CHANGES up to 30.8.95 -- RELEASE OF PGP6 Changes from ELM PGP5a to PGP6 (by R. Muchsel) ------------------------------ - Fixed numerous typos, glitches, errors in the help files and fixed some screen update problems and other loose ends. - Added a fix to Configure to work properly with GNU "nr" - Fixed the Makefile so that elm-help.4 will be installed on make install. - Changed hot keys: si(g)n instead of C)learsign (the message didn't fit into 1 line) ke(y) management instead of ^K - Signing and encrypting a key is now allowed. - Added support for PGP keys to mail address links. You can use this function to alias keys, add keys for multiple recipients (when using a mailing list), etc. - Key management sub-menu: * Display proper error message when trying to remove signature from a disabled key. * Keys are now sent from the key management sub-menu. Multiple keys can be tagged. * Keys can be tagged and added to a key/address link * The key/address link file can be edited * Changed a few hot keys * Made menu and help more consistent with the alias sub-menu. * All functions now use the key ID instead of the user name. - Use the current key ring (i.e. the one selected in the key management sub-menu) when adding keys from an e-mail and when sending keys, when sending mails and decrypting mails. - Deleting keys is now interactive and will therefore work if a user has multiple user IDs. - Messages can now be interlocked (i.e. the software will detect PGP messages and keys within encrypted messages), ad infinitum. - Added S)ave option, which saves a message in decrypted format. COMMENTS, REQUESTS and CHANGES up to 5.8.95 -- RELEASE OF PGP5a From ralf@waldorf-gmbh.de Mon Jun 12 00:32:05 1995 ...one is not able to configure pgp-elm without having installed pgp before. the configure script blocks after the question 'where is pgp stored on this system'. --> Configure script should actually catch such cases, but does not seem to --> work. /gec ==> FIXED /gec From roessler@sobolev.rhein.de Wed, 14 Jun 1995 03:25:37 > mir ist gerade ein Segfault mit Elm gelungen: Versehentlich beim > Mausbedienen mit dem Aermel auf eine Funktionstaste gekommen, mehrere > Zeilen wurden zugemuellt (`Set current message to:'), Elm produziert > daraufhin einen Segfault [reproduzierbar]. Da ich im Moment absolut keine > Zeit habe (und ausserdem mein elm nicht mit -g compiliert ist), die Bitte, > ob sich vielleicht einer von Euch das mal naeher ansehen kann. From chris@phil.uni-sb.de Wed Jun 14 03:43 MET 1995 Ja, wenn man 20 Sekunden in den Code reinguckt (in_utils.c), sieht man, dass das zwangslaeufig knallen muss. Die eine Routine (read_number()) legt einen Puffer der Groesse NLEN (48) an und gibt ihn der Funktion optionally_enter(), die davon ausgeht, dass er SLEN (256) Zeichen gross ist. --> read_number should create buffer of size SLEN, not NLEN /gec ==> FIXED /gec From bontchev@fbihh.informatik.uni-hamburg.de Thu Jun 15 12:43 MET 1995 > a. PGP support is only active and visible if the following conditions are met > - Environment variable PGPPATH points to the key ring AND Aha, so *this* is why Elm-PGP suddenly stopped working on my system! You see, my PGPPATH variable points to where the PGP directory is; not to the keyring. The keyring is elsewhere (I am using the public keyring of our keyserver which runs from a different account) and is pointed to by a variable in the file config.txt. --> elm-pgp should parse config.txt and (for searching purposes behave just --> as pgp does). Easiest way might be to grap out the pgp-sources --> how it hunts the default pubring. /gec --> Even easier would be to place a symbolic link in the PGPPATH directory, --> which points to the acutal keyring /bontchev --> a third solution would be to disable elm-pgp's check about wether the --> keyring is accessible or not. /gec ==> extended to check in ~/.pgp if no PGPPATH, and accept config.txt too /gec ==> before checking for config.txt .pgprc is checked. From Ralf Baechle Sun, 11 Jun 1995 02:21:07 > heiten. Ich habe Elm bei mir so konfiguriert, dass er die abgeschickten > Emails in den entsprechenden Mailfoldern abspeichert. Da steht das Zeug > zwar auch beim PGP Elm drin - aber mit Deinem Schluessel verschluesselt... --> use PGP's ENCRYPTTOSELF, add this to the readme, together with other --> options that should be placed in the config-txt of PGP /gec ==> Added section 2.h to README /gec From Ralf Baechle Sun, 11 Jun 1995 02:21:07 > Ich finde es gar nicht gut, dass PGP Elm nur entweder an alle oder an > gar niemanden die Emails verschluesselt verschickt. Das ist z.B. nicht > besonders praktisch, wenn nur ein Teil der Adressaten einen Schluessel > in meinem Publickeyring hat. Da sollte doch wenigstens gefragt werden, > ob man > - nichts > - so weit als moeglich verschluesselt > - alles unverschluesselt > verschicken will. Oder falls das Problem auftritt hat man einfach nur > falsche Adressen angegeben? --> In my opinion it is a *bad* idea to only partially encrypt. The rest --> of the effects should be catched by the send-menu. /gec ==> comments, please! From Ralf Baechle Sun, 11 Jun 1995 02:21:07 > Weiterhin muss wohl auch noch etwas daran gearbeitet werden, welche > Schluessel fuer CC, BCC und einer/mehrere To-adressen verwendet werden. > Waere doch z.B. ungeschickt, wenn die BCCs nicht "blind" sind, weil der > Nachricht dann mit PGP noch rausfinden kann, dass sie auch noch mit > anderen Schluesseln zu lesen ist... Na, das aktuelle Problem mit BCC > ist auf jeden Fall, dass der BCC Adressat die Email gar nicht lesen kann, > weil sie mit dem/den To- Keys verschluesselt wird... --> do a check for using PGP on the bcc part to, eventually re-encrypt with --> new keys. /gec ==> BCC-Keys are now checked too, and the message is encrypted by using them. ==> This compormises the semantics of bcc: as any receiver could check for ==> who the message has been encrypted. /gec ==> Comments ? From rmuchsel@iiic.ethz.ch Tue Jun 20 11:25 MET 1995 > From gec > I just checked rm's sources, and I see no reason why he actually controls if > the public keyring exists. Perhaps you may (for a first go) just remove the > function access_keys() and any call to it ? Der public key ring wird checkt, damit der pgp elm generell installiert werden kann (fuer alle User), die user ohne pgp es aber nicht merken. Vielleicht keine so gute Idee.. --> might remove call to access_check() /gec ==> IGNORED, see extensions to access_keys above /gec From kssingvo@immd4.informatik.uni-erlangen.de Wed Jun 21 14:54 MET 1995 it would be a great help, if you would add a note, where the actual version of PGP ELM can be found into the file README.PGP-Support. So please, can you tell me, where I can find it what the actual patchlevel is? --> add to readme /gec ==> DONE /gec From kester@unix-ag.uni-kl.de Wed Jul 12 22:38 MET 1995 One bug, I want to report: On our system ELM-PGP dumps a core if forced into PGP-mode when PGPPATH unset and ~/.pgp not existant. [with patch] BTW Another approach to combine ELM with PGP is ELM 2.4 PL24 ME5a. Info can be found at http://www.cs.hmc.edu/people/me/elm/me.html). --> remove access_check, more smart hunting of keyring for ^K function /gec ==> patch modified and applied /gec From almesber@lrc.epfl.ch Mon Jul 24 11:46 MET 1995 Uebrigens, zu PGP: wann kommt das naechste Update von elm-pgp ? Es waere z.B. auch nett, wenn die PGP-Features auch in den Help-Texten waeren. (Und auch in den nicht-Expert-Menues.) --> who types them in ? /gec ==> TO DO From caronni@tik.ee.ethz.ch 3.8.95 --> Change 'E' flag to P, E is used for Expired ==> DONE /gec From caronni@tik.ee.ethz.ch 3.8.95 The keyring that was selected in the key-menu should be used for future pgp invocations. --> ? ==> Comments, please! From caronni@tik.ee.ethz.ch 5.8.95 --> Add +textmode=off for check of passphrase, to remove warning ==> DONE /gec From caronni@tik.ee.ethz.ch 5.8.95 Multiple keyrings should be possible. So you can have a small keyring with the keys you usually use, and a large one, which takes substantially more time to process. --> ? ==> Comments ? From caronni@tik.ee.ethz.ch 5.8.95 --> Send-Menu for sending of keyring too! (perhaps one wants to encrypt the --> keyring, or abort the operation! ==> DONE /gec