GPG

This patch (signature) for GPG 1.0.6 enables the printing of fingerprints for revoked keys when using the normal --with-fingerprint switch to display the contents of a keyring file. For GPG 1.0.7 and 1.2.0, change "print_fingerprint( pk, NULL )" to "print_fingerprint( pk, NULL, 0 )" in the patch file.

pad (encryption utility)

My followup to FreeBSD PR ports/27323 has a PGP-signed patch for the FreeBSD port of pad 1.0.4. FreeBSD PR ports/32810 is the new PR that I was advised to open so it could be assigned to the port maintainer.

pgpring (PGP keyring display utility, part of mutt)

This patch (signature) for pgpring adds fingerprint output via -f and fixes a problem with type 20 (ElGamal encrypt+sign) keys. Fingerprints are also printed for subkeys (use --with-fingerprint twice to display them in GPG). Since pgpring also ships with the keyanalyze distribution, this patch does not modify any Makefiles to link md5c.o into pgpring. If you need the MD5 modules for keyanalyze, get them from a mutt distribution. This patch was developed for mutt 1.3.24.

pks (PGP keyserver software)

My first patch (signature) for pks was developed for the FreeBSD port of pks 0.9.4. It should be applied after the existing patches in the FreeBSD port, which were copied from the NetBSD port patches developed by Dave Burgess. My patch identifies itself in the pks version string as "PGP Key Server 0.9.4+patch2+JHpatch1." Enhancements in the first patch include:

• HKP (WWW) key submissions disabled by default, enabled via configuration file
• nicer formatting of long (SHA-1) fingerprints
• pksdctl usage() shows available commands/arguments
• manual page fixes

• version 4 RSA keys stored under correct keyid, fingerprints fixed
• type 20 (ElGamal encrypt+sign) key fingerprints fixed
• display of signature creation dates (vindex)
• display of key type after key size (e.g. 1024R or 1024D v. 1024)
• vindex output text and whitespace changed to more closely match GPG's
• display "rev" for uid. cert. revocation sigs (0x30) (vindex)
• uid cert. revocation sigs no longer replace the sigs they revoke
• user attribute (type 17, photo ID) packets are ignored
• subkeys handled properly, subkey data displayed in vindex listings, duplicated subkeys detected and merged
• compare long keyids and raw packets to disambiguate keys (allowing more keys with duplicate short keyids to be stored properly instead of being merged)
• display keyid 00000000 (a currently unknown key, v. FFFFFFFF, a known key) for unreadable (usually X.509) signatures
• key deletions continue when a userid word isn't found (pksclient)
• direct key signatures (tag 0x1F) supported, designated revoker fingerprint displayed w/link to vindex of key by short keyid
• display [selfsig] ([keybind] for subkeys) where long keyids match, flag non-selfsigned subkey binding sigs and key/subkey revocation certs.
• sort userid cert. signatures by short keyid, long keyid, timestamp, signature class, and raw packet, store all versions of all userid cert. signatures
• signatures on duplicate userids merged
• compare raw packets before reporting ignoring changed revocation signature
• BDB SHMEM size (dbenv.mp_size) tunable via PKS_SHMSIZE_MB envt. variable
• (HTML) horizonal rules between displayed keys
• (HTML) userids on signatures link to verbose indices of the signing keys
• (HTML) non-primary userids and userid cert. signatures from unavailable keys no longer display as links
• (HTML) link to biglumber.com records by full fingerprint and short keyid, e.g. my key -> my biglumber entry, when op=vindex and fingerprint=on
• (HTML) links to subkeys
• process/store UTF-8 userid strings properly
• (HTTP/HKP) generate Date:, Content-Length:, and Content-MD5: headers for most replies
• (HTTP/HKP) support HEAD requests
• (HTTP/HKP) generate ETag: headers (SHA-1 hashes) for most replies, support ETag-based cache-control via If-None-Match: request header (and switch to Content-SHA1: v. Content-MD5:)
• (HTTP/HKP) allow connection reuse for HTTP/1.1 clients

$Date: 2005/01/12 19:26:18 $