path: root/NEWS

Noteworthy changes in version 0.2.??
------------------------------------

    * Comment packets are now of private type 61.

    * passphrase code still used a 160 bit blowfish key, add a
      silly workaround. Please change your passphrase again - sorry.

    * Conventional encryption now uses a type 3 packet to describe the
      used algorithms.



Noteworthy changes in version 0.2.16
------------------------------------

    * Add experimental support for the TIGER/192 message diigest algorithm.
      (But there is only a dummy ASN OID).

    * Standard cipher is now Blowfish with 128 bit key in OpenPGP's CFB
      mode. I renamed the old cipher to Blowfish160. Because the OpenPGP
      group refused to assign me a number for Blowfish160, I have to
      drop support for this in the future. You should use
      "--change-passphrase" to recode your current passphrase with 128
      bit Blowfish.


Noteworthy changes in version 0.2.15
------------------------------------

    * Fixed a bug with the old checksum calculation for secret keys.
      If you run the program without --batch, a warning does inform
      you if your secret key needs to be converted; simply use
      --change-passphrase to recalculate the checksum. Please do this
      soon, as the compatible mode will be removed sometime in the future.

    * CAST5 works (using the PGP's special CFB mode).

    * Again somewhat more PGP 5 compatible.

    * Some new test cases

Noteworthy changes in version 0.2.14
------------------------------------

    * Changed the internal handling of keyrings.

    * Add support to list PGP 5 keyrings with supkeys

    * Timestamps of signatures are now verified.

    * A expiration time can now be specified during key generation.

    * Some speedups for Blowfish and SHA-1, rewrote SHA-1 transform.
      Reduced the amount of random bytes needed for key generation in
      some cases.


Noteworthy changes in version 0.2.13
------------------------------------

    * Verify of DSA signatures works.

    * Re-implemented the slower random number generator.


Noteworthy changes in version 0.2.12
------------------------------------

    * --delete-key checks that there is no secret key. The new
      option --delete-secret-key maybe used to delete a secret key.

    * "-kv" now works as expected. Options "--list-{keys,sigs]"
      and "--check-sigs" are now working.

    * New options "--verify" and "--decrypt" to better support integration
      into MUAs (partly done for Mutt).

    * New option "--with-colons" to make parsing of key lists easier.

Noteworthy changes in version 0.2.11
------------------------------------

    * GPG now asks for a recipient's name if option "-r" is not used.

    * If there is no good trust path, the program asks whether to use
      the public keys anyway.

    * "--delete-key" works for public keys. What semantics shall I use
      when there is a secret key too? Delete the secret key or leave him
      and auto-regenerate the public key, netxt time the secret key is used?

Noteworthy changes in version 0.2.10
------------------------------------

    * Code for the alpha is much faster (about 20 times); the data
      was misaligned and the kernel traps this, so nearly all time
      was used by system to trap the misalignments and to write
      syslog messages. Shame on me and thanks to Ralph for
      pointing me at this while drinking some beer yesterday.

    * Changed some configure options and add an option
      --disable-m-guard to remove the memory checking code
      and to compile everthing with optimization on.

    * New environment variable GNUPGHOME, which can be used to set
      another homedir than ~/.gnupg.  Changed default homedir for
      Windoze version to c:/gnupg.

    * Fixed detached signatures; detached PGP signatures caused a SEGV.

    * The Windoze version works (as usual w/o a strong RNG).


Noteworthy changes in version 0.2.9
-----------------------------------

    * Fixed FreeBSD bug.

    * Added a simple man page.

    * Switched to automake1.2f and a newer gettext.

Noteworthy changes in version 0.2.8
-----------------------------------

    * Changed the name to GNUPG, the binaries are called gpg and gpgm.
      You must rename rename the directory "~/.g10" to ~/.gnupg/, rename
      {pub,sec}ring.g10 to {pub,sec}ring.gpg, trustdb.g10 to trustdb.gpg
      and g10.sig to gnupg.sig.

    * New or changed passphrases are now salted.


Noteworthy changes in version 0.2.7
-----------------------------------

    * New command "gen-revoke" to create a key revocation certificate.

    * New option "homedir" to set the homedir (which defaults to "~/.g10").
      This directory is created if it does not exists (only the last
      part of the name and not the complete hierarchy)

    * Command "import" works. (Try: "finger gcrypt@ftp.guug.de|g10 --import")

    * New commands "dearmor/enarmor" for g10maint.  These are mainly
      used for internal test purposes.

    * Option --version now conforming to the GNU standards and lists
      the available ciphers, message digests and public key algorithms.

    * Assembler code for m68k (not tested).

    * "make check" works.

Noteworthy changes in version 0.2.6
-----------------------------------

    * Option "--export" works.


Noteworthy changes in version 0.2.5
-----------------------------------

    * Added zlib for systems which don't have it.
      Use "./configure --with-zlib" to link with the static version.

    * Generalized some more functions and rewrote the encoding of
      message digests into MPIs.

    * Enhanced the checkit script


Noteworthy changes in version 0.2.4
-----------------------------------

    * nearly doubled the speed of the ElGamal signature verification.

    * backup copies of keyrings are created.

    * assembler stuff for Pentium; gives about 15% better perfomance.

    * fixed a lot of bugs.


Noteworthy changes in version 0.2.3
-----------------------------------

    * Found a bug in the calculation of ELG fingerprints. This is now
      fixed, but all existing fingerprints and keyids for ELG keys
      are not any more valid.

    * armor should now work; including clear signed text.

    * moved some options to the new program g10maint

    * It's now 64 bit clean and runs fine on an alpha--linux.

    * Key generation is much faster now.  I fixed this by using not
      so strong random number for the primes (this was a bug because the
      ElGamal primes are public parameters and it does not make sense
      to generate them from strong random).  The real secret is the x value
      which is still generated from strong (okay: /dev/random) random bits.

    * added option "--status-fd": see g10/OPTIONS

    * We have secure memeory on systems which support mlock().
      It is not complete yet, because we do not have signal handler
      which does a cleanup in very case.
      We should also check the ulimit for the user in the case
      that the admin does not have set a limit on locked pages.

    * started with internationalization support.

    * The logic to handle the web of trust is now implemented. It is
      has some bugs; but I'm going to change the algorithm anyway.
      It works by calculating the trustlevel on the fly.  It may ask
      you to provide trust parameters if the calculated trust probability
      is too low.  I will write a paper which discusses this new approach.

    * a couple of changes to the configure script.

    * New option "--quick-random" which uses a much quicker random
      number generator.  Keys generated while this option is in effect
      are flags with "INSECURE!" in the user-id.  This is a development
      only option.

    * Read support for new version packets (OpenPGP).

    * Comment packets are now of correct OpenPGP type 16. Old comment
      packets written by G10 are detected because they always start with
      a hash which is an invalid version byte.

    * The string "(INSECURE!)" is appended to a new user-id if this
      is generated on a system without a good random number generator.