The GnuPG team is pleased to announce the availability of a new release
of GnuPG modern: Version 2.1.10. The main features of this release are
support for TOFU (Trust-On-First-Use) and anonymous key retrieval via
Tor.
...
Noteworthy changes in version 2.1.10
====================================
[More after the break.]
* gpg: New trust models "tofu" and "tofu+pgp".
* gpg: New command --tofu-policy. New options --tofu-default-policy
and --tofu-db-format.* gpg: New option --weak-digest to specify hash algorithms which
should be considered weak.* gpg: Allow the use of multiple --default-key options; take the last
available key.* gpg: New option --encrypt-to-default-key.
* gpg: New option --unwrap to only strip the encryption layer.
* gpg: New option --only-sign-text-ids to exclude photo IDs from key
signing.* gpg: Check for ambigious or non-matching key specification in the
config file or given to --encrypt-to.* gpg: Show the used card reader with --card-status.
* gpg: Print export statistics and an EXPORTED status line.
* gpg: Allow selecting subkeys by keyid in --edit-key.
* gpg: Allow updating the expiration time of multiple subkeys at
once.* dirmngr: New option --use-tor. For full support this requires
libassuan version 2.4.2 and a patched version of libadns
(e.g. adns-1.4-g10-7 as used by the standard Windows installer).* dirmngr: New option --nameserver to specify the nameserver used in
Tor mode.* dirmngr: Keyservers may again be specified by IP address.
* dirmngr: Fixed problems in resolving keyserver pools.
* dirmngr: Fixed handling of premature termination of TLS streams so
that large numbers of keys can be refreshed via hkps.* gpg: Fixed a regression in --locate-key [since 2.1.9].
* gpg: Fixed another bug for keyrings with legacy keys.
* gpgsm: Allow combinations of usage flags in --gen-key.
* Make tilde expansion work with most options.
* Many other cleanups and bug fixes.
A detailed description of the changes found in the 2.1 branch can be
found at https://gnupg.org/faq/whats-new-in-2.1.html.
(Score: 3, Interesting) by darkfeline on Tuesday December 08 2015, @11:00PM
GnuPG is actually not that hard to use if you read the manual and not just the manpage. It's definitely a power user level program, though.
The solution is to create a separate configuration and management GUI and for apps to provide better integration. I don't think either of those is directly GnuPG's responsibility; I'd rather GnuPG focus on getting the details of the implementation right, because if the implementation is flawed, making it easier to use will do fuck-all for privacy and security.
Join the SDF Public Access UNIX System today!
(Score: 2) by FatPhil on Tuesday December 08 2015, @11:53PM
Open Source software = One act of power users
(That's an anagram, found by my g/f a couple of days ago, but I think it's rather good, so thought I'd share.)
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 0) by Anonymous Coward on Wednesday December 09 2015, @04:04AM
Is this where I channel RMS and say that then term Open Source misses the point? [gnu.org].
(Maybe your G/f can find an anagram for Free/Libre Software)
Wait... Your "anagram" introduces the letter 'p' in the second half of the equation. Shenanigans!
(Score: 0) by Anonymous Coward on Wednesday December 09 2015, @06:13AM
Nevermind. I found the 'p' on the left side of the equation (open).