diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/ChangeLog | 69 | ||||
| -rw-r--r-- | doc/DETAILS | 145 | ||||
| -rw-r--r-- | doc/FAQ | 64 | ||||
| -rw-r--r-- | doc/HACKING | 70 | ||||
| -rw-r--r-- | doc/Makefile.am | 8 | ||||
| -rw-r--r-- | doc/OpenPGP | 9 | ||||
| -rw-r--r-- | doc/README.W32 | 96 | ||||
| -rw-r--r-- | doc/gpg.sgml | 214 | ||||
| -rw-r--r-- | doc/gph/Makefile.am | 4 | ||||
| -rw-r--r-- | doc/gph/signatures.jpg.asc | 232 |
10 files changed, 892 insertions, 19 deletions
diff --git a/doc/ChangeLog b/doc/ChangeLog new file mode 100644 index 000000000..a877cf5aa --- /dev/null +++ b/doc/ChangeLog @@ -0,0 +1,69 @@ +2000-05-12 10:57:21 Werner Koch ([email protected]) + + * gpg.sgml: Documented --no-tty. + +2000-03-09 15:01:51 Werner Koch ([email protected]) + + * DETAILS: Ad a short blurb about unattended key generation. + +Wed Feb 9 15:33:44 CET 2000 Werner Koch <[email protected]> + + * gpg.sgml: Describe --ignore-time-conflict. + + * gpg.sgml: Fixed a few typos. Thanks to Holger Trapp. + +Wed Jan 5 11:51:17 CET 2000 Werner Koch <[email protected]> + + * FAQ: Enhanced answer for the 3des-s2k bug. + +Sat Dec 4 12:30:28 CET 1999 Werner Koch <[email protected]> + + * gpg.sgml: Add section about the user ID + +Mon Nov 22 11:14:53 CET 1999 Werner Koch <[email protected]> + + * gph: Removed the directory from the dist becuase it will + go into it's own package. + +Thu Sep 23 09:52:58 CEST 1999 Werner Koch <[email protected]> + + * README.W32: New. + +Mon Sep 6 19:59:08 CEST 1999 Werner Koch <[email protected]> + + + * Makefile.am (SUBDIRS): New subdir gph for the manual. + +Thu Jul 22 20:03:03 CEST 1999 Werner Koch <[email protected]> + + + * gpg.sgml (--always-trust): Added. + +Wed Jul 14 19:42:08 CEST 1999 Werner Koch <[email protected]> + + + * Makefile.am: Create a dummy man page if docbook-to-man is missing. + +Wed Jun 16 20:16:21 CEST 1999 Werner Koch <[email protected]> + + + * gpg1.pod: Removed. + * gpg.sgml: New. Replaces the pod file + * Makefile.am: Add rule to make a man file from sgml + +Tue Jun 15 12:21:08 CEST 1999 Werner Koch <[email protected]> + + + * Makefile.in.in: Use DESTDIR. + +Mon May 31 19:41:10 CEST 1999 Werner Koch <[email protected]> + + * gpg.1pod: Enhanced the Bugs section (Michael). + +Wed Feb 10 17:15:39 CET 1999 Werner Koch <[email protected]> + + + * gpg.1pod: Spelling and grammar corrections (John A. Martin) + * FAQ: Ditto. + * DETAILS: Ditto. + diff --git a/doc/DETAILS b/doc/DETAILS index 7c1e11edf..ecb3d009a 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -134,6 +134,11 @@ more arguments in future versions. SHM_GET_BOOL SHM_GET_HIDDEN + GET_BOOL + GET_LINE + GET_HIDDEN + GOT_IT + NEED_PASSPHRASE <long keyid> <keytype> <keylength> Issued whenever a passphrase is needed. keytype is the numerical value of the public key algorithm @@ -181,6 +186,36 @@ more arguments in future versions. <n_uids> <n_subk> <n_sigs> <n_revoc> <sec_read> <sec_imported> <sec_dups> Final statistics on import process (this is one long line) + FILE_START <what> <filename> + Start processing a file <filename>. <what> indicates the performed + operation: + 1 - verify + + FILE_DONE + Marks the end of a file processing which has been started + by FILE_START. + + BEGIN_DECRYPTION + END_DECRYPTION + Mark the start and end of the actual decryption process. These + are also emmited when in --list-only mode. + + BEGIN_ENCRYPTION + END_ENCRYPTION + Mark the start and end of the actual encryption process. + + DELETE_PROBLEM reason_code + Deleting a key failed. Reason codes are: + 1 - No such key + 2 - Must delete secret key first + + PROGRESS what char cur total + Used by the primegen and Public key functions to indicate progress. + "char" is the character displayed with no --status-fd enabled, with + the linefeed replaced by an 'X'. "cur" is the current amount + done and "total" is amount to be done; a "total" of 0 indicates that + the toatal amount is not known. 100/100 may be used to detect the + end of operation. Key generation @@ -214,6 +249,107 @@ Key generation Crypto '97 proceedings p. 260. +Unattended key generation +========================= +There is an experimental feature which allows for unattended +generation of keys controlled by a parameter file. +This feature is not very well tested and does only make sense for some +very special applications. Please don't complain if we decide to chnage +the behaviour of this command. + +To use this feature, you use --gen-key together with --batch and feed the +parameters either form stdin or from a file given on the commandline. +The format of this file is as follows: + o Text only, line length is limited to about 1000 chars. + o You must use UTF-8 encoding to specifiy non-ascii characters. + o Empty lines are ignored + o Leading and trailing spaces are ignored + o A hash sign as the first non white space character indicates a comment line + o Control statements are indicated by a leading percent sign, the + arguments are separated by white space from the keyword. + o Parameters are specified by a keyword, followed by a colon. Arguments + are speparated by white space. + o The first parameter must be "Key-Type", control statements + may be placed anywhere. + o Key generation takes place when either the end of the parameter file + is reached, the next "Key-Type" parameter is encountered or at the + controlstatement "%commit" + o Control staements: + %echo <text> + Print <text> + %dry-run + Suppress actual key generation (useful for syntax checking) + %commit + Perform the key generation. An implicit commit is done + at the next "Key-Type" parameter. + %pubring <filename> + %secring <filename> + Do not write the key to the default or commandline given + keyring but to <filename>. This must be given before the first + commit to take place, duplicate specification of the same filename + is ignored, the last filename before a commit is used. + The filename is used until a new filename is used (at commit points) + and all keys are written to that file. If a new filename is given, + this file is created (and overwrites an existing one). + Both control statements must be given. + o The order of the parameters does not matter except for "Key-Type" + which must be the first parameter. The paramtyers are only for the + generated keyblock and paramters from previous key generations are not + used. Some syntactically checks may be performed. + The currently defined parameters are: + Key-Type: <algo-number>|<algo-string> + Starts a new parameter block by giving the type of the + primary key. The algorithm must be capable of signing. + This is a required parameter. + Key-Length: <length-in-bits> + Length of the key in bits. Default is 1024 + Subkey-Type: <algo-number>|<algo-string> + This generates a secondary key. Currently only one subkey + can be handled. + Subkey-Length: <length-in-bits> + Length of the subkey in bits. Default is 1024. + Passphrase: <string> + If you want to specify a passphrase for the secret key, + enter it here. Default is not to use any passphrase. + Name-Real: <string> + Name-Comment: <string> + Name-Email: <string> + The 3 parts of a key. Remember to use UTF-8 here. + If you don't give any of them, no user ID is created. + Expire-Date: <iso-date>|(<number>[d|w|m|y]) + Set the expiration date for the key (and the subkey). It + may either be entered in ISO date format (2000-08-15) or as + number of days, weeks, month or years. Without a letter days + are assumed. + +Here is an example: +$ cat >foo <<EOF + %echo Generating a standard key + Key-Type: DSA + Key-Length: 1024 + Subkey-Type: ELG-E + Subkey-Length: 1024 + Name-Real: Joe Tester + Name-Comment: with stupid passphrase + Name-Email: [email protected] + Expire-Date: 0 + Passphrase: abc + %pubring foo.pub + %secring foo.sec + # Do a commit here, so that we can later print "done" :-) + %commit + %echo done +EOF +$ gpg --batch --gen-key -a foo + [...] +$ gpg --no-default-keyring --secret-keyring foo.sec \ + --keyring foo.pub --list-secret-keys +/home/wk/work/gnupg-stable/scratch/foo.sec +------------------------------------------ +sec 1024D/915A878D 2000-03-09 Joe Tester (with stupid passphrase) <[email protected]> +ssb 1024g/8F70E2C0 2000-03-09 + + Layout of the TrustDB ===================== @@ -477,6 +613,15 @@ There is one enhancement used with the old style packet headers: + that this is the last packet. +GNU extensions to the S2K algorithm +=================================== +S2K mode 101 is used to identify these extensions. +After the hash algorithm the 3 bytes "GNU" are used to make +clear that these are extensions for GNU, the next bytes gives the +GNU protection mode - 1000. Defined modes are: + 1001 - do not store the secret part at all + + Usage of gdbm files for keyrings ================================ The key to store the keyblock is it's fingerprint, other records @@ -342,3 +342,67 @@ where pgpkeyring is the original keyring and not the GnuPG one you might have created in the first step. + Q: Are the headerlines of a cleartext signater part of the signed + material? + A: No. For example you can add or remove "Comment:" lines. They + have a purpose like the mail header lines. However a "Hash:" + line is needed for OpenPGG signatures to tell the parser which + hash algorithm to use. + + Q: How can a get list of key IDs used to encrypt a message? + A: gpg --batch --decrypt --list-only --status-fd 1 2>/dev/null \ + | awk '/^\[GNUPG:\] ENC_TO / { print $3 }' + + + Q: PGP 5.x, 6.x does not like my secret key. + A: PGP probably bails out on some private comment packets used by GnuPG. + These packets are fully in compliance with OpenPGP; however PGP is not + really OpenPGP aware. A workaround is to eport the secret keys with + this command: + + gpg --export-secret-keys --no-comment -a your-key-id + + Q: I can't decrypt my symmetrical only (-c) encrypted message with + a new version of GnuPG. + A: There used to be a bug in GnuPG < 1.0.1 which happens only if 3DES or + Twofish has been used for symmetric only encryption (this has never been + the default). + The bug has been fixed but to enable you to decrypt old messages, you + should run gpg with the option "--emulate-3des-s2k-bug", decrypt the + message and encrypt it again without this option. The option will + be removed in 1.1, so better re-encrypt your message now. + + Q: How can I used GnuPG in an automated environment? + A: You should use the option --batch and don't use passphrases as + there is usually no way to store it more secure than the secret + keyring itself. The suggested way to create the keys for the + automated envirionment ist: + On a secure machine: + 1. If you want to do automatic signing, create a signing subkey + for your key (edit menu, choose "addkey" and the DSA). + 2. Make sure that you use a passphrase (Needed by the current + implementation) + 3. gpg --export-secret-subkeys --no-comment foo >secring.auto + 4. Copy secring.auto and the public keyring to a test directory. + 5. Cd to this diectory + 6. gpg --homedir . --edit foo + and use "passwd" to remove the passphrase from the subkeys. + You may also want to remove all unused subkeys. + 7. copy secring.auto to a floppy and carry it to the + target box + On the target machine: + 8. Install secring.auto as secret keyring. + 9. Now you can start your new service. It is a good idea to + install some intrusion detection system so that you hopefully + get a notice of an successful intrusion, so that you in turn can + revoke all the subkeys installed on that machine and install new + subkeys. + + Q: In the edit meu the trust values is not displayed correctly after + signing uids - why? + A: This happens because the some informations are stored immediately + in the trustdb, but the actual trust calculation can be done after + the save command. This is a not easy to fix design bug which will be + addressed in GnuPG 1.1 + + diff --git a/doc/HACKING b/doc/HACKING index 6f4c9ffd8..70bfe65dd 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -10,12 +10,12 @@ CVS Access ========== Anonymous read-only CVS access is available: - cvs -z6 -d :pserver:[email protected]:/home/koch/cvs login + cvs -z6 -d :pserver:[email protected]:/home/koch/cvs login use the password "anonymous". To check out the the complete archive use: - cvs -z6 -d :pserver:[email protected]:/home/koch/cvs checkout gnupg + cvs -z6 -d :pserver:[email protected]:/home/koch/cvs checkout gnupg This service is provided to help you in hunting bugs and not to deliver stable snapshots; it may happen that it even does not compile, so please @@ -112,6 +112,72 @@ Directory Layout ./gcrypt Stuff needed to build libgcrypt (under construction) +Detailed Roadmap +---------------- +g10/g10.c Main module with option parsing and all the stuff you have + to do on startup. Also has the exout handler and some + helper functions. +g10/sign.c + +g10/parse-packet.c +g10/build-packet.c +g10/free-packet.c + Parsing and creating of OpenPGP message packets. + +g10/getkey.c +g10/pkclist.c +g10/skclist.c +g10/ringedit.c +g10/keydb.h + +g10/keyid.c Helper functions to get the keyid, fingerprint etc. + + +g10/trustdb.c +g10/trustdb.h +g10/tdbdump.c + +g10/compress.c +g10/filter.h +g10/delkey.c +g10/kbnode.c +g10/main.h +g10/mainproc.c +g10/armor.c +g10/mdfilter.c +g10/textfilter.c +g10/cipher.c +g10/misc.c +g10/options.h +g10/openfile.c +g10/tdbio.c +g10/tdbio.h +g10/hkp.h +g10/hkp.c +g10/packet.h +g10/passphrase.c +g10/pubkey-enc.c +g10/seckey-cert.c +g10/seskey.c +g10/import.c +g10/export.c +g10/comment.c +g10/status.c +g10/status.h +g10/sign.c +g10/plaintext.c +g10/encr-data.c +g10/encode.c +g10/revoke.c +g10/keylist.c +g10/sig-check.c +g10/signal.c +g10/helptext.c +g10/verify.c +g10/decrypt.c +g10/keyedit.c +g10/dearmor.c +g10/keygen.c diff --git a/doc/Makefile.am b/doc/Makefile.am index ae5cdb506..44a92d2f9 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,8 +1,6 @@ ## Process this file with automake to create Makefile.in -SUBDIRS = gph - -EXTRA_DIST = DETAILS gpg.sgml gpg.1 FAQ HACKING OpenPGP +EXTRA_DIST = DETAILS gpg.sgml gpg.1 FAQ HACKING OpenPGP README.W32 man_MANS = gpg.1 @@ -27,3 +25,7 @@ endif -db2html $< +dist-hook: + @if test `wc -c < gpg.1` -lt 200; then \ + echo 'ERROR: dummy man page'; false; fi + diff --git a/doc/OpenPGP b/doc/OpenPGP index c73eee4f8..ba44d87fb 100644 --- a/doc/OpenPGP +++ b/doc/OpenPGP @@ -33,6 +33,15 @@ which can be considered to be in compliance with RFC1991; this format is only created if a special option is active. + GnuPG uses a S2K mode of 101 for GNU extensions to the secret key + protection algorithms. This number is not defined in OpenPGP, but + given the fact that this number is in a range which used at many + other places in OpenPGP for private/experimenat algorithm identifiers, + this should be not a so bad choice. The 3 bytes "GNU" are used + to identify this as a GNU extension - see the file DETAILS for a + definition of the used data formats. + + Some Notes on OpenPGP / PGP Compatibility: ========================================== diff --git a/doc/README.W32 b/doc/README.W32 new file mode 100644 index 000000000..e2a7b2227 --- /dev/null +++ b/doc/README.W32 @@ -0,0 +1,96 @@ +This is a beta release of GnuPG for MS-Windows 95, 98 and WNT. +The random number generator should now work but has not undergone +a thorough testing, so we won't say anything about the quality of +the generated key and suggest that you don't use this version with +your production secret keys! It is however okay to verify signatures +or encrypt files using this version. + +PLEASE READ THE FOLLOWING PARAGRAPH CAREFULLY: + +If you have a bug report, please post it to the mailing list +<[email protected]>. Please don't send me private mail +regarding this version of GnuPG; I am already spending too much +time on answering the same and same questions over and over. +I can improve GnuPG much faster if I don't have to answer +questions in private mail. You can post to the mailing list +without prior subscribing (but please request to CC you if you want +to get an answer). + + + +Installation instructions: +-------------------------- + 1. Unpack the ZIP archive (alright, you already did this). + 2. Copy "gpg.exe" to some place where you usually store your + binaries. + 3. Create a directory "c:\gnupg" (or any other as you like) + 4. If you did not use the default directory "c:\gnupg", you + should enter a string with the directory into the Registry + under the key: + \\HKEY_CURRENT_USER\Software\GNU\GnuPG\HomeDir + Please use forward slashes and not the backslashes when + setting filenames for GnuPG into the Registry. + 5. Enter "gpg" and see what happens + 6. Read the file README and the online HOWTOs + + +Internationalization support: +----------------------------- + 1. Decide where to store the translation files for your language. + Here we assume the directory "c:/gnu/locale/fr" + 2. Set the directory with the translations into the Registry under the key: + \\HKEY_CURRENT_USER\Control Panel\Mingw32\NLS\MODir + (Example entry: "c:/gnu/locale/fr") + 3. Select which language to use and copy the currect translation file + under the name "gnupg.mo" into the directory set in step 2 + (Example: "copy fr.mo c:\gnu\locale\fr\gnupg.mo") + 4. Done. + +Currently we only support the Codepages 437, 850 und Latin1. If you have +problems, either delete the gnupg.mo file or don't set the environment +variable + + + +How to build it from the source: +-------------------------------- +This version has been build with the Mingw32/CPD kit using the latest +stable version of GnuPG. + +First get the source: It is available at + + ftp://ftp.gnupg.org/pub/gcrypt/gnupg/gnupg-1.0.n.tar.gz + +or for snapshots (with a letter appended to the version number) + + ftp://ftp.gnupg.org/pub/gcrypt/devel/gnupg-1.0.nx.tar.gz + +this is the same source as for the Unix version. + +To build it, you need the MingW32/CPD kit, which is available at + + ftp://ftp.openit.de/pub/cpd/mingw32-cpd-0.2.4.tar.gz + ftp://ftp.openit.de/pub/cpd/gcc-core-2.95.2.tar.gz + ftp://ftp.openit.de/pub/cpd/binutils-2.9.1.tar.gz + ftp://ftp.openit.de/pub/cpd/windows32api-0.1.2.tar.gz + +gcc, binutils and windows32api are stock GNU source which are available +at every ftp.gnug.org mirror. + +After you have installed this environment you should be able to do this: + + $ ./configure --target=i386--mingw32 + $ make + $ i386--mingw32-strip g10/gpg + $ cp g10/gpg /some_windows_drive/gpg.exe + +And everything hopefully works. + + +Don't forget that MS-Windows ist just a temporary workaround until +you can switch to a GNU system ;-) + +Be the source always with you. + + Werner + diff --git a/doc/gpg.sgml b/doc/gpg.sgml index 1297737fd..3ff12a4c7 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -27,7 +27,7 @@ --> -<!DOCTYPE RefEntry PUBLIC "-//Davenport//DTD DocBook V3.0//EN" [ +<!DOCTYPE refentry PUBLIC "-//Davenport//DTD DocBook V3.0//EN" [ <!entity ParmDir "<parameter>directory</parameter>"> <!entity ParmFile "<parameter>file</parameter>"> <!entity OptParmFile "<optional>&ParmFile;</optional>"> @@ -156,6 +156,15 @@ filename to force a read from stdin). With more than and the remaining files are the signed stuff. </para></listitem></varlistentry> +<varlistentry> +<term>--verify-files <optional><parameter/files/</optional></term> +<listitem><para> +This is a special version of the --verify command which does not work with +detached signatures. The command expects the files to bee verified either +on the commandline or reads the filenames from stdin; each anem muts be on +separate line. The command is intended for quick checking of many files. +</para></listitem></varlistentry> + <!-- B<-k> [I<username>] [I<keyring>] Kludge to be somewhat compatible with PGP. @@ -226,8 +235,13 @@ useful for debugging. <varlistentry> <term>--gen-key</term> <listitem><para> -Generate a new key pair. This command can only be -used interactive. +Generate a new key pair. This command is normally only used +interactive. +</para> +<para> +There is an experimental feature which allows to create keys +in batch mode. See the file <filename>doc/DETAILS</filename> +in the source distribution on how to use this. </para></listitem></varlistentry> @@ -260,7 +274,7 @@ only in the local environment.</para></listitem></varlistentry> <term>revsig</term> <listitem><para> Revoke a signature. GnuPG asks for every -every signature which has been done by one of +signature which has been done by one of the secret keys, whether a revocation certificate should be generated.</para></listitem></varlistentry> <varlistentry> @@ -422,9 +436,14 @@ are not compatible to OpenPGP. <varlistentry> <term>--export-secret-keys &OptParmNames;</term> +<term>--export-secret-subkeys &OptParmNames;</term> <listitem><para> Same as --export, but does export the secret keys. This is normally not very useful and a security risk. +the second form of the command has the special property to +render the secret part of the primary key useless; this is +a GNU extension to OpenPGP and other implementations can +not be expected to successful import such a key. </para></listitem></varlistentry> @@ -676,6 +695,14 @@ Use batch mode. Never ask, do not allow interactive commands. </para></listitem></varlistentry> +<varlistentry> +<term>--no-tty</term> +<listitem><para> +Make sure that the TTY (terminal) is never used for any output. +This option is needed in some cases because GnuPG sometimes prints +warnings to the TTY if if --batch is used. +</para></listitem></varlistentry> + <varlistentry> <term>--no-batch</term> @@ -723,6 +750,12 @@ balancing using round-robin DNS you may notice that you get different key servers. </para></listitem></varlistentry> +<varlistentry> +<term>--honor-http-proxy</term> +<listitem><para> +Try to access the keyserver over the proxy set with the variable +"http_proxy". +</para></listitem></varlistentry> <varlistentry> <term>--keyring &ParmFile;</term> @@ -734,7 +767,8 @@ does not contain a slash, it is assumed to be in the home-directory ("~/.gnupg" if --homedir is not used). The filename may be prefixed with a scheme:</para> <para>"gnupg-ring:" is the default one.</para> -<para>"gnupg-gdbm:" may be used for a GDBM ring.</para> +<para>"gnupg-gdbm:" may be used for a GDBM ring. Note that GDBM +is experimental and likely to be removed in future versions.</para> <para>It might make sense to use it together with --no-default-keyring. </para></listitem></varlistentry> @@ -1074,6 +1108,16 @@ can only be used if only one passphrase is supplied. Don't use this option if you can avoid it. </para></listitem></varlistentry> +<varlistentry> +<term>--command-fd &ParmN;</term> +<listitem><para> +This is a replacement for the depreciated shared-memory IPC mode. +If this option is enabled, user input on questions is not expected +from the TTY but from the given file descriptor. It should be used +together with --status-fd. See the file doc/DETAILS in the source +distribution for details on how to use it. +</para></listitem></varlistentry> + <varlistentry> <term>--rfc1991</term> @@ -1089,7 +1133,8 @@ Reset all packet, cipher and digest options to OpenPGP behavior. Use this option to reset all previous options like --rfc1991, --force-v3-sigs, --s2k-*, --cipher-algo, --digest-algo and --compress-algo to -OpenPGP compliant values. +OpenPGP compliant values. All PGP workarounds are also +disabled. </para></listitem></varlistentry> @@ -1125,6 +1170,16 @@ and encryption keys. <varlistentry> +<term>--ignore-time-conflict</term> +<listitem><para> +GnuPG normally checks that the timestamps associated with keys and +signatures have plausible values. However, sometimes a signature seems to +be older than the key due to clock problems. This option makes these +checks just a warning. +</para></listitem></varlistentry> + + +<varlistentry> <term>--lock-once</term> <listitem><para> Lock the databases the first time a lock is requested @@ -1141,6 +1196,25 @@ needed. Use this to override a previous --lock-once from a config file. </para></listitem></varlistentry> +<varlistentry> +<term>--lock-never</term> +<listitem><para> +Disable locking entirely. This option should be used only in very +special environments, where it can be assured that only one process +is accessing those files. A bootable floppy with a standalone +encryption system will probably use this. Improper usage of this +option may lead to data and key corruption. +</para></listitem></varlistentry> + +<varlistentry> +<term>--no-random-seed-file</term> +<listitem><para> +GnuPG uses a file to store it's internal random pool over invocations. +This makes random generation faster; however sometimes write operations +are not desired. This option can be used to achive that with the cost of +slower random generation. +</para></listitem></varlistentry> + <varlistentry> <term>--no-verbose</term> @@ -1208,6 +1282,25 @@ and may be used together with another command. </para></listitem></varlistentry> <varlistentry> +<term>--fast-list-mode</term> +<listitem><para> +Changes the output of the list commands to work faster; this is achieved +by leaving some parts empty. Some applications don't need the user ID and +the trust information given in the listings. By using this options they +can get a faster listing. The excact behaviour of this option may change +in future versions. +</para></listitem></varlistentry> + +<varlistentry> +<term>--list-only</term> +<listitem><para> +Changes the behaviour of some commands. This is like --dry-run but +different in some cases. The semantic of this command may be extended in +the future. Currently it does only skip the actual decryption pass and +therefore enables a fast listing of the encryption keys. +</para></listitem></varlistentry> + +<varlistentry> <term>--no-literal</term> <listitem><para> This is not for normal use. Use the source to see for what it might be useful. @@ -1219,17 +1312,105 @@ This is not for normal use. Use the source to see for what it might be useful. This is not for normal use. Use the source to see for what it might be useful. </para></listitem></varlistentry> + +</variablelist> +</refsect1> + + +<refsect1> + <title>How to specify a user ID</title> + <para> +There are different ways on how to specify a user ID to GnuPG; +here are some examples: + </para> + + <variablelist> +<varlistentry> +<term></term> +<listitem><para>Used to locate the default home directory.</para></listitem> +</varlistentry> + <varlistentry> -<term>--entropy-dll-name &ParmFile;</term> +<term>234567C4</term> +<term>0F34E556E</term> +<term>01347A56A</term> +<term>0xAB123456</term> <listitem><para> -This option is only used for the Win32 version of GnuPG and changes the -default location (c:/gnupg/entropy.dll) of the Winseed DLL to &ParmFile;. -</para></listitem></varlistentry> +Here the key ID is given in the usual short form. +</para></listitem> +</varlistentry> +<varlistentry> +<term>234AABBCC34567C4</term> +<term>0F323456784E56EAB</term> +<term>01AB3FED1347A5612</term> +<term>0x234AABBCC34567C4</term> +<listitem><para> +Here the key ID is given in the long form as used by OpenPGP. +</para></listitem> +</varlistentry> + +<varlistentry> +<term>1234343434343434C434343434343434</term> +<term>123434343434343C3434343434343734349A3434</term> +<term>0E12343434343434343434EAB3484343434343434</term> +<term>0xE12343434343434343434EAB3484343434343434</term> +<listitem><para> +The best way to specify a key ID is by using the fingerprint of +the key. This avoids any ambiguities in case that there are duplicated +key IDs (which are really rare for the long key IDs). +</para></listitem> +</varlistentry> + +<varlistentry> +<term>=Heinrich Heine <[email protected]></term> +<listitem><para> +Using an exact to match string. The equal sign indicates this. +</para></listitem> +</varlistentry> + +<varlistentry> +<term><[email protected]></term> +<listitem><para> +Using the email address part which must match exactly. The left angle bracket +indicates this email address mode. +</para></listitem> +</varlistentry> + +<varlistentry> +<term>+Heinrich Heine duesseldorf</term> +<listitem><para> +All words must match exactly (not case sensitive) but can appear in +any order in the user ID. Words are any sequences of letters, +digits, the underscore and all characters with bit 7 set. +</para></listitem> +</varlistentry> + +<varlistentry> +<term>#34</term> +<listitem><para> +Using the Local ID. This is a very low level method and should +only be used by applications which really need it. The hash character +indicates this method. An application should not assume that this is +only a number. +</para></listitem> +</varlistentry> + +<varlistentry> +<term>Heine</term> +<term>*Heine</term> +<listitem><para> +By case insensitive substring matching. This is the default mode but +applications may want to explicitely indicate this by putting the asterisk +in front. +</para></listitem> +</varlistentry> + + </variablelist> -</variablelist> </refsect1> + <refsect1> <title>RETURN VALUE</title> <para> @@ -1295,6 +1476,10 @@ constructed by cutting off the extension (".asc" or ".sig") of <term>GNUPGHOME</term> <listitem><para>If set directory used instead of "~/.gnupg".</para></listitem> </varlistentry> +<varlistentry> +<term>http_proxy</term> +<listitem><para>Only honored when the option --honor-http-proxy is set.</para></listitem> +</varlistentry> </variablelist> </refsect1> @@ -1334,6 +1519,11 @@ constructed by cutting off the extension (".asc" or ".sig") of </varlistentry> <varlistentry> +<term>~/.gnupg/random_seed</term> +<listitem><para>used to preserve the internal random pool</para></listitem> +</varlistentry> + +<varlistentry> <term>~/.gnupg/options</term> <listitem><para>May contain options</para></listitem> </varlistentry> @@ -1375,7 +1565,7 @@ is *very* easy to spy out your passphrase! On many systems this program should be installed as setuid(root). This is necessary to lock memory pages. Locking memory pages prevents the operating system from writing memory pages to disk. If you get no -warning message about insecure memory your operating system supports +warning message about insecure memory 3our operating system supports locking without being root. The program drops root privileges as soon as locked memory is allocated. </para> diff --git a/doc/gph/Makefile.am b/doc/gph/Makefile.am index 732c3e3e6..d36b0013a 100644 --- a/doc/gph/Makefile.am +++ b/doc/gph/Makefile.am @@ -11,7 +11,7 @@ all-local: ./signatures.jpg ./signatures.jpg: $(srcdir)/signatures.jpg.asc ../../g10/gpg --yes --dearmor \ -o ./signatures.jpg $(srcdir)/signatures.jpg.asc - test -d manual && cp ./signatures.jpg ./manual/signatures.jpg + -test -d manual && cp ./signatures.jpg ./manual/signatures.jpg index.html: $(PARTS) @@ -27,7 +27,7 @@ index.html: $(PARTS) echo '</body></html>' >>index.html -rm -r manual.junk -rm manual/signatures.jpg - (cd manual; rm -r stylesheet-images; ls | grep -v distfiles >distfiles) +## (cd manual; rm -r stylesheet-images; ls | grep -v distfiles >distfiles) dist-hook: index.html diff --git a/doc/gph/signatures.jpg.asc b/doc/gph/signatures.jpg.asc new file mode 100644 index 000000000..99f04e394 --- /dev/null +++ b/doc/gph/signatures.jpg.asc @@ -0,0 +1,232 @@ +-----BEGIN PGP ARMORED FILE----- +Version: GnuPG v0.9.11 (GNU/Linux) +Comment: For info see http://www.gnupg.org +Comment: Use "gpg --dearmor" for unpacking + +/9j/4AAQSkZJRgABAQEAUABQAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkS +Ew8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJ +CQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy +MjIyMjIyMjIyMjIyMjL/wAARCACxAogDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEA +AAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIh +MUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6 +Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZ +mqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx +8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREA +AgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAV +YnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hp +anN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPE +xcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD3 ++iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiub8Z+MrbwRpaan +f6bqV1Zl9kktlGjiEnG3fudSAScA8jPBwSM5+i/Emx1bxBa6LcaH4g0i7vEka1/t +Sx8lZig3MqnceQvPpx1yQCAdpRXH6V4y1G7+Id74U1HQPsHk2kl7b3X2xZftEIlE +atsC/Lu5OCcjGMV0Gp67o+ieV/a2q2Nh52fL+13CRb8YzjcRnGR09RQBoUVyfi7x +NfWfgO78Q+EhpuqmBDN5jT7ovKQnzGUqcOQFPG4dDySNpuaF4x0fW7XTF/tCxh1O ++tIrn+zvtaNMm+ISbdvDHCnOcDjmgDoKKy9S8S6Do1wtvqmt6bYzsgdY7q6SJiuS +MgMQcZBGfY1qUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF +FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF +FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF +FFABRRRQAVz/AIk8ceGvCPljXNXgtJJMFYcNJIQc4bYgLbflI3YxkYzmjxZ400Lw +Vpy3mtXflebuEEKKXkmZRkhVH4DJwoJGSMivnTxl4Z8X/EB5/Htr4TktLS6SDZbw +ytNPOu3YJQnUj5V6KvylSAw3PQB29/8AHy+1zVLPSfAnh2S5vLhwoOoDlj82VCI2 +AAMNvL4ADZAAzXsmh2+o2mh2UGr3v23UliX7TOAoDyHltoVVG0HIHAOAM85Ncn8M +/hnY+ANLLuY7nWrhALq7A4A6+XHnkID36sRk9AF7ygDzf41zXlx4EuNDsNF1XUbr +Utux7G1MyReXLG58wjlcjOODnBrj/B2j6jL8XNI1a1s/GUlnFaTR3lx4qtlLxLtb +b5Up9WYDaoDD5uSrNj3iigDxf/hMLz/haf8AwlH/AAg/jL7D/Yn9n+X/AGSfM8zz +/MzjdjbjvnOe1SfFZtc1PWdHNrpF3Popsmljnh8ORalOJmYZR45sGIbQh6Kc5BBx +8vslFAHgfhNtS0n4UeNtKufDfiD7Xe3E4tUXRmiM32iLYpEacIF2EsB8qgqASSBR +4A0G58I+ILCDxD4Ru9bfUreyuLbVhYPLJpr4VRDJv4iEeOqkEBVyDwE98ooA+ZNZ +8JeKbbVNYg16DWdQnvLiVhfWvhi21EzxH5FcSl90JwvEYI2DGMZr2/4aWs1j8PNI +tJ21IvCkiD+0rcwThRIwUNGWbaAuAoyflA6dB1lFAGXrniPSPDVvbXGs30dnBcXC +20ckgO3zGBIBIGFGFJ3HAGOSK0IJ4bq3iuLeWOaCVA8ckbBldSMggjggjnNU9Z0P +S/EOnPYavYQXtq2TsmTO0kEblPVWwThhgjPBryufwV43+G1vLd+BdZk1bSYULtou +oqZGAA/5Z7cZO5nchPLJwB854oA9korh/B3xS0Lxdef2UVn0zXU3LLpt4hVwyAbw +p6Ng7hg4b5WJUAV3FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFF +FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFF +FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUVz/izx +poXgrTlvNau/K83cIIUUvJMyjJCqPwGThQSMkZFAHQV5P4i+LFxq2oyeGvhxZ/2z +q7xSFr1SBDalTgsC4Cv3wxITJTBfO2stNN8afGZEm1dpPDfg6ZIporOMrJLd4bOS +2AcHkgsNv+rIRvvV6xoHhzSPC2lrpui2MdpaBy+xSWLMepZmJLHoMkngAdAKAOL8 +J/Ce307WG8S+Kbz+3fEskq3H2iQERwOFxhFzhsHoSBgKm1UxXpFFFABRRRQAUUUU +AFFFFABRRRQAUUUUAFFFFAHJ+M/hz4c8dIjavbSLdxJsivLd9kqLuBxnBDDrwwON +zYwTmuHGpeP/AIWXDrrC3fi/wuqKft0Y/wBItuS0jMCWYgAN94lcbPnTla9kooAw +/C/i7RfGOlpf6PexzAorSwFgJYCcjbImcqcq3scZBI5rcrzPxR8G9IvnfVfC0knh +3Xo0YwTWMhhiLbQuGVfuAqCMpj7xJDdDn2fxQ1rwdqkGi/EzTo7QSI/kazaAvFOE +wMlFBOSQScYI3plFBzQB65RXPt458LLqOmWA16xkuNT3fYxFKHWXBK/eXKjLAqMk +ZYEDJGK6CgAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA +KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA +KKKKACiiigAqnqt+2maXcXyWN3fGBN/2e0VWlcd9oYgE45xnJxgZOAblcf8AE7Vd +Y0vwNe/2BYX15qd1/osP2KF5Hh3A7pPkIZcKGww6MVoAj8D/ABP0Hx9cXlvpcd3B +PaortHdhFZ1JIyoV2JAIAJ7bl9aku/GWo2PxH07wxc6BssdS837JqX2xT5nlw+Y/ +7oLkYJ28kZ6ivLLHTPEfw88S+FdYtLfWdetH0z7Pc2dtoP2d7W1Y71Rtu5TLvZnI +yGymGbDZro/FfiW8k+Jnh3UYfB3iua10CW+iuJItMLCbzEEatEQcMuRnJxwRQB6Z +4h1y28PaNPf3E1ojqjCCO6ukt1nl2krGHc4BbHXtye1WNJvW1LRrG/eKOJ7m3jma +OOZZlUsoOA68OBn7w4PUVwfxB1q31fwCsR8H65qU2p2k5tov7JLvYzhCqtKrcxsC +5wwBzhiCRgk8J6pf618PG8MW+k65omr2uiLaxXOoWclvGZRF5e5JBnGGwezYOQDg +4AOsn8aeFbW4lt7jxLo0M8TlJI5L+JWRgcEEFsgg8Yq5qeu6Ponlf2tqtjYedny/ +tdwkW/GM43EZxkdPUV4fYabo48IW3hnUPhLrjazFshluILJAk8ySA5N4eVjcj5mH +CqxCnABpnjbw34ph8eavqF/FqWo2d26iwmt/DttqoWJRny9jtmEKX25wPMIZjzQB +7/BPDdW8VxbyxzQSoHjkjYMrqRkEEcEEc5qSvO/gxpk2j+CprKX+2Qkd7IYk1axN +o6KVQ4RN7/JuLHIIyS3Hc7nxC8LXHjPwXfaJa332Oaba6sygpIVIYI/BIUkDleRg +HkZUgHH+IvixcatqMnhr4cWf9s6u8Uha9UgQ2pU4LAuAr98MSEyUwXztrQ8J/Ce3 +07WG8S+Kbz+3fEskq3H2iQERwOFxhFzhsHoSBgKm1UxWX8G/EVjptvJ4C1DS49E8 +Q2DsZID/AMvhxkyAknc+3BIyQVAK/LwvrlABRRRQAUUUUAFFFFABRRRQAUUUUAFF +FFABRRRQAUUUUAFFFFABVe+sLPU7OSzv7SC7tZMb4Z4xIjYIIyp4OCAfwqxRQB8c +eMPh54p0u8uNRfwdPpmmvvkSG1lN2lvGgGd8gZiOOSzYB5wABger/B74w/2r9n8M ++Jrn/iYcR2V9I3/Hz6RyH/np6N/F0Pzff9wrj/H9h4G/sd9R8aWlj9n+SAXMsZ87 +725URk/edcnC9t2eM0AdhRXl/gXx1qnjrxGBotlPZeEdNiCvc3i+ZPdS7MCIuXOM +bg5I3N8g3MPMxXqFAHn9/wDFjTv9JXw9oeueJPJ3x/aNMsmktvOGf3Zl/wC+TuUM +MMCM1n3/AMVrhYPCev2OnQJ4V1i7NpdXN9MI5oH3sgJAJVVGxnzlsgEHZwTn+Dtc +134caDB4V1rwVrl59i3mC90eIXcdwrSyMScbdnUYBO4jkheMx+Pr6bVPD/hC2XwR +rPkQ6nDfzabDpxmWKzjLosbhRsDshB8r+HkNjjIB6xpurabrNu1xpeoWl9ArlGkt +ZllUNgHBKkjOCDj3Fc34N8Zaj4j1jW9J1bQP7GvtJ8jzIvti3G7zVZhyqgDgA8E9 +e2K5PwncL4a+IfjloPCWs2mmzpG1kttpTLFKbaNw6ptG3LnJToGz1BIBr+G/FlzZ +fEPxPrF14N8XRWetPZLC50hyYRFGUdpACTjJz8u44HTPFAHqmp67o+ieV/a2q2Nh +52fL+13CRb8YzjcRnGR09RVj7fZ/2d/aP2uD7D5Xn/afMHl+Xjdv3dNuOc9MV5P4 +j07+yfihqes+IPBl94p0y/tIo9Pe0tvtv2PYAHjMTfKu5stu+uM7nxzk/gnxoPhl +ZpaW93aWJ1iTUG0JQt08FmQrorJKR5hRkY+TzvMgLAMCAAe56Zruj635v9k6rY3/ +AJOPM+yXCS7M5xnaTjOD19DWhXz/APDvRL23+Jmm6lJbeI7X91LDIH8Lx6bbOmxy +BI0Um372CMqckKOwx9AUAFFZ+t6V/bejz6d9vvrDztv+k2E3lTJhg3ytg4zjB9ia +4/8A4VZ/1Pvjn/wcf/YUAegUV5//AMKs/wCp98c/+Dj/AOwo/wCFWf8AU++Of/Bx +/wDYUAegUV5//wAKs/6n3xz/AODj/wCwo/4VZ/1Pvjn/AMHH/wBhQBqJ8TfBbazd +6S/iC0t7y0d0mW63QKrI21gHcBSc9gTnkjgV1EE8N1bxXFvLHNBKgeOSNgyupGQQ +RwQRzmvli6+CfjTVvFWofZ7WQWD3twI9R1O5XdIquwDuBlyWxnOzncD0Oa7fwl8A +dS0a4ivbvxhd2M7IyXEejFomK54AmJBxkISCnbHoaAPdK5vxn4ytvBGlpqd/pupX +VmX2SS2UaOIScbd+51IBJwDyM8HBIzsaVYNpml29i99d3xgTZ9ou2VpXHbcVABOO +M4ycZOTkng/jXNeXHgS40Ow0XVdRutS27HsbUzJF5csbnzCOVyM44OcGgC5ofxV0 +3XPEFhow0LxBYT3zzJBJf2ixRs0IYyDO8nKlSpABweDirmleMtRu/iHe+FNR0D7B +5NpJe2919sWX7RCJRGrbAvy7uTgnIxjFcH8OJtS0fxPa6XaeH/ED2d9e3t1eapr2 +lNFPErxoVQShyCWaEb2IG47eAak/4TC8/wCFp/8ACUf8IP4y+w/2J/Z/l/2SfM8z +z/MzjdjbjvnOe1AHrmpatpujW63GqahaWMDOEWS6mWJS2CcAsQM4BOPY1H/buj/2 +P/a/9q2P9mf8/v2hPJ+9t+/nb97jr14rxv4l6J4kv/GMOuompX2gy2SLaRRaFDft +au2CyG2mYFSdm4yFQRkIelUPD+lzaX8PvHFpNpHie9Opoot7G48PG3UXDiTDxRI7 +qApCMSAoXYgGTtFAHt+m+JdB1m4a30vW9Nvp1Qu0drdJKwXIGSFJOMkDPuKjvvFn +hvTLySzv/EGlWl1HjfDPexxuuQCMqTkZBB/GvH9Esv7P8R/DK6tPBGq2cltaSRap +PHpXlkyOn2cNKw9GVnJbkI4bqSKyPHlh4n1PxH4k+1aDfGR5ZIrQ2XhSC7SaEIFi +Y3RPmKxGMkZKdsEbQAfR9Fc38P3mb4faAlxZXdlPBZR28kF3EY5FaMeWSVPIBK5H +qCDXSUAFFcfrfgD+29Yn1H/hLfFdh523/RrDUvKhTChflXacZxk+5NZ//CrP+p98 +c/8Ag4/+woA9Ark0+JvgttZu9JfxBaW95aO6TLdboFVkbawDuApOewJzyRwKy/8A +hVn/AFPvjn/wcf8A2FeKXXwT8aat4q1D7PayCwe9uBHqOp3K7pFV2AdwMuS2M52c +7gehzQB9TwTw3VvFcW8sc0EqB45I2DK6kZBBHBBHOakrwvwl8AdS0a4ivbvxhd2M +7IyXEejFomK54AmJBxkISCnbHoa9o0qwbTNLt7F767vjAmz7RdsrSuO24qACccZx +k4ycnJIBl+K/GOl+D7O3lv8Az57i6lENrZWieZPcOSBhEyM4yM89wOpAOHpHxPh1 +PxZZaDceGfEGlvfoxtZtRtRCJGRWeQYJ6BQuCM5LcgYBJ48sNXi8T+FfFOm6ZJqc +Givdfa7WBwJzHLGFLRqeHICn5Qck7QOpI5PTtV+IfiTxp9msr7xHpekT/aZXfUfD +9vbizXB8lVZt3m4YqCOGIBPqVAPVJvEug22qDS59b02LUC6oLR7pFlLNjaNhOcnI +wMc5FWNS1bTdGt1uNU1C0sYGcIsl1MsSlsE4BYgZwCcexr5gn8H+IVsJdM17TPEB +vHcvcy2nha3vmZmffkXgkDuTkZOeMlegr0PXNKvLfWPCGv614d1XxTo0OiJaSWrQ +GW5guiu4zS2zEgswwrZJwRycqmQD1yHVtNudLOqQahaS6eEZzdpMrRBVzuO8HGBg +5OeMGvN/DnxfvPFOs2drpvhu0NpdXBRHk123W4WIMQ0ht/v5CgttGeBwSOar+DdK +Wx0vxjrGo+E7u28N6hcRzWXh17Vp5SUyGb7NghS7bCB0XaOQiq1U/hAlnplno2lX +/gHVbTXY/P36xPo4jRcmRhmY/MMoQnTvjpQB0njP4pxeGfEqaDYafaaheLb/AGi4 +NxqsNkkIJAVd0nBcj5tvBwVIyCcdh4c1O71nw/Z6je2MdjPcIX8iO6S5ULk7SJE+ +Vgy4bI9a8j1yPS7b4v3upS/DrVdU0kae1tJ5Gg+Yk12Zt7TAMAG4JXf1PbIIJ9k0 +l4ZNGsXt7KSxga3jMdpJEImgXaMIUHClRxjtjFAFyiiigAooooAKKKKACiiigAoo +ooAKKKKACiiigAooooA4f4ifDu38a2cV3aTfYPENjh7G/QlSpB3BGI5255BHKnkd +w2f8O/iJcaveS+FPFcP2DxZY5SSNwFF2AM71xxuxyQOCPmX5chfSK4f4ifDu38a2 +cV3aTfYPENjh7G/QlSpB3BGI5255BHKnkdwwB3FFeb/Dv4iXGr3kvhTxXD9g8WWO +UkjcBRdgDO9ccbsckDgj5l+XIX0igAooooAKKKKACiiigAooooAKKKKACiiigAoo +ooAKKKKACiio554bW3luLiWOGCJC8kkjBVRQMkkngADnNAEd/N9n065n+0wWvlxO +/n3AzHFgE7nGV+UdTyOB1HWviTUrvWvF3ipYrjUZNY1C5uBbQSs5CyFnO0JvC7EL +NkDCgZ6Cvc76+1T4465JpWlST2HgWxlAu7wLte9cYIVQfwIU/d4dhnYg9csPDei6 +Xb6dBZ6XaRJpqMlmfKBaAMMNtY8gt/Ec5bvmgCn4L8J2fgrwva6LZv5vlZeacoEa +aRjlmIH4AZyQoUZOM10FFFABRRRQAVy/j/xZceCfC765BpX9pRwyok6faBD5aMcB +8kHPzFRgD+LPQGuoqnq2mw6zo19pdw0iwXtvJbyNGQGCupUkZBGcH0NAElhfW+p6 +dbX9nJ5lrdRJNC+0jcjAFTg8jII61Yryv4H6lNDomreD7tYzd+G72S3aSEHY6s7n +IJOSd6ydhxt75r1SgAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii +gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii +gAooooAKKKKACiiigAooooAKKKKAOH+Inw7t/GtnFd2k32DxDY4exv0JUqQdwRiO +dueQRyp5HcNn/Dv4iXGr3kvhTxXD9g8WWOUkjcBRdgDO9ccbsckDgj5l+XIX0iuH ++Inw7t/GtnFd2k32DxDY4exv0JUqQdwRiOdueQRyp5HcMAdxRXm/w7+Ilxq95L4U +8Vw/YPFljlJI3AUXYAzvXHG7HJA4I+ZflyF9IoAKKKKACiiigAooooAKKKKACiii +gAooooAKKKjnnhtbeW4uJY4YIkLySSMFVFAySSeAAOc0AE88Nrby3FxLHDBEheSS +RgqooGSSTwABzmvE76+1T4465JpWlST2HgWxlAu7wLte9cYIVQfwIU/d4dhnYgL6 ++1T4465JpWlST2HgWxlAu7wLte9cYIVQfwIU/d4dhnYg9k0rSrHQ9Lt9M0y2jtrO +3TZFEnRR/MknJJPJJJOSaADStKsdD0u30zTLaO2s7dNkUSdFH8ySckk8kkk5Jq5R +RQAUUUUAFFFFABRRRQB4/wCLv+KI+NuieLW/caRrMX9n6jMOQJMYUuz/ACxrxCcg +g4ic4659gri/ir4XXxZ8PtRtFjke7tkN5aCNGdjLGCQoUEbiylk7/ezgkCrHw28U +N4v8B6bqs8kbXmww3e11J81DtJYAAKWAD7cDAcdsGgDrKKKKACiiigAooooAKKKK +ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK +ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA4f4i +fDu38a2cV3aTfYPENjh7G/QlSpB3BGI5255BHKnkdw2f8O/iJcaveS+FPFcP2DxZ +Y5SSNwFF2AM71xxuxyQOCPmX5chfSK8H/aH0XVNR+wXtl4b8+1tIi0+qw/PIo+Ym +NlU5EahSxZgQC3BXncAe4WN/Z6nZx3lhdwXdrJnZNBIJEbBIOGHBwQR+FWK+aPgD +46TR9Yk8K3xxa6nL5lrIWVVjn24IOcE7wqqOT8yqAPmJH0vQAUUVX+32f9o/2d9r +g+3eV5/2bzB5nl5279vXbnjPTNAFiiiigAooooAKKKKACiio554bW3luLiWOGCJC +8kkjBVRQMkkngADnNABPPDa28txcSxwwRIXkkkYKqKBkkk8AAc5rxO+vtU+OOuSa +VpUk9h4FsZQLu8C7XvXGCFUH8CFP3eHYZ2IC+vtU+OOuSaVpUk9h4FsZQLu8C7Xv +XGCFUH8CFP3eHYZ2IPZNK0qx0PS7fTNMto7azt02RRJ0UfzJJySTySSTkmgA0rSr +HQ9Lt9M0y2jtrO3TZFEnRR/MknJJPJJJOSauUUUAFFFFABRRRQAUUUUAFFFFABXj +/gr/AIoX4w6/4Qn+Sx1r/iZaWqfLGv3iyLGuQvAZcnbkQDjlQPYK8n+NtjcaXZ6P +460mPbqeh3aCSQMFDQOcbXxhmXeVXaD0lfjkkAHrFFV7C+t9T062v7OTzLW6iSaF +9pG5GAKnB5GQR1qxQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR +QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR +QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB5X4z+CWkaw6al4YaPw/rEL+aj26lYn +ZVGz5VI8shlU7kHGWJDEjHcaXbavf+DlsdekktdUe3e2ubizmG4sMp50bBQFLACQ +cDbuAxxW5Ve/tft2nXNn9ont/PieLzrd9kke4EbkbswzkHsaAPC/D+ja1ffB/wD4 +TZPHHiePVre3uLxY5L4y25MEj/KY26grHjkkZPII4NzXEv7/AMY/DXxPoVnpUHib +WdPmlne5EiwSEWyH5gpLcK7gHr90EkAY6SD4JaLDYRaY/iHxPPpKOGbTZNQAt3Af +ftKKg4Lc8YOeQQea3L/4d2F/4o0rXf7V1W2bSdgsbK1ljitoEUAFFQJnawGG55HG +cAAAGfonjq/ufA3iTUtaOlWGpaJd3VjJNuk+yNLGBtbH39pZlXAyx7ckKOb8FfFz +VNd8b6doV3ceH9QgvkmHmaXFdRNAyIXBbz1AYEKRgfXIxg9JZfCPR7XR9a0mbWNc +vbHWPnuoru5Rv324MJgQgIkyAckkNgbg2BgtvhPZwa5purzeKvFd7dadL5tv9r1A +SAZxuXlM7WAwwBGRxQBl6r4t+I1t4/uPC2naV4fvHlt/tlpLvkQQW5n2B5ssNxCg +5VBnLAjOCpk1nxJ8R9M1zw1oaR+FGv8AV4rjc5W4MSyRbnODnIUxmPHBO7d0GK0L +/wCE9nfeIbnXP+Eq8V299PvXfb6gE8uNnL+Uh2ZEYJ4XOBWpqfgK21bxLomvXWta +z9s0hFWERzoiSEHLs6hMZcfK+3aCABgCgDg/Cvxe1vUrG+l1xNDslbRJdUsrkeas +cZSZoAsq5YtucDAQ5xgDJbAk8FfFzVNd8b6doV3ceH9QgvkmHmaXFdRNAyIXBbz1 +AYEKRgfXIxg6i/Arw35EdvLquuS28Vo9msRuI0Xy2dpADsjBbEjeYNxI3BcggYrQ +tvhPZwa5purzeKvFd7dadL5tv9r1ASAZxuXlM7WAwwBGRxQB6BXz/wDEfxV/wlHx +FHgXWtT/AOEc8O2sqfapHOXvGO1lyVyqqdwI3EKv3m5AQfQFZ+s6HpfiHTnsNXsI +L21bJ2TJnaSCNynqrYJwwwRng0AGh2Ol6dodla6JHBHpiRKbYQNuQoeQwbndnOd2 +TnOcnNaFeT3Pwj1Tw9uufh74rvtKk815fsF5J5toxbC9MHGFzyyuTheQRmo4Pit4 +j8L3EUHxH8KyadBO4Eeo2A8yBNxwFYBmGQFkY4YtgDCd6APXKKx/D3irQvFdmbrQ +9TgvY1++EJDx5JA3IcMudpxkDOMjitigAooooAKKKKACiiigAooooAKp6tpsOs6N +faXcNIsF7byW8jRkBgrqVJGQRnB9DVyigDyv4H6lNDomreD7tYzd+G72S3aSEHY6 +s7nIJOSd6ydhxt75r1SvF/G99b/D3426N4rnk8jTNYtHtdQMamR2KADcVPRRm3Py +c/u24Ofm9Y0TW9O8R6PBq2k3H2ixn3eXLsZN21ip4YAjkEcigDQooooAKKKKACii +igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii +igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii +igAooooAKKKKACiiigAooooAKKKKACiiigAooooA871v4N+HL6//ALU0WS78Oaoi +OI7jSpPKUMU2glBwAB1CFN25snnNYf8AaHxa8C/ubrToPGGkQdLmAlbtk+4ikD5i +wwrMdkn3jlz1HsFFAHD+GPi34O8VSw21rqf2W+m4W0vV8pyd20KDyjMSRhVYk56c +HHcVzfivwH4c8Z25TWdOjknCbY7uP5J4+GxhxyQCxO05XPJBrh5vBfj/AMDuJ/BP +iCTWtPRFQaPrD7iqqoVQjEgADczYUx8Ko+bpQB65RXlem/Gi00+4bS/HmlXfhzVI +kJZmieSCbBC7k2gtgsHxgMuF++a9Msb+z1OzjvLC7gu7WTOyaCQSI2CQcMODggj8 +KALFFFFABRRRQAUUUUAfP/7QPgD/AJnTTo/7sephpf8AdSJ1U/gpwf7px941ufs3 +zwt4F1O3WWMzpqbO8YYblVoowpI6gEqwB77T6V7BPBDdW8tvcRRzQSoUkjkUMrqR +ggg8EEcYrzf4deCz4E8a+KbCJJDp9+kF1YusMmxIw0oMTOcjeu5RgsSwIb1AAPTK +KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK +KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK +KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAr +31hZ6nZyWd/aQXdrJjfDPGJEbBBGVPBwQD+FeZ3nwaXSXnvvAniDUvD94zpILfz2 +ktZCinarg/MQW5JYuACw2kHFeqUUAeP/APCxPHPgj/kffDH2nTE/d/2rpWG+78u9 +1ztG9imM+V1OAfuiSP8AaC8LnxZNp0qSLo4TMWrLvYM20HDRbA6jO5cjPIHGDkeu +V88az+zjrEu+6s/FMF/fTSl5jfQPFuzksxcM5LZx1HOSc+oB9BwTw3VvFcW8sc0E +qB45I2DK6kZBBHBBHOakrw/wj4S+KPw22/ZvsPiHTGzG2lR37J5edzB0aVVVPmPO +M7t3I6MvsF9Zf25oclrM99p7XMQyYJ/KngY4PDoSAwPoSpxjkHkA0KK+YPAq+JPG +9wNLi8WeK7O/fTxeLdT6jIIDtuvLkKJ1kXyyMfMv7xGBODx6n408W+OtA8Z2OlaP +pWjalb6qkw0+Eu6T7o4gzGRmYIAGbOB1UYyCc0AemUVwer+I/EvhbwHe6l4kvvDF +pqwuFS1dRcNaspK8MoBkZ8eYcKDwAegNY/w2+J2oeLfFV3ot7Jo12iWX2uO60tLi +NVIcIUZZgCT8wORgDHfPAB6pRXibfEn4g2Wia1r15Z+GJdP0PUzp97DD9oSWVldE +byySQAd4wT7/AC9j2ninxT4gj8W2XhTwpY2MupyWhv7i51JmEEUAYoOEO4sXAHHT +I4OSVAO4org9Kv8A4lXNv4gtb2x8Pw6haPAmn3AWcWs5YBpc5O8hVIAIAG7I5wcS +fCC4iu/hbo08NlBZRt5+IIC5RMTyDguzNz15J6+nFAHcUV4f4q+LnivRvEOo2EVr +odj5V2YLK01OG5Sa5j37BMJPlhEbHccllAAPJxk+4UAFFFFABRRRQAUUUUAFFFFA +BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA +BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA +BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAVn63pX9t6PPp32++sPO2/6TYTe +VMmGDfK2DjOMH2JrQooA5PwZ4CtvA6PBp+tazc2bJtWzvZ0kijO4tuQBAVOS2cHB +zyCQCKfiH4ZWfiPxGNcm8R+I7S6j/wCPdLO+EaW2UCN5QKEpuA+bB5ya7iigDl9V +8D2et+F7LRNR1TVZmsZY57fUftAW7SRCdr7woBYAkZKk9/vfNWXpfwuttK8QLrie +KfE9xqCW72yy3d6k3yMDwd0fIVjvAORuAJBrvKKAPN/+FM6O2h6hpEniDxHJa6hd +peXO+8QmSRd2SfkwdxYFsgklEOflrY1r4c6XrkWkyS3+q22p6ZEIYdWtbnZeOm0q +Q8mDuzkk8dScY3MD2FFAHDp8M7ePTprdfFPisXU0sbyah/aZ+0siBwsW7bjywZHb +GOp68CpPCXw4tvBlxE2neIfEEtpGjILC6uke3wxycJsG07ucrg5z2JB7SigDzf8A +4UtoXkfYf7b8R/2N5vmf2R/aJ+ybd+/Zt2525993fOea9IoooAKKKKACiiigAooo +oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo +oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo +oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo +oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo +oAKKKKACiiigAooooAKKKKACiiigAooooA//2Q== +=ao7I +-----END PGP ARMORED FILE----- |
