diff options
-rw-r--r-- | AUTHORS | 46 | ||||
-rw-r--r-- | NEWS | 87 | ||||
-rw-r--r-- | README | 48 |
3 files changed, 114 insertions, 67 deletions
@@ -1,10 +1,35 @@ Program: GnuPG -Homepage: http://www.gnupg.org +Homepage: https://www.gnupg.org Maintainer: Werner Koch <wk@gnupg.org> Bug reports: http://bugs.gnupg.org Security related bug reports: <security@gnupg.org> License: GPLv3+ +GnuPG is free software. See the files COPYING for copying conditions. +License copyright years may be listed using range notation, e.g., +2000-2013, indicating that every year in the range, inclusive, is a +copyrightable year that would otherwise be listed individually. + +List of Copyright holders +========================= + + Copyright (C) 1997-1998, 2013-2014 Werner Koch + Copyright (C) 1994-2013 Free Software Foundation, Inc. + Copyright (C) 2003-2013 g10 Code GmbH + Copyright (C) 2002 Klarälvdalens Datakonsult AB + Copyright (C) 1995-1997, 2000-2007 Ulrich Drepper <drepper@gnu.ai.mit.edu> + Copyright (C) 1994 X Consortium + Copyright (C) 1998 by The Internet Society. + Copyright (C) 1998-2004 The OpenLDAP Foundation + Copyright (C) 1998-2004 Kurt D. Zeilenga. + Copyright (C) 1998-2004 Net Boolean Incorporated. + Copyright (C) 2001-2004 IBM Corporation. + Copyright (C) 1999-2003 Howard Y.H. Chu. + Copyright (C) 1999-2003 Symas Corporation. + Copyright (C) 1998-2003 Hallvard B. Furuseth. + Copyright (C) 1992-1996 Regents of the University of Michigan. + + Authors with a FSF copyright assignment ======================================= @@ -181,28 +206,15 @@ or later. Note that some files are under a combination of the GNU Lesser General Public License, version 3 and the GNU General Public License, version 2. A few other files carry the all permissive license note as found -at the bottom of this file. Certain files in keyserver/ allow one -specific exception: - - In addition, as a special exception, the Free Software Foundation - gives permission to link the code of the keyserver helper tools: - gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL - project's "OpenSSL" library (or with modified versions of it that - use the same license as the "OpenSSL" library), and distribute the - linked executables. You must obey the GNU General Public License - in all respects for all of the code used other than "OpenSSL". If - you modify this file, you may extend this exception to your version - of the file, but you are not obligated to do so. If you do not - wish to do so, delete this exception statement from your version. - -Note that the gpgkeys_* binaries are currently installed under the -name gpg2keys_*. +at the bottom of this file. + ========= Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Free Software Foundation, Inc. + Copyright 1997, 1998, 2013, 2014 Werner Koch This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without @@ -1,51 +1,84 @@ Noteworthy changes in version 2.1.0-betaN (unreleased) ----------------------------------------------------- - * GPG now accepts a space separated fingerprint as a user ID. This + * gpg: Add experimental signature support using curve Ed25519 and + with a patched Libgcrypt also encryption support with Curve25519. + + * gpg: Allow use of Brainpool curves. + + * gpg: Accepts a space separated fingerprint as user ID. This allows to copy and paste the fingerprint from the key listing. - * The GNU Pth library has been replaced by the new nPth library. + * gpg: The hash algorithm is now printed for signature records in key + listings. - * By default the users are now asked via the Pinentry whether they - trust an X.509 root key. To prohibit interactive marking of such - keys, the new option --no-allow-mark-trusted may be used. + * gpg: Reject signatures made using the MD5 hash algorithm unless the + new option --allow-weak-digest-algos or --pgp2 are given. - * The included ssh agent does now support ECDSA keys. + * gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the + communication with the gpg-agent. - * The new option --enable-putty-support allows gpg-agent on Windows - to act as a Pageant replacement with full smartcard support. + * gpg: Changed the format of key listings. To revert to the old + format the option --legacy-list-mode is available. - * Removed support for the original HKP keyserver which is not anymore - used by any site. + * gpg: New option --pinentry-mode. - * The hash algorithm is now printed for sig records in key listings. + * gpg: Fixed decryption using an OpenPGP card. - * New option --pinentry-mode for GPG. + * gpg: Fixed bug with deeply nested compressed packets. - * New option --enable-pinpad-varlen for scdaemon. + * gpg: Only the major version number is by default included in the + armored output. - * New option --with-secret for GPG and GPGSM. + * gpg: Do not create a trustdb file if --trust-model=always is used. - * Rename option --disable-pinpad for scdaemon (was: --disable-keypad). + * gpg: Protect against rogue keyservers sending secret keys. - * Better support fo CCID readers. Now, internal CCID driver supports - readers with no auto configuration feature. + * gpg: The format of the fallback key listing ("gpg KEYFILE") is now + more aligned to the regular key listing ("gpg -k"). - * Support installation as portable application under Windows. + * gpg: The option--show-session-key prints its output now before the + decryption of the bulk message starts. + + * gpg: New %U expando for the photo viewer. + + * gpg,gpgsm: New option --with-secret. + + * gpgsm: By default the users are now asked via the Pinentry whether + they trust an X.509 root key. To prohibit interactive marking of + such keys, the new option --no-allow-mark-trusted may be used. + + * gpgsm: New commands to export a secret RSA key in PKCS#1 or PKCS#8 + format. + + * gpgsm: Improved handling of re-issued CA certificates. - * Fixed GPG to decrypt using an OpenPGP card. + * agent: The included ssh agent does now support ECDSA keys. - * Fixed bug with deeply nested compressed packets. + * agent: New option --enable-putty-support to allow gpg-agent on + Windows to act as a Pageant replacement with full smartcard support. - * Only the major version number is by default included in the armored - output. + * scdaemon: New option --enable-pinpad-varlen. - * Do not create a trustdb file if --trust-model=always is used. + * scdaemon: Various fixes for pinpad equipped card readers. - * Protect against rogue keyservers sending secret keys. + * scdaemon: Rename option --disable-pinpad (was --disable-keypad). + + * scdaemon: Better support fo CCID readers. Now, internal CCID + driver supports readers with no auto configuration feature. + + * dirmngr: Removed support for the original HKP keyserver which is + not anymore used by any site. + + * dirmngr: Improved support for keyserver pools. + + * tools: New option --dirmngr for gpg-connect-agent. + + * The GNU Pth library has been replaced by the new nPth library. + + * Support installation as portable application under Windows. - * GPGSM can now be used to export a secret RSA key in PKCS#1 or - PKCS#8 format. + * All kind of other improvements - see the git log. Noteworthy changes in version 2.1.0beta3 (2011-12-20) @@ -53,7 +86,7 @@ Noteworthy changes in version 2.1.0beta3 (2011-12-20) * Fixed regression in GPG's secret key export function. - * Allow generation of card keys up to 4096 bit. + * Allowj generation of card keys up to 4096 bit. * Support the SSH confirm flag. @@ -4,17 +4,16 @@ THIS IS A DEVELOPMENT VERSION AND NOT INTENDED FOR REGULAR USE. - Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, - 2006, 2007, 2008, 2009, 2010, 2011, 2012, - 2013 Free Software Foundation, Inc. + Copyright 1997-1998, 2013-2014 Werner Koch + Copyright 1998-2013 Free Software Foundation, Inc. INTRODUCTION ============ -GnuPG is GNU's tool for secure communication and data storage. It can -be used to encrypt data and to create digital signatures. It includes -an advanced key management facility and is compliant with the proposed +GnuPG is a tool for secure communication and data storage. It can be +used to encrypt data and to create digital signatures. It includes an +advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC4880 and the S/MIME standard as described by several RFCs. @@ -23,9 +22,9 @@ License. See the file COPYING for details. GnuPG works best on GNU/Linux or *BSD systems. Most other Unices are also supported but are not as well tested as the Free Unices. -GnuPG 2.0 is the stable version of GnuPG integrating support for -OpenPGP and S/MIME. It does not conflict with an installed 1.4 -OpenPGP-only version. +GnuPG-2 is the stable version of GnuPG integrating support for OpenPGP +and S/MIME. It does not conflict with an installed 1.4 OpenPGP-only +version. BUILD INSTRUCTIONS @@ -42,6 +41,10 @@ GnuPG 2.1 depends on the following packages: You should get the latest versions of course, the GnuPG configure script complains if a version is not sufficient. +For some advanced features several other libraries are required. The +configure script prints diagnostic messages if one of these libraries +is not available and a feature will not be available.. + You also need the Pinentry package for most functions of GnuPG; however it is not a build requirement. Pinentry is available at ftp://ftp.gnupg.org/gcrypt/pinentry/ . @@ -60,12 +63,12 @@ As with all packages, you just have to do (Before doing install you might need to become root.) If everything succeeds, you have a working GnuPG with support for -S/MIME and smartcards. Note that there is no binary gpg but a gpg2 so -that this package won't conflict with a GnuPG 1.4 installation. gpg2 -behaves just like gpg. +OpenPGP, S/MIME, ssh-agent, and smartcards. Note that there is no +binary gpg but a gpg2 so that this package won't conflict with a GnuPG +1.4 installation. gpg2 behaves just like gpg. -In case of problem please ask on gnupg-users@gnupg.org mailing list -for advise. +In case of problem please ask on the gnupg-users@gnupg.org mailing +list for advise. Note that the PKITS tests are always skipped unless you copy the PKITS test data file into the tests/pkits directory. There is no need to @@ -138,10 +141,11 @@ dependency on other modules at run and build time. HOW TO GET MORE INFORMATION =========================== -The primary WWW page is "http://www.gnupg.org" +The primary WWW page is "https://www.gnupg.org" + or using TOR "http://ic6au7wa3f6naxjq.onion" The primary FTP site is "ftp://ftp.gnupg.org/gcrypt/" -See http://www.gnupg.org/download/mirrors.html for a list of mirrors +See https://www.gnupg.org/download/mirrors.html for a list of mirrors and use them if possible. You may also find GnuPG mirrored on some of the regular GNU mirrors. @@ -178,13 +182,11 @@ The English and German mailing lists are watched by the authors and we try to answer questions when time allows us to do so. Commercial grade support for GnuPG is available; for a listing of -offers see http://www.gnupg.org/service.html . The driving force -behind the development of GnuPG is the company of its principal -author, Werner Koch. Maintenance and improvement of GnuPG and related -software takes up most of their resources. To allow him to continue -his work he asks to either purchase a support contract, engage them -for custom enhancements, or to donate money. See http://g10code.com . - +offers see https://www.gnupg.org/service.html . Maintaining and +improving GnuPG is costly. Since 2001, g10 Code GmbH, a German +company owned and headed by GnuPG's principal author Werner Koch, is +bearing the majority of these costs. To help them carry on this work, +they need your support. See https://gnupg.org/donate/ . This file is Free Software; as a special exception the authors gives unlimited permission to copy and/or distribute it, with or without |