What’s new in GnuPG 2.2.17:
- gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures. The old behaviour can be achieved by adding keyserver-options no-self-sigs-only,no-import-clean to your gpg.conf. [#4607]
- gpg: If an imported keyblocks is too large to be stored in the keybox (pubring.kbx) do not error out but fallback to an import using the options “self-sigs-only,import-clean”. [#4591]
- gpg: New command –locate-external-key which can be used to refresh keys from the Web Key Directory or via other methods configured with –auto-key-locate.
- gpg: New import option “self-sigs-only”.
GnuPG (also known as GPG or GNU Privacy Guard) is an open source, free and complete replacement for PGP (Pretty Good Privacy) developed because it does not use the patented IDEA algorithm that is used in PGP, and because it can be used without any restrictions.
An RFC2440 (OpenPGP) compliant application
Being written from scratch, GnuPG is a RFC2440 (OpenPGP) compliant application. It can be used as a filter program and provides far better functionality than Pretty Good Privacy, as well as some security enhancements over PGP 2.
Supports decryption of PGP 5/6/7 messages and numerous encryption algorithms
GnuPG is capable of decrypting and verifying PGP 5, 6 and 7 messages. It supports the DSA, RSA, AES, 3DES, Blowfish, Twofish, ElGamal, CAST5, SHA-1, MD5, TIGER and RIPE-MD-160 encryption algorithms, as well as S/MIME.
The project supports key and signature expiration dates, optional anonymous message receivers and HKP keyservers (wwwkeys.pgp.net). In addition, it allows users to encrypt and sign both their communication and data.
Among other notable features, we can mention a versatile key management system, access modules for all sorts of public key directories, as well as easy integration with other projects. A plethora of front-end applications for GnuPG are available for download on Softpedia.
Under the hood and availability
GnuPG is a GNU project, a command-line application written entirely in the C programming language. It is distributed in two separate branches, version 1.4 and 2.0, available for download as a source archive, but installable from the default software repos of your favorite Linux OS.
Bottom line
Summing up, GnuPG is Linux’s best free and complete implementation of the OpenPGP standard as explained on the RFC4880 document located at http://www.ietf.org/rfc/rfc4880.txt.
With the GnuPG installed and configured on your GNU/Linux system, you will be able to send and view encrypted email messages, using any open source email client that supports the GnuPG standard.
