-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! The latest release from the development branch of GnuPG is ready for public consumption. This is a branch to create what will eventually become GnuPG 1.4. It will change with greater frequency than the 1.2.x "stable" branch, which will mainly be updated for bug fix reasons. The more GnuPG-familiar user is encouraged try this release (and the ones that will follow in the 1.3.x branch), and report back any problems to gnupg-devel@gnupg.org. In return, you get the latest code with the latest features. Feedback on the "show-validity" display changes is particularly appreciated. Is this additional information (seen in --list-keys or - --list-sigs when "--list-options show-validity" is set) helpful or confusing? Note that while this code is stable enough for many uses, it is still the development branch. Mission-critical applications should always use the 1.2.x stable branch. The files are available from: ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.3.tar.gz (1667k) ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.3.tar.gz.sig ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.2-1.3.3.diff.gz MD5 checksums for the files are: 328ed3ecd62e90b5f2903b211e7f920d gnupg-1.3.3.tar.gz a2558c5f06df52d2e501012c136e3c68 gnupg-1.3.3.tar.gz.sig 514ffb450766b13eb596978ac0d728e9 gnupg-1.3.2-1.3.3.diff.gz Noteworthy changes in version 1.3.3 (2003-10-10) - ------------------------------------------------ * Basic support for the OpenPGP card. New commands --card-status, --card-edit, --change-pin and the configuration options --reader-port, --ctapi-driver, --pcsc-driver, and --disable-ccid. * Full support for the SHA-256 hash has been added. * Support for the TIGER/192 hash has been dropped. This should not be interpreted as a statement as to the strength of TIGER/192 - rather, the upcoming revision to the OpenPGP standard removes support for several unused (or mostly unused) hashes. * Revoked or expired user IDs are now skipped when selecting keys for encryption. Specifying a key by the key ID overrides this check and allows the selection of any key. * Note that --no-mangle-dos-filenames is now the default. If you are upgrading from a 1.2.x version of GnuPG, and are running a very old version of Windows that has the 8.3 filename limit, you may need to change this. * Multiple "Comment:" lines in armored output are now allowed. * New --list-options option. This option takes a list of arguments that allows the user to customize exactly what key listings (including the --edit-key listing) look like, enabling or disabling things such as photo display, policy URL, preferred keyserver URL, or notation display, long or short keyIDs, calculated validity for each user ID, etc. See the manual for the complete list of list-options. * New --verify-options option. This option takes a list of arguments that allows the user to customize exactly what happens during signature verification, enabling or disabling things such as photo display, policy URL, preferred keyserver URL, or notation display, long or short keyIDs, calculated validity for each user ID, etc. See the manual for the complete list of verify-options. * New --sig-keyserver-url to embed a "where to get my key" subpacket into a signature. * The options --show-photos, --show-policy-url, --show-notation, and --show-keyring are all deprecated in favor of those arguments to --list-options and --verify-options. The new method is more flexible since a user can specify (for example) showing photos during sig verification, but not in key listings. * The complete fingerprint of the key that made a given key certification is now available in the --with-colons output. For technical reasons, this is only available when running with --no-sig-cache set. See doc/DETAILS for the specifics of this. * IPv6 support for HKP keyserver access. IPv6 for LDAP keyserver access is also supported, but is dependent on the LDAP library used. * To simplify running both the stable (1.2.x) and development (1.3.x) versions of GnuPG, the development version will try to load the options file gpg.conf-VERSION (e.g. gpg.conf-1.3.3 for this release) before falling back to the regular gpg.conf file. * Two new %-expandos for use in notation and policy URLs. "%g" expands to the fingerprint of the key making the signature (which might be a subkey), and "%p" expands to the fingerprint of the primary key that owns the key making the signature. * New "tru" record in --with-colons --list-keys listings. It shows the status of the trust database that was used to calculate the key validity in the listings. See doc/DETAILS for the specifics of this. * New REVKEYSIG status tag for --status-fd. It indicates a valid signature that was issued by a revoked key. See doc/DETAILS for the specifics of this. * A number of portability changes to make building GnuPG on less-common platforms easier. Happy Hacking, The GnuPG team (David, Stefan, Timo and Werner) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.4-cvs (GNU/Linux) Comment: Key available at http://www.jabberwocky.com/david/keys.asc iHEEARECADEFAj+HPdsqGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2Rhdmlk L2tleXMuYXNjAAoJEOJmXIdJ4cvJNgUAoJ5XDJ0EAhMSiak1q1N49TLwfONAAJ4k A48KADjnIhrjLSGFZKjnZxmL1A==UGcD -----END PGP SIGNATURE-----