security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-31 20:08:43 +01:00
Code Activity
18306f4650
gnupg/contrib/changes-in-2000
David Shaw 151ee2f47b Update head to match stable 1.0
2002-06-29 13:31:13 +00:00

115 lines
3.7 KiB
Plaintext
Raw Blame History

New features since 1.0.0
------------------------
* The default symmetric cipher algorithm is now AES (aka
Rijndael). OpenPGP uses preferences to figure out the algorithm
to use, so this is only used if the recipient knows how to
handles AES.
* RSA keys can now be used (either old PGP 2 or new OpenPGP ones).
RSA key generation is not yet available.
* Unattended key generation.
* Faster and more robust random number generator under W32.
* Encryption is now much faster: About 2 times for 1k bit keys
and 8 times for 4k keys.
* New encryption keys are generated in a way which allows a much
faster decryption.
* GnuPG knows what the primary user ID is.
* Large File Support (LFS) is working.
* Ability to run gpg as a full controlled inferior process to speed up
mass verification of signatures.
* Rewritten key selection code so that GnuPG can better cope with
multiple subkeys, expiration dates and so on. The drawback is that it
is slower.
* New utility gpgv which is a stripped down version of gpg to
be used to verify signatures against a list of trusted keys.
* New command --export-secret-subkeys which outputs the
the _primary_ key with it's secret parts deleted. This is
useful for automated decryption/signature creation as it
allows to keep the real secret primary key offline and
thereby protecting the key certificates and allowing to
create revocations for the subkeys. See the FAQ for a
procedure to install such secret keys.
* New options --show-session-key and --override-session-key
to help the British folks to somewhat minimize the danger
of this Orwellian RIP bill.
* New option --no-auto-key-retrieve to disable retrieving of a
missing public key from a keyserver, even when a keyserver has
been configured. Useful for dial-up connections.
* HTTP proxy support for keyservers.
* Keyserver support is how also available for W32 platforms (MS
Windows 95, 98, 2000, NT, ME).
* Experimental gpg-agent support to get the passphrase from a
daemon which can pop up a query window.
rfc2440bis support (PGP 6.5.8 does also handle them)
-------------------
* MDC enhanced encryption is now used with the AES and Twofish
algorithms to detect manipulated messages.
* The user is now asked for the reason of a revocation.
Translations:
------------
* Enhanced UTF-8 support
* New translations: Danish, Estonian, Indonesian, Portuguese and
Turkish.
Serious bug fixes:
------------------
* Fixed a serious bug which could lead to false signature
verification results when more than one signature is fed to gpg.
This is the primary reason for releasing this version.
* Protection against the recent Klima/Rosa attck on secret key
rings.
* Corrected hash calculation for input data larger than 512M - it
was just wrong, so you might notice bad signature in some very
big files. It may be wise to keep an old copy of GnuPG around.
* Secret keys are no longer imported unless you use the new option
--allow-secret-key-import.
PGP quirks
----------
* Can handle (but not display) PGP's photo IDs.
* Better default values to increase compatibilty with PGP.
* Many other small enhancements to support the not fully-OpenPGP
compliant PGP versions.
Manual
------
* The manual called GNU Privacy Handbook (GPH) is a separate
package and available preformatted in English, German, Italian,
Russian and Spanish at http://www.gnupg.org/docs.html.
[Due to the complicated build process, the source is currently
on available from CVS]
View Git Blame Copy Permalink