gabriel rosenkoetter on Wed, 8 May 2002 16:14:55 +0200


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] GnuPG 1.0.7


Seems its out. Has been for a little over a week, but it just hit
NetBSD's pkgsrc, which means I can update it without thinking, so I
did.

Among the new features listed at

  http://lists.gnupg.org/pipermail/gnupg-announce/2002q2/000251.html

are:

    * Photographic user ID support.  This uses an external program to
      view the images.
    * The command "primary" in the edit menu can be used to change the
      primary UID, "setpref" and "updpref" can be used to change the
      preferences.
    * The way signature stati are store has changed so that v3
      signatures can be supported. To increase the speed of many
      operations for existing keyrings you can use the new
      --rebuild-keydb-caches command.
    * The entire key validation process (trustdb) has been revamped.
      See the man page entries for --update-trustdb, --check-trustdb
      and --no-auto-check-trustdb.

The first could make it possible to reliably sign keys of someone
you've met before without actually having to be physically present
to exchange fingerprints. (Bill Jonas and I can tell you that this'd
be handy. :^>)

The second is a perhaps less than ideal fix to the real problem;
when you add a *new* uid to your private key under GnuPG, it gets
added as the *primary* uid, which is almost never what you want. I
can settle for being able to specify the primary key. I guess.

The last two make it sound like the irritation many of us have
experienced with it taking a coon's age to verify signed keys *may*
go away. Note that I haven't made sure that this is true yet.

Also, it's worth reiterating advice given in that announcement:

  Please note that due to a bug in prior versions, it won't be possible
  to downgrade to 1.0.6 unless you use the GnuPG version which comes
  with Debian's Woody release or you apply the patch
  http://www.gnupg.org/developer/gpg-woody-fix.txt .

So export your ENTIRE keyrings (--export-ownertrust) before you
use the new version. I missed this till after I'd already done my
update, so I'm living on the edge and just taking a tar of my
.gnupg. ;^>

-- 
gabriel rosenkoetter
gr@eclipsed.net

Attachment: pgpXuGI1K9xf4.pgp
Description: PGP signature