Saturday, November 25, 2006

GnuPG 2.0 Released

Here's the press release of GnuPG 2.0 Release:

The GNU project is pleased to announce the availability of a new stable GnuPG release: Version 2.0.0.

The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital signatures, help authenticating using Secure Shell and to provide a framework for public key cryptography. It includes an advanced key management facility and is compliant with the OpenPGP and S/MIME standards.

GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.5) in that it splits up functionality into several modules. However, both versions may be installed alongside without any conflict. In fact, the gpg version from GnuPG-1 is able to make use of the gpg-agent as included in GnuPG-2 and allows for seamless passphrase caching. The advantage of GnuPG-1 is its smaller size and the lack of dependency on
other modules at run and build time. We will keep maintaining GnuPG-1 versions because they are very useful for small systems and for server based applications requiring only OpenPGP support.

GnuPG is distributed under the terms of the GNU General Public License (GPL). GnuPG-2 works best on GNU/Linux or *BSD systems. Other POSIX compliant systems are also supported but have not yet been tested very well.

What's New in GnuPG-2

* The *gpg-agent* is the central place to maintain private keys and to cache passphrases. It is implemented as a daemon to be started with a user session.

* *gpgsm* is an implementation of the X.509 and CMS standards and provides the cryptographic core to implement the S/MIME protocol.
The command line interface is very similar to the one of gpg. This helps adding S/MIME to application currently providing OpenPGP support.

* *scdaemon* is a daemon run by gpg-agent to access different types of smart cards using a unified interface.

* *gpg-connect-agent* is a tool to help scripts directly accessing services of gpg-agent and scdaemon.

* *gpgconf* is a tool to maintain the configuration files of all modules using a well defined API.

* Support for Dirmngr, a separate package to maintain certificate revocation lists, do OCSP requests and to run LDAP queries.

* Support for the Secure Shell Agent protocol. In fact, gpg-agent may be used as full replacement of the commonly used ssh-agent daemon.

* Smart card support for the Secure Shell.

* Documentation is now done in Texinfo. Thus besides Info, HTML and PDF versions may easily be generated.

* Man pages for all tools.