Below I have included the contents of the file newfor25.doc from the PGP 2.5 beta release which I just grabbed. It says that old (pre 2.3) signatures will not verify under 2.5. That's too bad. Also, key sizes are limited to 1024 bits. Tough luck for people who made bigger ones, I guess. Looks to me like there may still be a market for a non-RSAREF PGP. Anyway, here's the file: Changes to PGP 2.5: ***** MOST IMPORTANT ***** This version of PGP uses RSAREF 2.0, so it's legal in the U.S.! The RSAREF license forbids you to (among other things; see the license for full details) "use the program to provide services to others for which you are compensated in any manner", but that still covers a lot of people. If you want to use it in a commercial or governmental setting, talk to ViaCrypt (2014 West Peoria Avenue, Phoenix, Arizona 85029, +1 602 944-0773). PGP 2.5 should always be distributed with a copy of the RSAREF 2.0 license of March 16, 1994 from RSA Data Security, Inc., so that all users will be aware of their obligations under the RSAREF license. Since the RSAREF license conflicts with the GNU General Public License that PGP was formerly distributed under, the GPL had to go. PGP is still freely distributable, though. (From a copyright point of view; export controls or some other legal hassle may apply.) *** IMPORTANT CHANGE: RSAREF 2.0 can understand only the pkcs_compat=1 formats for signatures and encrypted files. This has been the default since 2.3, so old files should not be too much of a problem, but old key signatures will encounter difficulties. This change will result in a hole being ripped in the "web of trust" as many old signatures are invalidated. Please check your key rings (pgp -kc) and re-issue any signatures that have been invalidated. PGP by default offers to remove such signatures. Even if you leave them in, they are not trusted. Another RSAREF limitation is that it cannot cope with keys longer than 1024 bits. PGP now prints a reasonably polite error message in such a case. OTHER CHANGES: The support files are thinner. The various contrib directory utilities have not been updated since 2.3a, and since the PGP developers know how annoying it is to have people using an ancient version and complaining about a bug in a program that was fixed a year ago, they have been omitted rather than annoy the contributors in this way. Also, the language translation file, language, is incomplete. The strings that were in 2.3a are there, and some that could be updated without much knowledge of the language, but others that are new to 2.5 are untranslated. The format should be obvious and some tools for manipulating the language traslations are included in the contrib directory. Printed KeyIDs have been incresed to 32 bits, as there were enough keys out there that 24-bit keyIDs were no longer sufficiently unique. The previous 24-bit keyID is the LAST 6 digits of an 8-digit 32-bit keyID. For example, what was printed as A966DD now appears as C7A966DD. The config-file options pubring=<filename>, secring=<filename>, and randseed=<filename> have been added. Hopefully, the uses will be obvious. With these, you can keep keyrings anywhere you like. Of course, they can also be specified on the command line with +pubring= (or abbreviated to +pub=). If the line comment=<string> appears in the config file, the line "Comment: <string>" appears in ASCII armor output. Of course, you can also use this from the command line, e.g. to include a filename in the ASCII armor, do "pgp -eat +comment=filename filename recipient". PGP now enables clearsig by default. If you sign and ascii-armor a text file, and do not encrypt it, it is clearsigned unless you ask for this not to be done. The now enables textmode. Textmode detects non-text files and automatically turns itself off, so it's quite safe to leave on all the time. If you haven't got these defaults yourself, you might want to enable them. All prompts and progress messages are now printed to stderr, to make them easier to find and ensure they don't get confused with data on standard output such as pgp -m output. PGP now wipes temp files (and files wiped with pgp -w) with pseudo-random data in an attempt to force disk compressors to overwrite as much data as possible. On Unix, if the directory /usr/local/lib/pgp exists, it is searched fror help files, language translations, and the PGP documentation. On VMS, the equivalent is PGP$LIBRARY:. (This is PGP_SYSTEM_DIR, defined in fileio.h, if you need to change it for your site.) Also, it is searched for a default global config. This file may be overridden by a local config, and it may not set pubring, secring, randseed or myname (which should be strictly personal) The normal help files (pgp -h) are pgp.hlp or <language>.hlp, such as fr.hlp. Now, there is a separate help file for pgp -k, called pgpkey.hlp, or <language>key.hlp. No file is provided by default; PGP will use its one-page internal help by default, but you can create such a file at your site. On Unix systems, $PGPPATH defaults to $HOME/.pgp. PGP used to get confused if you had a keyring containing signatures from you, but not your public key. (PGP can't use the signatures in this case. Only signatures from keys in the keyring are counted.) PGP still can't use the signatures, but prints better warning messages. Also, adding a key on your secret key ring to your public keyring now asks if the key should be considered ultimately-trusted. Prviously, you had to run pgp -ke to force this check, which was non-obvious. Due to a few people distributing PGP without the manual (including one run of a few thousand CD-ROMs), and the resultant flood of phone calls from confused users, PGP now looks to make sure a manual is somewhere in the vicinity when running to discourage this sort of thing. (If you're getting this warning and need details on how to get rid of it, try pgp -kg.) On Unix, PGP now figures out the resolution of the system clock at run time for the purpose of computing the amount of entropy in keystroke timings. This means that on many Unix machines, less typing should be required to generate keys. (SunOS and Linux especially.) The small prime table used in generating keys has been enlarged, which should speed up key generation somewhat. There was a bug in PGP 2.3a (and, in fact in 2.4 and dating back to 1.0!) when generating primes 2 bits over a multiple of the unit size (16 bits on PC's, 32 bits on most larger computers), if the processor doesn't deal with expressions like "1<<32" by producing a result of 1. In practice, that corresponds to a key size of 64*x+4 bits. Code changes: At the request of Windows programmers, the PSTR() macro used to translate string has been renamed to LANG(). The random-number code has been *thoroughly* cleaned up. So has the IDEA code and the MD5 code. The MD5 code was developed from scratch and is available for public use. The Turbo C makefile was dropped in favour of a Borland C .prj file. You can use makefile.msc as a guide if you need one for a command-line Turbo C.