-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi,
compiled and installed over existing 1.4.3rc1, with idea.c, Darwin 8.5.0 MacOS 10.4.5 PPC. Running fine. Thanks to David, Timo, Werner, and a fine week end. Charly David Shaw wrote the following on 3/9/06 7:36 PM: > We are pleased to announce the availability of the second release > candidate for the forthcoming 1.4.3 version of GnuPG: > > ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.4.3rc2.tar.bz2 (3.0M) > ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.4.3rc2.tar.bz2.sig > > SHA-1 checksums for the above files are: > > eb5b839555ff1957b5956aaf4c96505223a2f9d0 gnupg-1.4.3rc2.tar.bz2 > 2168b475f49100f5c41fa3830d90eb6d863220e7 gnupg-1.4.3rc2.tar.bz2.sig > > Note that this is only a release candidate, and as such is not > intended for use on production systems. If you are inclined to help > test, however, we would appreciate you trying this new version and > reporting any problems. > > Note that this release candidate contains fixes for both the "False > positive signature verification in GnuPG" and "GnuPG does not detect > injection of unsigned data" problems reported against 1.4.2. > > Noteworthy changes since 1.4.2: > > * If available, cURL-based keyserver helpers are built that can > retrieve keys using HKP or any protocol that cURL supports > (HTTP, HTTPS, FTP, FTPS, etc). If cURL is not available, HKP > and HTTP are still supported using a built-in cURL emulator. To > force building the old pre-cURL keyserver helpers, use the > configure option --enable-old-keyserver-helpers. Note that none > of this affects finger or LDAP support, which are unchanged. > Note also that a future version of GnuPG will remove the old > keyserver helpers altogether. > > * Implemented Public Key Association (PKA) signature verification. > This uses special DNS records and notation data to associate a > mail address with an OpenPGP key to prove that mail coming from > that address is legitimate without the need for a full trust > path to the signing key. > > * When exporting subkeys, those specified with a key ID or > fingerpint and the '!' suffix are now merged into one keyblock. > > * Added "gpg-zip", a program to create encrypted archives that can > interoperate with PGP Zip. > > * Added support for signing subkey cross-certification "back > signatures". Requiring cross-certification to be present is > currently off by default, but will be changed to on by default > in the future, once more keys use it. A new "cross-certify" > command in the --edit-key menu can be used to update signing > subkeys to have cross-certification. > > * The key cleaning options for --import-options and > --export-options have been further polished. "import-clean" and > "export-clean" replace the older > import-clean-sigs/import-clean-uids and > export-clean-sigs/export-clean-uids option pairs. > > * New "minimize" command in the --edit-key menu removes everything > that can be removed from a key, rendering it as small as > possible. There are corresponding "export-minimal" and > "import-minimal" commands for --export-options and > --import-options. > > * New --fetch-keys command to retrieve keys by specifying a URI. > This allows direct key retrieval from a web page or other > location that can be specified in a URI. Available protocols > are HTTP and finger, plus anything that cURL supplies, if built > with cURL support. > > * Files containing several signed messages are not allowed any > longer as there is no clean way to report the status of such > files back to the caller. To partly revert to the old behaviour > the new option --allow-multisig-verification may be used. > > * The keyserver helpers can now handle keys in either ASCII armor > or binary format. > > * New auto-key-locate option that takes an ordered list of methods > to locate a key if it is not available at encryption time (-r or > --recipient). Possible methods include "cert" (use DNS CERT as > per RFC2538bis, "pka" (use DNS PKA), "ldap" (consult the LDAP > server for the domain in question), "keyserver" (use the > currently defined keyserver), as well as arbitrary keyserver > URIs that will be contacted for the key. > > * Able to retrieve keys using DNS CERT records as per RFC-2538bis > (currently in draft): http://www.josefsson.org/rfc2538bis > > Happy Hacking, > > David, Timo, Werner > > > ------------------------------------------------------------------------ > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3rc2 (Darwin) Comment: GnuPG for Privacy Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBRBDjIm69XHxycyfPAQhpBA//e1UFnPVMlDQBBUUSoa+RR3JmqyBX/9Xg b46k0d9NtlPogh9F3BhFdFyOz89LP92kRJnDP9CdQuCUHCNCm2dD/JekgKdIUFmh s1IcYhwLhtQD2IUMncfgmMa8BSjGKzka4r2APA63O8E/8RDQ+bj6nSpBSXpE/hS8 hhwUiXQu9ygSBzolZpxPKYJqk4SIQn7omLRRqmhEeI1eEjHnhLeJVKljLc0quODT qvsLOj5/tvl0jgP5q2rBBz5DYjuYHvXy3kijDfeRoVkie1JhG3KkOX7bwJpkuLef 48AZScLadOs7QYTuKoCI/zxu/F789WcTidxswS8kGbp3gywa4FDRM5d9iL/I5pfA lTaLyW28wCTgZfVM7YIH6tkJxiMuqCa4GKNunnKsOcNAvHxbbpU+c+M0IArL+HC0 0uZ/AOzyRLAdjHJjHUn6PMnj+BbebqrkKit5GHUrlbX7cN9fIH4t6rhH8vIxdJK5 8RaZlYMcK+iNVddfQZYiivkkR19mhPCDP/fTHwxRkmZocl+CL4u1w1UIuQnvJdsf tiA5K/AC5ky3kC5hwDagVuIXrFscG3V9MR8sjoLYCE7s0CdaI32v+CPJfIwTN6eX 6BmpkeVa+cd12KxHit0vZ14lHyGSWMSsA/tCRM3rbJjJtdaFKOxEi+7gwnGHVcyk g59278Oddms= =Cgtk -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
