[Announce] GnuPG 1.3.2 released (development)
David Shaw
dshaw@jabberwocky.com
Tue May 27 19:49:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello!
The latest release from the development branch of GnuPG is ready for
public consumption. This is a branch to create what will be GnuPG 1.4
someday. It will change much more frequently than the 1.2.x "stable"
branch, which will mainly be updated for bug fix reasons.
The more GnuPG-familiar user is encouraged try this release (and the
ones that will follow in the 1.3.x branch), and report back any
problems to gnupg-devel@gnupg.org. In return, you get the latest code
with the latest features.
Note that while this code is stable enough for many uses, it is still
the development branch. Mission-critical applications should always
use the 1.2.x stable branch.
The files are available from:
ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.2.tar.gz (1617k)
ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.2.tar.gz.sig
MD5 checksums for the files are:
c984bfeb35fbc7bdc591bffb0d690d22 gnupg-1.3.2.tar.gz
8d6c476a9d972ee7c3436d5ba2029130 gnupg-1.3.2.tar.gz.sig
Noteworthy changes in version 1.3.2 (2003-05-27)
- ------------------------------------------------
* New "--gnupg" option (set by default) that disables --openpgp,
and the various --pgpX emulation options. This replaces
--no-openpgp, and --no-pgpX, and also means that GnuPG has now
grown a --gnupg option to make GnuPG act like GnuPG.
* A bug in key validation has been fixed. This bug only affects
keys with more than one user ID (photo IDs do not count here),
and results in all user IDs on a given key being treated with
the validity of the most-valid user ID on that key.
* Notation names that do not contain a '@' are no longer allowed
unless --expert is set. This is to help prevent pollution of
the (as yet unused) IETF notation namespace.
* Multiple trust models are now supported via the --trust-model
option. The options are "pgp" (web-of-trust plus trust
signatures), "classic" (web-of-trust only), and "always"
(identical to the --always-trust option).
* The --personal-{cipher|digest|compression}-preferences are now
consulted to get default algorithms before resorting to the
last-ditch defaults of --s2k-cipher-algo, SHA1, and ZIP
respectively. This allows a user to set algorithms to use in a
safe manner so they are used when legal to do so, without
forcing them on for all messages.
* New --primary-keyring option to designate the keyring that the
user wants new keys imported into.
* --s2k-digest-algo is now used for all password mangling.
Earlier versions used both --s2k-digest-algo and --digest-algo
for passphrase mangling.
* Handling of --hidden-recipient or --throw-keyid messages is now
easier - the user only needs to give their passphrase once, and
GnuPG will try it against all of the available secret keys.
* Care is taken to prevent compiler optimization from removing
memory wiping code.
* New option --no-mangle-dos-filenames so that filenames are not
truncated in the W32 version.
* A "convert-from-106" script has been added. This is a simple
script that automates the conversion from a 1.0.6 or earlier
version of GnuPG to a 1.0.7 or later version.
* Disabled keys are now skipped when selecting keys for
encryption. If you are using the --with-colons key listings to
detect disabled keys, please see doc/DETAILS for a minor format
change in this release.
* Minor trustdb changes to make the trust calculations match
common usage.
* New command "revuid" in the --edit-key menu to revoke a user ID.
This is a simpler interface to the old method (which still
works) of revoking the user ID self-signature.
* Status VALIDSIG does now also print the primary key's
fingerprint, as well as the signature version, pubkey algorithm,
hash algorithm, and signature class.
* Add read-only support for the SHA-256 hash, and optional
read-only support for the SHA-384 and SHA-512 hashes.
* New option --enable-progress-filter for use with frontends.
* DNS SRV records are used in HKP keyserver lookups to allow
administrators to load balance and select keyserver port
automatically. This is as specified in
draft-shaw-openpgp-hkp-00.txt.
* When using the "keyid!" syntax during a key export, only that
specified key is exported. If the key in question is a subkey,
the primary key plus only that subkey is exported.
* configure --disable-xxx options to disable individual algorithms
at build time. This can be used to build a smaller gpg binary
for embedded uses where space is tight. See the README file for
the algorithms that can be used with this option, or use
--enable-minimal to build the smallest gpg possible (disables
all optional algorithms, disables keyserver access, and disables
photo IDs).
* The keyserver no-modify flag on a key can now be displayed and
modified.
* Note that the TIGER/192 digest algorithm is in the process of
being dropped from the OpenPGP standard. While this release of
GnuPG still contains it, it is disabled by default. To ensure
you will still be able to use your messages with future versions
of GnuPG and other OpenPGP programs, please do not use this
algorithm.
Happy Hacking,
The GnuPG team (David, Stefan, Timo and Werner)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc
iD8DBQE+04iD4mZch0nhy8kRAo7gAJ0Z0L+WfHl58A5M1rVELZD3mkhZ4QCgojp/
nf69QY8WAh2CjpYaXhzPKH0=
=uQgK
-----END PGP SIGNATURE-----
_______________________________________________
Gnupg-announce mailing list
Gnupg-announce@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-announce