Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

GnuPG 2.1.10 Released

posted by martyb on Tuesday December 08 2015, @07:29PM   Printer-friendly
from the getting-better-all-the-time dept.

Phoenix666 writes:

The GnuPG team is pleased to announce the availability of a new release
of GnuPG modern: Version 2.1.10. The main features of this release are
support for TOFU (Trust-On-First-Use) and anonymous key retrieval via
Tor.
...
Noteworthy changes in version 2.1.10
====================================

[More after the break.]

  * gpg: New trust models "tofu" and "tofu+pgp".

  * gpg: New command --tofu-policy. New options --tofu-default-policy
      and --tofu-db-format.

  * gpg: New option --weak-digest to specify hash algorithms which
      should be considered weak.

  * gpg: Allow the use of multiple --default-key options; take the last
      available key.

  * gpg: New option --encrypt-to-default-key.

  * gpg: New option --unwrap to only strip the encryption layer.

  * gpg: New option --only-sign-text-ids to exclude photo IDs from key
      signing.

  * gpg: Check for ambigious or non-matching key specification in the
      config file or given to --encrypt-to.

  * gpg: Show the used card reader with --card-status.

  * gpg: Print export statistics and an EXPORTED status line.

  * gpg: Allow selecting subkeys by keyid in --edit-key.

  * gpg: Allow updating the expiration time of multiple subkeys at
      once.

  * dirmngr: New option --use-tor. For full support this requires
      libassuan version 2.4.2 and a patched version of libadns
      (e.g. adns-1.4-g10-7 as used by the standard Windows installer).

  * dirmngr: New option --nameserver to specify the nameserver used in
      Tor mode.

  * dirmngr: Keyservers may again be specified by IP address.

  * dirmngr: Fixed problems in resolving keyserver pools.

  * dirmngr: Fixed handling of premature termination of TLS streams so
      that large numbers of keys can be refreshed via hkps.

  * gpg: Fixed a regression in --locate-key [since 2.1.9].

  * gpg: Fixed another bug for keyrings with legacy keys.

  * gpgsm: Allow combinations of usage flags in --gen-key.

  * Make tilde expansion work with most options.

  * Many other cleanups and bug fixes.

A detailed description of the changes found in the 2.1 branch can be
found at https://gnupg.org/faq/whats-new-in-2.1.html.

Original Submission

 
This discussion has been archived. No new comments can be posted.
GnuPG 2.1.10 Released | Log In/Create an Account | Top | 36 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by gnuman on Tuesday December 08 2015, @10:01PM

    by gnuman (5013) on Tuesday December 08 2015, @10:01PM (#273656)

    Right now I think it would be more important to make encryption *easy*

    No.

    Encryption is no a panacea and to use it correctly you need to know how it works, more or less, or all you are doing is undermining your and possibly other's information safety. There is already a massive amount of information of web-of-trust and how to use GPG properly. If that is too much of a pain for you, then your use-pattern will not benefit from GPG anyway since, for sake of convenience, you will bypass required manual checking. In that scenario you are no better off than without it.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by VLM on Tuesday December 08 2015, @10:55PM

    by VLM (445) on Tuesday December 08 2015, @10:55PM (#273679)

    And the other problem is application of a GUI shell never made something inherently complex, simple. Usually a GUI makes things harder to use.

    You can make a bad UI easier, sometimes, with a good gui, but on average trying to layer any random UI on top of any other UI isn't going to improve anything.

    You run into this a lot with the noobs talking about DF. Ya know, if the software company (its actually one dude..) upgraded it to make the dorfs cute cartoons, it would be way easier to play. And then all the DF players hurt themselves rolling their eyes. Sure, that's the problem, sure... Maybe in the opinion of a non-player.

  • (Score: 2) by Zinho on Tuesday December 08 2015, @11:35PM

    by Zinho (759) on Tuesday December 08 2015, @11:35PM (#273702)

    Then it sounds like the challenge is education. In the perfect world everyone has the benefits of good encryption, not just the intellectual and programming elites. If the massive amount of information [thecodelesscode.com] that's available isn't within the mental grasp of the PHBs, grandmas, and department secretaries of the world then we can't expect the rest of us to get the benefits of herd immunity that we'd like.

    One way or another we should bridge the gap between where we are and where we'd like to be. That will probably take:
    * convincing everyone that encryption is important and worth their time
    * making the tools and education needed accessible to everyone
    * rolling out good encryption everywhere

    As you correctly pointed out, doing it wrong hurts everyone. If the bar of learning to use the tools properly is too high (too much time investment required) then either the tools are wrong, the educational materials are wrong, or both. At the moment, I'd say that it's both.

    --
    "Space Exploration is not endless circles in low earth orbit." -Buzz Aldrin