[Announce] GnuPG 1.3.3 released (development)
dshaw at jabberwocky.com
Sat Oct 11 01:16:43 CEST 2003
-----BEGIN PGP SIGNED MESSAGE-----
The latest release from the development branch of GnuPG is ready for
public consumption. This is a branch to create what will eventually
become GnuPG 1.4. It will change with greater frequency than the
1.2.x "stable" branch, which will mainly be updated for bug fix
The more GnuPG-familiar user is encouraged try this release (and the
ones that will follow in the 1.3.x branch), and report back any
problems to gnupg-devel at gnupg.org. In return, you get the latest code
with the latest features.
Feedback on the "show-validity" display changes is particularly
appreciated. Is this additional information (seen in --list-keys or
- --list-sigs when "--list-options show-validity" is set) helpful or
Note that while this code is stable enough for many uses, it is still
the development branch. Mission-critical applications should always
use the 1.2.x stable branch.
The files are available from:
MD5 checksums for the files are:
Noteworthy changes in version 1.3.3 (2003-10-10)
* Basic support for the OpenPGP card. New commands --card-status,
--card-edit, --change-pin and the configuration options
--reader-port, --ctapi-driver, --pcsc-driver, and
* Full support for the SHA-256 hash has been added.
* Support for the TIGER/192 hash has been dropped. This should
not be interpreted as a statement as to the strength of
TIGER/192 - rather, the upcoming revision to the OpenPGP
standard removes support for several unused (or mostly unused)
* Revoked or expired user IDs are now skipped when selecting keys
for encryption. Specifying a key by the key ID overrides this
check and allows the selection of any key.
* Note that --no-mangle-dos-filenames is now the default. If you
are upgrading from a 1.2.x version of GnuPG, and are running a
very old version of Windows that has the 8.3 filename limit, you
may need to change this.
* Multiple "Comment:" lines in armored output are now allowed.
* New --list-options option. This option takes a list of
arguments that allows the user to customize exactly what key
listings (including the --edit-key listing) look like, enabling
or disabling things such as photo display, policy URL, preferred
keyserver URL, or notation display, long or short keyIDs,
calculated validity for each user ID, etc. See the manual for
the complete list of list-options.
* New --verify-options option. This option takes a list of
arguments that allows the user to customize exactly what happens
during signature verification, enabling or disabling things such
as photo display, policy URL, preferred keyserver URL, or
notation display, long or short keyIDs, calculated validity for
each user ID, etc. See the manual for the complete list of
* New --sig-keyserver-url to embed a "where to get my key"
subpacket into a signature.
* The options --show-photos, --show-policy-url, --show-notation,
and --show-keyring are all deprecated in favor of those
arguments to --list-options and --verify-options. The new
method is more flexible since a user can specify (for example)
showing photos during sig verification, but not in key listings.
* The complete fingerprint of the key that made a given key
certification is now available in the --with-colons output. For
technical reasons, this is only available when running with
--no-sig-cache set. See doc/DETAILS for the specifics of this.
* IPv6 support for HKP keyserver access. IPv6 for LDAP keyserver
access is also supported, but is dependent on the LDAP library
* To simplify running both the stable (1.2.x) and development
(1.3.x) versions of GnuPG, the development version will try to
load the options file gpg.conf-VERSION (e.g. gpg.conf-1.3.3 for
this release) before falling back to the regular gpg.conf file.
* Two new %-expandos for use in notation and policy URLs. "%g"
expands to the fingerprint of the key making the signature
(which might be a subkey), and "%p" expands to the fingerprint
of the primary key that owns the key making the signature.
* New "tru" record in --with-colons --list-keys listings. It
shows the status of the trust database that was used to
calculate the key validity in the listings. See doc/DETAILS for
the specifics of this.
* New REVKEYSIG status tag for --status-fd. It indicates a valid
signature that was issued by a revoked key. See doc/DETAILS for
the specifics of this.
* A number of portability changes to make building GnuPG on
less-common platforms easier.
The GnuPG team (David, Stefan, Timo and Werner)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.4-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
-----END PGP SIGNATURE-----
More information about the Gnupg-announce