--- pgp/doc/newfor25.doc 2018/04/24 16:41:33 1.1.1.1 +++ pgp/doc/newfor25.doc 2018/04/24 16:42:48 1.1.1.2 @@ -1,145 +1,145 @@ -Changes to PGP 2.5: - - ***** MOST IMPORTANT ***** - -This version of PGP uses RSAREF 2.0, so it's legal in the U.S.! The -RSAREF license forbids you to (among other things; see the license for -full details) "use the program to provide services to others for which -you are compensated in any manner", but that still covers a lot of -people. If you want to use it in a commercial or governmental -setting, talk to ViaCrypt (2014 West Peoria Avenue, Phoenix, Arizona -85029, +1 602 944-0773). - -PGP 2.5 should always be distributed with a copy of the RSAREF 2.0 -license of March 16, 1994 from RSA Data Security, Inc., so that all -users will be aware of their obligations under the RSAREF license. - -Since the RSAREF license conflicts with the GNU General Public License that -PGP was formerly distributed under, the GPL had to go. PGP is still -freely distributable, though. (From a copyright point of view; export -controls or some other legal hassle may apply.) - -*** IMPORTANT CHANGE: - -RSAREF 2.0 can understand only the pkcs_compat=1 formats for signatures -and encrypted files. This has been the default since 2.3, so old files -should not be too much of a problem, but old key signatures will -encounter difficulties. This change will result in a hole being ripped -in the "web of trust" as many old signatures are invalidated. Please check -your key rings (pgp -kc) and re-issue any signatures that have been -invalidated. PGP by default offers to remove such signatures. Even if you -leave them in, they are not trusted. - -Another RSAREF limitation is that it cannot cope with keys longer than -1024 bits. PGP now prints a reasonably polite error message in such a -case. - -OTHER CHANGES: - -The support files are thinner. The various contrib directory utilities -have not been updated since 2.3a, and since the PGP developers know how -annoying it is to have people using an ancient version and complaining -about a bug in a program that was fixed a year ago, they have been -omitted rather than annoy the contributors in this way. Also, the -language translation file, language.txt, is incomplete. The strings -that were in 2.3a are there, and some that could be updated without -much knowledge of the language, but others that are new to 2.5 are -untranslated. The format should be obvious and some tools for -manipulating the language traslations are included in the contrib -directory. - -Printed KeyIDs have been incresed to 32 bits, as there were enough keys -out there that 24-bit keyIDs were no longer sufficiently unique. The -previous 24-bit keyID is the LAST 6 digits of an 8-digit 32-bit keyID. -For example, what was printed as A966DD now appears as C7A966DD. - -The config-file options - pubring=, - secring=, and - randseed= -have been added. Hopefully, the uses will be obvious. With these, you can -keep keyrings anywhere you like. Of course, they can also be specified on -the command line with +pubring= (or abbreviated to +pub=). - -If the line - comment= -appears in the config file, the line "Comment: " appears in -ASCII armor output. Of course, you can also use this from the -command line, e.g. to include a filename in the ASCII armor, do -"pgp -eat +comment=filename filename recipient". - -PGP now enables clearsig by default. If you sign and ascii-armor a -text file, and do not encrypt it, it is clearsigned unless you ask -for this not to be done. - -The now enables textmode. Textmode detects non-text files and -automatically turns itself off, so it's quite safe to leave on all -the time. If you haven't got these defaults yourself, you might -want to enable them. - -All prompts and progress messages are now printed to stderr, to make them -easier to find and ensure they don't get confused with data on standard -output such as pgp -m output. - -PGP now wipes temp files (and files wiped with pgp -w) with pseudo-random -data in an attempt to force disk compressors to overwrite as much data as -possible. - -On Unix, if the directory /usr/local/lib/pgp exists, it is searched -fror help files, language translations, and the PGP documentation. On -VMS, the equivalent is PGP$LIBRARY:. (This is PGP_SYSTEM_DIR, defined -in fileio.h, if you need to change it for your site.) - -Also, it is searched for a default global config.txt. This file may -be overridden by a local config.txt, and it may not set pubring, -secring, randseed or myname (which should be strictly personal) - -The normal help files (pgp -h) are pgp.hlp or .hlp, such as -fr.hlp. Now, there is a separate help file for pgp -k, called pgpkey.hlp, -or key.hlp. No file is provided by default; PGP will use -its one-page internal help by default, but you can create such a file -at your site. - -On Unix systems, $PGPPATH defaults to $HOME/.pgp. - -PGP used to get confused if you had a keyring containing signatures from -you, but not your public key. (PGP can't use the signatures in this case. -Only signatures from keys in the keyring are counted.) -PGP still can't use the signatures, but prints better warning messages. -Also, adding a key on your secret key ring to your public keyring -now asks if the key should be considered ultimately-trusted. -Prviously, you had to run pgp -ke to force this check, which was -non-obvious. - -Due to a few people distributing PGP without the manual (including one -run of a few thousand CD-ROMs), and the resultant flood of phone calls -from confused users, PGP now looks to make sure a manual is somewhere in -the vicinity when running to discourage this sort of thing. (If you're -getting this warning and need details on how to get rid of it, try pgp -kg.) - -On Unix, PGP now figures out the resolution of the system clock at run -time for the purpose of computing the amount of entropy in keystroke -timings. This means that on many Unix machines, less typing should be -required to generate keys. (SunOS and Linux especially.) - -The small prime table used in generating keys has been enlarged, which -should speed up key generation somewhat. - -There was a bug in PGP 2.3a (and, in fact in 2.4 and dating back to 1.0!) -when generating primes 2 bits over a multiple of the unit size (16 bits -on PC's, 32 bits on most larger computers), if the processor doesn't deal -with expressions like "1<<32" by producing a result of 1. In practice, -that corresponds to a key size of 64*x+4 bits. - -Code changes: - -At the request of Windows programmers, the PSTR() macro used to translate -string has been renamed to LANG(). - -The random-number code has been *thoroughly* cleaned up. So has the -IDEA code and the MD5 code. The MD5 code was developed from scratch and -is available for public use. - -The Turbo C makefile was dropped in favour of a Borland C .prj file. -You can use makefile.msc as a guide if you need one for a command-line -Turbo C. +Changes to PGP 2.5: + + ***** MOST IMPORTANT ***** + +This version of PGP uses RSAREF 2.0, so it's legal in the U.S.! The +RSAREF license forbids you to (among other things; see the license for +full details) "use the program to provide services to others for which +you are compensated in any manner", but that still covers a lot of +people. If you want to use it in a commercial or governmental +setting, talk to ViaCrypt (2014 West Peoria Avenue, Phoenix, Arizona +85029, +1 602 944-0773). + +PGP 2.5 should always be distributed with a copy of the RSAREF 2.0 +license of March 16, 1994 from RSA Data Security, Inc., so that all +users will be aware of their obligations under the RSAREF license. + +Since the RSAREF license conflicts with the GNU General Public License that +PGP was formerly distributed under, the GPL had to go. PGP is still +freely distributable, though. (From a copyright point of view; export +controls or some other legal hassle may apply.) + +*** IMPORTANT CHANGE: + +RSAREF 2.0 can understand only the pkcs_compat=1 formats for signatures +and encrypted files. This has been the default since 2.3, so old files +should not be too much of a problem, but old key signatures will +encounter difficulties. This change will result in a hole being ripped +in the "web of trust" as many old signatures are invalidated. Please check +your key rings (pgp -kc) and re-issue any signatures that have been +invalidated. PGP by default offers to remove such signatures. Even if you +leave them in, they are not trusted. + +Another RSAREF limitation is that it cannot cope with keys longer than +1024 bits. PGP now prints a reasonably polite error message in such a +case. + +OTHER CHANGES: + +The support files are thinner. The various contrib directory utilities +have not been updated since 2.3a, and since the PGP developers know how +annoying it is to have people using an ancient version and complaining +about a bug in a program that was fixed a year ago, they have been +omitted rather than annoy the contributors in this way. Also, the +language translation file, language.txt, is incomplete. The strings +that were in 2.3a are there, and some that could be updated without +much knowledge of the language, but others that are new to 2.5 are +untranslated. The format should be obvious and some tools for +manipulating the language traslations are included in the contrib +directory. + +Printed KeyIDs have been incresed to 32 bits, as there were enough keys +out there that 24-bit keyIDs were no longer sufficiently unique. The +previous 24-bit keyID is the LAST 6 digits of an 8-digit 32-bit keyID. +For example, what was printed as A966DD now appears as C7A966DD. + +The config-file options + pubring=, + secring=, and + randseed= +have been added. Hopefully, the uses will be obvious. With these, you can +keep keyrings anywhere you like. Of course, they can also be specified on +the command line with +pubring= (or abbreviated to +pub=). + +If the line + comment= +appears in the config file, the line "Comment: " appears in +ASCII armor output. Of course, you can also use this from the +command line, e.g. to include a filename in the ASCII armor, do +"pgp -eat +comment=filename filename recipient". + +PGP now enables clearsig by default. If you sign and ascii-armor a +text file, and do not encrypt it, it is clearsigned unless you ask +for this not to be done. + +The now enables textmode. Textmode detects non-text files and +automatically turns itself off, so it's quite safe to leave on all +the time. If you haven't got these defaults yourself, you might +want to enable them. + +All prompts and progress messages are now printed to stderr, to make them +easier to find and ensure they don't get confused with data on standard +output such as pgp -m output. + +PGP now wipes temp files (and files wiped with pgp -w) with pseudo-random +data in an attempt to force disk compressors to overwrite as much data as +possible. + +On Unix, if the directory /usr/local/lib/pgp exists, it is searched +fror help files, language translations, and the PGP documentation. On +VMS, the equivalent is PGP$LIBRARY:. (This is PGP_SYSTEM_DIR, defined +in fileio.h, if you need to change it for your site.) + +Also, it is searched for a default global config.txt. This file may +be overridden by a local config.txt, and it may not set pubring, +secring, randseed or myname (which should be strictly personal) + +The normal help files (pgp -h) are pgp.hlp or .hlp, such as +fr.hlp. Now, there is a separate help file for pgp -k, called pgpkey.hlp, +or key.hlp. No file is provided by default; PGP will use +its one-page internal help by default, but you can create such a file +at your site. + +On Unix systems, $PGPPATH defaults to $HOME/.pgp. + +PGP used to get confused if you had a keyring containing signatures from +you, but not your public key. (PGP can't use the signatures in this case. +Only signatures from keys in the keyring are counted.) +PGP still can't use the signatures, but prints better warning messages. +Also, adding a key on your secret key ring to your public keyring +now asks if the key should be considered ultimately-trusted. +Prviously, you had to run pgp -ke to force this check, which was +non-obvious. + +Due to a few people distributing PGP without the manual (including one +run of a few thousand CD-ROMs), and the resultant flood of phone calls +from confused users, PGP now looks to make sure a manual is somewhere in +the vicinity when running to discourage this sort of thing. (If you're +getting this warning and need details on how to get rid of it, try pgp -kg.) + +On Unix, PGP now figures out the resolution of the system clock at run +time for the purpose of computing the amount of entropy in keystroke +timings. This means that on many Unix machines, less typing should be +required to generate keys. (SunOS and Linux especially.) + +The small prime table used in generating keys has been enlarged, which +should speed up key generation somewhat. + +There was a bug in PGP 2.3a (and, in fact in 2.4 and dating back to 1.0!) +when generating primes 2 bits over a multiple of the unit size (16 bits +on PC's, 32 bits on most larger computers), if the processor doesn't deal +with expressions like "1<<32" by producing a result of 1. In practice, +that corresponds to a key size of 64*x+4 bits. + +Code changes: + +At the request of Windows programmers, the PSTR() macro used to translate +string has been renamed to LANG(). + +The random-number code has been *thoroughly* cleaned up. So has the +IDEA code and the MD5 code. The MD5 code was developed from scratch and +is available for public use. + +The Turbo C makefile was dropped in favour of a Borland C .prj file. +You can use makefile.msc as a guide if you need one for a command-line +Turbo C.