Re: ADK's (was: [Announce] GnuPG 2.4.1 released)

2023-04-28 Thread Steffen Nurpmeso 
gnupg-users@gnupg.org wrote in
 <20230428230349.429d3d3a@localhost>:
 |Johan Wevers via Gnupg-users  wrote:
 |>On 2023-04-28 15:47, Werner Koch via Gnupg-users wrote:
 |>
 |>>   * gpg: New command --quick-add-adsk and other ADSK features.
 |>> [T6395, https://gnupg.org/blog/20230321-adsk.html]  
 |>
 |>So you finally caved in to the backdoor demands.
 |
 |If there is no option as you say, i would say yes.
 |
 |>What I'm missing (maybe I just didn't found it?) is an option in my
 |>config file to ignore adk requests and just don't encrypt to those keys
 |>as well when I send or reply a message.
 |
 |ACK, absolutely necessary. Otherwise GnuPG would no longer be a
 |trustworthy encryption solution.

And Patrice Lumumba was thrown into a pit of slaked lime.
(After being beaten to death with rifle butts on the flight from
western to eastern Kongo, as far as i know.  But wild times still
under colonial money mighty.  (Afaik.))

--steffen
|
|Der Kragenbaer,The moon bear,
|der holt sich munter   he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)
|~~
|..and in spring, hear David Leonard sing..
|
|The black bear,  The black bear,
|blithely holds his own   holds himself at leisure
|beating it, up and down  tossing over his ups and downs with pleasure
|~~
|Farewell, dear collar bear

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: ADK's (was: [Announce] GnuPG 2.4.1 released)

2023-04-28 Thread mlnl via Gnupg-users 
Hi Johan,

Johan Wevers via Gnupg-users  wrote:

>On 2023-04-28 15:47, Werner Koch via Gnupg-users wrote:
>
>>   * gpg: New command --quick-add-adsk and other ADSK features.
>> [T6395, https://gnupg.org/blog/20230321-adsk.html]  
>
>So you finally caved in to the backdoor demands.

If there is no option as you say, i would say yes.

>What I'm missing (maybe I just didn't found it?) is an option in my
>config file to ignore adk requests and just don't encrypt to those keys
>as well when I send or reply a message.

ACK, absolutely necessary. Otherwise GnuPG would no longer be a
trustworthy encryption solution.

-- 
mlnl

GPG:1FC05426F87FA623

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

files are there now (Re: [Announce] GnuPG 2.4.1 released)

2023-04-28 Thread Bernhard Reiter 
Am Freitag 28 April 2023 17:21:54 schrieb Todd Zullinger via Gnupg-users:
> >  https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.1.tar.bz2 (7169k)
> >  https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.1.tar.bz2.sig
>
> It seems neither of these files have not made it to the
> server yet:

They are now.

(Though not visible on 
https://gnupg.org/ftp/gcrypt/gnupg/ yet )
 curl --silent https://gnupg.org/ftp/gcrypt/gnupg/ | grep '2\.4\.1' | wc -l
0
)

Best Regards
Bernhard

-- 
https://intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter


signature.asc
Description: This is a digitally signed message part.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.4.1 released

2023-04-28 Thread Bernhard Reiter 
Am Freitag 28 April 2023 15:47:52 schrieb Werner Koch via Gnupg-devel:
> We are pleased to announce the availability of a new stable GnuPG
> release: version 2.4.1.  

Congrats!

> - Version 2.4 is the current stable version with a lot of new features
>   compared to 2.2.  This announcement is about the latest release of
>   this series; the previous release was 2.3.8.

This reads like "2.3.8" was a typo, maybe something to check for the next 
announcement.

Best Regards
Bernhard


signature.asc
Description: This is a digitally signed message part.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.4.1 released

2023-04-28 Thread Johan Wevers via Gnupg-users 
I get a 404 not found, the last version preesent on the server is 2.4.0.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.4.1 released

2023-04-28 Thread Todd Zullinger via Gnupg-users 
Hi,

Werner Koch via Gnupg-users wrote:
> Getting the Software
> 
> 
> Please follow the instructions found at  or
> read on:
> 
> GnuPG may be downloaded from one of the GnuPG mirror sites or direct
> from its primary FTP server.  The list of mirrors can be found at
> .  Note that GnuPG is not
> available at ftp.gnu.org.
> 
> The GnuPG source code compressed using BZIP2 and its OpenPGP signature
> are available here:
> 
>  https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.1.tar.bz2 (7169k)
>  https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.1.tar.bz2.sig

It seems neither of these files have not made it to the
server yet:

$ curl -I https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.1.tar.bz2
HTTP/1.1 404 Not Found
Date: Fri, 28 Apr 2023 15:19:07 GMT
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=ISO-8859-1

$ curl -I https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.1.tar.bz2.sig
HTTP/1.1 404 Not Found
Date: Fri, 28 Apr 2023 15:19:07 GMT
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=ISO-8859-1

-- 
Todd


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

ADK's (was: [Announce] GnuPG 2.4.1 released)

2023-04-28 Thread Johan Wevers via Gnupg-users 
On 2023-04-28 15:47, Werner Koch via Gnupg-users wrote:

>   * gpg: New command --quick-add-adsk and other ADSK features.
> [T6395, https://gnupg.org/blog/20230321-adsk.html]

So you finally caved in to the backdoor demands.

What I'm missing (maybe I just didn't found it?) is an option in my
config file to ignore adk requests and just don't encrypt to those keys
as well when I send or reply a message.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

[Announce] GnuPG 2.4.1 released

2023-04-28 Thread Werner Koch via Gnupg-users 
Hello!

We are pleased to announce the availability of a new stable GnuPG
release: version 2.4.1.  This version fixes some minor regressions
introduced with 2.4.0 and also adds a couple of new features.  See
below for details.


What is GnuPG
=

The GNU Privacy Guard (GnuPG, GPG) is a complete and free implementation
of the OpenPGP and S/MIME standards.

GnuPG allows to encrypt and sign data and communication, features a
versatile key management system as well as access modules for public key
directories.  GnuPG itself is a command line tool with features for easy
integration with other applications.  The separate library GPGME provides
a uniform API to use the GnuPG engine by software written in common
programming languages.  A wealth of frontend applications and libraries
making use of GnuPG are available.  As an universal crypto engine GnuPG
provides support for S/MIME and Secure Shell in addition to OpenPGP.

GnuPG is Free Software (meaning that it respects your freedom).  It can
be freely used, modified and distributed under the terms of the GNU
General Public License.

Three different series of GnuPG are actively maintained:

- Version 2.4 is the current stable version with a lot of new features
  compared to 2.2.  This announcement is about the latest release of
  this series; the previous release was 2.3.8.

- Version 2.2 is our LTS (long term support) version and guaranteed to
  be maintained at least until the end of 2024. Only a small subset of
  features from 2.4 has been back-ported to this series.  See
  https://gnupg.org/download/index.html#end-of-life

- Version 1.4 is only maintained to allow decryption of very old data
  which is, for security reasons, not anymore possible with other GnuPG
  versions.  Please use 1.4 only for this purpose.


Noteworthy changes in version 2.4.1
===

  * If the ~/.gnupg directory does not exist, the keyboxd is now
automagically enabled.  [rGd9e7488b17]

  * gpg: New option --add-desig-revoker.  [rG3d094e2bcf]

  * gpg: New option --assert-signer.  [rGc9e95b8dee]

  * gpg: New command --quick-add-adsk and other ADSK features.
[T6395, https://gnupg.org/blog/20230321-adsk.html]

  * gpg: New list-option "show-unusable-sigs".  Also show
"[self-signature]" instead of the user-id in key signature
listings.  [rG103acfe9ca]

  * gpg: For symmetric encryption the default S2K hash is now SHA256.
[T6367]

  * gpg: Detect already compressed data also when using a pipe.  Also
detect JPEG and PNG file formats.  [T6332]

  * gpg: New subcommand "openpgp" for --card-edit.  [T6462]

  * gpgsm: Verification of detached signatures does now strip trailing
zeroes from the input if --assume-binary is used.  [rG2a13f7f9dc]

  * gpgsm: Non-armored detached signature are now created without
using indefinite form length octets.  This improves compatibility
with some PDF signature verification software.  [rG8996b0b655]

  * gpgtar: Emit progress status lines in create mode.  [T6363]

  * dirmngr: The LDAP modifyTimestamp is now returned by some
keyserver commands.  [rG56d309133f]

  * ssh: Allow specification of the order keys are presented to ssh.
See the man page entry for --enable-ssh-support.  [T5996, T6212]

  * gpg: Make list-options "show-sig-subpackets" work again.
Fixes regression in 2.4.0.  [rG5a223303d7]

  * gpg: Fix the keytocard command for Yubikeys.  [T6378]

  * gpg: Do not continue an export after a cancel for the primary key.
[T6093]

  * gpg: Replace the --override-compliance-check hack by a real fix.
[T5655]

  * gpgtar: Fix decryption with input taken from stdin.  [T6355]

  Release-info: https://dev.gnupg.org/T6454


Getting the Software


Please follow the instructions found at  or
read on:

GnuPG may be downloaded from one of the GnuPG mirror sites or direct
from its primary FTP server.  The list of mirrors can be found at
.  Note that GnuPG is not
available at ftp.gnu.org.

The GnuPG source code compressed using BZIP2 and its OpenPGP signature
are available here:

 https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.1.tar.bz2 (7169k)
 https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.1.tar.bz2.sig

An installer for Windows without any graphical frontend except for a
very minimal Pinentry tool is available here:

 https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.4.1_20230428.exe (5305k)
 https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.4.1_20230428.exe.sig

The source used to build this Windows installer can be found in the same
directory with a ".tar.xz" suffix.

A new release of Gpg4win including this version of GnuPG will soon be
announced.


Checking the Integrity
==

In order to check that the version of GnuPG which you are going to
install is an original and unmodified one, you can do it in one of
the following ways:

 * If you already have a version of GnuPG