fredette@theory.lcs.mit.edu (Matt Fredette) writes: ================================================== Subject: new MIT software release A new release of the MIT SDSI/SPKI C software distribution is available. Go to http://theory.lcs.mit.edu/~cis/sdsi.html and follow the software distribution links in the paragraph about SDSI/SPKI 2.0. Note that you must be a US or Canadian citizen, etc., to get this software. The following binary builds are available: sdsi20-0.4.0-sparc-sun-sunos4.1.4.tar.gz sdsi20-0.4.0-sparc-sun-solaris2.5.1.tar.gz sdsi20-0.4.0-i386-pc-solaris2.6.tar.gz sdsi20-0.4.0-i386-unknown-netbsd1.1.tar.gz sdsi20-0.4.0-mips-sgi-irix5.3.tar.gz An Intel Linux build will hopefully be available soon. These are all built from the source distribution: sdsi20-0.4.0.tar.gz As usual, many bugs were fixed in this release. See ChangeLog in the source distribution for the details. More general notes from the 0.4.0 README: Release 0.4.0 ------------- This code now requires (sequence )s to conform to the expected grammer in the structure-06 draft, i.e., it supports the macro "def" and "ref" mechanism, and, if threshold subject support is compiled in, the "process-threshold" mechanism. It will reject sequences that use the old (do hash ) or old (do k-of-n) directives. DSA support has been finished, and is compiled into the library by default. This means that SDSI2_FEATURE_STRUCTURE6_SIGS is defined by default; since this changes the grammar for signatures to match what is expected in the structure-06 draft, earlier signatures will break. See the applicable blurb in the 0.3.0 notes of the README for details. PGP support has been extended to handle what I believe to be the majority of PGP 5.0 keyrings. If your PGP private keyring uses IDEA or CAST5 with MD5 or SHA1 to seal the secrets, sdsi2sh should be able to read it. PGP DSA keys are fully supported. The SDSI distribution now includes MIT-written multi-precision integer and DES libraries. This means that you don't have to track down and compile GNU MP and Eric Young's libdes if you don't want to. If you do still want to compile with one or both of these other libraries, you can - see the main documentation for instructions on when you may want to, and how. The reduction code has been completely rewritten. It's separated out from sequences, in its own little internal API. You step a reduction with rules until you run out of them, and then you can get out the conclusion that results from those rules. It's possible to reduce a whole (sequence ) into its equivalent (cert ), or to just reduce two (cert )s into one. The cache API has changed considerably, to present the face of a generic S-expression cache. sdsi2_cache_add_search_term is a single function used for incrementally building a cache query, that works a lot more intuitively than the old add_search_.._term functions did. The actual cache format has not changed. The ugly story of unparsing S-expressions, or filling a sdsi2Sexp, has been completely retold. It is now possible to allocate a new sdsi2Stream, simply "push" canonical elements (like whole sdsi2Sexp *, sdsi2ByteString *, integers, etc.) onto it, and then just call sdsi2_sexp_parse to have it parse that into a new sdsi2Sexp. Two new commands have been added to sdsi2sh: "load" and "save" allow you to load a variable from and save a variable to a file. Matt -- Matt Fredette fredette@bbnplanet.com, fredette@mit.edu, fredette@theory.lcs.mit.edu http://mit.edu/fredette/www "The first time the Rolling Stones played, three people came."