![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to newfor23.doc CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [PGP] / pgp / doc|
Return to newfor23.doc CVS log | Up to [PGP] / pgp / doc |
1.1.1.3 ! root 1: News for PGP 2.3a ! 2: ! 3: There was a bug in PGP's handling of clear-signed messages when lines ! 4: were terminated with CR-LF pairs. This has been revamped. The previous ! 5: limit on the length of lines in clear-signed messages has been eliminated. ! 6: ! 7: The randseed.bin file was not closed when read, which resulted in it ! 8: not being rewritten with a new value under some operating systems. ! 9: Fixed. ! 10: ! 11: Not all of the bytes in randseed.bin were being used, resulting in less ! 12: randomness than desired when picking session keys. While it did not make ! 13: the compromise of session keys likely, it was undesirable and has been fixed. ! 14: ! 15: PGP should now compile with less difficulty under OS/2. ! 16: The Turbo C makefile was incorrect. Fixed. ! 17: The VMS build files were out of date. Fixed. ! 18: ! 19: PGP was not accepting octal escapes in the language.txt file that did not ! 20: begin with \0. \377 is now acceptable. ! 21: The language.txt file got mangled in the middle somehow. Fixed. ! 22: ! 23: News for PGP 2.3 ! 24: ! 25: This PGP 2.3 release has several bug fixes over PGP 2.2, and a few ! 26: new (although somewhat esoteric) features. Among them are: ! 27: ! 28: - An important bug: there was a bug with compression under MS-DOS which ! 29: caused the wrong piece of memory to be freed, with results that ranged ! 30: from none to undecodable messages to machine crashes. ! 31: ! 32: - When adding keys, PGP now properly closes all the files it opens, so ! 33: you don't run out of file handles (MS-DOS) or file descriptors (UNIX). ! 34: ! 35: - Sometimes PGP would not properly ask the user to set trust parameters ! 36: when keys were validated by adding new signatures. This has been ! 37: fixed. ! 38: ! 39: - When PGP messages are sent through a MIME mail system, a conflict ! 40: arises over the use of the '=' character. PGP can now decode ASCII ! 41: armored messages which have been mangled by MIME's quoting mechanism. ! 42: ! 43: - PGP previously kept track of one pass phrase (from the PGPPASS ! 44: environment variable, the file descriptor named by the PGPPASSFD ! 45: environment variable, a -z <password> option, or previous user ! 46: prompts), and tried it if it needed a subsequent pass phrase. This ! 47: caused bugs if you attempted something that required two pass phrases, ! 48: such as pgp -sc (sign and conventionally encrypt). PGP now keeps ! 49: track of any number of pass phrases, including multiple -z options, ! 50: and uses them as necessary. Mostly, it just Does The Right Thing, ! 51: but if you care, the exact algorithm is as follows: ! 52: ! 53: - There is a pool of private-key pass phrases that starts out with the ! 54: contents of the PGPPASS environment variable (if any), and has every ! 55: pass phrase that is successfully used to unlock a private key added ! 56: to it. When a private key needs unlocking, every pass phrase in the ! 57: pool is tried first. ! 58: - There is a list of PGP pass phrases available for use by whatever needs ! 59: one. This is initialized with the -z command-line options and the ! 60: phrase read from the PGPPASSFD file descriptor. When a pass phrase ! 61: is needed, it is taken from the front of that list. When a pass ! 62: phrase is needed to unlock a secret key, every key on the list is tried, ! 63: and if it "fits" and unlocks the secret key, it is moved to the key ! 64: pass phrase pool. ! 65: - If the above fails to produce a pass phrase, the user is prompted to ! 66: supply one. ! 67: ! 68: Key generation (we need all the keystrokes we can get for random-number ! 69: accumulation) and key signing (to make sure the user really means to do ! 70: what they're doing) are exceptions; the user is always prompted for a ! 71: pass phrase under those circumstances. ! 72: ! 73: New options: ! 74: ! 75: +pkcs_compat=n ! 76: This defaults to 1, which tells PGP to generate encryption key ! 77: and signature blocks in a format derived from the PKCS standards. ! 78: This format is understood (but not generated) by PGP 2.2. If set ! 79: to 0, the old format is generated, which may be needed for ! 80: portability to PGP versions before 2.2. PGP is still incompatible ! 81: with the PKCS standards in many ways, but in future, values of 2 ! 82: or higher may be used to produce formats which are more compatible. ! 83: ! 84: Other notes: ! 85: ! 86: The MS-DOS executable was compiled with Borland C++ version 3.0, optimized ! 87: for maximum speed, except that jump optimisation was turned off. If it ! 88: is turned on, the Transform() function in md5.c is compiled incorrectly. ! 89: The pgp.prj file that was used is included in the source distribution. ! 90: ! 91: Thanks to everyone who worked on PGP and sent in bug reports. Two who ! 92: didn't make it into the manual are to Lindsay DuBois for a bit of last- ! 93: minute translation, and Reptilian Research for support in developing PGP. ! 94: ! 95: And thanks to the Cypherpunks who managed to get PGP so much attention ! 96: in Wired magazine recently. ! 97: ! 98: I hope you enjoy PGP! ! 99: ! 100: -Colin <[email protected]>
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.