Re: [Announce] GnuPG 2.1.10 released

2015-12-07 Thread Neal H. Walfield 
On Mon, 07 Dec 2015 01:05:51 +0100,
MFPA wrote:
> >  * gpg: New trust models "tofu" and "tofu+pgp".
> 
> >  * gpg: New command --tofu-policy.  New options
> >  --tofu-default-policy   and --tofu-db-format.
> 
> Should these be available in the Windows version? I get:-
> 
> gpg: unknown trust model 'tofu+pgp'
> gpg: unknown TOFU policy 'ask'

TOFU depends on libsqlite, which you are probably missing.  If GnuPG
doesn't find it, then it disables TOFU.  Can you check whether this is
the case?

Thanks!

:) Neal


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.10 released

2015-12-07 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Monday 7 December 2015 at 10:06:49 AM, in
, Werner Koch wrote:



> Have a look into the announcement:

>   The source used to build the Windows installer can be
>   found in the same directory with a ".tar.xz" suffix.
>   This Windows installer is missing translations, it
>   has no TOFU support and no HKPS support.  However, it
>   ^^^ fully supports
>   Tor and the Tor browser.


Oops! I missed that bit. Sorry.



> The reason for the missing Tofu support is that we need
> to package Sqlite in a way to make it easy to
> cross-compile for Windows.  It is just a bit of work
> but other things have higher priority for now than
> Windows.

Thanks for the explanation.

- --
Best regards

MFPA  

Colourless green ideas sleep furiously (Noam Chomsky)
-BEGIN PGP SIGNATURE-

iL4EARYKAGYFAlZmBKlfFIAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldDMzQUNFRDRFRTkxMzRFRUJERTZBODUwNjE3
MTJCQzQ2MUFGNzc4RTQACgkQFxK8Rhr3eORn5QD9EhcV419z4t0hM/I2nfgaeFLf
mfMlkM7qMwCsKp1/FWYA/3ZW/Y3M8gu6NVYGq1/qry2bFaUGHf7+PXyLmLKadqEH
iQF8BAEBCgBmBQJWZgSuXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwqkAIAJEiH684AJNY2phReHsBJ/WH
SfGTFXeqNrvvverpbgb3EaJfvgrZIklI2BykdjT28DCzYC63CW5IizERuIskbZBT
elhzEEtSuQh7twJofaORX9n1vC+rcGyUMUUuUToxGZXsWGXWiVnyUQ8e6LgjGO5Z
jtkuUb/jaBigivnTq2iFgIq0/JToA2ajlxAP/zt+WjIecIF+hznqaqmsPCkIz579
ptxZiQ8Z4wcx/xMj1rNT/t2gw6HstqmUkqNeJWRo/5Pd1JsQJMNy2pcvJABkfa5O
bZDIgojc1h8vgNFPjjihEHmpUokVu1z1pedlOPiSv71vMeon4iFl47FDee1M4D4=
=Es3b
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.10 released

2015-12-06 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Friday 4 December 2015 at 1:06:49 PM, in
, Werner Koch wrote:



>  * gpg: New trust models "tofu" and "tofu+pgp".

>  * gpg: New command --tofu-policy.  New options
>  --tofu-default-policy   and --tofu-db-format.

Should these be available in the Windows version? I get:-

gpg: unknown trust model 'tofu+pgp'
gpg: unknown TOFU policy 'ask'



- --
Best regards

MFPA  

Change is inevitable except from a vending machine
-BEGIN PGP SIGNATURE-

iL4EARYKAGYFAlZkzXhfFIAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldDMzQUNFRDRFRTkxMzRFRUJERTZBODUwNjE3
MTJCQzQ2MUFGNzc4RTQACgkQFxK8Rhr3eOShOgD+PS7gpG9jvlZZ+H614lQssEnU
5J21RGZTUFacn6p8SIoBAKQ644pI8D6al175S6TeCyC6bKvDbJbN1oM5gu466KYD
iQF8BAEBCgBmBQJWZM1/XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwLjEH+wbJELVCp1tv5KYZaM7w3rzv
BrrTTDzEaz8vIE2ig0+Jc64h1eTQb9Mqvi3nMgfmbCdBJ1IAES0yOdcBDwFUZMu1
l4vkjUaP5qFWIOi+eHCwetFwf98G2NRsJ4AH/tj9mW8a6Z/7ajqb7wlYmHLGp40e
h5qsSVQnhpxh9UaftQYClcY+mXkIlfuF7iMrxO/U4KO0I39zdzUchAxDphA8ExVX
zVgSJ9O/KY0blOtoGFTT+0hrZ97wxlCYcQhwl1V7Lt2olH8jPGHJ0EsfC70EDBlq
hIQcLfGH3QmxxfH81AHW0p3Ce5Yu2nGByRULaAUUnZPw4D2WW933dVY5f23QUkM=
=5blg
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

[Announce] GnuPG 2.1.10 released

2015-12-04 Thread Werner Koch 
Hello!

The GnuPG team is pleased to announce the availability of a new release
of GnuPG modern: Version 2.1.10.  The main features of this release are
support for TOFU (Trust-On-First-Use) and anonymous key retrieval via
Tor.

The GNU Privacy Guard (GnuPG) is a complete and free implementation
of the OpenPGP standard which is commonly abbreviated as PGP.

GnuPG allows to encrypt and sign data and communication, features a
versatile key management system as well as access modules for public key
directories.  GnuPG itself is a command line tool with features for easy
integration with other applications.  A wealth of frontend applications
and libraries making use of GnuPG are available.  Since version 2 GnuPG
provides support for S/MIME and Secure Shell in addition to OpenPGP.

GnuPG is Free Software (meaning that it respects your freedom). It can
be freely used, modified and distributed under the terms of the GNU
General Public License.

Three different branches of GnuPG are actively maintained:

- GnuPG "modern" (2.1) is the latest development with a lot of new
  features.  This announcement is about this branch.

- GnuPG "stable" (2.0) is the current stable version for general use.
  This is what most users are currently using.

- GnuPG "classic" (1.4) is the old standalone version which is most
  suitable for older or embedded platforms.

You may not install "modern" (2.1) and "stable" (2.0) at the same
time.  However, it is possible to install "classic" (1.4) along with
any of the other versions.


Noteworthy changes in version 2.1.10


 * gpg: New trust models "tofu" and "tofu+pgp".

 * gpg: New command --tofu-policy.  New options --tofu-default-policy
   and --tofu-db-format.

 * gpg: New option --weak-digest to specify hash algorithms which
   should be considered weak.

 * gpg: Allow the use of multiple --default-key options; take the last
   available key.

 * gpg: New option --encrypt-to-default-key.

 * gpg: New option --unwrap to only strip the encryption layer.

 * gpg: New option --only-sign-text-ids to exclude photo IDs from key
   signing.

 * gpg: Check for ambigious or non-matching key specification in the
   config file or given to --encrypt-to.

 * gpg: Show the used card reader with --card-status.

 * gpg: Print export statistics and an EXPORTED status line.

 * gpg: Allow selecting subkeys by keyid in --edit-key.

 * gpg: Allow updating the expiration time of multiple subkeys at
   once.

 * dirmngr: New option --use-tor.  For full support this requires
   libassuan version 2.4.2 and a patched version of libadns
   (e.g. adns-1.4-g10-7 as used by the standard Windows installer).

 * dirmngr: New option --nameserver to specify the nameserver used in
   Tor mode.

 * dirmngr: Keyservers may again be specified by IP address.

 * dirmngr: Fixed problems in resolving keyserver pools.

 * dirmngr: Fixed handling of premature termination of TLS streams so
   that large numbers of keys can be refreshed via hkps.

 * gpg: Fixed a regression in --locate-key [since 2.1.9].

 * gpg: Fixed another bug for keyrings with legacy keys.

 * gpgsm: Allow combinations of usage flags in --gen-key.

 * Make tilde expansion work with most options.

 * Many other cleanups and bug fixes.


A detailed description of the changes found in the 2.1 branch can be
found at .

Please be aware that there are still known bugs which we are working on.
Check https://bugs.gnupg.org, https://wiki.gnupg.org, and the mailing
list archives for known problems and workarounds.


Getting the Software


Please follow the instructions found at  or
read on:

GnuPG 2.1.10 may be downloaded from one of the GnuPG mirror sites or
direct from its primary FTP server.  The list of mirrors can be found
at .  Note that GnuPG is not available
at ftp.gnu.org.

The GnuPG source code compressed using BZIP2 and its OpenPGP signature
are available here:

 ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.10.tar.bz2  (5052k)
 ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.10.tar.bz2.sig

or here:

 https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.1.10.tar.bz2  (5052k)
 https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.1.10.tar.bz2.sig

An installer for Windows without any graphical frontend except for a
basic Pinentry tool is available here:

 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.10_20151204.exe  (2617k)
 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.10_20151204.exe.sig

or here

 https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.1.10_20151204.exe  (2617k)
 https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.1.10_20151204.exe.sig

The source used to build the Windows installer can be found in the same
directory with a ".tar.xz" suffix.  This Windows installer is missing
translations, it has no TOFU support and no HKPS support.  However, it
fully supports Tor and the Tor browser.


Checking the Integrity