- GnuPG 2.3.1:
* The new configuration file common.conf is now used to enable
the use of the key database daemon with "use-keyboxd". Using
this option in gpg.conf and gpgsm.conf is supported for a
transitional period. See doc/example/common.conf for more.
* gpg: Force version 5 key creation for ed448 and cv448 algorithms.
* gpg: By default do not use the self-sigs-only option when
importing from an LDAP keyserver.
* gpg: Lookup a missing public key of the active card via LDAP.
* gpgsm: New command --show-certs.
* scd: Fix CCID driver for SCM SPR332/SPR532.
* scd: Further improvements for PKCS#15 cards.
* New configure option --with-tss to allow the selection of the
TSS library.
- Rebase patches:
* gnupg-add_legacy_FIPS_mode_option.patch
* gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
* gnupg-dont-fail-with-seahorse-agent.patch
* gnupg-set_umask_before_open_outfile.patch
- GnuPG 2.3.0:
* A new experimental key database daemon is provided. To enable
it put "use-keyboxd" into gpg.conf and gpgsm.conf. Keys are stored
in a SQLite database and make key lookup much faster.
* New tool gpg-card as a flexible frontend for all types of
supported smartcards.
* New option --chuid for gpg, gpgsm, gpgconf, gpg-card, and
gpg-connect-agent.
* The gpg-wks-client tool is now installed under bin; a wrapper for
its old location at libexec is also installed.
OBS-URL: https://build.opensuse.org/request/show/899451
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=267
- upgrade to 2.1.0 (modern)
- The file "secring.gpg" is not anymore used to store the secret
keys. Merging of secret keys is now supported.
- All support for PGP-2 keys has been removed for security reasons.
- The standard key generation interface is now much leaner. This
will help a new user to quickly generate a suitable key.
- Support for Elliptic Curve Cryptography (ECC) is now available.
- Commands to create and sign keys from the command line without any
extra prompts are now available.
- The Pinentry may now show the new passphrase entry and the
passphrase confirmation entry in one dialog.
- There is no more need to manually start the gpg-agent. It is now
started by any part of GnuPG as needed.
- Problems with importing keys with the same long key id have been
addressed.
- The Dirmngr is now part of GnuPG proper and also takes care of
accessing keyserver.
- Keyserver pools are now handled in a smarter way.
- A new format for locally storing the public keys is now used.
This considerable speeds up operations on large keyrings.
- Revocation certificates are now created by default.
- Card support has been updated, new readers and token types are
supported.
- The format of the key listing has been changed to better identify
the properties of a key.
- The gpg-agent may now be used on Windows as a Pageant replacement
for Putty in the same way it is used for years on Unix as
ssh-agent replacement.
- Creation of X.509 certificates has been improved. It is now also
possible to export them directly in PKCS#8 and PEM format for use
OBS-URL: https://build.opensuse.org/request/show/260826
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=79
