See ChangeLog: Tue Jan 12 11:17:18 CET 1999 Werner Koch

1999-01-12 10:20:24 +00:00 · 1999-01-12 10:20:24 +00:00 · 62957ff4e7
parent 8ddca5a28a
commit 62957ff4e7
34 changed files with 458 additions and 305 deletions
--- a/1
+++ b/1
@ -36,6 +36,7 @@ md@linux.it
 TRANSLATIONS	Gael Queri	1998-09-08
 Disclaimer.  [fr]
 gqueri@mail.dotcom.fr
 Fixed a lot of typos.
 TRANSLATIONS	Walter Koch	1998-09-08
--- a/11
+++ b/11
@ -1,3 +1,11 @@
 Tue Jan 12 11:17:18 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* config.links (m68k-atari-mint): New
 Tue Jan 12 09:17:19 CET 1999  Gaël Quéri <gqueri@mail.dotcom.fr>
 	* all: Fixed typos all over the place
 Sat Jan  9 16:02:23 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* configure.in: Add a way to statically link rndunix
@ -24,7 +32,8 @@ Thu Dec 10 20:15:36 CET 1998  Werner Koch  <wk@isil.d.shuttle.de>
 Tue Dec  8 15:09:29 CET 1998  Werner Koch  <wk@isil.d.shuttle.de>
-    * VERSION: Set to 0.4.5
+	* VERSION: Set to 0.4.5
 Wed Nov 25 12:38:29 1998  Werner Koch  (wk@isil.d.shuttle.de)
 	* configure.in (USE_RNDLINUX): New.
--- a/4
+++ b/4
@ -79,9 +79,9 @@ should put this in your ~/.gnupg/options file:
 load-extension rndunix
 ===>8====================
 This collector works by running a lot of tools which yields more or
-less unpredictable output and fedds this as entropy into the random
+less unpredictable output and feds this as entropy into the random
 generator - It should work reliable but you should check whether
-it produces good output for your kinf of Unix.	There are some debug
+it produces good output for your kind of Unix.	There are some debug
 options to help you (see cipher/rndunix.c).
--- a/42
+++ b/42
@ -1,3 +1,7 @@
    * add some additional time warp checks.
 Noteworthy changes in version 0.9.1
 -----------------------------------
@ -24,7 +28,7 @@ Noteworthy changes in version 0.9.0
 -----------------------------------
    * --export does now only exports rfc2440 compatible keys; the
-      old behavious is available with --export-all.
+      old behaviour is available with --export-all.
      Generation of v3 ElGamal (sign and encrypt) keys is not longer
      supported.
@ -87,7 +91,7 @@ Noteworthy changes in version 0.4.4
      you are put into normal mode unless you use "quit" or "save" as
      one of the commands.  When in batch mode, the program quits after
      the last command, so you have to use "save" if you did some changes.
-      It does not yet work completey, but may be used to list so the
+      It does not yet work completely, but may be used to list so the
      keys etc.
@ -111,7 +115,7 @@ Noteworthy changes in version 0.4.3
      the contrib directory of the FTP servers)
    * commandline option processing now works as expected for GNU programs
-      with the execption that you can't mix options and normal arguments.
+      with the exception that you can't mix options and normal arguments.
    * Now --list-key lists all matching keys.  This is needed in some
      other places too.
@ -138,7 +142,7 @@ Noteworthy changes in version 0.4.2
      prime product.
    * --import now only looks for KEYBLOCK headers, so you can now simply
-      remove the "- " in front of such a header if someone accdently signed
+      remove the "- " in front of such a header if someone accidently signed
      such a message or the keyblock is part of a cleartext signed message.
    * --with-colons now lists the key expiration time and not anymore
@ -206,7 +210,7 @@ Noteworthy changes in version 0.3.5
    * Fixed a bug with 5 byte length headers.
-    * --delete-[secret-]key is now also availabe in gpgm.
+    * --delete-[secret-]key is now also available in gpgm.
    * cleartext signatures are not anymore converted to LF only.
@ -230,21 +234,21 @@ Noteworthy changes in version 0.3.3
 -----------------------------------
    * IMPORTANT: I found yet another bug in the way the secret keys
      are encrypted - I did it the way pgp 2.x did it, but OpenPGP
-      and pgp 5.x specifiy another (in some aspects simpler) method.
+      and pgp 5.x specify another (in some aspects simpler) method.
      To convert your secret keys you have to do this:
 	1. Build the new release but don't install it and keep
 	   a copy of the old program.
 	2. Disable the network, make sure that you are the only
-	   user, be sure that there are no trojan horses etc ....
+	   user, be sure that there are no Trojan horses etc ....
 	3. Use your old gpg (version 0.3.[12]) and set the
 	   passphrases of ALL your secret keys to empty!
 	   (gpg --change-passphrase your-user-id).
 	4. Save your ownertrusts (see the next point)
-	5. rm ~/.gnupg/trustd.gpg
+	5. rm ~/.gnupg/trustdb.gpg
 	6. install the new version of gpg (0.3.3)
 	7. For every secret key call "gpg --edit-key your-user-id",
 	   enter "passwd" at the prompt, follow the instructions and
-	   change your passward back, enter "save" to store it.
+	   change your password back, enter "save" to store it.
 	8. Restore the ownertrust (see next point).
    * The format of the trust database has changed; you must delete
@ -257,7 +261,7 @@ Noteworthy changes in version 0.3.3
      release and it does now only export defined ownertrusts.
    * The command --edit-key now provides a commandline driven menu
-      which can be used vor vaious tasks.  --sign-key is only an
+      which can be used for various tasks.  --sign-key is only an
      an alias to --edit-key and maybe removed in future: use the
      command "sign" of this new menu - you can select which user ids
      you want to sign.
@ -267,7 +271,7 @@ Noteworthy changes in version 0.3.3
    * Owner trust values can now be changed with --edit-key (trust)
    * GNUPG can now run as a coprocess; this enables sophisticated
-      frontends.  tools/shmtest.c is a simple sample implemenation.
+      frontends.  tools/shmtest.c is a simple sample implementation.
      This needs some more work: all tty_xxx() are to be replaced
      by cpr_xxx() and some changes in the display logics is needed.
@ -306,7 +310,7 @@ Noteworthy changes in version 0.3.2
    * Now displays the trust status of a positive verified message.
    * Keyrings are now scanned in the sequence they are added with
-      --[secret-]keyring.  Note that the default keyring is implictly
+      --[secret-]keyring.  Note that the default keyring is implicitly
      added as the very first one unless --no-default-keyring is used.
    * Fixed setuid and dlopen bug.
@ -346,7 +350,7 @@ Noteworthy changes in version 0.3.0
    * A complete new structure for representing the key parameters.
-    * Removed most public key knowledge into the cipher libray.
+    * Removed most public key knowledge into the cipher library.
    * Support for dynamic loading of new algorithms.
@ -420,7 +424,7 @@ Noteworthy changes in version 0.2.17
 Noteworthy changes in version 0.2.16
 ------------------------------------
-    * Add experimental support for the TIGER/192 message diigest algorithm.
+    * Add experimental support for the TIGER/192 message digest algorithm.
      (But there is only a dummy ASN OID).
    * Standard cipher is now Blowfish with 128 bit key in OpenPGP's CFB
@ -451,7 +455,7 @@ Noteworthy changes in version 0.2.14
    * Changed the internal handling of keyrings.
-    * Add support to list PGP 5 keyrings with supkeys
+    * Add support to list PGP 5 keyrings with subkeys
    * Timestamps of signatures are now verified.
@ -494,7 +498,7 @@ Noteworthy changes in version 0.2.11
    * "--delete-key" works for public keys. What semantics shall I use
      when there is a secret key too? Delete the secret key or leave him
-      and auto-regenerate the public key, netxt time the secret key is used?
+      and auto-regenerate the public key, next time the secret key is used?
 Noteworthy changes in version 0.2.10
 ------------------------------------
@ -507,7 +511,7 @@ Noteworthy changes in version 0.2.10
    * Changed some configure options and add an option
      --disable-m-guard to remove the memory checking code
-      and to compile everthing with optimization on.
+      and to compile everything with optimization on.
    * New environment variable GNUPGHOME, which can be used to set
      another homedir than ~/.gnupg.  Changed default homedir for
@ -584,7 +588,7 @@ Noteworthy changes in version 0.2.4
    * backup copies of keyrings are created.
-    * assembler stuff for Pentium; gives about 15% better perfomance.
+    * assembler stuff for Pentium; gives about 15% better performance.
    * fixed a lot of bugs.
@ -610,7 +614,7 @@ Noteworthy changes in version 0.2.3
    * added option "--status-fd": see g10/OPTIONS
-    * We have secure memeory on systems which support mlock().
+    * We have secure memory on systems which support mlock().
      It is not complete yet, because we do not have signal handler
      which does a cleanup in very case.
      We should also check the ulimit for the user in the case
--- a/8
+++ b/8
@ -4,7 +4,7 @@
      (userid, or any other unique identification) on command line.
      --> NO: Use a script and --status-fd
-    * Change the internal represention of keyid into a struct which
+    * Change the internal representation of keyid into a struct which
      can also hold the localid and extend the localid to hold information
      of the subkey number because two subkeys may have the same keyid.
@ -20,7 +20,7 @@
    * Add a way to override the current cipher/md implementations
      by others (using extensions)
-    * Not GnuPG replated:  What about option completion in bash?
+    * Not GnuPG related:  What about option completion in bash?
      Can "--dump-options" be used for this or should we place the
      options in a special ELF segment?
@ -34,9 +34,9 @@
    * rewrite --list-packets or put it into another tool.
-    * We need a maintainence pass over the trustdb which flags
+    * We need a maintenance pass over the trustdb which flags
      signatures as expired if the key used to make the signature has
-      expired.	Maybe it is a good idea to store the exiration time
+      expired.	Maybe it is a good idea to store the expiration time
      in the key record of the trustdb.
    * write a tool to extract selected keys from a file.
--- a/8
+++ b/8
@ -34,7 +34,7 @@
    the word "subscribe" in the body to "g10-request@net.lut.ac.uk".
    This mailing list is a closed one (only subscribers are allowed
    to post) to avoid misuse by folks who don't know the Netiquette
-    and trash you mailspool with commercial junk.
+    and trash your mailspool with commercial junk.
    See the file COPYING for copyright and warranty information.
@ -301,7 +301,7 @@
    user ID is the one with an email address you prefer - because
    you have no signatures on this email address it is easy to change
    this address.  Remember: Your signators sign your public key (the
-    primary one) together with one od your user IDs - so it is not possible
+    primary one) together with one of your user IDs - so it is not possible
    to change the user ID later without voiding all the signatures.
    Tip: If you hear about a key signing party on a computer conference
@ -412,7 +412,7 @@
    The primary FTP site is "ftp://ftp.gnupg.org/pub/gcrypt/"
    The primary WWW page is "http://www.gnupg.org"
-    See http://www.gnugp.org/mirrors.html for a list of FTP mirrors
+    See http://www.gnupg.org/mirrors.html for a list of FTP mirrors
    and use them if possible.
    Please direct bug reports to <gnupg-bugs@gnu.org> or better
@ -420,7 +420,7 @@
    closed list - subscribe before posting, see above (~line 33)).
    Please direct questions about GnuPG to the mailing list or
    one of the pgp newsgroups; this gives me more time to improve
-    GnuPG.  Commercial support for GnuPG will be availabe soon.
+    GnuPG.  Commercial support for GnuPG will be available soon.
    Have fun and remember: Echelon is looking at you kid.
--- a/14
+++ b/14
@ -14,6 +14,16 @@
    * What shall we do if we have a valid subkey revocation certificate
      but no subkey binding?  Is this a valid but revoked key?
    * use a mmaped file for secure memory if mlock does not work and
      make sure that this file is always wiped out.  Is this really
      more secure than swapping out to the swap disk?  I don't
      believe so because if an attacker has access to the physical
      box (and he needs this to look at the swap area) he can also
      leave a trojan horse which is far more easier than to analyze
      memory dumps.  Question:	Is it possible that a Unix pages
      an old (left over by some other process) swap page in for
      another process - this should be considered a serious design
      flow/bug.
 Date: Mon, 4 Jan 1999 19:34:29 -0800 (PST)
 From: Matthew Skala <mskala@ansuz.sooke.bc.ca>
@ -172,7 +182,7 @@ o  Keep a blacklist of known bad signatures to minimize
 o  Should be fast - I currently designing a new storage
   system called keybox which takes advantage of the fact
-   that the keyID is higly random and can be directly be
+   that the keyID is highly random and can be directly be
   used as a hash value and this keyID is (for v4 keys)
   part of the fingerprint: So it is possible to use the
   fingerprint as key but do an lookup by the keyID.
@ -186,7 +196,7 @@ o  Use the HKS protocol and enhance it in a way that binary
   keyrings can be transmitted.  (I already wrote some
   http server and client code which can be used for this)
-o  Keep a checkcsum (hash) of the entire keyblock so that a
+o  Keep a checksum (hash) of the entire keyblock so that a
   client can easy check whether this keyblock has changed.
   (keyblock = the entire key with all certificates etc.)
--- a/26
+++ b/26
@ -6,6 +6,8 @@ Bugs
      if the clearsign has been created by pgp263ia.
      Needs more investigation - anyone?
    * clearsign bug Greg Troxel Jan 11.
 Important
 ----------
    * Check revocation and expire stuff.  PLEASE: THIS MUST BE TESTED!
@ -13,28 +15,25 @@ Important
    * Check calculation of key validity. PLEASE: IT IS IMPORTED THAT
      THIS GET TESTED.
    * It has been reported that lockfiles are not removed in all cases.
      cleanup is done with atexit() and all signals trigger exit() -
      anything wrong with this?  - ah yes: a signal while still in
      dotlock_make
    * See why we always get this "Hmmm public key lost"
    * print a warning when a revoked/expired secret key is used.
    * Allow the use of a the faked RNG only for keys which are
      flagged as INSECURE.
 > 0.9.1: I get some occasional segfaults during 'make check' unless I use
 > --with-included-zlib. It's strange, I have zlib-1.1.2 on one machine, and
 > zlib-1.1.3 on another, and both of them fail on occasion (maybe half of the
 > gpg: /home/jam/.gnupg/pubring.gpg: can't open gdbm file: Can't be writer
 > gpg: keyblock resource `/home/jam/.gnupg/pubring.gpg': file open error
 > gpg: OOPS in close enum_keyblocks - ignored
 Needed
 ------
    * remove more "Fixmes"
-    * Replace Blowfish by Twofish and add the new encrypted packet typ
+    * Replace Blowfish by Twofish and add the new encrypted packet type
      which has a MACing option (append SHA1 hash to the plaintext and
      encrypt this all) - We need an identifier for Twofish to put this
      one into the cipher preferences.
@ -48,6 +47,12 @@ Needed
 Minor Bugs
 ----------
    * There is a race condition which leaves lock files after process
      termination (a signal while in make_dotlock).  Change the dotlock
      implementaion to a create handle, make and release implemenation
      and use an atexit to cleanup all pending locks.  This is also
      faster.
 Nice to have
 ------------
    * preferences of hash algorithms are not yet used.
@ -59,5 +64,6 @@ Nice to have
    * Burn the buffers used by fopen(), or use read(2). Does this
      really make sense?
    * change the fake_data stuff to mpi_set_opaque
-
+    * How about letting something like 'gpg --version -v', list the
      effective options. Yep.
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@ -1,3 +1,10 @@
 Tue Jan 12 11:17:18 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* random.c (random_is_faked): New.
 	* tiger.c: Only compile if we have the u64 type
 Sat Jan  9 16:02:23 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* rndunix.c (gather_random): check for setuid.
--- a/cipher/random.c
+++ b/cipher/random.c
@ -162,6 +162,13 @@ randomize_buffer( byte *buffer, size_t length, int level )
 }
 int
 random_is_faked()
 {
    if( !is_initialized )
 	initialize();
    return faked_rng || quick_test;
 }
 /****************
 * Return a pointer to a randomized buffer of level 0 and LENGTH bits
--- a/cipher/random.h
+++ b/cipher/random.h
@ -25,6 +25,7 @@
 /*-- random.c --*/
 void secure_random_alloc(void);
 int  quick_random_gen( int onoff );
 int  random_is_faked(void);
 void randomize_buffer( byte *buffer, size_t length, int level );
 byte *get_random_bits( size_t nbits, int level, int secure );
 void fast_random_poll( void );
--- a/cipher/tiger.c
+++ b/cipher/tiger.c
@ -27,6 +27,11 @@
 #include "memory.h"
 #ifdef HAVE_U64_TYPEDEF
 /* we really need it here, but as this is only experiment we
 * can live without Tiger */
 typedef struct {
    u64  a, b, c;
    byte buf[64];
@ -964,4 +969,5 @@ gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
    return ret;
 }
 #endif /* HAVE_U64_TYPEDEF */
--- a/doc/DETAILS
+++ b/doc/DETAILS
@ -45,7 +45,7 @@ Format of the "--status-fd" output
 Every line is prefixed with "[GNUPG:] ", followed by a keyword with
 the type of the status line and a some arguments depending on the
 type (maybe none); an application should always be prepared to see
-more argumnents in future versions.
+more arguments in future versions.
    GOODSIG	<long keyid>  <username>
@ -57,12 +57,12 @@ more argumnents in future versions.
    ERRSIG
 	It was not possible to check the signature.  This may be
 	caused by a missing public key or an unsupported algorithm.
-	No argumens yet.
+	No argument yet.
    VALIDSIG	<fingerprint in hex>
 	The signature with the keyid is good. This is the same
 	as GOODSIG but has the fingerprint as the argument. Both
-	status lines ere emmited for a good signature.
+	status lines ere emitted for a good signature.
    TRUST_UNDEFINED
    TRUST_NEVER
@ -70,7 +70,7 @@ more argumnents in future versions.
    TRUST_FULLY
    TRUST_ULTIMATE
 	For good signatures one of these status lines are emitted
-	to indicate how trustworthy the signatur is.  No arguments yet.
+	to indicate how trustworthy the signature is.  No arguments yet.
    SIGEXPIRED
 	The signature key has expired.	No arguments yet.
@ -158,7 +158,7 @@ Record type 1:
     1 u32  first free record
     1 u32  record number of shadow directory hash table
 	    It does not make sense to combine this table with the key table
-	    becuase the keyid is not in every case a part of the fingerprint.
+	    because the keyid is not in every case a part of the fingerprint.
     4 bytes reserved for version extension record
@ -283,7 +283,7 @@ Record type 9:	(cache record)
     20 bytes rmd160 hash value over the complete keyblock
 	      This is used to detect any changes of the keyblock with all
 	      CTBs and lengths headers. Calculation is easy if the keyblock
-	      is optained from a keyserver: simply create the hash from all
+	      is obtained from a keyserver: simply create the hash from all
 	      received data bytes.
     1 byte   number of untrusted signatures.
@ -323,14 +323,14 @@ Record Type 10 (hash table)
 	    n = (reclen-2)/4  which yields 9 for the current record length
 	    of 40 bytes.
-    the total number of surch record which makes up the table is:
+    the total number of such record which makes up the table is:
 	 m = (256+n-1) / n
    which is 29 for a record length of 40.
    To look up a key we use the first byte of the fingerprint to get
    the recnum from this hashtable and look up the addressed record:
       - If this record is another hashtable, we use 2nd byte
-	 to index this hast table and so on.
+	 to index this hash table and so on.
       - if this record is a hashlist, we walk all entries
 	 until we found one a matching one.
       - if this record is a key record, we compare the
@ -398,12 +398,12 @@ There is one enhancement used with the old style packet headers:
 +
 +  It works like this: After the CTB (with a length field of 11) a
 +  marker field is used, which gives the length of the following datablock.
-+  This is a simple 2 byte field (MSB first) containig the amount of data
+  This is a simple 2 byte field (MSB first) containing the amount of data
 +  following this field, not including this length field. After this datablock
 +  another length field follows, which gives the size of the next datablock.
 +  A value of 0 indicates the end of the packet. The maximum size of a
 +  data block is limited to 65534, thereby reserving a value of 0xffff for
-+  future extensions. These length markers must be insereted into the data
+  future extensions. These length markers must be inserted into the data
 +  stream just before writing the data out.
 +
 +  This 2 byte filed is large enough, because the application must buffer
@ -416,7 +416,7 @@ There is one enhancement used with the old style packet headers:
 Usage of gdbm files for keyrings
 ================================
-    The key to store the keyblokc is it's fingerpint, other records
+    The key to store the keyblock is it's fingerprint, other records
    are used for secondary keys.  fingerprints are always 20 bytes
    where 16 bit fingerprints are appded with zero.
    The first byte of the key gives some information on the type of the
--- a/doc/FAQ
+++ b/doc/FAQ
@ -21,7 +21,7 @@
  public key, and he would only be able to decrypt it by having the secret
  key and putting in the password to use his secret key.
-  GNUPG is also usefull for signing things.  Things that are encrypted with
+  GNUPG is also useful for signing things.  Things that are encrypted with
  the secret key can be decrypted with the public key. To sign something, a
  hash is taken of the data, and then the hash is in some form encoded
  with the secret
@ -38,23 +38,23 @@
  You can 'conventionally' encrypt something by using the option 'gpg -c'.
  It is encrypted using a passphrase, and does not use public and secret
  keys.  If the person you send the data to knows that passphrase, they can
-  decrypt it. This is usually most usefull for encrypting things to
+  decrypt it. This is usually most useful for encrypting things to
  yourself, although you can encrypt things to your own public key in the
  same way.  It should be used for communication with partners you know and
  where it is easy to exchange the passphrases (e.g. with your boy friend or
-  your wife).  The advantage is that you can chnage the passphrase from time
+  your wife).  The advantage is that you can change the passphrase from time
-  to time and decrease the risk, that many old messages may be decryptted by
+  to time and decrease the risk, that many old messages may be decrypted by
  people who accidently got your passphrase.
  You can add and copy keys to and from your keyring with the 'gpg --import'
  and 'gpg --export' option. 'gpg --export-secret-keys' will export secret
-  keys. This is normally not usefull, but you can generate the key on one
+  keys. This is normally not useful, but you can generate the key on one
  machine then move it to another machine.
  Keys can be signed under the 'gpg --edit-key' option.  When you sign a
  key, you are saying that you are certain that the key belongs to the
  person it says it comes from.  You should be very sure that is really
-  taht person:	You should verify the key fingerprint
+  that person:	You should verify the key fingerprint
      gpg --fingerprint user-id
@ -69,7 +69,7 @@
  Oh yeah, this is important. By default all data is encrypted in some weird
  binary format.  If you want to have things appear in ascii text that is
-  readable, just add the '-a' option.  But the preferred methos is to use
+  readable, just add the '-a' option.  But the preferred method is to use
  a MIME aware mail reader (Mutt, Pine and many more).
  There is a small security glitch in the OpenPGP (and therefor GNUPG) system;
@ -80,7 +80,7 @@
 Q: What is the recommended key size?
 A: 1024 bit for DSA signatures; even for plain ElGamal
    signatures this is sufficient as the size of the hash
-    is probably the weakest link if the keyssize is larger
+    is probably the weakest link if the keysize is larger
    than 1024 bits.  Encryption keys may have greater sizes,
    but you should than check the fingerprint of this key.
@ -100,7 +100,7 @@
    at least for decryption).  To be better interoperable, GNUPG
    (starting with version 0.3.3) now also uses type 16 for the
    ElGamal subkey which is created if the default key algorithm
-    is choosen.  You may add an type 16 ElGamal key to your public
+    is chosen.  You may add an type 16 ElGamal key to your public
    key which is easy as your key signatures are still valid.
 Q: Why is PGP 5.x not able to verify my messages.
@ -109,14 +109,14 @@
    data.  Use the option "--force-v3-sigs" to generate V3 signatures
    for data.
- Q: I can't delete a user id because it is already deleted on my
+ Q: I can't delete an user id because it is already deleted on my
    public keyring.
 A: Because you can only select from the public key ring, there is
    no direct way to do this.  However it is not so complicated
    do to it anyway:  Create a new user id with exactly the same name,
    you will notice that there are two identical user ids on the
    secret ring now.  Now select this user id and delete it; both
-    user ids from the secret ring will be remoed.
+    user ids from the secret ring will be removed.
 Q: How can I encrypt a message in way pgp 2.x is able to decrypt it later?
 A: You can't do that because pgp 2.x normally uses IDEA which is not
@ -175,7 +175,7 @@
  trustdb which holds a list of valid key signatures.  If you are not
  running in batch mode you will be asked to assign a trust parameter
  (ownertrust) to a key.  I have plans to use a cache for calculated
-  trust values to speed up calcualtion.
+  trust values to speed up calculation.
  You can see the validity (calculated trust value) using this command:
@ -202,19 +202,19 @@
  the assigned value:
      - = No Ownertrust value yet assigned.
-      n = Never trust this keyholder to correctly verifiy others signatures.
+      n = Never trust this keyholder to correctly verify others signatures.
      m = Have marginal trust in the keyholders capability to sign other keys.
      f = Assume that the key holder really knows how to sign keys.
      u = No need to trust ourself because we have the secret key.
-  Please keep these values confidential, as they express some opiones of
+  Please keep these values confidential, as they express some opinions of
  you about others. PGP does store these information with the keyring, so
  it is not a good idea to publish the keyring instead of exporting the
  keyring - gnupg stores the trust in the trust-DB and therefor it is okay
  to give the keyring away (but we have a --export command too).
-  Q: What is the differenc between options and commands?
+  Q: What is the difference between options and commands?
  A: If you do a "gpg --help", you will get two separate lists. The first is a list
  of commands. The second is a list of options. Whenever you run GPG, you *must*
  pick exactly one command (**with one exception, see below). You *may* pick one
@ -266,7 +266,7 @@
  Q: What kind of output is this: "key C26EE891.298, uid 09FB: ...."?
-  A: This is the internal representaion of a user id in the trustdb.
+  A: This is the internal representation of an user id in the trustdb.
     "C26EE891" is the keyid, "298" is the local id (a record number
     in the trustdb) and "09FB" are the last two bytes of a ripe-md-160
     hash of the user id for this key.
@ -293,7 +293,7 @@
 	"uid 12345678.3456/ACDE"
     This is about the user ID for the same key; to identify the
     user ID the last two bytes of a ripe-md-160 over the user ID
-     tring is printed.
+     ring is printed.
 	"sig 12345678.3456/ACDE/9A8B7C6D"
     This is about the signature with key ID 9A8B7C6D for the
     above key and user ID, if it is a signature which is direct
--- a/doc/HACKING
+++ b/doc/HACKING
@ -20,7 +20,7 @@ archive use:
 This service is provided to help you in hunting bugs and not to deliver
 stable snapshots; it may happen that it even does not compile, so please
 don't complain. CVS may put a high load on a server, so please don't poll
-poll for new updates but wait for an anouncement; to receive this you may
+poll for new updates but wait for an announcement; to receive this you may
 want to subscribe to:
    gnupg-commit-watchers@isil.d.shuttle.de
@ -80,7 +80,7 @@ Directory Layout
 ----------------
  ./		Readme, configure
  ./scripts	Scripts needed by configure and others
-  ./doc 	Documentaion
+  ./doc 	Documentation
  ./util	General purpose utility function
  ./mpi 	Multi precision integer library
  ./cipher	Cryptographic functions
@ -121,7 +121,7 @@ Logging
 Option parsing
 ---------------
 GNUPG does not use getopt or GNU getopt but functions of it's own.  See
-util/argparse.c for details.  The advantage of these funtions is that
+util/argparse.c for details.  The advantage of these functions is that
 it is more easy to display and maintain the help texts for the options.
 The same option table is also used to parse resource files.
@ -129,7 +129,7 @@ The same option table is also used to parse resource files.
 What is an iobuf
 ----------------
-This is the data structure used for most I/O of gnupg.	It is similiar
+This is the data structure used for most I/O of gnupg.	It is similar
 to System V Streams but much simpler.  It should be replaced by a cleaner
 and faster implementation.  We are doing to much copying and the semantics
 of "filter" removing are not very clean.  EOF handling is also a problem.
@ -138,7 +138,7 @@ of "filter" removing are not very clean.  EOF handling is also a problem.
 How to use the message digest functions
 ---------------------------------------
-cipher/md.c implements an interface to hash (message diesgt functions).
+cipher/md.c implements an interface to hash (message digest functions).
 a) If you have a common part of data and some variable parts
   and you need to hash of the concatenated parts, you can use this:
--- a/doc/OpenPGP
+++ b/doc/OpenPGP
@ -26,7 +26,7 @@
    * (9.2) states that IDEA SHOULD be implemented.  This is not done
      due to patent problems.
-    * (12.1) states that an implementaion MUST NOT use a symmetric
+    * (12.1) states that an implementation MUST NOT use a symmetric
      algorithm which is not in the preference list.  GnuPG has an
      option to override this.
@ -79,8 +79,8 @@
       it with a V3 keyid, and can properly use only a V3 format RSA
       key.
-     * Neither PGP 5.x nor PGP 6.0 recognize Elgamal Encrypt and Sign
+     * Neither PGP 5.x nor PGP 6.0 recognize ElGamal Encrypt and Sign
-       keys. They only handle Elgamal Encrypt-only keys.
+       keys. They only handle ElGamal Encrypt-only keys.
  Parts of this document are taken from:
--- a/doc/gpg.1pod
+++ b/doc/gpg.1pod
@ -237,7 +237,7 @@ B<--trusted-key>  I<keyid>
    Assume that the key with the I<keyid> (which must be
    a full (8 byte) keyid) is as trustworthy as one of
    your own secret keys.  This may be used to make keys
-    valid which are not directly ceritified by you but
+    valid which are not directly certified by you but
    by a CA you trust.	The advantage of this option is
    that it shortens the path of certification.
@ -392,7 +392,7 @@ B<--s2k-mode> I<number>
    Selects how passphrases are mangled: A number of I<0>
    uses the plain passphrase (which is not recommended),
    a I<1> (default) adds a salt to the passphrase and
-    I<3> interates the whole process a couple of times.
+    I<3> iterates the whole process a couple of times.
    Unless -B<--rfc1991> is used, this mode is also used
    for conventional encryption.
@ -403,7 +403,7 @@ B<--compress-algo> I<number>
    The default algorithm may give better
    results because the window size is not limited to 8K.
    If this is not used the OpenPGP behavior is used; i.e.
-    the compression algorith is selected from the preferences.
+    the compression algorithm is selected from the preferences.
 B<--digest-algo> I<name>
    Use I<name> as message digest algorithm. Running the
@ -444,7 +444,7 @@ B<--rfc1991>
    Try to be more RFC1991 (PGP 2.x) compliant.
 B<--force-v3-sigs>
-    OpenPGP states that a implemenation should generate
+    OpenPGP states that a implementation should generate
    v4 signatures but PGP 5.x does only recognize such
    signatures on key material.  This options forces
    v3 signatures for signatures on data.
--- a/doc/manual.sgml
+++ b/doc/manual.sgml
@ -42,8 +42,8 @@
    <title>Introduction</title>
    <sect1 id="feedback">
      <title>Feedback</title>
-      <para>Well, I'm german and I find it hard to express myself in
+      <para>Well, I'm German and I find it hard to express myself in
-	english. So if you find some phrases and/or words that I used
+	English. So if you find some phrases and/or words that I used
 	in a wrong way (and you will find them :-) ), please send me a
 	mail, to let me correct this. Please send me notes about
 	typos, too.</para>
@ -51,7 +51,7 @@
    <sect1 id="whatis">
-	<title>What is GBUPG</title>
+	<title>What is GNUPG</title>
      <para>GNUPG is a free data encryption and signing tool.
 	<screen>
@ -81,7 +81,7 @@
     <optional><parameter>options</parameter></optional>
     <replaceable class="parameter">file name</replaceable>
     </synopsis>
-     <refpurpose>is the GNUU tool for signing and exncryption</>
+     <refpurpose>is the GNU tool for signing and encryption</>
     <refsect1>
     <title>Description</title>
     <para> </para>
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,18 @@
 Tue Jan 12 11:17:18 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* ringedit.c (find_keyblock_bysk): New.
 	* skc_list.c (is_insecure): New.
 	(build_sk_list): usage check for insecure keys.
 	* import.c (chk_self_sigs): Add handling for subkeys.
 	(delete_inv_parts): Skip unsigned subkeys
 	* sig-check.c (do_check): Print info if the signature is older
 	than the key.
 	* keygen.c (generate_subkeypair): Fail on time warp.
 	* sign.c (do_sign): Ditto.
 Sun Jan 10 15:10:02 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* armor.c (fake_packet): Fixed not-dash-escaped bug.
--- a/g10/helptext.c
+++ b/g10/helptext.c
@ -36,7 +36,7 @@
 * Translators should use the key as msgid, this is to keep the msgid short
 * and to allow for easy changing of the helptexts.
 *
- * Mini gloassary:
+ * Mini glossary:
 *
 * "user ID", "trustdb", "NOTE" and "WARNING".
 */
@ -60,14 +60,14 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
 },
 { N_("pklist.user_id.enter"),
-"Enter the user id of the addresse to whom you want to send the message."
+"Enter the user id of the addressee to whom you want to send the message."
 },
 { N_("keygen.algo"),
 "Select the algorithm to use.\n"
 "DSA (aka DSS) is the digital signature algorithm which can only be used\n"
 "for signatures.  This is the suggested algorithm because verification of\n"
-"DSA signatures are much faster than those of ElGamal\n"
+"DSA signatures are much faster than those of ElGamal.\n"
 "ElGamal is a algorithm which can be used for signatures and encryption.\n"
 "OpenPGP distunguishs between two flavors of this algorithms: a encrypt only\n"
 "and a sign+encrypt; actually it is the same, but some parameters must be\n"
@ -75,7 +75,7 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
 "does this but other OpenPGP implemenations are not required to understand\n"
 "the signature+encryption flavor.\n"
 "The first (primary) key must always be a key which is capable of signing;\n"
-"this is the reason why the ecrytion only ElGamal key is disabled in this."
+"this is the reason why the encryption only ElGamal key is disabled in this."
 },
@ -165,7 +165,7 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
 { N_("keyedit.remove.uid.okay"),
 "Answer \"yes\" if you really want to delete this user ID.\n"
- "All ceritifcates are then also lost!"
+ "All certificates are then also lost!"
 },
 { N_("keyedit.remove.subkey.okay"),
--- a/g10/import.c
+++ b/g10/import.c
@ -661,12 +661,13 @@ import_revoke_cert( const char *fname, KBNODE node )
 * loop over the keyblock and check all self signatures.
 * Mark all user-ids with a self-signature by setting flag bit 0.
 * Mark all user-ids with an invalid self-signature by setting bit 1.
 * This works allso for subkeys, here the subkey is marked.
 */
 static int
 chk_self_sigs( const char *fname, KBNODE keyblock,
 	       PKT_public_key *pk, u32 *keyid )
 {
-    KBNODE n, unode;
+    KBNODE n;
    PKT_signature *sig;
    int rc;
@ -675,22 +676,50 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
 	    continue;
 	sig = n->pkt->pkt.signature;
 	if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
-	    unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
+	    if( (sig->sig_class&~3) == 0x10 ) {
-	    if( !unode )  {
+		KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
-		log_error_f(fname, _("key %08lX: no user-id for signature\n"),
+		if( !unode )  {
-					(ulong)keyid[1]);
+		    log_error_f(fname,
-		return -1;  /* the complete keyblock is invalid */
+				_("key %08lX: no user-id for signature\n"),
-	    }
+					    (ulong)keyid[1]);
-	    rc = check_key_signature( keyblock, n, NULL);
+		    return -1;	/* the complete keyblock is invalid */
-	    if( rc ) {
+		}
-		log_error_f( fname,  rc == G10ERR_PUBKEY_ALGO ?
+		rc = check_key_signature( keyblock, n, NULL);
-			  _("key %08lX: unsupported public key algorithm\n"):
+		if( rc ) {
-			  _("key %08lX: invalid self-signature\n"),
+		    log_error_f( fname,  rc == G10ERR_PUBKEY_ALGO ?
-				 (ulong)keyid[1]);
+			 _("key %08lX: unsupported public key algorithm\n"):
 			 _("key %08lX: invalid self-signature\n"),
 				     (ulong)keyid[1]);
-		unode->flag |= 2; /* mark as invalid */
+		    unode->flag |= 2; /* mark as invalid */
 		}
 		unode->flag |= 1; /* mark that signature checked */
 	    }
 	    else if( sig->sig_class == 0x18 ) {
 		KBNODE knode = find_prev_kbnode( keyblock,
 						 n, PKT_PUBLIC_SUBKEY );
 		if( !knode )
 		    knode = find_prev_kbnode( keyblock,
 						 n, PKT_SECRET_SUBKEY );
 		if( !knode )  {
 		    log_error_f(fname,
 			      _("key %08lX: no subkey for key binding\n"),
 					    (ulong)keyid[1]);
 		}
 		else {
 		    rc = check_key_signature( keyblock, n, NULL);
 		    if( rc ) {
 			log_error_f( fname,  rc == G10ERR_PUBKEY_ALGO ?
 			   _("key %08lX: unsupported public key algorithm\n"):
 			   _("key %08lX: invalid subkey binding\n"),
 					 (ulong)keyid[1]);
 			knode->flag |= 2; /* mark as invalid */
 		    }
 		}
 		knode->flag |= 1; /* mark that signature checked */
 	    }
 	    unode->flag |= 1; /* mark that signature checked */
 	}
    }
    return 0;
@ -730,6 +759,22 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
 	    else
 		nvalid++;
 	}
 	else if(    node->pkt->pkttype == PKT_PUBLIC_SUBKEY
 		 || node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
 	    if( (node->flag & 2) || !(node->flag & 1) ) {
 		if( opt.verbose ) {
 		    log_info_f(fname, _("key %08lX: skipped subkey\n"),
 							 (ulong)keyid[1]);
 		}
 		delete_kbnode( node ); /* the subkey */
 		/* and all following signature packets */
 		while( node->next
 		       && node->next->pkt->pkttype == PKT_SIGNATURE ) {
 		    delete_kbnode( node->next );
 		    node = node->next;
 		}
 	    }
 	}
 	else if( node->pkt->pkttype == PKT_SIGNATURE
 		 && check_pubkey_algo( node->pkt->pkt.signature->pubkey_algo)
 		 && node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
@ -845,7 +890,7 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
 	}
    }
-    /* merge subkey certifcates */
+    /* merge subkey certificates */
    for(onode=keyblock_orig->next; onode; onode=onode->next ) {
 	if( !(onode->flag & 1)
 	    &&	(   onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -194,6 +194,7 @@ int locate_keyblock_by_keyid( KBPOS *kbpos, u32 *keyid,
 int find_keyblock( PUBKEY_FIND_INFO info, KBPOS *kbpos );
 int find_keyblock_byname( KBPOS *kbpos, const char *username );
 int find_keyblock_bypk( KBPOS *kbpos, PKT_public_key *pk );
 int find_keyblock_bysk( KBPOS *kbpos, PKT_secret_key *sk );
 int find_secret_keyblock_byname( KBPOS *kbpos, const char *username );
 int lock_keyblock( KBPOS *kbpos );
 void unlock_keyblock( KBPOS *kbpos );
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -971,6 +971,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
    char *passphrase = NULL;
    DEK *dek = NULL;
    STRING2KEY *s2k = NULL;
    u32 cur_time;
    /* break out the primary secret key */
    node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
@ -981,6 +982,19 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
    /* make a copy of the sk to keep the protected one in the keyblock */
    sk = copy_secret_key( NULL, node->pkt->pkt.secret_key );
    cur_time = make_timestamp();
    if( sk->timestamp > cur_time ) {
 	ulong d = sk->timestamp - cur_time;
 	log_info( d==1 ? _("key has been created %lu second "
 			   "in future (time warp or clock problem)\n")
 		       : _("key has been created %lu seconds "
 			   "in future (time warp or clock problem)\n"), d );
 	rc = G10ERR_TIME_CONFLICT;
 	goto leave;
    }
    /* unprotect to get the passphrase */
    switch( is_secret_key_protected( sk ) ) {
      case -1:
--- a/g10/ringedit.c
+++ b/g10/ringedit.c
@ -480,6 +480,23 @@ find_keyblock_bypk( KBPOS *kbpos, PKT_public_key *pk )
    return rc;
 }
 /****************
 * Combined function to search for a key and get the position
 * of the keyblock.
 */
 int
 find_keyblock_bysk( KBPOS *kbpos, PKT_secret_key *sk )
 {
    PACKET pkt;
    int rc;
    init_packet( &pkt );
    pkt.pkttype = PKT_SECRET_KEY;
    pkt.pkt.secret_key = sk;
    rc = search( &pkt, kbpos, 0 );
    return rc;
 }
 /****************
 * Combined function to search for a username and get the position
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@ -1,4 +1,4 @@
-/* seckey-cert.c -  secret key certifucate packet handling
+/* seckey-cert.c -  secret key certificate packet handling
 *	Copyright (C) 1998 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@ -157,15 +157,22 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest )
 	return G10ERR_PUBKEY_ALGO;
    }
-    if( pk->timestamp > sig->timestamp )
+    if( pk->timestamp > sig->timestamp ) {
 	ulong d = pk->timestamp - sig->timestamp;
 	log_info( d==1
 		  ? _("public key is %lu second newer than the signature\n")
 		  : _("public key is %lu seconds newer than the signature\n"),
 		       d );
 	return G10ERR_TIME_CONFLICT; /* pubkey newer than signature */
    }
    cur_time = make_timestamp();
    if( pk->timestamp > cur_time ) {
 	ulong d = pk->timestamp - cur_time;
-	log_info(_("public key created %lu %s "
+	log_info( d==1 ? _("key has been created %lu second "
-		   "in future (time warp or clock problem)\n"),
+			   "in future (time warp or clock problem)\n")
-		    d, d==1? _("second"):_("seconds") );
+		       : _("key has been created %lu seconds "
 			   "in future (time warp or clock problem)\n"), d );
 	return G10ERR_TIME_CONFLICT;
    }
@ -331,7 +338,6 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
 	    keyid_from_pk( pk, keyid );
 	    md = md_open( algo, 0 );
 	    /*md_start_debug(md, "check");*/
 	    hash_public_key( md, pk );
 	    hash_uid_node( unode, md, sig );
 	    if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
--- a/g10/sign.c
+++ b/g10/sign.c
@ -47,6 +47,16 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
    byte *dp;
    int rc;
    if( sk->timestamp > sig->timestamp ) {
 	ulong d = sk->timestamp - sig->timestamp;
 	log_info( d==1 ? _("key has been created %lu second "
 			   "in future (time warp or clock problem)\n")
 		       : _("key has been created %lu seconds "
 			   "in future (time warp or clock problem)\n"), d );
 	return G10ERR_TIME_CONFLICT;
    }
    print_pubkey_algo_note(sk->pubkey_algo);
    if( !digest_algo )
--- a/g10/skclist.c
+++ b/g10/skclist.c
@ -32,6 +32,7 @@
 #include "memory.h"
 #include "util.h"
 #include "i18n.h"
 #include "cipher.h"
 void
@ -46,6 +47,19 @@ release_sk_list( SK_LIST sk_list )
    }
 }
 /* Check that we are only using keys which don't have
 * the string "(insecure!)" or "not secure" or "do not use"
 * in one of the user ids
 */
 static int
 is_insecure( PKT_secret_key *sk )
 {
    BUG();
 }
 int
 build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
 							unsigned usage )
@ -66,10 +80,15 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
 	    SK_LIST r;
 	    if( sk->version == 4 && (usage & PUBKEY_USAGE_SIG)
 		&& sk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
-		log_error("this is a PGP generated "
+		log_info("this is a PGP generated "
 		    "ElGamal key which is NOT secure for signatures!\n");
 		free_secret_key( sk ); sk = NULL;
 	    }
 	    else if( random_is_faked() && !is_insecure( sk ) ) {
 		log_info(_("key is not flagged as insecure - "
 			   "can't use it with the faked RNG!\n"));
 		free_secret_key( sk ); sk = NULL;
 	    }
 	    else {
 		r = m_alloc( sizeof *r );
 		r->sk = sk; sk = NULL;
@ -102,6 +121,11 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
 			locusr->d );
 		    free_secret_key( sk ); sk = NULL;
 		}
 		else if( random_is_faked() && !is_insecure( sk ) ) {
 		    log_info(_("key is not flagged as insecure - "
 			       "can't use it with the faked RNG!\n"));
 		    free_secret_key( sk ); sk = NULL;
 		}
 		else {
 		    r = m_alloc( sizeof *r );
 		    r->sk = sk; sk = NULL;
--- a/include/errors.h
+++ b/include/errors.h
@ -62,8 +62,11 @@
 #define G10ERR_TIME_CONFLICT  40
 #define G10ERR_WR_PUBKEY_ALGO 41 /* unusabe pubkey algo */
 #define G10ERR_FILE_EXISTS    42
-#define G10ERR_WEAK_KEY       43 /* NOTE: hardcoded intothe cipher modules */
+#define G10ERR_WEAK_KEY       43 /* NOTE: hardcoded into the cipher modules */
-#define G10ERR_WRONG_KEYLEN   44 /* NOTE: hardcoded intothe cipher modules */
+#define G10ERR_WRONG_KEYLEN   44 /* NOTE: hardcoded into the cipher modules */
 #define G10ERR_INV_ARG	      45
 #define G10ERR_BAD_URI	      46  /* syntax error in URI */
 #define G10ERR_INVALID_URI    47  /* e.g. unsupported scheme */
 #ifndef HAVE_STRERROR
--- a/mpi/config.links
+++ b/mpi/config.links
@ -106,13 +106,17 @@ case "${target}" in
    m680[234]0*-*-linux* | m68k*-*-linux*)
 	echo '#define ELF_SYNTAX'           >>./mpi/asm-syntax.h
 	cat  $srcdir/mpi/m68k/syntax.h	    >>./mpi/asm-syntax.h
 	path="m68k/mc68020 m68k"
 	;;
    m68060*-*-linux*)
 	echo '#define ELF_SYNTAX'           >>./mpi/asm-syntax.h
 	cat  $srcdir/mpi/m68k/syntax.h	    >>./mpi/asm-syntax.h
 	path="m68k"
 	;;
    m68k-atari-mint)
 	echo '#define MIT_SYNTAX'           >>./mpi/asm-syntax.h
 	cat  $srcdir/mpi/m68k/syntax.h	    >>./mpi/asm-syntax.h
 	path="m68k/mc68020 m68k"
 	;;
    m68000*-*-* | m68060*-*-*)
 	echo '#define MIT_SYNTAX'           >>./mpi/asm-syntax.h
 	cat  $srcdir/mpi/m68k/syntax.h	    >>./mpi/asm-syntax.h
--- a/po/ChangeLog
+++ b/po/ChangeLog
@ -1,3 +1,7 @@
 Tue Jan 12 11:17:18 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* fr.po: Imported new version
 Tue Dec 29 14:41:47 CET 1998  Werner Koch  <wk@isil.d.shuttle.de>
 	* pl.po: Janusz A. Urbanowicz contributed this one
--- a/po/fr.po
+++ b/po/fr.po
@ -4,9 +4,9 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: gnupg 0.4.5a\n"
+"Project-Id-Version: gnupg 0.9.0a\n"
-"POT-Creation-Date: 1999-01-09 18:31+0100\n"
+"POT-Creation-Date: 1999-01-11 02:14+0100\n"
-"PO-Revision-Date: 1998-12-15 00:35+01:00\n"
+"PO-Revision-Date: 1999-01-09 00:25+01:00\n"
 "Last-Translator: Gaël Quéri <gqueri@mail.dotcom.fr>\n"
 "Language-Team: French <fr@li.org>\n"
 "MIME-Version: 1.0\n"
@ -26,219 +26,176 @@ msgid "yY"
 msgstr "oO"
 #: util/errors.c:54
 #, fuzzy
 msgid "general error"
-msgstr "Erreur générale"
+msgstr "erreur générale"
 #: util/errors.c:55
 #, fuzzy
 msgid "unknown packet type"
-msgstr "Type de paquet inconnu"
+msgstr "type de paquet inconnu"
 #: util/errors.c:56
 #, fuzzy
 msgid "unknown version"
-msgstr "Version inconnue"
+msgstr "version inconnue"
 #: util/errors.c:57
 #, fuzzy
 msgid "unknown pubkey algorithm"
-msgstr "Algorithme de clé publique inconnu"
+msgstr "algorithme à clé publique inconnu"
 #: util/errors.c:58
 #, fuzzy
 msgid "unknown digest algorithm"
-msgstr "Algorithme de hachage inconnu"
+msgstr "algorithme de hachage inconnu"
 #: util/errors.c:59
 #, fuzzy
 msgid "bad public key"
-msgstr "Mauvaise clé publique"
+msgstr "mauvaise clé publique"
 #: util/errors.c:60
 #, fuzzy
 msgid "bad secret key"
-msgstr "Mauvaise clé secrète"
+msgstr "mauvaise clé secrète"
 #: util/errors.c:61
 #, fuzzy
 msgid "bad signature"
-msgstr "Mauvaise signature"
+msgstr "mauvaise signature"
 #: util/errors.c:62
 #, fuzzy
 msgid "checksum error"
-msgstr "Erreur de checksum"
+msgstr "erreur de checksum"
 #: util/errors.c:63
 #, fuzzy
 msgid "bad passphrase"
-msgstr "Mauvais mot de passe"
+msgstr "mauvais mot de passe"
 #: util/errors.c:64
 #, fuzzy
 msgid "public key not found"
-msgstr "Clé publique non trouvée"
+msgstr "clé publique non trouvée"
 #: util/errors.c:65
 #, fuzzy
 msgid "unknown cipher algorithm"
-msgstr "Algorithme de chiffrement inconnu"
+msgstr "algorithme de chiffrement inconnu"
 #: util/errors.c:66
 #, fuzzy
 msgid "can't open the keyring"
-msgstr "Ne peut ouvrir le porte-clés"
+msgstr "ne peut ouvrir le porte-clés"
 #: util/errors.c:67
 #, fuzzy
 msgid "invalid packet"
-msgstr "Paquet invalide"
+msgstr "paquet invalide"
 #: util/errors.c:68
 #, fuzzy
 msgid "invalid armor"
-msgstr "Armure invalide"
+msgstr "armure invalide"
 #: util/errors.c:69
 #, fuzzy
 msgid "no such user id"
-msgstr "Pas de tel utilisateur"
+msgstr "pas de tel utilisateur"
 #: util/errors.c:70
 #, fuzzy
 msgid "secret key not available"
-msgstr "La clé secrète n'est pas disponible"
+msgstr "la clé secrète n'est pas disponible"
 #: util/errors.c:71
 #, fuzzy
 msgid "wrong secret key used"
-msgstr "Mauvaise clé secrète utilisée"
+msgstr "mauvaise clé secrète utilisée"
 #: util/errors.c:72
 #, fuzzy
 msgid "not supported"
-msgstr "Non supporté"
+msgstr "non supporté"
 #: util/errors.c:73
 #, fuzzy
 msgid "bad key"
-msgstr "Mauvaise clé"
+msgstr "mauvaise clé"
 #: util/errors.c:74
 #, fuzzy
 msgid "file read error"
-msgstr "Erreur de lecture"
+msgstr "erreur de lecture"
 #: util/errors.c:75
 #, fuzzy
 msgid "file write error"
-msgstr "Erreur d'écriture"
+msgstr "erreur d'écriture"
 #: util/errors.c:76
 #, fuzzy
 msgid "unknown compress algorithm"
-msgstr "Algorithme de compression inconnu"
+msgstr "algorithme de compression inconnu"
 #: util/errors.c:77
 #, fuzzy
 msgid "file open error"
-msgstr "Erreur d'ouverture de fichier"
+msgstr "erreur d'ouverture de fichier"
 #: util/errors.c:78
 #, fuzzy
 msgid "file create error"
-msgstr "Erreur de création de fichier"
+msgstr "erreur de création de fichier"
 #: util/errors.c:79
 #, fuzzy
 msgid "invalid passphrase"
-msgstr "Mot de passe invalide"
+msgstr "mot de passe invalide"
 #: util/errors.c:80
 #, fuzzy
 msgid "unimplemented pubkey algorithm"
-msgstr "Algorithme de clé publique non implémenté"
+msgstr "algorithme à clé publique non implémenté"
 #: util/errors.c:81
 #, fuzzy
 msgid "unimplemented cipher algorithm"
-msgstr "Algorithme de chiffrement non implémenté"
+msgstr "algorithme de chiffrement non implémenté"
 #: util/errors.c:82
 #, fuzzy
 msgid "unknown signature class"
-msgstr "Classe de signature inconnue"
+msgstr "classe de signature inconnue"
 #: util/errors.c:83
 #, fuzzy
 msgid "trust database error"
-msgstr "Erreur dans la base de confiance"
+msgstr "erreur dans la base de confiance"
 #: util/errors.c:84
 #, fuzzy
 msgid "bad MPI"
-msgstr "Mauvais entier en précision multiple"
+msgstr "mauvais entier en précision multiple (MPI)"
 #: util/errors.c:85
 #, fuzzy
 msgid "resource limit"
-msgstr "Limite de ressources"
+msgstr "limite de ressources atteinte"
 #: util/errors.c:86
 #, fuzzy
 msgid "invalid keyring"
-msgstr "Porte-clés invalide"
+msgstr "porte-clés invalide"
 #: util/errors.c:87
 #, fuzzy
 msgid "bad certificate"
-msgstr "Mauvais certificat"
+msgstr "mauvais certificat"
 #: util/errors.c:88
 #, fuzzy
 msgid "malformed user id"
-msgstr "Nom d'utilisateur malformé"
+msgstr "nom d'utilisateur malformé"
 #: util/errors.c:89
 #, fuzzy
 msgid "file close error"
-msgstr "Erreur de fermeture de fichier"
+msgstr "erreur de fermeture de fichier"
 #: util/errors.c:90
 #, fuzzy
 msgid "file rename error"
-msgstr "Erreur pendant le changement de nom du fichier"
+msgstr "erreur pendant le changement de nom du fichier"
 #: util/errors.c:91
 #, fuzzy
 msgid "file delete error"
-msgstr "Erreur pendant la suppression du fichier"
+msgstr "erreur pendant la suppression du fichier"
 #: util/errors.c:92
 #, fuzzy
 msgid "unexpected data"
-msgstr "Données inattendues"
+msgstr "données inattendues"
 #: util/errors.c:93
 #, fuzzy
 msgid "timestamp conflict"
-msgstr "Conflit de dates"
+msgstr "conflit de dates"
 #: util/errors.c:94
 #, fuzzy
 msgid "unusable pubkey algorithm"
-msgstr "Algorithme de clés publiques inutilisable"
+msgstr "algorithme de clés publiques inutilisable"
 #: util/errors.c:95
 #, fuzzy
 msgid "file exists"
-msgstr "Le fichier existe"
+msgstr "le fichier existe"
 #: util/errors.c:96
 #, fuzzy
 msgid "weak key"
-msgstr "Mauvaise clé"
+msgstr "mauvaise clé"
 #: util/logger.c:178
 #, c-format
@ -511,7 +468,7 @@ msgstr "(3 par d
 #: g10/g10.c:242
 msgid "|KEYID|ulimately trust this key"
-msgstr "|IDCLE|donner une confiance totale à cette clé"
+msgstr "|ID CLE|donner une confiance totale à cette clé"
 #: g10/g10.c:243
 msgid "|FILE|load extension module FILE"
@ -524,7 +481,7 @@ msgstr "imiter le mode d
 # FIXMOI : faudra trouver mieux ...
 #: g10/g10.c:245
 msgid "|N|use passphrase mode N"
-msgstr "|N|utiliser le mode de mots de passe N"
+msgstr "|N|utiliser le mode de codage des mots de passe N"
 #: g10/g10.c:247
 msgid "|NAME|use message digest algorithm NAME for passphrases"
@ -532,7 +489,7 @@ msgstr "|NOM|utiliser le hachage NOM pour les mots de passe"
 #: g10/g10.c:249
 msgid "|NAME|use cipher algorithm NAME for passphrases"
-msgstr "|NOM|utiliser le chiffrement NOM pour les mots de passe"
+msgstr "|NOM|utiliser le chiffre NOM pour les mots de passe"
 #: g10/g10.c:251
 msgid "|NAME|use cipher algorithm NAME"
@ -774,58 +731,55 @@ msgid "invalid clearsig header\n"
 msgstr "en-tête de signature claire invalide\n"
 #: g10/armor.c:414
 #, fuzzy
 msgid "nested clear text signatures\n"
-msgstr "|[fichier]|faire une signature en texte clair"
+msgstr "signatures en texte clair imbriquées\n"
-#: g10/armor.c:530
+#: g10/armor.c:533
 msgid "invalid dash escaped line: "
 msgstr "ligne de traits d'échappement invalide : "
-#: g10/armor.c:538
+#: g10/armor.c:541
 #, fuzzy
 msgid "unexpected armor:"
-msgstr "Données inattendues"
+msgstr "armure inattendue :"
-#: g10/armor.c:624
+#: g10/armor.c:627
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "caractère %02x invalide en base 64 ignoré\n"
-#: g10/armor.c:654
+#: g10/armor.c:657
 msgid "premature eof (no CRC)\n"
 msgstr "fin de fichier prématurée (pas de CRC)\n"
-#: g10/armor.c:671
+#: g10/armor.c:674
 msgid "premature eof (in CRC)\n"
 msgstr "fin de fichier prématurée (dans le CRC)\n"
-#: g10/armor.c:675
+#: g10/armor.c:678
 msgid "malformed CRC\n"
 msgstr "CRC malformé\n"
-#: g10/armor.c:679
+#: g10/armor.c:682
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "Erreur de CRC ; %06lx - %06lx\n"
-#: g10/armor.c:696
+#: g10/armor.c:699
 msgid "premature eof (in Trailer)\n"
 msgstr "fin de fichier prématurée (dans la remorque)\n"
-#: g10/armor.c:700
+#: g10/armor.c:703
 msgid "error in trailer line\n"
 msgstr "erreur dans la ligne de remorque\n"
-#: g10/armor.c:961
+#: g10/armor.c:964
 #, fuzzy
 msgid "no valid OpenPGP data found.\n"
-msgstr "pas de donnée RFC1991 ou OpenPGP valide trouvée.\n"
+msgstr "aucune de donnée OpenPGP valide n'a été trouvée.\n"
-#: g10/armor.c:963
+#: g10/armor.c:966
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
-msgstr ""
+msgstr "armure invalide : ligne plus longue que %d caractères\n"
 #: g10/pkclist.c:138
 #, c-format
@ -864,11 +818,10 @@ msgstr " m = retour au menu principal\n"
 #: g10/pkclist.c:159
 msgid " q = quit\n"
-msgstr ""
+msgstr " q = quitter\n"
 #. a string with valid answers
 #: g10/pkclist.c:164
 #, fuzzy
 msgid "sSmMqQ"
 msgstr "sSmMqQ"
@ -1126,7 +1079,7 @@ msgid ""
 "computations take REALLY long!\n"
 msgstr ""
 "Les tailles supérieures à 2048 ne sont pas conseillées car\n"
-"les calculs sont VRAIMENT longs!\n"
+"les calculs prennent VRAIMENT beaucoup de temps !\n"
 #: g10/keygen.c:464
 msgid "Are you sure that you want this keysize? "
@ -1137,7 +1090,7 @@ msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
 msgstr ""
-"D'accord, mais n'oubliez pas que votre écran et les radiations du clavier "
+"D'accord, mais n'oubliez pas que votre écran et les radiations du clavier\n"
 "sont aussi très vulnérables aux attaques!\n"
 #: g10/keygen.c:473
@ -1291,11 +1244,11 @@ msgid ""
 "network and the disks) during the prime generation; this gives the random\n"
 "number generator a better chance to gain enough entropy.\n"
 msgstr ""
-"Beaucoup d'octets aléatoires doivent être générés. Vous devriez\n"
+"Un grand nombre d'octets aléatoires doit être généré. Vous devriez\n"
-"faire quelque-chose d'autre (travailler dans une autre fenêtre, bouger la\n"
+"faire autre-chose (travailler dans une autre fenêtre, déplacer la\n"
 "souris, utiliser le réseau et les disques) pendant la génération de nombres\n"
-"premiers ; cela permet au générateur de nombres aléatoires d'obtenir une\n"
+"premiers ; cela donne au générateur de nombres aléatoires une meilleure\n"
-"entropie suffisante plus facilement.\n"
+"chance d'avoir assez d'entropie.\n"
 #: g10/keygen.c:827
 msgid "Key generation can only be used in interactive mode\n"
@ -1981,7 +1934,7 @@ msgid "Key not changed so no update needed.\n"
 msgstr "La clé n'a pas changé donc la mise à jour est inutile.\n"
 #: g10/keyedit.c:669 g10/keyedit.c:727
-#, fuzzy, c-format
+#, c-format
 msgid "update of trustdb failed: %s\n"
 msgstr "la mise à jour de la base de confiance a échoué : %s\n"
@ -2060,7 +2013,6 @@ msgid "No secondary key with index %d\n"
 msgstr "Pas de clé secondaire avec l'index %d\n"
 #: g10/mainproc.c:198
 #, fuzzy
 msgid "public key encrypted data: good DEK\n"
 msgstr "données chiffrées avec la clé publique : bonne clé de chiffrement\n"
@ -2123,9 +2075,8 @@ msgid "can't disable core dumps: %s\n"
 msgstr "ne peut empêcher la génération de fichiers core : %s\n"
 #: g10/misc.c:93
 #, fuzzy
 msgid "WARNING: program may create a core file!\n"
-msgstr "ATTENTION : Le programme peut créer un fichier core !\n"
+msgstr "ATTENTION : Le programme peut créer un fichier « core » !\n"
 #: g10/misc.c:200
 msgid "Experimental algorithms should not be used!\n"
@ -2140,11 +2091,10 @@ msgstr ""
 "et l'utiliser dans l'avenir\n"
 #: g10/misc.c:235
 #, fuzzy
 msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
 msgstr ""
 "Cet algorithme de chiffrement est déconseillé ; utilisez-en un\n"
-"plus standard!\n"
+"plus standard !\n"
 #: g10/parse-packet.c:113
 #, c-format
@ -2167,14 +2117,14 @@ msgstr ""
 "l'utilisateur: \""
 #: g10/passphrase.c:150
-#, fuzzy, c-format
+#, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
-msgstr "(clé de %u bits %s, ID %08lX, créée le %s)\n"
+msgstr "clé de %u bits %s, ID %08lX, créée le %s"
 #: g10/passphrase.c:155
 #, c-format
 msgid " (main key ID %08lX)"
-msgstr ""
+msgstr " (ID clé principale %08lX)"
 #: g10/passphrase.c:183
 msgid "Enter passphrase: "
@ -2209,9 +2159,8 @@ msgid "anonymous receiver; trying secret key %08lX ...\n"
 msgstr "destinataire anonyme ; essai de la clé secrète %08lX ...\n"
 #: g10/pubkey-enc.c:84
 #, fuzzy
 msgid "okay, we are the anonymous recipient.\n"
-msgstr "d'accord, nous sommes le destinataire anonyme.\n"
+msgstr "d'accord, nous sommes le récipient anonyme.\n"
 #: g10/pubkey-enc.c:136
 msgid "old encoding of the DEK is not supported\n"
@ -2245,19 +2194,18 @@ msgstr ""
 "signatures!\n"
 #: g10/sig-check.c:166
-#, fuzzy, c-format
+#, c-format
 msgid "public key created %lu %s in future (time warp or clock problem)\n"
 msgstr ""
-"clé publique créée dans le futur (voyage dans le temps ou problème\n"
+"clé publique créée %lu %s dans le futur\n"
 "d'horloge)\n"
 #: g10/sig-check.c:168
 msgid "second"
-msgstr ""
+msgstr "seconde"
 #: g10/sig-check.c:168
 msgid "seconds"
-msgstr ""
+msgstr "secondes"
 #: g10/sig-check.c:173
 #, c-format
@ -2302,7 +2250,6 @@ msgstr ""
 "%s\n"
 #: g10/tdbio.c:232
 #, fuzzy
 msgid "trustdb transaction too large\n"
 msgstr "transaction de base de confiance trop volumineuse\n"
@ -2337,17 +2284,17 @@ msgid "%s: failed to create version record: %s"
 msgstr "%s : n'a pas pu créer un enregistrement de version : %s"
 #: g10/tdbio.c:477
-#, fuzzy, c-format
+#, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s : base de confiance invalide créée\n"
 #: g10/tdbio.c:479
-#, fuzzy, c-format
+#, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s : base de confiance créée\n"
 #: g10/tdbio.c:512
-#, fuzzy, c-format
+#, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s : base de confiance invalide\n"
@ -2421,10 +2368,9 @@ msgid "%s: failed to append a record: %s\n"
 msgstr "%s : n'a pas pu ajouter un enregistrement : %s\n"
 #: g10/trustdb.c:142
 #, fuzzy
 msgid "The trustdb is corrupted; please run \"gpgm --fix-trustdb\".\n"
 msgstr ""
-"La base de confiance est corrompue ; exécutez « gpgm --fix-trust-db ».\n"
+"La base de confiance est corrompue ; exécutez « gpgm --fix-trustdb ».\n"
 #: g10/trustdb.c:155
 #, c-format
@ -2444,9 +2390,9 @@ msgid "trust record %lu: delete failed: %s\n"
 msgstr "enregistrement de confiance %lu : la suppression a échoué : %s\n"
 #: g10/trustdb.c:198
-#, fuzzy, c-format
+#, c-format
 msgid "trustdb: sync failed: %s\n"
-msgstr "base de confiance a échoué : la synchronisation a échoué : %s\n"
+msgstr "base de confiance : la synchronisation a échoué : %s\n"
 #: g10/trustdb.c:327
 #, c-format
@ -2476,9 +2422,9 @@ msgid "chained sigrec %lu has a wrong owner\n"
 msgstr "l'enregistrement de signature %lu a un mauvais propriétaire\n"
 #: g10/trustdb.c:463
-#, fuzzy, c-format
+#, c-format
 msgid "'%s' is not a valid long keyID\n"
-msgstr "`%s' n'est pas une identification longue de clé valide\n"
+msgstr "'%s' n'est pas une identification longue de clé valide\n"
 #: g10/trustdb.c:498
 #, c-format
@ -2559,29 +2505,29 @@ msgid "Ooops, no user ids\n"
 msgstr "Ooops, pas de nom d'utilisateur\n"
 #: g10/trustdb.c:1088 g10/trustdb.c:1106
-#, fuzzy, c-format
+#, c-format
 msgid "user '%s' read problem: %s\n"
-msgstr "problème de lecture de l'utilisateur `%s' : %s\n"
+msgstr "problème de lecture de l'utilisateur '%s' : %s\n"
 #: g10/trustdb.c:1091 g10/trustdb.c:1109
-#, fuzzy, c-format
+#, c-format
 msgid "user '%s' list problem: %s\n"
-msgstr "problème de liste à l'utilisateur `%s' : %s\n"
+msgstr "problème de liste à l'utilisateur '%s' : %s\n"
 #: g10/trustdb.c:1099 g10/trustdb.c:1346
-#, fuzzy, c-format
+#, c-format
 msgid "user '%s' not found: %s\n"
-msgstr "l'utilisateur `%s' n'a pas été trouvé : %s\n"
+msgstr "l'utilisateur '%s' n'a pas été trouvé : %s\n"
 #: g10/trustdb.c:1101 g10/trustdb.c:1348
-#, fuzzy, c-format
+#, c-format
 msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "problème de recherche de `%s' dans la base de confiance : %s\n"
+msgstr "problème de recherche de '%s' dans la base de confiance : %s\n"
 #: g10/trustdb.c:1104
-#, fuzzy, c-format
+#, c-format
 msgid "user '%s' not in trustdb\n"
-msgstr "l'utilisateur `%s' n'est pas dans la base de confiance\n"
+msgstr "l'utilisateur '%s' n'est pas dans la base de confiance\n"
 #: g10/trustdb.c:1139
 #, c-format
@ -2643,14 +2589,14 @@ msgid "error finding dir record: %s\n"
 msgstr "erreur pendant la recherche de l'enregistrement de répertoire : %s\n"
 #: g10/trustdb.c:1351
-#, fuzzy, c-format
+#, c-format
 msgid "user '%s' not in trustdb - inserting\n"
-msgstr "l'utilisateur `%s' n'est pas dans la base de confiance - insertion\n"
+msgstr "l'utilisateur '%s' n'est pas dans la base de confiance - insertion\n"
 #: g10/trustdb.c:1354
-#, fuzzy, c-format
+#, c-format
 msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "n'a pas pu insérer `%s' dans la base de confiance : %s\n"
+msgstr "n'a pas pu insérer '%s' dans la base de confiance : %s\n"
 #: g10/trustdb.c:1404
 #, c-format
@ -3035,7 +2981,6 @@ msgid "encrypted with unknown algorithm %d\n"
 msgstr "chiffré avec l'algorithme inconnu %d\n"
 #: g10/encr-data.c:74
 #, fuzzy
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
@ -3058,9 +3003,9 @@ msgstr ""
 msgid "edit_ownertrust.value"
 msgstr ""
 "C'est à vous d'assigner une valeur ici ; cette valeur ne sera jamais\n"
-"exportée à une tierce personne. Nous en avons besoin pour créer le\n"
+"einvoyée à une tierce personne. Nous en avons besoin pour créer le\n"
 "réseau de confiance (web-of-trust) ; cela n'a rien à voir avec le\n"
-"réseau de certificats (créé implicitement)"
+"réseau des certificats (créé implicitement)"
 #: g10/helptext.c:54
 msgid "revoked_key.override"
@ -3078,7 +3023,22 @@ msgstr "Entrez l'adresse de la personne
 #: g10/helptext.c:66
 msgid "keygen.algo"
-msgstr "Sélectionnez l'algorithme à utiliser:"
+msgstr ""
 "Sélectionnez l'algorithme à utiliser.\n"
 "DSA (alias DSS) est l'algorithme de signatures électroniques qui ne peut\n"
 "être utilisé que pour les signatures. C'est l'algorithme recommandé car\n"
 "la vérification des signatures DSA est beaucoup plus rapide que celle des\n"
 "signatures ElGamal.\n"
 "ElGamal est un algorithme pouvant à la fois être utilisé pour les\n"
 "signatures et le chiffrement. OpenPGP en distingue deux sortes :\n"
 "l'une destinée uniquement au chiffrement et l'autre pouvant aussi bien\n"
 "servir aux signatures ; elles sont en fait identiques mais certains\n"
 "paramètres doivent être spécialement choisis pour que la clé génère des\n"
 "signatures sures : ce programme est capable de le faire mais les autres\n"
 "implémentaions de OpenPGP ne sont pas obligées d'accepter cette forme de\n"
 "clé.\n"
 "La première clé (clé principale) doit toujours être capable de signer ;\n"
 "c'est pourquoi la clé ElGamal de chiffrement seul est alors désactivée."
 #: g10/helptext.c:82
 msgid "keygen.algo.elg_se"
@ -3089,35 +3049,35 @@ msgstr ""
 #: g10/helptext.c:89
 msgid "keygen.size"
-msgstr ""
+msgstr "Entrez la taille de la clé"
 #: g10/helptext.c:93
 msgid "keygen.size.huge.okay"
-msgstr ""
+msgstr "Répondez « oui » ou « non »"
 #: g10/helptext.c:98
 msgid "keygen.size.large.okay"
-msgstr ""
+msgstr "Répondez « oui » ou « non »"
 #: g10/helptext.c:103
 msgid "keygen.valid"
-msgstr ""
+msgstr "Entrez la valeur demandée"
 #: g10/helptext.c:107
 msgid "keygen.valid.okay"
-msgstr ""
+msgstr "Répondez « oui » ou « non »"
 #: g10/helptext.c:112
 msgid "keygen.name"
-msgstr ""
+msgstr "Entrez le nom du propriétaire de la clé"
 #: g10/helptext.c:117
 msgid "keygen.email"
-msgstr ""
+msgstr "Entrez une adresse e-mail optionnelle mais hautement recommandée"
 #: g10/helptext.c:121
 msgid "keygen.comment"
-msgstr ""
+msgstr "Entrez un commentaire optionnel"
 #: g10/helptext.c:126
 msgid "keygen.userid.cmd"
@ -3134,35 +3094,37 @@ msgstr "R
 #: g10/helptext.c:139
 msgid "sign_uid.okay"
-msgstr ""
+msgstr "Répondez « oui » ou « non »"
 #: g10/helptext.c:144
 msgid "change_passwd.empty.okay"
-msgstr ""
+msgstr "Répondez « oui » ou « non »"
 #: g10/helptext.c:149
 msgid "keyedit.cmd"
-msgstr "Entrez « aide » pour voir la liste des commandes."
+msgstr "Entrez « help » pour voir la liste des commandes."
 #: g10/helptext.c:153
 msgid "keyedit.save.okay"
-msgstr ""
+msgstr "Répondez « oui » ou « non »"
 #: g10/helptext.c:158
 msgid "keyedit.cancel.okay"
-msgstr ""
+msgstr "Répondez « oui » ou « non »"
 #: g10/helptext.c:162
 msgid "keyedit.sign_all.okay"
-msgstr ""
+msgstr "Répondez « oui » si vous voulez signer TOUS les noms d'utilisateurs"
 #: g10/helptext.c:166
 msgid "keyedit.remove.uid.okay"
 msgstr ""
 "Répondez « oui » si vous voulez vraiment supprimer ce nom\n"
 "d'utilisateur. Tous les certificats seront alors perdus en même temps !"
 #: g10/helptext.c:171
 msgid "keyedit.remove.subkey.okay"
-msgstr ""
+msgstr "Entrez « oui » s'il faut vraiment supprimer la sous-clé"
 #: g10/helptext.c:175
 msgid "passphrase.enter"
@ -3177,11 +3139,11 @@ msgstr ""
 #: g10/helptext.c:186
 msgid "detached_signature.filename"
-msgstr ""
+msgstr "Donnez le nom du fichier auquel la signature se rapporte"
 #: g10/helptext.c:190
 msgid "openfile.overwrite.okay"
-msgstr ""
+msgstr "Entrez « oui » s'il faut vraiment réécrire le fichier"
 #: g10/helptext.c:204
 msgid "No help available"
@ -3191,12 +3153,3 @@ msgstr "Pas d'aide disponible"
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Pas d'aide disponible pour `%s'"
 #~ msgid "invalid clear text header: "
 #~ msgstr "en-tête de texte clair invalide : "
 #~ msgid "LID %lu: changing trust from %u to %u\n"
 #~ msgstr "LID %lu : changement de la confiance de %u vers %u\n"
 #~ msgid "LID %lu: setting trust to %u\n"
 #~ msgstr "LID %lu : la confiance est maintenant %u\n"
--- a/scripts/config.guess
+++ b/scripts/config.guess
@ -138,6 +138,9 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
    atari*:OpenBSD:*:*)
 	echo m68k-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
    atari*:[Mm]i[Nn][Tt]:*:*)
 	echo m68k-atari-mint
 	exit 0 ;;
    sun3*:NetBSD:*:*)
 	echo m68k-sun-netbsd${UNAME_RELEASE}
 	exit 0 ;;
--- a/util/errors.c
+++ b/util/errors.c
@ -94,6 +94,9 @@ g10_errstr( int err )
      X(WR_PUBKEY_ALGO ,N_("unusable pubkey algorithm"))
      X(FILE_EXISTS    ,N_("file exists"))
      X(WEAK_KEY       ,N_("weak key"))
      X(INV_ARG        ,N_("invalid argument"))
      X(BAD_URI        ,N_("bad URI"))
      X(INVALID_URI    ,N_("unsupported URI"))
      default: p = buf; sprintf(buf, "g10err=%d", err); break;
    }
  #undef X