Copyright (C)  2017, 2018, 2019 Heiko Stamer <HeikoStamer@gmx.net>

Permission is granted to copy, distribute and/or modify this document under
the terms of the GNU Free Documentation License, Version 1.3 or any later
version published by the Free Software Foundation; with no Invariant Sections,
no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is
included in the sources of this package and additionally can be obtained from
the Internet <https://www.gnu.org/licenses>.

1.1.1   Some small improvements have been applied for dkg-generate: Two new
        options ("-u" and "-N") allow providing the initial user ID and to
        disable the passphrase at command line. Moreover, since this release
        dkg-timestamp and dkg-timestamp-verify require a special key usage flag
        from recent RFC 4880bis draft to select so-called timestamping keys.
        Finally, the synchronization time of the internally used broadcast
        protocol was reduced to a more reasonable amount and in dkg-decrypt the
        detection of end of data for message and decryption shares was changed.
1.1.0   In this release AEAD support (cf. draft RFC 4880bis) has been added
        for dkg-encrypt and dkg-decrypt. Please note that it requires LibTMCG
        version >= 1.3.16 and at least libgcrypt version >= 1.7.0 for OCB mode.
        Moreover, if dkg-generate is called with the new option "--timestamping"
        then a corresponding key usage flag from draft RFC 4880bis is set. 
1.0.9   This release improves the possibilities of DKGPG further. With the new
        programs dkg-adduid and dkg-revuid an user ID can be added and revoked,
        respectively. The program dkg-revoke now supports a human-readable
        reason for revocation (by option "-R") and dkg-decrypt verifies an
        included signature according to a given keyring (option "-k"). Last
        but not least, by the program dkg-addrevoker an external revocation
        key can be specified.
1.0.8   With this release a lot of improvements and new features are introduced.
        First of all, passive support for ECDSA, ECDH, and EdDSA (cf. RFC 6637
        and Werner Koch's draft RFC 4880bis) has been added by relying on the
        most recent version of LibTMCG. The threshold signature scheme and the
        threshold encryption are still limited to finite field cryptography
        (i.e. DSA and ElGamal). Moreover, the programs generate and recognize
        a few other new OpenPGP features (e.g. issuer fingerprint subpackets)
        from RFC 4880bis. Compressed messages are now decompressed by the
        program dkg-decrypt using zlib Compression Library (and optionally by
        library routines from libbzip2). This completes DKGPG's compatibility
        with other OpenPGP software, however, the prefered compression algorithm
        (i.e. "no compression") in self-signatures of generated keys is kept
        for now. Support for symmetric-key decryption by dkg-decrypt has been
        added too. The program dkg-verify now reads the signature from a file,
        if option "-s" is used. To keep track of later protocol changes, all
        interactive programs include a version identifier in their common ID of
        the reliable broadcast channel. Thus programs from previous releases
        will not communicate with those of this release. With the new programs
        dkg-timestamp and dkg-timestamp-verify a OpenPGP timestamp signature
        can be generated and verified, respectively. Last but not least, by the
        new option "-y" some programs (dkg-generate, dkg-decrypt, dkg-sign,
        dkg-keysign, and dkg-timestamp) will work with regular OpenPGP keys too.
        The README file contains a configuration sample showing how to replace
        classic PGP by DKGPG in the famous mail user agent mutt based on this
        option. Please note that this feature is experimental and semantics
        may be changed later.
1.0.7   This release contains a lot of small improvements, in particular due to
        the new OpenPGP structures from LibTMCG. The option "-k" (keyring) has
        been added to further programs. OpenPGP cleartext signatures can now be
        generated with dkg-sign by option "-t" and the output of potentially
        malicious user IDs has been sanitized in dkg-keycheck, dkg-keyinfo, and
        dkg-keysign. Finally, the source code has been cleaned up.
1.0.6   Again some important improvements have been introduced, e.g., the
        support for external revocation keys when validating a public key
        or new options for different signature types of dkg-keysign. The most
        notable change is the usage of a new key block and signature parser
        from LibTMCG. Thus code complexity has been reduced a little bit. 
1.0.5   Major improvements have been achieved in this release: For signing
        of an OpenPGP public key (certification) the program dkg-keysign is
        contained. With dkg-keycheck and the option "-r" some basic checks on
        RSA keys can be performed. Two new options ("-f" and "-t") enhance
        the possibilities of dkg-verify. A new option for dkg-encrypt make
        use of zero key ID encryption privacy. Last but not least, memory
        locking and secure memory allocation have been implemented.
1.0.4   Since this release not required OpenPGP packets will be ignored.
1.0.3   Only small bugfixes are included in this release. However, the most
        recent version of LibTMCG is required to recognize some important
        library changes (e.g. increased S2K count for secret key encryption).
1.0.2   This release brings small improvements for dkg-keyinfo and fixes
        some bugs and memory leaks. It also adjusts the flags of shared DSA
        keys generated with dkg-generate due to a hidden RFC 4880 requirement.
        Now DKGPG additionally contains the program dkg-keycheck for analyzing
        other public DSA and ElGamal keys w.r.t. some basic properties.  
1.0.1   Small improvements have been achieved in this maintenance release:
        First, the program dkg-keyinfo now contains the option "-m" to migrate
        an abandoned peer identity. However, the choice is limited in some
        sense, because the new peer identity must have the same lexicographical
        position within the canonicalized peer list as the old one. Moreover,
        all active parties are required to do this migration in a coordinated
        way since the peer list is stored as part of the private key. Second,
        the echo of passphrase characters is removed when reading from STDIN.
        Finally, some memory leaks found by Valgrind have been fixed. Please
        note that this release requires LibTMCG version >= 1.3.5.
1.0.0	This is the initial release of Distributed Privacy Guard (DKGPG).


