gnupg-2.3.4

[Douglas R. Reno]

New minor version

[ken@…]

From the announcement at ​https://lists.gnu.org/archive/html/info-gnu/2021-04/msg00000.html (found via phoronix)

Hello!

We are pleased to announce the availability of a new GnuPG release:
version 2.3.0.  This release marks the start of public testing releases
eventually leading to a new stable version 2.4.

Although some bugs might linger in the 2.3 versions, they are intended
to replace the 2.2 series.  2.3 may even be used for production purposes
if either the risk of minor regressions is acceptable or the new
features are important.

Details of the changes in 2.3.0 are listed at ​https://dev.gnupg.org/T5343 (too much to list here).

I'm uncertain if we should be moving to 2.3 ?

[Douglas R. Reno]

We could stay with 2.2, but the release announcement notes that it's meant to replace the 2.2 series.

Noteworthy changes in version 2.3.0 (2021-04-07)
================================================

  * A new experimental key database daemon is provided.  To enable it
    put "use-keyboxd" into gpg.conf and gpgsm.conf.  Keys are stored
    in a SQLite database and make key lookup much faster.

  * New tool gpg-card as a flexible frontend for all types of
    supported smartcards.

  * New option --chuid for gpg, gpgsm, gpgconf, gpg-card, and
    gpg-connect-agent.

  * The gpg-wks-client tool is now installed under bin; a wrapper for
    its old location at libexec is also installed.

  * tpm2d: New daemon to physically bind keys to the local machine.
    See https://gnupg.org/blog/20210315-using-tpm-with-gnupg-2.3.html

  * gpg: Switch to ed25519/cv25519 as default public key algorithms.

  * gpg: Verification results now depend on the --sender option and
    the signer's UID subpacket.  [#4735]

  * gpg: Do not use any 64-bit block size cipher algorithm for
    encryption.  Use AES as last resort cipher preference instead of
    3DES.  This can be reverted using --allow-old-cipher-algos.

  * gpg: Support AEAD encryption mode using OCB or EAX.

  * gpg: Support v5 keys and signatures.

  * gpg: Support curve X448 (ed448, cv448).

  * gpg: Allow use of group names in key listings.  [e825aea2ba]

  * gpg: New option --full-timestrings to print date and time.

  * gpg: New option --force-sign-key.  [#4584]

  * gpg: New option --no-auto-trust-new-key.

  * gpg: The legacy key discovery method PKA is no longer supported.
    The command --print-pka-records and the PKA related import and
    export options have been removed.

  * gpg: Support export of Ed448 Secure Shell keys.

  * gpgsm: Add basic ECC support.

  * gpgsm: Support creation of EdDSA certificates.  [#4888]

  * agent: Allow the use of "Label:" in a key file to customize the
    pinentry prompt.  [5388537806]

  * agent: Support ssh-agent extensions for environment variables.
    With a patched version of OpenSSH this avoids the need for the
    "updatestartuptty" kludge.  [224e26cf7b]

  * scd: Improve support for multiple card readers and tokens.

  * scd: Support PIV cards.

  * scd: Support for Rohde&Schwarz Cybersecurity cards.

  * scd: Support Telesec Signature Cards v2.0

  * scd: Support multiple application on certain smartcard.

  * scd: New option --application-priority.

  * scd: New option --pcsc-shared; see man page for important notes.

  * dirmngr: Support a gpgNtds parameter in LDAP keyserver URLs.

  * The symcryptrun tool, a wrapper for the now obsolete external
    Chiasmus tool, has been removed.

  * Full Unicode support under Windows for the command line.  [#4398]

  Release-info: https://dev.gnupg.org/T5343

[Bruce Dubbs]

The home page says: The current version of GnuPG is 2.2.27.

​https://www.gnupg.org/download/index.html says 2.3.0 is a development release.

[Douglas R. Reno]

The consensus seems to be that this a development release, so I will mark it as such

[Douglas R. Reno]

Change version to "Git"

[pierre]

Now 2.3.4. It is not deemed as development on the website. 2.2.34 (the version currently in the book) is deemed "LTS". So I think this ticket should be moved to the 11.2 milestone.

[Bruce Dubbs]

Fixed at commit ee15a73618fce927b8e8b708e8726314cd08dab2