[Announce] First release candidate for 1.4.3 available

David Shaw dshaw at jabberwocky.com
Fri Feb 17 04:44:02 CET 2006


We are pleased to announce the availability of the first release
candidate for the forthcoming 1.4.3 version of GnuPG:

 ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.4.3rc1.tar.bz2 (2.9M)
 ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.4.3rc1.tar.bz2.sig

SHA-1 checksums for the above files are:

 6c2d5f65c2acde6eaeb1ae3a4bc9ae971f942126  gnupg-1.4.3rc1.tar.bz2
 62f13c67d5a32bb9747db0da667e420e5391f1e7  gnupg-1.4.3rc1.tar.bz2.sig

Note that this is only a release candidate, and as such is not
intended for use on production systems.  If you are inclined to help
test, however, we would appreciate you trying this new version and
reporting any problems.

Noteworthy changes since 1.4.2:

    * If available, cURL-based keyserver helpers are built that can
      retrieve keys using HKP or any protocol that cURL supports
      (HTTP, HTTPS, FTP, FTPS, etc).  If cURL is not available, HKP
      and HTTP are still supported using a built-in cURL emulator.  To
      force building the old pre-cURL keyserver helpers, use the
      configure option --enable-old-keyserver-helpers.  Note that none
      of this affects finger or LDAP support, which are unchanged.
      Note also that a future version of GnuPG will remove the old
      keyserver helpers altogether.

    * Implemented Public Key Association (PKA) trust sub model.  This
      is an optional trust model on top of the standard ones.  It make
      use of special DNS records and notation data to associate a mail
      address with an OpenPGP key. It is by default not used.  To use
      it you need to set the new option --allow-pka-lookup and an
      appropriate trust-model.  Also added new keyserver option
      auto-pka-retrieve which is enabled by default but only working
      if --allow-pka-lookup is also used.

    * When exporting subkeys, those specified with a key ID or
      fingerpint and the '!' suffix are now merged into one keyblock.

    * Added "gpg-zip", a program to create encrypted archives that can
      interoperate with PGP Zip.

    * Added support for signing subkey "back signatures".  Requiring
      back signatures to be present is currently off by default, but
      will be changed to on by default in the future, once more keys
      contain the back signature.  A new "backsign" command in the
      --edit-key menu can be used to update signing subkeys with back
      signatures.

    * The key cleaning options for --import-options and
      --export-options have been further polished.  "import-clean" and
      "export-clean" replace the older
      import-clean-sigs/import-clean-uids and
      export-clean-sigs/export-clean-uids option pairs.

    * New "minimize" command in the --edit-key menu removes everything
      that can be removed from a key, rendering it as small as
      possible.  There are corresponding "export-minimal" and
      "import-minimal" commands for --export-options and
      --import-options.

    * New --fetch-keys command to retrieve keys by specifying a URI.
      This allows direct key retrieval from a web page or other
      location that can be specified in a URI.  Available protocols
      are HTTP and finger, plus anything that cURL supplies, if built
      with cURL support.

Happy Hacking,

  David, Timo, Werner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 250 bytes
Desc: not available
Url : /pipermail/attachments/20060216/6c151e4c/attachment-0001.pgp


More information about the Gnupg-devel mailing list