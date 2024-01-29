Versie 4.3.0 van Gpg4win is uitgekomen. Met dit programma kan een stukje zekerheid aan het versturen van e-mails en bestanden worden toegevoegd. Zo kunnen deze worden versleuteld met OpenPGP of S/MIME. Daarnaast kan aan de hand van een digitale handtekening zowel de integriteit van de bestanden of e-mails, als de afzender worden geverifieerd. Om dit alles te bewerkstelligen maakt Gpg4win gebruik van een aantal externe programma's zoals GnuPG, Kleopatra, GpgOL en GpgEX. De changelog voor deze uitgave kan hieronder worden gevonden.

Changes in version 4.3.0: Kleopatra: A new mail viewer mode has been added, allowing crypto mails received by mail clients without PGP/MIME or S/MIME support to be decrypted. This means that you can open an SMIME.p7m file or openpgp-encrypted-message.asc attachment with Kleopatra, and it will be displayed as a mail. [T6199]

Kleopatra: It is now possible to certify multiple certificates at once using the group interface. [T6469]

Okular (GnuPG Edition): This PDF reader has received a lot of updates and is now ready for everyday's use.

GnuPG: Support for proxy authentication using the Negotiation method has been added. [T6719]

GnuPG: Keyserver can now be configured to the value "none" to avoid unnecessary queries to non-existing keyservers that would slow down the system. [T6708]

GnuPG: Es kann nun der Wert "none" als Schlüsselserver verwendet werden, um unnötige Abfragen gegen nicht existierende Server zu vermeiden, die das System verlangsamen würden. [T6708]

GnuPG: A new option has been added to ignore specific CRL extensions. This can help as a workaround for problems with specific CRLs. [T6545]

GnuPG: Automatic proxy detection has been improved. [T5768]

Kleopatra: The start time of Kleopatra has been drastically improved on throttled systems with third-party software installed, which manipulates system calls. The number of system calls to start Kleopatra has been roughly halved. [T6259]

Kleopatra: The advanced options in the certification view are now automatically visible if they were open in the last certification. [T6480]

Kleopatra: Windows dark mode is now fully supported. [T4066]

Kleopatra: Some invalid operations, such as signing with an expired certificate, which would have resulted in errors, can no longer be triggered. The reason for this is indicated, too. [T6742 T6788]

Kleopatra: The support for Telesec signature cards has been improved. [T6830]

Kleopatra: When exporting or publishing certificates, the user is now informed if there are uncertified certificates in the export. This is especially useful when exporting groups. [T6766]

Kleopatra: Expiry dates after 19.01.2038 (year 2038 bug) are now possible. [T6736]

Kleopatra: The dialog to extend OpenPGP certificates has been improved and redundant options removed. [T6621]

Kleopatra: When creating archives, they are now written out as a .part file to improve error handling and canceling the operation without leaving a broken archive in the file system. [T6584]

Kleopatra: Updating certificates now also looks for updates in a Web Key Directory if one exists for the domain. [T5951]

Kleopatra: Progress bars are now also properly shown for S/MIME file operations. [T6534]

GpgOL: Added support for RFC2231 encoded attachment filenames, which increases compatibility with Apple Mail. [T6604]

GpgOL: Draft encryption with S/MIME certificates now skips CRL checks and is much faster and reliable. [T6827]

GpgOL: The error handling was improved if a preference for S/MIME is set and signing selected but no signing certificate can be found. See: https://gnupg.com/vsd/registry-settings.html (smimeNoCertSigErr) on how to add a custom message to instruct users what to do in this case. [T6683]

GpgOL: It is now possible to encrypt to S/MIME certificates that are untrusted or cannot be validated because of CRL errors. In this case a warning dialog is shown, allowing the user to override the errors. This is not VS-NfD compliant but can be used for unrestricted encryption. [T6701]

GpgOL: Mails without the correct MIME type but which still look like crypto mails are now decrypted. This improves compatibility with Apple Mail and various mail gateways that modify the structure of crypto mails in transit. [T6701]

GpgOL: The internal attachments are now called "GpgOL_MIME_structure.mime" instead of "GpgOL_MIME_structure.txt" to make it easier to link them to Kleopatra. This is, for example, visible for users when using the Outlook web interface. [T6656]

GpgOL: The initialization has been moved to avoid the incorrect message that GpgOL is causing a slow start of Outlook. This message might still be shown, since Outlook shows this sometimes regardless of actual timings, but the delay should be 0ms. [T6856]

GpgOL: The security approval dialog has been improved to better show problems with the available certificates in case a compliant encryption is not possible. [T6742 T6743 T6744]

GpgOL: The security approval dialog now increases its size based on the number of recipients to avoid having to use a scroll bar. [T6837]

Kleopatra: The state of Kleopatra is now properly stored in configuration files when Kleopatra is shut down on user log out. [T6667]

Kleopatra: Importing a certificate with Kleopatra will now open the main window of Kleopatra. [T6671]

Kleopatra: No longer unnecessarily watches the clipboard for changes; this could have caused issues with password managers that would empty the clipboard as soon as a third-party application tried to access it. [T6531]

Kleopatra: It is no longer possible to set expiry dates in the past. [T6519]

Kleopatra: Importing multiple certificates at once can no longer cause Kleopatra to lock up. [T6323]

Kleopatra: When generating keys on a smart card in compliance mode, only compliant algorithms are offered. [T6750]

Kleopatra: Fixed an issue where certificate tags would not be displayed correctly after reloading certificates. [T6768]

GpgOL: The security approval dialog now correctly updates the compliance status after switching protocols. [T6600]

GpgOL: The security approval is now always shown and displays the correct state for groups containing untrusted or otherwise non-compliant certificates. [T6401]

GpgOL: Fixed an issue with S/MIME opaque signed mails where the contents of invalid signed mails would not be shown. [T6624]

GpgOL: When generating a key through the security approval dialog, the configured default algorithms from GnuPG are now used. [T6805]

GpgOL: Generating keys through the security approval dialog now works as intended. [T6813 T6823 T6566]

GpgOL: A crash issue has been resolved that could occur when switching between different Outlook views, for example, from the calendar back to the mail view, while a crypto mail was open. This crash was only happening in Outlook versions older than Outlook 2019 or when the "always preview messages" setting was enabled. This potential crash affected all modern versions of GpgOL. (T6861)

GnuPG: For a full list of the backend changes between GnuPG 2.4.3 in Gpg4win-4.2.0 and GnuPG 2.4.4 in Gpg4win-4.3.0 please see: https://dev.gnupg.org/T6578

GnuPG: 2.4.4

Kleopatra: 3.2.0

GpgOL: 2.5.12

GpgEX: 1.0.10

Okular: 23.11.70

Kompendium DE: 4.0.1

Compendium EN: 3.0.0