![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to changes.doc CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [PGP] / pgp / doc|
Return to changes.doc CVS log | Up to [PGP] / pgp / doc |
1.1 ! root 1: [Note: This file now contains all the information that used to be in ! 2: the newfor22.doc through newfor26.doc, starting with the most recent ! 3: information first] ! 4: ! 5: Changes to PGP 2.6.1 ! 6: ! 7: PGP 2.6.1 is a bugfix release of PGP 2.6. It fixes many bugs that have been ! 8: reported by the PGP user community since the original release of PGP 2.6 ! 9: back in May of 1994. The most notable bugs are the "xorbytes" bug that ! 10: resulted in less randomness then full Shannon Entropy for all key bits. ! 11: (Note: People who generated keys with PGP 2.6 do *not* need to generate ! 12: new keys). Another bug that manifested itself as "DOS error 8" errors has ! 13: also been fixed. It is also safe to edit your key userid with PGP 2.6.1 ! 14: even if you store your passphrase in the PGPPASS variable. ! 15: ! 16: PGP 2.6.1 will now accept keys up to length 2,048 bits, however it ! 17: will still only generate keys up to 1,024 bits. This is a phased ! 18: upgrade approach to increasing PGP's keysize. ! 19: ! 20: Changes to PGP 2.6: ! 21: ! 22: This version of PGP uses a version of RSAREF provided to MIT by RSA Data ! 23: Security for use in PGP. This version is legal within the U.S. See the ! 24: enclosed RSAREF license for full details. Basically this is a ! 25: non-commercial release. If you want to use it in a commercial or ! 26: governmental setting, talk to ViaCrypt (2014 West Peoria Avenue, ! 27: Phoenix, Arizona 85029, +1 602 944-0773). ! 28: ! 29: While PGP version 2.5 used RSAREF version 2.0, PGP 2.6 uses RSAREF ! 30: version 1. This change was made in consultation with RSA Data ! 31: Security, which is currently revising its version 2.0 distribution. ! 32: The version of RSAREF included with this distribution is RSAREF ! 33: version 1, not version 2.0. ! 34: ! 35: PGP 2.6 will read messages, signatures and keys created with versions of ! 36: PGP post 2.2. (i.e., 2.3, 2.3a, 2.4 and 2.5). However after 9/1/94 Version ! 37: 2.6 will create messages which contain a version number of "3" in signatues, ! 38: messages and keys (see pgformat.doc for details). PGP2.6 will be able to ! 39: read these signatures, messages and keys, but prior versions will not. ! 40: ! 41: Versions prior to 2.6 would not permit a new signature to be added to a key ! 42: if there was an already existing signature from the same signer. Starting ! 43: with version 2.6 newer signatures will override older ones *as long as the ! 44: newer signature verifies*. This change is important because many keys have ! 45: signatures on them that were created by PGP version 2.2 or earlier. These ! 46: signatures can not be verified by PGP 2.5 or higher. Owners of keys with ! 47: these obsolete signatures should attempt to gather new signatures and ! 48: add them to their key. ! 49: ! 50: Significant changes were also made for version 2.5. Because version 2.6 is ! 51: coming out very soon after 2.5 (which was only really a beta test version) ! 52: readers are encouraged to read the file "newfor25.doc" as well as this file. ! 53: ! 54: Changes to PGP 2.5: ! 55: ! 56: ***** MOST IMPORTANT ***** ! 57: ! 58: This version of PGP uses RSAREF 2.0, so it's legal in the U.S.! The ! 59: RSAREF license forbids you to (among other things; see the license for ! 60: full details) "use the program to provide services to others for which ! 61: you are compensated in any manner", but that still covers a lot of ! 62: people. If you want to use it in a commercial or governmental ! 63: setting, talk to ViaCrypt (2014 West Peoria Avenue, Phoenix, Arizona ! 64: 85029, +1 602 944-0773). ! 65: ! 66: PGP 2.5 should always be distributed with a copy of the RSAREF 2.0 ! 67: license of March 16, 1994 from RSA Data Security, Inc., so that all ! 68: users will be aware of their obligations under the RSAREF license. ! 69: ! 70: Since the RSAREF license conflicts with the GNU General Public License that ! 71: PGP was formerly distributed under, the GPL had to go. PGP is still ! 72: freely distributable, though. (From a copyright point of view; export ! 73: controls or some other legal hassle may apply.) ! 74: ! 75: *** IMPORTANT CHANGE: ! 76: ! 77: RSAREF 2.0 can understand only the pkcs_compat=1 formats for signatures ! 78: and encrypted files. This has been the default since 2.3, so old files ! 79: should not be too much of a problem, but old key signatures will ! 80: encounter difficulties. This change will result in a hole being ripped ! 81: in the "web of trust" as many old signatures are invalidated. Please check ! 82: your key rings (pgp -kc) and re-issue any signatures that have been ! 83: invalidated. PGP by default offers to remove such signatures. Even if you ! 84: leave them in, they are not trusted. ! 85: ! 86: Another RSAREF limitation is that it cannot cope with keys longer than ! 87: 1024 bits. PGP now prints a reasonably polite error message in such a ! 88: case. ! 89: ! 90: OTHER CHANGES: ! 91: ! 92: The support files are thinner. The various contrib directory utilities ! 93: have not been updated since 2.3a, and since the PGP developers know how ! 94: annoying it is to have people using an ancient version and complaining ! 95: about a bug in a program that was fixed a year ago, they have been ! 96: omitted rather than annoy the contributors in this way. Also, the ! 97: language translation file, language.txt, is incomplete. The strings ! 98: that were in 2.3a are there, and some that could be updated without ! 99: much knowledge of the language, but others that are new to 2.5 are ! 100: untranslated. The format should be obvious and some tools for ! 101: manipulating the language traslations are included in the contrib ! 102: directory. ! 103: ! 104: Printed KeyIDs have been incresed to 32 bits, as there were enough keys ! 105: out there that 24-bit keyIDs were no longer sufficiently unique. The ! 106: previous 24-bit keyID is the LAST 6 digits of an 8-digit 32-bit keyID. ! 107: For example, what was printed as A966DD now appears as C7A966DD. ! 108: ! 109: The config-file options ! 110: pubring=<filename>, ! 111: secring=<filename>, and ! 112: randseed=<filename> ! 113: have been added. Hopefully, the uses will be obvious. With these, you can ! 114: keep keyrings anywhere you like. Of course, they can also be specified on ! 115: the command line with +pubring= (or abbreviated to +pub=). ! 116: ! 117: If the line ! 118: comment=<string> ! 119: appears in the config file, the line "Comment: <string>" appears in ! 120: ASCII armor output. Of course, you can also use this from the ! 121: command line, e.g. to include a filename in the ASCII armor, do ! 122: "pgp -eat +comment=filename filename recipient". ! 123: ! 124: PGP now enables clearsig by default. If you sign and ascii-armor a ! 125: text file, and do not encrypt it, it is clearsigned unless you ask ! 126: for this not to be done. ! 127: ! 128: The now enables textmode. Textmode detects non-text files and ! 129: automatically turns itself off, so it's quite safe to leave on all ! 130: the time. If you haven't got these defaults yourself, you might ! 131: want to enable them. ! 132: ! 133: All prompts and progress messages are now printed to stderr, to make them ! 134: easier to find and ensure they don't get confused with data on standard ! 135: output such as pgp -m output. ! 136: ! 137: PGP now wipes temp files (and files wiped with pgp -w) with pseudo-random ! 138: data in an attempt to force disk compressors to overwrite as much data as ! 139: possible. ! 140: ! 141: On Unix, if the directory /usr/local/lib/pgp exists, it is searched ! 142: fror help files, language translations, and the PGP documentation. On ! 143: VMS, the equivalent is PGP$LIBRARY:. (This is PGP_SYSTEM_DIR, defined ! 144: in fileio.h, if you need to change it for your site.) ! 145: ! 146: Also, it is searched for a default global config.txt. This file may ! 147: be overridden by a local config.txt, and it may not set pubring, ! 148: secring, randseed or myname (which should be strictly personal) ! 149: ! 150: The normal help files (pgp -h) are pgp.hlp or <language>.hlp, such as ! 151: fr.hlp. Now, there is a separate help file for pgp -k, called pgpkey.hlp, ! 152: or <language>key.hlp. No file is provided by default; PGP will use ! 153: its one-page internal help by default, but you can create such a file ! 154: at your site. ! 155: ! 156: On Unix systems, $PGPPATH defaults to $HOME/.pgp. ! 157: ! 158: PGP used to get confused if you had a keyring containing signatures from ! 159: you, but not your public key. (PGP can't use the signatures in this case. ! 160: Only signatures from keys in the keyring are counted.) ! 161: PGP still can't use the signatures, but prints better warning messages. ! 162: Also, adding a key on your secret key ring to your public keyring ! 163: now asks if the key should be considered ultimately-trusted. ! 164: Prviously, you had to run pgp -ke to force this check, which was ! 165: non-obvious. ! 166: ! 167: Due to a few people distributing PGP without the manual (including one ! 168: run of a few thousand CD-ROMs), and the resultant flood of phone calls ! 169: from confused users, PGP now looks to make sure a manual is somewhere in ! 170: the vicinity when running to discourage this sort of thing. (If you're ! 171: getting this warning and need details on how to get rid of it, try pgp -kg.) ! 172: ! 173: On Unix, PGP now figures out the resolution of the system clock at run ! 174: time for the purpose of computing the amount of entropy in keystroke ! 175: timings. This means that on many Unix machines, less typing should be ! 176: required to generate keys. (SunOS and Linux especially.) ! 177: ! 178: The small prime table used in generating keys has been enlarged, which ! 179: should speed up key generation somewhat. ! 180: ! 181: There was a bug in PGP 2.3a (and, in fact in 2.4 and dating back to 1.0!) ! 182: when generating primes 2 bits over a multiple of the unit size (16 bits ! 183: on PC's, 32 bits on most larger computers), if the processor doesn't deal ! 184: with expressions like "1<<32" by producing a result of 1. In practice, ! 185: that corresponds to a key size of 64*x+4 bits. ! 186: ! 187: Code changes: ! 188: ! 189: At the request of Windows programmers, the PSTR() macro used to translate ! 190: string has been renamed to LANG(). ! 191: ! 192: The random-number code has been *thoroughly* cleaned up. So has the ! 193: IDEA code and the MD5 code. The MD5 code was developed from scratch and ! 194: is available for public use. ! 195: ! 196: The Turbo C makefile was dropped in favour of a Borland C .prj file. ! 197: You can use makefile.msc as a guide if you need one for a command-line ! 198: Turbo C. ! 199: ! 200: Changes to PGP 2.4: ! 201: ! 202: - Fixed a bug with the -z <passphrase> option. If no passphrase was given, ! 203: PGP used to crash. ! 204: ! 205: - When using -c, the IV is generated properly now, and the randseed.bin ! 206: postwash is done. (This bug could have resulted in the same ciphertext ! 207: being generated for the same plaintext, if the same passphrase is used.) ! 208: ! 209: - Memory allocated with halloc() is now freed with hfree() in ztrees.c and ! 210: zdeflate.c. (MS-DOS only.) ! 211: ! 212: - The decompression code now detects end of input reliably, fixing a ! 213: bug that used to have it produce infinite amounts of output on come ! 214: corrputed input. Decompression has also been sped up. ! 215: ! 216: - PGP -m won't try to write its final output to the current directory. ! 217: This makes it less efficent if you want to save the text to a file, but ! 218: more secure if you don't. ! 219: ! 220: - Number of bits allowed when generating keys limited to 1024, in line ! 221: with the limits in RSAREF and BSAFE. It used to be higher, but ! 222: folks, if you think you need a key larger than that, do some research ! 223: into the complexity of factoring. ! 224: ! 225: - Version number changed to pgp2.4 ! 226: ! 227: News for PGP 2.3a ! 228: ! 229: There was a bug in PGP's handling of clear-signed messages when lines ! 230: were terminated with CR-LF pairs. This has been revamped. The previous ! 231: limit on the length of lines in clear-signed messages has been eliminated. ! 232: ! 233: The randseed.bin file was not closed when read, which resulted in it ! 234: not being rewritten with a new value under some operating systems. ! 235: Fixed. ! 236: ! 237: Not all of the bytes in randseed.bin were being used, resulting in less ! 238: randomness than desired when picking session keys. While it did not make ! 239: the compromise of session keys likely, it was undesirable and has been fixed. ! 240: ! 241: PGP should now compile with less difficulty under OS/2. ! 242: The Turbo C makefile was incorrect. Fixed. ! 243: The VMS build files were out of date. Fixed. ! 244: ! 245: PGP was not accepting octal escapes in the language.txt file that did not ! 246: begin with \0. \377 is now acceptable. ! 247: The language.txt file got mangled in the middle somehow. Fixed. ! 248: ! 249: News for PGP 2.3 ! 250: ! 251: This PGP 2.3 release has several bug fixes over PGP 2.2, and a few ! 252: new (although somewhat esoteric) features. Among them are: ! 253: ! 254: - An important bug: there was a bug with compression under MS-DOS which ! 255: caused the wrong piece of memory to be freed, with results that ranged ! 256: from none to undecodable messages to machine crashes. ! 257: ! 258: - When adding keys, PGP now properly closes all the files it opens, so ! 259: you don't run out of file handles (MS-DOS) or file descriptors (UNIX). ! 260: ! 261: - Sometimes PGP would not properly ask the user to set trust parameters ! 262: when keys were validated by adding new signatures. This has been ! 263: fixed. ! 264: ! 265: - When PGP messages are sent through a MIME mail system, a conflict ! 266: arises over the use of the '=' character. PGP can now decode ASCII ! 267: armored messages which have been mangled by MIME's quoting mechanism. ! 268: ! 269: - PGP previously kept track of one pass phrase (from the PGPPASS ! 270: environment variable, the file descriptor named by the PGPPASSFD ! 271: environment variable, a -z <password> option, or previous user ! 272: prompts), and tried it if it needed a subsequent pass phrase. This ! 273: caused bugs if you attempted something that required two pass phrases, ! 274: such as pgp -sc (sign and conventionally encrypt). PGP now keeps ! 275: track of any number of pass phrases, including multiple -z options, ! 276: and uses them as necessary. Mostly, it just Does The Right Thing, ! 277: but if you care, the exact algorithm is as follows: ! 278: ! 279: - There is a pool of private-key pass phrases that starts out with the ! 280: contents of the PGPPASS environment variable (if any), and has every ! 281: pass phrase that is successfully used to unlock a private key added ! 282: to it. When a private key needs unlocking, every pass phrase in the ! 283: pool is tried first. ! 284: - There is a list of PGP pass phrases available for use by whatever needs ! 285: one. This is initialized with the -z command-line options and the ! 286: phrase read from the PGPPASSFD file descriptor. When a pass phrase ! 287: is needed, it is taken from the front of that list. When a pass ! 288: phrase is needed to unlock a secret key, every key on the list is tried, ! 289: and if it "fits" and unlocks the secret key, it is moved to the key ! 290: pass phrase pool. ! 291: - If the above fails to produce a pass phrase, the user is prompted to ! 292: supply one. ! 293: ! 294: Key generation (we need all the keystrokes we can get for random-number ! 295: accumulation) and key signing (to make sure the user really means to do ! 296: what they're doing) are exceptions; the user is always prompted for a ! 297: pass phrase under those circumstances. ! 298: ! 299: New options: ! 300: ! 301: +pkcs_compat=n ! 302: This defaults to 1, which tells PGP to generate encryption key ! 303: and signature blocks in a format derived from the PKCS standards. ! 304: This format is understood (but not generated) by PGP 2.2. If set ! 305: to 0, the old format is generated, which may be needed for ! 306: portability to PGP versions before 2.2. PGP is still incompatible ! 307: with the PKCS standards in many ways, but in future, values of 2 ! 308: or higher may be used to produce formats which are more compatible. ! 309: ! 310: Other notes: ! 311: ! 312: The MS-DOS executable was compiled with Borland C++ version 3.0, optimized ! 313: for maximum speed, except that jump optimisation was turned off. If it ! 314: is turned on, the Transform() function in md5.c is compiled incorrectly. ! 315: The pgp.prj file that was used is included in the source distribution. ! 316: ! 317: Thanks to everyone who worked on PGP and sent in bug reports. Two who ! 318: didn't make it into the manual are to Lindsay DuBois for a bit of last- ! 319: minute translation, and Reptilian Research for support in developing PGP. ! 320: ! 321: And thanks to the Cypherpunks who managed to get PGP so much attention ! 322: in Wired magazine recently. ! 323: ! 324: I hope you enjoy PGP! ! 325: ! 326: -Colin <[email protected]> ! 327: ! 328: News for PGP 2.2 ! 329: ! 330: The main change since PGP 2.1 is a speedup in key management, and ! 331: the ability to encrypt for more than one recipient. Apart from ! 332: this there are some bugfixes and some new options to make it easier ! 333: to use PGP from shell scripts or mailers. ! 334: ! 335: You can encrypt for more than one recipient by specifying additional ! 336: userids on the command line eg: ! 337: ! 338: pgp -e plaintext Alice Bob Carol ! 339: ! 340: ! 341: Some notes about the changes: ! 342: ! 343: - PGP doesn't do a keycheck on a keyfile before it is added anymore, ! 344: this is to speed up merging a big keyfile with your public keyring which ! 345: may already have most of the keys in the keyfile you are adding. After ! 346: PGP has checked a signature it sets a flag in your public keyring to ! 347: mark this signature as checked. Because PGP 2.1 didn't have these ! 348: flags, PGP will check *all* signatures on your keyring the first time ! 349: you add a key with PGP 2.2. After that PGP will only check new ! 350: signatures. Also by using an older version than 2.2 on your keyring you ! 351: will clear these flags again. ! 352: ! 353: ! 354: New options: ! 355: ! 356: +interactive ! 357: If you add a keyfile, PGP will ask for each new key if it should ! 358: be added to your keyring. ! 359: ! 360: Options for use in shell scripts: ! 361: ! 362: +verbose=n ! 363: The default is 1. With +verbose=0, PGP will only print an error ! 364: message if something goes wrong. With +verbose=2, PGP will tell ! 365: you what it's doing in detail suitable for debugging. ! 366: ! 367: +force ! 368: Overwrite output file without asking, or with -kr: remove key ! 369: without asking (only if it has just one userid). ! 370: ! 371: +batchmode ! 372: With this option PGP won't ask any questions or prompt for ! 373: alternate file names. Some of the key commands still need ! 374: user interaction and can't be done from a shell script. ! 375: You can also use this option to check if a file has a good ! 376: signature. If the input file did not have a signature the exit ! 377: code will be 1, if the file had a signature and if it checked OK ! 378: the exit code will be 0. Note that if the input file has more ! 379: than one armored messages, a good signature on one of these ! 380: messages will make the exit code 0 (if there are no errors). ! 381: ! 382: These "long" options can be abbreviated as long as the abbreviation is ! 383: unambiguous. "interactive" and "verbose" can also be set in config.txt; ! 384: you can then turn these flags off on the command line with +option=. ! 385: ! 386: ! 387: Some of the bug fixes: ! 388: ! 389: - Key lookup on keyID (eg 0x12AB) fixed for -ks/-krs. ! 390: ! 391: - Dearmoring of Macintosh type text files (CR only) now also works.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.