Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday December 08 2015, @07:29PM   Printer-friendly
from the getting-better-all-the-time dept.

The GnuPG team is pleased to announce the availability of a new release
of GnuPG modern: Version 2.1.10. The main features of this release are
support for TOFU (Trust-On-First-Use) and anonymous key retrieval via
Tor.
...
Noteworthy changes in version 2.1.10
====================================

[More after the break.]

  * gpg: New trust models "tofu" and "tofu+pgp".

  * gpg: New command --tofu-policy. New options --tofu-default-policy
      and --tofu-db-format.

  * gpg: New option --weak-digest to specify hash algorithms which
      should be considered weak.

  * gpg: Allow the use of multiple --default-key options; take the last
      available key.

  * gpg: New option --encrypt-to-default-key.

  * gpg: New option --unwrap to only strip the encryption layer.

  * gpg: New option --only-sign-text-ids to exclude photo IDs from key
      signing.

  * gpg: Check for ambigious or non-matching key specification in the
      config file or given to --encrypt-to.

  * gpg: Show the used card reader with --card-status.

  * gpg: Print export statistics and an EXPORTED status line.

  * gpg: Allow selecting subkeys by keyid in --edit-key.

  * gpg: Allow updating the expiration time of multiple subkeys at
      once.

  * dirmngr: New option --use-tor. For full support this requires
      libassuan version 2.4.2 and a patched version of libadns
      (e.g. adns-1.4-g10-7 as used by the standard Windows installer).

  * dirmngr: New option --nameserver to specify the nameserver used in
      Tor mode.

  * dirmngr: Keyservers may again be specified by IP address.

  * dirmngr: Fixed problems in resolving keyserver pools.

  * dirmngr: Fixed handling of premature termination of TLS streams so
      that large numbers of keys can be refreshed via hkps.

  * gpg: Fixed a regression in --locate-key [since 2.1.9].

  * gpg: Fixed another bug for keyrings with legacy keys.

  * gpgsm: Allow combinations of usage flags in --gen-key.

  * Make tilde expansion work with most options.

  * Many other cleanups and bug fixes.

A detailed description of the changes found in the 2.1 branch can be
found at https://gnupg.org/faq/whats-new-in-2.1.html.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Zinho on Tuesday December 08 2015, @11:35PM

    by Zinho (759) on Tuesday December 08 2015, @11:35PM (#273702)

    Then it sounds like the challenge is education. In the perfect world everyone has the benefits of good encryption, not just the intellectual and programming elites. If the massive amount of information [thecodelesscode.com] that's available isn't within the mental grasp of the PHBs, grandmas, and department secretaries of the world then we can't expect the rest of us to get the benefits of herd immunity that we'd like.

    One way or another we should bridge the gap between where we are and where we'd like to be. That will probably take:
    * convincing everyone that encryption is important and worth their time
    * making the tools and education needed accessible to everyone
    * rolling out good encryption everywhere

    As you correctly pointed out, doing it wrong hurts everyone. If the bar of learning to use the tools properly is too high (too much time investment required) then either the tools are wrong, the educational materials are wrong, or both. At the moment, I'd say that it's both.

    --
    "Space Exploration is not endless circles in low earth orbit." -Buzz Aldrin
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2