From wk at gnupg.org Mon Sep 4 18:27:14 2006 From: wk at gnupg.org (Werner Koch) Date: Mon Sep 4 18:31:37 2006 Subject: [Announce] dirmngr 0.9.6 released Message-ID: <87k64jlhr1.fsf@wheatstone.g10code.de> Hi! We are pleased to announce the availability of Dirmngr 0.9.6. Dirmngr is a server for managing and downloading certificate revocation lists (CRLs) for X.509 certificates and for downloading the certificates themselves. Dirmngr also handles OCSP requests as an alternative to CRLs. Dirmngr is either invoked internaly by gpgsm (from gnupg 1.9) or when running as a system daemon through the dirmngr-client tool. Get it from: ftp://ftp.gnupg.org/gcrypt/alpha/dirmngr/dirmngr-0.9.6.tar.bz2 (488k) ftp://ftp.gnupg.org/gcrypt/alpha/dirmngr/dirmngr-0.9.6.tar.bz2.sig or as a patch against the previous version: ftp://ftp.gnupg.org/gcrypt/alpha/dirmngr/dirmngr-0.9.5-0.9.6.diff.bz2 (60k) SHA1 checkums are: 954e1dbed96a2bccfbdb1bee446fa75337a156ea dirmngr-0.9.6.tar.bz2 b8ad93a2aeca323431d8143f797c00f2ab782fe9 dirmngr-0.9.5-0.9.6.diff.bz2 Whats new in this release ========================= * A couple of bug fixes for OCSP. * OCSP does now make use of the responder ID and optionally included certificates in the response to locate certificates. * No more lost file descriptors when loading CRLs via HTTP. * HTTP redirection for CRL and OCSP has been implemented. * Man pages are now build and installed from the texinfo source. Note, that you need to update libksba to version 1.0.0 for this release. If this release works as expected a 1.0 release will be pretty close. Commercial support contracts for Dirmngr are available, and they help finance continued maintenance. g10 Code, a Duesseldorf based company owned and headed by libksba's maintainer, is currently funding its development. We are always looking for interesting development projects. Happy Hacking, Werner -- Werner Koch The GnuPG Experts http://g10code.com Join the Fellowship and protect your Freedom! http://www.fsfe.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 196 bytes Desc: not available Url : /pipermail/attachments/20060904/dfe708cd/attachment.pgp From wk at gnupg.org Mon Sep 18 15:20:02 2006 From: wk at gnupg.org (Werner Koch) Date: Mon Sep 18 15:27:03 2006 Subject: GnuPG 1.9.23 released Message-ID: <877j01cnwd.fsf@wheatstone.g10code.de> Hello! We are pleased to announce the availability of GnuPG 1.9.23 - the branch of GnuPG heading towards a GnuPG 2.0 and featuring the OpenPGP as well as the S/MIME protocol. This is a BETA release and not suitable for production use! Noteworthy changes in version 1.9.23 (2006-09-18) ------------------------------------------------- * Regular man pages for most tools are now build directly from the Texinfo source. * The gpg code from 1.4.5 has been fully merged into this release. For production use of OpenPGP the gpg version 1.4.5 is still recommended. Note, that gpg will be installed under the name gpg2 to allow coexisting with an 1.4.x gpg. * API change in gpg-agent's pkdecrypt command. Thus an older gpgsm may not be used with the current gpg-agent. * The scdaemon will now call a script on reader status changes. * gpgsm now allows file descriptor passing for "INPUT", "OUTPUT" and "MESSAGE". * The gpgsm server may now output a key listing to the output file handle. This needs to be enabled using "OPTION list-to-output=1". * The --output option of gpgsm has now an effect on list-keys. * New gpgsm commands --dump-chain and list-chain. * gpg-connect-agent has new options to utilize descriptor passing. * A global trustlist may now be used. See doc/examples/trustlist.txt. * When creating a new pubring.kbx keybox common certificates are imported. Note, that gpg2 is now build by default and may actually be used. There are some minor things missing but most people should not be affected by this. Please test this release and report bugs. If you are a translator, please do not yet start with translations but wait for the first release candidate which is planned for early October. You may download it from one of the mirrors as listed at http://www.gnupg.org/download/mirrors.html or direct from the master server ftp://ftp.gnupg.org: ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.9.23.tar.bz2 (2227k) ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.9.23.tar.bz2.sig or as a patch against the previous release: ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.9.22-1.9.23.diff.bz2 (495k) For help on installing or running GnuPG 1.9 you should send mail to the gnupg-users mailing list or to one of the country specific lists. See http://www.gnupg.org/documentation/mailing-lists.html . Improving GnuPG is costly, but you can help! We are looking for organizations that find GnuPG useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or by donating money. Commercial support contracts for GnuPG are available, and they help finance continued maintenance. g10 Code GmbH, a Duesseldorf based company owned and headed by gpg's principal author, is currently funding GnuPG development. We are always looking for interesting development projects. Happy hacking, Werner -- Werner Koch The GnuPG Experts http://g10code.com Join the Fellowship and protect your Freedom! http://www.fsfe.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 196 bytes Desc: not available Url : /pipermail/attachments/20060918/e185bcef/attachment.pgp From bernhard at intevation.de Tue Sep 19 16:07:13 2006 From: bernhard at intevation.de (Bernhard Reiter) Date: Tue Sep 19 17:51:35 2006 Subject: GnuPG 1.9.23 released In-Reply-To: <877j01cnwd.fsf@wheatstone.g10code.de> References: <877j01cnwd.fsf@wheatstone.g10code.de> Message-ID: <200609191607.16551.bernhard@intevation.de> On Monday 18 September 2006 15:20, Werner Koch wrote: > We are pleased to announce the availability of GnuPG 1.9.23 - the > branch of GnuPG heading towards a GnuPG 2.0 and featuring the OpenPGP > as well as the S/MIME protocol. > > This is a BETA release and not suitable for production use! I have added a wish for a Debian experimental package http://bugs.debian.org/388257 > Note, that gpg2 is now build by default and may actually be used. > There are some minor things missing but most people should not be > affected by this. > > Please test this release and report bugs. If you are a translator, > please do not yet start with translations but wait for the first > release candidate which is planned for early October. > Improving GnuPG is costly, but you can help! We are looking for > organizations that find GnuPG useful and wish to contribute back. You > can contribute by reporting bugs, improve the software, or by donating > money. > > Commercial support contracts for GnuPG are available, and they help > finance continued maintenance. g10 Code GmbH, a Duesseldorf based > company owned and headed by gpg's principal author, is currently > funding GnuPG development. We are always looking for interesting > development projects. -- Managing Director - Owner, www.intevation.net (Free Software Company) Germany Coordinator, fsfeurope.org (Non-Profit Org for Free Software) www.kolab-konsortium.com (Email/Groupware Solution, Professional Service) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1310 bytes Desc: not available Url : /pipermail/attachments/20060919/839cec31/smime.bin From wk at gnupg.org Tue Sep 19 18:28:07 2006 From: wk at gnupg.org (Werner Koch) Date: Tue Sep 19 18:32:00 2006 Subject: GnuPG 1.9.23 released In-Reply-To: <200609191607.16551.bernhard@intevation.de> (Bernhard Reiter's message of "Tue, 19 Sep 2006 16:07:13 +0200") References: <877j01cnwd.fsf@wheatstone.g10code.de> <200609191607.16551.bernhard@intevation.de> Message-ID: <878xkf95yg.fsf@wheatstone.g10code.de> On Tue, 19 Sep 2006 16:07, Bernhard Reiter said: > I have added a wish for a Debian experimental package > http://bugs.debian.org/388257 I fear that your whish to completly supercede the gnupg package by gnupg2 is not possible. gnupg2 has a *lot of dependencies* and relies on the gpg-agent. gpg however is a core package of Debian. I see no way to go without gpg 1.4. In fact, I plan to keep the name gpg2 to allow installing along with gpg1. I am currently discussing with Marcus on how we can make the gpgme library use gpg2. Shalom-Salam, Werner From bernhard at intevation.de Tue Sep 19 20:06:23 2006 From: bernhard at intevation.de (Bernhard Reiter) Date: Tue Sep 19 20:04:45 2006 Subject: GnuPG 1.9.23 released In-Reply-To: <878xkf95yg.fsf@wheatstone.g10code.de> References: <877j01cnwd.fsf@wheatstone.g10code.de> <200609191607.16551.bernhard@intevation.de> <878xkf95yg.fsf@wheatstone.g10code.de> Message-ID: <200609192006.26690.bernhard@intevation.de> On Tuesday 19 September 2006 18:28, Werner Koch wrote: > On Tue, 19 Sep 2006 16:07, Bernhard Reiter said: > > I have added a wish for a Debian experimental package > > http://bugs.debian.org/388257 > > I fear that your whish to completly supercede the gnupg package by > gnupg2 is not possible. gnupg2 has a *lot of dependencies* and relies > on the gpg-agent. gpg however is a core package of Debian. This is not necessarily a hard conflict as far as I can see, but I of course appreciate your input on the issue. > I see no way to go without gpg 1.4. This is for now, but I guess the plan is to have gpg 2 to supercede gpg 1.4 in the mid run. Packaging for this in experimental seems to be the right place to start and see if this already works. Debian could try to sort the dependencies in a way that there is a binary target for a udeb gpg 2 that covers the basic needs or something similiar. > In fact, I plan to keep the name gpg2 to > allow installing along with gpg1. I am currently discussing with > Marcus on how we can make the gpgme library use gpg2. Thanks for the clarification I understood the announcement that gpg2 could already replace gpg1 fully and just needs testing. From you comment I guess that at least gpgme does not work with it yet. Bernhard -- Managing Director - Owner, www.intevation.net (Free Software Company) Germany Coordinator, fsfeurope.org (Non-Profit Org for Free Software) www.kolab-konsortium.com (Email/Groupware Solution, Professional Service) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1310 bytes Desc: not available Url : /pipermail/attachments/20060919/3b9464f7/smime.bin From wk at gnupg.org Tue Sep 19 20:49:06 2006 From: wk at gnupg.org (Werner Koch) Date: Tue Sep 19 20:51:35 2006 Subject: GnuPG 1.9.23 released In-Reply-To: <200609192006.26690.bernhard@intevation.de> (Bernhard Reiter's message of "Tue, 19 Sep 2006 20:06:23 +0200") References: <877j01cnwd.fsf@wheatstone.g10code.de> <200609191607.16551.bernhard@intevation.de> <878xkf95yg.fsf@wheatstone.g10code.de> <200609192006.26690.bernhard@intevation.de> Message-ID: <873ban8zfh.fsf@wheatstone.g10code.de> On Tue, 19 Sep 2006 20:06, Bernhard Reiter said: > This is for now, but I guess the plan is to have gpg 2 to supercede > gpg 1.4 in the mid run. Packaging for this in experimental seems Not really. There are many applications of gpg which don't need the new features of gpg2 and thus we will keep the 1.x branch alive and maintain it as long as there is interest in it. We might not backport all new features from gpg2. gpg2 is more targeted to the desktop than to a server. Of course it might as well be used in server applications (cf. gpg-preset-passphrase). OTOH, a simple tools with minimal dependecies is often better suited for certain tasks. > Thanks for the clarification I understood the announcement that > gpg2 could already replace gpg1 fully and just needs testing. Yes, it may fully replace gpg1. > From you comment I guess that at least gpgme does not work with it > yet. It may be used with gpgme. We are thinking of a smooth way to have ggme application migrate to gpg2. In the long run gpg2 will have advantages for gpgme based applications. For example we will add a --server mode to avoid the sometimes costly fork and exec. Salam-Shalom, Werner From wk at gnupg.org Mon Sep 25 12:36:09 2006 From: wk at gnupg.org (Werner Koch) Date: Mon Sep 25 12:41:47 2006 Subject: GnuPG 1.9.23 released In-Reply-To: (Georg C. F. Greve's message of "Wed, 20 Sep 2006 15:15:19 +0200") References: <877j01cnwd.fsf@wheatstone.g10code.de> <200609191607.16551.bernhard@intevation.de> <878xkf95yg.fsf@wheatstone.g10code.de> <200609192006.26690.bernhard@intevation.de> <873ban8zfh.fsf@wheatstone.g10code.de> Message-ID: <871wq0z10m.fsf@wheatstone.g10code.de> On Wed, 20 Sep 2006 15:15, Georg C. F. Greve said: > I wonder: could it ever become possible to build a "downsized" version > for specific purposes and limited dependencies from the gnupg2 branch? No. > That might make maintenance of 1.4 unnecessary in the long run. We will keep 1.4 and maybe even come up with 1.6 at some point. The reasons: * It is designed with no external build dependecies. Just configure and make and you end up with a usable OpenPGP implementation. This is not the case for 2.0. * GnuPG 1.4 is more portable that 2.0. It runs on may different OSes many of them predating the POSIX specs. We simply can't make GnuPG 2 run on them. * It is smaller and thus suitable for embedded or old platforms. Shalom-Salam, Werner