1Noteworthy changes in version 1.4.23 (2018-06-11) 2------------------------------------------------- 3 4 * gpg: Sanitize the diagnostic output of the original file name in 5 verbose mode. [#4012,CVE-2018-12020] 6 7 * Does not push the compress-filter if not needed. [#3898] 8 9 * Fix the regexp sanitation. [#2923] 10 11 * Fix the accidental use of a C99 feature. 12 13 * Does not try to use the removed /dev/srandom device on OpenBSD. 14 15 * Updated the Danish, Dutch and Spansih translations. 16 17 Release info at <https://dev.gnupg.org/T4015>. 18 19 20Noteworthy changes in version 1.4.22 (2017-07-19) 21------------------------------------------------- 22 23 * Mitigate a flush+reload side-channel attack on RSA secret keys 24 dubbed "Sliding right into disaster". For details see 25 <https://eprint.iacr.org/2017/627>. [CVE-2017-7526] 26 27 * Fix some minor bugs. 28 29 30Noteworthy changes in version 1.4.21 (2016-08-17) 31------------------------------------------------- 32 33 * Fix critical security bug in the RNG [CVE-2016-6313]. An attacker 34 who obtains 580 bytes from the standard RNG can trivially predict 35 the next 20 bytes of output. Problem detected by Felix Dörre and 36 Vladimir Klebanov, KIT. 37 38 * Tweak default options for gpgv. 39 40 * By default do not anymore emit the GnuPG version with --armor. 41 42 43Noteworthy changes in version 1.4.20 (2015-12-20) 44------------------------------------------------- 45 46 * Reject signatures made using the MD5 hash algorithm unless the 47 new option --allow-weak-digest-algos or --pgp2 are given. 48 49 * New option --weak-digest to specify hash algorithms which 50 should be considered weak. 51 52 * Changed default cipher for symmetric-only encryption to AES-128. 53 54 * Fix for DoS when importing certain garbled secret keys. 55 56 * Improved error reporting for secret subkey w/o corresponding public 57 subkey. 58 59 * Improved error reporting in decryption due to wrong algorithm. 60 61 * Fix cluttering of stdout with trustdb info in double verbose mode. 62 63 * Pass a DBUS envvar to gpg-agent for use by gnome-keyring. 64 65 66Noteworthy changes in version 1.4.19 (2015-02-27) 67------------------------------------------------- 68 69 * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. 70 See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. 71 72 * Fixed data-dependent timing variations in modular exponentiation 73 [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks 74 are Practical]. 75 76 * Detect faulty use of --verify on detached signatures. 77 78 * Changed the PKA method to use CERT records and hashed names. 79 80 * New import option "keep-ownertrust". 81 82 * Support algorithm names when generating keys using the --command-fd 83 method. 84 85 * Updated many translations. 86 87 * Updated build system. 88 89 * Fixed a regression in keyserver import 90 91 * Fixed argument parsing for option --debug-level. 92 93 * Fixed DoS based on bogus and overlong key packets. 94 95 * Fixed bugs related to bogus keyrings. 96 97 * The usual minor minor bug fixes. 98 99 100Noteworthy changes in version 1.4.18 (2014-06-30) 101------------------------------------------------- 102 103 * Fix a regression in 1.4.17 if more than one keyid is given 104 to --recv-keys et al. 105 106 * Cap RSA and Elgamal keysize at 4096 bit also for unattended key 107 generation. 108 109 110Noteworthy changes in version 1.4.17 (2014-06-23) 111------------------------------------------------- 112 113 * Avoid DoS due to garbled compressed data packets. [CVE-2014-4617] 114 115 * Screen keyserver reponses to avoid import of unwanted keys by rogue 116 servers. 117 118 * Add hash algorithms to the "sig" records of the colon output. 119 120 * More specific reason codes for INV_RECP status. 121 122 * Fixes for PC/SC access on Apple. 123 124 * Minor bug fixes. 125 126 127Noteworthy changes in version 1.4.16 (2013-12-18) 128------------------------------------------------- 129 130 * Fixed the RSA Key Extraction via Low-Bandwidth Acoustic 131 Cryptanalysis attack as described by Genkin, Shamir, and Tromer. 132 See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576] 133 134 * Put only the major version number by default into armored output. 135 136 * Do not create a trustdb file if --trust-model=always is used. 137 138 * Print the keyid for key packets with --list-packets. 139 140 * Changed modular exponentiation algorithm to recover from a small 141 performance loss due to a change in 1.4.14. 142 143 144Noteworthy changes in version 1.4.15 (2013-10-04) 145------------------------------------------------- 146 147 * Fixed possible infinite recursion in the compressed packet 148 parser. [CVE-2013-4402] 149 150 * Protect against rogue keyservers sending secret keys. 151 152 * Use 2048 bit also as default for batch key generation. 153 154 * Minor bug fixes. 155 156 157Noteworthy changes in version 1.4.14 (2013-07-25) 158------------------------------------------------- 159 160 * Mitigate the Yarom/Falkner flush+reload side-channel attack on 161 RSA secret keys. See <http://eprint.iacr.org/2013/448>. 162 [CVE-2013-4242] 163 164 * Fixed IDEA for big-endian CPUs 165 166 * Improved the diagnostics for failed keyserver lockups. 167 168 * Minor bug and portability fixes. 169 170 171Noteworthy changes in version 1.4.13 (2012-12-20) 172------------------------------------------------- 173 174 * Add support for the old cipher algorithm IDEA. 175 176 * Minor bug fixes. 177 178 179Noteworthy changes in version 1.4.12 (2012-01-30) 180------------------------------------------------- 181 182 * GPG now accepts a space separated fingerprint as a user ID. 183 This allows to copy and paste the fingerprint from the key 184 listing. 185 186 * Removed support for the original HKP keyserver which is not 187 anymore used by any site. 188 189 * Rebuild the trustdb after changing the option --min-cert-level. 190 191 * Improved JPEG detection. 192 193 * Included more VMS patches 194 195 * Made it easier to create an installer for Windows. 196 197 * Supports the 32 bit variant of the mingw-w64 toolchain. 198 199 * Made file locking more portable. 200 201 * Minor bug fixes. 202 203 204Noteworthy changes in version 1.4.11 (2010-10-18) 205------------------------------------------------- 206 207 * Bug fixes and portability changes. 208 209 * Minor changes for better interoperability with GnuPG-2. 210 211 212Noteworthy changes in version 1.4.10 (2009-09-02) 213------------------------------------------------- 214 215 * 2048 bit RSA keys are now generated by default. The default 216 hash algorithm preferences has changed to prefer SHA-256 over 217 SHA-1. 2048 bit DSA keys are now generated to use a 256 bit 218 hash algorithm 219 220 * Support v2 OpenPGP cards. 221 222 * The algorithm to compute the SIG_ID status has been changed to 223 match the one from 2.0.10. 224 225 * Improved file locking. Implemented it for W32. 226 227 * Fixed a memory leak which made imports of many keys very slow. 228 229 * Many smaller bug fixes. 230 231 * Support for the Camellia cipher (RFC-5581). 232 233 * Support for HKP keyservers over SSL ("HKPS"). 234 235 236Noteworthy changes in version 1.4.9 (2008-03-26) 237------------------------------------------------ 238 239 * Improved AES encryption performance by more than 20% (on ia32). 240 Decryption is also a bit faster. 241 242 * Fixed possible memory corruption bug in 1.4.8 while importing 243 OpenPGP keys. [CVE-2008-1530] 244 245 246Noteworthy changes in version 1.4.8 (2007-12-20) 247------------------------------------------------ 248 249 ******************************************* 250 * A decade of GnuPG: g10-0.0.0.tar.gz was * 251 * released exactly 10 years ago. * 252 ******************************************* 253 254 * Changed the license to GPLv3. 255 256 * Improved detection of keyrings specified multiple times. 257 258 * Changes to better cope with broken keyservers. 259 260 * Minor bug fixes. 261 262 * The new OpenPGP standard is now complete, and has been published 263 as RFC-4880. The GnuPG --openpgp mode (note this is not the 264 default) has been updated to match the new standard. The 265 --rfc2440 option can be used to return to the older RFC-2440 266 behavior. The main differences between the two are 267 "--enable-dsa2 --no-rfc2440-text --escape-from-lines 268 --require-cross-certification". 269 270 * By default (i.e. --gnupg mode), --require-cross-certification is 271 now on. --rfc2440-text and --force-v3-sigs are now off. 272 273 * Allow encryption using legacy Elgamal sign+encrypt keys if 274 option --rfc2440 is used. 275 276 * Fixed the auto creation of the key stub for smartcards. 277 278 * Fixed a rare bug in decryption using the OpenPGP card. 279 280 * Fix RFC-4880 typo in the SHA-224 hash prefix. Old SHA-224 281 signatures will continue to work. 282 283 284Noteworthy changes in version 1.4.7 (2007-03-05) 285------------------------------------------------ 286 287 * By default, do not allow processing multiple plaintexts in a 288 single stream. Many programs that called GnuPG were assuming 289 that GnuPG did not permit this, and were thus not using the 290 plaintext boundary status tags that GnuPG provides. This change 291 makes GnuPG reject such messages by default which makes those 292 programs safe again. --allow-multiple-messages returns to the 293 old behavior. [CVE-2007-1263]. 294 295 * [W32] The environment variable LANGUAGE may be used to override 296 the language given by HKCU\Software\GNU\GnuPG:Lang. The 297 language files "*.mo" are expected in a directory named 298 "gnupg.nls" below the directory with the gpg.exe binary. 299 300 * New --verify-option show-primary-uid-only. 301 302 303Noteworthy changes in version 1.4.6 (2006-12-06) 304------------------------------------------------ 305 306 * Fixed a serious and exploitable bug in processing encrypted 307 packages. [CVE-2006-6235]. 308 309 * Fixed a buffer overflow in gpg. [bug#728, CVE-2006-6169] 310 311 * Fixed a bug while decrypting certain compressed and encrypted 312 messages. [bug#537] 313 314 * Added --s2k-count to set the number of times passphrase mangling 315 is repeated. The default is 65536 times. 316 317 * Added --passphrase-repeat to set the number of times GPG will 318 prompt for a new passphrase to be repeated. This is useful to 319 help memorize a new passphrase. The default is 1 repetition. 320 321 * Added a GPL license exception to the keyserver helper programs 322 gpgkeys_ldap, gpgkeys_curl, and gpgkeys_hkp, to clarify any 323 potential questions about the ability to distribute binaries 324 that link to the OpenSSL library. GnuPG does not link directly 325 to OpenSSL, but libcurl (used for HKP, HTTP, and FTP) and 326 OpenLDAP (used for LDAP) may. Note that this license exception 327 is considered a bug fix and is intended to forgive any 328 violations pertaining to this issue, including those that may 329 have occurred in the past. 330 331 * Man pages are now built from the same source as those of GnuPG-2. 332 333 334Noteworthy changes in version 1.4.5 (2006-08-01) 335------------------------------------------------ 336 337 * Reverted check for valid standard handles under Windows. 338 339 * More DSA2 tweaks. 340 341 * Fixed a problem uploading certain keys to the smart card. 342 343 * Fixed 2 more possible memory allocation attacks. 344 345 * Added Norwegian translation. 346 347 348Noteworthy changes in version 1.4.4 (2006-06-25) 349------------------------------------------------ 350 351 * User IDs are now capped at 2048 bytes. This avoids a memory 352 allocation attack (see CVE-2006-3082). 353 354 * Added support for the SHA-224 hash. Like the SHA-384 hash, it 355 is mainly useful when DSS (the US Digital Signature Standard) 356 compatibility is desired. 357 358 * Added support for the latest update to DSA keys and signatures. 359 This allows for larger keys than 1024 bits and hashes other than 360 SHA-1 and RIPEMD/160. Note that not all OpenPGP implementations 361 can handle these new keys and signatures yet. See 362 "--enable-dsa2" in the manual for more information. 363 364 365Noteworthy changes in version 1.4.3 (2006-04-03) 366------------------------------------------------ 367 368 * If available, cURL-based keyserver helpers are built that can 369 retrieve keys using HKP or any protocol that cURL supports 370 (HTTP, HTTPS, FTP, FTPS, etc). If cURL is not available, HKP 371 and HTTP are still supported using a built-in cURL emulator. To 372 force building the old pre-cURL keyserver helpers, use the 373 configure option --enable-old-keyserver-helpers. Note that none 374 of this affects finger or LDAP support, which are unchanged. 375 Note also that a future version of GnuPG will remove the old 376 keyserver helpers altogether. 377 378 * Implemented Public Key Association (PKA) signature verification. 379 This uses special DNS records and notation data to associate a 380 mail address with an OpenPGP key to prove that mail coming from 381 that address is legitimate without the need for a full trust 382 path to the signing key. 383 384 * When exporting subkeys, those specified with a key ID or 385 fingerpint and the '!' suffix are now merged into one keyblock. 386 387 * Added "gpg-zip", a program to create encrypted archives that can 388 interoperate with PGP Zip. 389 390 * Added support for signing subkey cross-certification "back 391 signatures". Requiring cross-certification to be present is 392 currently off by default, but will be changed to on by default 393 in the future, once more keys use it. A new "cross-certify" 394 command in the --edit-key menu can be used to update signing 395 subkeys to have cross-certification. 396 397 * The key cleaning options for --import-options and 398 --export-options have been further polished. "import-clean" and 399 "export-clean" replace the older 400 import-clean-sigs/import-clean-uids and 401 export-clean-sigs/export-clean-uids option pairs. 402 403 * New "minimize" command in the --edit-key menu removes everything 404 that can be removed from a key, rendering it as small as 405 possible. There are corresponding "export-minimal" and 406 "import-minimal" commands for --export-options and 407 --import-options. 408 409 * New --fetch-keys command to retrieve keys by specifying a URI. 410 This allows direct key retrieval from a web page or other 411 location that can be specified in a URI. Available protocols 412 are HTTP and finger, plus anything that cURL supplies, if built 413 with cURL support. 414 415 * Files containing several signed messages are not allowed any 416 longer as there is no clean way to report the status of such 417 files back to the caller. To partly revert to the old behaviour 418 the new option --allow-multisig-verification may be used. 419 420 * The keyserver helpers can now handle keys in either ASCII armor 421 or binary format. 422 423 * New auto-key-locate option that takes an ordered list of methods 424 to locate a key if it is not available at encryption time (-r or 425 --recipient). Possible methods include "cert" (use DNS CERT as 426 per RFC2538bis, "pka" (use DNS PKA), "ldap" (consult the LDAP 427 server for the domain in question), "keyserver" (use the 428 currently defined keyserver), as well as arbitrary keyserver 429 URIs that will be contacted for the key. 430 431 * Able to retrieve keys using DNS CERT records as per RFC-4398. 432 433 434Noteworthy changes in version 1.4.2 (2005-07-26) 435------------------------------------------------ 436 437 * New command "verify" in the card-edit menu to display 438 the Private-DO-3. The Admin command has been enhanced to take 439 the optional arguments "on", "off" and "verify". The latter may 440 be used to verify the Admin Pin without modifying data; this 441 allows displaying the Private-DO-4 with the "list" command. 442 443 * Rewrote large parts of the card code to optionally make use of a 444 running gpg-agent. If --use-agent is being used and a gpg-agent 445 with enabled scdaemon is active, gpg will now divert all card 446 operations to that daemon. This is required because both, 447 scdaemon and gpg require exclusive access to the card reader. By 448 delegating the work to scdaemon, both can peacefully coexist and 449 scdaemon is able to control the use of the reader. Note that 450 this requires at least gnupg 1.9.17. 451 452 * Fixed a couple of problems with the card reader. 453 454 * Command completion is now available in the --edit-key and 455 --card-edit menus. Filename completion is available at all 456 filename prompts. Note that completion is only available if the 457 system provides a readline library. 458 459 * New experimental HKP keyserver helper that uses the cURL 460 library. It is enabled via the configure option --with-libcurl 461 like the other (also experimental) cURL helpers. 462 463 * New key cleaning options that can be used to remove unusable 464 (expired, revoked) signatures from a key. This is available via 465 the new "clean" command in --edit-key on a key by key basis, as 466 well as via the import-clean-sigs/import-clean-uids and 467 export-clean-sigs/export-clean-uids options for --import-options 468 and --export-options. These are currently off by default, and 469 replace the import-unusable-sigs/export-unusable-sigs options 470 from version 1.4.1. 471 472 * New export option export-reset-subkey-passwd. 473 474 * New option --limit-card-insert-tries. 475 476 477Noteworthy changes in version 1.4.1 (2005-03-15) 478------------------------------------------------ 479 480 * New --rfc2440-text option which controls how text is handled in 481 signatures. This is in response to some problems seen with 482 certain PGP/MIME mail clients and GnuPG version 1.4.0. More 483 details about this are available at 484 <http://lists.gnupg.org/pipermail/gnupg-users/2005-January/024408.html>. 485 486 * New "import-unusable-sigs" and "export-unusable-sigs" tags for 487 --import-options and --export-options. These are off by default, 488 which causes GnuPG to not import or export key signatures that 489 are not usable (e.g. expired signatures). 490 491 * New experimental HTTP, HTTPS, FTP, and FTPS keyserver helper 492 that uses the cURL library <http://curl.haxx.se> to retrieve 493 keys. This is disabled by default, but may be enabled with the 494 configure option --with-libcurl. Without this option, the 495 existing HTTP code is used for HTTP, and HTTPS, FTP, and FTPS 496 are not supported. 497 498 * When running a --card-status or --card-edit and a public key is 499 available, missing secret key stubs will be created on the fly. 500 Details of the key are listed too. 501 502 * The implicit packet dumping in double verbose mode is now sent 503 to stderr and not to stdout. 504 505 * Added countermeasures against the Mister/Zuccherato CFB attack 506 <http://eprint.iacr.org/2005/033>. 507 508 * [W32] The algorithm for the default home directory changed: 509 First we look at the environment variable GNUPGHOME, if this one 510 is not set, we check whether the registry entry 511 {HKCU,HKLM}\Software\GNU\GnuPG:HomeDir has been set. If this 512 fails we use a GnuPG directory below the standard application 513 data directory (APPDATA) of the current user. Only in the case 514 that this directory cannot be determined, the old default of 515 c:\gnupg will be used. The option --homedir still overrides all 516 of them. 517 518 * [W32] The locale selection under Windows changed. You need to 519 enter the locale in the registry at HKCU\Software\GNU\GnuPG:Lang. 520 For German you would use "de". If it is not set, GnuPG falls 521 back to HKLM. The languages files "*.mo" are expected in a 522 directory named "gnupg.nls" below the installation directory; 523 that directory must be stored in the registry at the same key as 524 above with the name "Install Directory". 525 526 * Add new --edit-key command "bkuptocard" to allow restoring a 527 card key from a backup. 528 529 * The "fetch" command of --card-edit now retrieves the key using 530 the default keyserver if no URL has been stored on the card. 531 532 * New configure option --enable-noexecstack. 533 534 535Noteworthy changes in version 1.4.0 (2004-12-16) 536------------------------------------------------ 537 538 * See the file doc/highlights-1.4.txt for an overview of all 539 changes in respect to the 1.2 series. 540 541 542Noteworthy changes in version 1.3.93 (2004-12-14) 543------------------------------------------------- 544 545 * Ask the user to repeat a changed PIN. 546 547 * Switched to automake 1.9. Minor big fixes. 548 549 550Noteworthy changes in version 1.3.92 (2004-10-28) 551------------------------------------------------- 552 553 * Added Russian man page. Thanks to Pawel I. Shajdo. 554 555 * libiconv is now used to support other character sets other than 556 UTF-8, Latin-1,-2 and KOI8-2. The W32 version will only work 557 correctly when iconv.dll is installed on the system. A binary 558 version is available at all GNU mirror sites under libiconv. 559 560 * gettext for Windows has been simplified. The MO files are now 561 distributed UTF-8 encoded and gpg translates on the fly. 562 563 564Noteworthy changes in version 1.3.91 (2004-10-15) 565------------------------------------------------- 566 567 * A new configure option --enable-selinux-support disallows 568 processing of confidential files used by gpg (e.g. secring.gpg). 569 This helps writing ACLs for the SELinux kernel. 570 571 * Support for fetching keys via finger has been added. This is 572 useful for setting a preferred keyserver URL like 573 "finger:wk@g10code.com". 574 575 * Timeout support has been added to the keyserver helpers. This 576 allows users to set an upper limit on how long to wait for the 577 keyserver before giving up. 578 579 * New "direct" trust model where users can set key validity 580 directly if they do not want to participate in the web of trust. 581 582 * Minor bug fixes, code and string cleanups. 583 584 585Noteworthy changes in version 1.3.90 (2004-10-01) 586------------------------------------------------- 587 588 * Readline support at all prompts is now available if the system 589 provides a readline library. The build time option 590 --without-readline may be used to disable this feature. 591 592 * Support for the OpenPGP smartcard is now enabled by default. 593 Use the option --disable-card-support to build without support 594 for smartcards. 595 596 * New command "addcardkey" in the key edit menu to add subkeys to 597 a smartcard. New command "keytocard" to transfer a key to a smartcard. 598 The serial number of the card is show in secret key listings. 599 600 * -K may now be used as an alias for --list-secret-keys. 601 602 * HTTP Basic authentication is now supported for all HKP and HTTP 603 keyserver functions, either through a proxy or via direct 604 access. 605 606 607Noteworthy changes in version 1.3.6 (2004-05-22) 608------------------------------------------------ 609 610 * New --keyid-format option that selects short (99242560), long 611 (DB698D7199242560), 0xshort (0x99242560), or 0xlong 612 (0xDB698D7199242560) keyid displays. This lets users tune the 613 display to what they prefer. 614 615 * The --list-options and --verify-options option 616 "show-long-keyids" has been removed since --keyid-format 617 obviates the need for them. 618 619 * Support for the old quasi-1991 partial length encoding has been 620 removed. 621 622 * The --export-all and --export-options include-non-rfc options 623 have been removed as superfluous since nonstandard V3 Elgamal 624 sign+encrypt keys have been removed. 625 626 * Preferred keyserver support has been added. Users may set a 627 preferred keyserver via the --edit-key command "keyserver". If 628 the --keyserver-option honor-keyserver-url is set (and it is by 629 default), then the preferred keyserver is used when refreshing 630 that key. 631 632 * The --sig-keyserver-url option can be used to inform signature 633 recipients where the signing key can be downloaded. When 634 verifying the signature, if the signing key is not present, and 635 the keyserver options honor-keyserver-url and auto-key-retrieve 636 are set, this URL will be used to retrieve the key. 637 638 * Support for fetching keys via HTTP has been added. This is 639 mainly useful for setting a preferred keyserver URL like 640 "http://www.jabberwocky.com/key.asc". 641 642 * New --ask-cert-level/--no-ask-cert-level option to turn on and 643 off the prompt for signature level when signing a key. Defaults 644 to off. 645 646 * New --gpgconf-list command for internal use by the gpgconf 647 utility from gnupg 1.9.x. 648 649 650Noteworthy changes in version 1.3.5 (2004-02-26) 651------------------------------------------------ 652 653 * New --min-cert-level option to disregard key signatures that are 654 under a specified level. Defaults to 2 (i.e. discard 0x11 655 signatures). 656 657 * New --max-output option to limit the amount of plaintext output 658 generated by GnuPG. This option can be used by programs which 659 call GnuPG to process messages that may result in plaintext 660 larger than the calling program is prepared to handle. This is 661 sometimes called a "Decompression Bomb". 662 663 * New --list-config command for frontends and other programs that 664 call GnuPG. See doc/DETAILS for the specifics of this. 665 666 * Some performance improvements with large keyrings. See the 667 build time option --enable-key-cache=SIZE in the README file for 668 details. 669 670 * Some portability fixes for the OpenBSD/i386, HPPA, and AIX 671 platforms. 672 673 * New keyserver-option "http-proxy" to specify which proxy to use 674 in the config file without using environment variables. 675 676 * Added support for storing, retrieving, and searching for keys in 677 LDAP servers. Note that this is different than the "LDAP 678 keyserver" which was already (and remains) supported. 679 680 * Added support for TLS and LDAPS session encryption for LDAP. 681 682 * --show-session-key/--override-session-key now works with 683 --symmetric messages. 684 685 * The configure options --enable-rsa and --disable-rsa can now be 686 used to enable or disable the RSA algorithm. This can be useful 687 for embedded use where space is tight. --enable-minimal 688 includes --disable-rsa. RSA is enabled by default. 689 690 * The last support for Elgamal sign+encrypt keys has been removed. 691 692 693Noteworthy changes in version 1.3.4 (2003-11-27) 694------------------------------------------------ 695 696 * Added support for BZIP2 compression. This should be considered 697 experimental, and is only available if the libbzip2 library 698 <http://sources.redhat.com/bzip2/> is installed. 699 700 * Added the ability to handle messages that can be decrypted with 701 either a passphrase or a secret key. These messages may be 702 generated with --symmetric --encrypt or --symmetric --sign 703 --encrypt. 704 705 * The config file search has been enhanced to try for less 706 specific filename matches before giving up. For example, 707 version 1.3.4 will try for gpg.conf-1.3.4, gpg.conf-1.3, and 708 gpg.conf-1 before falling back to the regular gpg.conf file. 709 710 * Fixed a format string bug in the HKP keyserver handler. 711 712 * Support for Elgamal sign+encrypt keys has been removed. Old 713 signatures may still be verified, and existing encrypted 714 messages may still be decrypted, but no new signatures may be 715 issued by, and no new messages will be encrypted to, these keys. 716 717 718Noteworthy changes in version 1.3.3 (2003-10-10) 719------------------------------------------------ 720 721 * Basic support for the OpenPGP card. New commands --card-status, 722 --card-edit, --change-pin and the configuration options 723 --reader-port, --ctapi-driver, --pcsc-driver, and --disable-ccid. 724 725 * Full (read/write) support for the SHA-256 hash has been added. 726 727 * Support for the TIGER/192 hash has been dropped. This should 728 not be interpreted as a statement as to the strength of 729 TIGER/192 - rather, the upcoming revision to the OpenPGP 730 standard removes support for several unused (or mostly unused) 731 hashes. 732 733 * Revoked or expired user IDs are now skipped when selecting keys 734 for encryption. Specifying a key by the key ID overrides this 735 check and allows the selection of any key. 736 737 * Note that --no-mangle-dos-filenames is now the default. If you 738 are upgrading from a 1.2.x version of GnuPG, and are running a 739 very old version of Windows that has the 8.3 filename limit, you 740 may need to change this. 741 742 * Multiple "Comment:" lines in armored output are now allowed. 743 744 * New --list-options option. This option takes a list of 745 arguments that allows the user to customize exactly what key 746 listings (including the --edit-key listing) look like, enabling 747 or disabling things such as photo display, policy URL, preferred 748 keyserver URL, or notation display, long or short keyIDs, 749 calculated validity for each user ID, etc. See the manual for 750 the complete list of list-options. 751 752 * New --verify-options option. This option takes a list of 753 arguments that allows the user to customize exactly what happens 754 during signature verification, enabling or disabling things such 755 as photo display, policy URL, preferred keyserver URL, or 756 notation display, long or short keyIDs, calculated validity for 757 each user ID, etc. See the manual for the complete list of 758 verify-options. 759 760 * New --sig-keyserver-url to embed a "where to get my key" 761 subpacket into a signature. 762 763 * The options --show-photos, --show-policy-url, --show-notation, 764 and --show-keyring are all deprecated in favor of those 765 arguments to --list-options and --verify-options. The new 766 method is more flexible since a user can specify (for example) 767 showing photos during sig verification, but not in key listings. 768 769 * The complete fingerprint of the key that made a given key 770 certification is now available in the --with-colons output. For 771 technical reasons, this is only available when running with 772 --no-sig-cache set. See doc/DETAILS for the specifics of this. 773 774 * IPv6 support for HKP keyserver access. IPv6 for LDAP keyserver 775 access is also supported, but is dependent on the LDAP library 776 used. 777 778 * To simplify running both the stable (1.2.x) and development 779 (1.3.x) versions of GnuPG, the development version will try to 780 load the options file gpg.conf-VERSION (e.g. gpg.conf-1.3.3 for 781 this release) before falling back to the regular gpg.conf file. 782 783 * Two new %-expandos for use in notation and policy URLs. "%g" 784 expands to the fingerprint of the key making the signature 785 (which might be a subkey), and "%p" expands to the fingerprint 786 of the primary key that owns the key making the signature. 787 788 * New "tru" record in --with-colons --list-keys listings. It 789 shows the status of the trust database that was used to 790 calculate the key validity in the listings. See doc/DETAILS for 791 the specifics of this. 792 793 * New REVKEYSIG status tag for --status-fd. It indicates a valid 794 signature that was issued by a revoked key. See doc/DETAILS for 795 the specifics of this. 796 797 * A number of portability changes to make building GnuPG on 798 less-common platforms easier. 799 800 801Noteworthy changes in version 1.3.2 (2003-05-27) 802------------------------------------------------ 803 804 * New "--gnupg" option (set by default) that disables --openpgp, 805 and the various --pgpX emulation options. This replaces 806 --no-openpgp, and --no-pgpX, and also means that GnuPG has 807 finally grown a --gnupg option to make GnuPG act like GnuPG. 808 809 * A bug in key validation has been fixed. This bug only affects 810 keys with more than one user ID (photo IDs do not count here), 811 and results in all user IDs on a given key being treated with 812 the validity of the most-valid user ID on that key. 813 814 * Notation names that do not contain a '@' are no longer allowed 815 unless --expert is set. This is to help prevent pollution of 816 the (as yet unused) IETF notation namespace. 817 818 * Multiple trust models are now supported via the --trust-model 819 option. The options are "pgp" (web-of-trust plus trust 820 signatures), "classic" (web-of-trust only), and "always" 821 (identical to the --always-trust option). 822 823 * The --personal-{cipher|digest|compression}-preferences are now 824 consulted to get default algorithms before resorting to the 825 last-ditch defaults of --s2k-cipher-algo, SHA1, and ZIP 826 respectively. This allows a user to set algorithms to use in a 827 safe manner so they are used when legal to do so, without 828 forcing them on for all messages. 829 830 * New --primary-keyring option to designate the keyring that the 831 user wants new keys imported into. 832 833 * --s2k-digest-algo is now used for all password mangling. 834 Earlier versions used both --s2k-digest-algo and --digest-algo 835 for passphrase mangling. 836 837 * Handling of --hidden-recipient or --throw-keyid messages is now 838 easier - the user only needs to give their passphrase once, and 839 GnuPG will try it against all of the available secret keys. 840 841 * Care is taken to prevent compiler optimization from removing 842 memory wiping code. 843 844 * New option --no-mangle-dos-filenames so that filenames are not 845 truncated in the W32 version. 846 847 * A "convert-from-106" script has been added. This is a simple 848 script that automates the conversion from a 1.0.6 or earlier 849 version of GnuPG to a 1.0.7 or later version. 850 851 * Disabled keys are now skipped when selecting keys for 852 encryption. If you are using the --with-colons key listings to 853 detect disabled keys, please see doc/DETAILS for a minor format 854 change in this release. 855 856 * Minor trustdb changes to make the trust calculations match 857 common usage. 858 859 * New command "revuid" in the --edit-key menu to revoke a user ID. 860 This is a simpler interface to the old method (which still 861 works) of revoking the user ID self-signature. 862 863 * Status VALIDSIG does now also print the primary key's 864 fingerprint, as well as the signature version, pubkey algorithm, 865 hash algorithm, and signature class. 866 867 * Add read-only support for the SHA-256 hash, and optional 868 read-only support for the SHA-384 and SHA-512 hashes. 869 870 * New option --enable-progress-filter for use with frontends. 871 872 * DNS SRV records are used in HKP keyserver lookups to allow 873 administrators to load balance and select keyserver ports 874 automatically. This is as specified in 875 draft-shaw-openpgp-hkp-00.txt. 876 877 * When using the "keyid!" syntax during a key export, only that 878 specified key is exported. If the key in question is a subkey, 879 the primary key plus only that subkey is exported. 880 881 * configure --disable-xxx options to disable individual algorithms 882 at build time. This can be used to build a smaller gpg binary 883 for embedded uses where space is tight. See the README file for 884 the algorithms that can be used with this option, or use 885 --enable-minimal to build the smallest gpg possible (disables 886 all optional algorithms, disables keyserver access, and disables 887 photo IDs). 888 889 * The keyserver no-modify flag on a key can now be displayed and 890 modified. 891 892 * Note that the TIGER/192 digest algorithm is in the process of 893 being dropped from the OpenPGP standard. While this release of 894 GnuPG still contains it, it is disabled by default. To ensure 895 you will still be able to use your messages with future versions 896 of GnuPG and other OpenPGP programs, please do not use this 897 algorithm. 898 899 900Noteworthy changes in version 1.3.1 (2002-11-12) 901------------------------------------------------ 902 903 * Trust signature support. This is based on the Maurer trust 904 model where a user can specify the trust level along with the 905 signature with multiple levels so users can delegate 906 certification ability to other users, possibly restricted by a 907 regular expression on the user ID. Note that full trust 908 signature support requires a regular expression parsing library. 909 The regexp code from glibc 2.3.1 is included for those platforms 910 that don't have working regexp functions available. The 911 configure option --disable-regex may be used to disable any 912 regular expression code, which will make GnuPG ignore any trust 913 signature with a regular expression included. 914 915 * Two new commands --hidden-recipient (-R) and --hidden-encrypt-to 916 encrypt to a user, but hide the identity of that user. This is 917 the same functionality as --throw-keyid, but can be used on a 918 per-user basis. 919 920 * Full algorithm names (e.g. "3DES", "SHA1", "ZIP") can now be 921 used interchangeably with the short algorithm names (e.g. "S2", 922 "H2", "Z1") anywhere algorithm names are used in GnuPG. 923 924 925Noteworthy changes in version 1.3.0 (2002-10-18) 926------------------------------------------------ 927 928 * The last piece of internal keyserver support has been removed, 929 and now all keyserver access is done via the keyserver plugins. 930 There is also a newer keyserver protocol used between GnuPG and 931 the plugins, so plugins from earlier versions of GnuPG may not 932 work properly. 933 934 * The HKP keyserver plugin supports the new machine-readable key 935 listing format for those keyservers that provide it. 936 937 * When using a HKP keyserver with multiple DNS records (such as 938 wwwkeys.pgp.net which has the addresses of multiple servers 939 around the world), try all records until one succeeds. Note 940 that it depends on the LDAP library used whether the LDAP 941 keyserver plugin does this as well. 942 943 * The library dependencies for OpenLDAP seem to change fairly 944 frequently, and GnuPG's configure script cannot guess all the 945 combinations. Use ./configure LDAPLIBS="-L libdir -l libs" to 946 override the script and use the libraries selected. 947 948 * Secret keys generated with --export-secret-subkeys are now 949 indicated in key listings with a '#' after the "sec", and in 950 --with-colons listings by showing no capabilities (no lowercase 951 characters). 952 953 * --trusted-key has been un-obsoleted, as it is useful for adding 954 ultimately trusted keys from the config file. It is identical 955 to using --edit and "trust" to change a key to ultimately 956 trusted. 957 958 * Translations other than de are no longer distributed with the 959 development branch. This is due to the frequent text changes 960 during development, which cause the translations to rapidly go 961 out of date. 962 963 964Noteworthy changes in version 1.1.92 (2002-09-11) 965------------------------------------------------- 966 967 * [IMPORTANT] The default configuration file is now 968 ~/.gnupg/gpg.conf. If an old ~/.gnupg/options is found it will 969 still be used. This change is required to have a more 970 consistent naming scheme with forthcoming tools. 971 972 * The use of MDCs have increased. A MDC will be used if the 973 recipients directly request it, if the recipients have AES, 974 AES192, AES256, or TWOFISH in their cipher preferences, or if 975 the chosen cipher has a blocksize not equal to 64 bits 976 (currently this is also AES, AES192, AES256, and TWOFISH). 977 978 * GnuPG will no longer automatically disable compression when 979 processing an already-compressed file unless a MDC is being 980 used. This is to give the message a certain amount of 981 resistance to the chosen-ciphertext attack while communicating 982 with other programs (most commonly PGP earlier than version 7.x) 983 that do not support MDCs. 984 985 * The option --interactive now has the desired effect when 986 importing keys. 987 988 * The file permission and ownership checks on files have been 989 clarified. Specifically, the homedir (usually ~/.gnupg) is 990 checked to protect everything within it. If the user specifies 991 keyrings outside this homedir, they are presumed to be shared 992 keyrings and therefore *not* checked. Configuration files 993 specified with the --options option and the IDEA cipher 994 extension specified with --load-extension are checked, along 995 with their enclosing directories. 996 997 * The configure option --with-static-rnd=auto allows to build gpg 998 with all available entropy gathering modules included. At 999 runtime the best usable one will be selected from the list 1000 linux, egd, unix. This is also the default for systems lacking 1001 a /dev/random device. 1002 1003 * The default character set is now taken from the current locale; 1004 it can still be overridden by the --charset option. Using the 1005 option -vvv shows the used character set. 1006 1007 * [REMOVED] --emulate-checksum-bug and --emulate-3des-s2k-bug have 1008 been removed. 1009 1010 1011Noteworthy changes in version 1.1.91 (2002-08-04) 1012------------------------------------------------- 1013 1014 * All modules are now linked statically; the --load-extension 1015 option is in general not useful anymore. The only exception is 1016 to specify the deprecated idea cipher. 1017 1018 * The IDEA plugin has changed. Previous versions of the IDEA 1019 plugin will no longer work with GnuPG. However, the current 1020 version of the plugin will work with earlier GnuPG versions. 1021 1022 * When using --batch with one of the --delete-key commands, the 1023 key must be specified by fingerprint. See the man page for 1024 details. 1025 1026 * There are now various ways to restrict the ability GnuPG has to 1027 exec external programs (for the keyserver helpers or photo ID 1028 viewers). Read the README file for the complete list. 1029 1030 * New export option to leave off attribute packets (photo IDs) 1031 during export. This is useful when exporting to HKP keyservers 1032 which do not understand attribute packets. 1033 1034 * New import option to repair during import the HKP keyserver 1035 mangling multiple subkeys bug. Note that this cannot completely 1036 repair the damaged key as some crucial data is removed by the 1037 keyserver, but it does at least give you back one subkey. This 1038 is on by default for keyserver --recv-keys, and off by default 1039 for regular --import. 1040 1041 * The keyserver helper programs now live in 1042 /usr/[local/]libexec/gnupg by default. If you are upgrading 1043 from 1.0.7, you might want to delete your old copies in 1044 /usr/[local/]bin. If you use an OS that does not use libexec 1045 for whatever reason, use configure --libexecdir=/usr/local/lib 1046 to place the keyserver helpers there. 1047 1048 * The LDAP keyserver handler now works properly with very old 1049 (version 1) LDAP keyservers. 1050 1051 1052Noteworthy changes in version 1.1.90 (2002-07-01) 1053------------------------------------------------- 1054 1055 * New commands: --personal-cipher-preferences, 1056 --personal-digest-preferences, and 1057 --personal-compress-preferences allow the user to specify which 1058 algorithms are to be preferred. Note that this does not permit 1059 using an algorithm that is not present in the recipient's 1060 preferences (which would violate the OpenPGP standard). This 1061 just allows sorting the preferences differently. 1062 1063 * New "group" command to refer to several keys with one name. 1064 1065 * A warning is issued if the user forces the use of an algorithm 1066 that is not listed in the recipient's preferences. 1067 1068 * Full revocation key (aka "designated revoker") support. 1069 1070 * The preferred hash algorithms on a key are consulted when 1071 encrypting a signed message to that key. Note that this is 1072 disabled by default by a SHA1 preference in 1073 --personal-digest-preferences. 1074 1075 * --cert-digest-algo allows the user to specify the hash algorithm 1076 to use when signing a key rather than the default SHA1 (or MD5 1077 for PGP2 keys). Do not use this feature unless you fully 1078 understand the implications of this. 1079 1080 * --pgp7 mode automatically sets all necessary options to ensure 1081 that the resulting message will be usable by a user of PGP 7.x. 1082 1083 * New --attribute-fd command for frontends and scripts to get the 1084 contents of attribute packets (i.e. photos) 1085 1086 * In expert mode, the user can now re-sign a v3 key with a v4 1087 self-signature. This does not change the v3 key into a v4 key, 1088 but it does allow the user to use preferences, primary ID flags, 1089 etc. 1090 1091 * Significantly improved photo ID support on non-unixlike 1092 platforms. 1093 1094 * The version number has jumped ahead to 1.1.90 to skip over the 1095 old version 1.1 and to get ready for the upcoming 1.2. 1096 1097 * ElGamal sign and encrypt is not anymore allowed in the key 1098 generation dialog unless in expert mode. RSA sign and encrypt 1099 has been added with the same restrictions. 1100 1101 * [W32] Keyserver access does work with Windows NT. 1102 1103 1104Noteworthy changes in version 1.0.7 (2002-04-29) 1105------------------------------------------------ 1106 1107 * Secret keys are now stored and exported in a new format which 1108 uses SHA-1 for integrity checks. This format renders the 1109 Rosa/Klima attack useless. Other OpenPGP implementations might 1110 not yet support this, so the option --simple-sk-checksum creates 1111 the old vulnerable format. 1112 1113 * The default cipher algorithm for encryption is now CAST5, 1114 default hash algorithm is SHA-1. This will give us better 1115 interoperability with other OpenPGP implementations. 1116 1117 * Symmetric encrypted messages now use a fixed file size if 1118 possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2, 1119 6, and 7. Note this was only an issue with RFC-1991 style 1120 symmetric messages. 1121 1122 * Photographic user ID support. This uses an external program to 1123 view the images. 1124 1125 * Enhanced keyserver support via keyserver "plugins". GnuPG comes 1126 with plugins for the NAI LDAP keyserver as well as the HKP email 1127 keyserver. It retains internal support for the HKP HTTP 1128 keyserver. 1129 1130 * Nonrevocable signatures are now supported. If a user signs a 1131 key nonrevocably, this signature cannot be taken back so be 1132 careful! 1133 1134 * Multiple signature classes are usable when signing a key to 1135 specify how carefully the key information (fingerprint, photo 1136 ID, etc) was checked. 1137 1138 * --pgp2 mode automatically sets all necessary options to ensure 1139 that the resulting message will be usable by a user of PGP 2.x. 1140 1141 * --pgp6 mode automatically sets all necessary options to ensure 1142 that the resulting message will be usable by a user of PGP 6.x. 1143 1144 * Signatures may now be given an expiration date. When signing a 1145 key with an expiration date, the user is prompted whether they 1146 want their signature to expire at the same time. 1147 1148 * Revocation keys (designated revokers) are now supported if 1149 present. There is currently no way to designate new keys as 1150 designated revokers. 1151 1152 * Permissions on the .gnupg directory and its files are checked 1153 for safety. 1154 1155 * --expert mode enables certain silly things such as signing a 1156 revoked user id, expired key, or revoked key. 1157 1158 * Some fixes to build cleanly under Cygwin32. 1159 1160 * New tool gpgsplit to split OpenPGP data formats into packets. 1161 1162 * New option --preserve-permissions. 1163 1164 * Subkeys created in the future are not used for encryption or 1165 signing unless the new option --ignore-valid-from is used. 1166 1167 * Revoked user-IDs are not listed unless signatures are listed too 1168 or we are in verbose mode. 1169 1170 * There is no default comment string with ascii armors anymore 1171 except for revocation certificates and --enarmor mode. 1172 1173 * The command "primary" in the edit menu can be used to change the 1174 primary UID, "setpref" and "updpref" can be used to change the 1175 preferences. 1176 1177 * Fixed the preference handling; since 1.0.5 they were erroneously 1178 matched against against the latest user ID and not the given one. 1179 1180 * RSA key generation. 1181 1182 * Merged Stefan's patches for RISC OS in. See comments in 1183 scripts/build-riscos. 1184 1185 * It is now possible to sign and conventional encrypt a message (-cs). 1186 1187 * The MDC feature flag is supported and can be set by using 1188 the "updpref" edit command. 1189 1190 * The status messages GOODSIG and BADSIG are now returning the primary 1191 UID, encoded using %XX escaping (but with spaces left as spaces, 1192 so that it should not break too much) 1193 1194 * Support for GDBM based keyrings has been removed. 1195 1196 * The entire keyring management has been revamped. 1197 1198 * The way signature stati are store has changed so that v3 1199 signatures can be supported. To increase the speed of many 1200 operations for existing keyrings you can use the new 1201 --rebuild-keydb-caches command. 1202 1203 * The entire key validation process (trustdb) has been revamped. 1204 See the man page entries for --update-trustdb, --check-trustdb 1205 and --no-auto-check-trustdb. 1206 1207 * --trusted-keys is again obsolete, --edit can be used to set the 1208 ownertrust of any key to ultimately trusted. 1209 1210 * A subkey is never used to sign keys. 1211 1212 * Read only keyrings are now handled as expected. 1213 1214 1215Noteworthy changes in version 1.0.6 (2001-05-29) 1216------------------------------------------------ 1217 1218 * Security fix for a format string bug in the tty code. 1219 1220 * Fixed format string bugs in all PO files. 1221 1222 * Removed Russian translation due to too many bugs. The FTP 1223 server has an unofficial but better translation in the contrib 1224 directory. 1225 1226 * Fixed expire time calculation and keyserver access. 1227 1228 * The usual set of minor bug fixes and enhancements. 1229 1230 * non-writable keyrings are now correctly handled. 1231 1232 1233Noteworthy changes in version 1.0.5 (2001-04-29) 1234------------------------------------------------ 1235 1236 * WARNING: The semantics of --verify have changed to address a 1237 problem with detached signature detection. --verify now ignores 1238 signed material given on stdin unless this is requested by using 1239 a "-" as the name for the file with the signed material. Please 1240 check all your detached signature handling applications and make 1241 sure that they don't pipe the signed material to stdin without 1242 using a filename together with "-" on the the command line. 1243 1244 * WARNING: Corrected hash calculation for input data larger than 1245 512M - it was just wrong, so you might notice bad signature in 1246 some very big files. It may be wise to keep an old copy of 1247 GnuPG around. 1248 1249 * Secret keys are no longer imported unless you use the new option 1250 --allow-secret-key-import. This is a kludge and future versions will 1251 handle it in another way. 1252 1253 * New command "showpref" in the --edit-key menu to show an easier 1254 to understand preference listing. 1255 1256 * There is now the notation of a primary user ID. For example, it 1257 is printed with a signature verification as the first user ID; 1258 revoked user IDs are not printed there anymore. In general the 1259 primary user ID is the one with the latest self-signature. 1260 1261 * New --charset=utf-8 to bypass all internal conversions. 1262 1263 * Large File Support (LFS) is now working. 1264 1265 * New options: --ignore-crc-error, --no-sig-create-check, 1266 --no-sig-cache, --fixed-list-mode, --no-expensive-trust-checks, 1267 --enable-special-filenames and --use-agent. See man page. 1268 1269 * New command --pipemode, which can be used to run gpg as a 1270 co-process. Currently only the verification of detached 1271 signatures are working. See doc/DETAILS. 1272 1273 * Keyserver support for the W32 version. 1274 1275 * Rewritten key selection code so that GnuPG can better cope with 1276 multiple subkeys, expire dates and so. The drawback is that it 1277 is slower. 1278 1279 * A whole lot of bug fixes. 1280 1281 * The verification status of self-signatures are now cached. To 1282 increase the speed of key list operations for existing keys you 1283 can do the following in your GnuPG homedir (~/.gnupg): 1284 cp pubring.gpg pubring.gpg.save && gpg --export-all >x && \ 1285 rm pubring.gpg && gpg --import x 1286 Only v4 keys (i.e not the old RSA keys) benefit from this caching. 1287 1288 * New translations: Estonian, Turkish. 1289 1290 1291Noteworthy changes in version 1.0.4 (2000-10-17) 1292------------------------------------------------ 1293 1294 * Fixed a serious bug which could lead to false signature verification 1295 results when more than one signature is fed to gpg. This is the 1296 primary reason for releasing this version. 1297 1298 * New utility gpgv which is a stripped down version of gpg to 1299 be used to verify signatures against a list of trusted keys. 1300 1301 * Rijndael (AES) is now supported and listed with top preference. 1302 1303 * --with-colons now works with --print-md[s]. 1304 1305Noteworthy changes in version 1.0.3 (2000-09-18) 1306------------------------------------------------ 1307 1308 * Fixed problems with piping to/from other MS-Windows software 1309 1310 * Expiration time of the primary key can be changed again. 1311 1312 * Revoked user IDs are now marked in the output of --list-key 1313 1314 * New options --show-session-key and --override-session-key 1315 to help the British folks to somewhat minimize the danger 1316 of this Orwellian RIP bill. 1317 1318 * New options --merge-only and --try-all-secrets. 1319 1320 * New configuration option --with-egd-socket. 1321 1322 * The --trusted-key option is back after it left us with 0.9.5 1323 1324 * RSA is supported. Key generation does not yet work but will come 1325 soon. 1326 1327 * CAST5 and SHA-1 are now the default algorithms to protect the key 1328 and for symmetric-only encryption. This should solve a couple 1329 of compatibility problems because the old algorithms are optional 1330 according to RFC2440 1331 1332 * Twofish and MDC enhanced encryption is now used. PGP 7 supports 1333 this. Older versions of GnuPG don't support it, so they should be 1334 upgraded to at least 1.0.2 1335 1336 1337Noteworthy changes in version 1.0.2 (2000-07-12) 1338---------------------------------------------- 1339 1340 * Fixed expiration handling of encryption keys. 1341 1342 * Add an experimental feature to do unattended key generation. 1343 1344 * The user is now asked for the reason of revocation as required 1345 by the new OpenPGP draft. 1346 1347 * There is a ~/.gnupg/random_seed file now which saves the 1348 state of the internal RNG and increases system performance 1349 somewhat. This way the full entropy source is only used in 1350 cases were it is really required. 1351 Use the option --no-random-seed-file to disable this feature. 1352 1353 * New options --ignore-time-conflict and --lock-never. 1354 1355 * Some fixes for the W32 version. 1356 1357 * The entropy.dll is not anymore used by the W32 version but replaced 1358 by code derived from Cryptlib. 1359 1360 * Encryption is now much faster: About 2 times for 1k bit keys 1361 and 8 times for 4k keys. 1362 1363 * New encryption keys are generated in a way which allows a much 1364 faster decryption. 1365 1366 * New command --export-secret-subkeys which outputs the 1367 the _primary_ key with it's secret parts deleted. This is 1368 useful for automated decryption/signature creation as it 1369 allows to keep the real secret primary key offline and 1370 thereby protecting the key certificates and allowing to 1371 create revocations for the subkeys. See the FAQ for a 1372 procedure to install such secret keys. 1373 1374 * Keygeneration now writes to the first writeable keyring or 1375 as default to the one in the homedirectory. Prior versions 1376 ignored all --keyring options. 1377 1378 * New option --command-fd to take user input from a file descriptor; 1379 to be used with --status-fd by software which uses GnuPG as a backend. 1380 1381 * There is a new status PROGRESS which is used to show progress during 1382 key generation. 1383 1384 * Support for the new MDC encryption packets. To create them either 1385 --force-mdc must be use or cipher algorithm with a blocksize other 1386 than 64 bits is to be used. --openpgp currently disables MDC packets 1387 entirely. This option should not yet be used. 1388 1389 * New option --no-auto-key-retrieve to disable retrieving of 1390 a missing public key from a keyserver, when a keyserver has been set. 1391 1392 * Danish translation 1393 1394Noteworthy changes in version 1.0.1 (1999-12-16) 1395----------------------------------- 1396 1397 * New command --verify-files. New option --fast-list-mode. 1398 1399 * $http_proxy is now used when --honor-http-proxy is set. 1400 1401 * Fixed some minor bugs and the problem with conventional encrypted 1402 packets which did use the gpg v3 partial length headers. 1403 1404 * Add Indonesian and Portugese translations. 1405 1406 * Fixed a bug with symmetric-only encryption using the non-default 3DES. 1407 The option --emulate-3des-s2k-bug may be used to decrypt documents 1408 which have been encrypted this way; this should be done immediately 1409 as this workaround will be remove in 1.1 1410 1411 * Can now handle (but not display) PGP's photo IDs. I don't know the 1412 format of that packet but after stripping a few bytes from the start 1413 it looks like a JPEG (at least my test data). Handling of this 1414 package is required because otherwise it would mix up the 1415 self signatures and you can't import those keys. 1416 1417 * Passing non-ascii user IDs on the commandline should now work in all 1418 cases. 1419 1420 * New keys are now generated with an additional preference to Blowfish. 1421 1422 * Removed the GNU Privacy Handbook from the distribution as it will go 1423 into a separate one. 1424 1425 1426Noteworthy changes in version 1.0.0 (1999-09-07) 1427----------------------------------- 1428 1429 * Add a very preliminary version of the GNU Privacy Handbook to 1430 the distribution (lynx doc/gph/index.html). 1431 1432 * Changed the version number to GnuPG 2001 ;-) 1433 1434 1435Noteworthy changes in version 0.9.11 1436------------------------------------ 1437 1438 * UTF-8 strings are now correctly printed (if --charset is set correctly). 1439 Output of --with-colons remains C-style escaped UTF-8. 1440 1441 * Workaround for a problem with PGP 5 detached signature in textmode. 1442 1443 * Fixed a problem when importing new subkeys (duplicated signatures). 1444 1445Noteworthy changes in version 0.9.10 1446------------------------------------ 1447 1448 * Some strange new options to help pgpgpg 1449 1450 * Cleaned up the dox a bit. 1451 1452 1453Noteworthy changes in version 0.9.9 1454----------------------------------- 1455 1456 * New options --[no-]utf8-strings. 1457 1458 * New edit-menu commands "enable" and "disable" for entire keys. 1459 1460 * You will be asked for a filename if gpg cannot deduce one. 1461 1462 * Changes to support libtool which is needed for the development 1463 of libgcrypt. 1464 1465 * New script tools/lspgpot to help transferring assigned 1466 trustvalues from PGP to GnuPG. 1467 1468 * New commands --lsign-key and made --sign-key a shortcut for --edit 1469 and sign. 1470 1471 * New options (#122--126 ;-) --[no-]default-recipient[-self], 1472 --disable-{cipher,pubkey}-algo. See the man page. 1473 1474 * Enhanced info output in case of multiple recipients and fixed exit code. 1475 1476 * New option --allow-non-selfsigned-uid to work around a problem with 1477 the German IN way of separating signing and encryption keys. 1478 1479 1480Noteworthy changes in version 0.9.8 1481----------------------------------- 1482 1483 * New subcommand "delsig" in the edit menu. 1484 1485 * The name of the output file is not anymore the one which is 1486 embedded in the processed message, but the used filename with 1487 the extension stripped. To revert to the old behaviour you can 1488 use the option --use-embedded-filename. 1489 1490 * Another hack to cope with pgp2 generated detached signatures. 1491 1492 * latin-2 character set works (--charset=iso-8859-2). 1493 1494 * New option --with-key-data to list the public key parameters. 1495 New option -N to insert notations and a --set-policy-url. 1496 A couple of other options to allow reseting of options. 1497 1498 * Better support for HPUX. 1499 1500 1501Noteworthy changes in version 0.9.7 1502----------------------------------- 1503 1504 * Add some work arounds for a bugs in pgp 2 which led to bad signatures 1505 when used with canonical texts in some cases. 1506 1507 * Enhanced some status outputs. 1508 1509Noteworthy changes in version 0.9.6 1510----------------------------------- 1511 1512 * Twofish is now statically linked by default. The experimental 128 bit 1513 version is now disabled. Full support will be available as soon as 1514 the OpenPGP WG has decided on an interpretation of rfc2440. 1515 1516 * Dropped support for the ancient Blowfish160 which is not OpenPGP. 1517 1518 * Merged gpgm and gpg into one binary. 1519 1520 * Add "revsig" and "revkey" commands to the edit menu. It is now 1521 possible to revoke signature and subkeys. 1522 1523 1524Noteworthy changes in version 0.9.5 1525----------------------------------- 1526 1527 * New command "lsign" in the keyedit menu to create non-exportable 1528 signatures. Removed --trusted-keys option. 1529 1530 * A bunch of changes to the key validation code. 1531 1532 * --list-trust-path now has an optional --with-colons format. 1533 1534 * New command --recv-keys to import keys from an keyserver. 1535 1536 1537Noteworthy changes in version 0.9.4 1538----------------------------------- 1539 1540 * New configure option --enable-static-rnd=[egd|linux|unix|none] 1541 to select a random gathering module for static linking. 1542 1543 * The original text is now verbatim copied to a cleartext signed message. 1544 1545 * Bugfixes but there are still a couple of bugs. 1546 1547 1548Noteworthy changes in version 0.9.3 1549----------------------------------- 1550 1551 * Changed the internal design of getkey which now allows a 1552 efficient lookup of multiple keys and add a word match mode. 1553 1554 * New options --[no-]encrypt-to. 1555 1556 * Some changes to the configure stuff. Switched to automake 1.4. 1557 Removed intl/ from CVS, autogen.sh now uses gettextize. 1558 1559 * Preferences now include Twofish. Removed preference to Blowfish with 1560 a special hack to suppress the "not listed in preferences" warning; 1561 this is to allow us to switch completely to Twofish in the near future. 1562 1563 * Changed the locking stuff. 1564 1565 * Print all user ids of a good signature. 1566 1567 1568Noteworthy changes in version 0.9.2 1569----------------------------------- 1570 1571 * add some additional time warp checks. 1572 1573 * Option --keyserver and command --send-keys to utilize HKP servers. 1574 1575 * Upgraded to zlib 1.1.3 and fixed an inflate bug 1576 1577 * More cleanup on the cleartext signatures. 1578 1579 1580Noteworthy changes in version 0.9.1 1581----------------------------------- 1582 1583 * Polish language support. 1584 1585 * When querying the passphrase, the key ID of the primary key is 1586 displayed along with the one of the used secondary key. 1587 1588 * Fixed a bug occurring when decrypting pgp 5 encrypted messages, 1589 fixed an infinite loop bug in the 3DES code and in the code 1590 which looks for trusted signatures. 1591 1592 * Fixed a bug in the mpi library which caused signatures not to 1593 compare okay. 1594 1595 * Rewrote the handling of cleartext signatures; the code is now 1596 better maintainable (I hope so). 1597 1598 * New status output VALIDSIG only for valid signatures together 1599 with the fingerprint of the signer's key. 1600 1601 1602Noteworthy changes in version 0.9.0 1603----------------------------------- 1604 1605 * --export does now only exports rfc2440 compatible keys; the 1606 old behaviour is available with --export-all. 1607 Generation of v3 ElGamal (sign and encrypt) keys is not longer 1608 supported. 1609 1610 * Fixed the uncompress bug. 1611 1612 * Rewrote the rndunix module. There are two environment variables 1613 used for debugging now: GNUPG_RNDUNIX_DBG give the file to write 1614 debugging information (use "-" for stdout) and if GNUPG_RNDUNIX_DBGALL 1615 is set, all programs which are only tried are also printed. 1616 1617 * New option --escape-from-lines to "dash-escape" "From " lines to 1618 prevent mailers to change them to ">From ". This is not enabled by 1619 default because it is not in compliance with rfc2440 - however, you 1620 should turn it on. 1621 1622 1623Noteworthy changes in version 0.4.5 1624----------------------------------- 1625 1626 * The keyrings and the trustdb is now locked, so that 1627 other GnuPG processes won't damage these files. You 1628 may want to put the option --lock-once into your options file. 1629 1630 * The latest self-signatures are now used; this enables --import 1631 to see updated preferences etc. 1632 1633 * Import of subkeys should now work. 1634 1635 * Random gathering modules may now be loaded as extensions. Add 1636 such a module for most Unices but it is very experimental! 1637 1638 * Brazilian language support. 1639 1640 1641Noteworthy changes in version 0.4.4 1642----------------------------------- 1643 1644 * Fixed the way the key expiration time is stored. If you have 1645 an expiration time on your key you should fix it with --edit-key 1646 and the command "expire". I apologize for this inconvenience. 1647 1648 * Add option --charset to support "koi8-r" encoding of user ids. 1649 (Not yet tested). 1650 1651 * Preferences should now work again. You should run 1652 "gpgm --check-trustdb \*" to rebuild all preferences. 1653 1654 * Checking of certificates should now work but this needs a lot 1655 of testing. Key validation values are now cached in the 1656 trustdb; they should be recalculated as needed, but you may 1657 use --check-trustdb or --update-trustdb to do this. 1658 1659 * Spanish translation by Urko Lusa. 1660 1661 * Patch files are from now on signed. See the man page 1662 for the new option --not-dash-escaped. 1663 1664 * New syntax: --edit-key <userID> [<commands>] 1665 If you run it without --batch the commands are executed and then 1666 you are put into normal mode unless you use "quit" or "save" as 1667 one of the commands. When in batch mode, the program quits after 1668 the last command, so you have to use "save" if you did some changes. 1669 It does not yet work completely, but may be used to list so the 1670 keys etc. 1671 1672 1673Noteworthy changes in version 0.4.3 1674----------------------------------- 1675 1676 * Fixed the gettext configure bug. 1677 1678 * Kludge for RSA keys: keyid and length of a RSA key are 1679 correctly reported, but you get an error if you try to use 1680 this key (If you do not have the non-US version). 1681 1682 * Experimental support for keyrings stored in a GDBM database. 1683 This is *much* faster than a standard keyring. You will notice 1684 that the import gets slower with time; the reason is that all 1685 new keys are used to verify signatures of previous inserted 1686 keys. Use "--keyring gnupg-gdbm:<name-of-gdbm-file>". This is 1687 not (yet) supported for secret keys. 1688 1689 * A Russian language file in the distribution (alternatives are in 1690 the contrib directory of the FTP servers) 1691 1692 * commandline option processing now works as expected for GNU programs 1693 with the exception that you can't mix options and normal arguments. 1694 1695 * Now --list-key lists all matching keys. This is needed in some 1696 other places too. 1697 1698 1699Noteworthy changes in version 0.4.2 1700----------------------------------- 1701 1702 * This is only a snapshot: There are still a few bugs. 1703 1704 * Fixed this huge memory leak. 1705 1706 * Redesigned the trust database: You should run "gpgm --check-trustdb". 1707 New command --update-trustdb, which adds new key from the public 1708 keyring into your trustdb 1709 1710 * Fixed a bug in the armor code, leading to invalid packet errors. 1711 (a workaround for this was to use --no-armor). The shorten line 1712 length (64 instead of 72) fixes a problem with pgp5 and keyservers. 1713 1714 * comment packets are not anymore generated. "--export" filters 1715 them out. One Exception: The comment packets in a secret keyring 1716 are still used because they carry the factorization of the public 1717 prime product. 1718 1719 * --import now only looks for KEYBLOCK headers, so you can now simply 1720 remove the "- " in front of such a header if someone accidently signed 1721 such a message or the keyblock is part of a cleartext signed message. 1722 1723 * --with-colons now lists the key expiration time and not anymore 1724 the valid period. 1725 1726 * Some keyblocks created with old releases have a wrong sequence 1727 of packets, so that the keyservers don't accept these keys. 1728 Simply using "--edit-key" fixes the problem. 1729 1730 * New option --force-v3-sigs to generate signed messages which are 1731 compatible to PGP 5. 1732 1733 * Add some code to support DLD (for non ELF systems) - but this is 1734 not tested because my BSD box is currently broken. 1735 1736 * New command "expire" in the edit-key menu. 1737 1738 1739 1740Noteworthy changes in version 0.4.1 1741----------------------------------- 1742 * A secondary key is used when the primary key is specified but cannot 1743 be used for the operation (if it is a sign-only key). 1744 1745 * GNUPG can now handle concatenated armored messages: There is still a 1746 bug if different kinds of messages are mixed. 1747 1748 * Iterated+Salted passphrases now work. If want to be sure that PGP5 1749 is able to handle them you may want to use the options 1750 "--s2k-mode 3 --s2k-cipher-algo cast5 --s2k-digest-algo sha1" 1751 when changing a passphrase. 1752 1753 * doc/OpenPGP talks about OpenPGP compliance, doc/HACKING gives 1754 a few hints about the internal structure. 1755 1756 * Checked gnupg against the August 1998 draft (07) and I believe 1757 it is in compliance with this document (except for one point). 1758 1759 * Fixed some bugs in the import merging code and rewrote some 1760 code for the trustdb. 1761 1762 1763Noteworthy changes in version 0.4.0 1764----------------------------------- 1765 * Triple DES is now supported. Michael Roth did this piece of 1766 needed work. We have now all the coded needed to be OpenPGP 1767 compliant. 1768 1769 * Added a simple rpm spec file (see INSTALL). 1770 1771 * detached and armored signatures are now using "PGP SIGNATURE", 1772 except when --rfc1991 is used. 1773 1774 * All times which are not in the yyyy-mm-dd format are now printed 1775 in local time. 1776 1777 1778Noteworthy changes in version 0.3.5 1779----------------------------------- 1780 * New option --throw-keyid to create anonymous enciphered messages. 1781 If gpg detects such a message it tires all available secret keys 1782 in turn so decode it. This is a gnupg extension and not in OpenPGP 1783 but it has been discussed there and afaik some products use this 1784 scheme too (Suggested by Nimrod Zimmerman). 1785 1786 * Fixed a bug with 5 byte length headers. 1787 1788 * --delete-[secret-]key is now also available in gpgm. 1789 1790 * cleartext signatures are not anymore converted to LF only. 1791 1792 * Fixed a trustdb problem. Run "gpgm --check-trustdb" to fix old 1793 trust dbs. 1794 1795 * Building in another directory should now work. 1796 1797 * Weak key detection mechanism (Niklas Hernaeus). 1798 1799 1800Noteworthy changes in version 0.3.4 1801----------------------------------- 1802 * New options --comment and --set-filename; see g10/OPTIONS 1803 1804 * yes/no, y/n localized. 1805 1806 * Fixed some bugs. 1807 1808Noteworthy changes in version 0.3.3 1809----------------------------------- 1810 * IMPORTANT: I found yet another bug in the way the secret keys 1811 are encrypted - I did it the way pgp 2.x did it, but OpenPGP 1812 and pgp 5.x specify another (in some aspects simpler) method. 1813 To convert your secret keys you have to do this: 1814 1. Build the new release but don't install it and keep 1815 a copy of the old program. 1816 2. Disable the network, make sure that you are the only 1817 user, be sure that there are no Trojan horses etc .... 1818 3. Use your old gpg (version 0.3.[12]) and set the 1819 passphrases of ALL your secret keys to empty! 1820 (gpg --change-passphrase your-user-id). 1821 4. Save your ownertrusts (see the next point) 1822 5. rm ~/.gnupg/trustdb.gpg 1823 6. install the new version of gpg (0.3.3) 1824 7. For every secret key call "gpg --edit-key your-user-id", 1825 enter "passwd" at the prompt, follow the instructions and 1826 change your password back, enter "save" to store it. 1827 8. Restore the ownertrust (see next point). 1828 1829 * The format of the trust database has changed; you must delete 1830 the old one, so gnupg can create a new one. 1831 IMPORTANT: Use version 0.3.[12] to save your assigned ownertrusts 1832 ("gpgm --list-ownertrust >saved-trust"); then build this new version 1833 and restore the ownertrust with this new version 1834 ("gpgm --import-ownertrust saved-trust"). Please note that 1835 --list-ownertrust has been renamed to --export-ownertrust in this 1836 release and it does now only export defined ownertrusts. 1837 1838 * The command --edit-key now provides a commandline driven menu 1839 which can be used for various tasks. --sign-key is only an 1840 an alias to --edit-key and maybe removed in future: use the 1841 command "sign" of this new menu - you can select which user ids 1842 you want to sign. 1843 1844 * Alternate user ids can now be created an signed. 1845 1846 * Owner trust values can now be changed with --edit-key (trust) 1847 1848 * GNUPG can now run as a coprocess; this enables sophisticated 1849 frontends. tools/shmtest.c is a simple sample implementation. 1850 This needs some more work: all tty_xxx() are to be replaced 1851 by cpr_xxx() and some changes in the display logics is needed. 1852 1853 * Removed options --gen-prime and --gen-random. 1854 1855 * Removed option --add-key; use --edit-key instead. 1856 1857 * Removed option --change-passphrase; use --edit-key instead. 1858 1859 * Signatures are now checked even if the output file could not 1860 be created. Command "--verify" tries to find the detached data. 1861 1862 * gpg now disables core dumps. 1863 1864 * compress and symmetric cipher preferences are now used. 1865 Because there is no 3DES yet, this is replaced by Blowfish. 1866 1867 * We have added the Twofish as an experimental cipher algorithm. 1868 Many thanks to Matthew Skala for doing this work. 1869 Twofish is the AES submission from Schneier et al.; see 1870 "www.counterpane.com/twofish.html" for more information. 1871 1872 * Started with a help system: If you enter a question mark at some 1873 prompt; you should get a specific help for this prompt. 1874 1875 * There is no more backup copy of the secret keyring. 1876 1877 * A lot of new bugs. I think this release is not as stable as 1878 the previous one. 1879 1880 1881Noteworthy changes in version 0.3.2 1882----------------------------------- 1883 * Fixed some bugs when using --textmode (-seat) 1884 1885 * Now displays the trust status of a positive verified message. 1886 1887 * Keyrings are now scanned in the sequence they are added with 1888 --[secret-]keyring. Note that the default keyring is implicitly 1889 added as the very first one unless --no-default-keyring is used. 1890 1891 * Fixed setuid and dlopen bug. 1892 1893Noteworthy changes in version 0.3.1 1894----------------------------------- 1895 * Partial headers are now written in the OpenPGP format if 1896 a key in a v4 packet is used. 1897 1898 * Removed some unused options, removed the gnupg.sig stuff. 1899 1900 * Key lookup by name now returns a key which can be used for 1901 the desired action. 1902 1903 * New options --list-ownertrust (gpgm) to make a backup copy 1904 of the ownertrust values you assigned. 1905 1906 * clear signature headers are now in compliance with OpenPGP. 1907 1908Noteworthy changes in version 0.3.0 1909----------------------------------- 1910 1911 * New option --emulate-checksum-bug. If your passphrase does not 1912 work anymore, use this option and --change-passphrase to rewrite 1913 your passphrase. 1914 1915 * More complete v4 key support: Preferences and expiration time 1916 is set into the self signature. 1917 1918 * Key generation defaults to DSA/ElGamal keys, so that new keys are 1919 interoperable with pgp5 1920 1921 * DSA key generation is faster and key generation does not anymore 1922 remove entropy from the random generator (the primes are public 1923 parameters, so there is really no need for a cryptographic secure 1924 prime number generator which we had used). 1925 1926 * A complete new structure for representing the key parameters. 1927 1928 * Removed most public key knowledge into the cipher library. 1929 1930 * Support for dynamic loading of new algorithms. 1931 1932 * Moved tiger to an extension module. 1933 1934 1935Noteworthy changes in version 0.2.19 1936------------------------------------ 1937 1938 * Replaced /dev/urandom in checks with new tool mk-tdata. 1939 1940 * Some assembler file cleanups; some more functions for the Alpha. 1941 1942 * Tiger has now the OpenPGP assigned number 6. Because the OID has 1943 changed, old signatures using this algorithm can't be verified. 1944 1945 * gnupg now encrypts the compressed packed and not any longer in the 1946 reverse order; anyway it can decrypt both versions. Thanks to Tom 1947 for telling me this (not security related) bug. 1948 1949 * --add-key works and you are now able to generate subkeys. 1950 1951 * It is now possible to generate ElGamal keys in v4 packets to create 1952 valid OpenPGP keys. 1953 1954 * Some new features for better integration into MUAs. 1955 1956 1957Noteworthy changes in version 0.2.18 1958------------------------------------ 1959 1960 * Splitted cipher/random.c, add new option "--disable-dev-random" 1961 to configure to support the development of a random source for 1962 other systems. Prepared sourcefiles rand-unix.c, rand-w32.c 1963 and rand-dummy.c (which is used to allow compilation on systems 1964 without a random source). 1965 1966 * Fixed a small bug in the key generation (it was possible that 48 bits 1967 of a key were not taken from the random pool) 1968 1969 * Add key generation for DSA and v4 signatures. 1970 1971 * Add a function trap_unaligned(), so that a SIGBUS is issued on 1972 Alphas and not the slow emulation code is used. And success: rmd160 1973 raised a SIGBUS. 1974 1975 * Enhanced the formatting facility of argparse and changed the use of 1976 \r,\v to @ because gettext does not like it. 1977 1978 * New option "--compress-algo 1" to allow the creation of compressed 1979 messages which are readable by PGP and "--print-md" (gpgm) to make 1980 speed measurement easier. 1981 1982 1983Noteworthy changes in version 0.2.17 1984------------------------------------ 1985 1986 * Comment packets are now of private type 61. 1987 1988 * Passphrase code still used a 160 bit blowfish key, added a 1989 silly workaround. Please change your passphrase again - sorry. 1990 1991 * Conventional encryption now uses a type 3 packet to describe the 1992 used algorithms. 1993 1994 * The new algorithm number for Blowfish is 20, 16 is still used for 1995 encryption only; for signing it is only used when it is in a v3 packet, 1996 so that GNUPG keys are still valid. 1997 1998 1999Noteworthy changes in version 0.2.16 2000------------------------------------ 2001 2002 * Add experimental support for the TIGER/192 message digest algorithm. 2003 (But there is only a dummy ASN OID). 2004 2005 * Standard cipher is now Blowfish with 128 bit key in OpenPGP's CFB 2006 mode. I renamed the old cipher to Blowfish160. Because the OpenPGP 2007 group refused to assign me a number for Blowfish160, I have to 2008 drop support for this in the future. You should use 2009 "--change-passphrase" to recode your current passphrase with 128 2010 bit Blowfish. 2011 2012 2013Noteworthy changes in version 0.2.15 2014------------------------------------ 2015 2016 * Fixed a bug with the old checksum calculation for secret keys. 2017 If you run the program without --batch, a warning does inform 2018 you if your secret key needs to be converted; simply use 2019 --change-passphrase to recalculate the checksum. Please do this 2020 soon, as the compatible mode will be removed sometime in the future. 2021 2022 * CAST5 works (using the PGP's special CFB mode). 2023 2024 * Again somewhat more PGP 5 compatible. 2025 2026 * Some new test cases 2027 2028Noteworthy changes in version 0.2.14 2029------------------------------------ 2030 2031 * Changed the internal handling of keyrings. 2032 2033 * Add support to list PGP 5 keyrings with subkeys 2034 2035 * Timestamps of signatures are now verified. 2036 2037 * A expiration time can now be specified during key generation. 2038 2039 * Some speedups for Blowfish and SHA-1, rewrote SHA-1 transform. 2040 Reduced the amount of random bytes needed for key generation in 2041 some cases. 2042 2043 2044Noteworthy changes in version 0.2.13 2045------------------------------------ 2046 2047 * Verify of DSA signatures works. 2048 2049 * Re-implemented the slower random number generator. 2050 2051 2052Noteworthy changes in version 0.2.12 2053------------------------------------ 2054 2055 * --delete-key checks that there is no secret key. The new 2056 option --delete-secret-key maybe used to delete a secret key. 2057 2058 * "-kv" now works as expected. Options "--list-{keys,sigs]" 2059 and "--check-sigs" are now working. 2060 2061 * New options "--verify" and "--decrypt" to better support integration 2062 into MUAs (partly done for Mutt). 2063 2064 * New option "--with-colons" to make parsing of key lists easier. 2065 2066Noteworthy changes in version 0.2.11 2067------------------------------------ 2068 2069 * GPG now asks for a recipient's name if option "-r" is not used. 2070 2071 * If there is no good trust path, the program asks whether to use 2072 the public keys anyway. 2073 2074 * "--delete-key" works for public keys. What semantics shall I use 2075 when there is a secret key too? Delete the secret key or leave him 2076 and auto-regenerate the public key, next time the secret key is used? 2077 2078Noteworthy changes in version 0.2.10 2079------------------------------------ 2080 2081 * Code for the alpha is much faster (about 20 times); the data 2082 was misaligned and the kernel traps this, so nearly all time 2083 was used by system to trap the misalignments and to write 2084 syslog messages. Shame on me and thanks to Ralph for 2085 pointing me at this while drinking some beer yesterday. 2086 2087 * Changed some configure options and add an option 2088 --disable-m-guard to remove the memory checking code 2089 and to compile everything with optimization on. 2090 2091 * New environment variable GNUPGHOME, which can be used to set 2092 another homedir than ~/.gnupg. Changed default homedir for 2093 Windoze version to c:/gnupg. 2094 2095 * Fixed detached signatures; detached PGP signatures caused a SEGV. 2096 2097 * The Windoze version works (as usual w/o a strong RNG). 2098 2099 2100Noteworthy changes in version 0.2.9 2101----------------------------------- 2102 2103 * Fixed FreeBSD bug. 2104 2105 * Added a simple man page. 2106 2107 * Switched to automake1.2f and a newer gettext. 2108 2109Noteworthy changes in version 0.2.8 2110----------------------------------- 2111 2112 * Changed the name to GNUPG, the binaries are called gpg and gpgm. 2113 You must rename rename the directory "~/.g10" to ~/.gnupg/, rename 2114 {pub,sec}ring.g10 to {pub,sec}ring.gpg, trustdb.g10 to trustdb.gpg 2115 and g10.sig to gnupg.sig. 2116 2117 * New or changed passphrases are now salted. 2118 2119 2120Noteworthy changes in version 0.2.7 2121----------------------------------- 2122 2123 * New command "gen-revoke" to create a key revocation certificate. 2124 2125 * New option "homedir" to set the homedir (which defaults to "~/.g10"). 2126 This directory is created if it does not exists (only the last 2127 part of the name and not the complete hierarchy) 2128 2129 * Command "import" works. (Try: "finger gcrypt@ftp.guug.de|g10 --import") 2130 2131 * New commands "dearmor/enarmor" for g10maint. These are mainly 2132 used for internal test purposes. 2133 2134 * Option --version now conforming to the GNU standards and lists 2135 the available ciphers, message digests and public key algorithms. 2136 2137 * Assembler code for m68k (not tested). 2138 2139 * "make check" works. 2140 2141Noteworthy changes in version 0.2.6 2142----------------------------------- 2143 2144 * Option "--export" works. 2145 2146 2147Noteworthy changes in version 0.2.5 2148----------------------------------- 2149 2150 * Added zlib for systems which don't have it. 2151 Use "./configure --with-zlib" to link with the static version. 2152 2153 * Generalized some more functions and rewrote the encoding of 2154 message digests into MPIs. 2155 2156 * Enhanced the checkit script 2157 2158 2159Noteworthy changes in version 0.2.4 2160----------------------------------- 2161 2162 * nearly doubled the speed of the ElGamal signature verification. 2163 2164 * backup copies of keyrings are created. 2165 2166 * assembler stuff for Pentium; gives about 15% better performance. 2167 2168 * fixed a lot of bugs. 2169 2170 2171Noteworthy changes in version 0.2.3 2172----------------------------------- 2173 2174 * Found a bug in the calculation of ELG fingerprints. This is now 2175 fixed, but all existing fingerprints and keyids for ELG keys 2176 are not any more valid. 2177 2178 * armor should now work; including clear signed text. 2179 2180 * moved some options to the new program g10maint 2181 2182 * It's now 64 bit clean and runs fine on an alpha--linux. 2183 2184 * Key generation is much faster now. I fixed this by using not 2185 so strong random number for the primes (this was a bug because the 2186 ElGamal primes are public parameters and it does not make sense 2187 to generate them from strong random). The real secret is the x value 2188 which is still generated from strong (okay: /dev/random) random bits. 2189 2190 * added option "--status-fd": see g10/OPTIONS 2191 2192 * We have secure memory on systems which support mlock(). 2193 It is not complete yet, because we do not have signal handler 2194 which does a cleanup in very case. 2195 We should also check the ulimit for the user in the case 2196 that the admin does not have set a limit on locked pages. 2197 2198 * started with internationalization support. 2199 2200 * The logic to handle the web of trust is now implemented. It is 2201 has some bugs; but I'm going to change the algorithm anyway. 2202 It works by calculating the trustlevel on the fly. It may ask 2203 you to provide trust parameters if the calculated trust probability 2204 is too low. I will write a paper which discusses this new approach. 2205 2206 * a couple of changes to the configure script. 2207 2208 * New option "--quick-random" which uses a much quicker random 2209 number generator. Keys generated while this option is in effect 2210 are flags with "INSECURE!" in the user-id. This is a development 2211 only option. 2212 2213 * Read support for new version packets (OpenPGP). 2214 2215 * Comment packets are now of correct OpenPGP type 16. Old comment 2216 packets written by G10 are detected because they always start with 2217 a hash which is an invalid version byte. 2218 2219 * The string "(INSECURE!)" is appended to a new user-id if this 2220 is generated on a system without a good random number generator. 2221 2222 2223Version 0.2.2 (1998-02-09) 2224Version 0.2.1 (1998-01-28) 2225Version 0.2.0 (1998-01-25) 2226Version 0.1.3 (1998-01-12) 2227Version 0.1.2 (1998-01-07) 2228Version 0.1.1 (1998-01-07) 2229Version 0.1.0 (1998-01-05) 2230Version 0.0.0 (1997-12-20) 2231 2232 2233Copyright (C) 1998-2015 Free Software Foundation, Inc. 2234Copyright (C) 1997-2015 Werner Koch 2235 2236This file is free software; as a special exception the author gives 2237unlimited permission to copy and/or distribute it, with or without 2238modifications, as long as this notice is preserved. 2239 2240This file is distributed in the hope that it will be useful, but 2241WITHOUT ANY WARRANTY, to the extent permitted by law; without even the 2242implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 2243