home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Software Vault: The Gold Collection
/
Software Vault - The Gold Collection (American Databankers) (1993).ISO
/
cdr18
/
pgp23.zip
/
NEWFOR23.DOC
< prev
next >
Wrap
Text File
|
1993-06-15
|
4KB
|
78 lines
News for PGP 2.3
This PGP 2.3 release has several bug fixes over PGP 2.2, and a few
new (although somewhat esoteric) features. Among them are:
- An important bug: there was a bug with compression under MS-DOS which
caused the wrong piece of memory to be freed, with results that ranged
from none to undecodable messages to machine crashes.
- When adding keys, PGP now properly closes all the files it opens, so
you don't run out of file handles (MS-DOS) or file descriptors (UNIX).
- Sometimes PGP would not properly ask the user to set trust parameters
when keys were validated by adding new signatures. This has been
fixed.
- When PGP messages are sent through a MIME mail system, a conflict
arises over the use of the '=' character. PGP can now decode ASCII
armored messages which have been mangled by MIME's quoting mechanism.
- PGP previously kept track of one pass phrase (from the PGPPASS
environment variable, the file descriptor named by the PGPPASSFD
environment variable, a -z <password> option, or previous user
prompts), and tried it if it needed a subsequent pass phrase. This
caused bugs if you attempted something that required two pass phrases,
such as pgp -sc (sign and conventionally encrypt). PGP now keeps
track of any number of pass phrases, including multiple -z options,
and uses them as necessary. Mostly, it just Does The Right Thing,
but if you care, the exact algorithm is as follows:
- There is a pool of private-key pass phrases that starts out with the
contents of the PGPPASS environment variable (if any), and has every
pass phrase that is successfully used to unlock a private key added
to it. When a private key needs unlocking, every pass phrase in the
pool is tried first.
- There is a list of PGP pass phrases available for use by whatever needs
one. This is initialized with the -z command-line options and the
phrase read from the PGPPASSFD file descriptor. When a pass phrase
is needed, it is taken from the front of that list. When a pass
phrase is needed to unlock a secret key, every key on the list is tried,
and if it "fits" and unlocks the secret key, it is moved to the key
pass phrase pool.
- If the above fails to produce a pass phrase, the user is prompted to
supply one.
Key generation (we need all the keystrokes we can get for random-number
accumulation) and key signing (to make sure the user really means to do
what they're doing) are exceptions; the user is always prompted for a
pass phrase under those circumstances.
New options:
+pkcs_compat=n
This defaults to 1, which tells PGP to generate encryption key
and signature blocks in a format derived from the PKCS standards.
This format is understood (but not generated) by PGP 2.2. If set
to 0, the old format is generated, which may be needed for
portability to PGP versions before 2.2. PGP is still incompatible
with the PKCS standards in many ways, but in future, values of 2
or higher may be used to produce formats which are more compatible.
Other notes:
The MS-DOS executable was compiled with Borland C++ version 7.0,
optimized for maximum speed. The pgp.prj file that was used is
included in the source distribution.
Thanks to everyone who worked on PGP and sent in bug reports. Two who
didn't make it into the manual are to Lindsay DuBois for a bit of last-
minute translation, and Reptilian Research for support in developing PGP.
And thanks to the Cypherpunks who managed to get PGP so much attention
in Wired magazine recently.
I hope you enjoy PGP!
-Colin <colin@nyx.cs.du.edu>
