-Noteworthy changes in version 1.3.3 (unreleased)
+Noteworthy changes in version 1.3.93
+-------------------------------------------------
+
+
+Noteworthy changes in version 1.3.92 (2004-10-28)
+-------------------------------------------------
+
+ * Added Russian man page. Thanks to Pawel I. Shajdo.
+
+ * libiconv is now used to support other character sets other than
+ UTF-8, Latin-1,-2 and KOI8-2. The W32 version will only work
+ correctly when iconv.dll is installed on the system. A binary
+ version is available at all GNU mirror sites under libiconv.
+
+ * gettext for Windows has been simplified. The MO files are now
+ distributed UTF-8 encoded and gpg translates on the fly.
+
+
+Noteworthy changes in version 1.3.91 (2004-10-15)
+-------------------------------------------------
+
+ * A new configure option --enable-selinux-support disallows
+ processing of confidential files used by gpg (e.g. secring.gpg).
+ This helps writing ACLs for the SELinux kernel.
+
+ * Support for fetching keys via finger has been added. This is
+ useful for setting a preferred keyserver URL like
+ "finger:wk@g10code.com".
+
+ * Timeout support has been added to the keyserver helpers. This
+ allows users to set an upper limit on how long to wait for the
+ keyserver before giving up.
+
+ * New "direct" trust model where users can set key validity
+ directly if they do not want to participate in the web of trust.
+
+ * Minor bug fixes, code and string cleanups.
+
+
+Noteworthy changes in version 1.3.90 (2004-10-01)
+-------------------------------------------------
+
+ * Readline support at all prompts is now available if the systems
+ provides a readline library. The build time option
+ --without-readline may be used to disable this feature.
+
+ * Support for the OpenPGP smartcard is now enabled by default.
+ Use the option --disable-card-support to build without support
+ for smartcards.
+
+ * New command "addcardkey" in the key edit menu to add subkeys to
+ a smartcard. New command "keytocard" to transfer a key to a smartcard.
+ The serial number of the card is show in secret key listings.
+
+ * -K may now be used as an alias for --list-secret-keys.
+
+ * HTTP Basic authentication is now supported for all HKP and HTTP
+ keyserver functions, either through a proxy or via direct
+ access.
+
+
+Noteworthy changes in version 1.3.6 (2004-05-22)
+------------------------------------------------
+
+ * New --keyid-format option that selects short (99242560), long
+ (DB698D7199242560), 0xshort (0x99242560), or 0xlong
+ (0xDB698D7199242560) keyid displays. This lets users tune the
+ display to what they prefer.
+
+ * The --list-options and --verify-options option
+ "show-long-keyids" has been removed since --keyid-format
+ obviates the need for them.
+
+ * Support for the old quasi-1991 partial length encoding has been
+ removed.
+
+ * The --export-all and --export-options include-non-rfc options
+ have been removed as superfluous since nonstandard V3 Elgamal
+ sign+encrypt keys have been removed.
+
+ * Preferred keyserver support has been added. Users may set a
+ preferred keyserver via the --edit-key command "keyserver". If
+ the --keyserver-option honor-keyserver-url is set (and it is by
+ default), then the preferred keyserver is used when refreshing
+ that key.
+
+ * The --sig-keyserver-url option can be used to inform signature
+ recipients where the signing key can be downloaded. When
+ verifying the signature, if the signing key is not present, and
+ the keyserver options honor-keyserver-url and auto-key-retrieve
+ are set, this URL will be used to retrieve the key.
+
+ * Support for fetching keys via HTTP has been added. This is
+ mainly useful for setting a preferred keyserver URL like
+ "http://www.jabberwocky.com/key.asc".
+
+ * New --ask-cert-level/--no-ask-cert-level option to turn on and
+ off the prompt for signature level when signing a key. Defaults
+ to off.
+
+ * New --gpgconf-list command for internal use by the gpgconf
+ utility from gnupg 1.9.x.
+
+
+Noteworthy changes in version 1.3.5 (2004-02-26)
------------------------------------------------
+ * New --min-cert-level option to disregard key signatures that are
+ under a specified level. Defaults to 2 (i.e. discard 0x11
+ signatures).
+
+ * New --max-output option to limit the amount of plaintext output
+ generated by GnuPG. This option can be used by programs which
+ call GnuPG to process messages that may result in plaintext
+ larger than the calling program is prepared to handle. This is
+ sometimes called a "Decompression Bomb".
+
+ * New --list-config command for frontends and other programs that
+ call GnuPG. See doc/DETAILS for the specifics of this.
+
+ * Some performance improvements with large keyrings. See the
+ build time option --enable-key-cache=SIZE in the README file for
+ details.
+
+ * Some portability fixes for the OpenBSD/i386, HPPA, and AIX
+ platforms.
+
+ * New keyserver-option "http-proxy" to specify which proxy to use
+ in the config file without using environment variables.
+
+ * Added support for storing, retrieving, and searching for keys in
+ LDAP servers. Note that this is different than the "LDAP
+ keyserver" which was already (and remains) supported.
+
+ * Added support for TLS and LDAPS session encryption for LDAP.
+
+ * --show-session-key/--override-session-key now works with
+ --symmetric messages.
+
+ * The configure options --enable-rsa and --disable-rsa can now be
+ used to enable or disable the RSA algorithm. This can be useful
+ for embedded use where space is tight. --enable-minimal
+ includes --disable-rsa. RSA is enabled by default.
+
+ * The last support for Elgamal sign+encrypt keys has been removed.
+
+
+Noteworthy changes in version 1.3.4 (2003-11-27)
+------------------------------------------------
+
+ * Added support for BZIP2 compression. This should be considered
+ experimental, and is only available if the libbzip2 library
+ <http://sources.redhat.com/bzip2/> is installed.
+
+ * Added the ability to handle messages that can be decrypted with
+ either a passphrase or a secret key. These messages may be
+ generated with --symmetric --encrypt or --symmetric --sign
+ --encrypt.
+
+ * The config file search has been enhanced to try for less
+ specific filename matches before giving up. For example,
+ version 1.3.4 will try for gpg.conf-1.3.4, gpg.conf-1.3, and
+ gpg.conf-1 before falling back to the regular gpg.conf file.
+
+ * Fixed a format string bug in the HKP keyserver handler.
+
+ * Support for Elgamal sign+encrypt keys has been removed. Old
+ signatures may still be verified, and existing encrypted
+ messages may still be decrypted, but no new signatures may be
+ issued by, and no new messages will be encrypted to, these keys.
+
+
+Noteworthy changes in version 1.3.3 (2003-10-10)
+------------------------------------------------
+
+ * Basic support for the OpenPGP card. New commands --card-status,
+ --card-edit, --change-pin and the configuration options
+ --reader-port, --ctapi-driver, --pcsc-driver, and --disable-ccid.
+
+ * Full (read/write) support for the SHA-256 hash has been added.
+
+ * Support for the TIGER/192 hash has been dropped. This should
+ not be interpreted as a statement as to the strength of
+ TIGER/192 - rather, the upcoming revision to the OpenPGP
+ standard removes support for several unused (or mostly unused)
+ hashes.
+
+ * Revoked or expired user IDs are now skipped when selecting keys
+ for encryption. Specifying a key by the key ID overrides this
+ check and allows the selection of any key.
+
+ * Note that --no-mangle-dos-filenames is now the default. If you
+ are upgrading from a 1.2.x version of GnuPG, and are running a
+ very old version of Windows that has the 8.3 filename limit, you
+ may need to change this.
+
+ * Multiple "Comment:" lines in armored output are now allowed.
+
+ * New --list-options option. This option takes a list of
+ arguments that allows the user to customize exactly what key
+ listings (including the --edit-key listing) look like, enabling
+ or disabling things such as photo display, policy URL, preferred
+ keyserver URL, or notation display, long or short keyIDs,
+ calculated validity for each user ID, etc. See the manual for
+ the complete list of list-options.
+
+ * New --verify-options option. This option takes a list of
+ arguments that allows the user to customize exactly what happens
+ during signature verification, enabling or disabling things such
+ as photo display, policy URL, preferred keyserver URL, or
+ notation display, long or short keyIDs, calculated validity for
+ each user ID, etc. See the manual for the complete list of
+ verify-options.
+
+ * New --sig-keyserver-url to embed a "where to get my key"
+ subpacket into a signature.
+
+ * The options --show-photos, --show-policy-url, --show-notation,
+ and --show-keyring are all deprecated in favor of those
+ arguments to --list-options and --verify-options. The new
+ method is more flexible since a user can specify (for example)
+ showing photos during sig verification, but not in key listings.
+
+ * The complete fingerprint of the key that made a given key
+ certification is now available in the --with-colons output. For
+ technical reasons, this is only available when running with
+ --no-sig-cache set. See doc/DETAILS for the specifics of this.
+
+ * IPv6 support for HKP keyserver access. IPv6 for LDAP keyserver
+ access is also supported, but is dependent on the LDAP library
+ used.
+
+ * To simplify running both the stable (1.2.x) and development
+ (1.3.x) versions of GnuPG, the development version will try to
+ load the options file gpg.conf-VERSION (e.g. gpg.conf-1.3.3 for
+ this release) before falling back to the regular gpg.conf file.
+
+ * Two new %-expandos for use in notation and policy URLs. "%g"
+ expands to the fingerprint of the key making the signature
+ (which might be a subkey), and "%p" expands to the fingerprint
+ of the primary key that owns the key making the signature.
+
+ * New "tru" record in --with-colons --list-keys listings. It
+ shows the status of the trust database that was used to
+ calculate the key validity in the listings. See doc/DETAILS for
+ the specifics of this.
+
+ * New REVKEYSIG status tag for --status-fd. It indicates a valid
+ signature that was issued by a revoked key. See doc/DETAILS for
+ the specifics of this.
+
+ * A number of portability changes to make building GnuPG on
+ less-common platforms easier.
+
Noteworthy changes in version 1.3.2 (2003-05-27)
------------------------------------------------
* New "--gnupg" option (set by default) that disables --openpgp,
and the various --pgpX emulation options. This replaces
- --no-openpgp, and --no-pgpX, and also means that GnuPG has now
- grown a --gnupg option to make GnuPG act like GnuPG.
+ --no-openpgp, and --no-pgpX, and also means that GnuPG has
+ finally grown a --gnupg option to make GnuPG act like GnuPG.
* A bug in key validation has been fixed. This bug only affects
keys with more than one user ID (photo IDs do not count here),
* New option --enable-progress-filter for use with frontends.
* DNS SRV records are used in HKP keyserver lookups to allow
- administrators to load balance and select keyserver port
+ administrators to load balance and select keyserver ports
automatically. This is as specified in
draft-shaw-openpgp-hkp-00.txt.
projects / gnupg.git / blobdiff