From 28c157b55cf6db6b6988def5c9512e388c512b10 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 1 Mar 2011 14:42:56 +0100 Subject: Support X.509 certificate creation. Using "gpgsm --genkey" allows the creation of a self-signed certificate via a new prompt. Using "gpgsm --genkey --batch" should allow the creation of arbitrary certificates controlled by a parameter file. An example parameter file is Key-Type: RSA Key-Length: 1024 Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA Key-Usage: sign, encrypt Serial: random Name-DN: CN=some test key Name-Email: foo@example.org Name-Email: bar@exmaple.org Hash-Algo: SHA384 not-after: 2038-01-16 12:44 This creates a self-signed X.509 certificate using the key given by the keygrip and using SHA-384 as hash algorithm. The keyword signing-key can be used to sign the certificate with a different key. See sm/certreggen.c for details. --- NEWS | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'NEWS') diff --git a/NEWS b/NEWS index f58871a67..1255b3486 100644 --- a/NEWS +++ b/NEWS @@ -19,9 +19,13 @@ Noteworthy changes in version 2.1.0beta2 (unreleased) * Dirmngr has taken over the function of the keyserver helpers. Thus we now have a specified direct interface to keyservers via Dirmngr. + LDAP, DNS and mail backends are not yet implemented. * ECC support for GPG as described by draft-jivsov-openpgp-ecc-06.txt. + * New GPGSM feature to create certificates from a parameter file. + Add prompt to the --gen-key UI to create self-signed certificates. + Noteworthy changes in version 2.1.0beta1 (2010-10-26) ----------------------------------------------------- -- cgit v1.2.3