4aaqgxKitxsa5JYhT4f1j4Q8v5nbGZ2ZB6inq1pTVOKslT wQGNhZAToycykEUkURquG1uXXrq6iMdCJrnHINQ3p08xDLwojZX3HJEmsQNrioTu jc/SzVZYMNlvfhl9fhwX5C9vM4pzrYst/xZcVrMxQxCN49shoos3LA== =PH4r -----END PGP SIGNATURE----- From wk at gnupg.org Wed Nov 20 10:41:04 2002 From: wk at gnupg.org (Werner Koch) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce]ANN: Pyme -- Python OO interface to GPGME Message-ID: <87k7j8y4wq.fsf@alberti.g10code.de> [From: John Goerzen, jgoerzen 'at' complete.org] Hello, Today I am announcing the first release of Pyme, the brand-new Python bindings for GPGME. Pyme: * Provides a convenient class-based interface to GPGME functions; * Exists and is supported; * Supports most GPGME functions automatically by reflection; thus, no code changes will be necessary to support most new GPGME features * Supports callbacks written in Python. * Features easy installation: python setup.py build; python setup.py install * Provides pre-built .debs for Debian GNU/Linux users. You may obtain Pyme at http://quux.org/devel/pyme The following is from the Pyme documentation: Welcome to PyME, the GPGME Interface for Python. "Pyme", when prounced, rhymes with "Pine". The latest release of this package may be obtained from http://quux.org/devel/pyme/ FEATURES -------- * Feature-rich, full implementation of the GPGME library. Supports all GPGME features except interactive editing (coming soon). Callback functions may be written in pure Python. * Ability to sign, encrypt, decrypt, and verify data. * Ability to list keys, export and import keys, and manage the keyring. * Fully object-oriented with convenient classes and modules. GENERAL OVERVIEW ---------------- For those of you familiar with GPGME, you will be right at home here. Pyme is, for the most part, a direct interface to the C GPGME library. However, it is re-packaged in a more Pythonic way -- object-oriented with classes and modules. Take a look at the classes defined here -- they correspond directly to certain object types in GPGME for C. For instance, the following C code: GpgmeCtx context; GpgmeRecipients recp; gpgme_new(&context); gpgme_recipients_new(&recp); ... gpgme_op_encrypt(context, recp, plain, cipher); Translates into the following Python code: context = core.Context() recp = core.Recipients() ... context.encrypt(recp, plain, cipher) The Python module automatically does error-checking and raises Python exceptions when GPGME signals an error. Those exceptions correspond directly to GPGME errors. All GPGME exceptions are defined in the gpgme.errors module, and pyme.errors.GPGMEError is the parent of all exceptions. IMPORTANT NOTE -------------- This documentation only covers a small subset of available GPGME functions and methods. Please consult the documentation for the C library (available in doc/gpgme in this distribution) for comprehensive coverage. This library uses Python's reflection to automatically detect the methods that are available for each class, and as such, most of those methods do not appear explicitly anywhere. QUICK START SAMPLE PROGRAM -------------------------- This program is not for serious encryption, but for example purposes only! import sys from pyme import core, constants import pyme.constants.validity # Set up our input and output buffers. plain = core.Data('This is my message.') cipher = core.Data() # Initialize our context. c = core.Context() c.set_armor(1) # Set up the recipients. sys.stdout.write("Enter name of your recipient: ") name = sys.stdin.readline().strip() r = core.Recipients() r.add(name, constants.validity.FULL) # Do the encryption. c.op_encrypt(r, plain, cipher) print cipher.read() Note that although there is no explicit error checking done here, the Python GPGME library is automatically doing error-checking, and will raise an exception if there is any problem. This program is in the Pyme distribution as examples/simple.py. The examples directory contains more advanced samples as well. FOR MORE INFORMATION -------------------- PYME homepage: http://quux.org/devel/pyme GPGME documentation: http://www.fifi.org/cgi-bin/info2www?%28gpgme%29 GPGME homepage: http://www.gnupg.org/gpgme.html Base classes: pyme.core (START HERE!) Auxiliary classes: pyme.aux Utilities: pyme.util Error classes: pyme.errors Constants: pyme.constants Version information: pyme.version Base classes are documented at pyme.core and auxiliary classes at pyme.aux From twoaday at freakmail.de Mon Nov 25 13:08:01 2002 From: twoaday at freakmail.de (Timo Schulz) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce]OpenCDK 0.3.3 Message-ID: <20021124204725.GA2085@daredevil.joesixpack.net> Current Version: 0.3.3 (latest devel 0.3.4-cvs) License: GPL Author: Timo Schulz Available from: http://www.winpt.org/opencdk.html Hi, this is the first public announcement for OpenCDK. It is a library to provide some basic parts of the OpenPGP Message Format (RFC2440). First the library was planned for key conversation in GnuTLS and other applications which support OpenPGP keys but after a while, I decided to include some low-level functions for file handling. Now the library basically consists of two parts. First, the key database code which can be used for reading, writing, export, import and key conversation and secondly file routines. It is *not* planned to add full OpenPGP support or to replace any of the existing OpenPGP versions. But it some cases, it might be handy to have OpenPGP natively without a detour over pipes. The library itself does *not* contain any cryptographic code. For this, Libgcrypt is used which bases on GPG code which was tested a lot. Other parts of the lib also contain GPG code to reduce the time for testing new code. For a good introduction, the MinPG example might be a good start. It shows how to use the API and how things work. If you use Debian, you can also use the precompiled package from Debian.org (unstable) but it's not up-to-date and might have more problems (it is 0.3.2). If you are interested to get the latest version, use anonymous CVS. Here is short overview about the recently added features: Noteworthy changes in version 0.3.3 (2002-11-16) ------------------------------------------------ * Support for the various signatures types (detached, ...) * Sign and Encrypt is working now. * Limited support for RFC1991 (v3 signatures, ...) * Corrected a problem with decompressing larger files. * A lot of bug fixes all over the place. * UTF8 en- and decoding routines. Noteworthy changes in version 0.3.2 (2002-11-07) ------------------------------------------------ * Keyserver support (HKP only). * Fixed problem with v3 signatures. * Fixed problem with searching packets in KBNODEs. * API documentation for the external interface. Timo From wk at gnupg.org Sat Dec 21 21:11:02 2002 From: wk at gnupg.org (Werner Koch) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce]Libgcrypt 1.1.11 released Message-ID: <87el8bp216.fsf@alberti.g10code.de> Hi! I am pleased to announce the availability of libgcrypt version 1.1.11. Libgcrypt is a general purpose cryptographic library based on the code from GnuPG and licensed under the GNU Lesser General Public License. It provides functions for all cryptograhic building blocks: symmetric ciphers (AES,DES,Blowfish,CAST5,Twofish,Arcfour), hash algorithms (MD4, MD5, RIPE-MD160, SHA-1, TIGER-192), MACs (HMAC for all hash algorithms), public key algorithms (RSA, ElGamal, DSA), large integer functions, random numbers and a lot of supporting functions. Available at the usual places, e.g.: ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/libgcrypt-1.1.11.tar.gz (680k) ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/libgcrypt-1.1.11.tar.gz.sig Please check the signature file; we don't provide MD5 checksums. A patch file against the previous version is also available (60k), please ignore a possible patch error related to the w32-dll directory. News since 1.1.10: * Does not export internal symbols anymore (currently only for GNU systems) * New algorithm: MD4 * Implemented ciphertext stealing. * Smaller bugs fixes and a few new OIDs. * Interface changes relative to the 1.1.8 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gcry_cipher_cts NEW ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Merry Christmas and a happy New Year, Werner p.s. I know that the signature key does expire in a few days, however I will extend the lifetime of this keys and make a new one available. For info on hot get an updated key, see my mail header lines. p.p.s. If you want to help with further development by donating money, please visit https://order.kagi.com/?P3G . Donations to the Free Software Foundations are also welcome, see: https://donate.fsf.org and http://fsfeurope.org/help/donate-2002.html From wk at gnupg.org Mon Dec 23 17:11:02 2002 From: wk at gnupg.org (Werner Koch) Date: Wed Feb 23 12:43:34 2005 Subject: [Announce] GnuPG signature key update and X-Request-PGP Message-ID: <87vg1kn2ex.fsf@alberti.g10code.de> Hello! The key used to sign GnuPG distributions would expire in a few days. I have extended the lifetime of this key for another 12 months - please find below an updated copy of this key. On another topic: Due to problems with some of the keyservers, it might not be possible to retrieve or refresh some keys; to work around this, I suggest the use of a mail header to get the canonical address of a key. This will most likely point to a web page, but other URL schemes do also make sense. The proposed format of such a mail header is: X-Request-PGP: For example, I use this one X-Request-PGP: finger:wk@g10code.com Please make use of this. If you are the author of a MUA, please consider to add support for it. Merry Christmas and my best wishes for the new year, Werner ====8<==== pub 1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) Note, that this key is signed using my certification key. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.2.1 (GNU/Linux) mQGiBDWiHh4RBAD+l0rg5p9rW4M3sKvmeyzhs2mDxhRKDTVVUnTwpMIR2kIA9pT4 3No/coPajDvhZTaDM/vSz25IZDZWJ7gEu86RpoEdtr/eK8GuDcgsWvFs5+YpCDwW G2dx39ME7DN+SRvEE1xUm4E9G2Nnd2UNtLgg82wgi/ZK4Ih9CYDyo0a9awCgisn3 RvZ/MREJmQq1+SjJgDx+c2sEAOEnxGYisqIKcOTdPOTTie7o7x+nem2uac7uOW68 N+wRWxhGPIxsOdueMIa7U94Wg/Ydn4f2WngJpBvKNaHYmW8j1Q5zvZXXpIWRXSvy TR641BceGHNdYiR/PiDBJsGQ3ac7n7pwhV4qex3IViRDJWz5Dzr88x+Oju63KtxY urUIBACi7d1rUlHr4ok7iBRlWHYXU2hpUIQ8C+UOE1XXT+HB7mZLSRONQnWMyXnq bAAW+EUUX2xpb54CevAg4eOilt0es8GZMmU6c0wdUsnMWWqOKHBFFlDIvyI27aZ9 quf0yvby63kFCanQKc0QnqGXQKzuXbFqBYW2UQrYgjXji8rd8bQnV2VybmVyIEtv Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iGIEExECACIFAj4HI6kCGwMF CQpPc4sECwcDAgMVAgMDFgIBAh4BAheAAAoJEGi3q4lXVI3NjGwAnitvWvzrdrjf +Y8MNw+JH7zKDiVIAKCIJyojVHeliciZ8DMU2Dxd0LaZYIhGBBARAgAGBQI1oic8 AAoJEGx+4bhiHMATftYAn1fOaKDUOt+dS38rB+CJ2Q+iElWJAKDRPpp8q5GylbM8 DPlMpClWN3TYqYhGBBARAgAGBQI27U5sAAoJEF3iSZZbA1iiarYAn35qU3ZOlVEC ELE/3V6q98Q30eAaAKCtO+lacH0Qq1E6v4BP/9y6MoLIhohGBBARAgAGBQI26Prd AAoJEAcDKpaJBMjiEpgAoM3IisrN7XXdhnP9lmx0UJKE7SsFAJwMWIBnGK93ojuW Xh9YgDRySZKZqIhGBBARAgAGBQI5zA88AAoJEDLDW4BHupNX9vwAn1ZRUYyIWV5X oRUIq7Epz1id+hDVAKDMZSo15h9vfGAjrytpxOs5clW+Gw== =yGoD -----END PGP PUBLIC KEY BLOCK-----