[Announce] GnuPG 1.3.2 released (development)
David Shaw
dshaw@jabberwocky.com
Fri May 30 05:34:03 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, May 29, 2003 at 09:58:57PM +0200, Johan Wevers wrote:
> David Shaw wrote:
>
> > The latest release from the development branch of GnuPG is ready for
> > public consumption. This is a branch to create what will be GnuPG 1.4
> > someday.
>
> Are there already any ideas when "someday" is expected to be?
>
> > Noteworthy changes in version 1.3.2 (2003-05-27)
> [...]
>
> I see mostly things that were also on the 1.2.1 -> 1.2.2 list. Do I see
> it right when I say that 1.3.2 is mainly a version where the 1.2.2 changes
> were implemented?
9 out of the 22 NEWS entries are new for 1.3.2. There are a few more
changes that were not in the NEWS file, but these were not very
user-visible changes. The diff between 1.2.1 and 1.2.2 was big enough
(and had to be applied to 1.3.1 as well) that I wanted to get 1.3.2
out to get a nice clean working surface again.
The changes that are in 1.3.2 and not in 1.2.2 are:
* Multiple trust models are now supported via the --trust-model
option. The options are "pgp" (web-of-trust plus trust
signatures), "classic" (web-of-trust only), and "always"
(identical to the --always-trust option).
* The --personal-{cipher|digest|compression}-preferences are now
consulted to get default algorithms before resorting to the
last-ditch defaults of --s2k-cipher-algo, SHA1, and ZIP
respectively. This allows a user to set algorithms to use in a
safe manner so they are used when legal to do so, without
forcing them on for all messages.
* New --primary-keyring option to designate the keyring that the
user wants new keys imported into.
* --s2k-digest-algo is now used for all password mangling.
Earlier versions used both --s2k-digest-algo and --digest-algo
for passphrase mangling.
* Handling of --hidden-recipient or --throw-keyid messages is now
easier - the user only needs to give their passphrase once, and
GnuPG will try it against all of the available secret keys.
* DNS SRV records are used in HKP keyserver lookups to allow
administrators to load balance and select keyserver port
automatically. This is as specified in
draft-shaw-openpgp-hkp-00.txt.
* When using the "keyid!" syntax during a key export, only that
specified key is exported. If the key in question is a subkey,
the primary key plus only that subkey is exported.
* configure --disable-xxx options to disable individual algorithms
at build time. This can be used to build a smaller gpg binary
for embedded uses where space is tight. See the README file for
the algorithms that can be used with this option, or use
--enable-minimal to build the smallest gpg possible (disables
all optional algorithms, disables keyserver access, and disables
photo IDs).
* The keyserver no-modify flag on a key can now be displayed and
modified.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc
iD8DBQE+1tFl4mZch0nhy8kRAjP0AKCZ0NUVL1UZ8MZeGi5ZBUmlZY0WKwCdFHX2
EDMynSB/37E3zwEVR/stc0A=
=NP9o
-----END PGP SIGNATURE-----