Update head to match stable 1.0

155 files changed, 83373 insertions, 37086 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 9c5acd8a1..21c44df4e 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,429 +1,3446 @@
-2000-11-13  Werner Koch  <[email protected]>
+2002-06-21  Stefan Bellon  <[email protected]>
 
-	* Makefile.am: Do not install any program
+	* g10.c [__riscos__]: Moved RISC OS specific stuff to util/riscos.c
+	and include/util.h.
 
-2000-10-12  Werner Koch  <[email protected]>
+	* gpgv.c [__riscos__]: Likewise.
 
-	* keygen.c (keygen_add_std_prefs): Add Rijndael to the prefs.
+2002-06-20  David Shaw  <[email protected]>
+
+	* keydb.h, pkclist.c (select_algo_from_prefs): Allow passing a
+	suggested algorithm which will be used if available.
+
+	* encode.c (encode_crypt, encrypt_filter), sign.c (sign_file): Use
+	new select_algo_from_prefs feature to check if forcing an
+	algorithm would violate the recipient preferences.
+
+	* photoid.c (get_default_photo_command, show_photos): Use
+	different default viewers on different platforms.  Currently we
+	have Win 9x, Win NT (2k, xp), Mac OSX, RISC OS, and "everybody
+	else".  These are #ifdefs as much as possible to avoid clutter.
+
+	* g10.c (strusage, build_list), keyedit.c (show_prefs), main.h,
+	misc.c (compress_algo_to_string, check_compress_algo), pkclist.c
+	(algo_available), keygen.c (keygen_set_std_prefs): New
+	algo_to_string and check functions for compress algorithms.
+
+2002-06-20  Werner Koch  <[email protected]>
+
+	* misc.c (setsysinfo): Removed a #warning for Alpha's uniligedn
+	trap disabling - it is quite possible that this is a debug relict.
+
+2002-06-20  Stefan Bellon  <[email protected]>
+
+	* g10.c [__riscos__]: Added image file system feature.
+
+	* gpgv.c [__riscos__]: Added image file system feature.
+
+	* photoid.c (show_photos) [__riscos__]: Set RISC OS filetype of
+	photo id according to MIME type.
+
+2002-06-19  David Shaw  <[email protected]>
+
+	* hkp.c (parse_hkp_index): Don't leak memory when failing out of a
+	bad HKP keyserver.
+
+	* g10.c (add_notation_data): Relax slightly the rules as to what
+	can go into a notation name - 2440 allows "@", for example.
+
+2002-06-17  David Shaw  <[email protected]>
+
+	* import.c (clean_subkeys, import_one): Only allow at most 1
+	binding sig and at most 1 revocation sig on a subkey, as per
+	2440:11.1.
+
+	* hkp.c (parse_hkp_index, hkp_search): Error if the keyserver
+	returns an unparseable HKP response.
+
+2002-06-15  David Shaw  <[email protected]>
+
+	* keyedit.c (show_key_with_all_names), keylist.c
+	(list_keyblock_print): Show "[expired]" before expired uids.
+
+	* keyedit.c (show_key_with_all_names_colon), mainproc.c
+	(list_node), keylist.c (list_keyblock_colon): Show flag 'e' for
+	expired user ids.  Use "uat" for user attribute packets instead of
+	"uid".  Also use '<count> <length>' rather than the fake user id
+	string on attributes.
+
+	* keygen.c (keygen_add_revkey): Remove unused code.
+
+	* misc.c (check_permissions): Check directory permissions
+	properly - they are not special files.
+
+	* pkclist.c (expand_id, expand_group, build_pk_list): When
+	expanding groups before building a pk list, inherit flags from the
+	original pre-expanded string.
+
+	* pubkey-enc.c (is_algo_in_prefs): Don't use prefs from expired
+	uids.
+
+2002-06-14  David Shaw  <[email protected]>
+
+	* free-packet.c (copy_signature): Properly copy a signature that
+	carries a revocation key on it.
+
+	* pkclist.c (expand_id, expand_group, build_pk_list): Groups now
+	work properly when used in the "Enter the user ID" prompt.
+
+2002-06-14  David Shaw  <[email protected]>
+
+	* keyedit.c (show_key_with_all_names): Display warning if a user
+	tries to show prefs on a v3 key with a v3 selfsig.
+
+	* kbnode.c (dump_kbnode): Show if a uid is expired.
+
+	* import.c (merge_blocks, import_revoke_cert): Show user ID
+	receiving a revocation certificate.
+
+	* free-packet.c (cmp_user_ids): Properly compare attribute ids.
+
+	* pkclist.c (expand_groups): Maintain the strlist flags while
+	expanding.  Members of an expansion inherit their flags from the
+	expansion key.
+
+	* options.h, cipher.c (write_header), g10.c (main), keygen.c
+	(keygen_set_std_prefs): remove the personal_mdc flag.  It no
+	longer serves a purpose now that the personal preference lists are
+	split into cipher/digest/zip.
+
+2002-06-14  Timo Schulz  <[email protected]>
+
+	* skclist.c (is_insecure): Implemented.
+	
+2002-06-12  David Shaw  <[email protected]>
+
+	* keyserver.c (keyserver_spawn): Properly handle PROGRAM responses
+	when they have a CRLF ending.  Noted by Keith Ray.
+
+	* keyserver.c (keyserver_spawn): Handle CRLF endings from
+	keyserver helpers.  Also don't leak the last line worth of memory
+	from the keyserver response.
+
+	* main.h, misc.c (deprecated_warning): New function to warn about
+	deprecated options and commands.
+
+	* g10.c (main), keyserver-internal.h, keyserver.c
+	(parse_keyserver_uri): Use new deprecated function to warn about
+	honor-http-proxy, auto-key-retrieve, and x-broken-hkp.
+
+2002-06-11  David Shaw  <[email protected]>
+
+	* Makefile.am: link gpg with NETLIBS for the built-in HKP access.
+
+2002-06-10  David Shaw  <[email protected]>
+
+	* options.h, keyserver.c (keyserver_opts), g10.c (main): New
+	keyserver option "include-subkeys".  This feature already existed,
+	but now can be turned off.  It defaults to on.
+
+	* options.h, keyserver.c (parse_keyserver_options,
+	keyserver_spawn): There are now enough options to justify making a
+	structure for the keyserver options rather than a page of
+	if-then-else-if-then-etc.
+
+	* getkey.c (merge_keys_and_selfsig, merge_selfsigs_main): Fix bug
+	in calculating key expiration dates.
+
+2002-06-09  David Shaw  <[email protected]>
+
+	* keydb.h, getkey.c (get_user_id_native), import.c (import_one):
+	Display user ID while importing a key.  Note this applies to both
+	--import and keyserver --recv-keys.
+
+	* exec.c (exec_finish): Log unnatural exit (core dump, killed
+	manually, etc) for fork/exec/pipe child processes.
+
+2002-06-08  Timo Schulz  <[email protected]>
+
+	* encode.c (encode_symmetric): Disable the compat flag
+	when the expert mode is enabled.
+	
+2002-06-07  David Shaw  <[email protected]>
+
+	* options.skel, options.h, main.h, keydb.h, pkclist.c
+	(build_pk_list, expand_groups), g10.c (main, add_group): Add new
+	"group" command to allow one name to expand into multiple keys.
+	For simplicity, and to avoid potential loops, we only expand once
+	- you can't make an alias that points to an alias.
+
+	* main.h, g10.c (main), keygen.c (build_personal_digest_list):
+	Simplify the default digest list - there is really no need for the
+	other hashes since they will never be used after SHA-1 in the
+	list.
+
+	* options.skel, options.h, g10.c (main), hkp.c (hkp_ask_import,
+	hkp_export, hkp_search), keyserver.c (parse_keyserver_options,
+	parse_keyserver_uri, keyserver_work, keyserver_refresh): Make the
+	"x-broken-hkp" keyserver scheme into keyserver-option
+	"broken-http-proxy".  Move honor_http_proxy into
+	keyserver_options.  Canonicalize the three variations of "hkp",
+	"x-hkp", and "x-broken-hkp" into "hkp".
+
+2002-06-07  Stefan Bellon  <[email protected]>
+
+	* g10.c [__riscos__]: Added --attribute-file to do the same as
+	--attribute-fd, but with a filename not a fd as argument.
+	Added magic symbol for RISC OS to use different memory management.
+
+	* gpgv.c [__riscos__]: Added magic symbol for RISC OS to use
+	different memory management.
+
+2002-06-06  David Shaw  <[email protected]>
+
+	* main.h, g10.c (main), keygen.c (build_personal_digest_list): Put
+	in a default digest preference list consisting of SHA-1, followed
+	by every other installed digest except MD5.  Note this is the same
+	as having no digest preference at all except for SHA-1 being
+	favored.
+
+	* options.h, g10.c (main), keygen.c (keygen_set_std_prefs),
+	pkclist.c (select_algo_from_prefs): Split
+	--personal-preference-list into three:
+	--personal-{cipher|digest|compress}-preferences.  This allows a
+	user to set one without affecting another (i.e. setting only a
+	digest pref doesn't imply an empty cipher pref).
+
+	* exec.c (exec_read): This is a safer way of guessing the return
+	value of system().  Noted by Stefan Bellon.
+
+2002-06-05  David Shaw  <[email protected]>
+
+	* hkp.c (parse_hkp_index): Be more robust with keyservers
+	returning very unparseable responses.
+
+	* exec.c (exec_read): Catch and display an error when the remote
+	process exits unnaturally (i.e. segfault) so the user knows what
+	happened.  Also fix exec_write stub which has a different number
+	of arguments now.
+
+2002-06-05  Timo Schulz  <[email protected]>
+
+	* encode.c (encode_simple): Ignore the new mode for RFC1991.
+	* mainproc.c (symkey_decrypt_sesskey): Better check for weird
+	keysizes.
+	
+2002-06-05  Timo Schulz  <[email protected]>
+
+	* encode.c (encode_sesskey): New.
+	(encode_simple): Use it here. But by default we use the compat
+	mode which supress to generate encrypted session keys.
+	
+2002-06-05  Timo Schulz  <[email protected]>
+
+	* mainproc.c (symkey_decrypt_sesskey): New.
+	(proc_symkey_enc): Support for encrypted session keys.
+	
+2002-06-04  David Shaw  <[email protected]>
+
+	* sign.c (hash_for, sign_file): When encrypting and signing at the
+	same time, consult the various hash prefs to pick a hash algorithm
+	to use.  Pass in a 160-bit hint if any of the signing keys are
+	DSA.
+
+	* keydb.h, pkclist.c (select_algo_from_prefs, algo_available):
+	Pass a "hints" opaque pointer in to let the caller give hints as
+	to what algorithms would be acceptable.  The only current hint is
+	for PREFTYPE_HASH to require a 160-bit hash for DSA.  Change all
+	callers in encode.c (encode_crypt, encrypt_filter) and sign.c
+	(sign_file).  If we settle on MD5 as the best algorithm based
+	solely on recepient keys and SHA1 is also a possibility, use SHA1
+	unless the user intentionally chose MD5.  This is as per 2440:13.
+
+	* exec.c (make_tempdir): Fix duplicated filename problem.
+
+2002-06-03  David Shaw  <[email protected]>
+
+	* packet.h, parse-packet.c (enum_sig_subpkt): Report back from
+	enum_sig_subpkt when a subpacket is critical and change all
+	callers in keylist.c (show_policy_url, show_notation), mainproc.c
+	(print_notation_data), and pkclist.c (do_show_revocation_reason).
+
+	* keylist.c (show_policy_url, show_notation): Display if the
+	policy or notation is critical.
+	
+2002-06-03  David Shaw  <[email protected]>
+
+	* main.h, g10.c (main), keylist.c (dump_attribs, set_attrib_fd,
+	list_keyblock_print, list_keyblock_colon), status.h, status.c
+	(get_status_string): New --attribute-fd feature to dump the
+	contents of attribute subpackets for frontends.  If --status-fd is
+	also used, then a new status tag ATTRIBUTE is provided for each
+	subpacket.
+
+	* packet.h, getkey.c (fixup_uidnode, merge_selfsigs_main,
+	merge_selfsigs_subkey), parse-packet.c (setup_user_id): Keep track
+	of the expiration time of a user ID, and while we're at it, use
+	the expired flag from the selfsig rather than reparsing the
+	SIG_EXPIRE subpacket.
+
+	* photoid.c (generate_photo_id): When adding a new photo ID,
+	showing the photo for confirmation is not safe when noninteractive
+	since the "user" may not be able to dismiss a viewer window.
+	Noted by Timo Schulz.
+	
+2002-06-03  David Shaw  <[email protected]>
+
+	* options.skel: Sample photo viewers for Win32.
+
+	* misc.c (pct_expando): Use the seckey for %k/%K if the pubkey is
+	not available.
+
+	* photoid.h, photoid.c (show_photos): Include the seckey in case a
+	user tries to view a photo on a secret key, and change all callers
+	in keyedit.c (menu_showphoto), keylist.c (list_keyblock_print),
+	and photoid.c (generate_photo_id).
+
+2002-06-02  David Shaw  <[email protected]>
+
+	* photoid.c (show_photos): Work properly when not called with a
+	public key.
+
+2002-05-31  David Shaw  <[email protected]>
+
+	* sign.c (mk_notation_and_policy): Free unneeded buffer.
+
+	* hkp.c (parse_hkp_index): Properly handle the '&' character
+	(i.e. "&amp;") in HKP responses.
+
+	* getkey.c (merge_selfsigs_main): Fix reversed expiration time
+	check with self-sigs.
+
+	* keyedit.c (sign_uids): When making a new self-sig on a v3 key,
+	make a v3 self-sig unless it is currently a v3 self-sig being
+	promoted to v4.
+
+2002-05-31  Timo Schulz  <[email protected]>
+
+	* pkclist.c (do_show_revocation_reason): Don't use capital
+	letters for non-interactive output.
+	(show_revocation_reason): Now it is global.
+	* pubkey-enc.c (get_it): Show if the key has been revoked.
+	
+2002-05-30  David Shaw  <[email protected]>
+
+	* sign.c (write_signature_packets, sign_file, clearsign_file,
+	sign_symencrypt_file): Make a v4 signature if a policy URL or
+	notation is set, unless v3 sigs are forced via rfc1991 or
+	force-v3-sigs.  Also remove some doubled code and clarify an error
+	message (we don't sign in PGP2 mode - just detach-sign).
+
+	* parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any
+	size" section.
+
+2002-05-29  David Shaw  <[email protected]>
+
+	* keygen.c (keygen_set_std_prefs, add_feature_mdc): Use "mdc" and
+	"no-mdc" in the prefs string to allow switching on and off the MDC
+	feature.  This is needed to properly export a key from GnuPG for
+	use on PGP which does not support MDC - without this, MDC-capable
+	implementations will still try and generate MDCs which will break
+	PGP.
+
+	* keygen.c (keygen_get_std_prefs): Show "[mdc]" in prefs string if
+	it is enabled.
+
+	* options.h, g10.c (main), cipher.c (write_header), keygen.c
+	(keygen_set_std_prefs): For consistency, allow the user to specify
+	mdc/no-mdc in the --personal-preference-list.  If disabled, it
+	acts just like --disable-mdc.
+
+2002-05-29  David Shaw  <[email protected]>
+
+	* options.h, exec.c: Add some debugging info, using the 1024 debug
+	flag.
+
+	* exec.c (win_system): New system()-like function for win32 that
+	does not return until the child process terminates.  Of course,
+	this doesn't help if the process itself exits before it is
+	finished.
+
+2002-05-29  Werner Koch  <[email protected]>
+
+	* encode.c (encode_simple): Intialize PKT when --no-literal is used.
+
+	* keyedit.c (show_key_with_all_names_colon): Renamed the record
+	for revocation keys to "rvk".
+
+2002-05-27  Werner Koch  <[email protected]>
+
+	* keyedit.c (show_key_with_all_names_colon): New.
+	(show_key_with_all_names): Divert to new function when required.
+	Sanitize printing of revoker name.
+
+2002-05-27  David Shaw  <[email protected]>
+
+	* build-packet.c (build_sig_subpkt): Handle setting sig flags for
+	certain subpacket types (notation, policy url, exportable,
+	revocable).  keyedit.c (sign_mk_attrib): Flags no longer need to
+	be set here.
+
+	* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
+	(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check
+	buffer lengths before building a sig subpacket.
+
+2002-05-26  David Shaw  <[email protected]>
+
+	* sign.c (mk_notation_and_policy): Include secret key to enable %s
+	expandos, and pass notations through pct_expando as well.
+
+	* main.h, misc.c (pct_expando): Add %s and %S expandos for
+	signer's keyid.
+
+2002-05-25  David Shaw  <[email protected]>
+
+	* g10.c (strusage, build_list): Add compress algorithms to
+	--version list.  Show algorithm numbers when --verbose --version
+	is done.
+
+2002-05-22  David Shaw  <[email protected]>
+
+	* options.h, main.h, keygen.c (keygen_set_set_prefs,
+	keygen_get_std_prefs, keygen_upd_std_prefs), keyedit.c
+	(keyedit_menu), g10.c (main), pkclist.c (select_algo_from_prefs):
+	Add --personal-preference-list which allows the user to factor in
+	their own preferred algorithms when the preference lists are
+	consulted.  Obviously, this does not let the user violate a
+	recepient's preferences (and the RFC) - this only influences the
+	ranking of the agreed-on (and available) algorithms from the
+	recepients.  Suggested by David Hollenberg.
+
+	* options.h, keygen.c (keygen_set_std_prefs), g10.c (main): Rename
+	--preference-list to --default-preference-list (as that is what it
+	really is), and make it a true default in that if the user selects
+	"default" they get this list and not the compiled-in list.
+
+2002-05-22  Werner Koch  <[email protected]>
+
+	* g10.c (main): Add missing LF in a info printout and made it
+	translatable.  Noted by Michael Tokarev.
+
+2002-05-21  Werner Koch  <[email protected]>
+
+	* g10.c (main): Removed the undef of USE_SHM_COPROCESSING which
+	was erroneously introduced on 2002-01-09.
+
+	* signal.c (got_fatal_signal): Don't write the Nul to stderr.
+	Reported by David Hollenberg.
+
+2002-05-18  David Shaw  <[email protected]>
+
+	* main.h, g10.c (main), revoke.c (gen_desig_revoke): Generate a
+	designated revocation via --desig-revoke
+
+	* keyedit.c (keyedit_menu, menu_addrevoker): New "addrevoker"
+	command to add a designated revoker to a key.
+
+2002-05-17  David Shaw  <[email protected]>
+
+	* gpgv.c: Add stub for get_ownertrust().
+
+	* g10.c (main): --allow-freeform-uid should be implied by
+	OpenPGP.  Add --no-allow-freeform-uid.
+
+	* keyedit.c (sign_uids): Issue a warning when signing a
+	non-selfsigned uid.
+
+	* getkey.c (merge_selfsigs_main): If a key has no selfsigs, and
+	allow-non-selfsigned-uid is not set, still try and make the key
+	valid by checking all uids for a signature from an ultimately
+	trusted key.
+
+2002-05-16  David Shaw  <[email protected]>
+
+	* main.h, keygen.c (keygen_add_revkey): Add revocation key
+	subpackets to a signature (callable by
+	make_keysig_packet). (write_direct_sig): Write a 1F direct key
+	signature. (parse_revocation_key): Parse a string in
+	algo:fpr:sensitive format into a revocation
+	key. (get_parameter_revkey, do_generate_keypair): Call above
+	functions when prompted from a batch key generation file.
+
+	* build-packet.c (build_sig_subpkt): Allow multiple revocation key
+	subpackets in a single sig.
+
+	* keydb.h, getkey.c (get_seckey_byfprint): Same as
+	get_pubkey_byfprint, except for secret keys.  We only know the
+	fingerprint of a revocation key, so this is needed to retrieve the
+	secret key needed to issue a revokation.
+
+	* packet.h, parse-packet.c (parse_signature, parse_revkeys): Split
+	revkey parsing off into a new function that can be used to reparse
+	after manipulating the revkey list.
+
+	* sign.c (make_keysig_packet): Ability to make 1F direct key
+	signatures.
+
+2002-05-15  David Shaw  <[email protected]>
+
+	* options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl
+	as a sample LDAP server instead.
+
+	* getkey.c (merge_selfsigs_main): Properly handle multiple
+	revocation keys in a single packet.  Properly handle revocation
+	keys that are in out-of-order packets.  Remove duplicates in
+	revocation key list.
+
+2002-05-14  Timo Schulz   <[email protected]>
+
+	* exec.c (make_tempdir) [MINGW32]: Added missing '\'.
+	
+2002-05-14  Stefan Bellon  <[email protected]>
+
+	* exec.c (make_tempdir): Make use of EXTSEP_S instead of hardcoded
+	dot as extension separator.
+
+2002-05-13  David Shaw  <[email protected]>
+
+	* photoid.c (show_photos): Use the long keyid as the filename for
+	the photo.  Use the short keyid as the filename on 8.3 systems.
+
+	* exec.h, exec.c (make_tempdir, exec_write, exec_finish): Allow
+	caller to specify filename.  This should make things easier on
+	windows and macs where the file extension is required, but a whole
+	filename is even better.
+
+	* keyedit.c (show_key_with_all_names, show_prefs): Show proper
+	prefs for a v4 key uid with no selfsig at all.
+
+	* misc.c (check_permissions): Don't check permissions on
+	non-normal files (pipes, character devices, etc.)
+
+2002-05-11  Werner Koch  <[email protected]>
+
+	* mainproc.c (proc_symkey_enc): Avoid segv in case the parser
+	encountered an invalid packet.
+
+	* keyserver.c (keyserver_export): Get confirmation before sending
+	all keys.
+
+2002-05-10  Stefan Bellon  <[email protected]>
+
+	* g10.c, hkp.c, keyedit.c, keyserver.c: Replaced all occurrances
+	of strcasecmp with ascii_strcasecmp and all occurrances of
+	strncasecmp with ascii_memcasecmp.
+
+2002-05-10  David Shaw  <[email protected]>
+
+	* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Show
+	assumed prefs for hash and compression as well as the cipher pref.
+	Show assumed prefs if there are no prefs at all on a v4
+	self-signed key.
+
+	* options.h, g10.c (main), sign.c (make_keysig_packet): New
+	--cert-digest-algo function to override the default key signing
+	hash algorithm.
+
+2002-05-09  David Shaw  <[email protected]>
+
+	* getkey.c (merge_selfsigs_main): Make sure the revocation key
+	list starts clean as this function may be called more than once
+	(e.g. from functions in --edit).
+
+	* g10.c, encode.c (encode_crypt), sign.c (sign_file,
+	sign_symencrypt_file): Make --compress-algo work like the
+	documentation says.  It should be like --cipher-algo and
+	--digest-algo in that it can override the preferences calculation
+	and impose the setting the user wants.  No --compress-algo setting
+	allows the usual preferences calculation to take place.
+
+	* main.h, compress.c (compress_filter): use new
+	DEFAULT_COMPRESS_ALGO define, and add a sanity check for compress
+	algo value.
+
+2002-05-08  David Shaw  <[email protected]>
+
+	* pkclist.c (select_algo_from_prefs): There is an assumed
+	compression preference for uncompressed data.
+
+2002-05-07  David Shaw  <[email protected]>
+
+	* options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c
+	(algo_available): --pgp7, identical to --pgp6 except that it
+	permits a few algorithms that PGP 7 added: AES128, AES192, AES256,
+	and TWOFISH.  Any more of these --pgpX flags, and it'll be time to
+	start looking at a generic --emulate-pgp X option.
+
+	* export.c (do_export_stream): Warn the user when exporting a
+	secret key if it or any of its secret subkeys are protected with
+	SHA1 while simple_sk_checksum is set.
+
+	* parse-packet.c (parse_key): Show when the SHA1 protection is
+	used in --list-packets.
+
+	* options.h, build-packet.c (do_comment), g10.c (main): Rename
+	--no-comment as --sk-comments/--no-sk-comments (--no-comment still
+	works) and make the default be --no-sk-comments.
+
+2002-05-07  Werner Koch  <[email protected]>
+
+	* keygen.c (get_parameter_algo): Never allow generation of the
+	deprecated RSA-E or RSA-S flavors of PGP RSA.
+	(ask_algo): Allow generation of RSA sign and encrypt in expert
+	mode.  Don't allow ElGamal S+E unless in expert mode.
+	* helptext.c: Added entry keygen.algo.rsa_se.
+
+2002-05-07  David Shaw  <[email protected]>
+
+	* keyedit.c (sign_uids): If --expert is set, allow re-signing a
+	uid to promote a v3 self-sig to a v4 one.  This essentially
+	deletes the old v3 self-sig and replaces it with a v4 one.
+
+	* packet.h, parse-packet.c (parse_key), getkey.c
+	(merge_keys_and_selfsig, merge_selfsigs_main): a v3 key with a v4
+	self-sig must never let the v4 self-sig express a key expiration
+	time that extends beyond the original v3 expiration time.
+
+2002-05-06  David Shaw  <[email protected]>
+
+	* keyedit.c (sign_uids): When making a self-signature via "sign"
+	don't ask about sig level or expiration, and include the usual
+	preferences and such for v4 self-sigs.  (menu_set_preferences):
+	Convert uids from UTF8 to native before printing.
+
+	* keyedit.c (sign_uids): Convert uids from UTF8 to native before
+	printing.  (menu_set_primary_uid): Show error if the user tries to
+	make a uid with a v3 self-sig primary.
+
+2002-05-05  David Shaw  <[email protected]>
+
+	* import.c (import_one): When merging with a key we already have,
+	don't let a key conflict (same keyid but different key) stop the
+	import: just skip the bad key and continue.
+
+	* exec.c (make_tempdir): Under Win32, don't try environment
+	variables for temp directories - GetTempDir tries environment
+	variables internally, and it's better not to second-guess it in
+	case MS adds some sort of temp dir handling to Windows at some
+	point.
+
+2002-05-05  Timo Schulz  <[email protected]>
+
+        * mainproc.c (proc_symkey_enc): Don't ask for a passphrase
+        in the list only mode.
+	
+2002-05-05  David Shaw  <[email protected]>
+
+	* keyserver.c (keyserver_refresh): --refresh-keys implies
+	--merge-only so as not to import keys with keyids that match the
+	ones being refreshed.  Noted by Florian Weimer.
+
+2002-05-04  Stefan Bellon  <[email protected]>
+
+	* free-packet.c (copy_public_key): Don't call m_alloc(0), therefore
+	added consistency check for revkey and numrefkeys.
+
+	* getkey.c (check_revocation_keys): Added consistency check for
+	revkey and numrefkeys.
+
+	* keyedit.c (show_key_with_all_names): Likewise.
+
+2002-05-03  David Shaw  <[email protected]>
+
+	* photoid.c: Provide default image viewer for Win32.
+
+	* misc.c (pct_expando): %t means extension, not name ("jpg", not
+	"jpeg").
+
+	* keyserver.c (keyserver_spawn), photoid.c (show_photos), exec.h,
+	exec.c: Allow the caller to determine the temp file extension when
+	starting an exec_write and change all callers.
+
+	* keyedit.c (sign_uids): Nonrevocable key signatures cause an
+	automatic promotion to v4.
+
+	* exec.c: Provide stubs for exec_ functions when NO_EXEC is
+	defined.
+
+2002-05-02  David Shaw  <[email protected]>
+
+	* photoid.h, photoid.c (parse_image_header, image_type_to_string):
+	Useful functions to return data about an image.
+
+	* packet.h, parse-packet.c (make_attribute_uidname,
+	parse_attribute_subpkts, parse_attribute), photoid.h, photoid.c
+	(show_photos): Handle multiple images in a single attribute
+	packet.
+
+	* main.h, misc.c (pct_expando), sign.c (mk_notation_and_policy),
+	photoid.c (show_photos): Simpler expando code that does not
+	require using compile-time string sizes.  Call
+	image_type_to_string to get image strings (i.e. "jpg",
+	"image/jpeg").  Change all callers.
+
+	* keyedit.c (menu_showphoto), keylist.c (list_keyblock_print):
+	Allow viewing multiple images within a single attribute packet.
+
+	* gpgv.c: Various stubs for link happiness.
+
+2002-05-02  David Shaw  <[email protected]>
+
+	* build-packet.c (build_sig_subpkt), keyedit.c (sign_uids),
+	options.h, sign.c (mk_notation_and_policy), g10.c (main,
+	add_notation_data, add_policy_url (new), check_policy_url
+	(removed)): Allow multiple policy URLs on a given signature.
+	Split "--notation-data" into "--cert-notation" and
+	"--sig-notation" so the user can set different policies for key
+	and data signing.  For backwards compatibility, "--notation-data"
+	sets both, as before.
+
+2002-05-02  Werner Koch  <[email protected]>
+
+	* options.skel: Removed the comment on trusted-keys because this
+	option is now deprecated.
+
+2002-05-01  David Shaw  <[email protected]>
+
+	* keyedit.c (menu_adduid): 2440bis04 says that multiple attribute
+	packets on a given key are legal.
+
+	* keyserver.c (keyserver_refresh): the fake v3 keyid hack applies
+	to "mailto" URLs as well since they are also served by pksd.
+
+2002-04-29  Werner Koch  <[email protected]>
+
+	Added a copyright year for files changed this year.
+
+2002-04-25  Werner Koch  <[email protected]>
+
+	* g10.c, options.h: New options --display, --ttyname, --ttytype,
+	--lc-ctype, --lc-messages to be used with future versions of the
+	gpg-agent. 
+	* passphrase.c (agent_send_option,agent_send_all_options): New.
+	(agent_open): Send options to the agent.
+
+	* trustdb.c (update_ownertrust, clear_ownertrust): Do an explicit
+	do_sync because revalidation_mark does it only if when the
+	timestamp actually changes.
+
+2002-04-23  David Shaw  <[email protected]>
+
+	* main.h, keygen.c (do_generate_keypair), keylist.c
+	(print_signature_stats, list_all, list_one, list_keyblock,
+	list_keyblock_print, list_keyblock_colon): After generating a new
+	key, show the key information (name, keyid, fingerprint, etc.)
+	Also do not print uncheckable signatures (missing key..) in
+	--check-sigs.  Print statistics (N missing keys, etc.) after
+	--check-sigs.
+
+	* keyedit.c (sign_uids): When signing a key with an expiration
+	date on it, the "Do you want your signature to expire at the same
+	time?" question should default to YES.
+
+2002-04-22  David Shaw  <[email protected]>
+
+	* parse-packet.c (parse_plaintext), packet.h, plaintext.c
+	(handle_plaintext): Fix bug in handling literal packets with
+	zero-length data (no data was being confused with partial body
+	length).
+
+	* misc.c (pct_expando), options.skel: %t means extension ("jpg").
+	%T means MIME type ("image/jpeg").
+
+	* import.c (import_one): Only trigger trust update if the keyring
+	is actually changed.
+
+	* export.c (do_export_stream): Missing a m_free.
+
+2002-04-22  Stefan Bellon  <[email protected]>
+
+	* keyid.c (expirestr_from_sk, expirestr_from_sig): Added _() to
+	string constant.
+
+	* exec.c (make_tempdir) [__riscos__]: Better placement of
+	temporary file.
+
+2002-04-20  David Shaw  <[email protected]>
+
+	* keygen.c (generate_subkeypair): 2440bis04 adds that creating
+	subkeys on v3 keys is a MUST NOT.
+
+	* getkey.c (finish_lookup): The --pgp6 "use the primary key"
+	behavior should only apply while data signing and not encryption.
+	Noted by Roger Sondermann.
+
+2002-04-19  Werner Koch  <[email protected]>
 
-2000-10-11  Werner Koch  <[email protected]>
+	* keygen.c (keygen_set_std_prefs): Put back 3DES because the RFC
+	says it is good form to do so.
 
-	* packet.h: Add features sig subpacket definition.
-	* parse-packet.c (dump_sig_subpkt,parse_one_sig_subpkt,
-	can_handle_critical): Implemented it here.
-	* build-packet.c (build_sig_subpkt): and here.
-	* keygen.c (keygen_add_std_prefs): Generate a features packet.
+2002-04-19  David Shaw  <[email protected]>
+
+	* keyedit.c (menu_deluid): Only cause a trust update if we delete
+	a non-revoked user id.
+
+	* hkp.c (hkp_ask_import), keyserver.c (parse_keyserver_options,
+	keyserver_spawn), options.h: Remove fast-import keyserver option
+	(no longer meaningful).
+
+	* g10.c (main), keyedit.c (sign_uids), options.h: Change
+	--default-check-level to --default-cert-check-level as it makes
+	clear what it operates on.
+
+	* g10.c (main): --pgp6 also implies --no-ask-sig-expire.
+
+	* delkey.c (do_delete_key): Comment.
+
+	* keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,
+	menu_expire, menu_revsig, menu_revkey): Only force a trustdb check
+	if we did something that changes it.
+
+	* g10.c: add "--auto-check-trustdb" to override a
+	"--no-auto-check-trustdb"
+
+2002-04-19  Werner Koch  <[email protected]>
+
+	* tdbio.c (tdbio_write_nextcheck): Return a status whether the
+	stamp was actually changed.
+	* trustdb.c (revalidation_mark): Sync the changes.  Removed the
+	sync operation done by its callers.
+	(get_validity): Add logic for maintaining a pending_check flag.
+	(clear_ownertrust): New.
+	
+	* keyedit.c (sign_uids): Don't call revalidation_mark depending on
+	primary_pk.
+	(keyedit_menu): Call revalidation_mark after "trust".
+	(show_key_with_all_names): Print a warning on the wrong listed key
+	validity.
+
+	* delkey.c (do_delete_key): Clear the owenertrust information when
+	deleting a public key.
 	
-2000-10-09  Werner Koch  <[email protected]>
+2002-04-18  Werner Koch  <[email protected]>
+
+	* seskey.c (encode_md_value): Print an error message if a wrong
+	digest algorithm is used with DSA.  Changed all callers to cope
+	with a NULL return.  Problem noted by Imad R. Faiad.
+
+2002-04-18  David Shaw  <[email protected]>
+
+	* trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable
+	signatures that can expire.  In short, the only thing that can
+	override an unexpired nonrevocable signature is another unexpired
+	nonrevocable signature.
+
+	* getkey.c (finish_lookup): Always use primary signing key for
+	signatures when --pgp6 is on since pgp6 and 7 do not understand
+	signatures made by signing subkeys.
+
+2002-04-18  Werner Koch  <[email protected]>
+
+	* trustdb.c (validate_keys): Never schedule a nextcheck into the
+	past.
+	(validate_key_list): New arg curtime use it to set next_expire.
+	(validate_one_keyblock): Take the current time from the caller.
+	(clear_validity, reset_unconnected_keys): New.
+	(validate_keys): Reset all unconnected keys.
+
+	* getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
+	for use with secret keys.
+	(lookup): Advance the searchmode after a search FIRST.
+
+	* seckey-cert.c (do_check): Always calculate the old checksum for
+	use after unprotection.
+
+	* g10.c, options.skel: New option --no-escape-from.  Made
+	--escape-from and --force-v3-sigs the default and removed them
+	from the options skeleton.
+
+2002-04-16  Werner Koch  <[email protected]>
+
+	* parse-packet.c (parse_key): Support a SHA1 checksum as per
+	draft-rfc2440-bis04.
+	* packet.h (PKT_secret_key): Add field sha1chk.
+	* seckey-cert.c (do_check): Check the SHA1 checksum
+	(protect_secret_key): And create it.
+	* build-packet.c (do_secret_key): Mark it as sha-1 protected.
+	* g10.c, options.h: New option --simple-sk-checksum.
+
+2002-04-13  David Shaw  <[email protected]>
+
+	* parse-packet.c (parse_signature): Minor fix - signatures should
+	expire at their expiration time and not one second later.
+
+	* keygen.c (proc_parameter_file): Allow specifying preferences
+	string (i.e. "s5 s2 z1 z2", etc) in a batchmode key generation
+	file.
+
+	* keyedit.c (keyedit_menu): Print standard error message when
+	signing a revoked key (no new translation).
+
+	* getkey.c (merge_selfsigs): Get the default set of key prefs from
+	the real (not attribute) primary uid.
+
+2002-04-12  David Shaw  <[email protected]>
+
+	* pkclist.c (build_pk_list): Fix bug that allowed a key to be
+	selected twice in batch mode if one instance was the default
+	recipient and the other was an encrypt-to.  Noted by Stefan
+	Bellon.
+
+	* parse-packet.c (dump_sig_subpkt): Show data in trust and regexp
+	sig subpackets.
+
+	* keyedit.c (keyedit_menu): Use new function real_uids_left to
+	prevent deleting the last real (i.e. non-attribute) uid.  Again,
+	according to the attribute draft. (menu_showphoto): Make another
+	string translatable.
+
+2002-04-11  David Shaw  <[email protected]>
+
+	* build-packet.c (build_sig_subpkt): Delete subpackets from both
+	hashed and unhashed area on update.  (find_subpkt): No longer
+	needed.
+
+	* keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key
+	with a v4 signature.  As usual, --expert overrides.  Try to tweak
+	some strings to a closer match so they can all be translated in
+	one place.  Use different helptext keys to allow different help
+	text for different questions.
+
+	* keygen.c (keygen_upd_std_prefs): Remove preferences from both
+	hashed and unhashed areas if they are not going to be used.
+
+2002-04-10  David Shaw  <[email protected]>
+
+	* misc.c (pct_expando), options.skel: Use %t to indicate type of a
+	photo ID (in this version, it's always "jpeg").  Also tweak string
+	expansion loop to minimize reallocs.
+
+	* mainproc.c (do_check_sig): Variable type fix.
+
+	* keyedit.c (menu_set_primary_uid): Differentiate between true
+	user IDs and attribute user IDs when making one of them primary.
+	That is, if we are making a user ID primary, we alter user IDs.
+	If we are making an attribute packet primary, we alter attribute
+	packets.  This matches the language in the latest attribute packet
+	draft.
+
+	* keyedit.c (sign_uids): No need for the empty string hack.
+
+	* getkey.c (fixup_uidnode): Only accept preferences from the
+	hashed segment of the self-sig.
+
+2002-04-10  Werner Koch  <[email protected]>
+
+	* tdbio.c (migrate_from_v2): Fixed the offset to read the old
+	ownertrust value and only add entries to the table if we really
+	have a value.
+
+2002-04-08  David Shaw  <[email protected]>
+
+	* status.h, status.c (get_status_string): Add KEYEXPIRED, EXPSIG,
+	and EXPKEYSIG.  Add "deprecated-use-keyexpired-instead" to
+	SIGEXPIRED.
+
+	* sig-check.c (do_check): Start transition from SIGEXPIRED to
+	KEYEXPIRED, since the actual event is signature verification by an
+	expired key and not an expired signature. (do_signature_check,
+	packet.h): Rename as signature_check2, make public, and change all
+	callers.
+
+	* mainproc.c (check_sig_and_print, do_check_sig): Use status
+	EXPSIG for an expired, but good, signature.  Add the expiration
+	time (or 0) to the VALIDSIG status line.  Use status KEYEXPSIG for
+	a good signature from an expired key.
+
+	* g10.c (main): remove checks for no arguments now that argparse
+	does it.
+
+2002-04-06  Werner Koch  <[email protected]>
+
+	* keyring.c (keyring_get_keyblock): Disable the keylist mode here.
+
+	* encode.c (encode_simple, encode_crypt): Only test on compressed
+	files if a compress level was not explicity set.
+
+	* keygen.c (keygen_set_std_prefs): Removed Blowfish and Twofish
+	from the list of default preferences, swapped the preferences of
+	RMD160 and SHA1.  Don't include a preference to 3DES unless the
+	IDEA kludge gets used.
+
+	* free-packet.c (free_packet): call free_encrypted also for
+	PKT_ENCRYPTED_MDC.
+
+	* compress.c (release_context): New.
+	(handle_compressed): Allocate the context and setup a closure to
+	release the context.  This is required because there is no
+	guarabntee that the filter gets popped from the chain at the end
+	of the function.  Problem noted by Timo and probably also the
+	cause for a couple of other reports.
+	(compress_filter): Use the release function if set.
+
+	* tdbio.c [__CYGWIN32__]: Don't rename ftruncate.  Noted by
+	Disastry.
+
+	* parse-packet.c (parse_signature): Put parens around a bit test.
+
+	* exec.c (make_tempdir): Double backslash for TMP directory
+	creation under Windows.  Better strlen the DIRSEP_S constants for
+	allocation measurements.
+
+	* decrypt.c (decrypt_messages): Release the passphrase aquired
+	by get_last_passphrase.
 
-	* keygen.c (do_generate_keypair): Removed the keyblock locking.
+2002-04-02  Werner Koch  <[email protected]>
 
-	* ringedit.c (enum_keyblocks): Replaced by ...
-	(enum_keyblocks_begin): New.
-	(enum_keyblocks_next): New.
-	(enum_keyblocks_end): New. And changed all callers.
+	* Makefile.am (EXTRA_DIST): Removed OPTIONS an pubring.asc - they
+	are no longer of any use. 
+
+2002-04-03  David Shaw  <[email protected]>
+
+	* keyserver.c (parse_keyserver_options): fix auto-key-retrieve to
+	actually work as a keyserver-option (noted by Roger Sondermann).
+
+	* keylist.c (reorder_keyblock): do not reorder the primary
+	attribute packet - the first user ID must be a genuine one.
+
+2002-03-31  David Shaw  <[email protected]>
+
+	* keylist.c (list_keyblock_colon): Fix ownertrust display with
+	--with-colons.
+
+	* keygen.c (generate_user_id), photoid.c (generate_photo_id):
+	Properly initialize the user ID refcount.  A few more "y/n" ->
+	"y/N" in photoid.c.
+
+	* keyedit.c (ask_revoke_sig): Warn the user if they are about to
+	revoke an expired sig (not a problem, but they should know).  Also
+	tweak a few prompts to change "y/n" to "y/N", which is how most
+	other prompts are written.
+
+	* keyserver.c (keyserver_search_prompt): Control-d escapes the
+	keyserver search prompt.
+
+	* pkclist.c (show_revocation_reason & callers): If a subkey is
+	considered revoked solely because the parent key is revoked, print
+	the revocation reason from the parent key.
+
+	* trustdb.c (get_validity): Allow revocation/expiration to apply
+	to a uid/key with no entry in the trustdb.
+
+2002-03-29  David Shaw  <[email protected]>
+
+	* keyserver.c (printunquoted): unquote backslashes from keyserver
+	searches
+
+	* hkp.c (write_quoted): quote backslashes from keyserver searches
+
+2002-03-26  Werner Koch  <[email protected]>
+
+	* keygen.c (ask_keysize): Removed the warning for key sizes > 1536.
+
+2002-03-25  Werner Koch  <[email protected]>
+
+	* keyedit.c (sign_uids): Use 2 strings and not a %s so that
+	translations can be done the right way.
+	* helptext.c: Fixed small typo.
+
+2002-03-23  David Shaw  <[email protected]>
+
+	* import.c (append_uid, merge_sigs): it is okay to import
+	completely non-signed uids now (with --allow-non-selfsigned-uid).
+
+	* getkey.c (get_primary_uid, merge_selfsigs_main): do not choose
+	an attribute packet (i.e. photo) as primary uid.  This prevents
+	oddities like "Good signature from [image of size 2671]".  This is
+	still not perfect (one can still select an attribute packet as
+	primary in --edit), but is closer to the way the draft is going.
+
+	* g10.c (build_list): algorithms should include 110.
+
+	* g10.c (main): --pgp2 implies --no-ask-sig-expire and
+	--no-ask-cert-expire as those would cause a v4 sig/cert.
+
+	* armor.c (is_armor_header): be more lenient in what constitutes a
+	valid armor header (i.e. -----BEGIN blah blah-----) as some
+	Windows programs seem to add spaces at the end.  --openpgp makes
+	it strict again.
+
+2002-03-18  David Shaw  <[email protected]>
+
+	* keyserver.c (keyserver_search_prompt): Properly handle a "no
+	keys found" case from the internal HKP code (external HKP is ok).
+	Also, make a COUNT -1 (i.e. streamed) keyserver response a little
+	more efficient.
+
+	* g10.c (main): Add --no-allow-non-selfsigned-uid
+
+2002-03-17  David Shaw  <[email protected]>
+
+	* g10.c (main): --openpgp implies --allow-non-selfsigned-uid.
+
+	* getkey.c (merge_selfsigs_main): If none of the uids are primary
+	(because none are valid) then pick the first to be primary (but
+	still invalid).  This is for cosmetics in case some display needs
+	to print a user ID from a non-selfsigned key.  Also use
+	--allow-non-selfsigned-uid to make such a key valid and not
+	--always-trust.  The key is *not* automatically trusted via
+	--allow-non-selfsigned-uid.
+
+	* mainproc.c (check_sig_and_print): Make sure non-selfsigned uids
+	print [uncertain] on verification even though one is primary now.
+
+	* getkey.c (merge_selfsigs): If the main key is not valid, then
+	neither are the subkeys.
+
+	* import.c (import_one): Allow --allow-non-selfsigned-uid to work
+	on completely unsigned keys.  Print the uids in UTF8.  Remove
+	mark_non_selfsigned_uids_valid().
+
+	* keyedit.c (show_key_with_all_names): Show revocation key as
+	UTF8.
+
+	* sign.c (clearsign_file): Allow --not-dash-escaped to work with
+	v3 keys.
+
+2002-03-14  Werner Koch  <[email protected]>
+
+	* main.h: Changed the default algorithms to CAST5 and SHA1.
+
+2002-03-13  David Shaw  <[email protected]>
+
+	* import.c (chk_self_sigs): Show which user ID a bad self-sig
+	(invald sig or unsupported public key algorithm) resides on.
+
+	* import.c (chk_self_sigs): any valid self-sig should mark a user
+	ID or subkey as valid - otherwise, an attacker could DoS the user
+	by inventing a bogus invalid self-signature.
+
+2002-03-07  David Shaw  <[email protected]>
+
+	* g10.c (main): make a few more strings translatable.
+
+	* options.h, options.skel, g10.c (main), gpgv.c, mainproc.c
+	(check_sig_and_print), keyserver.c (parse_keyserver_options):
+	--auto-key-retrieve should really be a keyserver-option variable.
+
+	* import.c (revocation_present): new function to print a warning
+	if a key is imported that has been revoked by designated revoker,
+	but the designated revoker is not present to verify the
+	revocation.  If keyserver-options auto-key-retrieve is set, try
+	and fetch the designated revoker from the keyserver.
+
+	* import.c (import_one): call revocation_present after importing a
+	new key.  Note that this applies to --import, --recv-keys, and
+	--search-keys.
+	
+	* keyserver-internal.h, keyserver.c (keyserver_import_fprint):
+	import via fingerprint (for revocation keys).
+
+	* keyserver.c (keyserver_import_keyid): much simpler
+	implementation now that we're using KEYDB_SEARCH_DESC internally.
+
+2002-03-04  David Shaw  <[email protected]>
+
+	* revoke.c (gen_revoke): do not prompt for revocation reason for
+	v3 revocations (unless force-v4-certs is on) since they wouldn't
+	be used anyway.
+
+	* keyedit.c (menu_revsig): show the status of the sigs
+	(exportable? revocable?) to the user before prompting for which
+	sig to revoke.  Also, make sure that local signatures get local
+	revocations.
+
+	* keyedit.c (ask_revoke_sig): remind the user which sigs are
+	local.
+
+	* g10.c (main): Add "exec-path" variable to override PATH for
+	execing programs.
+
+	* export.c (do_export_stream): properly check return code from
+	classify_user_id to catch unclassifiable keys.
+
+2002-03-03  David Shaw  <[email protected]>
+
+	* parse-packet.c (parse_signature): variable type tweak for RISC
+	OS (from Stefan)
+
+2002-02-28  David Shaw  <[email protected]>
+
+	* getkey.c (check_revocation_keys): New function to check a
+	revocation against a list of potential revocation keys.  Note the
+	loop-breaking code here.  This is to prevent blowing up if A is
+	B's revocation key, while B is also A's.  Note also that this is
+	written so that a revoked revoker can still issue revocations:
+	i.e. If A revokes B, but A is revoked, B is still revoked.  I'm
+	not completely convinced this is the proper behavior, but it
+	matches how PGP does it.  It does at least have the advantage of
+	much simpler code - my first version of this had lots of loop
+	maintaining code so you could chain revokers many levels deep and
+	if D was revoked, C was not, which meant that B was, and so on.
+	It was sort of scary, actually.
+
+	* getkey.c (merge_selfsigs_main): Add any revocation keys onto the
+	pk.  This is particularly interesting since we normally only get
+	data from the most recent 1F signature, but you need multiple 1F
+	sigs to properly handle revocation keys (PGP does it this way, and
+	a revocation key could be marked "sensitive" and hence in a
+	different signature).  Also, if a pk has a revocation key set,
+	check for revocation sigs that were not made by us - if made by a
+	valid revocation key, mark the pk revoked.
+
+	* packet.h, getkey.c (cache_public_key): do not cache key if
+	"dont_cache" is set.  This allows the revocation key code to look
+	up a key and return information that may be inaccurate to prevent
+	loops without caching the fake data.
+
+	* packet.h, sig-check.c (do_signature_check): Record if a
+	signature was made by a revoked pk.
+
+	* packet.h, parse-packet.c (parse_one_sig_subpkt,
+	can_handle_critical, parse_signature): Get revocation key
+	information out of direct sigs.
 	
-	* import.c (import_one): Removed keyblock locking becuase this is
-	now done inside of insert_keyblock().  Removed get_keyblock_handle
-	because insert_keyblock() now decides what is the default keyring.
+	* keylist.c (list_keyblock_print): don't assume that the presence
+	of a 0x20 signature means the key is revoked.  With revocation
+	keys, this may not be true if the revocation key is not around to
+	verify it or if verification failed.  Also, 0x1F should get listed
+	as "sig", and not "unexpected signature class".
+
+	* keyedit.c (show_key_with_all_names): Add a flag for printing
+	revoker information and change all callers.
+
+	* import.c (merge_blocks): merge in any new direct key (0x1F)
+	sigs.
+
+	* import.c (import_revoke_cert): don't keep processing after a
+	revocation is rejected.
+	
+	* import.c (delete_inv_parts): Allow importing a revocation
+	signature even if it was not issued by the key.  This allows a
+	revocation key to issue it.  Of course, the sig still needs to be
+	checked before we trust it.
+
+	* free-packet.c (copy_public_key): Include a new copy of the
+	revocation keys when duping a pk.
+
+	* free-packet.c (free_seckey_enc, release_public_key_parts): Free
+	any revocation keys that are attached to a sig or pk.
+
+	* export.c (do_export_stream): Do not export signatures with
+	"sensitive" revocation keys in them.
+
+2002-02-27  David Shaw  <[email protected]>
+
+	* export.c (do_export_stream): Do not include v3 keys in a
+	--export-secret-subkeys export.
+
+	* getkey.c (merge_selfsigs_main): If a key isn't valid (say,
+	because of no self-signature), allow --always-trust to force it
+	valid so it can be trusted.
+
+2002-02-25  David Shaw  <[email protected]>
+
+	* hkp.c (hkp_ask_import), hkp.h, keyserver.c (all): treat key
+	lists internally as fingerprints when possible.  All this is via
+	KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows
+	the helper program to search the keyserver by fingerprint if
+	desired (and the keyserver supports it).  Note that automatic
+	fingerprint promotion during refresh only applies to v4 keys as a
+	v4 fingerprint can be easily changed into a long or short key id,
+	and a v3 cannot.
+
+	* pubkey-enc.c, getkey.c, misc.c, main.h: Take two copies of
+	hextobyte() from pubkey-enc.c and getkey.c and make them into one
+	copy in misc.c.
+
+2002-02-22  David Shaw  <[email protected]>
+
+	* keyserver.c (keyserver_search_prompt): Detect a "no keys found"
+	case even if the helper program does not explicitly say how many
+	keys were found.
+
+	* hkp.c (parse_hkp_index): Bug fix - don't report non-revoked keys
+	as revoked in HKP key searches.
+
+2002-02-19  Werner Koch  <[email protected]>
+
+	* parse-packet.c (parse_trust): Made parsing more robust.
+
+2002-02-19  David Shaw  <[email protected]>
+
+	* hkp.c (parse_hkp_index): Catch corruption in HKP index lines
+	(can be caused by broken or malicious keyservers).
+
+	* keyserver.c (keyserver_work): Add KEYSERVER_NOT_SUPPORTED for
+	unsupported actions (say, a keyserver that has no way to search,
+	or a readonly keyserver that has no way to add).  Also add a
+	USE_EXTERNAL_HKP define to disable the internal HKP keyserver
+	code.
+
+2002-02-14  Werner Koch  <[email protected]>
+
+	* g10.c: New option --no-use-agent. 
+
+	* pkclist.c (check_signatures_trust): Always print the warning for
+	unknown and undefined trust.  Removed the did_add cruft.  Reported
+	by Janusz A. Urbanowicz.
+
+2002-02-11  David Shaw  <[email protected]>
+
+	* hkp.c (parse_hkp_index): Bug fix - properly handle user IDs with
+	colons (":") in them while HKP searching.
+
+2002-02-09  David Shaw  <[email protected]>
+
+	* misc.c (pct_expando): More comments.
+
+	* keydb.h, sign.c (mk_notation_and_policy): Clarify what is a sig
+	and what is a cert.  A sig has sigclass 0x00, 0x01, 0x02, or 0x40,
+	and everything else is a cert.
+
+	* g10.c (main), keyedit.c (keyedit_menu): Add a "nrlsign" for
+	nonrevocable and local key signatures.
+
+	* g10.c (main): Add a --no-force-mdc to undo --force-mdc.
+
+	* options.h, g10.c (main), cipher.c (write_header): Add a knob to
+	--disable-mdc/--no-disable-mdc.  Off by default, of course, but is
+	used in --pgp2 and --pgp6 modes.
+	
+	* pkclist.c (build_pk_list): Allow specifying multiple users in
+	the "Enter the user ID" loop.  Enter a blank line to stop.  Show
+	each key+id as it is added.
+
+	* keylist.c (show_policy_url), mainproc.c (print_notation_data):
+	It is not illegal (though possibly silly) to have multiple policy
+	URLs in a given signature, so print all that are present.
+	
+	* hkp.c (hkp_search): More efficient implementation of URL-ifying
+	code.
+
+2002-02-04  David Shaw  <[email protected]>
+
+	* main.h, misc.c (pct_expando): New function to generalize
+	%-expando processing in any arbitrary string.
+
+	* photoid.c (show_photo): Call the new pct_expando function rather
+	than expand strings internally.
+	
+	* sign.c (mk_notation_and_policy): Show policy URLs and notations
+	when making a signature if show-policy/show-notation is on.
+	%-expand policy URLs during generation.  This lets the user have
+	policy URLs of the form "http://notary.jabberwocky.com/keysign/%K"
+	which will generate a per-signature policy URL.
+
+	* main.h, keylist.c (show_policy_url, show_notation): Add amount
+	to indent so the same function can be used in key listings as well
+	as during sig generation.  Change all callers.
+
+2002-02-04  David Shaw  <[email protected]>
+
+	* keyserver.c, options.h (parse_keyserver_options, keyidlist):
+	Workaround for the pksd and OKS keyserver bug that calculates v4
+	RSA keyids as if they were v3.  The workaround/hack is to fetch
+	both the v4 (e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids.  This
+	only happens for key refresh while using the HKP scheme and the
+	refresh-add-fake-v3-keyids keyserver option must be set.  This
+	should stay off by default.
+
+2002-02-03  David Shaw  <[email protected]>
+
+	* keyserver.c (keyserver_spawn): Bug fix - do not append keys to
+	each other when --sending more than one.
+
+2002-02-02  David Shaw  <[email protected]>
+
+	* options.h, g10.c (main), keyedit.c (sign_uids), sign.c
+	(mk_notation_and_policy): Split "--set-policy-url" into
+	"--cert-policy-url" and "--sig-policy-url" so the user can set
+	different policies for key and data signing.  For backwards
+	compatibility, "--set-policy-url" sets both, as before.
+
+2002-01-30  Werner Koch  <[email protected]>
+
+	* g10.c (main): --gen-random --armor does now output a base64
+	encoded string.
+
+2002-01-28  David Shaw  <[email protected]>
+
+	* g10.c (main), options.h, pkclist.c (algo_available): --pgp6
+	flag.  This is not nearly as involved as --pgp2.  In short, it
+	turns off force_mdc, turns on no_comment, escape_from, and
+	force_v3_sigs, and sets compression to 1.  It also restricts the
+	user to IDEA (if present), 3DES, CAST5, MD5, SHA1, and RIPEMD160.
+	See the comments above algo_available() for lots of discussion on
+	why you would want to do this.
+
+2002-01-27  David Shaw  <[email protected]>
+
+	* keygen.c (keygen_set_std_prefs): Comment
+
+	* keyedit.c (sign_uids): Bug fix - when signing with multiple
+	secret keys at the same time, make sure each key gets the sigclass
+	prompt.
+
+	* exec.c (exec_finish): Close the iobuf and FILE before trying to
+	waitpid, so the remote process will get a SIGPIPE and exit.  This
+	is only a factor when using a pipe to communicate.
+
+	* exec.c (exec_write): Disable cache-on-close of the fd iobuf (is
+	this right?  Why is a fd iobuf cached at all?)
+
+2002-01-26  Werner Koch  <[email protected]>
+
+	* g10.c, options.h: New option --gpg-agent-info
+	* passphrase.c (agent_open): Let it override the environment info.
+	* seckey-cert.c (check_secret_key): Always try 3 times when the
+	agent is enabled.
+	* options.skel: Describe --use-agent.
+
+2002-01-24  David Shaw  <[email protected]>
+
+	* pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences
+	against keys with v4 self sigs - there is really little point in
+	warning for every single non-IDEA message encrypted to an old key.
+
+	* pkclist.c (select_algo_from_prefs): Only put in the fake IDEA
+	preference if --pgp2 is on.
+
+	* mainproc.c (check_sig_and_print): Print "Expired" for expired
+	but good signatures (this still prints "BAD" for expired but bad
+	signatures).
+
+2002-01-23  David Shaw  <[email protected]>
+
+	* keygen.c (ask_keysize): Cosmetic: don't present a RSA signing
+	key as a "keypair" which can be 768 bits long (as RSA minimum is
+	1024).
+
+	* pubkey-enc.c (is_algo_in_prefs): Allow IDEA as a fake preference
+	for v3 keys with v3 selfsigs.
+
+2002-01-22  David Shaw  <[email protected]>
+
+	* packet.h, getkey.c (merge_selfsigs_main), pkclist.c
+	(select_algo_from_prefs): Implement the fake IDEA preference as
+	per RFC2440:12.1.  This doesn't mean that IDEA will be used (the
+	plugin may not be present), but it does mean that a v3 key with a
+	v3 selfsig has an implicit IDEA preference instead of 3DES.  v3
+	keys with v4 selfsigs use preferences as normal.
+
+	* encode.c (encode_crypt): if select_algo_from_prefs fails, this
+	means that we could not find a cipher that both keys like.  Since
+	all v4 keys have an implicit 3DES preference, this means there is
+	a v3 key with a v3 selfsig in the list.  Use 3DES in this case as
+	it is the safest option (we know the v4 key can handle it, and
+	we'll just hope the v3 key is being used in an implementation that
+	can handle it).  If --pgp2 is on, warn the user what we're doing
+	since it'll probably break PGP2 compatibility.
+
+	* g10.c (main): Do not force using IDEA for encrypted files in
+	--pgp2 mode - let the fake IDEA preference choose this for us for
+	better compatibility when encrypting to multiple keys, only some
+	of which are v3.
+
+	* keygen.c (keygen_set_std_prefs): Put 3DES on the end of the
+	default cipher pref list (RFC2440: "...it is good form to place it
+	there explicitly.").  If the user has the IDEA plugin installed,
+	put a preference for IDEA *after* 3DES to effectively disable its
+	use for everything except encrypting along with v3 keys.
+
+	* encode.c, g10.c, sign.c: Change the PGP2 warning line from
+	"... will not be usable ..." to "... may not be usable ..." as the
+	user could be using one of the enhanced PGP2 variations.
+
+	* helptext.c: Revise the sign_uid.class help text as suggested by
+	Stefan.
+	
+2002-01-20  Werner Koch  <[email protected]>
+
+	* passphrase.c (passphrase_to_dek): Add tryagain_text arg to be
+	used with the agent.  Changed all callers.
+	(agent_get_passphrase): Likewise and send it to the agent
+	* seckey-cert.c (do_check): New arg tryagain_text.
+	(check_secret_key): Pass the string to do_check.
+	* keygen.c (ask_passphrase): Set the error text is required.
+	* keyedit.c (change_passphrase): Ditto.
+
+	* passphrase.c (agent_open): Disable opt.use_agent in case of a
+	problem with the agent. 
+	(agent_get_passphrase): Ditto.
+	(passphrase_clear_cache): Ditto.
+
+2002-01-19  Werner Koch  <[email protected]>
+
+	* passphrase.c (agent_open): Add support for the new Assuan based
+	gpg-agent.  New arg to return the used protocol version.
+	(agent_get_passphrase): Implemented new protocol here.
+	(passphrase_clear_cache): Ditto.
+	(readline): New.
+	
+2002-01-15  Timo Schulz  <[email protected]>
+
+	* encode.c (encode_crypt_files): Fail if --output is used.
+	
+	* g10.c: New command --decrypt-files.
+
+	* decrypt.c (decrypt_messages): New.
+	
+2002-01-09  David Shaw  <[email protected]>
+
+	* g10.c, misc.c, gpgv.c: move idea_cipher_warn to misc.c so gpgv.c
+	doesn't need a stub for it any longer.
+
+	* g10.c (get_temp_dir), main.h: no longer used (it's in exec.c now)
+
+	* g10.c (main), delkey.c (delete_keys), main.h : Allow
+	--delete-key (now --delete-keys, though --delete-key still works,
+	of course) to delete multiple keys in one go.  This applies to
+	--delete-secret-key(s) and --delete-secret-and-public-key(s) as
+	well.
+
+2002-01-09  Timo Schulz  <[email protected]>
+
+	* encode.c (encode_crypt_files): Now it behaves like verify_files.
+	
+	* g10.c (main): We don't need to check argc for encode_crypt_files
+	any longer.
+
+2002-01-09  Timo Schulz  <[email protected]>
+
+	* exec.c: Include windows.h for dosish systems.
+
+2002-01-08  Timo Schulz  <[email protected]>
+
+	* g10.c (main): New description for --encrypt-files.
+
+2002-01-08  Werner Koch  <[email protected]>
+
+	* g10.c (main): Must register the secring for encryption because
+	it is needed to figure out the default recipient.  Reported by
+	Roger Sondermann.
+
+2002-01-05  David Shaw  <[email protected]>
+
+	* keyedit.c (menu_adduid): Require --expert before adding a photo
+	ID to a v3 key, and before adding a second photo ID to any key.
+
+	* keyedit.c (keyedit_menu): Don't allow adding photo IDs in
+	rfc1991 or pgp2 mode.
+
+	* getkey.c (merge_selfsigs_subkey): Permit v3 subkeys.  Believe it
+	or not, this is allowed by rfc 2440, and both PGP 6 and PGP 7 work
+	fine with them.
+
+	* g10.c, options.h, keyedit.c, sign.c: Move the "ask for
+	expiration" switch off of --expert, which was getting quite
+	overloaded, and onto ask-sig-expire and ask-cert-expire.  Both
+	default to off.
+
+	* g10.c (main): Change the default compression algo to 1, to be
+	more OpenPGP compliant (PGP also uses this, so it'll help with
+	interoperability problems as well).
+
+	* encode.c (encode_crypt): Handle compression algo 2, since the
+	default is now 1.
+
+	* build-packet.c (build_attribute_subpkt): Fix off-by-one error.
+
+2002-01-05  Werner Koch  <[email protected]>
+
+	* g10.c (main): Do not register the secret keyrings for certain
+	commands.
+
+	* keydb.c (keydb_add_resource): Use access to test for keyring
+	existence.  This avoids cached opened files which are bad under
+	RISC OS.
+
+2002-01-04  David Shaw  <[email protected]>
+
+	* sign.c (sign_file, sign_symencrypt_file): always use one-pass
+	packets unless rfc1991 is enabled.  This allows a signature made
+	with a v3 key to work in PGP 6 and 7.  Signatures made with v4
+	keys are unchanged.
+
+	* g10.c (main): Disallow non-detached signatures in PGP2 mode.
+	Move the "you must use files and not pipes" PGP2 warning up so all
+	the PGP2 stuff is together.
+
+	* encode.c (encode_simple): Use the actual filesize instead of
+	partial length packets in the internal literal packet from a
+	symmetric message.  This breaks PGP5(?), but fixes PGP2, 6, and 7.
+	It's a decent tradeoff.  Note there was only an issue with
+	old-style RFC1991 symmetric messages.  2440-style messages in 6
+	and 7 work with or without partial length packets.
+
+2002-01-03  David Shaw  <[email protected]>
+
+	* g10.c (main): Removed --no-default-check-level option, as it is
+	not consistent with other "default" options.  Plus, it is the same
+	as saying --default-check-level 0.
+
+	* exec.c (exec_read): Disallow caching tempfile from child
+	process, as this keeps the file handle open and can cause unlink
+	problems on some platforms.
+
+	* keyserver.c (keyserver_search_prompt): Minor tweak - don't
+	bother to transform keyids into textual form if they're just going
+	to be transformed back to numbers.
+
+2002-01-03  Timo Schulz <[email protected]>
+
+	* g10.c: New command --encrypt-files.
+    
+	* verify.c (print_file_status): Removed the static because
+	encode_crypt_files also uses this function.
+
+	* main.h (print_files_status): New.
+	(encode_crypt_files): New.
+
+	* encode.c (encode_crypt_files): New.
+
+2002-01-02  Stefan Bellon  <[email protected]>
+
+	* keyserver.c: Moved util.h include down in order to avoid
+	redefinition problems on RISC OS.
+
+	* keyring.c (keyring_lock): Only lock keyrings that are writable.
+
+	* keyring.c (keyring_update_keyblock): Close unused iobuf.
+
+	* hkp.c (parse_hkp_index, hkp_search) [__riscos__]: Changed
+	unsigned char* to char* because of compiler issues.
+
+	* exec.c (exec_finish) [__riscos__]: Invalidate close cache so
+	that file can be unlinked.
+
+2001-12-28  David Shaw  <[email protected]>
+
+	* g10.c (main): Use a different strlist to check extensions since
+	they need to be handled seperately now.
+
+	* misc.c,main.h (check_permissions): Properly handle permission
+	and ownership checks on files in the lib directory
+	(e.g. /usr/local/lib/gnupg), which are owned by root and are
+	world-readable, and change all callers to specify extension or
+	per-user file.
+
+	* photoid.c (show_photo), keyserver.c (keyserver_spawn): Bug fix -
+	don't call exec_finish if exec_write fails.
+
+	* keyserver.c (keyserver_spawn): Look for OPTIONS from the
+	keyserver helper - specifically, a "OUTOFBAND" option for the
+	email keyserver.
+
+	* mainproc.c (list_node), keylist.c (list_keyblock_colon),
+	import.c (delete_inv_parts), export.c (do_export_stream): Use
+	signature flags for exportability check rather than re-parsing the
+	subpacket.
+
+	* keyid.c, keydb.h (get_lsign_letter): No longer needed.
+
+2001-12-27  David Shaw  <[email protected]>
+
+	* exec.c (exec_finish): Show errors when temp files cannot be
+	deleted for whatever reason.
+
+	* exec.c (exec_read): Don't rely on WEXITSTATUS being present.
+
+	* exec.c (make_tempdir): Add temp file creator for win32.  Don't
+	create an incoming temp file if the exec is write-only.
+
+	* keyserver.c (keyserver_spawn): Clean up error handling, for when
+	the spawn fails.
+
+	* photoid.c (show_photo): Clean up error handling.
+
+	* misc.c (check_permissions): Neaten.
+
+2001-12-25  David Shaw  <[email protected]>
+
+	* mkdtemp.c (mkdtemp): Add copyleft info and tweak the 'X' counter
+	to be a bit simpler.
+
+	* keyserver.c, photoid.c: Remove unused headers left over from
+	when the exec functions lived there.
+
+2001-12-23  Timo Schulz <[email protected]>
+
+	* misc.c (check_permissions): Do not use it for W32 systems.
+
+	* tdbio.c (migrate_from_v2): Define ftruncate as chsize() for W32.
+
+	* mkdtemp.c: W32 support.
+
+	* photoid.c: Ditto.
+
+	* exec.c: Ditto.
+
+2001-12-22  David Shaw  <[email protected]>
+
+	* exec.c (make_tempdir): avoid compiler warning with const
+
+	* mkdtemp.c (mkdtemp): catch the empty ("") string case in case
+	someone repurposes mkdtemp at some point.
+
+	* photoid.c (generate_photo_id, show_photo): some type changes
+	from Stefan Bellon.
+
+	* exec.c (make_tempdir): handle Win32 systems, suggested by Timo
+	Schulz.
+
+2001-12-22  Werner Koch  <[email protected]>
+
+	* encode.c (encode_simple, encode_crypt): i18n 2 strings.
+
+2001-12-22  Timo Schulz <[email protected]>
+	
+	* encode.c (encode_simple, encode_crypt): Use is_file_compressed
+	to avoid to compress compressed files.
+
+2001-12-22  Werner Koch  <[email protected]>
+
+	* keyserver.c (keyserver_spawn): Removed some variables
+	declaration due to shadowing warnings.
+
+	* build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid
+	compiler warnig due to index(3).
+
+	* getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value.
+	* keylist.c (list_one): Made resname const.
+
+	* keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is
+	not used.
+
+	* options.skel: Changed one example photo viewer to qiv.
+
+2001-12-21  David Shaw  <[email protected]>
+
+	* Makefile.am: add exec.c, exec.h, photoid.c, and photoid.h
+
+	* build-packet.c (build_attribute_subpkt): new function to build
+	the raw attribute subpacket.  Note that attribute subpackets have
+	the same format as signature subpackets.
+
+	* exec.c: new file with generic exec-a-program functionality.
+	Used by both photo IDs and keyserver helpers.  This is pretty much
+	the same code that used to be keyserver specific, with some
+	changes to be usable generically.
+
+	* free-packet.c (free_attributes (new)): function to free an
+	attribute packet.
+	
+	* gpgv.c: added stub show_photo
+	
+	* keyedit.c (keyedit_menu, menu_adduid, menu_showphoto): can add a
+	photo (calls generate_photo_id), or display a photo (calls
+	show_photo) from the --edit menu.  New commands are "addphoto",
+	and "delphoto" (same as "deluid").
+
+	* keylist.c (list_keyblock_print): show photos during key list if
+	--show-photos enabled.
+	
+	* keyserver.c (keyserver_spawn): use the generic exec_xxx
+	functions to call keyserver helper.
+
+	* g10.c, options.h: three new options - --{no-}show-photos, and
+	--photo-viewer to give the command line to display a picture.
+
+	* options.skel: instructions for the photo viewer
+	
+	* parse-packet.c (parse_user_id, setup_user_id (new)): common code
+	for both user IDs and attribute IDs moved to setup_user_id.
+
+	* parse-packet.c (make_attribute_uidname (new)): constructs a fake
+	"name" for attribute packets (e.g. "[image of size ...]")
+
+	* parse-packet.c (parse_attribute (replaces parse_photo_id),
+	parse_attribute_subpkts): Builds an array of individual
+	attributes.  Currently only handles attribute image / type jpeg
+	subpackets.
+
+	* sign.c (hash_uid): Fix bug in signing attribute (formerly
+	photo_id) packets.
+
+	* packet.h, and callers: globally change "photo_id" to "attribute"
+	and add structures for attributes.  The packet format is generic
+	attributes, even though the only attribute type thus far defined
+	is jpeg.
+
+2001-12-21  David Shaw  <[email protected]>
+
+	* parse-packet.c (can_handle_critical): Can handle critical
+	revocation subpackets now.
+
+	* trustdb.c (mark_usable_uid_certs): Disregard revocations for
+	nonrevocable sigs.  Note that this allows a newer revocable
+	signature to override an older nonrevocable signature.
+
+	* sign.c (make_keysig_packet): add a duration field and change all
+	callers.  This makes make_keysig_packet closer to
+	write_signature_packets and removes some duplicated expiration
+	code.
+
+	* keyedit.c (keyedit_menu, menu_revsig, sign_uids,
+	sign_mk_attrib): Add nrsign command, don't allow revoking a
+	nonrevocable signature,
+
+	* g10.c (main): Add --nrsign option to nonrevocably sign a key
+	from the command line.
+
+	* build-packet.c (build_sig_subpkt_from_sig): Comment to explain
+	the use of CRITICAL.
+
+2001-12-21  Werner Koch  <[email protected]>
+
+	* g10.c. options.h : New option --show-keyring
+	* getkey.c (get_ctx_handle): New.
+	* keylist.c (list_one): Implement option here.  By David Champion. 
+
+2001-12-20  David Shaw  <[email protected]>
+
+	* keyserver.c (keyserver_spawn): Use mkdtemp() to make temp
+	directory.
+
+	* mkdtemp.c: replacement function for those platforms that don't
+	have mkdtemp (make a temp directory securely).
+
+2001-12-19  David Shaw  <[email protected]>
+
+	* misc.c (check_permissions): New function to stat() and ensure
+	the permissions of GNUPGHOME and the files have safe permissions.
+
+	* keydb.c (keydb_add_resource): Check keyring permissions.
+
+	* tdbio.c (tdbio_set_dbname): Check permissions of trustdb.gpg
+
+	* keyserver.c (keyserver_spawn): Disable keyserver schemes that
+	involve running external programs if the options file has unsafe
+	permissions or ownership.
+
+	* g10.c, options.h: New option --no-permission-warning to disable
+	the permission warning message(s).  This also permits use of the
+	keyserver if it had been disabled (see above).  Also check the
+	permissions/ownership of random_seed.
+	
+	* keyserver.c (keyserver_spawn): The new glibc prints a warning
+	when using mktemp() (the code was already secure, but the warning
+	was bound to cause confusion).  Use a different implementation
+	based on get_random_bits() instead.  Also try a few times to get
+	the temp dir before giving up.
+
+2001-12-19  Werner Koch  <[email protected]>
+
+	* g10.c, passphrase.c [CYGWIN32]: Allow this as an alias for MINGW32.
+
+2001-12-18  David Shaw  <[email protected]>
+
+	* g10.c (idea_cipher_warn): Add a flag to show the warning always
+	or once per session and change all callers (show always except for
+	the secret key protection and unknown cipher from an encrypted
+	message errors).  Also make the strings translatable.
+
+	* pubkey-enc.c (get_it): Add the IDEA cipher warning if the user
+	tries to decrypt an IDEA encrypted message without the IDEA
+	plugin.
+
+	* keyserver.c (parse_keyserver_uri): More strict checking of the
+	keyserver URI.  Specifically, fail if the ":port" section is
+	anything except a number between 1 and 65535.
+
+2001-12-17  David Shaw  <[email protected]>
+
+	* keyserver.c (print_keyinfo): No need to check for
+	control/illegal characters, as utf8_to_native does this for us.
+
+	* mainproc.c (proc_encrypted): Use generic IDEA warning.
+
+	* gpgv.c: add stub for idea_cipher_warn
+
+	* g10.c, hkp.c, keyserver.c: Fix capitalization and plural issues.
+
+	* encode.c (encode_crypt), sign.c (sign_file, clearsign_file):
+	disable pgp2 mode after the message is no longer pgp2 compatible.
+
+	* g10.c (main): Tweak the PGP2.x IDEA warning to use the generic
+	warning, and not merely fail if the IDEA plugin isn't there.
+
+	* g10.c (main, idea_cipher_warn), keygen.c (set_one_pref),
+	seckey-cert.c (do_check): Add a generic IDEA warning for when the
+	IDEA plugin is not present.  This pops up when the user uses
+	"--cipher-algo idea", when setpref is used to set a "S1"
+	preference, and when a secret key protected with IDEA is used.
+
+2001-12-15  Werner Koch  <[email protected]>
+
+	* keyserver.c (keyserver_spawn): Assert that we have dropped privs.
+
+2001-12-13  Werner Koch  <[email protected]>
+
+	* pubkey-enc.c (get_session_key): Check that the public key
+	algorithm is indeed usable for en/decryption.  This avoid a
+	strange error message from pubkey_decrypt if for some reasons a
+	bad algorithm indentifier is passed.
+
+2001-12-12  David Shaw  <[email protected]>
+
+	* Fixed some types for portability.  Noted by Stefan Bellon.
+
+2001-12-11  Werner Koch  <[email protected]>
+
+	* hkp.c (hkp_export): Do not print possible control characters
+	from a keyserver response.
+	(parse_hkp_index): Made uid an unsigned char* because it is passed to
+	isspace().
+	(hkp_search): Ditto for the char* vars.
+
+	* g10.c (main): Print the IDEA warning also for -c and -se.
+	
+	* g10.c (get_temp_dir): Assert that we have dropped privs
+
+	* encode.c (encode_crypt): Include the first key into the --pgp2
+	check.
+
+2001-12-07  David Shaw  <[email protected]>
+
+	* g10.c, options.h: New option --pgp2.  This is identical to
+	"--rfc1991 --cipher-algo idea --compress-algo 1 --digest-algo md5
+	--force_v3_sigs" with the addition of an warning to advise the
+	user not to use a pipe (which would break pgp2 compatibility).
+
+	* encode.c (encode_crypt): warn if the user tries to encrypt to
+	any key that is not RSA and <= 2048 bits when the --pgp2 option is
+	used.
+
+	* sign.c (sign_file, clearsign_file): When using --pgp2, make a v3
+	sig, and warn if the signature is made with a non-v3 key.
+
+2001-12-05  David Shaw  <[email protected]>
+
+	* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Prompt
+	for sig expiration if --expert is set and --force-v3-sigs is not
+	set (v3 sigs cannot expire).
+
+	* mainproc.c (check_sig_and_print): After checking a sig, print
+	expiration status.  This causes a error return if the sig is
+	expired.
+
+	* build-packet.c (build_sig_subpkt_from_sig): Include a critical
+	sig expiration subpacket if the sig is to expire.
+
+	* keyedit.c (sign_uids): Do not sign an expired key unless
+	--expert is set, in which case prompt.  Also, offer to expire a
+	signature when the key the user is signing expires.
+
+	* keygen.c (ask_expire_interval): Add a value to determine whether
+	to prompt for a key or sig expiration and change all callers.
+
+	* keyid.c: New functions: expirestr_from_sig and
+	colon_expirestr_from_sig.
+
+	* keylist.c (list_keyblock_colon): Show sig expiration date in the
+	--with-colons listing.
+
+	* sign.c (make_keysig_packet, write_signature_packets): Pass in an
+	optional timestamp for the signature packet, and change all
+	callers.
+
+	* keyedit.c (sign_mk_attrib): Include a critical expiration
+	subpacket in the signature if an expiration date is given.
+
+2001-12-04  David Shaw  <[email protected]>
+
+	* keyedit.c (sign_uids): If the user tries to sign a
+	locally-signed key, allow the cert to be promoted to a full
+	exportable signature.  This essentially deletes the old
+	non-exportable sig, and replaces it with a new exportable one.
+
+2001-12-04  David Shaw  <[email protected]>
+
+	* keyedit.c (keyedit_menu): Do not allow signing a revoked key
+	unless --expert is set, and ask even then.
+
+	* keyedit.c (sign_uids): Do not allow signing a revoked UID unless
+	--expert is set, and ask even then.
+
+	* g10.c, options.h : New option --expert
+
+2001-11-16  David Shaw  <[email protected]>
+
+	* Allow the user to select no compression via "--compress-algo 0"
+	on the command line.
+
+	* keyedit.c (show_prefs): Show compression preferences in the
+	long-form "showpref" style.
+
+	* keygen.c (set_one_pref): Permit setting a no-compression ("Z0")
+	preference.
+
+	* getkey.c (fixup_uidnode): Fix compression preference corruption
+	bug.
+
+2001-12-02  David Shaw  <[email protected]>
+
+	* g10.c: Add advisory --for-your-eyes-only option as per section
+	5.9 of 2440.
+
+2001-12-05  David Shaw  <[email protected]>
+
+	* Force a V4 sig if the user has a notation or policy URL set.
+
+2001-12-04  David Shaw  <[email protected]>
+
+	* g10.c: Add options --keyserver-options, --temp-directory, and
+	auto-key-retrieve (the opposite of no-auto-key-retrieve).
+
+	* hkp.c (hkp_search): New function to handle searching a HKP
+	keyserver for a key
+
+	* hkp.c (hkp_ask_import, hkp_export): Pretty large changes to make
+	them communicate via the generic functions in keyserver.c
+
+	* keyserver.c: new file with generic keyserver routines for
+	getting keys from a keyserver, sending keys to a keyserver, and
+	searching for keys on a keyserver.  Calls the internal HKP stuff
+	in hkp.c for HKP keyserver functions.  Other calls are handled by
+	an external program which is spawned and written to and read from
+	via pipes.  Platforms that don't have pipes use temp files.
+
+2001-11-20  David Shaw  <[email protected]>
+
+	* options.h, g10.c: New options show-notation, no-show-notation,
+	default-check-level, no-default-check-level, show-policy-url,
+	no-show-policy-url.
+
+	* packet.h, sign.c (make_keysig_packet), parse-packet.c
+	(parse_signature), free-packet.c (free_seckey_enc): Fill in
+	structures for notation, policy, sig class, exportability, etc.
+
+	* keyedit.c, keylist.c (print_and_check_one_sig,
+	list_keyblock_print): Show flags in signature display for cert
+	details (class, local, notation, policy, revocable).  If selected,
+	show the notation and policy url.
+
+	* keyedit.c (sign_uids): Prompt for and use different key sig
+	classes.
+
+	* helptext.c (helptexts): Add help text to explain different
+	key signature classes
+
+2001-11-26  David Shaw  <[email protected]>
+
+	* trustdb.c (mark_usable_uid_certs): Fix segfault from bad
+	initialization and fix reversed key signature expiration check.
+
+2001-11-09  Werner Koch  <[email protected]>
+
+	* export.c (do_export_stream): Put all given names into a search
+	description and change the loop so that all matching names are
+	returned.
+
+2001-11-08  Werner Koch  <[email protected]>
+
+	* pubkey-enc.c (get_it): To reduce the number of questions on the
+	MLs print the the name of cipher algorithm 1 with the error message.
+
+	* mainproc.c: Changed the way old rfc1991 encryption cipher is
+	selected. Based on a patch by W Lewis.
+
+	* pkclist.c (do_edit_ownertrust): Allow to skip over keys, the non
+	working "show info" is now assigned to "i" 
+	* trustdb.c (ask_ownertrust, validate_keys): Implement a real quit
+	here.  Both are by David Shaw.
+	
+	* trustdb.c (validate_keys): Make sure next_exipire is initialized.
+
+	* sign.c (make_keysig_packet): Use SHA-1 with v4 RSA keys.
+
+	* g10.c, options.h : New option --[no-]froce-v4-certs.
+	* sign.c (make_keysig_packet): Create v4 sigs on v4 keys even with
+	a v3 key.  Use that new option.  By David Shaw
+
+	* revoke.c (ask_revocation_reason): Allow to select "no reason".
+	By David Shaw.
+
+	* keyid.c (fingerprint_from_sk): Calculation of an v3 fpr was
+	plain wrong - nearly the same code in fingerprint_from_pk is correct.
+
+	* build-packet.c (do_secret_key): Added a few comments to the code.
+
+2001-11-07  Werner Koch  <[email protected]>
+
+	* g10.c (main): Print a warning when -r is used w/o encryption.
+	Suggested by Pascal Scheffers.
+
+2001-10-23  Werner Koch  <[email protected]>
+
+	* keyedit.c (keyedit_menu): Changed helptext for showpref
+	command.  Suggested by Reinhard Wobst.
+
+	* keyring.c (keyring_search): When marking the offtbl ready, take
+	into account that we may have more than one keyring.
+
+2001-10-22  Werner Koch  <[email protected]>
+
+	* Makefile.am: Do not use OMIT_DEPENDENCIES
+
+	* build-packet.c (build_sig_subpkt): Default is now to put all
+	types of subpackets into the hashed area and only list those which
+	should go into the unhashed area.
+
+2001-10-18  Werner Koch  <[email protected]>
+
+	* keydb.c (keydb_add_resource): Rearranged the way we keep track
+	of the resource. There will now be an entry for each keyring here
+	and not in keyring.c itself.  Store a token to allow creation of a
+	keyring handle.  Changed all functions to utilize this new design.
+	(keydb_locate_writable): Make a real implementation.
+	* keyring.c (next_kr): Removed and changed all callers to set the
+	resource directly from the one given with the handle.
+	(keyring_is_writable): New. 
+	(keyring_rebuild_cache): Add an arg to pass the token from keydb.
+
+2001-10-17  Werner Koch  <[email protected]>
+
+	* keyring.c (keyring_search): Enabled word search mode but print a
+	warning that it is buggy.
+	
+2001-10-11  Werner Koch  <[email protected]>
+
+	* hkp.c (hkp_ask_import): No more need to set the port number for
+	the x-hkp scheme. 
+	(hkp_export): Ditto.
+
+2001-10-06  Stefan Bellon  <[email protected]>
+
+	* passphrase.c [__riscos__]: Disabled agent specific stuff.
+	* g10.c: New option --no-force-v3-sigs.
+
+2001-10-04  Werner Koch  <[email protected]>
+
+	* export.c (do_export_stream): Do not push the compress filter
+	here because the context would run out of scope due to the
+	iobuf_close done by the caller.
+	(do_export): Do it here instead. 
+
+2001-09-28  Werner Koch  <[email protected]>
+
+	* keyedit.c (sign_uids): Always use the primary key to sign keys.
+	* getkey.c (finish_lookup): Hack to return only the primary key if
+	a certification key has been requested.
+
+	* trustdb.c (cmp_kid_for_make_key_array): Renamed to
+	(validate_one_keyblock): this and changed arg for direct calling.
+	(make_key_array): Renamed to
+	(validate_one_keyblock): this and changed args for direct calling.
+	(mark_usable_uid_certs, validate_one_keyblock)
+	(validate_key_list): Add next_expire arg to keep track of
+	expiration times.  
+	(validate_keys): Ditto for UTKs and write the stamp.
+
+	* tdbio.c (migrate_from_v2): Check return code of tbdio_sync.
+
+	* tdbdump.c (import_ownertrust): Do a tdbio_sync().
+
+	* keyring.c: Made the offtbl an global object.
+
+2001-09-27  Werner Koch  <[email protected]>
+
+	* pkclist.c (do_edit_ownertrust): Allow settin of ultimate trust.
+
+	* trustdb.c (mark_keyblock_seen): New.
+	(make_key_array): Use it to mark the subkeys too.
+	(validate_keys): Store validity for ultimatly trusted keys.
+
+2001-09-26  Werner Koch  <[email protected]>
+
+	* pkclist.c (check_signatures_trust, do_we_trust): Removed the
+	invocation of add_ownertrust. Minor changes to the wording.
+	(add_ownertrust, add_ownertrust_cb): Removed.
+
+	* trustdb.c (get_validity): Allow to lookup the validity using a
+	subkey.
+
+	* trustdb.c (new_key_hash_table): Increased the table size to 1024
+	and changed the masks accordingly.
+	(validate): Changed stats printing.
+	(mark_usable_uid_certs): New.
+	(cmp_kid_for_make_key_array): Does now check the signatures and
+	figures out a usable one.
+
+2001-09-25  Werner Koch  <[email protected]>
+
+	* keyring.c (new_offset_item,release_offset_items)
+	(new_offset_hash_table, lookup_offset_hash_table)
+	(update_offset_hash_table, update_offset_hash_table_from_kb): New.
+	(keyring_search): Use a offset table to optimize search for
+	unknown keys.
+	(keyring_update_keyblock, keyring_insert_keyblock): Insert new
+	offsets.
+	* getkey.c (MAX_UNK_CACHE_ENTRIES): Removed the unknown keys
+	caching code.
+
+	* g10.c, options.h, import.c: Removed the entire
+	allow-secret-key-import stuff because the validity is now
+	controlled by other means.
+
+	* g10.c: New command --rebuild-keydb-caches.
+	* keydb.c (keydb_rebuild_caches): New.
+	* keyring.c (do_copy): Moved some code to
+	(create_tmp_file, rename_tmp_file, write_keyblock): new functions.
+	(keyring_rebuild_cache): New.
+
+	* packet.h (PKT_ring_trust): Add sigcache field.
+	* parse-packet.c (parse_trust): Parse sigcache.
+	* keyring.c (do_copy): Always insert a sigcache packet.
+	(keyring_get_keyblock): Copy the sigcache packet to the signature.
+	* sig-check.c (cache_sig_result): Renamed from
+	cache_selfsig_result. Changed implementation to use the flag bits
+	and changed all callers.
+	(mdc_kludge_check): Removed this unused code.
+	(do_check): Do not set the sig flags here.
+
+	* import.c (read_block): Make sure that ring_trust packets are
+	never imported.
+	* export.c (do_export_stream): and never export them.
+
+	* trustdb.c (make_key_array): Skip revoked and expired keys.
+
+2001-09-24  Werner Koch  <[email protected]>
+
+	* g10.c, options.h: New option --no-auto-check-trustdb.
+
+	* keygen.c (do_generate_keypair): Set newly created keys to
+	ultimately trusted.
+
+	* tdbio.h, tdbio.c: Removed all support for records DIR, KEY, UID,
+	PREF, SIG, SDIR and CACH. Changed migration function to work
+	direct on the file.
+	(tdbio_read_nextcheck): New.
+	(tdbio_write_nextcheck): New. 
+
+2001-09-21  Werner Koch  <[email protected]>
+
+	Revamped the entire key validation system.
+	* trustdb.c: Complete rewrite. No more validation on demand,
+	removed some functions, adjusted to all callers to use the new 
+	and much simpler interface. Does not use the LID anymore.
+	* tdbio.c, tdbio.h: Add new record types trust and valid. Wrote a
+	migration function to convert to the new trustdb layout.
+	* getkey.c (classify_user_id2): Do not allow the use of the "#"
+	prefix. 
+	* keydb.h: Removed the TDBIDX mode add a skipfnc to the
+	descriptor.
+	* keyring.c (keyring_search): Implemented skipfnc.
+
+	* passphrase.c (agent_open): Add missing bracket.  Include windows.h.
+
+2001-09-19  Werner Koch  <[email protected]>
+
+	* keylist.c (print_fingerprint): Renamed from fingerprint, made
+	global available. Added new arg to control the print style.
+	* mainproc.c (print_fingerprint): Removed. 
+	* pkclist.c (print_fpr, fpr_info): Removed and changed callers to
+	use print_fingerprint.
+	* keyedit.c (show_fingerprint): Ditto.
+
+	* passphrase.c (writen, readn)
+	(agent_open, agent_close)
+	(agent_get_passphrase)
+	(passphrase_clear_cache): Support for W32.  Contributed by Timo.
+
+	* import.c (import_one): Release keydb handles at 2 more places.
+
+	* keyring.c (keyring_release): Close the iobuf.
+	(keyring_get_keyblock): Init ret_kb to NULL and store error contidion.
+
+	* import.c (import_new_stats_handle): New. 
+	(import_release_stats_handle): New.
+	(import_print_stats): Renamed from static fnc print_stats.
+	(import_keys, import_keys_stream): Add an optional status handle
+	arg and changed all callers.
+	* hkp.c (hkp_ask_import): Add an stats_handle arg and changed all
+	callers.
+
+	* mainproc.c (print_pkenc_list): Use print_utf8_string2().
+
+2001-09-18  Werner Koch  <[email protected]>
+
+	* g10.c: New command --refresh-keys.
+	* hkp.c (hkp_refresh_keys): New. Contributed by Timo Schulz.
+
+	* parse-packet.c (parse): Stop on impossible packet lengths.
+
+2001-09-17  Werner Koch  <[email protected]>
+
+	* mainproc.c (print_notation_data): Wrap notation data status lines
+	after 50 chars.
+	
+	* mainproc.c (proc_pubkey_enc): Make option try-all-secrets work.
+	By [email protected].
+
+2001-09-14  Werner Koch  <[email protected]>
+
+	* parse-packet.c (dump_sig_subpkt): List key server preferences
+	and show the revocable flag correctly. Contributed by David Shaw.
+
+2001-09-09  Werner Koch  <[email protected]>
+
+	* keyedit.c (keyedit_menu): No need to define another p.
+
+	* keylist.c (print_capabilities): s/used/use/ so that it
+	does not shadow a global.
+	* sign.c (sign_file): Renamed arg encrypt to encryptflag
+	* keygen.c: Replaced all "usage" by "use".
+	* misc.c (openpgp_pk_algo_usage): Ditto.
+
+	* pubkey-enc.c (get_it): Renamed arg k to enc so that the later
+	defined k does not shadow it.
+
+	* parse-packet.c (parse_gpg_control): No need to define another i.
+
+	* getkey.c (get_pubkey_byfprint): Must use the enum values and not
+	the fprint_len.
+	* keyring.c (keyring_search): Removed a non-sense break.  Both
+	bugs pointed out by Stefan.
+
+2001-09-07  Werner Koch  <[email protected]>
+
+	* status.c, status.h: Added NO_RECP and ALREADY_SIGNED.
+	* pkclist.c (build_pk_list): Issue NO_RECP.
+	* keyedit.c (sign_uids): Added experimental ALREADY_SIGNED
+
+	* hkp.c (hkp_import): Use log_error. Bug reported by Neal H
+	Walfield. 
+
+	* getkey.c (classify_user_id2): Change args to take the desc union
+	direct.  It was a stupid idea to pass the individual fields of an
+	union to this function. Changed all callers.
+	(classify_user_id): Ditto and allow to pass NULL as the description.
+
+2001-09-06  Werner Koch  <[email protected]>
+
+	* getkey.c (fixup_uidnode): Features flag is now a bit vector.
+	* keygen.c (add_feature_mdc): Ditto.
+
+	Revamped the entire key I/O code to be prepared for other ways of
+	key storages and to get rid of the existing shit.  GDBM support has
+	gone.
+	* keydb.c: New
+	* keyring.c, keyring.h: New.
+	* ringedit.c: Removed.  Moved some stuff to keyring.c
+	* getkey.c: Changed everything related to the key retrieving
+	functions which are now using the keydb_ functions.  
+	(prepare_search, word_match_chars, word_match)
+	(prepare_word_match, compare_name): Moved to keyring.c
+	(get_pubkey_byname): Removed ctx arg and add ret_kdbhd
+	arg.  Changed all callers.
+	(key_byname): Use get_pubkey_end to release the context and take
+	new ret_kbdhd arg.  Changed all callers.
+	(classify_user_id2): Fill the 16 byte fingerprint up with 4 null
+	bytes not with zero bytes of value 4, tsss.
+	* import.c (import_one): Updated to use the new keydb interface.
 	(import_secret_one): Ditto.
 	(import_revoke_cert): Ditto.
-	(import_one): Ditto.
-
-Fri Oct  6 14:29:16 CEST 2000  Werner Koch  <[email protected]>
-
-        Started to rework the whole getkey/ringedit stuff to make
-        it simpler, correcter and faster. 
-
-        * parse-packet.c (parse_packet): Add a 3rd arg to return the filepos.
-        Changed all callers.
-        * getkey.c (classify_user_id): Add new mode 21.
-        (find_by_fpr): Find using this new mode.
-        (get_seckey_byname): New arg to return the context. Changed all
-        callers.
-        * keyid.c (unified_fingerprint_from_pk): New.
-        (unified_fingerprint_from_sk): New.
-        * ringedit.c (find_keyblock_bypk): Changed to use the unified 
-        fingerprint for lookup.  I can't see a reason why we did compare
-        the entire public key.
-        (find_keyblock_bysk): Ditto.
-        (search,cmp_pubkey,cmp_seckey): Removed.
-        (keyring_search, do_kbxf_search): Removed.
-        (locate_keyblock_by_fpr,locate_keyblock_by_keyid): Removed.
-        (find_keyblock_byname): Removed use o search function.
-        (find_secret_keyblock_byname): Ditto.
-        (merge_public_with_secret): Fixed removing subkeys.
-        (premerge_public_with_secret): New.
-
-        * ringedit.c: Removed all GDBM support
-
-        * ringedit.c (read_keyblock): Removed.
-        * ringedit.c (find_keyblock_byname,find_secret_keyblock_byname,
-        find_keyblock_bypk,find_keyblock_bysk): Moved from here to ....
-        * getkey.c: ... here. Changed first arg to return a keyblock and
-        changed all callers to merge the old read_keyblock() with these
-        functions.       
-
-Wed Oct  4 13:16:18 CEST 2000  Werner Koch  <[email protected]>
-
-        * getkey.c (merge_selfsigs_main): Fixed for v3 keys.
-
-        * sign.c (hash_for): New arg to take packet version in account. Changed
-        all callers.
-        (write_one_sig): New. Moved the shared code from sign_file and
-        clearsign_file to here.
-        * skclist.c (build_sk_list): Fixed usage check.
-        * pkclist.c (build_pk_list): Ditto.
-
-        * encode.c (encode_crypt): Removed duplicated stuff by using
-        encrypt_filter as sign.c already did.  Removed already disabled
-        comment-packet code.
-
-Mon Sep 18 16:35:45 CEST 2000  Werner Koch  <[email protected]>
-
-        * parse-packet.c (dump_sig_subpkt): Dump key flags.
-        (parse_one_sig_subpkt,can_handle_critical): Add KeyFlags support.
-        * build-packet.c (build_sig_subpkt): Ditto.
+	* delkey.c (do_delete_key): Ditto. 
+	* keyedit.c (keyedit_menu): Ditto.
+	(get_keyblock_byname): Removed.
+	* revoke.c (gen_revoke): Ditto. 
+	* export.c (do_export_stream): Ditto.
+	* trustdb.c (update_trustdb): Ditto.
+	* g10.c, gpgv.c (main): Renamed add_keyblock_resource to
+	keydb_add_resource. 
+	* Makefile.am:  Added and removed files.
 
-        * g10.c: New option --allow-freeform-uid. By Jeroen C. van Gelderen.
-        * keygen.c (ask_user_id): Implemented here.
+	* keydb.h: Moved KBNODE typedef and MAX_FINGERPRINT_LEN to
+	* global.h: this new header.
+ 	
+2001-09-03  Werner Koch  <[email protected]>
 
-        * parse-packet.c (dump_sig_subpkt): Print info about the ARR.
+	* passphrase.c (agent_get_passphrase): Changed nread to size_t.
+	(passphrase_clear_cache): Ditto.
 
-        * openfile.c (overwrite_filep): Always return okay if the file is
-        called /dev/null. 
-        (make_outfile_name): Add ".sign" to the list of know extensions.
-        (open_sigfile): Ditto.
+	* keyid.c (mk_datestr): Avoid trigraphs.
+	(fingerprint_from_pk): Cache the keyid in the pk.
 
-        * getkey.c: Large parts rewritten to have a better sub key selection
-        and handle some meta information from signatures more correctly.
-        (get_primary_seckey): Removed.
-        * seckey_cert.c (do_check): Set main keyid from the data in the sk.
-        * free-packet.c (copy_public_parts_to_secret_key): New.
-        * sig-check.c (check_key_signature2): Enabled shortcut for already
-        checked signatures.
-        * keydb.h: New macros IS_xxx_SIG, IS_xxx_REV.
-        * misc.c (openpgp_pk_algo_usage): New.
-        * packet.h: New field req_uage and do not use pubkey_usage anymore
-        to request a specific usage.  Changed at all places.
-        * keyid.c (keyid_from_sk): Cache the keyid in the sk
+	* options.h: Add opt.with_fingerprint so that we know whether the
+	corresponding options was used.
+	* g10.c (main): Set it here.
+	* pkclist.c (check_signatures_trust): Always print fingerprint
+	when this option is used.  Mixed a minor memory leak.
 
-        * passphrase.c (hash_passphrase): Removed funny assert.  Reported by
-        David Mathog.
+	* status.c, status.h: New status INV_RECP.
+	* pkclist.c (build_pk_list): Issue this status.
 
-        * keyedit.c (keyedit_menu): Allow "debug" on secret keys.
+2001-08-31  Werner Koch  <[email protected]>
 
-        * keygen.c (keygen_add_std_prefs): Changed order of preferences to
-        twofish, cast5, blowfish.
+	* parse-packet.c (parse_key,parse_pubkeyenc)
+	(parse_signature): Return error on reading bad MPIs.
+	
+	* mainproc.c (check_sig_and_print): Always print the user ID even
+	if it is not bound by a signature.  Use the primary UID in the
+	status messages and encode them in UTF-8
+	* status.c (write_status_text_and_buffer): New.
+
+2001-08-30  Werner Koch  <[email protected]>
+
+	* packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES.
+	(PKT_public_key, PKT_user_id): Add a flag for it.
+	* parse-packet.c, build-packet.c: Add support for them.
+	* getkey.c (fixup_uidnode, merge_selfsigs): Set the MDC flags.
+	* keygen.c (add_feature_mdc): New.
+	(keygen_upd_std_prefs): Always set the MDC feature.
+	* keyedit.c (show_prefs): List the MDC flag
+	* pkclist.c (select_mdc_from_pklist): New.
+	* encode.c (encode_crypt, encrypt_filter): Test whether MDC
+	should be used.
+	* cipher.c (write_header): Set MDC use depending on the above test.
+	Print more status info.
+
+	* delkey.c (do_delete_key): Kludge to delete a secret key with no
+	public key available.
+
+	* ringedit.c (find_secret_keyblock_direct): New.
+	* getkey.c (seckey_available): Simplified.
+
+	* ringedit.c (cmp_seckey): Now compares the secret key against the
+	public key while ignoring all secret parts.
+	(keyring_search): Use a public key packet as arg.  Allow to search
+	for subnkeys
+	(search): Likewise. Changed all callers.
+	(find_secret_keyblock_bypk): New.
+	(find_secret_keyblock_byname): First locate the pubkey and then
+	find the correponding secret key.
+	* parse-packet.c (parse): Renamed pkttype arg to onlykeypkts and
+	changed code accordingly.  Changed all callers.
+	(search_packet): Removed pkttype arg.
+	* keyedit.c (keyedit_menu): First locate the public key and then
+	try to locate a secret key.
+
+	* ringedit.c (locate_keyblock_by_fpr): Removed.
+	(locate_keyblock_by_keyid): Removed.
+	(find_keyblock_bysk): Removed.
+
+	* sig-check.c (check_key_signature2): Print the keyid along with
+	the wrong sig class errors.
+
+2001-08-24  Werner Koch  <[email protected]>
+
+	* sign.c (sign_file): Stripped the disabled comment packet code.
+	(sign_file, sign_symencrypt_file): Moved common code to ..
+	(write_onepass_sig_packets): .. this new function.
+	(sign_file, clearsign_file, sign_symencrypt_file): Moved common
+	code to 
+	(write_signature_packets): this new function.
+	(write_signature_packets, make_keysig_packet)
+	(update_keysig_packet): Moved common code to 
+	(hash_uid, hash_sigclass_to_magic): these new functions
+	(sign_file, sign_symencrypt_file): Moved common code to 
+	(write_plaintext_packet):  this new function.
+
+2001-08-21  Stefan Bellon  <[email protected]>
+
+	* trustdb.c (query_trust_info): Changed trustlevel to signed int.
+	* g10.c [__riscos__]: Fixed handling of --use-agent --lock-multiple.
+
+2001-08-20  Werner Koch  <[email protected]>
+
+	* encr-data.c (decrypt_data): Keep track on whether we already
+	printed information about the used algorithm.
+	* mainproc.c (proc_encrypted): Removed the non-working IDEA hack
+	and print a message about the assumed algorithm.
+	* passphrase.c (passphrase_to_dek): Use the same algorithm as above.
+	(proc_symkey_enc): Print the algorithm, so that the user knows it
+	before entering the passphrase.
+	(proc_pubkey_enc, proc_pubkey_enc): Zero the DEK out.
+	* encode.c (encode_crypt, encrypt_filter): Ditto.
+
+	* g10.c: Allow for --sign --symmetric.
+	* sign.c (sign_and_symencrypt): New.
+
+	Applied patches from Stefan Bellon <[email protected]> to support
+	RISC OS.  Nearly all of these patches are identified by the
+	__riscos__ macro.
+	* compress.c: Added a couple of casts.
+	* g10.c [__riscos__]: Some patches and new options foo-file similar
+	to all foo-fd options.
+	* gpgv.c, openfile.c, ringedit.c, tdbio.c: Minor fixes.  Mainly
+	replaced hardcoded path	separators with EXTSEP_S like macros.  
+	* passprase.c [__riscos__]: Disabled agent stuff
+	* trustdb.c (check_trust): Changed r_trustlevel to signed int to
+	avoid mismatch problems in pkclist.c
+	* pkclist.c (add_ownertrust): Ditto.
+	* plaintext.c (handle_plaintext) [__riscos__]: Print a note when
+	file can't be created.
+	* options.h [__riscos__]: Use an extern unless included from the
+	main module.
+	* signal.c (got_fatal_signal) [__riscos__]: Close all files.
+	
+2001-08-14  Werner Koch  <[email protected]>
+
+	* keygen.c (ask_algo): New arg r_usage.  Allow for RSA keys.
+	(gen_rsa): Enabled the code.
+	(do_create): Enabled RSA branch.
+	(parse_parameter_usage): New.
+	(proc_parameter_file): Handle usage parameter.
+	(read_parameter_file): Ditto.
+	(generate_keypair): Ditto.
+	(generate_subkeypair): Ditto.
+	(do_generate_keypair): Ditto.
+	(do_add_key_flags): New.
+	(keygen_add_std_prefs): Use the new function.
+	(keygen_add_key_flags_and_expire): New.
+	(write_selfsig, write_keybinding): Handle new usage arg.
+	* build-packet.c (build_sig_subpkt): Make sure that key flags go
+	into the hashed area.
+	
+	* keygen.c (write_uid): Initialize the reference cunter.
+
+	* keyedit.c (keyedit_menu): No more need to update the trustdb for
+	preferences.  Added calls to merge keblock.
+
+	* kbnode.c (dump_kbnode): Print some more flags.
+
+2001-08-10  Werner Koch  <[email protected]>
+
+        Revamped the preference handling.
+
+	* packet.h (prefitem_t, preftype_t): New.
+	(PKT_public_key): Added a uid field.
+	(PKT_user_id): Added field to store preferences and a reference
+	counter.
+	* parse-packet.c (parse_user_id,parse_photo_id): Initialize them
+	* free-packet.c (free_user_id): Free them.
+	(copy_user_id): Removed.
+	(scopy_user_id): New. 
+	(cmp_user_ids): Optimized for identical pointers.
+	(release_public_key_parts): Release the uid.
+	(copy_public_key_with_new_namehash): Removed.
+	(copy_prefs): New.
+	* keyedit.c (menu_adduid): Use the new shallow copy user id.
+	(show_prefs): Adjusted implementation.
+	(keyedit_menu): No more need to update the trustdb after changing
+	preferences.
+	* getkey.c (fixup_uidnode): Store preferences.
+	(find_by_name): Return a user id packet and remove namehash stuff.
+	(lookup): Removed the unused namehash stuff.
+	(finish_lookup): Added foundu arg.
+	(pk_from_block): Removed the namehash arg and changed all callers.
+	(merge_selfsigs): Copy prefs to all keys.
+	* trustdb.c (get_pref_data): Removed.
+ 	(is_algo_in_prefs): Removed.
+	(make_pref_record): Deleted and removed all class.
+	* pkclist.c (select_algo_from_prefs): Adjusted for the new
+	preference implementation.
+	* pubkey-enc.c (is_algo_in_prefs): New.
+	(get_it): Use that new function. 
+
+2001-08-09  Werner Koch  <[email protected]>
+
+	* build-packet.c (build_sig_subpkt): Fixed calculation of
+	newarea->size.
+
+	* g10.c (main): New option "--preference-list"
+	* keyedit.c (keyedit_menu): New commands "setpref" and "updpref".
+	(menu_set_preferences): New.
+	* keygen.c (keygen_set_std_prefs): New.
+	(set_one_pref): New.
+	(check_zip_algo): New.
+	(keygen_get_std_prefs): New.
+	(keygen_upd_std_prefs): New
+	(keygen_add_std_prefs): Move the pref setting code into the above fnc.
+	* build-packet.c (build_sig_subpkt): Updated the list of allowed
+	to update subpackets.
+
+2001-08-08  Werner Koch  <[email protected]>
+
+	* packet.h (subpktarea_t): New.
+	(PKT_signature): Use that type for hashed_data and unhashed_data and
+	removed the _data prefix from those fields.  Changed all users.
+	* parse-packet.c (parse_signature): Changed allocation for that.
+	(parse_sig_subpkt): Changed declaration
+	(enum_sig_subpkt): Ditto and changed implementation accordingly.
+	* free-packet.c (cp_subpktarea): Renamed from cp_data_block and
+	adjusted implementation. Changed caller.
+	* sig-check.c (mdc_kludge_check): Adjusted the hashing.
+	(do_check): Ditto.
+	* sign.c (sign_file, clearsign_file, make_keysig_packet,
+	update_keysig_packet): Ditto.
+	* build-packet.c (build_sig_subpkt): Partial rewrite.
+	(find_subpkt): Adjusted and made static.
+	(delete_sig_subpkt): Adjusted.
+	(do_signature): Ditto.
 
-        * gpg.c: The --trusted-key option is back.
-        * trustdb.c (verify_own_key): Handle this option.
-        (add_ultimate_key): Moved stuff from verify_own_key to this new func.
-        (register_trusted_key): New.
+	* keygen.c (ask_keysize): Do not print the notes about suggested
+	key sizes if just a DSA key is generated.
 
-        * openfile.c (try_make_homedir): Changes for non-Posix systems.
-        * gpg.c (main): Take the default homedir from macro.
+	* trustdb.c (add_ultimate_key): s/log_error/log_info/ for
+	duplicated inserted trusted keys.
 
-        * encode.c (encode_simple, encode_crypt): Fix for large files.
-        * sign.c (sign_file): Ditto.
+2001-08-07  Werner Koch  <[email protected]>
 
-        * gpg.c (main): Don't set --quite along with --no-tty.  By Frank Tobin.
+	* sign.c (sleep): Redefine for W32.
 
-        * misc.c (disable_core_dump): Don't display a warning here but a return
-        a status value and ...
-        * gpg.c (main): ...print warning here. Suggested by Sam Roberts.
+	* g10.c, options.h: Set new flag opt.no_homedir_creation when
+	--no-options is given.
+	* openfile.c (try_make_homedir): Don't create the homedir in that case.
 
-        * misc.c (print_pubkey_algo_note): Do not print the RSA notice.
-        * sig-check.c (do_signature_check): Do not emit the RSA status message.
-        * pubkey-enc.c (get_session_key): Ditto.
+2001-08-03  Werner Koch  <[email protected]>
 
-        * ringedit.c (cmp_seckey): Fix for v4 RSA keys.
-        * seckey-cert.c (do_check): Workaround for PGP 7 bug.
+	* armor.c (armor_filter): Removed the default comment string
+	because it could get us in trouble due to translations using non
+	ascii characters.
 
-        * pkclist.c (algo_available): Removed hack to disable Twofish.
+2001-08-01  Werner Koch  <[email protected]>
 
-        * gpg.c (main): Default S2K algorithms are now SHA1 and CAST5 - this
-        should solve a lot of compatibility problems with other OpenPGP
-        apps because those algorithms are SHOULD and not optional.  The old
-        way to force it was by using the --openpgp option whith the drawback 
-        that this would disable a couple of workarounds for PGP.
+	* keylist.c (list_keyblock_print): Do not list revoked UIDs unless
+	in verbose mode and we do no signature listing.
+
+	* getkey.c (finish_lookup): Skip subkeys which are not yet valid.
+	* g10.c, options.h: New option --ignore-valid-from.
+
+	* sign.c (make_keysig_packet): Added new sigversion argument to
+	allow the caller to force generation of required signature
+	version. Changed all callers. Suggested by Thomas Roessler.
+
+	* keyedit.c (sign_uids): Force v4 signature generation for local
+	sigs.  Removed the check for local signature and pre-v4 keys.
+
+2001-07-27  Werner Koch  <[email protected]>
+
+	* keyedit.c (sign_uids): Check that we are not trying to to a
+	lsign with a pre-v4 key.  Bug noticed by Thomas Roessler.
+
+2001-07-26  Werner Koch  <[email protected]>
+
+	* parse-packet.c (parse_photo_id): Reset all variables.
+	* getkey.c (merge_selfsigs_main): Removed checks on PHOTO_ID
+	because this is handled identically to a user ID.
+
+2001-07-06  Werner Koch  <[email protected]>
+
+	* cipher.c (write_header): Don't use MDC with --rfc1991.  Suggested
+	by [email protected].
+
+2001-07-05  Werner Koch  <[email protected]>
+
+	* g10.c, options.h: New option --preserve-permissions.
+	* ringedit.c (add_keyblock_resource): Use it here
+	(keyring_copy): and here.
+
+	* trustdb.c (verify_own_keys): Be more silent on --quiet.
+	Suggested by Thomas Roessler.
+	* sig-check.c (check_key_signature2): Ditto.
+	* mainproc.c (proc_encrypted, proc_tree): Ditto
+	* getkey.c (lookup): Ditto.
+
+2001-07-04  Werner Koch  <[email protected]>
+
+	* ringedit.c (add_keyblock_resource): Restore filename in case of error.
+
+2001-06-25  Werner Koch  <[email protected]>
+
+	* kbnode.c (dump_kbnode): Print the signature timestamp.
+
+	* keyedit.c (keyedit_menu): New menu point "primary".
+	(change_primary_uid_cb): New.
+	(menu_set_primary_uid): New.
+	* sign.c (update_keysig_packet): New.
+	* build-packet.c (build_sig_subpkt): Put the primary UID flag into
+	the hashed area. Allow update of some more packets.
+
+2001-06-15  Werner Koch  <[email protected]>
+
+	* getkey.c (merge_selfsigs): Exit gracefully when a secret key is
+	encountered.  May happen if a secret key is in public keyring.
+	Reported by Francesco Potorti.
+	
+2001-06-12  Werner Koch  <[email protected]>
+
+	* getkey.c (compare_name): Use ascii_memistr(), ascii_memcasecmp()
+	* keyedit.c (keyedit_menu): Use ascii_strcasecmp().
+	* armor.c (radix64_read): Use ascii_toupper().  
+	* ringedit.c (do_bm_search): Ditto.
+	* keygen.c (read_parameter_file): Ditto.
+	* openfile.c (CMP_FILENAME): Ditto.
+	* g10.c (i18n_init): We can now use just LC_ALL.
+
+2001-05-29  Werner Koch  <[email protected]>
+
+	* keygen.c (generate_subkeypair): Print a warning if a subkey is
+	created on a v3 key. Suggested by Brian M. Carlson.
+
+2001-05-27  Werner Koch  <[email protected]>
+
+	* keyid.c (get_lsign_letter): New.
+	* keylist.c (list_keyblock_colon): Use it here.
+	* mainproc.c (list_node): and here.
+
+	* getkey.c, packet.h, free-packet.c: Removed that useless key
+	created field; I dunno why I introducded this at all - the
+	creation time is always bound to the key packet and subject to
+	fingerprint calculation etc.
+
+	* getkey.c (fixup_uidnode): Add keycreated arg and use this
+	instead of the signature timestamp to calculate the
+	help_key_expire.  Bug reported by David R. Bergstein.
+	(merge_selfsigs_main): Correct key expiration time calculation.
+	(merge_selfsigs_subkey): Ditto.
+
+2001-05-25  Werner Koch  <[email protected]>
+
+	* revoke.c (gen_revoke): Add a cast to a tty_printf arg.
+	* delkey.c (do_delete_key): Ditto.
+	* keyedit.c (print_and_check_one_sig): Ditto.
+	(ask_revoke_sig): Ditto.
+	(menu_revsig): Ditto.
+	(check_all_keysigs): Removed unused arg.
+
+2001-05-23  Werner Koch  <[email protected]>
+
+	* g10.c (opts): Typo fix by Robert C. Ames.
+
+2001-05-06  Werner Koch  <[email protected]>
+
+	* revoke.c: Small typo fix
+
+2001-05-04  Werner Koch  <[email protected]>
+
+	* passphrase.c (passphrase_clear_cache): Shortcut if agent usage
+	is not enabled.
+
+2001-05-01  Werner Koch  <[email protected]>
+
+	* passphrase.c (writen): Replaced ssize_t by int.  Thanks to 
+	to Robert Joop for reporting that SunOS 4.1.4 does not have it.
+
+2001-04-28  Werner Koch  <[email protected]>
+
+	* getkey.c (merge_public_with_secret): pkttype was not set to subkey.
+
+2001-04-27  Werner Koch  <[email protected]>
+
+	* skclist.c (build_sk_list): Changed one log_debug to log_info.
+
+2001-04-25  Werner Koch  <[email protected]>
+
+	* keyedit.c (show_prefs): Add a verbose mode.
+	(show_key_with_all_names): Pass verbose flag for special value of
+	with_pref.
+	(keyedit_menu): New command "showpref"
+	(show_key_with_all_names): Mark revoked uids and the primary key.
+
+2001-04-24  Werner Koch  <[email protected]>
+
+	* getkey.c (get_primary_uid): Return a different string in case of
+	error and made it translatable.
+
+	* build-packet.c (do_secret_key): Ugly, we wrote a zero
+	instead of the computed ndays.  Thanks to M Taylor for complaining
+	about a secret key import problem.
+
+2001-04-23  Werner Koch  <[email protected]>
+
+	* hkp.c (hkp_ask_import): Allow to specify a port number for the 
+	keyserver.  Add a kudge to set the no_shutdown flag.
+	(hkp_export): Ditto.
+	* options.skel: Document the changes 
+
+2001-04-20  Werner Koch  <[email protected]>
+
+	* options.skel: Add some more comments.
+
+2001-04-19  Werner Koch  <[email protected]>
+
+	* keyid.c (mk_datestr): New.  Handles negative times.  We must do
+	this because Windoze segvs on negative times passed to gmtime().
+	Changed all datestr_from function to use this one.
+
+	* keyid.c, keyid.h (colon_strtime): New. To implement the
+	fixed-list-mode.
+	(colon_datestr_from_pk): New.
+	(colon_datestr_from_sk): New.
+	(colon_datestr_from_sig): New.
+	* keylist.c (list_keyblock_colon): Use these functions here.
+	* mainproc.c (list_node): Ditto.
+
+2001-04-18  Werner Koch  <[email protected]>
+
+	* openfile.c (open_sigfile): Fixed the handling of ".sign".
+	* mainproc.c (proc_tree): Use iobuf_get_real_fname.
+	Both are by Vincent Broman.
+
+2001-04-14  Werner Koch  <[email protected]>
+
+	* getkey.c (fixup_uidnode): Removed check for !sig which is
+	pointless here.  Thanks to Jan Niehusmann.
+
+2001-04-10  Werner Koch  <[email protected]>
+
+	* sig-check.c (check_key_signature2): Use log_info instead of
+	log_error so that messed up keys do not let gpg return an error.
+	Suggested by Christian Kurz.
+
+	* getkey.c (merge_selfsigs_main): Do a fixup_uidnode only if we
+	have both, uid and sig.  Thanks to M Taylor.
+
+2001-04-05  Werner Koch  <[email protected]>
+
+	* armor.c (unarmor_pump_new,unarmor_pump_release): New.
+	(unarmor_pump): New. 
+	* pipemode.c (pipemode_filter): Use the unarmor_pump to handle
+	armored or non-armored detached signatures.  We can't use the
+	regular armor_filter becuase this does only chack for armored
+	signatures the very first time.  In pipemode we may have a mix of
+	armored and binary detached signatures.
+	* mainproc.c (proc_tree): Do not print the "old style" notice when
+	this is a pipemode processes detached signature.
+	(proc_plaintext): Special handling of pipemode detached sigs.
+
+	* packet.h (CTRLPKT_PLAINTEXT_MARK): New.
+	* parse-packet.c (create_gpg_control): New.
+	* kbnode.c (dump_kbnode): Support it here.
+	* mainproc.c (check_sig_and_print): Fixed the check for bad
+	sequences of multiple signatures.
+	(proc_plaintext): Add the marker packet.
+	(proc_tree): We can now check multiple detached signatures.
+
+2001-04-02  Werner Koch  <[email protected]>
+
+	The length of encrypted packets for blocksizes != 8 was not
+	correct encoded.  I think this is a minor problem, because we
+	usually use partial length packets.  Kudos to Kahil D. Jallad for
+	pointing this out.
+	* packet.h: Add extralen to PKT_encrypted.
+	* cipher.c (write_header): Set extralen.
+	* build-packet.c (do_encrypted): Use extralen instead of const 10.
+	(do_encrypted_mdc): Ditto.
+	* parse-packet.c (parse_encrypted): Set extralen to 0 because we
+	don't know it here.
+
+2001-03-30  Werner Koch  <[email protected]>
+
+	* getkey.c (premerge_public_with_secret): Changed wording an add
+	the keyID to the info message.
+
+2001-03-29  Werner Koch  <[email protected]>
+
+	* getkey.c (premerge_public_with_secret): Use log_info instead of
+	log_error when no secret key was found for a public one.
+	Fix the usage if the secret parts of a key are not available.
+
+	* openfile.c (ask_outfile_name): Trim spaces.
+	(open_outfile): Allow to enter an alternate filename.  Thanks to
+	Stefan Bellon.
+	* plaintext.c (handle_plaintext): Ditto.
+
+2001-03-28  Werner Koch  <[email protected]>
+
+	* mainproc.c (do_check_sig): Allow direct key and subkey
+	revocation signature.
+	* sig-check.c (check_key_signature2): Check direct key signatures.
+	Print the signature class along with an error.
+
+2001-03-27  Werner Koch  <[email protected]>
+
+	* packet.h: Add a missing typedef to an enum.  Thanks to Stefan Bellon.
+
+	* g10.c: New option --no-sig-create-check.
+	* sign.c (do_sign): Implement it here.
+	* g10.c: New option --no-sig-cache.
+	* sig-check.c (check_key_signature2): Implement it here.
+	(cache_selfsig_result): and here.
+
+	* keylist.c (list_keyblock): Removed debugging stuff.
+
+	* getkey.c (cache_public_key): Made global.
+	* keygen.c (write_selfsig, write_keybinding): Cache the new key.
+
+	* getkey.c (key_byname): Add new arg secmode and changed all
+	callers to request explicitly the mode.  Deriving this information
+	from the other supplied parameters does not work if neither pk nor
+	sk are supplied.
+
+2001-03-25  Werner Koch  <[email protected]>
+
+	* packet.h (ctrlpkttype_t): New.
+	* mainproc.c (add_gpg_control,proc_plaintext,proc_tree): Use the
+	new enum values.
+	* pipemode.c (make_control): Ditto.
+	* armor.c (armor_filter): Ditto.
+
+2001-03-24  Werner Koch  <[email protected]>
+
+	* sign.c (do_sign): Verify the signature right after creation.
+
+2001-03-23  Werner Koch  <[email protected]>
+
+	* status.c, status.h (STATUS_UNEXPECTED): New.
+	* mainproc.c (do_proc_packets): And emit it here.
+
+2001-03-21  Werner Koch  <[email protected]>
+
+	* status.c: Add sys/types.h so that it runs on Ultrix.  Reported
+	by Georg Schwarz.x
+
+	* build-packet.c (build_sig_subpkt): Fixed generaton of packet
+	length header in case where 2 bytes headers are needed.  Thanks to
+	Piotr Krukowiecki.
+
+2001-03-19  Werner Koch  <[email protected]>
+
+	* g10.c (main): the default keyring is no always used unless
+	--no-default-keyring is given.  
+
+	* ringedit.c (add_keyblock_resource): invalidate cache after file
+	creation.
+
+2001-03-15  Werner Koch  <[email protected]>
+
+	* keygen.c (ask_algo): Changed the warning of the ElGamal S+E Algo.
+
+	* keylist.c (print_capabilities): New.
+	(list_keyblock_colon): and use it here.
+
+2001-03-13  Werner Koch  <[email protected]>
+
+	* main.c, options.h: New option --fixed_list_mode.
+	* keylist.c (list_keyblock_colon): use it here.
+
+	* getkey.c (merge_keys_and_selfsig): Divert merging of public keys
+	to the function used in key selection..
+	* keylist.c (is_uid_valid): Removed.
+	(list_keyblock): Splitted into ..
+	(list_keyblock_print, list_keyblock_colon): .. these.
+	functions.  Changed them to use the flags set in the key lookup code.
+	(reorder_keyblock): New, so that primary user IDs are listed first.
+
+	* ringedit.c (keyring_copy): flush the new iobuf chaces before
+	rename or remove operations.  This is mainly needed for W32.
+
+	* hkp.c [HAVE_DOSISH_SYSTEM]: Removed the disabled code because we
+	have now W32 socket support in ../util/http.c
+
+	* skclist.c (key_present_in_sk_list): New.
+	(is_duplicated_entry): New.
+	(build_sk_list): Check for duplicates and do that before unlocking.
+
+2001-03-12  Werner Koch  <[email protected]>
+
+	* armor.c (parse_header_line): Removed double empty line check.
+	(parse_header_line): Replaced trim_trailing_ws with a counting
+	function so that we can adjust for the next read.
+
+	* options.skel: Fixed 3 typos. By Thomas Klausner. Replaced the
+	keyserver example by a better working server. 
+
+	* parse-packet.c (parse_symkeyenc): Return Invalid_Packet on error.
+	(parse_pubkeyenc): Ditto.
+	(parse_onepass_sig): Ditto.
+	(parse_plaintext): Ditto.
+	(parse_encrypted): Ditto.
+	(parse_signature): Return error at other places too.
+	(parse_key): Ditto.
+	* g10.c (main): Set opt.list_packets to another value when invoked
+	with the --list-packets command.
+	* mainproc.c (do_proc_packets): Don's stop processing when running
+	under --list-packets command.
+
+	* signal.c (do_sigaction): Removed.
+	(init_one_signal): New to replace the above.  Needed to support
+	systems without sigactions. Suggested by Dave Dykstra.
+	(got_fatal_signal,init_signals): Use the above here. 
+	(do_block): Use sigset() if sigprocmask() is not available.
+
+	* armor.c (parse_hash_header): Test on TIGER192, which is the
+	correct value as per rfc2440.  By Edwin Woudt.
+
+2001-03-08  Werner Koch  <[email protected]>
+
+	* misc.c: Include time.h. By James Troup.
+
+	* getkey.c: Re-enabled the unknown user Id and PK caches and
+	increased their sizes.
+
+	* getkey.c (merge_selfsigs_main): Set expire date and continue
+	processing even if we found a revoked key.
+	(merge_selfsigs_subkeys): Ditto.
+	
+	* packet.h: Add an is_revoked flag to the user_id packet.
+	* getkey.c (fixup_uidnode): Set that flag here.
+	(merge_selfsigs_main): Fix so that the latest signature is used to
+	find the self-signature for an UID.
+	* parse-packet.c (parse_user_id): Zero out all fields.
+	* mainproc.c (check_sig_and_print): Print the primary user ID
+	according the the node flag and then all other non-revoked user IDs.
+	(is_uid_revoked): Removed; it is now handled by the key selection code.
+	
+	Changed the year list of all copyright notices.
+	
+2001-03-07  Werner Koch  <[email protected]>
+
+	* getkey.c (finish_lookup): Print an info message only in verbose mode.
+
+2001-03-05  Werner Koch  <[email protected]>
+
+	* packet.h: Replaced sigsubpkt_t value 101 by PRIV_VERIFY_CACHE.
+	We have never used the old value, so we can do this without any harm.
+	* parse-packet.c (dump_sig_subpkt): Ditto.
+	(parse_one_sig_subpkt): Parse that new sub packet.
+	* build-packet.c (build_sig_subpkt): Removed the old one from the
+	hashed area.
+	(delete_sig_subpkt): New.
+	(build_sig_subpkt): Allow an update of that new subpkt.
+	* sig-check.c (check_key_signature2): Add verification caching
+	(cache_selfsig_result): New.
+	* export.c (do_export_stream): Delete that sig subpkt before exporting.
+	* import.c (remove_bad_stuff): New.
+	(import): Apply that function to all imported data 
+
+2001-03-03  Werner Koch  <[email protected]>
+
+	* getkey.c: Introduced a new lookup context flag "exact" and used 
+	it in all place where we once used primary.
+	(classify_user_id2): Replaced the old function and add an extra
+	argument to return whether an exact keyID has been requested.
+	(key_byname): Removed the unused ctx.primary flag
+	(get_seckey_byname2): Ditto.
+	(finish_lookup): Changed debugging output.
+
+2001-03-02  Werner Koch  <[email protected]>
+
+	* keylist.c (list_one): Remove the merge key calls. 
+
+2001-03-01  Werner Koch  <[email protected]>
+
+	* getkey.c (finish_lookup): Don't use it if we no specific usage
+	has been requested.
+	(merge_selfsigs_main): fix UID only if we have an signature.
+	(lookup): Return UNU_PUBKEY etc. instead of NO_PUBKEY if we found
+	a key but the requested usage does not allow this key.
+	* import.c (import_one): Take UNU_PUBKEY into account.
+	* mainproc.c (list_node): Ditto.
+	* keylist.c (list_keyblock): Ditto.
+	* keyedit.c (print_and_check_one_sig): Ditto. 
+
+2001-02-09  Werner Koch  <[email protected]>
+
+	* delkey.c (delete_key): Removed that silly assert which rendered
+	the whole new stuff meaningless.
+
+2001-02-08  Werner Koch  <[email protected]>
+
+	* getkey.c (key_byname): It can happen that we have both, sk and pk
+	NULL, fix for that.
+
+	* parse-packet.c (parse_one_sig_subpkt): Add support for
+	primary_uid and key_flags.
+	(can_handle_critical): Ditto
+
+	* parse-packet.c (parse_encrypted): Fixed listing of pktlen for
+	MDC packets.
+
+	* getkey.c: Backported the version of this file from gpg 1.1. this
+	involved some changes in other files too.
+	* parse-packet.c (parse_key): Clear req_usage.
+	* skclist.c (build_sk_list): Use req_usage to pass the usage
+	information to the lookup function.
+	* pkclist.c (build_pk_list): Ditto.
+	* free-packet.c (copy_public_parts_to_secret_key): New.
+	* keydb.h: Add IS_* macros to check the sig_class.
+	* misc.c (openpgp_cipher_test_algo): New.
+	(openpgp_pk_test_algo): New.
+	(openpgp_pk_algo_usage): New.
+	(openpgp_md_test_algo): New.
+	* packet.h: Add a few fields to PKT_{public,secret}_key and
+	PKT_user_id.
+	* seckey-cert.c (do_check): Use the new main_keyid field.
+
+2001-02-04  Werner Koch  <[email protected]>
+
+	* encr-data.c (decrypt_data): Catch error when we had problems to
+	parse the encrypted packet. By Timo.
+
+2001-01-29  Werner Koch  <[email protected]>
+
+	* g10.c (main): --batch does now set nogreeting.
+
+	* delkey.c (do_delete_key): Fixed delete-both functionality.
+
+2001-01-22  Werner Koch  <[email protected]>
+
+	* g10.c: New command --delete-secret-and-public-key.
+	* delkey.c (delete_key): Add new arg allow_both.
+	(do_delete_key): Move most stuff from above to this new function.
+
+2001-01-12  Werner Koch  <[email protected]>
+
+	* passphrase.c (passphrase_to_dek): Use MD5 when IDEA is installed
+	and we have no S2K.
+	* mainproc.c (proc_encrypted): Likewise
+
+2001-01-11  Werner Koch  <[email protected]>
+
+	* sig-check.c (do_check): Print the signature key expire message
+	only in verbose mode and added the keyID.
+
+2001-01-09  Werner Koch  <[email protected]>
+
+	* status.c, status.h: New status USERID_HINT. 
+	(write_status_text): Replace LF and CR int text by C-escape sequence.
+
+	* passphrase.c (passphrase_to_dek): Fixed the NEED_PASSPHRASE
+	output.  It does now always print 2 keyIDs.  Emit the new
+	USERID_HINT.
+
+2001-01-08  Werner Koch  <[email protected]>
+
+	* g10.c, options.h: New option --no-expensive-trust-checks.
+	* keylist.c (list_keyblock): Act on this option.
+
+2001-01-04  Werner Koch  <[email protected]>
+
+	* g10.c (main): Set homedir only in the pre-parsing phase and
+	replace backslashes in the W32 version.
 
-        * gpg.c: New option --merge-only.  Suggested by Brendan O'Dea.
-        * import.c (import_one): Implemented it here.
-        (import_secret_one): Ditto.
-        (print_stats): and give some stats.
+2001-01-03  Werner Koch  <[email protected]>
 
-        * gpg.c: New option --try-all-secrets on suggestion from
-        Matthias Urlichs.
-        * pubkey-enc.c (get_session_key): Quite easy to implement here.
+	* status.c, status.h : New status KEY_CREATED
+	* keygen.c (do_generate_keypair,generate_subkeypair): Emit it.
 
-Mon Aug 21 17:59:17 CEST 2000  Werner Koch  <[email protected]>
+2000-12-28  Werner Koch  <[email protected]>
 
-        * gpg.c: New option --use-agent
+	* signal.c (got_fatal_signal): Remove lockfiles here because the
+	atexit stuff does not work due to the use of raise. Suggested by
+	Peter Fales.
+	* gpgv.c (remove_lockfiles): New stub.
+	
+2000-12-19  Werner Koch  <[email protected]>
+
+	* status.c, status.h (cpr_get_no_help): New.
+	* keyedit.c (keyedit_menu): Use it here because we have our own
+	help list here.
+
+2000-12-18  Werner Koch  <[email protected]>
+
+	* mainproc.c (print_failed_pkenc): Don't print the sometimes
+	confusing message about unavailabe secret key.  Renamed ...
+	(print_pkenc_list): ... to this and introduced failed arg.
+	(proc_encrypted): Print the failed encryption keys and then
+	the one to be used.
+	(proc_pubkey_enc): Store also the key we are going to use.
+
+	* mainproc.c (check_sig_and_print): Don't list revoked user IDs.
+	(is_uid_revoked): New.
+
+2000-12-08  Werner Koch  <[email protected]>
+
+	* pipemode.c: Made the command work.  Currently only for
+	non-armored detached signatures.
+	* mainproc.c (release_list): Reset the new pipemode vars.
+	(add_gpg_control): Handle the control packets for pipemode
+	* status.c, status.h: New stati {BEGIN,END}_STREAM.
+
+2000-12-07  Werner Koch  <[email protected]>
+
+	* g10.c: New option --allow-secret-key-import.
+	* import.c (import_keys,import_keys_stream): Honor this option.
+	(import): New arg allow_secret and pass that arg down to ...
+	(import_secret_one): to this and print a warning if secret key
+	importing is not allowed.
+
+2000-12-05  Werner Koch  <[email protected]>
+
+	* cipher.c (cipher_filter): Moved the end_encryption status ...
+	* encode.c (encode_simple,encode_crypt): to here
+	* sign.c (sign_file): and here.
+
+	* status.c (mywrite): Removed.
+	(get_status_string): Removed the LFs from the strings.
+	(set_status_fd,is_status_enabed,write_status_text,
+	write_status_buffer): Replaced all mywrite by stdio calls and use
+	fdopen to create a strem.  This is needed to make things smoother
+	in the W32 version.
+
+2000-12-04  Werner Koch  <[email protected]>
+
+	* import.c (merge_blocks): Increment n_sigs for revocations.
+
+2000-11-30  Werner Koch  <[email protected]>
+
+	* g10.c (main): Use iobuf_translate_file_handle for all options
+	with filehandles as arguments.  This is function does some magic
+	for the W32 API.
+
+	* verify.c (verify_signatures): Add a comment rant about the
+	detached signature problem.
+	* mainproc.c (proc_tree): Issue an error if a detached signature
+	is assumed but a standard one was found.
+	* plaintext.c (hash_datafiles): Don't fall back to read signature
+	from stdin.
+	* openfile.c (open_sigfile): Print verbose message only if the
+	file could be accessed.
+
+2000-11-24  Werner Koch  <[email protected]>
+
+	* passphrase.c [HAVE_DOSISH_SYSTEM]: Disabled all the agent stuff.
+
+2000-11-16  Werner Koch  <[email protected]>
+
+        * g10.c: New option --use-agent
         * passphrase.c (agent_open,agent_close): New.
         (agent_get_passphrase,agent_clear_passphrase): New.
+	(passphrase_clear_cache): New.
         (passphrase_to_dek): Use the agent here.
-        * seckey-cert.c (do_check): Clear wrong cached passphrases.
+	* seckey-cert.c (do_check): Clear cached passphrases.
 
-Fri Aug 18 14:27:14 CEST 2000  Werner Koch  <[email protected]>
+2000-11-15  Werner Koch  <[email protected]>
 
-  * status.c (do_get_from_fd): Ooops, we used fd instead of opt.command_fd.
-  Thanks to Michael Tokarev.
+	* status.c (write_status_text): Moved the big switch to ...
+	(get_status_string): ... new function.
+	(write_status_buffer): New.
 
-Mon Jul 31 10:04:47 CEST 2000  Werner Koch  <[email protected]>
+	* status.c (mywrite): New and replaced all write() by this.
 
-  * encode.c, sign.c, keygen.c, pubkey-enc.c: Replaced all
-  gcry_sexp_{car,cdr}_{data,mpi} by the new gcry_sexp_nth_{data,mpi} functions.
+	* status.c, status.h: Add 3 status lcodes for notaions and policy.
+	* mainproc.c (print_notation_data): Do status output of notations.
+	
+2000-11-13  Werner Koch  <[email protected]>
 
-  * keygen.c (gen_dsa,gen_elg): Changed the way the factors are stored.
-  (factors_from_sexp): Removed.
-  * comment.c (make_mpi_comment_node): Removed.
-  (make_comment_node_from_buffer): New.
+	* sign.c (clearsign_file): Use LF macro to print linefeed.
+	
+2000-11-11  Paul Eggert  <[email protected]>
 
-Fri Jul 28 18:19:11 CEST 2000  Werner Koch  <[email protected]>
+	Clean up the places in the code that incorrectly use "long" or
+        "unsigned long" for file offsets.  The correct type to use is
+        "off_t".  The difference is important on large-file hosts,
+        where "off_t" is longer than "long".
 
-  * sig-check.c (pk_verify): Fixed the S-Exp withe the pkey.
+        * keydb.h (struct keyblock_pos_struct.offset):
+        Use off_t, not ulong, for file offsets.
+        * packet.h (dbg_search_packet, dbg_copy_some_packets,
+        search_packet, copy_some_packets): Likewise.
+        * parse-packet.c (parse, dbg_search_packet, search_packet,
+        dbg_copy_some_packets, copy_some_packets): Likewise.
+        * ringedit.c (keyring_search): Likewise.
 
-  * gpg.c (main): Use setmode(O_BINARY) for MSDOS while generating random bytes
-  (print_mds): Likewise for stdin.
-  * plaintext.c (handle_plaintext): Likewise for stdout.
+        * parse-packet.c (parse): Do not use %lu to report file
+        offsets in error diagnostics; it's not portable.
+        * ringedit.c (keyring_search): Likewise.
 
-Tue Jul 25 17:44:15 CEST 2000  Werner Koch  <[email protected]>
+2000-11-09  Werner Koch  <[email protected]>
 
-  * keyedit.c (menu_expire): expire date for primary key can be set again.
+	* g10.c (main): New option --enable-special-filenames.
 
-  * keylist.c (is_uid_valid): New.
-  (list_keyblock): Print validity information for all user IDs.  Note, this
-  has to be done at other places too; for now we have only minimal support.
+2000-11-07  Werner Koch  <[email protected]>
+ 
+	* g10.c (main): New command --pipemode.
+	* pipemode.c: New.
 
-  * sign.c (pk_sign): Changed to use the new S-Exp interface.
-  * encode.c (pk_encrypt): Ditto.
-  * sig-check.c (pk_verify): Ditto.
-  * seckey-cert.c (pk_check_secret_key): Ditto.
-  * pubkey-enc.c (pk_decrypt): Ditto.
-  * misc.c (pubkey_nbits): Ditto.
-  * keygen.c (key_from_sexp,factors_from_sexp,gen_elg,gen_dsa): Ditto.
+2000-10-23  Werner Koch  <[email protected]>
 
-Fri Jul 14 19:38:23 CEST 2000  Werner Koch  <wk@>
+	* armor.c (armor_filter): Changed output of hdrlines, so that a CR
+	is emitted for DOS systems.
 
-  Replaced everything with the code from the STABLE-BRANCH-1-0 and
-  started to backport the changes from the 1.1 development branch
-  which are dated according to the ChangeLog of the 1.1 from
-  Sat Sep 18 12:16:08 CEST 1999  to  Thu May 25 18:39:11 CEST 2000.
-  Here are those changes, some of them are duplicates because they
-  have been done on both branch simultaneously.
+	* keygen.c (read_parameter_file): Add a cast for isspace().
 
-  * gpg.c (print_mds): Add arg keys as a kludge to print hmacs
-  (main): New option --print-hmac.
+	* status.c (myread): Use SIGINT instead of SIGHUP for DOS. 
 
-  * trustdb.c (verify_own_keys): Do not print warning about unprotected
-  key when in quiet mode.
+2000-10-19  Werner Koch  <[email protected]>
 
-  * build-paket.c (do_user_id): Save offset where name has been stored.
+	* g10.c: New option --ignore-crc-error
+	* armor.c (invalid_crc): New.
+	(radix64_read): Act on new option.
 
-  * ringedit.c : Add new access method KBXF
+	* openfile.c (try_make_homedir): Klaus Singvogel fixed a stupid
+	error introduced on Sep 6th. 
 
-  * kbxfile.c: New.
+2000-10-18  Werner Koch  <[email protected]>
 
-  * kbx.h: New.
-  * kbxblob.c: Started to work on the keybox stuff.
+	* misc.c (print_cipher_algo_note): Don't print the note for AES.
+	Changed wording.
 
-  * keygen.c (gen_dsa): Modified to work with gcry_pk_genkey.
+2000-10-16  Werner Koch  <[email protected]>
 
-  * Removed dummy-cipher.h from all files.
+	* mainproc.c (do_proc_packets): Hack to fix the problem that
+	signatures are not detected when there is a MDC packet but no
+	compression packet.
+	
+	* g10.c (print_hashline): New.
+	(print_mds): Use above func with --with-colons.
 
-  * keygen.c (gen_elg): Modified to work with gcry_pk_genkey.
-  (key_from_sexp): New.
-  (factors_from_sexp): New.
+	* mainproc.c (check_sig_and_print): Detect multiple signatures
+	and don't verify them.
 
-  * g10.c : Renamed to ...
-  * gpg.c : ... this
-  * Makefile.am: And fixed it here.
+2000-10-14  Werner Koch  <[email protected]>
 
-  * Changed all "g10_"/"GPG_" prefixes to "gpg_"/"GPG_".
+	* mainproc.c (add_onepass_sig): There is an easier solution to the
+	error fixed yesterday; just check that we only have onepass
+	packets.  However, the other solution provides an cleaner
+	interface and opens the path to get access to other information
+	from the armore headers.
+	(release_list): Reset some more variables.
 
-  * misc.c (mpi_read_opaque): Fixed double counting.
+2000-10-13  Werner Koch  <[email protected]>
 
-  * seckey-cert.c (do_check): Removed buffer and the unmotivated free
-  on it.
+	* mainproc.c (add_gpg_control): New.
+	(do_proc_packets): use it.
+	(proc_plaintext): Changed logic to detect clearsigns.
+	(proc_tree): Check the cleartext sig with some new code.
 
-  * pubkey-enc.c (pk_decrypt): New wrapper for the gcry_ function.
-  * seckey-cert.c (pk_check_secret_key): Likewise.
-  * encode.c (pk_encrypt): Likewise.
+	* packet.h: New packet PKT_GPG_CONTROL.
+	* parse-packet.c (parse_gpg_control): New.
+	* misc.c (get_session_marker): New.
+	* armor.c (armor_filter): Replaced the faked 1-pass packet by the
+	new control packet.
 
-  * parse-packet.c (parse_key): Fixed case of unencrypted secret keys.
+	* keyedit.c (keyedit_menu): Allow batchmode with a command_fd. 
+	* status.c (my_read): New.
+	(do_get_from_fd): use it.
 
-  * misc.c (mpi_print): Use gcry_mpi_aprint.
-  (pubkey_nbits): Kludge to use the gcry_pk_ API.
+2000-10-12  Werner Koch  <[email protected]>
 
-  * seskey.c (encode_session_key): Replaced mpi_set_buffer by *_scan.
-  (do_encode_md): Ditto.
-  (encode_md_value): Ditto.
-  * seckey-cert.c (protect_secret_key): Ditto.
-  * comment.c (make_mpi_comment_node): Replaced mpi_get_buffer by _print.
-  * pubkey-enc.c (get_it): Ditto.
-  * sig-check.c (do_signature_check): Ditto.
+	* keygen.c (keygen_add_std_prefs): Add Rijndael to the prefs.
 
-  * keyid.c (do_fingerprint_md): Replaced mpi_get_buffer by gcry_mpi_print.
-  (v3_keyid): New.
-  (keyid_from_sk): And use it here.
-  (keyid_from_pk): Ditto.
-  (fingerprint_from_sk): Ditto.
-  (fingerprint_from_pk): Ditto.
+2000-10-07  Werner Koch  <[email protected]>
 
-  * misc.c (mpi_print): New.
+	* gpgv.c: Add more stubs for ununsed code to make the binary smaller.
 
-  * misc.c (checksum_mpi): Now uses gcry_mpi_print to get the data.
+Wed Oct  4 15:50:18 CEST 2000  Werner Koch  <[email protected]>
 
-  * seckey-cert.c (do_check): Replaced mpi_read_from_buffer.
+        * sign.c (hash_for): New arg to take packet version in account, changed
+        call callers.
 
-  * armor.c (armor_filter): Made the "Comment:" header translatable.
+        * gpgv.c: New.
+        * Makefile.am: Rearranged source files so that gpgv can be build with
+        at least files as possible.
 
-  * seckey-cert.c: Removed obsolete mpi_*_protect_flag.
-  * parse-packet.c: Ditto.
+Mon Sep 18 12:13:52 CEST 2000  Werner Koch  <[email protected]>
 
-  * misc.c (mpi_read): Removed the secure argumet becuase it is
-  never used.  Changed all Callers.
-  (mpi_read_opaque): New.
-  (mpi_write_opaque): New.
-  * parse-packet.c (parse_key): Use the opaque method also for
-  v3 keys.
-  * build-packet.c (do_secret_key): Likewise.
+        * hkp.c (not_implemented): Print a notice for W32
 
-  * g10.c (main): Check libgcrypt version.
+Fri Sep 15 18:40:36 CEST 2000  Werner Koch  <[email protected]>
 
-  * packet.h: replaced inclusion of mpi.h by a plain typeedef of the
-  gcry_mpi structure and removed all inclusions of "mpi.h" in all
-  sources.
+        * keygen.c (keygen_add_std_prefs): Changed order of preferences to
+        twofish, cast5, blowfish.
 
-  * g10.c: Add --delete-secret-key to the help page.
+        * pkclist.c (algo_available): Removed hack to disable Twofish.
 
-  * g10.c (main): Changed the default homedir to "~/.gnupg-test" so
-  that we don't mess up with the stable version.
+Thu Sep 14 17:45:11 CEST 2000  Werner Koch  <[email protected]>
 
-  * misc.c (mpi_write): New.
-  (mpi_write): New.
+        * parse-packet.c (dump_sig_subpkt): Dump key flags. Print special
+        warning in case of faked ARRs.
 
-  * misc.c (checksum_u16_nobug): Removed.
-  (checksum_mpi_counted_nbits): Renamed to ...
-  (checksum_mpi): ... this to superseed the old one. Changed all
-  callers. This is because we do not emulate the old gpg bug anymore.
-  * g10.c (oEmuChecksumBug): Removed.
+        * getkey.c (finsih_lookup): Hack so that for v4 RSA keys the subkey
+        is used for encryption.
 
-  * g10.c (register_extension): New...
-  (main): Use it here instead of register_cipher_extesnion.
-  (strusage): s/strusage/my_strusage/ . Made static.
-  (main): Use set_strusage().
+Thu Sep 14 14:20:38 CEST 2000  Werner Koch  <[email protected]>
 
-  * tdbdump.c (HEXTOBIN): Changed the name of the argument, so that
-  traditional cpp don't mess up the macros. Suggested by Jos Backus.
+        * g10.c (main): Default S2K algorithms are now SHA1 and CAST5 - this
+        should solve a lot of compatibility problems with other OpenPGP
+        apps because those algorithms are SHOULD and not optional.  The old
+        way to force it was by using the --openpgp option whith the drawback 
+        that this would disable a couple of workarounds for PGP.
 
-  * armor.c (parse_header_line): Stop parsing on a only WS line too.
-  Suggested by Aric Cyr.
+        * g10.c (main): Don't set --quite along with --no-tty.  By Frank Tobin.
 
-  * misc.c (pull_in_libs): Removed.
+        * misc.c (disable_core_dump): Don't display a warning here but a return
+        a status value and ...
+        * g10.c (main): ...print warnining here. Suggested by Sam Roberts.
 
-  * mainproc.c (list_node): Print the PK algo in the --with-colon mode.
-  * keylist.c (list_keyblock): Ditto.
+Wed Sep 13 18:12:34 CEST 2000  Werner Koch  <[email protected]>
 
-  * misc.c (pull_in_libs): Removed pull in of g10c.
+        * keyedit.c (keyedit_menu): Allow to use "debug" on the secret key.
 
-  * misc.c (map_gcry_rc): Removed here and chnaged all users.
+        * ringedit.c (cmp_seckey): Fix for v4 RSA keys.
+        * seckey-cert.c (do_check): Workaround for PGP 7 bug.
 
-  * getkey.c: Replaced check_pubkey_algo by openpgp_pk_test_algo.
-  * import.c (delete_inv_parts): Ditto.
-  * pkclist.c: Ditto.
-  * skclist.c: Ditto.
-  * pubkey-enc.c: Ditto.
+Wed Sep  6 17:55:47 CEST 2000  Werner Koch  <[email protected]>
 
-  * g10.c (main): Replaced the function to diable PK algos.
+        * misc.c (print_pubkey_algo_note): Do not print the RSA notice.
+        * sig-check.c (do_signature_check): Do not emit the RSA status message.
+        * pubkey-enc.c (get_session_key): Ditto.
 
-  * g10.c (main): Replaced get_random_bits by gcry_random_bytes.
-  * seskey.c (encode_session_key): Likewise.
-  (make_session_key): Renamed randomize_buffer to gcry_randomize
-  and use the GCRY_xxx_RANDOM constants.
-  * cipher.c (write_header): Ditto.
-  * passphrase.c (hash_passphrase): Ditto.
-  * seckey-cert.c (protect_secret_key): Ditto.
+        * encode.c (encode_simple, encode_crypt): Fix for large files.
+        * sign.c (sign_file): Ditto.
 
-  * getkey.c (find_by_name): Replaced rmd160_hash_buffer
-  by gcry_md_hash_buffer.
-  * keyedit.c (show_prefs): Ditto.
-  * keylist.c (list_keyblock): Ditto.
-  * trustdb.c (print_uid_from_keyblock): Ditto.
-  (make_uid_records): Ditto.
+Wed Sep  6 14:59:09 CEST 2000  Werner Koch  <[email protected]>
 
-  * skclist.c (build_sk_list): Removed the test on faked RNGs.
-  (is_insecure): Removed.
-  * g10.c (--quick-random): Removed this option.
+        * passphrase.c (hash_passphrase): Removed funny assert.  Reported by
+        David Mathog.
 
-  * Replaced all PUBKEY_ALGO_xxx by GCRY_PK_xxxx.
+        * openfile.c (try_make_homedir): Changes for non-Posix systems.
+        * g10.c (main): Take the default homedir from macro.
 
-  * misc.c (pubkey_algo_npkey): New as a wrapper around the gcry fucntion.
-  (pubkey_algo_nskey): Ditto.
-  (pubkey_algo_nsig): Ditto.
-  (pubkey_algo_nenc): Ditto.
+        * g10.c: The --trusted-key option is back.
+        * trustdb.c (verify_own_key): Handle this option.
+        (add_ultimate_key): Moved stuff from verify_own_key to this new func.
+        (register_trusted_key): New.
 
-  * Makefile.am (basicdefs.h): Added.
-  (install-data-local): Removed the handling for historic gpgm.
+Fri Aug 25 16:05:38 CEST 2000  Werner Koch  <[email protected]>
 
-  * misc.c (openpgp_cipher_test_algo): New.
-  (openpgp_pk_test_algo): New.
-  (openpgp_md_test_algo): New.
+        * parse-packet.c (dump_sig_subpkt): Print info about the ARR.
+
+        * openfile.c (overwrite_filep): Always return okay if the file is
+        called /dev/null. 
+        (make_outfile_name): Add ".sign" to the list of know extensions.
+        (open_sigfile): Ditto.
+
+Wed Aug 23 19:52:51 CEST 2000  Werner Koch  <[email protected]>
+
+        * g10.c: New option --allow-freeform-uid. By Jeroen C. van Gelderen.
+        * keygen.c (ask_user_id): Implemented here.
+
+Fri Aug  4 14:23:05 CEST 2000  Werner Koch  <[email protected]>
+
+  * status.c (do_get_from_fd): Ooops, we used fd instead of opt.command_fd.
+  Thanks to Michael Tokarev.
 
-  * g10.c (build_list): Changed to use the new functions from libgcrypt.
+Tue Aug  1 20:06:23 CEST 2000  Werner Koch  <[email protected]>
 
-  * ringedit.c (enum_keyblocks): Set .rt to 0 on open.
+  * g10.c: New opttion --try-all-secrets on suggestion from Matthias Urlichs.
+  * pubkey-enc.c (get_session_key): Quite easy to implement here.
 
-  * encode.c (encode_simple): Use new CTB when we don't have the
-  length of the file.  This is somewhat strange as the comment above
-  indicates that this part is actually fixed for PGP 5 - maybe I simply
-  lost the source line, tsss.
+Thu Jul 27 17:33:04 CEST 2000  Werner Koch  <[email protected]>
 
-  * sign.c (clearsign_file): Avoid duplicated Entries in the "Hash:"
-  line.  Those headers are now only _not_ printed when there are
-  only old-style keys _and_ all hashs are MD5.
+  * g10.c: New option --merge-only.  Suggested by Brendan O'Dea.
+  * import.c (import_one): Implemented it here
+  (import_secret_one): Ditto.
+  (print_stats): and give some stats.
 
-  (clearsign_file): Use gcry_md_test_algo() and gcry_md_algo_name().
+Thu Jul 27 12:01:00 CEST 2000  Werner Koch  <[email protected]>
 
-  * openfile.c (make_outfile_name): Use case-insenstive compare for
-  DOS systems.	Add ".pgp" to the list of know extensions.
-  (open_outfile): For DOS systems try to replace the suffix instead of
-  appending it.
+  * g10.c: New options --show-session-key and --override-session-key
+  * pubkey-enc.c (hextobyte): New.
+  (get_override_session_key): New.
+  * mainproc.c (proc_pubkey_enc): Add session-key stuff.
+  * status.h, status.c (STATUS_SESSION_KEY): New.
 
-  * encr-data.c (decrypt_data): Reset error on a weak key.
+Thu Jul 27 10:02:38 CEST 2000  Werner Koch  <[email protected]>
 
-  * cipher.c: Replaced the cipher and digest functions by the gcry_ ones.
-  * seckey-cert.c: Ditto.
-  * seskey.c: Ditto.
-  * g10.c (print_mds): Replaced digst functions with the new gcry_ ones.
-  * keyid.c: Ditto.
-  * mainproc.c: Ditto.
-  * passphrase.c: Ditto.
-  * sig-check.c: Ditto.
-  * sign.c: Ditto.
+  * g10.c (main): Use setmode(O_BINARY) for MSDOS while generating random bytes
+  (print_mds): Likewise for stdin.
+  * plaintext.c (handle_plaintext): Likewise for stdout.
+
+Mon Jul 24 10:30:17 CEST 2000  Werner Koch  <[email protected]>
+
+  * keyedit.c (menu_expire): expire date for primary key can be set again.
+
+Wed Jul 19 11:26:43 CEST 2000  Werner Koch  <[email protected]>
+
+  * keylist.c (is_uid_valid): New.
+  (list_keyblock): Print validity information for all user IDs.  Note, this
+  has to be done at other places too; for now we have only minimal support.
+
+Wed Jul 12 13:32:06 CEST 2000  Werner Koch  <[email protected]>
 
-  * pkclist.c (do_edit_ownertrust): Made the answer string const.
+  * helptext.c, pkclist.c: s/superseeded/superseded/
 
-  * basicdefs.h: New.  Move some defs and decl to this header.
+Mon Jul 10 16:08:57 CEST 2000  Werner Koch  <[email protected]>
 
-  * openfile.c (open_outfile): Fixed the 8dot3 handling.
+  * parse-packet.c (enum_sig_subpkt): Fixed testing on crtitical bit in case
+  of a NULL buffer.  Reported by Peter Marschall.
 
-  * passphrase.c (passphrase_to_dek): Print uid using utf8 func.
-  * delkey.c (delete_key): Ditto.
-  * pkclist.c (show_paths,do_edit_ownertrust,do_we_trust): Ditto
-  (do_we_trust_pre): Ditto.
-  * trustdb.c (print_user_id,check_uidsigs): Ditto.
-  * revoke.c (gen_revoke,ask_revoke_sig): Ditto.
+Wed Jul  5 13:28:45 CEST 2000  Werner Koch  <[email protected]>
 
-  * filter.h: Changed cipher handle types to the the GCRY_xxx ones.
-  replaces include cipher by system header include gcrypt.h.
-  * cipher.c: replaced the cipher functions by the gcry_ ones.
-  Ditto for the md functions.
+  * keyedit.c, keyid.c: Add some _()
 
-  * misc.c (map_gcry_rc): New.
+  * argparse.c:  Changed the flag to suppress --version handling to also
+  suppress --help.
 
-Wed Jun 28 11:54:44 CEST 2000  Werner Koch  <wk@>
+Wed Jun 28 11:54:44 CEST 2000  Werner Koch  <[email protected]>
 
   * armor.c (armor_filter): Set sigclass to 0 in case of non-dash-escaped
   clearsig.  This makes this mode work again.
@@ -461,7 +3478,7 @@ Fri Jun  9 10:09:52 CEST 2000  Werner Koch  <[email protected]>
 
 Wed Jun  7 19:19:09 CEST 2000  Werner Koch  <[email protected]>
 
-  * sig-check.c (do_check): Use EMULATE_MDENCODE also on v4 paclets.
+  * sig-check.c (do_check): Use EMULATE_MDENCODE also on v4 packets.
 
 Wed Jun  7 17:25:38 CEST 2000  Werner Koch  <[email protected]>
 
@@ -3280,3 +6297,13 @@ Thu Feb 12 22:24:42 1998  Werner Koch  (wk@frodo)
 
 	* pubkey-enc.c (get_session_key): rewritten
 
+
+ Copyright 1998,1999,2000,2001,2002 Free Software Foundation, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/g10/Makefile.am b/g10/Makefile.am
index 3e724512b..f59cd8b2d 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -1,84 +1,104 @@
+# Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+
 ## Process this file with automake to produce Makefile.in
 
-INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl
-EXTRA_DIST = OPTIONS  pubring.asc  options.skel
-OMIT_DEPENDENCIES = zlib.h zconf.h
-LDFLAGS = @LDFLAGS@ $(LIBGCRYPT_LIBS)
-# we need to add libutil.la a second time because we have to resolve
-# gpg_log_ in some libjnlib modules. - very ugly - should be removed soon.
-needed_libs = ../util/libutil.a \
-	      ../jnlib/libjnlib.a ../util/libutil.a
+INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
+EXTRA_DIST = options.skel
+# it seems that we can't use this with automake 1.5
+#OMIT_DEPENDENCIES = zlib.h zconf.h
+LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@
+needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
 
 #noinst_PROGRAMS = gpgd
-#bin_PROGRAMS = gpg kbxutil
-noinst_PROGRAMS = gpg kbxutil
+bin_PROGRAMS = gpg gpgv
 
 common_source =  \
+	      global.h          \
 	      build-packet.c	\
 	      compress.c	\
-	      basicdefs.h	\
 	      filter.h		\
 	      free-packet.c	\
 	      getkey.c		\
-	      keydb.h		\
-	      delkey.c		\
-	      pkclist.c 	\
-	      skclist.c 	\
-	      ringedit.c	\
+	      keydb.c keydb.h    \
+	      keyring.c keyring.h \
+	      seskey.c		\
 	      kbnode.c		\
-	      kbx.h		\
-	      kbxblob.c 	\
-	      kbxio.c		\
-	      kbxfile.c 	\
 	      main.h		\
 	      mainproc.c	\
 	      armor.c		\
 	      mdfilter.c	\
 	      textfilter.c	\
-	      cipher.c		\
 	      misc.c		\
 	      options.h 	\
 	      openfile.c	\
 	      keyid.c		\
-	      trustdb.c 	\
-	      trustdb.h 	\
-	      tdbdump.c 	\
-	      tdbio.c		\
-	      tdbio.h		\
-	      hkp.h		\
-	      hkp.c		\
 	      packet.h		\
 	      parse-packet.c	\
-	      passphrase.c	\
-	      pubkey-enc.c	\
-	      seckey-cert.c	\
-	      seskey.c		\
-	      import.c		\
-	      export.c		\
 	      comment.c 	\
 	      status.c		\
 	      status.h		\
-	      sign.c		\
 	      plaintext.c	\
-	      encr-data.c	\
-	      encode.c		\
-	      revoke.c		\
-	      keylist.c 	\
 	      sig-check.c	\
-	      signal.c		\
-	      helptext.c
+	      keylist.c 	\
+	      signal.c
 
-gpg_SOURCES  = gpg.c		\
+gpg_SOURCES  = g10.c		\
 	      $(common_source)	\
+	      pkclist.c 	\
+	      skclist.c 	\
+	      pubkey-enc.c	\
+	      passphrase.c	\
+	      seckey-cert.c	\
+	      encr-data.c	\
+	      cipher.c		\
+	      encode.c		\
+	      sign.c		\
 	      verify.c		\
+	      revoke.c		\
 	      decrypt.c 	\
 	      keyedit.c 	\
 	      dearmor.c 	\
-	      keygen.c
+	      import.c		\
+	      export.c		\
+	      hkp.h		\
+	      hkp.c		\
+	      trustdb.c 	\
+	      trustdb.h 	\
+	      tdbdump.c 	\
+	      tdbio.c		\
+	      tdbio.h		\
+	      delkey.c		\
+	      keygen.c          \
+	      pipemode.c        \
+	      helptext.c        \
+	      keyserver.c       \
+	      keyserver-internal.h \
+	      photoid.c photoid.h \
+	      exec.c exec.h
+
+
+
+gpgv_SOURCES = gpgv.c           \
+	      $(common_source)  \
+	      verify.c          
+
 
-# fixme: remove unused sources from kbxutil
-kbxutil_SOURCES = kbxutil.c   \
-	      $(common_source)
 
 
 #gpgd_SOURCES = gpgd.c \
@@ -88,15 +108,18 @@ kbxutil_SOURCES = kbxutil.c   \
 #	       ks-db.h \
 #	       $(common_source)
 
-
-LDADD =  $(needed_libs)  @ZLIBS@ @INTLLIBS@
-
+LDADD =  $(needed_libs) @ZLIBS@ @INTLLIBS@
+# gpg gets LIBOBJS to add in mkdtemp if the platform doesn't have it
+gpg_LDADD = @LIBOBJS@ $(LDADD) @NETLIBS@
 
 $(PROGRAMS): $(needed_libs)
 
-
 install-data-local:
 	$(mkinstalldirs) $(DESTDIR)$(pkgdatadir)
 	$(INSTALL_DATA) $(srcdir)/options.skel \
 				$(DESTDIR)$(pkgdatadir)/options.skel
-
+	@set -e;\
+	 if test -f $(DESTDIR)$(bindir)/gpgm ; then \
+	   echo "removing obsolete gpgm binary" ;   \
+	   rm $(DESTDIR)$(bindir)/gpgm ;	    \
+	 fi
diff --git a/g10/armor.c b/g10/armor.c
index 819c951dc..9c7858fe6 100644
--- a/g10/armor.c
+++ b/g10/armor.c
@@ -1,5 +1,5 @@
 /* armor.c - Armor flter
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -28,7 +28,7 @@
 
 #include "errors.h"
 #include "iobuf.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
 #include "filter.h"
 #include "packet.h"
@@ -151,8 +151,9 @@ initialize(void)
 }
 
 /****************
- * Check whether this is an armored file or not
- * See also parse-packet.c for details on this code
+ * Check whether this is an armored file or not See also
+ * parse-packet.c for details on this code For unknown historic
+ * reasons we use a string here but only the first byte will be used.
  * Returns: True if it seems to be armored
  */
 static int
@@ -195,6 +196,7 @@ use_armor_filter( IOBUF a )
     byte buf[1];
     int n;
 
+    /* fixme: there might be a problem with iobuf_peek */
     n = iobuf_peek(a, buf, 1 );
     if( n == -1 )
 	return 0; /* EOF, doesn't matter whether armored or not */
@@ -210,7 +212,7 @@ static void
 invalid_armor(void)
 {
     write_status(STATUS_BADARMOR);
-    gpg_exit(1); /* stop here */
+    g10_exit(1); /* stop here */
 }
 
 
@@ -245,7 +247,9 @@ parse_hash_header( const char *line )
 	    found |= 2;
 	else if( !strncmp( s, "MD5", s2-s ) )
 	    found |= 4;
-	else if( !strncmp( s, "TIGER", s2-s ) )
+	else if( !strncmp( s, "TIGER192", s2-s ) )
+	    found |= 8;
+	else if( !strncmp( s, "TIGER", s2-s ) ) /* used by old versions */
 	    found |= 8;
 	else
 	    return 0;
@@ -283,6 +287,14 @@ is_armor_header( byte *line, unsigned len )
 	return -1;
     save_p = p;
     p += 5;
+
+    /* Some mail programs on Windows seem to add spaces to the end of
+       the line.  This becomes strict if --openpgp is set. */
+
+    if(!opt.rfc2440)
+      while(*p==' ')
+	p++;
+
     if( *p == '\r' )
 	p++;
     if( *p == '\n' )
@@ -312,19 +324,19 @@ is_armor_header( byte *line, unsigned len )
  *	 >0: Good header line
  */
 static int
-parse_header_line( armor_filter_context_t *afx, byte *line, unsigned len )
+parse_header_line( armor_filter_context_t *afx, byte *line, unsigned int len )
 {
     byte *p;
     int hashes=0;
+    unsigned int len2;
 
-    /* fixme: why this double check?  I think the original code w/o the
-     * second check for an empty line was done from an early draft of
-     * of OpenPGP - or simply very stupid code */
-    if( *line == '\n' || ( len && (*line == '\r' && line[1]=='\n') ) )
-	return 0; /* empty line */
-    len = trim_trailing_ws( line, len );
-    if( !len )
-	return 0; /* WS only same as empty line */
+    len2 = check_trailing_ws( line, len );
+    if( !len2 ) {
+        afx->buffer_pos = len2;  /* (it is not the fine way to do it here) */
+	return 0; /* WS only: same as empty line */
+    }
+    len = len2;
+    line[len2] = 0;
 
     p = strchr( line, ':');
     if( !p || !p[1] ) {
@@ -399,7 +411,7 @@ check_input( armor_filter_context_t *afx, IOBUF a )
 	    if( hdr_line == BEGIN_SIGNED_MSG_IDX ) {
 		if( afx->in_cleartext ) {
 		    log_error(_("nested clear text signatures\n"));
-		    rc = GPGERR_INVALID_ARMOR;
+		    rc = G10ERR_INVALID_ARMOR;
 		}
 		afx->in_cleartext = 1;
 	    }
@@ -429,7 +441,7 @@ check_input( armor_filter_context_t *afx, IOBUF a )
 	i = parse_header_line( afx, line, len );
 	if( i <= 0 ) {
 	    if( i )
-		rc = GPGERR_INVALID_ARMOR;
+		rc = G10ERR_INVALID_ARMOR;
 	    break;
 	}
     }
@@ -502,7 +514,7 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
 	    /* the buffer is always allocated with enough space to append
 	     * the removed [CR], LF and a Nul
 	     * The reason for this complicated procedure is to keep at least
-	     * the original tupe of lineending - handling of the removed
+	     * the original type of lineending - handling of the removed
 	     * trailing spaces seems to be impossible in our method
 	     * of faking a packet; either we have to use a temporary file
 	     * or calculate the hash here in this module and somehow find
@@ -590,6 +602,15 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
 }
 
 
+static int
+invalid_crc(void)
+{
+    if ( opt.ignore_crc_error )
+        return 0;
+    log_inc_errorcount();
+    return G10ERR_INVALID_ARMOR;
+}
+
 
 static int
 radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn,
@@ -636,9 +657,9 @@ radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn,
 		if( isxdigit(cc1) && isxdigit(cc2)
 				  && strchr( "=\n\r\t ", cc3 )) {
 		    /* well it seems to be the case - adjust */
-		    c = isdigit(cc1)? (cc1 - '0'): (toupper(cc1)-'A'+10);
+		    c = isdigit(cc1)? (cc1 - '0'): (ascii_toupper(cc1)-'A'+10);
 		    c <<= 4;
-		    c |= isdigit(cc2)? (cc2 - '0'): (toupper(cc2)-'A'+10);
+		    c |= isdigit(cc2)? (cc2 - '0'): (ascii_toupper(cc2)-'A'+10);
 		    afx->buffer_pos += 2;
 		    afx->qp_detected = 1;
 		    goto again;
@@ -728,20 +749,23 @@ radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn,
 		    break; /* eof */
 	    } while( ++idx < 4 );
 	    if( c == -1 ) {
-		log_error(_("premature eof (in CRC)\n"));
-		rc = GPGERR_INVALID_ARMOR;
-	    }
+		log_info(_("premature eof (in CRC)\n"));
+		rc = invalid_crc();
+                	    }
 	    else if( idx != 4 ) {
-		log_error(_("malformed CRC\n"));
-		rc = GPGERR_INVALID_ARMOR;
+		log_info(_("malformed CRC\n"));
+		rc = invalid_crc();
 	    }
 	    else if( mycrc != afx->crc ) {
-		log_error(_("CRC error; %06lx - %06lx\n"),
+                log_info (_("CRC error; %06lx - %06lx\n"),
 				    (ulong)afx->crc, (ulong)mycrc);
-		rc = GPGERR_INVALID_ARMOR;
+                rc = invalid_crc();
 	    }
 	    else {
 		rc = 0;
+                /* FIXME: Here we should emit another control packet,
+                 * so that we know in mainproc that we are processing
+                 * a clearsign message */
 	      #if 0
 		for(rc=0;!rc;) {
 		    rc = 0 /*check_trailer( &fhdr, c )*/;
@@ -754,11 +778,11 @@ radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn,
 		    rc = 0;
 		else if( rc == 2 ) {
 		    log_error(_("premature eof (in Trailer)\n"));
-		    rc = GPGERR_INVALID_ARMOR;
+		    rc = G10ERR_INVALID_ARMOR;
 		}
 		else {
 		    log_error(_("error in trailer line\n"));
-		    rc = GPGERR_INVALID_ARMOR;
+		    rc = G10ERR_INVALID_ARMOR;
 		}
 	      #endif
 	    }
@@ -815,7 +839,9 @@ armor_filter( void *opaque, int control,
 	*ret_len = n;
     }
     else if( control == IOBUFCTRL_UNDERFLOW ) {
-	if( size < 15+(4*15) )	/* need space for up to 4 onepass_sigs */
+        /* We need some space for the faked packet.  The minmum required
+         * size is ~18 + length of the session marker */
+	if( size < 50 ) 
 	    BUG(); /* supplied buffer too short */
 
 	if( afx->faked )
@@ -831,7 +857,14 @@ armor_filter( void *opaque, int control,
 		    rc = -1;
 	    }
 	    else if( afx->faked ) {
-		unsigned hashes = afx->hashes;
+		unsigned int hashes = afx->hashes;
+                const byte *sesmark;
+                size_t sesmarklen;
+                
+                sesmark = get_session_marker( &sesmarklen );
+                if ( sesmarklen > 20 )
+                    BUG();
+
 		/* the buffer is at least 15+n*15 bytes long, so it
 		 * is easy to construct the packets */
 
@@ -842,36 +875,21 @@ armor_filter( void *opaque, int control,
 			afx->pgp2mode = 1;
 		}
 		n=0;
-		do {
-		    /* first some onepass signature packets */
-		    buf[n++] = 0x90; /* old format, type 4, 1 length byte */
-		    buf[n++] = 13;   /* length */
-		    buf[n++] = 3;    /* version */
-		    buf[n++] = afx->not_dash_escaped? 0:1; /* sigclass */
-		    if( hashes & 1 ) {
-			hashes &= ~1;
-			buf[n++] = GCRY_MD_RMD160;
-		    }
-		    else if( hashes & 2 ) {
-			hashes &= ~2;
-			buf[n++] = GCRY_MD_SHA1;
-		    }
-		    else if( hashes & 4 ) {
-			hashes &= ~4;
-			buf[n++] = GCRY_MD_MD5;
-		    }
-		    else if( hashes & 8 ) {
-			hashes &= ~8;
-			buf[n++] = GCRY_MD_TIGER;
-		    }
-		    else
-			buf[n++] = 0;	 /* (don't know) */
-
-		    buf[n++] = 0;    /* public key algo (don't know) */
-		    memset(buf+n, 0, 8); /* don't know the keyid */
-		    n += 8;
-		    buf[n++] = !hashes;   /* last one */
-		} while( hashes );
+                /* first a gpg control packet */
+                buf[n++] = 0xff; /* new format, type 63, 1 length byte */
+                n++;   /* see below */
+                memcpy(buf+n, sesmark, sesmarklen ); n+= sesmarklen;
+                buf[n++] = CTRLPKT_CLEARSIGN_START; 
+                buf[n++] = afx->not_dash_escaped? 0:1; /* sigclass */
+                if( hashes & 1 ) 
+                    buf[n++] = DIGEST_ALGO_RMD160;
+                if( hashes & 2 ) 
+                    buf[n++] = DIGEST_ALGO_SHA1;
+                if( hashes & 4 ) 
+                    buf[n++] = DIGEST_ALGO_MD5;
+                if( hashes & 8 ) 
+                    buf[n++] = DIGEST_ALGO_TIGER;
+                buf[1] = n - 2;
 
 		/* followed by a plaintext packet */
 		buf[n++] = 0xaf; /* old packet format, type 11, var length */
@@ -908,9 +926,8 @@ armor_filter( void *opaque, int control,
 					      PRINTABLE_OS_NAME ")" LF );
 
 	    /* write the comment string or a default one */
-	    s = opt.comment_string ? opt.comment_string
-				   : _("For info see http://www.gnupg.org");
-	    if( *s ) {
+	    s = opt.comment_string;
+	    if( s && *s ) {
 		iobuf_writestr(a, "Comment: " );
 		for( ; *s; s++ ) {
 		    if( *s == '\n' )
@@ -925,8 +942,15 @@ armor_filter( void *opaque, int control,
 		iobuf_writestr(a, LF );
 	    }
 
-	    if( afx->hdrlines )
-		iobuf_writestr(a, afx->hdrlines);
+	    if ( afx->hdrlines ) {
+                for ( s = afx->hdrlines; *s; s++ ) {
+                  #ifdef HAVE_DOSISH_SYSTEM
+                    if ( *s == '\n' )
+                        iobuf_put( a, '\r');
+                  #endif
+                    iobuf_put(a, *s );
+                }
+            }
 	    iobuf_writestr(a, LF );
 	    afx->status++;
 	    afx->idx = 0;
@@ -1041,7 +1065,7 @@ armor_filter( void *opaque, int control,
 	if( afx->qp_detected )
 	    log_error(_("quoted printable character in armor - "
 			"probably a buggy MTA has been used\n") );
-	gcry_free( afx->buffer );
+	m_free( afx->buffer );
 	afx->buffer = NULL;
     }
     else if( control == IOBUFCTRL_DESC )
@@ -1058,7 +1082,7 @@ make_radix64_string( const byte *data, size_t len )
 {
     char *buffer, *p;
 
-    buffer = p = gcry_xmalloc( (len+2)/3*4 + 1 );
+    buffer = p = m_alloc( (len+2)/3*4 + 1 );
     for( ; len >= 3 ; len -= 3, data += 3 ) {
 	*p++ = bintoasc[(data[0] >> 2) & 077];
 	*p++ = bintoasc[(((data[0] <<4)&060)|((data[1] >> 4)&017))&077];
@@ -1078,3 +1102,221 @@ make_radix64_string( const byte *data, size_t len )
     return buffer;
 }
 
+
+/***********************************************
+ *  For the pipemode command we can't use the armor filter for various
+ *  reasons, so we use this new unarmor_pump stuff to remove the armor 
+ */
+
+enum unarmor_state_e {
+    STA_init = 0,
+    STA_bypass,
+    STA_wait_newline,
+    STA_wait_dash,
+    STA_first_dash, 
+    STA_compare_header,
+    STA_found_header_wait_newline,
+    STA_skip_header_lines,
+    STA_skip_header_lines_non_ws,
+    STA_read_data,
+    STA_wait_crc,
+    STA_read_crc,
+    STA_ready
+};
+
+struct unarmor_pump_s {
+    enum unarmor_state_e state;
+    byte val;
+    int checkcrc;
+    int pos;   /* counts from 0..3 */
+    u32 crc;
+    u32 mycrc; /* the one store in the data */
+};
+
+
+
+UnarmorPump
+unarmor_pump_new (void)
+{
+    UnarmorPump x;
+
+    if( !is_initialized )
+        initialize();
+    x = m_alloc_clear (sizeof *x);
+    return x;
+}
+
+void
+unarmor_pump_release (UnarmorPump x)
+{
+    m_free (x);
+}
+
+/* 
+ * Get the next character from the ascii armor taken from the IOBUF
+ * created earlier by unarmor_pump_new().
+ * Return:  c = Character
+ *        256 = ignore this value
+ *         -1 = End of current armor 
+ *         -2 = Premature EOF (not used)
+ *         -3 = Invalid armor
+ */
+int
+unarmor_pump (UnarmorPump x, int c)
+{
+    int rval = 256; /* default is to ignore the return value */
+
+    switch (x->state) {
+      case STA_init:
+        { 
+            byte tmp[1];
+            tmp[0] = c; 
+            if ( is_armored (tmp) )
+                x->state = c == '-'? STA_first_dash : STA_wait_newline;
+            else {
+                x->state = STA_bypass;
+                return c;
+            }
+        }
+        break;
+      case STA_bypass:
+        return c; /* return here to avoid crc calculation */
+      case STA_wait_newline:
+        if (c == '\n')
+            x->state = STA_wait_dash;
+        break;
+      case STA_wait_dash:
+        x->state = c == '-'? STA_first_dash : STA_wait_newline;
+        break;
+      case STA_first_dash: /* just need for initalization */
+        x->pos = 0;
+        x->state = STA_compare_header;
+      case STA_compare_header:
+        if ( "-----BEGIN PGP SIGNATURE-----"[++x->pos] == c ) {
+            if ( x->pos == 28 ) 
+                x->state = STA_found_header_wait_newline;
+        }
+        else 
+            x->state = c == '\n'? STA_wait_dash : STA_wait_newline;
+        break;
+      case STA_found_header_wait_newline:
+        /* to make CR,LF issues easier we simply allow for white space
+           behind the 5 dashes */
+        if ( c == '\n' )
+            x->state = STA_skip_header_lines;
+        else if ( c != '\r' && c != ' ' && c != '\t' )
+            x->state = STA_wait_dash; /* garbage after the header line */
+        break;
+      case STA_skip_header_lines:
+        /* i.e. wait for one empty line */
+        if ( c == '\n' ) {
+            x->state = STA_read_data;
+            x->crc = CRCINIT;
+            x->val = 0;
+            x->pos = 0;
+        }
+        else if ( c != '\r' && c != ' ' && c != '\t' )
+            x->state = STA_skip_header_lines_non_ws;
+        break;
+      case STA_skip_header_lines_non_ws:
+        /* like above but we already encountered non white space */
+        if ( c == '\n' )
+            x->state = STA_skip_header_lines;
+        break;
+      case STA_read_data:
+        /* fixme: we don't check for the trailing dash lines but rely
+         * on the armor stop characters */
+        if( c == '\n' || c == ' ' || c == '\r' || c == '\t' )
+            break; /* skip all kind of white space */
+
+        if( c == '=' ) { /* pad character: stop */
+            if( x->pos == 1 ) /* in this case val has some value */
+                rval = x->val;
+            x->state = STA_wait_crc;
+            break;
+        }
+
+        {
+            int c2;
+            if( (c = asctobin[(c2=c)]) == 255 ) {
+                log_error(_("invalid radix64 character %02x skipped\n"), c2);
+                break;
+            }
+        }
+        
+        switch(x->pos) {
+          case 0:
+            x->val = c << 2;
+            break;
+          case 1:
+            x->val |= (c>>4)&3;
+            rval = x->val;
+            x->val = (c<<4)&0xf0;
+            break;
+          case 2:
+            x->val |= (c>>2)&15;
+            rval = x->val;
+            x->val = (c<<6)&0xc0;
+            break;
+          case 3:
+            x->val |= c&0x3f;
+            rval = x->val;
+            break;
+        }
+        x->pos = (x->pos+1) % 4;
+        break;
+      case STA_wait_crc:
+        if( c == '\n' || c == ' ' || c == '\r' || c == '\t' || c == '=' )
+            break; /* skip ws and pad characters */
+        /* assume that we are at the next line */
+        x->state = STA_read_crc;
+        x->pos = 0;
+        x->mycrc = 0;
+      case STA_read_crc:
+        if( (c = asctobin[c]) == 255 ) {
+            rval = -1; /* ready */
+            if( x->crc != x->mycrc ) {
+                log_info (_("CRC error; %06lx - %06lx\n"),
+                          (ulong)x->crc, (ulong)x->mycrc);
+                if ( invalid_crc() )
+                    rval = -3;
+            }
+            x->state = STA_ready; /* not sure whether this is correct */
+            break;
+        }
+        
+        switch(x->pos) {
+          case 0:
+            x->val = c << 2;
+            break;
+          case 1:
+            x->val |= (c>>4)&3;
+            x->mycrc |= x->val << 16;
+            x->val = (c<<4)&0xf0;
+            break;
+          case 2:
+            x->val |= (c>>2)&15;
+            x->mycrc |= x->val << 8;
+            x->val = (c<<6)&0xc0;
+            break;
+          case 3:
+            x->val |= c&0x3f;
+            x->mycrc |= x->val;
+            break;
+        }
+        x->pos = (x->pos+1) % 4;
+        break;
+      case STA_ready:
+        rval = -1;
+        break;
+    }
+
+    if ( !(rval & ~255) ) { /* compute the CRC */
+        x->crc = (x->crc << 8) ^ crc_table[((x->crc >> 16)&0xff) ^ rval];
+        x->crc &= 0x00ffffff;
+    }
+
+    return rval;
+}
+
+
diff --git a/g10/build-packet.c b/g10/build-packet.c
index 93381879c..e24ac3b2a 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -1,5 +1,5 @@
 /* build-packet.c - assemble packets and write them
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -24,13 +24,14 @@
 #include <string.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "packet.h"
 #include "errors.h"
 #include "iobuf.h"
+#include "mpi.h"
 #include "util.h"
+#include "cipher.h"
+#include "memory.h"
 #include "options.h"
-#include "main.h"
 
 
 static int do_comment( IOBUF out, int ctb, PKT_comment *rem );
@@ -80,8 +81,8 @@ build_packet( IOBUF out, PACKET *pkt )
       case PKT_ENCRYPTED_MDC: new_ctb = pkt->pkt.encrypted->new_ctb; break;
       case PKT_COMPRESSED:new_ctb = pkt->pkt.compressed->new_ctb; break;
       case PKT_USER_ID:
-	    if( pkt->pkt.user_id->photo )
-		pkttype = PKT_PHOTO_ID;
+	    if( pkt->pkt.user_id->attrib_data )
+		pkttype = PKT_ATTRIBUTE;
 	    break;
       default: break;
     }
@@ -91,7 +92,7 @@ build_packet( IOBUF out, PACKET *pkt )
     else
 	ctb = 0x80 | ((pkttype & 15)<<2);
     switch( pkttype ) {
-      case PKT_PHOTO_ID:
+      case PKT_ATTRIBUTE:
       case PKT_USER_ID:
 	rc = do_user_id( out, ctb, pkt->pkt.user_id );
 	break;
@@ -134,7 +135,7 @@ build_packet( IOBUF out, PACKET *pkt )
 	rc = do_onepass_sig( out, ctb, pkt->pkt.onepass_sig );
 	break;
       case PKT_RING_TRUST:
-	break; /* ignore it */
+	break; /* ignore it (keyring.c does write it directly)*/
       default:
 	log_bug("invalid packet type in build_packet()\n");
 	break;
@@ -158,7 +159,7 @@ calc_packet_length( PACKET *pkt )
 	n = calc_plaintext( pkt->pkt.plaintext );
 	new_ctb = pkt->pkt.plaintext->new_ctb;
 	break;
-      case PKT_PHOTO_ID:
+      case PKT_ATTRIBUTE:
       case PKT_USER_ID:
       case PKT_COMMENT:
       case PKT_PUBLIC_KEY:
@@ -195,10 +196,10 @@ write_fake_data( IOBUF out, MPI a )
 static int
 do_comment( IOBUF out, int ctb, PKT_comment *rem )
 {
-    if( !opt.no_comment ) {
+    if( opt.sk_comments ) {
 	write_header(out, ctb, rem->len);
 	if( iobuf_write( out, rem->data, rem->len ) )
-	    return GPGERR_WRITE_FILE;
+	    return G10ERR_WRITE_FILE;
     }
     return 0;
 }
@@ -206,19 +207,15 @@ do_comment( IOBUF out, int ctb, PKT_comment *rem )
 static int
 do_user_id( IOBUF out, int ctb, PKT_user_id *uid )
 {
-    if( uid->photo ) {
-	write_header(out, ctb, uid->photolen);
-	uid->stored_at = iobuf_get_temp_length ( out ); /* what a hack ... */
-		  /* ... and it does only work when used with a temp iobuf */
-	if( iobuf_write( out, uid->photo, uid->photolen ) )
-	    return GPGERR_WRITE_FILE;
+    if( uid->attrib_data ) {
+	write_header(out, ctb, uid->attrib_len);
+	if( iobuf_write( out, uid->attrib_data, uid->attrib_len ) )
+	    return G10ERR_WRITE_FILE;
     }
     else {
 	write_header(out, ctb, uid->len);
-	uid->stored_at = iobuf_get_temp_length ( out ); /* what a hack ... */
-		  /* ... and it does only work when used with a temp iobuf */
 	if( iobuf_write( out, uid->name, uid->len ) )
-	    return GPGERR_WRITE_FILE;
+	    return G10ERR_WRITE_FILE;
     }
     return 0;
 }
@@ -252,7 +249,7 @@ do_public_key( IOBUF out, int ctb, PKT_public_key *pk )
 
     write_header2(out, ctb, iobuf_get_temp_length(a), pk->hdrbytes, 1 );
     if( iobuf_write_temp( out, a ) )
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
 
     iobuf_close(a);
     return rc;
@@ -263,7 +260,7 @@ do_public_key( IOBUF out, int ctb, PKT_public_key *pk )
  * Make a hash value from the public key certificate
  */
 void
-hash_public_key( GCRY_MD_HD md, PKT_public_key *pk )
+hash_public_key( MD_HANDLE md, PKT_public_key *pk )
 {
     PACKET pkt;
     int rc = 0;
@@ -283,7 +280,7 @@ hash_public_key( GCRY_MD_HD md, PKT_public_key *pk )
     pkt.pkttype = PKT_PUBLIC_KEY;
     pkt.pkt.public_key = pk;
     if( (rc = build_packet( a, &pkt )) )
-	log_fatal("build public_key for hashing failed: %s\n", gpg_errstr(rc));
+	log_fatal("build public_key for hashing failed: %s\n", g10_errstr(rc));
 
     if( !(pk->version == 3 && pk->pubkey_algo == 16) ) {
 	/* skip the constructed header but don't do this for our very old
@@ -314,10 +311,10 @@ hash_public_key( GCRY_MD_HD md, PKT_public_key *pk )
 	    }
 	}
 	/* hash a header */
-	gcry_md_putc( md, 0x99 );
+	md_putc( md, 0x99 );
 	pktlen &= 0xffff; /* can't handle longer packets */
-	gcry_md_putc( md, pktlen >> 8 );
-	gcry_md_putc( md, pktlen & 0xff );
+	md_putc( md, pktlen >> 8 );
+	md_putc( md, pktlen & 0xff );
     }
     /* hash the packet body */
     while( (c=iobuf_get(a)) != -1 ) {
@@ -328,7 +325,7 @@ hash_public_key( GCRY_MD_HD md, PKT_public_key *pk )
 	    i=0;
 	}
       #endif
-	gcry_md_putc( md, c );
+	md_putc( md, c );
     }
   #if 0
     putc('\n', fp);
@@ -343,43 +340,64 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
 {
     int rc = 0;
     int i, nskey, npkey;
-    IOBUF a = iobuf_temp();
+    IOBUF a = iobuf_temp(); /* build in a self-enlarging buffer */
 
+    /* Write the version number - if none is specified, use 3 */
     if( !sk->version )
 	iobuf_put( a, 3 );
     else
 	iobuf_put( a, sk->version );
     write_32(a, sk->timestamp );
+
+    /* v3  needs the expiration time */
     if( sk->version < 4 ) {
 	u16 ndays;
 	if( sk->expiredate )
 	    ndays = (u16)((sk->expiredate - sk->timestamp) / 86400L);
 	else
 	    ndays = 0;
-	write_16(a, 0 );
+	write_16(a, ndays);
     }
+
     iobuf_put(a, sk->pubkey_algo );
+
+    /* get number of secret and public parameters.  They are held in
+       one array first the public ones, then the secret ones */
     nskey = pubkey_get_nskey( sk->pubkey_algo );
     npkey = pubkey_get_npkey( sk->pubkey_algo );
+
+    /* If we don't have any public parameters - which is the case if
+       we don't know the algorithm used - the parameters are stored as
+       one blob in a faked (opaque) MPI */
     if( !npkey ) {
 	write_fake_data( a, sk->skey[0] );
 	goto leave;
     }
     assert( npkey < nskey );
 
+    /* Writing the public parameters is easy */
     for(i=0; i < npkey; i++ )
 	mpi_write(a, sk->skey[i] );
+
+    /* build the header for protected (encrypted) secret parameters */
     if( sk->is_protected ) {
 	if( is_RSA(sk->pubkey_algo) && sk->version < 4
 				    && !sk->protect.s2k.mode ) {
+            /* the simple rfc1991 (v3) way */
 	    iobuf_put(a, sk->protect.algo );
 	    iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
 	}
 	else {
-	    iobuf_put(a, 0xff );
+          /* OpenPGP protection according to rfc2440 */
+	    iobuf_put(a, sk->protect.sha1chk? 0xfe : 0xff );
 	    iobuf_put(a, sk->protect.algo );
 	    if( sk->protect.s2k.mode >= 1000 ) {
-		iobuf_put(a, 101 );
+                /* These modes are not possible in OpenPGP, we use them
+                   to implement our extesnsions, 101 can ve views as a
+                   private/experimental extension (this is not
+                   specified in rfc2440 but the same scheme is used
+                   for all other algorithm identifiers) */
+		iobuf_put(a, 101 ); 
 		iobuf_put(a, sk->protect.s2k.hash_algo );
 		iobuf_write(a, "GNU", 3 );
 		iobuf_put(a, sk->protect.s2k.mode - 1000 );
@@ -392,34 +410,41 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
 		|| sk->protect.s2k.mode == 3 )
 		iobuf_write(a, sk->protect.s2k.salt, 8 );
 	    if( sk->protect.s2k.mode == 3 )
-		iobuf_put(a, sk->protect.s2k.count );
+		iobuf_put(a, sk->protect.s2k.count ); 
+
+            /* For out special mode 1001 we do not need an IV */
 	    if( sk->protect.s2k.mode != 1001 )
 		iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
 	}
     }
     else
 	iobuf_put(a, 0 );
+
     if( sk->protect.s2k.mode == 1001 )
-	;
+        ; /* GnuPG extension - don't write a secret key at all */ 
     else if( sk->is_protected && sk->version >= 4 ) {
+        /* The secret key is protected - write it out as it is */
 	byte *p;
-	size_t n;
-	assert( gcry_mpi_get_flag( sk->skey[i], GCRYMPI_FLAG_OPAQUE ) );
-	p = gcry_mpi_get_opaque( sk->skey[i], &n );
-	iobuf_write(a, p, (n+7)/8 );
+	assert( mpi_is_opaque( sk->skey[npkey] ) );
+	p = mpi_get_opaque( sk->skey[npkey], &i );
+	iobuf_write(a, p, i );
     }
     else {
+        /* v3 way - same code for protected and non- protected key */
 	for(   ; i < nskey; i++ )
 	    mpi_write(a, sk->skey[i] );
 	write_16(a, sk->csum );
     }
 
   leave:
+    /* Build the header of the packet - which we must do after writing all
+       the other stuff, so that we know the length of the packet */
     write_header2(out, ctb, iobuf_get_temp_length(a), sk->hdrbytes, 1 );
+    /* And finally write it out the real stream */
     if( iobuf_write_temp( out, a ) )
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
 
-    iobuf_close(a);
+    iobuf_close(a); /* close the remporary buffer */
     return rc;
 }
 
@@ -448,7 +473,7 @@ do_symkey_enc( IOBUF out, int ctb, PKT_symkey_enc *enc )
 
     write_header(out, ctb, iobuf_get_temp_length(a) );
     if( iobuf_write_temp( out, a ) )
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
 
     iobuf_close(a);
     return rc;
@@ -482,7 +507,7 @@ do_pubkey_enc( IOBUF out, int ctb, PKT_pubkey_enc *enc )
 
     write_header(out, ctb, iobuf_get_temp_length(a) );
     if( iobuf_write_temp( out, a ) )
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
 
     iobuf_close(a);
     return rc;
@@ -511,12 +536,12 @@ do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
     for(i=0; i < pt->namelen; i++ )
 	iobuf_put(out, pt->name[i] );
     if( write_32(out, pt->timestamp ) )
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
 
     n = 0;
     while( (nbytes=iobuf_read(pt->buf, buf, 1000)) != -1 ) {
 	if( iobuf_write(out, buf, nbytes) == -1 ) {
-	    rc = GPGERR_WRITE_FILE;
+	    rc = G10ERR_WRITE_FILE;
 	    break;
 	}
 	n += nbytes;
@@ -539,7 +564,7 @@ do_encrypted( IOBUF out, int ctb, PKT_encrypted *ed )
     int rc = 0;
     u32 n;
 
-    n = ed->len ? (ed->len + 10) : 0;
+    n = ed->len ? (ed->len + ed->extralen) : 0;
     write_header(out, ctb, n );
 
     /* This is all. The caller has to write the real data */
@@ -555,7 +580,7 @@ do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed )
 
     assert( ed->mdc_method );
 
-    n = ed->len ? (ed->len + 10) : 0;
+    n = ed->len ? (ed->len + ed->extralen) : 0;
     write_header(out, ctb, n );
     iobuf_put(out, 1 );  /* version */
 
@@ -572,7 +597,7 @@ do_mdc( IOBUF out, PKT_mdc *mdc )
     iobuf_put( out, 0xd3 ); /* packet ID and 1 byte length */
     iobuf_put( out, 0x14 ); /* length = 20 */
     if( iobuf_write( out, mdc->hash, sizeof(mdc->hash) ) )
-	return GPGERR_WRITE_FILE;
+	return G10ERR_WRITE_FILE;
     return 0;
 }
 
@@ -591,36 +616,36 @@ do_compressed( IOBUF out, int ctb, PKT_compressed *cd )
 }
 
 
-
 /****************
- * Find a subpacket of type REQTYPE in BUFFER and a return a pointer
- * to the first byte of that subpacket data.
- * And return the length of the packet in RET_N and the number of
- * header bytes in RET_HLEN (length header and type byte).
+ * Delete all subpackets of type REQTYPE and return a bool whether a packet
+ * was deleted.
  */
-byte *
-find_subpkt( byte *buffer, sigsubpkttype_t reqtype,
-	     size_t *ret_hlen, size_t *ret_n )
+int
+delete_sig_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype )
 {
     int buflen;
     sigsubpkttype_t type;
-    byte *bufstart;
+    byte *buffer, *bufstart;
     size_t n;
+    size_t unused = 0;
+    int okay = 0;
 
-    if( !buffer )
-	return NULL;
-    buflen = (*buffer << 8) | buffer[1];
-    buffer += 2;
+    if( !area )
+	return 0;
+    buflen = area->len;
+    buffer = area->data;
     for(;;) {
-	if( !buflen )
-	    return NULL; /* end of packets; not found */
+	if( !buflen ) {
+            okay = 1;
+            break;
+        }
 	bufstart = buffer;
 	n = *buffer++; buflen--;
 	if( n == 255 ) {
 	    if( buflen < 4 )
 		break;
 	    n = (buffer[0] << 24) | (buffer[1] << 16)
-				  | (buffer[2] << 8) | buffer[3];
+                | (buffer[2] << 8) | buffer[3];
 	    buffer += 4;
 	    buflen -= 4;
 	}
@@ -633,137 +658,175 @@ find_subpkt( byte *buffer, sigsubpkttype_t reqtype,
 	}
 	if( buflen < n )
 	    break;
+        
 	type = *buffer & 0x7f;
 	if( type == reqtype ) {
 	    buffer++;
+            buflen--;
 	    n--;
 	    if( n > buflen )
 		break;
-	    if( ret_hlen )
-		*ret_hlen = buffer - bufstart;
-	    if( ret_n )
-		*ret_n = n;
-	    return buffer;
+            buffer += n; /* point to next subpkt */
+            buflen -= n;
+            memmove (bufstart, buffer, buflen); /* shift */
+            unused +=  buffer - bufstart;
+            buffer = bufstart;
 	}
-	buffer += n; buflen -=n;
+        else {
+            buffer += n; buflen -=n;
+        }
     }
 
-    log_error("find_subpkt: buffer shorter than subpacket\n");
-    return NULL;
+    if (!okay)
+        log_error ("delete_subpkt: buffer shorter than subpacket\n");
+    assert (unused <= area->len);
+    area->len -= unused;
+    return !!unused;
 }
 
 
 /****************
- * Create or update a signature subpacket for SIG of TYPE.
- * This functions knows where to put the data (hashed or unhashed).
- * The function may move data from the unhased part to the hashed one.
- * Note: All pointers into sig->[un]hashed are not valid after a call
- * to this function.  The data to but into the subpaket should be
- * in buffer with a length of buflen.
+ * Create or update a signature subpacket for SIG of TYPE.  This
+ * functions knows where to put the data (hashed or unhashed).  The
+ * function may move data from the unhashed part to the hashed one.
+ * Note: All pointers into sig->[un]hashed (e.g. returned by
+ * parse_sig_subpkt) are not valid after a call to this function.  The
+ * data to put into the subpaket should be in a buffer with a length
+ * of buflen. 
  */
 void
-build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type,
+build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
 		  const byte *buffer, size_t buflen )
 {
-    byte *data;
-    size_t hlen, dlen, nlen;
-    int found=0;
-    int critical, hashed, realloced;
-    size_t n, n0;
+    byte *p;
+    int critical, hashed;
+    subpktarea_t *oldarea, *newarea;
+    size_t nlen, n, n0;
 
     critical = (type & SIGSUBPKT_FLAG_CRITICAL);
     type &= ~SIGSUBPKT_FLAG_CRITICAL;
 
-    if( type == SIGSUBPKT_NOTATION )
-	; /* we allow multiple packets */
-    else if( (data = find_subpkt( sig->hashed_data, type, &hlen, &dlen )) )
-	found = 1;
-    else if( (data = find_subpkt( sig->unhashed_data, type, &hlen, &dlen )))
-	found = 2;
+    /* Sanity check buffer sizes */
+    if(parse_one_sig_subpkt(buffer,buflen,type)<0)
+      BUG();
+
+    switch(type)
+      {
+      case SIGSUBPKT_NOTATION:
+      case SIGSUBPKT_POLICY:
+      case SIGSUBPKT_REV_KEY:
+	/* we do allow multiple subpackets */
+	break;
+
+      default:
+	/* we don't allow multiple subpackets */
+	delete_sig_subpkt(sig->hashed,type);
+	delete_sig_subpkt(sig->unhashed,type);
+	break;
+      }
+
+    /* Any special magic that needs to be done for this type so the
+       packet doesn't need to be reparsed? */
+    switch(type)
+      {
+      case SIGSUBPKT_NOTATION:
+	sig->flags.notation=1;
+	break;
+
+      case SIGSUBPKT_POLICY:
+	sig->flags.policy_url=1;
+	break;
+
+      case SIGSUBPKT_EXPORTABLE:
+	if(buffer[0])
+	  sig->flags.exportable=1;
+	else
+	  sig->flags.exportable=0;
+	break;
+
+      case SIGSUBPKT_REVOCABLE:
+	if(buffer[0])
+	  sig->flags.revocable=1;
+	else
+	  sig->flags.revocable=0;
+	break;
+
+      default:
+	break;
+      }
 
-    if( found )
-	log_bug("build_sig_packet: update nyi\n");
     if( (buflen+1) >= 8384 )
-	nlen = 5;
+	nlen = 5; /* write 5 byte length header */
     else if( (buflen+1) >= 192 )
-	nlen = 2;
+	nlen = 2; /* write 2 byte length header */
     else
-	nlen = 1;
+	nlen = 1; /* just a 1 byte length header */
 
     switch( type ) {
-      case SIGSUBPKT_SIG_CREATED:
-      case SIGSUBPKT_PRIV_ADD_SIG:
-      case SIGSUBPKT_PREF_SYM:
-      case SIGSUBPKT_PREF_HASH:
-      case SIGSUBPKT_PREF_COMPR:
-      case SIGSUBPKT_KS_FLAGS:
-      case SIGSUBPKT_KEY_EXPIRE:
-      case SIGSUBPKT_NOTATION:
-      case SIGSUBPKT_POLICY:
-      case SIGSUBPKT_REVOC_REASON:
-      case SIGSUBPKT_KEY_FLAGS:
-      case SIGSUBPKT_FEATURES:
-	       hashed = 1; break;
-      default: hashed = 0; break;
-    }
-
-    if( hashed ) {
-	n0 = sig->hashed_data ? ((*sig->hashed_data << 8)
-				    | sig->hashed_data[1]) : 0;
-	n = n0 + nlen + 1 + buflen; /* length, type, buffer */
-	realloced = !!sig->hashed_data;
-	data = sig->hashed_data ? gcry_xrealloc( sig->hashed_data, n+2 )
-				: gcry_xmalloc( n+2 );
-    }
-    else {
-	n0 = sig->unhashed_data ? ((*sig->unhashed_data << 8)
-				      | sig->unhashed_data[1]) : 0;
-	n = n0 + nlen + 1 + buflen; /* length, type, buffer */
-	realloced = !!sig->unhashed_data;
-	data = sig->unhashed_data ? gcry_xrealloc( sig->unhashed_data, n+2 )
-				  : gcry_xmalloc( n+2 );
+      case SIGSUBPKT_ISSUER:
+      case SIGSUBPKT_PRIV_VERIFY_CACHE: /*(obsolete)*/
+        hashed = 0;
+        break;
+      default: 
+        hashed = 1;
+        break;
     }
 
     if( critical )
 	type |= SIGSUBPKT_FLAG_CRITICAL;
 
-    data[0] = (n >> 8) & 0xff;
-    data[1] = n & 0xff;
-    if( nlen == 5 ) {
-	data[n0+2] = 255;
-	data[n0+3] = (buflen+1) >> 24;
-	data[n0+4] = (buflen+1) >> 16;
-	data[n0+5] = (buflen+1) >>  8;
-	data[n0+6] = (buflen+1);
-	data[n0+7] = type;
-	memcpy(data+n0+8, buffer, buflen );
+    oldarea = hashed? sig->hashed : sig->unhashed;
+
+    /* Calculate new size of the area and allocate */
+    n0 = oldarea? oldarea->len : 0;
+    n = n0 + nlen + 1 + buflen; /* length, type, buffer */
+    if (oldarea && n <= oldarea->size) { /* fits into the unused space */
+        newarea = oldarea;
+        /*log_debug ("updating area for type %d\n", type );*/
     }
-    else if( nlen == 2 ) {
-	data[n0+2] = (buflen+1-192) / 256 + 192;
-	data[n0+3] = (buflen+1-192) & 256;
-	data[n0+4] = type;
-	memcpy(data+n0+5, buffer, buflen );
+    else if (oldarea) {
+        newarea = m_realloc (oldarea, sizeof (*newarea) + n - 1);
+        newarea->size = n;
+        /*log_debug ("reallocating area for type %d\n", type );*/
     }
     else {
-	data[n0+2] = buflen+1;
-	data[n0+3] = type;
-	memcpy(data+n0+4, buffer, buflen );
+        newarea = m_alloc (sizeof (*newarea) + n - 1);
+        newarea->size = n;
+        /*log_debug ("allocating area for type %d\n", type );*/
     }
-
-    if( hashed ) {
-	if( !realloced )
-	    gcry_free(sig->hashed_data);
-	sig->hashed_data = data;
+    newarea->len = n;
+
+    p = newarea->data + n0;
+    if (nlen == 5) {
+	*p++ = 255;
+	*p++ = (buflen+1) >> 24;
+	*p++ = (buflen+1) >> 16;
+	*p++ = (buflen+1) >>  8;
+	*p++ = (buflen+1);
+	*p++ = type;
+	memcpy (p, buffer, buflen);
+    }
+    else if (nlen == 2) {
+	*p++ = (buflen+1-192) / 256 + 192;
+	*p++ = (buflen+1-192) % 256;
+	*p++ = type;
+	memcpy (p, buffer, buflen);
     }
     else {
-	if( !realloced )
-	    gcry_free(sig->unhashed_data);
-	sig->unhashed_data = data;
+	*p++ = buflen+1;
+	*p++ = type;
+	memcpy (p, buffer, buflen);
     }
+
+    if (hashed) 
+	sig->hashed = newarea;
+    else
+	sig->unhashed = newarea;
 }
 
 /****************
  * Put all the required stuff from SIG into subpackets of sig.
+ * Hmmm, should we delete those subpackets which are in a wrong area?
  */
 void
 build_sig_subpkt_from_sig( PKT_signature *sig )
@@ -789,8 +852,70 @@ build_sig_subpkt_from_sig( PKT_signature *sig )
     buf[2] = (u >>  8) & 0xff;
     buf[3] = u & 0xff;
     build_sig_subpkt( sig, SIGSUBPKT_SIG_CREATED, buf, 4 );
+
+    if(sig->expiredate)
+      {
+	u = sig->expiredate-sig->timestamp;
+	buf[0] = (u >> 24) & 0xff;
+	buf[1] = (u >> 16) & 0xff;
+	buf[2] = (u >>  8) & 0xff;
+	buf[3] = u & 0xff;
+
+	/* Mark this CRITICAL, so if any implementation doesn't
+           understand sigs that can expire, it'll just disregard this
+           sig altogether. */
+
+	build_sig_subpkt( sig, SIGSUBPKT_SIG_EXPIRE | SIGSUBPKT_FLAG_CRITICAL,
+			  buf, 4 );
+      }
 }
 
+void
+build_attribute_subpkt(PKT_user_id *uid,byte type,
+		       const void *buf,int buflen,
+		       const void *header,int headerlen)
+{
+  byte *attrib;
+  int idx;
+
+  if(1+headerlen+buflen>8383)
+    idx=5;
+  else if(1+headerlen+buflen>191)
+    idx=2;
+  else
+    idx=1;
+
+  /* realloc uid->attrib_data to the right size */
+
+  uid->attrib_data=m_realloc(uid->attrib_data,
+			     uid->attrib_len+idx+1+headerlen+buflen);
+
+  attrib=&uid->attrib_data[uid->attrib_len];
+
+  if(idx==5)
+    {
+      attrib[0]=255;
+      attrib[1]=(1+headerlen+buflen) >> 24;
+      attrib[2]=(1+headerlen+buflen) >> 16;
+      attrib[3]=(1+headerlen+buflen) >> 8;
+      attrib[4]=1+headerlen+buflen;
+    }
+  else if(idx==2)
+    {
+      attrib[0]=(1+headerlen+buflen-192) / 256 + 192;
+      attrib[1]=(1+headerlen+buflen-192) % 256;
+    }
+  else
+    attrib[0]=1+headerlen+buflen; /* Good luck finding a JPEG this small! */
+
+  attrib[idx++]=type;
+
+  /* Tack on our data at the end */
+
+  memcpy(&attrib[idx],header,headerlen);
+  memcpy(&attrib[idx+headerlen],buf,buflen);
+  uid->attrib_len+=idx+headerlen+buflen;
+}
 
 static int
 do_signature( IOBUF out, int ctb, PKT_signature *sig )
@@ -818,16 +943,14 @@ do_signature( IOBUF out, int ctb, PKT_signature *sig )
 	/* timestamp and keyid must have been packed into the
 	 * subpackets prior to the call of this function, because
 	 * these subpackets are hashed */
-	nn = sig->hashed_data?((sig->hashed_data[0]<<8)
-				|sig->hashed_data[1])	:0;
+	nn = sig->hashed? sig->hashed->len : 0;
 	write_16(a, nn);
 	if( nn )
-	    iobuf_write( a, sig->hashed_data+2, nn );
-	nn = sig->unhashed_data?((sig->unhashed_data[0]<<8)
-				  |sig->unhashed_data[1])   :0;
+	    iobuf_write( a, sig->hashed->data, nn );
+	nn = sig->unhashed? sig->unhashed->len : 0;
 	write_16(a, nn);
 	if( nn )
-	    iobuf_write( a, sig->unhashed_data+2, nn );
+	    iobuf_write( a, sig->unhashed->data, nn );
     }
     iobuf_put(a, sig->digest_start[0] );
     iobuf_put(a, sig->digest_start[1] );
@@ -842,7 +965,7 @@ do_signature( IOBUF out, int ctb, PKT_signature *sig )
     else
 	write_header(out, ctb, iobuf_get_temp_length(a) );
     if( iobuf_write_temp( out, a ) )
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
 
     iobuf_close(a);
     return rc;
@@ -865,7 +988,7 @@ do_onepass_sig( IOBUF out, int ctb, PKT_onepass_sig *ops )
 
     write_header(out, ctb, iobuf_get_temp_length(a) );
     if( iobuf_write_temp( out, a ) )
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
 
     iobuf_close(a);
     return rc;
diff --git a/g10/cipher.c b/g10/cipher.c
index cad6ff664..2af8750c8 100644
--- a/g10/cipher.c
+++ b/g10/cipher.c
@@ -1,5 +1,5 @@
 /* cipher.c - En-/De-ciphering filter
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,9 +25,9 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "errors.h"
 #include "iobuf.h"
+#include "memory.h"
 #include "util.h"
 #include "filter.h"
 #include "packet.h"
@@ -45,69 +45,69 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
     PACKET pkt;
     PKT_encrypted ed;
     byte temp[18];
-    unsigned int blocksize;
-    unsigned int nprefix;
-    int rc;
-    int use_mdc = opt.force_mdc;
+    unsigned blocksize;
+    unsigned nprefix;
+    int use_mdc;
 
-    blocksize = gcry_cipher_get_algo_blklen( cfx->dek->algo );
+    blocksize = cipher_get_blocksize( cfx->dek->algo );
     if( blocksize < 8 || blocksize > 16 )
 	log_fatal("unsupported blocksize %u\n", blocksize );
+
+    use_mdc = cfx->dek->use_mdc;
+
     if( blocksize != 8 )
-	use_mdc = 1;  /* enable it for all modern ciphers */
-    if( opt.rfc2440 )
+	use_mdc = 1;  /* Hack: enable it for all modern ciphers */
+    /* Note: We should remove this hack as soon as a reasonable number of keys
+       are carrying the MDC flag.  But always keep the hack for conventional
+       encryption */
+
+    if (opt.force_mdc)
+        use_mdc = 1;
+        
+    if( opt.rfc2440 || opt.rfc1991 || opt.disable_mdc )
 	use_mdc = 0;  /* override - rfc2440 does not know about MDC */
 
     memset( &ed, 0, sizeof ed );
     ed.len = cfx->datalen;
+    ed.extralen = blocksize+2;
     ed.new_ctb = !ed.len && !opt.rfc1991;
     if( use_mdc ) {
-	ed.mdc_method = GCRY_MD_SHA1;
-	cfx->mdc_hash = gcry_md_open( GCRY_MD_SHA1, 0 );
-	if( !cfx->mdc_hash )
-	    BUG();
+	ed.mdc_method = DIGEST_ALGO_SHA1;
+	cfx->mdc_hash = md_open( DIGEST_ALGO_SHA1, 0 );
 	if ( DBG_HASHING )
-	    gcry_md_start_debug( cfx->mdc_hash, "creatmdc" );
+	    md_start_debug( cfx->mdc_hash, "creatmdc" );
+    }
+
+    {
+        char buf[20];
+        
+        sprintf (buf, "%d %d", ed.mdc_method, cfx->dek->algo);
+        write_status_text (STATUS_BEGIN_ENCRYPTION, buf);
     }
+
     init_packet( &pkt );
     pkt.pkttype = use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
     pkt.pkt.encrypted = &ed;
     if( build_packet( a, &pkt ))
 	log_bug("build_packet(ENCR_DATA) failed\n");
     nprefix = blocksize;
-    gcry_randomize( temp, nprefix, GCRY_STRONG_RANDOM );
+    randomize_buffer( temp, nprefix, 1 );
     temp[nprefix] = temp[nprefix-2];
     temp[nprefix+1] = temp[nprefix-1];
     print_cipher_algo_note( cfx->dek->algo );
-    if( !(cfx->cipher_hd = gcry_cipher_open( cfx->dek->algo,
-				       GCRY_CIPHER_MODE_CFB,
-				       GCRY_CIPHER_SECURE
-				       | ((use_mdc || cfx->dek->algo >= 100) ?
-					     0 : GCRY_CIPHER_ENABLE_SYNC)))
-				     ) {
-	/* we should never get an error here cause we already checked, that
-	 * the algorithm is available. */
-	BUG();
-    }
-
-
+    cfx->cipher_hd = cipher_open( cfx->dek->algo,
+				  use_mdc? CIPHER_MODE_CFB
+					 : CIPHER_MODE_AUTO_CFB, 1 );
 /*   log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/
-    rc = gcry_cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
-    if( !rc )
-	rc = gcry_cipher_setiv( cfx->cipher_hd, NULL, 0 );
-    if( rc )
-	log_fatal("set key or IV failed: %s\n", gcry_strerror(rc) );
+    cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
+    cipher_setiv( cfx->cipher_hd, NULL, 0 );
 /*  log_hexdump( "prefix", temp, nprefix+2 ); */
-    if( cfx->mdc_hash )
-	gcry_md_write( cfx->mdc_hash, temp, nprefix+2 );
-    rc = gcry_cipher_encrypt( cfx->cipher_hd, temp, nprefix+2, NULL, 0 );
-    if( !rc )
-	rc = gcry_cipher_sync( cfx->cipher_hd );
-    if( rc )
-	log_fatal("encrypt failed: %s\n", gcry_strerror(rc) );
+    if( cfx->mdc_hash ) /* hash the "IV" */
+	md_write( cfx->mdc_hash, temp, nprefix+2 );
+    cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2);
+    cipher_sync( cfx->cipher_hd );
     iobuf_write(a, temp, nprefix+2);
     cfx->header=1;
-
 }
 
 
@@ -129,46 +129,39 @@ cipher_filter( void *opaque, int control,
     else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */
 	assert(a);
 	if( !cfx->header ) {
-	    write_status( STATUS_BEGIN_ENCRYPTION );
 	    write_header( cfx, a );
 	}
 	if( cfx->mdc_hash )
-	    gcry_md_write( cfx->mdc_hash, buf, size );
-	rc = gcry_cipher_encrypt( cfx->cipher_hd, buf, size, NULL, 0);
-	if( rc )
-	    log_fatal("encrypt failed: %s\n", gcry_strerror(rc) );
+	    md_write( cfx->mdc_hash, buf, size );
+	cipher_encrypt( cfx->cipher_hd, buf, buf, size);
 	if( iobuf_write( a, buf, size ) )
-	    rc = GPGERR_WRITE_FILE;
+	    rc = G10ERR_WRITE_FILE;
     }
     else if( control == IOBUFCTRL_FREE ) {
 	if( cfx->mdc_hash ) {
 	    byte *hash;
-	    int hashlen = gcry_md_get_algo_dlen( gcry_md_get_algo( cfx->mdc_hash ) );
+	    int hashlen = md_digest_length( md_get_algo( cfx->mdc_hash ) );
 	    byte temp[22];
 
 	    assert( hashlen == 20 );
 	    /* we must hash the prefix of the MDC packet here */
 	    temp[0] = 0xd3;
 	    temp[1] = 0x14;
-	    gcry_md_putc( cfx->mdc_hash, temp[0] );
-	    gcry_md_putc( cfx->mdc_hash, temp[1] );
+	    md_putc( cfx->mdc_hash, temp[0] );
+	    md_putc( cfx->mdc_hash, temp[1] );
 
-	    hash = gcry_md_read( cfx->mdc_hash, 0 );
+	    md_final( cfx->mdc_hash );
+	    hash = md_read( cfx->mdc_hash, 0 );
 	    memcpy(temp+2, hash, 20);
-	    rc = gcry_cipher_encrypt( cfx->cipher_hd, temp, 22, NULL, 0 );
-	    if( rc )
-		log_fatal("encrypt failed: %s\n", gcry_strerror(rc) );
-	    gcry_md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
+	    cipher_encrypt( cfx->cipher_hd, temp, temp, 22 );
+	    md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
 	    if( iobuf_write( a, temp, 22 ) )
 		log_error("writing MDC packet failed\n" );
 	}
-	gcry_cipher_close(cfx->cipher_hd);
-	write_status( STATUS_END_ENCRYPTION );
+	cipher_close(cfx->cipher_hd);
     }
     else if( control == IOBUFCTRL_DESC ) {
 	*(char**)buf = "cipher_filter";
     }
     return rc;
 }
-
-
diff --git a/g10/comment.c b/g10/comment.c
index b1732a29f..6d27e481b 100644
--- a/g10/comment.c
+++ b/g10/comment.c
@@ -1,5 +1,5 @@
 /* comment.c - write comment stuff
- *	Copyright (C) 1998, 2000 Free Software Foundation, Inc.
+ *	Copyright (C) 1998 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -29,7 +29,7 @@
 #include "packet.h"
 #include "errors.h"
 #include "iobuf.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "keydb.h"
@@ -45,41 +45,59 @@ write_comment( IOBUF out, const char *s )
 
     pkt.pkttype = PKT_COMMENT;
     if( *s != '#' ) {
-       pkt.pkt.comment = gcry_xmalloc( sizeof *pkt.pkt.comment + n );
+       pkt.pkt.comment = m_alloc( sizeof *pkt.pkt.comment + n );
        pkt.pkt.comment->len = n+1;
        *pkt.pkt.comment->data = '#';
        strcpy(pkt.pkt.comment->data+1, s);
     }
     else {
-       pkt.pkt.comment = gcry_xmalloc( sizeof *pkt.pkt.comment + n - 1 );
+       pkt.pkt.comment = m_alloc( sizeof *pkt.pkt.comment + n - 1 );
        pkt.pkt.comment->len = n;
        strcpy(pkt.pkt.comment->data, s);
     }
     if( (rc = build_packet( out, &pkt )) )
-	log_error("build_packet(comment) failed: %s\n", gpg_errstr(rc) );
+	log_error("build_packet(comment) failed: %s\n", g10_errstr(rc) );
     free_packet( &pkt );
     return rc;
 }
 
 
 KBNODE
-make_comment_node_from_buffer( const char *s, size_t n )
+make_comment_node( const char *s )
 {
     PACKET *pkt;
+    size_t n = strlen(s);
 
-    pkt = gcry_xcalloc( 1, sizeof *pkt );
+    pkt = m_alloc_clear( sizeof *pkt );
     pkt->pkttype = PKT_COMMENT;
-    pkt->pkt.comment = gcry_xmalloc( sizeof *pkt->pkt.comment + n - 1 );
+    pkt->pkt.comment = m_alloc( sizeof *pkt->pkt.comment + n - 1 );
     pkt->pkt.comment->len = n;
     strcpy(pkt->pkt.comment->data, s);
     return new_kbnode( pkt );
 }
 
+
 KBNODE
-make_comment_node( const char *s )
+make_mpi_comment_node( const char *s, MPI a )
 {
-    return make_comment_node_from_buffer ( s, strlen (s) );
-}
+    PACKET *pkt;
+    byte *buf, *p, *pp;
+    unsigned n1, nb1;
+    size_t n = strlen(s);
 
+    nb1 = mpi_get_nbits( a );
+    p = buf = mpi_get_buffer( a, &n1, NULL );
+    pkt = m_alloc_clear( sizeof *pkt );
+    pkt->pkttype = PKT_COMMENT;
+    pkt->pkt.comment = m_alloc( sizeof *pkt->pkt.comment + n + 2 + n1 );
+    pkt->pkt.comment->len = n+1+2+n1;
+    pp = pkt->pkt.comment->data;
+    memcpy(pp, s, n+1);
+    pp[n+1] = nb1 >> 8;
+    pp[n+2] = nb1 ;
+    memcpy(pp+n+3, p, n1 );
+    m_free(buf);
+    return new_kbnode( pkt );
+}
 
 
diff --git a/g10/compress.c b/g10/compress.c
index 2666e9051..6d85e0181 100644
--- a/g10/compress.c
+++ b/g10/compress.c
@@ -1,5 +1,5 @@
 /* compress.c - compress filter
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -27,10 +27,11 @@
 #include <errno.h>
 #include <zlib.h>
 
-#include <gcrypt.h>
 #include "util.h"
+#include "memory.h"
 #include "packet.h"
 #include "filter.h"
+#include "main.h"
 #include "options.h"
 
 
@@ -63,7 +64,7 @@ init_compress( compress_filter_context_t *zfx, z_stream *zs )
     }
 
     zfx->outbufsize = 8192;
-    zfx->outbuf = gcry_xmalloc( zfx->outbufsize );
+    zfx->outbuf = m_alloc( zfx->outbufsize );
 }
 
 static int
@@ -73,7 +74,11 @@ do_compress( compress_filter_context_t *zfx, z_stream *zs, int flush, IOBUF a )
     unsigned n;
 
     do {
+#ifndef __riscos__
 	zs->next_out = zfx->outbuf;
+#else /* __riscos__ */
+	zs->next_out = (Bytef *) zfx->outbuf;
+#endif /* __riscos__ */
 	zs->avail_out = zfx->outbufsize;
 	if( DBG_FILTER )
 	    log_debug("enter deflate: avail_in=%u, avail_out=%u, flush=%d\n",
@@ -96,7 +101,7 @@ do_compress( compress_filter_context_t *zfx, z_stream *zs, int flush, IOBUF a )
 
 	if( iobuf_write( a, zfx->outbuf, n ) ) {
 	    log_debug("deflate: iobuf_write failed\n");
-	    return GPGERR_WRITE_FILE;
+	    return G10ERR_WRITE_FILE;
 	}
     } while( zs->avail_in || (flush == Z_FINISH && zrc != Z_STREAM_END) );
     return 0;
@@ -121,7 +126,7 @@ init_uncompress( compress_filter_context_t *zfx, z_stream *zs )
     }
 
     zfx->inbufsize = 2048;
-    zfx->inbuf = gcry_xmalloc( zfx->inbufsize );
+    zfx->inbuf = m_alloc( zfx->inbufsize );
     zs->avail_in = 0;
 }
 
@@ -143,7 +148,11 @@ do_uncompress( compress_filter_context_t *zfx, z_stream *zs,
 	if( zs->avail_in < zfx->inbufsize && refill ) {
 	    n = zs->avail_in;
 	    if( !n )
+#ifndef __riscos__
 		zs->next_in = zfx->inbuf;
+#else /* __riscos__ */
+		zs->next_in = (Bytef *) zfx->inbuf;
+#endif /* __riscos__ */
 	    count = zfx->inbufsize - n;
 	    nread = iobuf_read( a, zfx->inbuf + n, count );
 	    if( nread == -1 ) nread = 0;
@@ -196,12 +205,16 @@ compress_filter( void *opaque, int control,
 
     if( control == IOBUFCTRL_UNDERFLOW ) {
 	if( !zfx->status ) {
-	    zs = zfx->opaque = gcry_xcalloc( 1, sizeof *zs );
+	    zs = zfx->opaque = m_alloc_clear( sizeof *zs );
 	    init_uncompress( zfx, zs );
 	    zfx->status = 1;
 	}
 
+#ifndef __riscos__
 	zs->next_out = buf;
+#else /* __riscos__ */
+	zs->next_out = (Bytef *) buf;
+#endif /* __riscos__ */
 	zs->avail_out = size;
 	zfx->outbufsize = size; /* needed only for calculation */
 	rc = do_uncompress( zfx, zs, a, ret_len );
@@ -212,7 +225,9 @@ compress_filter( void *opaque, int control,
 	    PKT_compressed cd;
 
 	    if( !zfx->algo )
-		zfx->algo = opt.def_compress_algo;
+	        zfx->algo = DEFAULT_COMPRESS_ALGO;
+	    if( zfx->algo != 1 && zfx->algo != 2 )
+	      BUG();
 	    memset( &cd, 0, sizeof cd );
 	    cd.len = 0;
 	    cd.algorithm = zfx->algo;
@@ -221,37 +236,54 @@ compress_filter( void *opaque, int control,
 	    pkt.pkt.compressed = &cd;
 	    if( build_packet( a, &pkt ))
 		log_bug("build_packet(PKT_COMPRESSED) failed\n");
-	    zs = zfx->opaque = gcry_xcalloc( 1, sizeof *zs );
+	    zs = zfx->opaque = m_alloc_clear( sizeof *zs );
 	    init_compress( zfx, zs );
 	    zfx->status = 2;
 	}
 
+#ifndef __riscos__
 	zs->next_in = buf;
+#else /* __riscos__ */
+	zs->next_in = (Bytef *) buf;
+#endif /* __riscos__ */
 	zs->avail_in = size;
 	rc = do_compress( zfx, zs, Z_NO_FLUSH, a );
     }
     else if( control == IOBUFCTRL_FREE ) {
 	if( zfx->status == 1 ) {
 	    inflateEnd(zs);
-	    gcry_free(zs);
+	    m_free(zs);
 	    zfx->opaque = NULL;
-	    gcry_free(zfx->outbuf); zfx->outbuf = NULL;
+	    m_free(zfx->outbuf); zfx->outbuf = NULL;
 	}
 	else if( zfx->status == 2 ) {
+#ifndef __riscos__
 	    zs->next_in = buf;
+#else /* __riscos__ */
+	    zs->next_in = (Bytef *) buf;
+#endif /* __riscos__ */
 	    zs->avail_in = 0;
 	    do_compress( zfx, zs, Z_FINISH, a );
 	    deflateEnd(zs);
-	    gcry_free(zs);
+	    m_free(zs);
 	    zfx->opaque = NULL;
-	    gcry_free(zfx->outbuf); zfx->outbuf = NULL;
+	    m_free(zfx->outbuf); zfx->outbuf = NULL;
 	}
+        if (zfx->release)
+          zfx->release (zfx);
     }
     else if( control == IOBUFCTRL_DESC )
 	*(char**)buf = "compress_filter";
     return rc;
 }
 
+
+static void
+release_context (compress_filter_context_t *ctx)
+{
+  m_free (ctx);
+}
+
 /****************
  * Handle a compressed packet
  */
@@ -259,26 +291,19 @@ int
 handle_compressed( void *procctx, PKT_compressed *cd,
 		   int (*callback)(IOBUF, void *), void *passthru )
 {
-    compress_filter_context_t cfx;
+    compress_filter_context_t *cfx;
     int rc;
 
-    memset( &cfx, 0, sizeof cfx );
     if( cd->algorithm < 1 || cd->algorithm > 2	)
-	return GPGERR_COMPR_ALGO;
-    cfx.algo = cd->algorithm;
-
-    iobuf_push_filter( cd->buf, compress_filter, &cfx );
+	return G10ERR_COMPR_ALGO;
+    cfx = m_alloc_clear (sizeof *cfx);
+    cfx->algo = cd->algorithm;
+    cfx->release = release_context;
+    iobuf_push_filter( cd->buf, compress_filter, cfx );
     if( callback )
 	rc = callback(cd->buf, passthru );
     else
 	rc = proc_packets(procctx, cd->buf);
-  #if 0
-    iobuf_pop_filter( cd->buf, compress_filter, &cfx );
-    if( cd->len )
-	iobuf_set_limit( cd->buf, 0 ); /* disable the readlimit */
-    else
-	iobuf_clear_eof( cd->buf );
-  #endif
     cd->buf = NULL;
     return rc;
 }
diff --git a/g10/dearmor.c b/g10/dearmor.c
index 937961e7f..4ec8fa012 100644
--- a/g10/dearmor.c
+++ b/g10/dearmor.c
@@ -1,5 +1,5 @@
 /* dearmor.c - Armor utility
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,9 +25,9 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "errors.h"
 #include "iobuf.h"
+#include "memory.h"
 #include "util.h"
 #include "filter.h"
 #include "packet.h"
@@ -52,7 +52,7 @@ dearmor_file( const char *fname )
     if( !(inp = iobuf_open(fname)) ) {
 	log_error("can't open %s: %s\n", fname? fname: "[stdin]",
 					strerror(errno) );
-	rc = GPGERR_OPEN_FILE;
+	rc = G10ERR_OPEN_FILE;
 	goto leave;
     }
 
@@ -94,7 +94,7 @@ enarmor_file( const char *fname )
     if( !(inp = iobuf_open(fname)) ) {
 	log_error("can't open %s: %s\n", fname? fname: "[stdin]",
 					strerror(errno) );
-	rc = GPGERR_OPEN_FILE;
+	rc = G10ERR_OPEN_FILE;
 	goto leave;
     }
 
diff --git a/g10/decrypt.c b/g10/decrypt.c
index 981275602..297ee3418 100644
--- a/g10/decrypt.c
+++ b/g10/decrypt.c
@@ -1,5 +1,5 @@
 /* decrypt.c - verify signed data
- *	Copyright (C) 1998, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,14 +25,15 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "options.h"
 #include "packet.h"
 #include "errors.h"
 #include "iobuf.h"
 #include "keydb.h"
+#include "memory.h"
 #include "util.h"
 #include "main.h"
+#include "status.h"
 #include "i18n.h"
 
 
@@ -57,7 +58,7 @@ decrypt_message( const char *filename )
     fp = iobuf_open(filename);
     if( !fp ) {
 	log_error(_("can't open `%s'\n"), print_fname_stdin(filename));
-	return GPGERR_OPEN_FILE;
+	return G10ERR_OPEN_FILE;
     }
 
     if( !opt.no_armor ) {
@@ -78,5 +79,60 @@ decrypt_message( const char *filename )
     return rc;
 }
 
+void
+decrypt_messages(int nfiles, char **files)
+{
+  IOBUF fp;
+  armor_filter_context_t afx;  
+  char *p, *output = NULL;
+  int rc = 0;
+  
+  if (opt.outfile)
+    {
+      log_error(_("--output doesn't work for this command\n"));
+      return;
+        
+    }
+
+  while (nfiles--)
+    {
+      print_file_status(STATUS_FILE_START, *files, 3);      
+      output = make_outfile_name(*files);
+      if (!output)
+        continue;
+      fp = iobuf_open(*files);
+      if (!fp)
+        {
+          log_error(_("can't open `%s'\n"), print_fname_stdin(*files));
+          continue;
+        }
+      if (!opt.no_armor)
+        {
+          if (use_armor_filter(fp))
+            {
+              memset(&afx, 0, sizeof afx);
+              iobuf_push_filter(fp, armor_filter, &afx);
+            }
+        }
+      rc = proc_packets(NULL, fp);
+      iobuf_close(fp);
+      if (rc)
+        log_error("%s: decryption failed: %s\n", print_fname_stdin(*files),
+                  g10_errstr(rc));
+      p = get_last_passphrase();
+      set_next_passphrase(p);
+      m_free (p);
+      files++;
+      m_free(output);
+      write_status( STATUS_FILE_DONE );
+    }
+  set_next_passphrase(NULL);  
+}
+
+
+
+
+
+
 
 
diff --git a/g10/delkey.c b/g10/delkey.c
index f4bfd01e4..f9d882113 100644
--- a/g10/delkey.c
+++ b/g10/delkey.c
@@ -1,5 +1,5 @@
 /* delkey.c - delete keys
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -31,7 +31,7 @@
 #include "errors.h"
 #include "iobuf.h"
 #include "keydb.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "trustdb.h"
@@ -43,34 +43,46 @@
 
 /****************
  * Delete a public or secret key from a keyring.
+ * r_sec_avail will be set if a secret key is available and the public
+ * key can't be deleted for that reason.
  */
-int
-delete_key( const char *username, int secret )
+static int
+do_delete_key( const char *username, int secret, int *r_sec_avail )
 {
     int rc = 0;
     KBNODE keyblock = NULL;
     KBNODE node;
-    KBPOS kbpos;
+    KEYDB_HANDLE hd = keydb_new (secret);
     PKT_public_key *pk = NULL;
     PKT_secret_key *sk = NULL;
     u32 keyid[2];
     int okay=0;
     int yes;
+    KEYDB_SEARCH_DESC desc;
+
+    *r_sec_avail = 0;
 
     /* search the userid */
-    rc = secret? find_secret_keyblock_byname( &keyblock, username )
-	       : find_keyblock_byname( &keyblock, username );
-    if( rc ) {
-	log_error(_("%s: user not found: %s\n"), username, gpg_errstr(rc) );
+    classify_user_id (username, &desc);
+    rc = desc.mode? keydb_search (hd, &desc, 1):G10ERR_INV_USER_ID;
+    if (rc) {
+	log_error (_("key `%s' not found: %s\n"), username, g10_errstr (rc));
 	write_status_text( STATUS_DELETE_PROBLEM, "1" );
 	goto leave;
     }
 
+    /* read the keyblock */
+    rc = keydb_get_keyblock (hd, &keyblock );
+    if (rc) {
+	log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
+	goto leave;
+    }
+
     /* get the keyid from the keyblock */
     node = find_kbnode( keyblock, secret? PKT_SECRET_KEY:PKT_PUBLIC_KEY );
     if( !node ) {
 	log_error("Oops; key not found anymore!\n");
-	rc = GPGERR_GENERAL;
+	rc = G10ERR_GENERAL;
 	goto leave;
     }
 
@@ -83,15 +95,12 @@ delete_key( const char *username, int secret )
 	keyid_from_pk( pk, keyid );
 	rc = seckey_available( keyid );
 	if( !rc ) {
-	    log_error(_(
-	    "there is a secret key for this public key!\n"));
-	    log_info(_(
-	    "use option \"--delete-secret-key\" to delete it first.\n"));
-	    write_status_text( STATUS_DELETE_PROBLEM, "2" );
-	    rc = -1;
+            *r_sec_avail = 1;
+            rc = -1;
+            goto leave;
 	}
-	else if( rc != GPGERR_NO_SECKEY ) {
-	    log_error("%s: get secret key: %s\n", username, gpg_errstr(rc) );
+	else if( rc != G10ERR_NO_SECKEY ) {
+	    log_error("%s: get secret key: %s\n", username, g10_errstr(rc) );
 	}
 	else
 	    rc = 0;
@@ -113,15 +122,15 @@ delete_key( const char *username, int secret )
 	    tty_printf("sec  %4u%c/%08lX %s   ",
 		      nbits_from_sk( sk ),
 		      pubkey_letter( sk->pubkey_algo ),
-		      keyid[1], datestr_from_sk(sk) );
+		      (ulong)keyid[1], datestr_from_sk(sk) );
 	else
 	    tty_printf("pub  %4u%c/%08lX %s   ",
 		      nbits_from_pk( pk ),
 		      pubkey_letter( pk->pubkey_algo ),
-		      keyid[1], datestr_from_pk(pk) );
+		      (ulong)keyid[1], datestr_from_pk(pk) );
 	p = get_user_id( keyid, &n );
 	tty_print_utf8_string( p, n );
-	gcry_free(p);
+	m_free(p);
 	tty_printf("\n\n");
 
 	yes = cpr_get_answer_is_yes( secret? "delete_key.secret.okay"
@@ -142,16 +151,59 @@ delete_key( const char *username, int secret )
 
 
     if( okay ) {
-      #warning MUST FIX THIS!!!
-	rc = delete_keyblock( &kbpos );
-	if( rc ) {
-	    log_error("delete_keyblock failed: %s\n", gpg_errstr(rc) );
+	rc = keydb_delete_keyblock (hd);
+	if (rc) {
+	    log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) );
 	    goto leave;
 	}
+
+	/* Note that the ownertrust being cleared will trigger a
+           revalidation_mark().  This makes sense - only deleting keys
+           that have ownertrust set should trigger this. */
+
+        if (!secret && pk && clear_ownertrust (pk)) {
+          if (opt.verbose)
+            log_info (_("ownertrust information cleared\n"));
+        }
     }
 
   leave:
-    release_kbnode( keyblock );
+    keydb_release (hd);
+    release_kbnode (keyblock);
     return rc;
 }
 
+/****************
+ * Delete a public or secret key from a keyring.
+ */
+int
+delete_keys( STRLIST names, int secret, int allow_both )
+{
+    int rc, avail;
+
+    for(;names;names=names->next) {
+       rc = do_delete_key (names->d, secret, &avail );
+       if ( rc && avail ) { 
+	 if ( allow_both ) {
+	   rc = do_delete_key (names->d, 1, &avail );
+	   if ( !rc )
+	     rc = do_delete_key (names->d, 0, &avail );
+	 }
+	 else {
+	   log_error(_(
+	      "there is a secret key for public key \"%s\"!\n"),names->d);
+	   log_info(_(
+	      "use option \"--delete-secret-keys\" to delete it first.\n"));
+	   write_status_text( STATUS_DELETE_PROBLEM, "2" );
+	   return rc;
+	 }
+       }
+
+       if(rc) {
+	 log_error("%s: delete key failed: %s\n", names->d, g10_errstr(rc) );
+	 return rc;
+       }
+    }
+
+    return 0;
+}
diff --git a/g10/encode.c b/g10/encode.c
index f033c76ae..80a9039ec 100644
--- a/g10/encode.c
+++ b/g10/encode.c
@@ -1,5 +1,5 @@
 /* encode.c - encode data
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -30,69 +30,18 @@
 #include "errors.h"
 #include "iobuf.h"
 #include "keydb.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "filter.h"
 #include "trustdb.h"
 #include "i18n.h"
+#include "status.h"
 
-
-static int encode_simple( const char *filename, int mode );
+static int encode_simple( const char *filename, int mode, int compat );
 static int write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out );
 
 
-/****************
- * Emulate our old PK interface here - sometime in the future we might
- * change the internal design to directly fit to libgcrypt.
- */
-static int
-pk_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
-{
-    GCRY_SEXP s_ciph, s_data, s_pkey;
-    int rc;
-
-    /* make a sexp from pkey */
-    if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
-	rc = gcry_sexp_build ( &s_pkey, NULL,
-			      "(public-key(elg(p%m)(g%m)(y%m)))",
-				  pkey[0], pkey[1], pkey[2] );
-    }
-    else
-	return GPGERR_PUBKEY_ALGO;
-
-    if ( rc )
-	BUG ();
-
-    /* put the data into a simple list */
-    if ( gcry_sexp_build( &s_data, NULL, "%m", data ) )
-	BUG ();
-
-    /* pass it to libgcrypt */
-    rc = gcry_pk_encrypt( &s_ciph, s_data, s_pkey );
-    gcry_sexp_release( s_data );
-    gcry_sexp_release( s_pkey );
-
-    if( rc )
-	;
-    else { /* add better error handling or make gnupg use S-Exp directly */
-	GCRY_SEXP list = gcry_sexp_find_token( s_ciph, "a" , 0 );
-	assert( list );
-	resarr[0] = gcry_sexp_nth_mpi( list, 1, 0 );
-	assert( resarr[0] );
-	gcry_sexp_release ( list );
-
-	list = gcry_sexp_find_token( s_ciph, "b" , 0 );
-	assert( list );
-	resarr[1] = gcry_sexp_nth_mpi( list, 1, 0 );
-	assert( resarr[1] );
-	gcry_sexp_release ( list );
-    }
-
-    gcry_sexp_release( s_ciph );
-    return rc;
-}
-
 
 /****************
  * Encode FILENAME with only the symmetric cipher.  Take input from
@@ -101,7 +50,11 @@ pk_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
 int
 encode_symmetric( const char *filename )
 {
-    return encode_simple( filename, 1 );
+    int compat = 1;
+    
+    if ( opt.expert )
+        compat = 0; /* PGP knows how to handle this mode. */
+    return encode_simple( filename, 1, compat );
 }
 
 /****************
@@ -111,19 +64,49 @@ encode_symmetric( const char *filename )
 int
 encode_store( const char *filename )
 {
-    return encode_simple( filename, 0 );
+    return encode_simple( filename, 0, 1 );
 }
 
-
+static void
+encode_sesskey( DEK *dek, DEK **ret_dek, byte *enckey )
+{
+    CIPHER_HANDLE hd;
+    DEK *c;
+    byte buf[33];
+
+    assert ( dek->keylen < 32 );
+    
+    c = m_alloc_clear( sizeof *c );
+    c->keylen = dek->keylen;
+    c->algo = dek->algo;
+    make_session_key( c );
+    /*log_hexdump( "thekey", c->key, c->keylen );*/
+
+    buf[0] = c->algo;
+    memcpy( buf + 1, c->key, c->keylen );
+    
+    hd = cipher_open( dek->algo, CIPHER_MODE_CFB, 1 );
+    cipher_setkey( hd, dek->key, dek->keylen );
+    cipher_setiv( hd, NULL, 0 );
+    cipher_encrypt( hd, buf, buf, c->keylen + 1 );
+    cipher_close( hd );
+
+    memcpy( enckey, buf, c->keylen + 1 );
+    memset( buf, 0, sizeof buf ); /* burn key */
+    *ret_dek = c;
+}
 
 static int
-encode_simple( const char *filename, int mode )
+encode_simple( const char *filename, int mode, int compat )
 {
     IOBUF inp, out;
     PACKET pkt;
+    DEK *dek = NULL;
     PKT_plaintext *pt = NULL;
     STRING2KEY *s2k = NULL;
+    byte enckey[33];
     int rc = 0;
+    int seskeylen = 0;
     u32 filesize;
     cipher_filter_context_t cfx;
     armor_filter_context_t afx;
@@ -136,40 +119,62 @@ encode_simple( const char *filename, int mode )
     memset( &zfx, 0, sizeof zfx);
     memset( &tfx, 0, sizeof tfx);
     init_packet(&pkt);
+    
+    if (opt.compress == -1 && is_file_compressed(filename, &rc))
+      {
+        if (opt.verbose)
+          log_info(_("`%s' already compressed\n"), filename);
+        do_compress = 0;        
+      }
+    if (rc)
+        return rc;
 
     /* prepare iobufs */
     if( !(inp = iobuf_open(filename)) ) {
 	log_error(_("%s: can't open: %s\n"), filename? filename: "[stdin]",
 					strerror(errno) );
-	return GPGERR_OPEN_FILE;
+	return G10ERR_OPEN_FILE;
     }
 
     if( opt.textmode )
 	iobuf_push_filter( inp, text_filter, &tfx );
 
+    /* Due the the fact that we use don't use an IV to encrypt the
+       session key we can't use the new mode with RFC1991 because
+       it has no S2K salt. RFC1991 always uses simple S2K. */
+    if ( opt.rfc1991 && !compat )
+        compat = 1;
+    
     cfx.dek = NULL;
     if( mode ) {
-	s2k = gcry_xcalloc( 1, sizeof *s2k );
+	s2k = m_alloc_clear( sizeof *s2k );
 	s2k->mode = opt.rfc1991? 0:opt.s2k_mode;
 	s2k->hash_algo = opt.def_digest_algo ? opt.def_digest_algo
 					     : opt.s2k_digest_algo;
 	cfx.dek = passphrase_to_dek( NULL, 0,
-		       opt.def_cipher_algo ? opt.def_cipher_algo
-					   : opt.s2k_cipher_algo , s2k, 2 );
+                  opt.def_cipher_algo ? opt.def_cipher_algo
+		                      : opt.s2k_cipher_algo , s2k, 2, NULL );
 	if( !cfx.dek || !cfx.dek->keylen ) {
-	    rc = GPGERR_PASSPHRASE;
-	    gcry_free(cfx.dek);
-	    gcry_free(s2k);
+	    rc = G10ERR_PASSPHRASE;
+	    m_free(cfx.dek);
+	    m_free(s2k);
 	    iobuf_close(inp);
-	    log_error(_("error creating passphrase: %s\n"), gpg_errstr(rc) );
+	    log_error(_("error creating passphrase: %s\n"), g10_errstr(rc) );
 	    return rc;
 	}
+        if ( !compat ) {            
+            seskeylen = cipher_get_keylen( opt.def_cipher_algo ?
+                                           opt.def_cipher_algo:
+                                           opt.s2k_cipher_algo ) / 8;
+            encode_sesskey( cfx.dek, &dek, enckey );
+            m_free( cfx.dek ); cfx.dek = dek;
+        }
     }
 
     if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) ) {
 	iobuf_cancel(inp);
-	gcry_free(cfx.dek);
-	gcry_free(s2k);
+	m_free(cfx.dek);
+	m_free(s2k);
 	return rc;
     }
 
@@ -184,15 +189,19 @@ encode_simple( const char *filename, int mode )
     }
   #endif
     if( s2k && !opt.rfc1991 ) {
-	PKT_symkey_enc *enc = gcry_xcalloc( 1, sizeof *enc );
+	PKT_symkey_enc *enc = m_alloc_clear( sizeof *enc + seskeylen + 1 );
 	enc->version = 4;
 	enc->cipher_algo = cfx.dek->algo;
 	enc->s2k = *s2k;
+        if ( !compat && seskeylen ) {
+            enc->seskeylen = seskeylen + 1; /* algo id */
+            memcpy( enc->seskey, enckey, seskeylen + 1 );
+        }
 	pkt.pkttype = PKT_SYMKEY_ENC;
 	pkt.pkt.symkey_enc = enc;
 	if( (rc = build_packet( out, &pkt )) )
-	    log_error("build symkey packet failed: %s\n", gpg_errstr(rc) );
-	gcry_free(enc);
+	    log_error("build symkey packet failed: %s\n", g10_errstr(rc) );
+	m_free(enc);
     }
 
     if (!opt.no_literal) {
@@ -200,30 +209,36 @@ encode_simple( const char *filename, int mode )
 	if( filename || opt.set_filename ) {
 	    char *s = make_basename( opt.set_filename ? opt.set_filename
 						      : filename );
-	    pt = gcry_xmalloc( sizeof *pt + strlen(s) - 1 );
+	    pt = m_alloc( sizeof *pt + strlen(s) - 1 );
 	    pt->namelen = strlen(s);
 	    memcpy(pt->name, s, pt->namelen );
-	    gcry_free(s);
+	    m_free(s);
 	}
 	else { /* no filename */
-	    pt = gcry_xmalloc( sizeof *pt - 1 );
+	    pt = m_alloc( sizeof *pt - 1 );
 	    pt->namelen = 0;
 	}
     }
 
-    /* pgp5 has problems to decrypt symmetrically encrypted data from
-     * GnuPG if the filelength is in the inner packet.	It works
-     * when only partial length headers are use.  Until we have
-     * tracked this problem down. We use this temporary fix
-     * (fixme: remove the && !mode )
-     */
-    if( filename && !opt.textmode && !mode ) {
+    /* Note that PGP 5 has problems decrypting symmetrically encrypted
+       data if the file length is in the inner packet. It works when
+       only partial length headers are use.  In the past, we always
+       used partial body length here, but since PGP 2, PGP 6, and PGP
+       7 need the file length, and nobody should be using PGP 5
+       nowadays anyway, this is now set to the file length.  Note also
+       that this only applies to the RFC-1991 style symmetric
+       messages, and not the RFC-2440 style.  PGP 6 and 7 work with
+       either partial length or fixed length with the new style
+       messages. */
+
+    if( filename && !opt.textmode ) {
 	if( !(filesize = iobuf_get_filelength(inp)) )
 	    log_info(_("%s: WARNING: empty file\n"), filename );
         /* we can't yet encode the length of very large files,
-         * so we switch to partial length encoding in this case */
+         * so we switch to partial lengthn encoding in this case */
         if ( filesize >= IOBUF_FILELENGTH_LIMIT )
             filesize = 0;
+
     }
     else
 	filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
@@ -239,7 +254,11 @@ encode_simple( const char *filename, int mode )
 	cfx.datalen = filesize && !do_compress ? calc_packet_length( &pkt ) : 0;
     }
     else
-	cfx.datalen = filesize && !do_compress ? filesize : 0;
+      {
+        cfx.datalen = filesize && !do_compress ? filesize : 0;
+        pkt.pkttype = 0;
+        pkt.pkt.generic = NULL;
+      }
 
     /* register the cipher filter */
     if( mode )
@@ -251,7 +270,7 @@ encode_simple( const char *filename, int mode )
     /* do the work */
     if (!opt.no_literal) {
 	if( (rc = build_packet( out, &pkt )) )
-	    log_error("build_packet failed: %s\n", gpg_errstr(rc) );
+	    log_error("build_packet failed: %s\n", g10_errstr(rc) );
     }
     else {
 	/* user requested not to create a literal packet,
@@ -260,8 +279,8 @@ encode_simple( const char *filename, int mode )
 	int  bytes_copied;
 	while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1)
 	    if (iobuf_write(out, copy_buffer, bytes_copied) == -1) {
-		rc = GPGERR_WRITE_FILE;
-		log_error("copying input to output failed: %s\n", gpg_errstr(rc) );
+		rc = G10ERR_WRITE_FILE;
+		log_error("copying input to output failed: %s\n", g10_errstr(rc) );
 		break;
 	    }
 	memset(copy_buffer, 0, 4096); /* burn buffer */
@@ -271,13 +290,16 @@ encode_simple( const char *filename, int mode )
     iobuf_close(inp);
     if (rc)
 	iobuf_cancel(out);
-    else
+    else {
 	iobuf_close(out); /* fixme: check returncode */
+        if (mode)
+            write_status( STATUS_END_ENCRYPTION );
+    }
     if (pt)
 	pt->buf = NULL;
     free_packet(&pkt);
-    gcry_free(cfx.dek);
-    gcry_free(s2k);
+    m_free(cfx.dek);
+    m_free(s2k);
     return rc;
 }
 
@@ -291,123 +313,203 @@ encode_crypt( const char *filename, STRLIST remusr )
     IOBUF inp = NULL, out = NULL;
     PACKET pkt;
     PKT_plaintext *pt = NULL;
-    int rc = 0;
+    int rc = 0, rc2 = 0;
     u32 filesize;
+    cipher_filter_context_t cfx;
     armor_filter_context_t afx;
     compress_filter_context_t zfx;
     text_filter_context_t tfx;
-    encrypt_filter_context_t efx;
-    PK_LIST pk_list;
+    PK_LIST pk_list,work_list;
     int do_compress = opt.compress && !opt.rfc1991;
 
+
+    memset( &cfx, 0, sizeof cfx);
     memset( &afx, 0, sizeof afx);
     memset( &zfx, 0, sizeof zfx);
     memset( &tfx, 0, sizeof tfx);
-    memset( &efx, 0, sizeof efx);
     init_packet(&pkt);
 
-    if( (rc=build_pk_list( remusr, &pk_list, GCRY_PK_USAGE_ENCR)) )
+    if( (rc=build_pk_list( remusr, &pk_list, PUBKEY_USAGE_ENC)) )
 	return rc;
 
+    if(opt.pgp2) {
+      for(work_list=pk_list; work_list; work_list=work_list->next)
+	if(!(is_RSA(work_list->pk->pubkey_algo) &&
+	     nbits_from_pk(work_list->pk)<=2048))
+	  {
+	    log_info(_("you can only encrypt to RSA keys of 2048 bits or "
+		       "less in --pgp2 mode\n"));
+	    log_info(_("this message may not be usable by PGP 2.x\n"));
+	    opt.pgp2=0;
+	    break;
+	  }
+    }
+
+    if (opt.compress == -1 && is_file_compressed(filename, &rc2))
+      {
+        if (opt.verbose)
+          log_info(_("`%s' already compressed\n"), filename);
+        do_compress = 0;        
+      }
+    if (rc2)
+      {
+        rc = rc2;
+        goto leave;
+      }
+    
     /* prepare iobufs */
     if( !(inp = iobuf_open(filename)) ) {
 	log_error(_("can't open %s: %s\n"), filename? filename: "[stdin]",
 					strerror(errno) );
-	rc = GPGERR_OPEN_FILE;
+	rc = G10ERR_OPEN_FILE;
 	goto leave;
     }
     else if( opt.verbose )
 	log_info(_("reading from `%s'\n"), filename? filename: "[stdin]");
 
-    /* If the user selected textmode, push the text filter onto the input */
     if( opt.textmode )
 	iobuf_push_filter( inp, text_filter, &tfx );
 
-    /* Now we can create the outputfile */
     if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) )
 	goto leave;
 
-    /* The first thing we have to push on the output stream
-     * is the armor filter */
+
     if( opt.armor )
 	iobuf_push_filter( out, armor_filter, &afx );
+  #ifdef ENABLE_COMMENT_PACKETS
+    else {
+	write_comment( out, "#created by GNUPG v" VERSION " ("
+					    PRINTABLE_OS_NAME ")");
+	if( opt.comment_string )
+	    write_comment( out, opt.comment_string );
+    }
+  #endif
+    /* create a session key */
+    cfx.dek = m_alloc_secure_clear (sizeof *cfx.dek);
+    if( !opt.def_cipher_algo ) { /* try to get it from the prefs */
+	cfx.dek->algo = select_algo_from_prefs(pk_list,PREFTYPE_SYM,-1,NULL);
+	/* The only way select_algo_from_prefs can fail here is when
+           mixing v3 and v4 keys, as v4 keys have an implicit
+           preference entry for 3DES, and the pk_list cannot be empty.
+           In this case, use 3DES anyway as it's the safest choice -
+           perhaps the v3 key is being used in an OpenPGP
+           implementation and we know that the implementation behind
+           any v4 key can handle 3DES. */
+	if( cfx.dek->algo == -1 ) {
+	    cfx.dek->algo = CIPHER_ALGO_3DES;
+
+	    if( opt.pgp2 ) {
+	      log_info(_("unable to use the IDEA cipher for all of the keys "
+			 "you are encrypting to.\n"));
+	      log_info(_("this message may not be usable by PGP 2.x\n"));
+	      opt.pgp2=0;
+	    }
+	}
+    }
+    else {
+      if(!opt.expert &&
+	 select_algo_from_prefs(pk_list,PREFTYPE_SYM,
+				opt.def_cipher_algo,NULL)!=opt.def_cipher_algo)
+	log_info(_("forcing symmetric cipher %s (%d) "
+		   "violates recipient preferences\n"),
+		 cipher_algo_to_string(opt.def_cipher_algo),
+		 opt.def_cipher_algo);
+
+      cfx.dek->algo = opt.def_cipher_algo;
+    }
+    cfx.dek->use_mdc = select_mdc_from_pklist (pk_list);
 
-    /* Prepare the plaintext packet */
-    {
-        if (!opt.no_literal) {
-            if( filename || opt.set_filename ) {
-                char *s = make_basename( opt.set_filename ?
-                                         opt.set_filename : filename );
-                pt = gcry_xmalloc( sizeof *pt + strlen(s) - 1 );
-                pt->namelen = strlen(s);
-                memcpy(pt->name, s, pt->namelen );
-                gcry_free(s);
-            }
-            else { /* no filename */
-                pt = gcry_xmalloc( sizeof *pt - 1 );
-                pt->namelen = 0;
-            }
-        }
-        
-        if( filename && !opt.textmode ) {
-            if( !(filesize = iobuf_get_filelength(inp)) )
-                log_info(_("%s: WARNING: empty file\n"), filename );
-            /* we can't yet encode the length of very large files,
-             * so we switch to partial lengthn encoding in this case */
-            if ( filesize >= IOBUF_FILELENGTH_LIMIT )
-                filesize = 0;
-        }
-        else
-            filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
-        
-        if (!opt.no_literal) {
-            pt->timestamp = make_timestamp();
-            pt->mode = opt.textmode ? 't' : 'b';
-            pt->len = filesize;
-            pt->new_ctb = !pt->len && !opt.rfc1991;
-            pt->buf = inp;
-            pkt.pkttype = PKT_PLAINTEXT;
-            pkt.pkt.plaintext = pt;
-            efx.cfx.datalen = filesize && !do_compress?
-                calc_packet_length( &pkt ) : 0;
-        }
-        else
-            efx.cfx.datalen = filesize && !do_compress ? filesize : 0;
-    }  /* end preparation of plaintext packet */
-        
-    /* push in the actual encryption filter */
-    efx.pk_list = pk_list;
-    iobuf_push_filter( out, encrypt_filter, &efx ); 
-
-    /* register the compress filter (so that it is done before encryption) */
+    make_session_key( cfx.dek );
+    if( DBG_CIPHER )
+	log_hexdump("DEK is: ", cfx.dek->key, cfx.dek->keylen );
+
+    rc = write_pubkey_enc_from_list( pk_list, cfx.dek, out );
+    if( rc  )
+	goto leave;
+
+    if (!opt.no_literal) {
+	/* setup the inner packet */
+	if( filename || opt.set_filename ) {
+	    char *s = make_basename( opt.set_filename ? opt.set_filename : filename );
+	    pt = m_alloc( sizeof *pt + strlen(s) - 1 );
+	    pt->namelen = strlen(s);
+	    memcpy(pt->name, s, pt->namelen );
+	    m_free(s);
+	}
+	else { /* no filename */
+	    pt = m_alloc( sizeof *pt - 1 );
+	    pt->namelen = 0;
+	}
+    }
+
+    if( filename && !opt.textmode ) {
+	if( !(filesize = iobuf_get_filelength(inp)) )
+	    log_info(_("%s: WARNING: empty file\n"), filename );
+        /* we can't yet encode the length of very large files,
+         * so we switch to partial length encoding in this case */
+        if ( filesize >= IOBUF_FILELENGTH_LIMIT )
+            filesize = 0;
+    }
+    else
+	filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
+
+    if (!opt.no_literal) {
+	pt->timestamp = make_timestamp();
+	pt->mode = opt.textmode ? 't' : 'b';
+	pt->len = filesize;
+	pt->new_ctb = !pt->len && !opt.rfc1991;
+	pt->buf = inp;
+	pkt.pkttype = PKT_PLAINTEXT;
+	pkt.pkt.plaintext = pt;
+	cfx.datalen = filesize && !do_compress? calc_packet_length( &pkt ) : 0;
+    }
+    else
+	cfx.datalen = filesize && !do_compress ? filesize : 0;
+
+    /* register the cipher filter */
+    iobuf_push_filter( out, cipher_filter, &cfx );
+
+    /* register the compress filter */
     if( do_compress ) {
-	int compr_algo = select_algo_from_prefs( pk_list, PREFTYPE_COMPR );
-	if( !compr_algo )
-	    ; /* don't use compression */
-	else {
-	    if( compr_algo == 1 )
-		zfx.algo = 1; /* default is 2 */
+	int compr_algo = opt.def_compress_algo;
+
+	if(compr_algo==-1)
+	  {
+	    if((compr_algo=
+		select_algo_from_prefs(pk_list,PREFTYPE_ZIP,-1,NULL))==-1)
+	      compr_algo=DEFAULT_COMPRESS_ALGO;
+	  }
+	else if(!opt.expert &&
+		select_algo_from_prefs(pk_list,PREFTYPE_ZIP,
+				       compr_algo,NULL)!=compr_algo)
+	  log_info(_("forcing compression algorithm %s (%d) "
+		     "violates recipient preferences\n"),
+		   compress_algo_to_string(compr_algo),compr_algo);
+
+	/* algo 0 means no compression */
+	if( compr_algo )
+	  {
+	    zfx.algo = compr_algo;
 	    iobuf_push_filter( out, compress_filter, &zfx );
-	}
+	  }
     }
 
     /* do the work */
     if (!opt.no_literal) {
 	if( (rc = build_packet( out, &pkt )) )
-	    log_error("build_packet failed: %s\n", gpg_errstr(rc) );
+	    log_error("build_packet failed: %s\n", g10_errstr(rc) );
     }
     else {
-	/* user requested not to create a literal packet,
-         * so we copy the plain data */
+	/* user requested not to create a literal packet, so we copy the plain data */
 	byte copy_buffer[4096];
 	int  bytes_copied;
 	while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1)
 	    if (iobuf_write(out, copy_buffer, bytes_copied) == -1) {
-		rc = GPGERR_WRITE_FILE;
-		log_error("copying input to output failed: %s\n", gpg_errstr(rc) );
+		rc = G10ERR_WRITE_FILE;
+		log_error("copying input to output failed: %s\n", g10_errstr(rc) );
 		break;
 	    }
-	memset(copy_buffer, 0, DIM(copy_buffer)); /* burn buffer */
+	memset(copy_buffer, 0, 4096); /* burn buffer */
     }
 
     /* finish the stuff */
@@ -415,13 +517,14 @@ encode_crypt( const char *filename, STRLIST remusr )
     iobuf_close(inp);
     if( rc )
 	iobuf_cancel(out);
-    else
+    else {
 	iobuf_close(out); /* fixme: check returncode */
+        write_status( STATUS_END_ENCRYPTION );
+    }
     if( pt )
 	pt->buf = NULL;
     free_packet(&pkt);
-    gcry_free(efx.cfx.dek); /* Hmmm, why does the encrypt filter does not 
-                             * take care about this? */
+    m_free(cfx.dek);
     release_pk_list( pk_list );
     return rc;
 }
@@ -430,7 +533,7 @@ encode_crypt( const char *filename, STRLIST remusr )
 
 
 /****************
- * Filter to handle the entire public key encryption.
+ * Filter to do a complete public key encryption.
  */
 int
 encrypt_filter( void *opaque, int control,
@@ -445,16 +548,32 @@ encrypt_filter( void *opaque, int control,
     }
     else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */
 	if( !efx->header_okay ) {
-	    efx->cfx.dek = gcry_xmalloc_secure( sizeof *efx->cfx.dek );
+	    efx->cfx.dek = m_alloc_secure_clear( sizeof *efx->cfx.dek );
 
 	    if( !opt.def_cipher_algo  ) { /* try to get it from the prefs */
 		efx->cfx.dek->algo =
-			  select_algo_from_prefs( efx->pk_list, PREFTYPE_SYM );
-		if( efx->cfx.dek->algo == -1 )
+		  select_algo_from_prefs(efx->pk_list,PREFTYPE_SYM,-1,NULL);
+		if( efx->cfx.dek->algo == -1 ) {
+                    /* because 3DES is implicitly in the prefs, this can only
+                     * happen if we do not have any public keys in the list */
 		    efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO;
+                }
+	    }
+	    else {
+	      if(!opt.expert &&
+		 select_algo_from_prefs(efx->pk_list,PREFTYPE_SYM,
+					opt.def_cipher_algo,
+					NULL)!=opt.def_cipher_algo)
+		log_info(_("forcing symmetric cipher %s (%d) "
+			   "violates recipient preferences\n"),
+			 cipher_algo_to_string(opt.def_cipher_algo),
+			 opt.def_cipher_algo);
+
+	      efx->cfx.dek->algo = opt.def_cipher_algo;
 	    }
-	    else
-		efx->cfx.dek->algo = opt.def_cipher_algo;
+
+            efx->cfx.dek->use_mdc = select_mdc_from_pklist (efx->pk_list);
+
 	    make_session_key( efx->cfx.dek );
 	    if( DBG_CIPHER )
 		log_hexdump("DEK is: ",
@@ -497,7 +616,7 @@ write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out )
 	pk = pk_list->pk;
 
 	print_pubkey_algo_note( pk->pubkey_algo );
-	enc = gcry_xcalloc( 1, sizeof *enc );
+	enc = m_alloc_clear( sizeof *enc );
 	enc->pubkey_algo = pk->pubkey_algo;
 	keyid_from_pk( pk, enc->keyid );
 	enc->throw_keyid = opt.throw_keyid;
@@ -517,17 +636,17 @@ write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out )
 	 */
 	frame = encode_session_key( dek, pubkey_nbits( pk->pubkey_algo,
 							  pk->pkey ) );
-	rc = pk_encrypt( pk->pubkey_algo, enc->data, frame, pk->pkey );
-	mpi_release( frame );
+	rc = pubkey_encrypt( pk->pubkey_algo, enc->data, frame, pk->pkey );
+	mpi_free( frame );
 	if( rc )
-	    log_error("pubkey_encrypt failed: %s\n", gpg_errstr(rc) );
+	    log_error("pubkey_encrypt failed: %s\n", g10_errstr(rc) );
 	else {
 	    if( opt.verbose ) {
 		char *ustr = get_user_id_string_native( enc->keyid );
 		log_info(_("%s/%s encrypted for: %s\n"),
-		    gcry_pk_algo_name(enc->pubkey_algo),
-		    gcry_cipher_algo_name(dek->algo), ustr );
-		gcry_free(ustr);
+		    pubkey_algo_to_string(enc->pubkey_algo),
+		    cipher_algo_to_string(dek->algo), ustr );
+		m_free(ustr);
 	    }
 	    /* and write it */
 	    init_packet(&pkt);
@@ -535,7 +654,7 @@ write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out )
 	    pkt.pkt.pubkey_enc = enc;
 	    rc = build_packet( out, &pkt );
 	    if( rc )
-	       log_error("build_packet(pubkey_enc) failed: %s\n", gpg_errstr(rc));
+	       log_error("build_packet(pubkey_enc) failed: %s\n", g10_errstr(rc));
 	}
 	free_pubkey_enc(enc);
 	if( rc )
@@ -544,3 +663,47 @@ write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out )
     return 0;
 }
 
+void
+encode_crypt_files(int nfiles, char **files, STRLIST remusr)
+{
+  int rc = 0;
+
+  if (opt.outfile)
+    {
+      log_error(_("--output doesn't work for this command\n"));
+      return;        
+    }
+    
+  if (!nfiles)
+    {
+      char line[2048];
+      unsigned int lno = 0;
+      while ( fgets(line, DIM(line), stdin) )
+        {
+          lno++;
+          if (!*line || line[strlen(line)-1] != '\n')
+            {
+              log_error("input line %u too long or missing LF\n", lno);
+              return;
+            }
+          line[strlen(line)-1] = '\0';
+          print_file_status(STATUS_FILE_START, line, 2);
+          if ( (rc = encode_crypt(line, remusr)) )
+            log_error("%s: encryption failed: %s\n",
+                      print_fname_stdin(line), g10_errstr(rc) );
+          write_status( STATUS_FILE_DONE );
+        }
+    }
+  else
+    {
+      while (nfiles--)
+        {
+          print_file_status(STATUS_FILE_START, *files, 2);
+          if ( (rc = encode_crypt(*files, remusr)) )
+            log_error("%s: encryption failed: %s\n",
+                      print_fname_stdin(*files), g10_errstr(rc) );
+          write_status( STATUS_FILE_DONE );
+          files++;
+        }
+    }
+}
diff --git a/g10/encr-data.c b/g10/encr-data.c
index 17d43e9d6..c8a8c85db 100644
--- a/g10/encr-data.c
+++ b/g10/encr-data.c
@@ -1,5 +1,5 @@
 /* encr-data.c -  process an encrypted data packet
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,10 +23,11 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-
-#include <gcrypt.h>
 #include "util.h"
+#include "memory.h"
 #include "packet.h"
+#include "mpi.h"
+#include "cipher.h"
 #include "options.h"
 #include "i18n.h"
 
@@ -37,8 +38,8 @@ static int decode_filter( void *opaque, int control, IOBUF a,
 					byte *buf, size_t *ret_len);
 
 typedef struct {
-    GCRY_CIPHER_HD cipher_hd;
-    GCRY_MD_HD mdc_hash;
+    CIPHER_HANDLE cipher_hd;
+    MD_HANDLE mdc_hash;
     char defer[20];
     int  defer_filled;
     int  eof_seen;
@@ -55,20 +56,21 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
     byte *p;
     int rc=0, c, i;
     byte temp[32];
-    unsigned int blocksize;
-    unsigned int nprefix;
+    unsigned blocksize;
+    unsigned nprefix;
 
     memset( &dfx, 0, sizeof dfx );
-    if( gcry_cipher_test_algo( dek->algo ) ) {
-	if( opt.verbose )
+    if( opt.verbose && !dek->algo_info_printed ) {
+	const char *s = cipher_algo_to_string( dek->algo );
+	if( s )
+	    log_info(_("%s encrypted data\n"), s );
+	else
 	    log_info(_("encrypted with unknown algorithm %d\n"), dek->algo );
-	rc = GPGERR_CIPHER_ALGO;
-	goto leave;
+        dek->algo_info_printed = 1;
     }
-    if( opt.verbose )
-	log_info(_("%s encrypted data\n"), gcry_cipher_algo_name( dek->algo ) );
-
-    blocksize = gcry_cipher_get_algo_blklen( dek->algo );
+    if( (rc=check_cipher_algo(dek->algo)) )
+	goto leave;
+    blocksize = cipher_get_blocksize(dek->algo);
     if( !blocksize || blocksize > 16 )
 	log_fatal("unsupported blocksize %u\n", blocksize );
     nprefix = blocksize;
@@ -76,36 +78,28 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 	BUG();
 
     if( ed->mdc_method ) {
-	dfx.mdc_hash = gcry_md_open( ed->mdc_method, 0 );
+	dfx.mdc_hash = md_open( ed->mdc_method, 0 );
 	if ( DBG_HASHING )
-	    gcry_md_start_debug(dfx.mdc_hash, "checkmdc");
+	    md_start_debug(dfx.mdc_hash, "checkmdc");
     }
-    if( !(dfx.cipher_hd = gcry_cipher_open( dek->algo,
-				      GCRY_CIPHER_MODE_CFB,
-				      GCRY_CIPHER_SECURE
-				      | ((ed->mdc_method || dek->algo >= 100)?
-					   0 : GCRY_CIPHER_ENABLE_SYNC) ))
-				    ) {
-	/* we should never get an error here cause we already checked, that
-	 * the algorithm is available. What about a flag to let the function
-	 * die in this case? */
-	BUG();
-    }
-
-
+    dfx.cipher_hd = cipher_open( dek->algo,
+				 ed->mdc_method? CIPHER_MODE_CFB
+					       : CIPHER_MODE_AUTO_CFB, 1 );
 /* log_hexdump( "thekey", dek->key, dek->keylen );*/
-    rc = gcry_cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
-    if( rc == GCRYERR_WEAK_KEY ) {
+    rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
+    if( rc == G10ERR_WEAK_KEY )
 	log_info(_("WARNING: message was encrypted with "
 		    "a weak key in the symmetric cipher.\n"));
-	rc = 0;
-    }
     else if( rc ) {
-	log_error("key setup failed: %s\n", gcry_strerror(rc) );
+	log_error("key setup failed: %s\n", g10_errstr(rc) );
 	goto leave;
     }
+    if (!ed->buf) {
+        log_error(_("problem handling encrypted packet\n"));
+        goto leave;
+    }
 
-    gcry_cipher_setiv( dfx.cipher_hd, NULL, 0 );
+    cipher_setiv( dfx.cipher_hd, NULL, 0 );
 
     if( ed->len ) {
 	for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) {
@@ -122,17 +116,17 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 	    else
 		temp[i] = c;
     }
-    gcry_cipher_decrypt( dfx.cipher_hd, temp, nprefix+2, NULL, 0 );
-    gcry_cipher_sync( dfx.cipher_hd );
+    cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2);
+    cipher_sync( dfx.cipher_hd );
     p = temp;
 /* log_hexdump( "prefix", temp, nprefix+2 ); */
     if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
-	rc = GPGERR_BAD_KEY;
+	rc = G10ERR_BAD_KEY;
 	goto leave;
     }
 
     if( dfx.mdc_hash )
-	gcry_md_write( dfx.mdc_hash, temp, nprefix+2 );
+	md_write( dfx.mdc_hash, temp, nprefix+2 );
 
     if( ed->mdc_method )
 	iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
@@ -142,21 +136,23 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
     proc_packets( procctx, ed->buf );
     ed->buf = NULL;
     if( ed->mdc_method && dfx.eof_seen == 2 )
-	rc = GPGERR_INVALID_PACKET;
+	rc = G10ERR_INVALID_PACKET;
     else if( ed->mdc_method ) { /* check the mdc */
-	int datalen = gcry_md_get_algo_dlen( ed->mdc_method );
+	int datalen = md_digest_length( ed->mdc_method );
 
-	gcry_cipher_decrypt( dfx.cipher_hd, dfx.defer, 20, NULL, 0);
+	cipher_decrypt( dfx.cipher_hd, dfx.defer, dfx.defer, 20);
+	md_final( dfx.mdc_hash );
 	if( datalen != 20
-	    || memcmp(gcry_md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
-	    rc = GPGERR_BAD_SIGN;
+	    || memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
+	    rc = G10ERR_BAD_SIGN;
 	/*log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);*/
 	/*log_hexdump("MDC message   :", dfx.defer, 20);*/
     }
+    
 
   leave:
-    gcry_cipher_close(dfx.cipher_hd);
-    gcry_md_close( dfx.mdc_hash );
+    cipher_close(dfx.cipher_hd);
+    md_close( dfx.mdc_hash );
     return rc;
 }
 
@@ -222,8 +218,8 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
 	}
 
 	if( n ) {
-	    gcry_cipher_decrypt( dfx->cipher_hd, buf, n, NULL, 0);
-	    gcry_md_write( dfx->mdc_hash, buf, n );
+	    cipher_decrypt( dfx->cipher_hd, buf, buf, n);
+	    md_write( dfx->mdc_hash, buf, n );
 	}
 	else {
 	    assert( dfx->eof_seen );
@@ -249,7 +245,7 @@ decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
 	n = iobuf_read( a, buf, size );
 	if( n == -1 ) n = 0;
 	if( n )
-	    gcry_cipher_decrypt( fc->cipher_hd, buf, n, NULL, 0 );
+	    cipher_decrypt( fc->cipher_hd, buf, buf, n);
 	else
 	    rc = -1; /* eof */
 	*ret_len = n;
diff --git a/g10/exec.c b/g10/exec.c
new file mode 100644
index 000000000..229c968bc
--- /dev/null
+++ b/g10/exec.c
@@ -0,0 +1,579 @@
+/* exec.c - generic call-a-program code
+ * Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#ifndef EXEC_TEMPFILE_ONLY
+#include <sys/wait.h>
+#endif
+#ifdef HAVE_DOSISH_SYSTEM
+#include <windows.h>
+#endif
+#include <fcntl.h>
+#include <unistd.h>
+#include <string.h>
+#include <errno.h>
+#include "options.h"
+#include "memory.h"
+#include "i18n.h"
+#include "iobuf.h"
+#include "util.h"
+#include "exec.h"
+
+#ifdef NO_EXEC
+int exec_write(struct exec_info **info,const char *program,
+	       const char *args_in,const char *name,int writeonly,int binary)
+{
+  log_error(_("no remote program execution supported\n"));
+  return G10ERR_GENERAL;
+}
+
+int exec_read(struct exec_info *info) { return G10ERR_GENERAL; }
+int exec_finish(struct exec_info *info) { return G10ERR_GENERAL; }
+
+#else /* ! NO_EXEC */
+
+#ifndef HAVE_MKDTEMP
+char *mkdtemp(char *template);
+#endif
+
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+/* This is a nicer system() for windows that waits for programs to
+   return before returning control to the caller.  I hate helpful
+   computers. */
+static int win_system(const char *command)
+{
+  PROCESS_INFORMATION pi;
+  STARTUPINFO si;
+  char *string;
+
+  /* We must use a copy of the command as CreateProcess modifies this
+     argument. */
+  string=m_strdup(command);
+
+  memset(&pi,0,sizeof(pi));
+  memset(&si,0,sizeof(si));
+  si.cb=sizeof(si);
+
+  if(!CreateProcess(NULL,string,NULL,NULL,FALSE,0,NULL,NULL,&si,&pi))
+    return -1;
+
+  /* Wait for the child to exit */
+  WaitForSingleObject(pi.hProcess,INFINITE);
+
+  CloseHandle(pi.hProcess);
+  CloseHandle(pi.hThread);
+  m_free(string);
+
+  return 0;
+}
+#endif
+
+/* Makes a temp directory and filenames */
+static int make_tempdir(struct exec_info *info)
+{
+  char *tmp=opt.temp_dir,*namein=info->name,*nameout;
+
+  if(!namein)
+    namein=info->binary?"tempin" EXTSEP_S "bin":"tempin" EXTSEP_S "txt";
+
+  nameout=info->binary?"tempout" EXTSEP_S "bin":"tempout" EXTSEP_S "txt";
+
+  /* Make up the temp dir and files in case we need them */
+
+  if(tmp==NULL)
+    {
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+      tmp=m_alloc(256);
+      if(GetTempPath(256,tmp)==0)
+	strcpy(tmp,"c:\\windows\\temp");
+      else
+	{
+	  int len=strlen(tmp);
+
+	  /* GetTempPath may return with \ on the end */
+	  while(len>0 && tmp[len-1]=='\\')
+	    {
+	      tmp[len-1]='\0';
+	      len--;
+	    }
+	}
+#else /* More unixish systems */
+      tmp=getenv("TMPDIR");
+      if(tmp==NULL)
+	{
+	  tmp=getenv("TMP");
+	  if(tmp==NULL)
+	    {
+#ifdef __riscos__
+	      tmp="<Wimp$ScrapDir>.GnuPG";
+	      mkdir(tmp,0700); /* Error checks occur later on */
+#else
+	      tmp="/tmp";
+#endif
+	    }
+	}
+#endif
+    }
+
+  info->tempdir=m_alloc(strlen(tmp)+strlen(DIRSEP_S)+10+1);
+
+  sprintf(info->tempdir,"%s" DIRSEP_S "gpg-XXXXXX",tmp);
+
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+  m_free(tmp);
+#endif
+
+  if(mkdtemp(info->tempdir)==NULL)
+    log_error(_("%s: can't create directory: %s\n"),
+	      info->tempdir,strerror(errno));
+  else
+    {
+      info->madedir=1;
+
+      info->tempfile_in=m_alloc(strlen(info->tempdir)+
+				strlen(DIRSEP_S)+strlen(namein)+1);
+      sprintf(info->tempfile_in,"%s" DIRSEP_S "%s",info->tempdir,namein);
+
+      if(!info->writeonly)
+	{
+	  info->tempfile_out=m_alloc(strlen(info->tempdir)+
+				     strlen(DIRSEP_S)+strlen(nameout)+1);
+	  sprintf(info->tempfile_out,"%s" DIRSEP_S "%s",info->tempdir,nameout);
+	}
+    }
+
+  return info->madedir?0:G10ERR_GENERAL;
+}
+
+/* Expands %i and %o in the args to the full temp files within the
+   temp directory. */
+static int expand_args(struct exec_info *info,const char *args_in)
+{
+  const char *ch=args_in;
+  int size,len;
+
+  info->use_temp_files=0;
+  info->keep_temp_files=0;
+
+  if(DBG_EXTPROG)
+    log_debug("expanding string \"%s\"\n",args_in);
+
+  size=100;
+  info->command=m_alloc(size);
+  len=0;
+  info->command[0]='\0';
+
+  while(*ch!='\0')
+    {
+      if(*ch=='%')
+	{
+	  char *append=NULL;
+
+	  ch++;
+
+	  switch(*ch)
+	    {
+	    case 'O':
+	      info->keep_temp_files=1;
+	      /* fall through */
+
+	    case 'o': /* out */
+	      if(!info->madedir)
+		{
+		  if(make_tempdir(info))
+		    goto fail;
+		}
+	      append=info->tempfile_out;
+	      info->use_temp_files=1;
+	      break;
+
+	    case 'I':
+	      info->keep_temp_files=1;
+	      /* fall through */
+
+	    case 'i': /* in */
+	      if(!info->madedir)
+		{
+		  if(make_tempdir(info))
+		    goto fail;
+		}
+	      append=info->tempfile_in;
+	      info->use_temp_files=1;
+	      break;
+
+	    case '%':
+	      append="%";
+	      break;
+	    }
+
+	  if(append)
+	    {
+	      while(strlen(append)+len>size-1)
+		{
+		  size+=100;
+		  info->command=m_realloc(info->command,size);
+		}
+
+	      strcat(info->command,append);
+	      len+=strlen(append);
+	    }
+	}
+      else
+	{
+	  if(len==size-1) /* leave room for the \0 */
+	    {
+	      size+=100;
+	      info->command=m_realloc(info->command,size);
+	    }
+
+	  info->command[len++]=*ch;
+	  info->command[len]='\0';
+	}
+
+      ch++;
+    }
+
+  if(DBG_EXTPROG)
+    log_debug("args expanded to \"%s\", use %d, keep %d\n",
+	      info->command,info->use_temp_files,info->keep_temp_files);
+
+  return 0;
+
+ fail:
+
+  m_free(info->command);
+  info->command=NULL;
+
+  return G10ERR_GENERAL;
+}
+
+/* Either handles the tempfile creation, or the fork/exec.  If it
+   returns ok, then info->tochild is a FILE * that can be written to.
+   The rules are: if there are no args, then it's a fork/exec/pipe.
+   If there are args, but no tempfiles, then it's a fork/exec/pipe via
+   shell -c.  If there are tempfiles, then it's a system. */
+
+int exec_write(struct exec_info **info,const char *program,
+	       const char *args_in,const char *name,int writeonly,int binary)
+{
+  int ret=G10ERR_GENERAL;
+
+  if(opt.exec_disable && !opt.no_perm_warn)
+    {
+      log_info(_("external program calls are disabled due to unsafe "
+		 "options file permissions\n"));
+
+      return ret;
+    }
+
+#if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
+  /* There should be no way to get to this spot while still carrying
+     setuid privs.  Just in case, bomb out if we are. */
+  if(getuid()!=geteuid())
+    BUG();
+#endif
+
+  if(program==NULL && args_in==NULL)
+    BUG();
+
+  *info=m_alloc_clear(sizeof(struct exec_info));
+
+  if(name)
+    (*info)->name=m_strdup(name);
+  (*info)->binary=binary;
+  (*info)->writeonly=writeonly;
+
+  /* Expand the args, if any */
+  if(args_in && expand_args(*info,args_in))
+    goto fail;
+
+#ifdef EXEC_TEMPFILE_ONLY
+  if(!(*info)->use_temp_files)
+    {
+      log_error(_("this platform requires temp files when calling external "
+		  "programs\n"));
+      goto fail;
+    }
+
+#else /* !EXEC_TEMPFILE_ONLY */
+
+  /* If there are no args, or there are args, but no temp files, we
+     can use fork/exec/pipe */
+  if(args_in==NULL || (*info)->use_temp_files==0)
+    {
+      int to[2],from[2];
+
+      if(pipe(to)==-1)
+	goto fail;
+
+      if(pipe(from)==-1)
+	{
+	  close(to[0]);
+	  close(to[1]);
+	  goto fail;
+	}
+
+      if(((*info)->child=fork())==-1)
+	{
+	  close(to[0]);
+	  close(to[1]);
+	  close(from[0]);
+	  close(from[1]);
+	  goto fail;
+	}
+
+      if((*info)->child==0)
+	{
+	  char *shell=getenv("SHELL");
+
+	  if(shell==NULL)
+	    shell="/bin/sh";
+
+	  /* I'm the child */
+
+	  /* If the program isn't going to respond back, they get to
+             keep their stdout/stderr */
+	  if(!(*info)->writeonly)
+	    {
+	      /* implied close of STDERR */
+	      if(dup2(STDOUT_FILENO,STDERR_FILENO)==-1)
+		_exit(1);
+
+	      /* implied close of STDOUT */
+	      close(from[0]);
+	      if(dup2(from[1],STDOUT_FILENO)==-1)
+		_exit(1);
+	    }
+
+	  /* implied close of STDIN */
+	  close(to[1]);
+	  if(dup2(to[0],STDIN_FILENO)==-1)
+	    _exit(1);
+
+	  if(args_in==NULL)
+	    {
+	      if(DBG_EXTPROG)
+		log_debug("execlp: %s\n",program);
+
+	      execlp(program,program,NULL);
+	    }
+	  else
+	    {
+	      if(DBG_EXTPROG)
+		log_debug("execlp: %s -c %s\n",shell,(*info)->command);
+
+	      execlp(shell,shell,"-c",(*info)->command,NULL);
+	    }
+
+	  /* If we get this far the exec failed.  Clean up and return. */
+
+	  log_error(_("unable to execute %s \"%s\": %s\n"),
+		    args_in==NULL?"program":"shell",
+		    args_in==NULL?program:shell,
+		    strerror(errno));
+
+	  /* This mimics the POSIX sh behavior - 127 means "not found"
+             from the shell. */
+	  if(errno==ENOENT)
+	    _exit(127);
+
+	  _exit(1);
+	}
+
+      /* I'm the parent */
+
+      close(to[0]);
+
+      (*info)->tochild=fdopen(to[1],binary?"wb":"w");
+      if((*info)->tochild==NULL)
+	{
+	  close(to[1]);
+	  ret=G10ERR_WRITE_FILE;
+	  goto fail;
+	}
+
+      close(from[1]);
+
+      (*info)->fromchild=iobuf_fdopen(from[0],"r");
+      if((*info)->fromchild==NULL)
+	{
+	  close(from[0]);
+	  ret=G10ERR_READ_FILE;
+	  goto fail;
+	}
+
+      /* fd iobufs are cached?! */
+      iobuf_ioctl((*info)->fromchild,3,1,NULL);
+
+      return 0;
+    }
+#endif /* !EXEC_TEMPFILE_ONLY */
+
+  if(DBG_EXTPROG)
+    log_debug("using temp file \"%s\"\n",(*info)->tempfile_in);
+
+  /* It's not fork/exec/pipe, so create a temp file */
+  (*info)->tochild=fopen((*info)->tempfile_in,binary?"wb":"w");
+  if((*info)->tochild==NULL)
+    {
+      log_error(_("%s: can't create: %s\n"),
+		(*info)->tempfile_in,strerror(errno));
+      ret=G10ERR_WRITE_FILE;
+      goto fail;
+    }
+
+  ret=0;
+
+ fail:
+  return ret;
+}
+
+int exec_read(struct exec_info *info)
+{
+  int ret=G10ERR_GENERAL;
+
+  fclose(info->tochild);
+  info->tochild=NULL;
+
+  if(info->use_temp_files)
+    {
+      if(DBG_EXTPROG)
+	log_debug("system() command is %s\n",info->command);
+
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+      info->progreturn=win_system(info->command);
+#else
+      info->progreturn=system(info->command);
+#endif
+
+      if(info->progreturn==-1)
+	{
+	  log_error(_("system error while calling external program: %s\n"),
+		    strerror(errno));
+	  info->progreturn=127;
+	  goto fail;
+	}
+
+#if defined(WIFEXITED) && defined(WEXITSTATUS)
+      if(WIFEXITED(info->progreturn))
+	info->progreturn=WEXITSTATUS(info->progreturn);
+      else
+	{
+	  log_error(_("unnatural exit of external program\n"));
+	  info->progreturn=127;
+	  goto fail;
+	}
+#else
+      /* If we don't have the macros, do the best we can. */
+      info->progreturn = (info->progreturn & 0xff00) >> 8;
+#endif
+
+      /* 127 is the magic value returned from system() to indicate
+         that the shell could not be executed, or from /bin/sh to
+         indicate that the program could not be executed. */
+
+      if(info->progreturn==127)
+	{
+	  log_error(_("unable to execute external program\n"));
+	  goto fail;
+	}
+
+      if(!info->writeonly)
+	{
+	  info->fromchild=iobuf_open(info->tempfile_out);
+	  if(info->fromchild==NULL)
+	    {
+	      log_error(_("unable to read external program response: %s\n"),
+			strerror(errno));
+	      ret=G10ERR_READ_FILE;
+	      goto fail;
+	    }
+
+	  /* Do not cache this iobuf on close */
+	  iobuf_ioctl(info->fromchild,3,1,NULL);
+	}
+    }
+
+  ret=0;
+
+ fail:
+  return ret;
+}
+
+int exec_finish(struct exec_info *info)
+{
+  int ret=info->progreturn;
+
+  if(info->fromchild)
+    iobuf_close(info->fromchild);
+
+  if(info->tochild)
+    fclose(info->tochild);
+
+#ifndef EXEC_TEMPFILE_ONLY
+  if(info->child>0)
+    {
+      if(waitpid(info->child,&info->progreturn,0)!=0 &&
+	 WIFEXITED(info->progreturn))
+	ret=WEXITSTATUS(info->progreturn);
+      else
+	{
+	  log_error(_("unnatural exit of external program\n"));
+	  ret=127;
+	}
+    }
+#endif
+
+  if(info->madedir && !info->keep_temp_files)
+    {
+      if(info->tempfile_in)
+	{
+	  if(unlink(info->tempfile_in)==-1)
+	    log_info(_("Warning: unable to remove tempfile (%s) \"%s\": %s\n"),
+		     "in",info->tempfile_in,strerror(errno));
+	}
+  
+      if(info->tempfile_out)
+	{
+	  if(unlink(info->tempfile_out)==-1)
+	    log_info(_("Warning: unable to remove tempfile (%s) \"%s\": %s\n"),
+		     "out",info->tempfile_out,strerror(errno));
+	}
+
+      if(rmdir(info->tempdir)==-1)
+	log_info(_("Warning: unable to remove temp directory \"%s\": %s\n"),
+		 info->tempdir,strerror(errno));
+    }
+
+  m_free(info->command);
+  m_free(info->name);
+  m_free(info->tempdir);
+  m_free(info->tempfile_in);
+  m_free(info->tempfile_out);
+  m_free(info);
+
+  return ret;
+}
+#endif /* ! NO_EXEC */
diff --git a/g10/exec.h b/g10/exec.h
new file mode 100644
index 000000000..2e0be460b
--- /dev/null
+++ b/g10/exec.h
@@ -0,0 +1,22 @@
+#ifndef _EXEC_H_
+#define _EXEC_H_
+
+#include <unistd.h>
+#include <stdio.h>
+#include "iobuf.h"
+
+struct exec_info
+{
+  int progreturn,binary,writeonly,madedir,use_temp_files,keep_temp_files;
+  pid_t child;
+  FILE *tochild;
+  IOBUF fromchild;
+  char *command,*name,*tempdir,*tempfile_in,*tempfile_out;
+};
+
+int exec_write(struct exec_info **info,const char *program,
+	       const char *args_in,const char *name,int writeonly,int binary);
+int exec_read(struct exec_info *info);
+int exec_finish(struct exec_info *info);
+
+#endif /* !_EXEC_H_ */
diff --git a/g10/export.c b/g10/export.c
index 9a9cd9859..47d06e651 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -1,5 +1,5 @@
 /* export.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,11 +25,11 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "options.h"
 #include "packet.h"
 #include "errors.h"
 #include "keydb.h"
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "i18n.h"
@@ -83,8 +83,10 @@ do_export( STRLIST users, int secret, int onlyrfc )
     IOBUF out = NULL;
     int any, rc;
     armor_filter_context_t afx;
+    compress_filter_context_t zfx;
 
     memset( &afx, 0, sizeof afx);
+    memset( &zfx, 0, sizeof zfx);
 
     rc = open_outfile( NULL, 0, &out );
     if( rc )
@@ -94,6 +96,8 @@ do_export( STRLIST users, int secret, int onlyrfc )
 	afx.what = secret?5:1;
 	iobuf_push_filter( out, armor_filter, &afx );
     }
+    if( opt.compress_keys && opt.compress )
+	iobuf_push_filter( out, compress_filter, &zfx );
     rc = do_export_stream( out, users, secret, onlyrfc, &any );
 
     if( rc || !any )
@@ -108,54 +112,58 @@ static int
 do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
 {
     int rc = 0;
-    compress_filter_context_t zfx;
     PACKET pkt;
     KBNODE keyblock = NULL;
     KBNODE kbctx, node;
-    KBPOS kbpos;
+    int ndesc;
+    KEYDB_SEARCH_DESC *desc = NULL;
+    KEYDB_HANDLE kdbhd;
     STRLIST sl;
-    int all = !users;
 
     *any = 0;
-    memset( &zfx, 0, sizeof zfx);
     init_packet( &pkt );
+    kdbhd = keydb_new (secret);
 
-    if( opt.compress_keys && opt.compress )
-	iobuf_push_filter( out, compress_filter, &zfx );
+    if (!users) {
+        ndesc = 1;
+        desc = m_alloc_clear ( ndesc * sizeof *desc);
+        desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
+    }
+    else {
+        for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++) 
+            ;
+        desc = m_alloc ( ndesc * sizeof *desc);
+        
+        for (ndesc=0, sl=users; sl; sl = sl->next) {
+	    if (classify_user_id (sl->d, desc+ndesc))
+                ndesc++;
+            else
+                log_error (_("key `%s' not found: %s\n"),
+                           sl->d, g10_errstr (G10ERR_INV_USER_ID));
+        }
 
-    if( all ) {
-	rc = enum_keyblocks_begin( &kbpos, secret );
-	if( rc ) {
-	    if( rc != -1 )
-		log_error("enum_keyblocks_begin failed: %s\n", gpg_errstr(rc));
-	    goto leave;
-	}
-	all = 2;
+        /* it would be nice to see which of the given users did
+           actually match one in the keyring.  To implement this we
+           need to have a found flag for each entry in desc and to set
+           this we must check all those entries after a match to mark
+           all matched one - currently we stop at the first match.  To
+           do this we need an extra flag to enable this feature so */
     }
 
-    /* use the correct sequence. strlist_last,prev do work correctly with
-     * NULL pointers :-) */
-    for( sl=strlist_last(users); sl || all ; sl=strlist_prev( users, sl )) {
-	if( all ) { /* get the next user */
-	    rc = enum_keyblocks_next( kbpos, 1, &keyblock );
-	    if( rc == -1 )  /* EOF */
-		break;
-	    if( rc ) {
-		log_error("enum_keyblocks_next failed: %s\n", gpg_errstr(rc));
-		break;
-	    }
-	}
-	else {
-	    /* search the userid */
-	    rc = secret? find_secret_keyblock_byname( &keyblock, sl->d )
-		       : find_keyblock_byname( &keyblock, sl->d );
-	    if( rc ) {
-		log_error(_("%s: user not found: %s\n"), sl->d, gpg_errstr(rc));
-		rc = 0;
-		continue;
-	    }
-	}
 
+    while (!(rc = keydb_search (kdbhd, desc, ndesc))) {
+        int sha1_warned=0;
+	u32 sk_keyid[2];
+
+	if (!users) 
+            desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
+
+        /* read the keyblock */
+        rc = keydb_get_keyblock (kdbhd, &keyblock );
+	if( rc ) {
+            log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
+	    goto leave;
+	}
 
 	/* do not export keys which are incompatible with rfc2440 */
 	if( onlyrfc && (node = find_kbnode( keyblock, PKT_PUBLIC_KEY )) ) {
@@ -167,15 +175,29 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
 	    }
 	}
 
-	/* we can't apply GNU mode 1001 on an unprotected key */
-	if( secret == 2
-	    && (node = find_kbnode( keyblock, PKT_SECRET_KEY ))
-	    && !node->pkt->pkt.secret_key->is_protected )
-	{
-	    log_info(_("key %08lX: not protected - skipped\n"),
-		  (ulong)keyid_from_sk( node->pkt->pkt.secret_key, NULL) );
-	    continue;
-	}
+	node=find_kbnode( keyblock, PKT_SECRET_KEY );
+	if(node)
+	  {
+	    PKT_secret_key *sk=node->pkt->pkt.secret_key;
+
+	    keyid_from_sk(sk,sk_keyid);
+
+	    /* we can't apply GNU mode 1001 on an unprotected key */
+	    if( secret == 2 && !sk->is_protected )
+	      {
+		log_info(_("key %08lX: not protected - skipped\n"),
+			 (ulong)sk_keyid[1]);
+		continue;
+	      }
+
+	    /* no v3 keys with GNU mode 1001 */
+	    if( secret == 2 && sk->version == 3 )
+	      {
+		log_info(_("key %08lX: PGP 2.x style key - skipped\n"),
+			 (ulong)sk_keyid[1]);
+		continue;
+	      }
+	  }
 
 	/* and write it */
 	for( kbctx=NULL; (node = walk_kbnode( keyblock, &kbctx, 0 )); ) {
@@ -183,13 +205,30 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
 	     * secret keyring */
 	    if( !secret && node->pkt->pkttype == PKT_COMMENT )
 		continue;
-	    /* do not export packets which are marked as not exportable */
+            /* make sure that ring_trust packets never get exported */
+            if (node->pkt->pkttype == PKT_RING_TRUST)
+              continue;
+
 	    if( node->pkt->pkttype == PKT_SIGNATURE ) {
-		const char *p;
-		p = parse_sig_subpkt2( node->pkt->pkt.signature,
-				       SIGSUBPKT_EXPORTABLE, NULL );
-		if( p && !*p )
-		    continue; /* not exportable */
+	      /* do not export packets which are marked as not exportable */
+	      if( !node->pkt->pkt.signature->flags.exportable )
+		continue; /* not exportable */
+
+	      /* do not export packets with a "sensitive" revocation
+                 key.  This will need revisiting when we start
+                 supporting creating revocation keys and not just
+                 reading them. */
+	      if( node->pkt->pkt.signature->revkey ) {
+		int i;
+
+		for(i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
+		  if(node->pkt->pkt.signature->revkey[i]->class & 0x40)
+		    continue;
+	      }
+
+	      /* delete our verification cache */
+	      delete_sig_subpkt (node->pkt->pkt.signature->unhashed,
+				 SIGSUBPKT_PRIV_VERIFY_CACHE);
 	    }
 
 	    if( secret == 2 && node->pkt->pkttype == PKT_SECRET_KEY ) {
@@ -202,13 +241,28 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
 		node->pkt->pkt.secret_key->protect.s2k.mode = save_mode;
 	    }
 	    else {
+	      /* Warn the user if the secret key or any of the secret
+                 subkeys are protected with SHA1 and we have
+                 simple_sk_checksum set. */
+	      if(!sha1_warned && opt.simple_sk_checksum &&
+		 (node->pkt->pkttype==PKT_SECRET_KEY ||
+		  node->pkt->pkttype==PKT_SECRET_SUBKEY) &&
+		 node->pkt->pkt.secret_key->protect.sha1chk)
+		{
+		  /* I hope this warning doesn't confuse people. */
+		  log_info("Warning: secret key %08lX does not have a "
+			   "simple SK checksum\n",(ulong)sk_keyid[1]);
+
+		  sha1_warned=1;
+		}
+
 		rc = build_packet( out, node->pkt );
 	    }
 
 	    if( rc ) {
 		log_error("build_packet(%d) failed: %s\n",
-			    node->pkt->pkttype, gpg_errstr(rc) );
-		rc = GPGERR_WRITE_FILE;
+			    node->pkt->pkttype, g10_errstr(rc) );
+		rc = G10ERR_WRITE_FILE;
 		goto leave;
 	    }
 	}
@@ -218,8 +272,8 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
 	rc = 0;
 
   leave:
-    if( all == 2 )
-	enum_keyblocks_end( kbpos );
+    m_free(desc);
+    keydb_release (kdbhd);
     release_kbnode( keyblock );
     if( !*any )
 	log_info(_("WARNING: nothing exported\n"));
diff --git a/g10/filter.h b/g10/filter.h
index a29d2aa29..b7a99e6bc 100644
--- a/g10/filter.h
+++ b/g10/filter.h
@@ -1,5 +1,5 @@
 /* filter.h
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -17,18 +17,15 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
-#ifndef GPG_FILTER_H
-#define GPG_FILTER_H
-
-#include <gcrypt.h>
-
-#include "basicdefs.h"
-#include "iobuf.h"
+#ifndef G10_FILTER_H
+#define G10_FILTER_H
 
+#include "types.h"
+#include "cipher.h"
 
 typedef struct {
-    GCRY_MD_HD md;	/* catch all */
-    GCRY_MD_HD md2;	/* if we want to calculate an alternate hash */
+    MD_HANDLE md;      /* catch all */
+    MD_HANDLE md2;     /* if we want to calculate an alternate hash */
     size_t maxbuf_size;
 } md_filter_context_t;
 
@@ -67,8 +64,11 @@ typedef struct {
     int pending_lf;	    /* used together with faked */
 } armor_filter_context_t;
 
+struct unarmor_pump_s;
+typedef struct unarmor_pump_s *UnarmorPump;
 
-typedef struct {
+
+struct compress_filter_context_s {
     int status;
     void *opaque;   /* (used for z_stream) */
     byte *inbuf;
@@ -77,26 +77,22 @@ typedef struct {
     unsigned outbufsize;
     int algo;	 /* compress algo */
     int algo1hack;
-} compress_filter_context_t;
+    void (*release)(struct compress_filter_context_s*);
+};
+typedef struct compress_filter_context_s compress_filter_context_t;
 
 
 typedef struct {
     DEK *dek;
     u32 datalen;
-    GCRY_CIPHER_HD cipher_hd;
+    CIPHER_HANDLE cipher_hd;
     int header;
-    GCRY_MD_HD mdc_hash;
+    MD_HANDLE mdc_hash;
     byte enchash[20];
     int create_mdc; /* flag will be set by the cipher filter */
 } cipher_filter_context_t;
 
 
-typedef struct {
-    int header_okay;
-    PK_LIST pk_list;
-    cipher_filter_context_t cfx;
-} encrypt_filter_context_t;
-
 
 typedef struct {
     byte *buffer;	    /* malloced buffer */
@@ -106,12 +102,14 @@ typedef struct {
     int truncated;	    /* number of truncated lines */
     int not_dash_escaped;
     int escape_from;
-    GCRY_MD_HD md;
+    MD_HANDLE md;
     int pending_lf;
     int pending_esc;
 } text_filter_context_t;
 
 
+/* encrypt_filter_context_t defined in main.h */
+
 /*-- mdfilter.c --*/
 int md_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len);
 void free_md_filter_context( md_filter_context_t *mfx );
@@ -120,6 +118,9 @@ void free_md_filter_context( md_filter_context_t *mfx );
 int use_armor_filter( IOBUF a );
 int armor_filter( void *opaque, int control,
 		  IOBUF chain, byte *buf, size_t *ret_len);
+UnarmorPump unarmor_pump_new (void);
+void        unarmor_pump_release (UnarmorPump x);
+int         unarmor_pump (UnarmorPump x, int c);
 
 /*-- compress.c --*/
 int compress_filter( void *opaque, int control,
@@ -132,9 +133,9 @@ int cipher_filter( void *opaque, int control,
 /*-- textfilter.c --*/
 int text_filter( void *opaque, int control,
 		 IOBUF chain, byte *buf, size_t *ret_len);
-int copy_clearsig_text( IOBUF out, IOBUF inp, GCRY_MD_HD md,
+int copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
 			  int escape_dash, int escape_from, int pgp2mode );
 
 
 
-#endif /*GPG_FILTER_H*/
+#endif /*G10_FILTER_H*/
diff --git a/g10/free-packet.c b/g10/free-packet.c
index 2cc4e25e9..e760999be 100644
--- a/g10/free-packet.c
+++ b/g10/free-packet.c
@@ -1,5 +1,5 @@
 /* free-packet.c - cleanup stuff for packets
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -24,17 +24,18 @@
 #include <string.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "packet.h"
 #include "iobuf.h"
+#include "mpi.h"
 #include "util.h"
+#include "cipher.h"
+#include "memory.h"
 #include "options.h"
-#include "main.h"
 
 void
 free_symkey_enc( PKT_symkey_enc *enc )
 {
-    gcry_free(enc);
+    m_free(enc);
 }
 
 void
@@ -43,24 +44,27 @@ free_pubkey_enc( PKT_pubkey_enc *enc )
     int n, i;
     n = pubkey_get_nenc( enc->pubkey_algo );
     if( !n )
-	mpi_release(enc->data[0]);
+	mpi_free(enc->data[0]);
     for(i=0; i < n; i++ )
-	mpi_release( enc->data[i] );
-    gcry_free(enc);
+	mpi_free( enc->data[i] );
+    m_free(enc);
 }
 
 void
 free_seckey_enc( PKT_signature *sig )
 {
-    int n, i;
-    n = pubkey_get_nsig( sig->pubkey_algo );
-    if( !n )
-	mpi_release(sig->data[0]);
-    for(i=0; i < n; i++ )
-	mpi_release( sig->data[i] );
-    gcry_free(sig->hashed_data);
-    gcry_free(sig->unhashed_data);
-    gcry_free(sig);
+  int n, i;
+
+  n = pubkey_get_nsig( sig->pubkey_algo );
+  if( !n )
+    mpi_free(sig->data[0]);
+  for(i=0; i < n; i++ )
+    mpi_free( sig->data[i] );
+  
+  m_free(sig->revkey);
+  m_free(sig->hashed);
+  m_free(sig->unhashed);
+  m_free(sig);
 }
 
 
@@ -71,15 +75,28 @@ release_public_key_parts( PKT_public_key *pk )
     int n, i;
     n = pubkey_get_npkey( pk->pubkey_algo );
     if( !n )
-	mpi_release(pk->pkey[0]);
+	mpi_free(pk->pkey[0]);
     for(i=0; i < n; i++ ) {
-	mpi_release( pk->pkey[i] );
+	mpi_free( pk->pkey[i] );
 	pk->pkey[i] = NULL;
     }
+    if (pk->prefs) {
+        m_free (pk->prefs);
+        pk->prefs = NULL;
+    }
     if( pk->namehash ) {
-	gcry_free(pk->namehash);
+	m_free(pk->namehash);
 	pk->namehash = NULL;
     }
+    if (pk->user_id) {
+        free_user_id (pk->user_id);
+        pk->user_id = NULL;
+    }
+    if (pk->revkey) {
+        m_free(pk->revkey);
+	pk->revkey=NULL;
+	pk->numrevkeys=0;
+    }
 }
 
 
@@ -87,42 +104,60 @@ void
 free_public_key( PKT_public_key *pk )
 {
     release_public_key_parts( pk );
-    gcry_free(pk);
+    m_free(pk);
 }
 
 
-static void *
-cp_data_block( byte *s )
+static subpktarea_t *
+cp_subpktarea (subpktarea_t *s )
 {
-    byte *d;
-    u16 len;
+    subpktarea_t *d;
 
     if( !s )
 	return NULL;
-    len = (s[0] << 8) | s[1];
-    d = gcry_xmalloc( len+2 );
-    memcpy(d, s, len+2);
+    d = m_alloc (sizeof (*d) + s->size - 1 );
+    d->size = s->size;
+    d->len = s->len;
+    memcpy (d->data, s->data, s->len);
     return d;
 }
 
+/*
+ * Return a copy of the preferences 
+ */
+prefitem_t *
+copy_prefs (const prefitem_t *prefs)
+{
+    size_t n;
+    prefitem_t *new;
+
+    if (!prefs)
+        return NULL;
+    
+    for (n=0; prefs[n].type; n++)
+        ;
+    new = m_alloc ( sizeof (*new) * (n+1));
+    for (n=0; prefs[n].type; n++) {
+        new[n].type = prefs[n].type;
+        new[n].value = prefs[n].value;
+    }
+    new[n].type = PREFTYPE_NONE;
+    new[n].value = 0;
+
+    return new;
+}
+
 
 PKT_public_key *
-copy_public_key_new_namehash( PKT_public_key *d, PKT_public_key *s,
-			      const byte *namehash )
+copy_public_key ( PKT_public_key *d, PKT_public_key *s)
 {
     int n, i;
 
     if( !d )
-	d = gcry_xmalloc(sizeof *d);
+	d = m_alloc(sizeof *d);
     memcpy( d, s, sizeof *d );
-    if( namehash ) {
-	d->namehash = gcry_xmalloc( 20 );
-	memcpy(d->namehash, namehash, 20 );
-    }
-    else if( s->namehash ) {
-	d->namehash = gcry_xmalloc( 20 );
-	memcpy(d->namehash, s->namehash, 20 );
-    }
+    d->user_id = scopy_user_id (s->user_id);
+    d->prefs = copy_prefs (s->prefs);
     n = pubkey_get_npkey( s->pubkey_algo );
     if( !n )
 	d->pkey[0] = mpi_copy(s->pkey[0]);
@@ -130,16 +165,17 @@ copy_public_key_new_namehash( PKT_public_key *d, PKT_public_key *s,
 	for(i=0; i < n; i++ )
 	    d->pkey[i] = mpi_copy( s->pkey[i] );
     }
+    if( !s->revkey && s->numrevkeys )
+        BUG();
+    if( s->numrevkeys ) {
+        d->revkey = m_alloc(sizeof(struct revocation_key)*s->numrevkeys);
+        memcpy(d->revkey,s->revkey,sizeof(struct revocation_key)*s->numrevkeys);
+    }
+    else
+        d->revkey = NULL;
     return d;
 }
 
-PKT_public_key *
-copy_public_key( PKT_public_key *d, PKT_public_key *s )
-{
-   return copy_public_key_new_namehash( d, s, NULL );
-}
-
-
 /****************
  * Replace all common parts of a sk by the one from the public key.
  * This is a hack and a better solution will be to just store the real secret
@@ -151,7 +187,6 @@ copy_public_parts_to_secret_key( PKT_public_key *pk, PKT_secret_key *sk )
     sk->expiredate  = pk->expiredate;     
     sk->pubkey_algo = pk->pubkey_algo;    
     sk->pubkey_usage= pk->pubkey_usage;
-    sk->created     = pk->created;        
     sk->req_usage   = pk->req_usage;
     sk->req_algo    = pk->req_algo;
     sk->has_expired = pk->has_expired;    
@@ -163,15 +198,13 @@ copy_public_parts_to_secret_key( PKT_public_key *pk, PKT_secret_key *sk )
     sk->keyid[1]    = pk->keyid[1];
 }
 
-
-
 PKT_signature *
 copy_signature( PKT_signature *d, PKT_signature *s )
 {
     int n, i;
 
     if( !d )
-	d = gcry_xmalloc(sizeof *d);
+	d = m_alloc(sizeof *d);
     memcpy( d, s, sizeof *d );
     n = pubkey_get_nsig( s->pubkey_algo );
     if( !n )
@@ -180,19 +213,27 @@ copy_signature( PKT_signature *d, PKT_signature *s )
 	for(i=0; i < n; i++ )
 	    d->data[i] = mpi_copy( s->data[i] );
     }
-    d->hashed_data = cp_data_block(s->hashed_data);
-    d->unhashed_data = cp_data_block(s->unhashed_data);
+    d->hashed = cp_subpktarea (s->hashed);
+    d->unhashed = cp_subpktarea (s->unhashed);
+    if(s->numrevkeys)
+      {
+	d->revkey=NULL;
+	d->numrevkeys=0;
+	parse_revkeys(d);
+      }
     return d;
 }
 
 
+/*
+ * shallow copy of the user ID
+ */
 PKT_user_id *
-copy_user_id( PKT_user_id *d, PKT_user_id *s )
+scopy_user_id (PKT_user_id *s)
 {
-    if( !d )
-	d = gcry_xmalloc(sizeof *d + s->len - 1 );
-    memcpy( d, s, sizeof *d + s->len - 1 );
-    return d;
+    if (s)
+        s->ref++;
+    return s;
 }
 
 
@@ -204,9 +245,9 @@ release_secret_key_parts( PKT_secret_key *sk )
 
     n = pubkey_get_nskey( sk->pubkey_algo );
     if( !n )
-	mpi_release(sk->skey[0]);
+	mpi_free(sk->skey[0]);
     for(i=0; i < n; i++ ) {
-	mpi_release( sk->skey[i] );
+	mpi_free( sk->skey[i] );
 	sk->skey[i] = NULL;
     }
 }
@@ -215,7 +256,7 @@ void
 free_secret_key( PKT_secret_key *sk )
 {
     release_secret_key_parts( sk );
-    gcry_free(sk);
+    m_free(sk);
 }
 
 PKT_secret_key *
@@ -224,7 +265,7 @@ copy_secret_key( PKT_secret_key *d, PKT_secret_key *s )
     int n, i;
 
     if( !d )
-	d = gcry_xmalloc(sizeof *d);
+	d = m_alloc(sizeof *d);
     memcpy( d, s, sizeof *d );
     n = pubkey_get_nskey( s->pubkey_algo );
     if( !n )
@@ -239,15 +280,32 @@ copy_secret_key( PKT_secret_key *d, PKT_secret_key *s )
 void
 free_comment( PKT_comment *rem )
 {
-    gcry_free(rem);
+    m_free(rem);
 }
 
 void
-free_user_id( PKT_user_id *uid )
+free_attributes(PKT_user_id *uid)
 {
-    if( uid->photo )
-	gcry_free( uid->photo );
-    gcry_free(uid);
+  m_free(uid->attribs);
+  m_free(uid->attrib_data);
+
+  uid->attribs=NULL;
+  uid->attrib_data=NULL;
+  uid->attrib_len=0;
+}
+
+void
+free_user_id (PKT_user_id *uid)
+{
+    assert (uid->ref > 0);
+    if (--uid->ref)
+        return;
+
+    free_attributes(uid);
+
+    if (uid->prefs)
+        m_free (uid->prefs);
+    m_free (uid);
 }
 
 void
@@ -259,7 +317,7 @@ free_compressed( PKT_compressed *zd )
 	while( iobuf_read( zd->buf, NULL, 1<<30 ) != -1 )
 	    ;
     }
-    gcry_free(zd);
+    m_free(zd);
 }
 
 void
@@ -280,7 +338,7 @@ free_encrypted( PKT_encrypted *ed )
 	   }
 	}
     }
-    gcry_free(ed);
+    m_free(ed);
 }
 
 
@@ -302,7 +360,7 @@ free_plaintext( PKT_plaintext *pt )
 	   }
 	}
     }
-    gcry_free(pt);
+    m_free(pt);
 }
 
 /****************
@@ -345,13 +403,14 @@ free_packet( PACKET *pkt )
 	free_compressed( pkt->pkt.compressed);
 	break;
       case PKT_ENCRYPTED:
+      case PKT_ENCRYPTED_MDC:
 	free_encrypted( pkt->pkt.encrypted );
 	break;
       case PKT_PLAINTEXT:
 	free_plaintext( pkt->pkt.plaintext );
 	break;
       default:
-	gcry_free( pkt->pkt.generic );
+	m_free( pkt->pkt.generic );
 	break;
     }
     pkt->pkt.generic = NULL;
@@ -460,23 +519,29 @@ cmp_signatures( PKT_signature *a, PKT_signature *b )
 }
 
 
-
 /****************
  * Returns: true if the user ids do not match
  */
 int
 cmp_user_ids( PKT_user_id *a, PKT_user_id *b )
 {
-    int res;
+    int res=1;
+
+    if( a == b )
+        return 0;
+
+    if( a->attrib_data && b->attrib_data )
+      {
+	res = a->attrib_len - b->attrib_len;
+	if( !res )
+	  res = memcmp( a->attrib_data, b->attrib_data, a->attrib_len );
+      }
+    else if( !a->attrib_data && !b->attrib_data )
+      {
+	res = a->len - b->len;
+	if( !res )
+	  res = memcmp( a->name, b->name, a->len );
+      }
 
-    res = a->len - b->len;
-    if( !res )
-	res = memcmp( a->name, b->name, a->len );
     return res;
 }
-
-
-
-
-
-
diff --git a/g10/gpg.c b/g10/g10.c
index 6faeb0721..b8cae1b1c 100644
--- a/g10/gpg.c
+++ b/g10/g10.c
@@ -1,5 +1,5 @@
-/* gpg.c - The GnuPG utility (main for gpg)
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+/* g10.c - The GnuPG utility (main for gpg)
+ * Copyright (C) 1998,1999,2000,2001,2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -29,22 +29,23 @@
   #include <fcntl.h> /* for setmode() */
 #endif
 
-
-#include <gcrypt.h>
+#define INCLUDED_BY_MAIN_MODULE 1
 #include "packet.h"
 #include "iobuf.h"
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "options.h"
 #include "keydb.h"
 #include "trustdb.h"
+#include "mpi.h"
+#include "cipher.h"
 #include "filter.h"
 #include "ttyio.h"
 #include "i18n.h"
 #include "status.h"
-#include "gnupg-defs.h"
-#include "hkp.h"
-
+#include "g10defs.h"
+#include "keyserver-internal.h"
 
 enum cmd_and_opt_values { aNull = 0,
     oArmor	  = 'a',
@@ -52,6 +53,7 @@ enum cmd_and_opt_values { aNull = 0,
     aSym	  = 'c',
     aDecrypt	  = 'd',
     aEncr	  = 'e',
+    aEncrFiles,
     oInteractive  = 'i',
     oKOption	  = 'k',
     oDryRun	  = 'n',
@@ -65,16 +67,25 @@ enum cmd_and_opt_values { aNull = 0,
     oCompress	  = 'z',
     oNotation	  = 'N',
     oBatch	  = 500,
+    oSigNotation,
+    oCertNotation,
+    oShowNotation,
+    oNoShowNotation,
+    aDecryptFiles,                          
     aClearsign,
     aStore,
     aKeygen,
     aSignEncr,
+    aSignSym,
     aSignKey,
     aLSignKey,
+    aNRSignKey,
+    aNRLSignKey,
     aListPackets,
     aEditKey,
-    aDeleteKey,
-    aDeleteSecretKey,
+    aDeleteKeys,
+    aDeleteSecretKeys,
+    aDeleteSecretAndPublicKeys,
     aKMode,
     aKModeC,
     aImport,
@@ -86,16 +97,17 @@ enum cmd_and_opt_values { aNull = 0,
     aListSecretKeys,
     aSendKeys,
     aRecvKeys,
+    aSearchKeys,
     aExport,
     aExportAll,
     aExportSecret,
     aExportSecretSub,
     aCheckKeys,
     aGenRevoke,
+    aDesigRevoke,
     aPrimegen,
     aPrintMD,
     aPrintMDs,
-    aPrintHMAC,
     aCheckTrustDB,
     aUpdateTrustDB,
     aFixTrustDB,
@@ -106,14 +118,25 @@ enum cmd_and_opt_values { aNull = 0,
     aDeArmor,
     aEnArmor,
     aGenRandom,
+    aPipeMode,
+    aRebuildKeydbCaches,
+    aRefreshKeys,
 
     oTextmode,
+    oExpert,
+    oNoExpert,
+    oAskSigExpire,
+    oNoAskSigExpire,
+    oAskCertExpire,
+    oNoAskCertExpire,
     oFingerprint,
     oWithFingerprint,
     oAnswerYes,
     oAnswerNo,
+    oDefCertCheckLevel,
     oKeyring,
     oSecretKeyring,
+    oShowKeyring,
     oDefaultKey,
     oDefRecipient,
     oDefRecipientSelf,
@@ -122,7 +145,15 @@ enum cmd_and_opt_values { aNull = 0,
     oDebug,
     oDebugAll,
     oStatusFD,
-    oNoComment,
+#ifdef __riscos__
+    oStatusFile,
+#endif /* __riscos__ */
+    oAttributeFD,
+#ifdef __riscos__
+    oAttributeFile,
+#endif /* __riscos__ */
+    oSKComments,
+    oNoSKComments,
     oNoVersion,
     oEmitVersion,
     oCompletesNeeded,
@@ -131,14 +162,29 @@ enum cmd_and_opt_values { aNull = 0,
     oLoadExtension,
     oRFC1991,
     oOpenPGP,
+    oPGP2,
+    oNoPGP2,
+    oPGP6,
+    oNoPGP6,
+    oPGP7,
+    oNoPGP7,
     oCipherAlgo,
     oDigestAlgo,
+    oCertDigestAlgo,
     oCompressAlgo,
     oPasswdFD,
+#ifdef __riscos__
+    oPasswdFile,
+#endif /* __riscos__ */
     oCommandFD,
+#ifdef __riscos__
+    oCommandFile,
+#endif /* __riscos__ */
+    oQuickRandom,
     oNoVerbose,
     oTrustDBName,
     oNoSecmemWarn,
+    oNoPermissionWarn,
     oNoArmor,
     oNoDefKeyring,
     oNoGreeting,
@@ -152,47 +198,100 @@ enum cmd_and_opt_values { aNull = 0,
     oCompressKeys,
     oCompressSigs,
     oAlwaysTrust,
+    oEmuChecksumBug,
     oRunAsShmCP,
     oSetFilename,
+    oForYourEyesOnly,
+    oNoForYourEyesOnly,
     oSetPolicyURL,
+    oSigPolicyURL,
+    oCertPolicyURL,
+    oShowPolicyURL,
+    oNoShowPolicyURL,
     oUseEmbeddedFilename,
     oComment,
     oDefaultComment,
     oThrowKeyid,
+    oShowPhotos,
+    oNoShowPhotos,
+    oPhotoViewer,
     oForceV3Sigs,
+    oNoForceV3Sigs,
+    oForceV4Certs,
+    oNoForceV4Certs,
     oForceMDC,
+    oNoForceMDC,
+    oDisableMDC,
+    oNoDisableMDC,
     oS2KMode,
     oS2KDigest,
     oS2KCipher,
+    oSimpleSKChecksum,                          
     oCharset,
     oNotDashEscaped,
     oEscapeFrom,
+    oNoEscapeFrom,
     oLockOnce,
     oLockMultiple,
     oLockNever,
     oKeyServer,
+    oKeyServerOptions,
+    oTempDir,
+    oExecPath,
     oEncryptTo,
     oNoEncryptTo,
     oLoggerFD,
+#ifdef __riscos__
+    oLoggerFile,
+#endif /* __riscos__ */
     oUtf8Strings,
     oNoUtf8Strings,
     oDisableCipherAlgo,
     oDisablePubkeyAlgo,
     oAllowNonSelfsignedUID,
+    oNoAllowNonSelfsignedUID,
     oAllowFreeformUID,
+    oNoAllowFreeformUID,
+    oAllowSecretKeyImport,                      
+    oEnableSpecialFilenames,
     oNoLiteral,
     oSetFilesize,
     oHonorHttpProxy,
     oFastListMode,
     oListOnly,
     oIgnoreTimeConflict,
+    oIgnoreValidFrom,                         
+    oIgnoreCrcError,                          
+    oShowSessionKey,
+    oOverrideSessionKey,
     oNoRandomSeedFile,
+    oAutoKeyRetrieve,
     oNoAutoKeyRetrieve,
     oUseAgent,
+    oNoUseAgent,
+    oGpgAgentInfo,
     oMergeOnly,
     oTryAllSecrets,
     oTrustedKey,
+    oNoExpensiveTrustChecks,
+    oFixedListMode,
+    oNoSigCache,
+    oNoSigCreateCheck,
+    oAutoCheckTrustDB,
+    oNoAutoCheckTrustDB,
+    oPreservePermissions,
+    oDefaultPreferenceList,
+    oPersonalCipherPreferences,
+    oPersonalDigestPreferences,
+    oPersonalCompressPreferences,
+    oEmu3DESS2KBug,  /* will be removed in 1.1 */
     oEmuMDEncodeBug,
+    oDisplay,
+    oTTYname,
+    oTTYtype,
+    oLCctype,
+    oLCmessages,
+    oGroup,
 aTest };
 
 
@@ -204,9 +303,11 @@ static ARGPARSE_OPTS opts[] = {
     { aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") },
     { aDetachedSign, "detach-sign", 256, N_("make a detached signature")},
     { aEncr, "encrypt",   256, N_("encrypt data")},
+    { aEncrFiles, "encrypt-files", 256, N_("|[files]|encrypt files")},
     { aSym, "symmetric", 256, N_("encryption only with symmetric cipher")},
     { aStore, "store",     256, N_("store only")},
     { aDecrypt, "decrypt",   256, N_("decrypt data (default)")},
+    { aDecryptFiles, "decrypt-files", 256, N_("|[files]|decrypt files")},
     { aVerify, "verify"   , 256, N_("verify a signature")},
     { aVerifyFiles, "verify-files" , 256, "@" },
     { aListKeys, "list-keys", 256, N_("list keys")},
@@ -216,16 +317,23 @@ static ARGPARSE_OPTS opts[] = {
     { oFingerprint, "fingerprint", 256, N_("list keys and fingerprints")},
     { aListSecretKeys, "list-secret-keys", 256, N_("list secret keys")},
     { aKeygen,	   "gen-key",  256, N_("generate a new key pair")},
-    { aDeleteKey, "delete-key",256, N_("remove key from the public keyring")},
-    { aDeleteSecretKey, "delete-secret-key",256,
-				    N_("remove key from the secret keyring")},
+    { aDeleteKeys,"delete-keys",256,N_("remove keys from the public keyring")},
+    { aDeleteSecretKeys, "delete-secret-keys",256,
+				    N_("remove keys from the secret keyring")},
     { aSignKey,  "sign-key"   ,256, N_("sign a key")},
     { aLSignKey, "lsign-key"  ,256, N_("sign a key locally")},
+    { aNRSignKey, "nrsign-key"  ,256, N_("sign a key non-revocably")},
+    { aNRLSignKey, "nrlsign-key"  ,256, N_("sign a key locally and non-revocably")},
     { aEditKey,  "edit-key"   ,256, N_("sign or edit a key")},
     { aGenRevoke, "gen-revoke",256, N_("generate a revocation certificate")},
+    { aDesigRevoke, "desig-revoke",256, "@" },
     { aExport, "export"           , 256, N_("export keys") },
     { aSendKeys, "send-keys"     , 256, N_("export keys to a key server") },
     { aRecvKeys, "recv-keys"     , 256, N_("import keys from a key server") },
+    { aSearchKeys, "search-keys" , 256,
+                                    N_("search for keys on a key server") },
+    { aRefreshKeys, "refresh-keys", 256,
+                                    N_("update all keys from a keyserver")},
     { aExportAll, "export-all"    , 256, "@" },
     { aExportSecret, "export-secret-keys" , 256, "@" },
     { aExportSecretSub, "export-secret-subkeys" , 256, "@" },
@@ -239,14 +347,13 @@ static ARGPARSE_OPTS opts[] = {
     { aUpdateTrustDB,
 	      "update-trustdb",0 , N_("update the trust database")},
     { aCheckTrustDB,
-	      "check-trustdb",0 , N_("|[NAMES]|check the trust database")},
+	      "check-trustdb",0 , N_("unattended trust database update")},
     { aFixTrustDB, "fix-trustdb",0 , N_("fix a corrupted trust database")},
     { aDeArmor, "dearmor", 256, N_("De-Armor a file or stdin") },
     { aDeArmor, "dearmour", 256, "@" },
     { aEnArmor, "enarmor", 256, N_("En-Armor a file or stdin") },
     { aEnArmor, "enarmour", 256, "@" },
     { aPrintMD,  "print-md" , 256, N_("|algo [files]|print message digests")},
-    { aPrintHMAC,  "print-hmac" , 256, "@"},
     { aPrimegen, "gen-prime" , 256, "@" },
     { aGenRandom, "gen-random" , 256, "@" },
 
@@ -261,52 +368,92 @@ static ARGPARSE_OPTS opts[] = {
     { oDefRecipientSelf, "default-recipient-self" ,0,
 				N_("use the default key as default recipient")},
     { oNoDefRecipient, "no-default-recipient", 0, "@" },
+    { oTempDir, "temp-directory", 2, "@" },
+    { oExecPath, "exec-path", 2, "@" },
     { oEncryptTo, "encrypt-to", 2, "@" },
     { oNoEncryptTo, "no-encrypt-to", 0, "@" },
     { oUser, "local-user",2, N_("use this user-id to sign or decrypt")},
     { oCompress, NULL,	      1, N_("|N|set compress level N (0 disables)") },
     { oTextmodeShort, NULL,   0, "@"},
     { oTextmode, "textmode",  0, N_("use canonical text mode")},
+    { oExpert, "expert",   0, "@"},
+    { oNoExpert, "no-expert",   0, "@"},
+    { oAskSigExpire, "ask-sig-expire",   0, "@"},
+    { oNoAskSigExpire, "no-ask-sig-expire",   0, "@"},
+    { oAskCertExpire, "ask-cert-expire",   0, "@"},
+    { oNoAskCertExpire, "no-ask-cert-expire",   0, "@"},
     { oOutput, "output",    2, N_("use as output file")},
     { oVerbose, "verbose",   0, N_("verbose") },
     { oQuiet,	"quiet",   0, N_("be somewhat more quiet") },
     { oNoTTY, "no-tty", 0, N_("don't use the terminal at all") },
     { oForceV3Sigs, "force-v3-sigs", 0, N_("force v3 signatures") },
+    { oNoForceV3Sigs, "no-force-v3-sigs", 0, N_("do not force v3 signatures") },
+    { oForceV4Certs, "force-v4-certs", 0, N_("force v4 key signatures") },
+    { oNoForceV4Certs, "no-force-v4-certs", 0, N_("do not force v4 key signatures") },
     { oForceMDC, "force-mdc", 0, N_("always use a MDC for encryption") },
+    { oNoForceMDC, "no-force-mdc", 0, "@" },
+    { oDisableMDC, "disable-mdc", 0, N_("never use a MDC for encryption") },
+    { oNoDisableMDC, "no-disable-mdc", 0, "@" },
     { oDryRun, "dry-run",   0, N_("do not make any changes") },
   /*{ oInteractive, "interactive", 0, N_("prompt before overwriting") }, */
     { oUseAgent, "use-agent",0, N_("use the gpg-agent")},
+    { oNoUseAgent, "no-use-agent",0, "@"},
+    { oGpgAgentInfo, "gpg-agent-info",2, "@"},
     { oBatch, "batch",     0, N_("batch mode: never ask")},
     { oAnswerYes, "yes",       0, N_("assume yes on most questions")},
     { oAnswerNo,  "no",        0, N_("assume no on most questions")},
     { oKeyring, "keyring"   ,2, N_("add this keyring to the list of keyrings")},
     { oSecretKeyring, "secret-keyring" ,2, N_("add this secret keyring to the list")},
+    { oShowKeyring, "show-keyring", 0, N_("show which keyring a listed key is on")},
     { oDefaultKey, "default-key" ,2, N_("|NAME|use NAME as default secret key")},
     { oKeyServer, "keyserver",2, N_("|HOST|use this keyserver to lookup keys")},
+    { oKeyServerOptions, "keyserver-options",2,"@"},
     { oCharset, "charset"   , 2, N_("|NAME|set terminal charset to NAME") },
     { oOptions, "options"   , 2, N_("read options from file")},
 
     { oDebug, "debug"     ,4|16, "@"},
     { oDebugAll, "debug-all" ,0, "@"},
     { oStatusFD, "status-fd" ,1, N_("|FD|write status info to this FD") },
-    { oNoComment, "no-comment", 0,   "@"},
+#ifdef __riscos__
+    { oStatusFile, "status-file" ,2, N_("|[file]|write status info to file") },
+#endif /* __riscos__ */
+    { oAttributeFD, "attribute-fd" ,1, "@" },
+#ifdef __riscos__
+    { oAttributeFile, "attribute-file" ,2, "@" },
+#endif /* __riscos__ */
+    { oNoSKComments, "no-comment", 0,   "@"},
+    { oNoSKComments, "no-sk-comments", 0,   "@"},
+    { oSKComments, "sk-comments", 0,   "@"},
     { oCompletesNeeded, "completes-needed", 1, "@"},
     { oMarginalsNeeded, "marginals-needed", 1, "@"},
     { oMaxCertDepth,	"max-cert-depth", 1, "@" },
-    { oTrustedKey, "trusted-key", 2, N_("|KEYID|ulimately trust this key")},
+    { oTrustedKey, "trusted-key", 2, N_("|KEYID|ultimately trust this key")},
     { oLoadExtension, "load-extension" ,2, N_("|FILE|load extension module FILE")},
     { oRFC1991, "rfc1991",   0, N_("emulate the mode described in RFC1991")},
     { oOpenPGP, "openpgp", 0, N_("set all packet, cipher and digest options to OpenPGP behavior")},
+    { oPGP2, "pgp2", 0, N_("set all packet, cipher and digest options to PGP 2.x behavior")},
+    { oNoPGP2, "no-pgp2", 0, "@"},
+    { oPGP6, "pgp6", 0, "@"},
+    { oNoPGP6, "no-pgp6", 0, "@"},
+    { oPGP7, "pgp7", 0, "@"},
+    { oNoPGP7, "no-pgp7", 0, "@"},
     { oS2KMode, "s2k-mode",  1, N_("|N|use passphrase mode N")},
     { oS2KDigest, "s2k-digest-algo",2,
 		N_("|NAME|use message digest algorithm NAME for passphrases")},
     { oS2KCipher, "s2k-cipher-algo",2,
 		N_("|NAME|use cipher algorithm NAME for passphrases")},
+    { oSimpleSKChecksum, "simple-sk-checksum", 0, "@"},
     { oCipherAlgo, "cipher-algo", 2 , N_("|NAME|use cipher algorithm NAME")},
     { oDigestAlgo, "digest-algo", 2 , N_("|NAME|use message digest algorithm NAME")},
+    { oCertDigestAlgo, "cert-digest-algo", 2 , "@" },
     { oCompressAlgo, "compress-algo", 1 , N_("|N|use compress algorithm N")},
     { oThrowKeyid, "throw-keyid", 0, N_("throw keyid field of encrypted packets")},
-    { oNotation,   "notation-data", 2, N_("|NAME=VALUE|use this notation data")},
+    { oShowPhotos,   "show-photos", 0, N_("Show Photo IDs")},
+    { oNoShowPhotos, "no-show-photos", 0, N_("Don't show Photo IDs")},
+    { oPhotoViewer,  "photo-viewer", 2, N_("Set command line to view Photo IDs")},
+    { oNotation,   "notation-data", 2, "@" },
+    { oSigNotation,   "sig-notation", 2, "@" },
+    { oCertNotation,  "cert-notation", 2, "@" },
 
     { 302, NULL, 0, N_(
   "@\n(See the man page for a complete listing of all commands and options)\n"
@@ -324,12 +471,21 @@ static ARGPARSE_OPTS opts[] = {
     { aPrintMDs, "print-mds" , 256, "@"}, /* old */
     { aListTrustDB, "list-trustdb",0 , "@"},
     { aListTrustPath, "list-trust-path",0, "@"},
+    { aPipeMode,  "pipemode", 0, "@" },
     { oKOption, NULL,	 0, "@"},
     { oPasswdFD, "passphrase-fd",1, "@" },
+#ifdef __riscos__
+    { oPasswdFile, "passphrase-file",2, "@" },
+#endif /* __riscos__ */
     { oCommandFD, "command-fd",1, "@" },
+#ifdef __riscos__
+    { oCommandFile, "command-file",2, "@" },
+#endif /* __riscos__ */
+    { oQuickRandom, "quick-random", 0, "@"},
     { oNoVerbose, "no-verbose", 0, "@"},
     { oTrustDBName, "trustdb-name", 2, "@" },
     { oNoSecmemWarn, "no-secmem-warning", 0, "@" }, /* used only by regression tests */
+    { oNoPermissionWarn, "no-permission-warning", 0, "@" },
     { oNoArmor, "no-armor",   0, "@"},
     { oNoArmor, "no-armour",   0, "@"},
     { oNoDefKeyring, "no-default-keyring", 0, "@" },
@@ -345,20 +501,34 @@ static ARGPARSE_OPTS opts[] = {
     { oSkipVerify, "skip-verify",0, "@" },
     { oCompressKeys, "compress-keys",0, "@"},
     { oCompressSigs, "compress-sigs",0, "@"},
+    { oDefCertCheckLevel, "default-cert-check-level", 1, "@"},
     { oAlwaysTrust, "always-trust", 0, "@"},
+    { oEmuChecksumBug, "emulate-checksum-bug", 0, "@"},
     { oRunAsShmCP, "run-as-shm-coprocess", 4, "@" },
     { oSetFilename, "set-filename", 2, "@" },
+    { oForYourEyesOnly, "for-your-eyes-only", 0, "@" },
+    { oNoForYourEyesOnly, "no-for-your-eyes-only", 0, "@" },
     { oSetPolicyURL, "set-policy-url", 2, "@" },
+    { oSigPolicyURL, "sig-policy-url", 2, "@" },
+    { oCertPolicyURL, "cert-policy-url", 2, "@" },
+    { oShowPolicyURL, "show-policy-url", 0, "@" },
+    { oNoShowPolicyURL, "no-show-policy-url", 0, "@" },
+    { oShowNotation, "show-notation", 0, "@" },
+    { oNoShowNotation, "no-show-notation", 0, "@" },
     { oComment, "comment", 2, "@" },
     { oDefaultComment, "default-comment", 0, "@" },
     { oNoVersion, "no-version", 0, "@"},
     { oEmitVersion, "emit-version", 0, "@"},
     { oNotDashEscaped, "not-dash-escaped", 0, "@" },
     { oEscapeFrom, "escape-from-lines", 0, "@" },
+    { oNoEscapeFrom, "no-escape-from-lines", 0, "@" },
     { oLockOnce, "lock-once", 0, "@" },
     { oLockMultiple, "lock-multiple", 0, "@" },
     { oLockNever, "lock-never", 0, "@" },
     { oLoggerFD, "logger-fd",1, "@" },
+#ifdef __riscos__
+    { oLoggerFile, "logger-file",2, "@" },
+#endif /* __riscos__ */
     { oUseEmbeddedFilename, "use-embedded-filename", 0, "@" },
     { oUtf8Strings, "utf8-strings", 0, "@" },
     { oNoUtf8Strings, "no-utf8-strings", 0, "@" },
@@ -366,47 +536,73 @@ static ARGPARSE_OPTS opts[] = {
     { oDisableCipherAlgo,  "disable-cipher-algo", 2, "@" },
     { oDisablePubkeyAlgo,  "disable-pubkey-algo", 2, "@" },
     { oAllowNonSelfsignedUID, "allow-non-selfsigned-uid", 0, "@" },
+    { oNoAllowNonSelfsignedUID, "no-allow-non-selfsigned-uid", 0, "@" },
     { oAllowFreeformUID, "allow-freeform-uid", 0, "@" },
+    { oNoAllowFreeformUID, "no-allow-freeform-uid", 0, "@" },
     { oNoLiteral, "no-literal", 0, "@" },
     { oSetFilesize, "set-filesize", 20, "@" },
     { oHonorHttpProxy,"honor-http-proxy", 0, "@" },
     { oFastListMode,"fast-list-mode", 0, "@" },
+    { oFixedListMode,"fixed-list-mode", 0, "@" },
     { oListOnly, "list-only", 0, "@"},
     { oIgnoreTimeConflict, "ignore-time-conflict", 0, "@" },
+    { oIgnoreValidFrom,    "ignore-valid-from",    0, "@" },
+    { oIgnoreCrcError, "ignore-crc-error", 0,"@" },
+    { oShowSessionKey, "show-session-key", 0, "@" },
+    { oOverrideSessionKey, "override-session-key", 2, "@" },
     { oNoRandomSeedFile,  "no-random-seed-file", 0, "@" },
+    { oAutoKeyRetrieve, "auto-key-retrieve", 0, "@" },
     { oNoAutoKeyRetrieve, "no-auto-key-retrieve", 0, "@" },
+    { oNoSigCache,         "no-sig-cache", 0, "@" },
+    { oNoSigCreateCheck,   "no-sig-create-check", 0, "@" },
+    { oAutoCheckTrustDB, "auto-check-trustdb", 0, "@"},
+    { oNoAutoCheckTrustDB, "no-auto-check-trustdb", 0, "@"},
     { oMergeOnly,	  "merge-only", 0, "@" },
+    { oAllowSecretKeyImport, "allow-secret-key-import", 0, "@" },
     { oTryAllSecrets,  "try-all-secrets", 0, "@" },
+    { oEnableSpecialFilenames, "enable-special-filenames", 0, "@" },
+    { oNoExpensiveTrustChecks, "no-expensive-trust-checks", 0, "@" },
+    { aDeleteSecretAndPublicKeys, "delete-secret-and-public-keys",256, "@" },
+    { aRebuildKeydbCaches, "rebuild-keydb-caches", 256, "@"},
+    { oPreservePermissions, "preserve-permissions", 0, "@"},
+    { oDefaultPreferenceList,  "default-preference-list", 2, "@"},
+    { oPersonalCipherPreferences,  "personal-cipher-preferences", 2, "@"},
+    { oPersonalDigestPreferences,  "personal-digest-preferences", 2, "@"},
+    { oPersonalCompressPreferences,  "personal-compress-preferences", 2, "@"},
+    { oEmu3DESS2KBug,  "emulate-3des-s2k-bug", 0, "@"},
     { oEmuMDEncodeBug,	"emulate-md-encode-bug", 0, "@"},
+    { oDisplay,    "display",     2, "@" },
+    { oTTYname,    "ttyname",     2, "@" },
+    { oTTYtype,    "ttytype",     2, "@" },
+    { oLCctype,    "lc-ctype",    2, "@" },
+    { oLCmessages, "lc-messages", 2, "@" },
+    { oGroup,      "group",       2, "@" },
 {0} };
 
 
 
-int gpg_errors_seen = 0;
+int g10_errors_seen = 0;
 
 static int utf8_strings = 0;
 static int maybe_setuid = 1;
 
-static char *build_list( const char *text,
+static char *build_list( const char *text, char letter,
 			 const char *(*mapf)(int), int (*chkf)(int) );
 static void set_cmd( enum cmd_and_opt_values *ret_cmd,
 			enum cmd_and_opt_values new_cmd );
 static void print_hex( byte *p, size_t n );
-static void print_mds( const char *fname, int algo, const char *key );
-static void add_notation_data( const char *string );
-static int  check_policy_url( const char *s );
-
+static void print_mds( const char *fname, int algo );
+static void add_notation_data( const char *string, int which );
+static void add_policy_url( const char *string, int which );
 
-static int
-our_pk_test_algo( int algo )
-{
-    return openpgp_pk_test_algo( algo, 0 );
-}
+#ifdef __riscos__
+RISCOS_GLOBAL_STATICS("GnuPG Heap")
+#endif /* __riscos__ */
 
-static const char *
-my_strusage( int level )
+const char *
+strusage( int level )
 {
-  static char *digests, *pubkeys, *ciphers;
+  static char *digests, *pubkeys, *ciphers, *zips;
     const char *p;
     switch( level ) {
       case 11: p = "gpg (GnuPG)";
@@ -427,56 +623,90 @@ my_strusage( int level )
 	break;
 
       case 31: p = "\nHome: "; break;
+#ifndef __riscos__
       case 32: p = opt.homedir; break;
+#else /* __riscos__ */
+      case 32: p = make_filename(opt.homedir, NULL); break;
+#endif /* __riscos__ */
       case 33: p = _("\nSupported algorithms:\n"); break;
       case 34:
-	if( !ciphers )
-	    ciphers = build_list("Cipher: ", gcry_cipher_algo_name,
-					     openpgp_cipher_test_algo );
-	p = ciphers;
-	break;
-      case 35:
 	if( !pubkeys )
-	    pubkeys = build_list("Pubkey: ", gcry_pk_algo_name,
-					     our_pk_test_algo );
+	    pubkeys = build_list("Pubkey: ", 0, pubkey_algo_to_string,
+							check_pubkey_algo );
 	p = pubkeys;
 	break;
+      case 35:
+	if( !ciphers )
+	    ciphers = build_list("Cipher: ", 'S', cipher_algo_to_string,
+							check_cipher_algo );
+	p = ciphers;
+	break;
       case 36:
 	if( !digests )
-	    digests = build_list("Hash: ", gcry_md_algo_name,
-					   openpgp_md_test_algo );
+	    digests = build_list("Hash: ", 'H', digest_algo_to_string,
+							check_digest_algo );
 	p = digests;
 	break;
+      case 37:
+	if( !zips )
+	    zips = build_list("Compress: ",'Z',compress_algo_to_string,
+			                                check_compress_algo);
+	p = zips;
+	break;
 
-
-      default:	p = NULL;
+      default:	p = default_strusage(level);
     }
     return p;
 }
 
 
 static char *
-build_list( const char *text, const char * (*mapf)(int), int (*chkf)(int) )
+build_list( const char *text, char letter,
+	    const char * (*mapf)(int), int (*chkf)(int) )
 {
     int i;
+    const char *s;
     size_t n=strlen(text)+2;
-    char *list, *p;
-
-    if( maybe_setuid ) {
-	gcry_control( GCRYCTL_DROP_PRIVS ); /* drop setuid */
-    }
-
-    for(i=1; i < 110; i++ )
-	if( !chkf(i) )
-	    n += strlen(mapf(i)) + 2;
-    list = gcry_xmalloc( 21 + n ); *list = 0;
-    for(p=NULL, i=1; i < 110; i++ ) {
-	if( !chkf(i) ) {
-	    if( !p )
+    char *list, *p, *line=NULL;
+
+    if( maybe_setuid )
+	secmem_init( 0 );    /* drop setuid */
+
+    for(i=0; i <= 110; i++ )
+	if( !chkf(i) && (s=mapf(i)) )
+	    n += strlen(s) + 7 + 2;
+    list = m_alloc( 21 + n ); *list = 0;
+    for(p=NULL, i=0; i <= 110; i++ ) {
+	if( !chkf(i) && (s=mapf(i)) ) {
+	    if( !p ) {
 		p = stpcpy( list, text );
+		line=p;
+	    }
 	    else
 		p = stpcpy( p, ", ");
-	    p = stpcpy(p, mapf(i) );
+
+	    if(strlen(line)>60) {
+	      int spaces=strlen(text);
+
+	      list=m_realloc(list,n+spaces+1);
+	      /* realloc could move the block, so find the end again */
+	      p=list;
+	      while(*p)
+		p++;
+
+	      p=stpcpy(p, "\n");
+	      line=p;
+	      for(;spaces;spaces--)
+		p=stpcpy(p, " ");
+	    }
+
+	    p = stpcpy(p, s );
+	    if(opt.verbose && letter)
+	      {
+		char num[8];
+		sprintf(num," (%c%d)",letter,i);
+		p = stpcpy(p,num);
+	      }
 	}
     }
     if( p )
@@ -492,52 +722,20 @@ i18n_init(void)
     set_gettext_file( PACKAGE );
   #else
   #ifdef ENABLE_NLS
-    #ifdef HAVE_LC_MESSAGES
-       setlocale( LC_TIME, "" );
-       setlocale( LC_MESSAGES, "" );
-    #else
-       setlocale( LC_ALL, "" );
-    #endif
-    bindtextdomain( PACKAGE, GNUPG_LOCALEDIR );
+    setlocale( LC_ALL, "" );
+    bindtextdomain( PACKAGE, G10_LOCALEDIR );
     textdomain( PACKAGE );
   #endif
   #endif
 }
 
-
-static void
-register_extension( const char *mainpgm, const char *fname )
-{
-  #warning fixme add register cipher extension
-    /* Before we do so, we should design a beter API for this.
-     * I am currently thinking about using S-Exp to pass everything we 
-     * need from the module to gcrypt. I hope we are not going to 
-     * implement my-own-lisp-library-no-17000 */
-  #if 0
-    if( *fname != '/' ) { /* do tilde expansion etc */
-	char *tmp;
-
-	if( strchr(fname, '/') )
-	    tmp = make_filename(fname, NULL);
-	else
-	    tmp = make_filename(GNUPG_LIBDIR, fname, NULL);
-	register_cipher_extension( mainpgm, tmp );
-	gcry_free(tmp);
-    }
-    else
-	register_cipher_extension( mainpgm, fname );
-  #endif
-}
-
-
-
 static void
 wrong_args( const char *text)
 {
     fputs(_("usage: gpg [options] "),stderr);
     fputs(text,stderr);
     putc('\n',stderr);
-    gpg_exit(2);
+    g10_exit(2);
 }
 
 
@@ -546,7 +744,7 @@ make_username( const char *string )
 {
     char *p;
     if( utf8_strings )
-	p = gcry_xstrdup(string);
+	p = m_strdup(string);
     else
 	p = native_to_utf8( string );
     return p;
@@ -556,19 +754,14 @@ make_username( const char *string )
 static void
 set_debug(void)
 {
-  #if 0
-    #warning memory debugging not enabled
     if( opt.debug & DBG_MEMORY_VALUE )
 	memory_debug_mode = 1;
     if( opt.debug & DBG_MEMSTAT_VALUE )
 	memory_stat_debug_mode = 1;
-  #endif
-
     if( opt.debug & DBG_MPI_VALUE )
-	gcry_control( GCRYCTL_SET_DEBUG_FLAGS, 2 );
+	mpi_debug_mode = 1;
     if( opt.debug & DBG_CIPHER_VALUE )
-	gcry_control( GCRYCTL_SET_DEBUG_FLAGS, 1 );
-
+	g10c_debug_mode = 1;
     if( opt.debug & DBG_IOBUF_VALUE )
 	iobuf_debug_mode = 1;
 
@@ -586,6 +779,10 @@ set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd )
 	cmd = aSignEncr;
     else if( cmd == aEncr && new_cmd == aSign )
 	cmd = aSignEncr;
+    else if( cmd == aSign && new_cmd == aSym )
+	cmd = aSignSym;
+    else if( cmd == aSym && new_cmd == aSign )
+	cmd = aSignSym;
     else if( cmd == aKMode && new_cmd == aSym )
 	cmd = aKModeC;
     else if(	( cmd == aSign	   && new_cmd == aClearsign )
@@ -593,13 +790,39 @@ set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd )
 	cmd = aClearsign;
     else {
 	log_error(_("conflicting commands\n"));
-	gpg_exit(2);
+	g10_exit(2);
     }
 
     *ret_cmd = cmd;
 }
 
 
+static void add_group(char *string)
+{
+  char *name,*value;
+  struct groupitem *item;
+  STRLIST values=NULL;
+
+  /* Break off the group name */
+  name=strsep(&string," ");
+  if(string==NULL)
+    {
+      log_error(_("no values for group \"%s\"\n"),name);
+      return;
+    }
+
+  /* Break apart the values */
+  while((value=strsep(&string," ")) && *value!='\0')
+    add_to_strlist2(&values,value,utf8_strings);
+
+  item=m_alloc(sizeof(struct groupitem));
+  item->name=name;
+  item->values=values;
+  item->next=opt.grouplist;
+
+  opt.grouplist=item;
+}
+
 
 int
 main( int argc, char **argv )
@@ -611,6 +834,8 @@ main( int argc, char **argv )
     char **orig_argv;
     const char *fname;
     char *username;
+    STRLIST unsafe_files=NULL;
+    STRLIST extensions=NULL;
     int may_coredump;
     STRLIST sl, remusr= NULL, locusr=NULL;
     STRLIST nrings=NULL, sec_nrings=NULL;
@@ -620,7 +845,7 @@ main( int argc, char **argv )
     char *configname = NULL;
     unsigned configlineno;
     int parse_debug = 0;
-    int default_config =1;
+    int default_config = 1;
     int default_keyring = 1;
     int greeting = 0;
     int nogreeting = 0;
@@ -629,30 +854,33 @@ main( int argc, char **argv )
     const char *trustdb_name = NULL;
     char *def_cipher_string = NULL;
     char *def_digest_string = NULL;
+    char *cert_digest_string = NULL;
     char *s2k_cipher_string = NULL;
     char *s2k_digest_string = NULL;
+    char *pers_cipher_list = NULL;
+    char *pers_digest_list = NULL;
+    char *pers_compress_list = NULL;
+    int eyes_only=0;
     int pwfd = -1;
     int with_fpr = 0; /* make an option out of --fingerprint */
+    int any_explicit_recipient = 0;
   #ifdef USE_SHM_COPROCESSING
     ulong requested_shm_size=0;
   #endif
 
+  #ifdef __riscos__
+    riscos_global_defaults();
+    opt.lock_once = 1;
+  #endif /* __riscos__ */
+
     trap_unaligned();
-    set_strusage( my_strusage );
-    gcry_control( GCRYCTL_SUSPEND_SECMEM_WARN );
+    secmem_set_flags( secmem_get_flags() | 2 ); /* suspend warnings */
     /* Please note that we may running SUID(ROOT), so be very CAREFUL
      * when adding any stuff between here and the call to
      * secmem_init()  somewhere after the option parsing
      */
     log_set_name("gpg");
-    /* check that the libraries are suitable.  Do it here because
-     * the option parse may need services of the library */
-    if ( !gcry_check_version ( "1.1.0a" ) ) {
-	log_fatal(_("libgcrypt is too old (need %s, have %s)\n"),
-				VERSION, gcry_check_version(NULL) );
-    }
-
-    gcry_control( GCRYCTL_USE_SECURE_RNDPOOL );
+    secure_random_alloc(); /* put random number into secure memory */
     may_coredump = disable_core_dumps();
     init_signals();
     create_dotlock(NULL); /* register locking cleanup */
@@ -662,20 +890,23 @@ main( int argc, char **argv )
     /* note: if you change these lines, look at oOpenPGP */
     opt.def_cipher_algo = 0;
     opt.def_digest_algo = 0;
-    opt.def_compress_algo = 2;
+    opt.cert_digest_algo = 0;
+    opt.def_compress_algo = -1;
     opt.s2k_mode = 3; /* iterated+salted */
-    opt.s2k_digest_algo = GCRY_MD_SHA1;
-    opt.s2k_cipher_algo = GCRY_CIPHER_CAST5;
+    opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
+    opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
     opt.completes_needed = 1;
     opt.marginals_needed = 3;
     opt.max_cert_depth = 5;
     opt.pgp2_workarounds = 1;
-    opt.auto_key_retrieve = 1;
-  #ifdef __MINGW32__
+    opt.force_v3_sigs = 1;
+    opt.escape_from = 1;
+    opt.keyserver_options.include_subkeys=1;
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
     opt.homedir = read_w32_registry_string( NULL, "Software\\GNU\\GnuPG", "HomeDir" );
-  #else
+#else
     opt.homedir = getenv("GNUPGHOME");
-  #endif
+#endif
     if( !opt.homedir || !*opt.homedir ) {
 	opt.homedir = GNUPG_HOMEDIR;
     }
@@ -709,19 +940,28 @@ main( int argc, char **argv )
 	else if ( pargs.r_opt == oStatusFD ) {
 	    /* this is needed to ensure that the status-fd filedescriptor is
 	     * initialized when init_shm_coprocessing() is called */
-	    set_status_fd( pargs.r.ret_int );
+	    set_status_fd( iobuf_translate_file_handle (pargs.r.ret_int, 1) );
 	}
       #endif
     }
 
-
-  #ifdef USE_SHM_COPROCESSING
+#ifdef HAVE_DOSISH_SYSTEM
+    if ( strchr (opt.homedir,'\\') ) {
+        char *d, *buf = m_alloc (strlen (opt.homedir)+1);
+        const char *s = opt.homedir;
+        for (d=buf,s=opt.homedir; *s; s++)
+            *d++ = *s == '\\'? '/': *s;
+        *d = 0;
+        opt.homedir = buf;
+    }
+#endif
+#ifdef USE_SHM_COPROCESSING
     if( opt.shm_coprocess ) {
 	init_shm_coprocessing(requested_shm_size, 1 );
     }
-  #endif
+#endif
     /* initialize the secure memory. */
-    gcry_control( GCRYCTL_INIT_SECMEM, 16384, 0 );
+    secmem_init( 16384 );
     maybe_setuid = 0;
     /* Okay, we are now working under our real uid */
 
@@ -735,6 +975,20 @@ main( int argc, char **argv )
     pargs.flags=  1;  /* do not remove the args */
   next_pass:
     if( configname ) {
+
+      if(check_permissions(configname,0,1))
+	{
+	  add_to_strlist(&unsafe_files,configname);
+
+	  /* If any options file is unsafe, then disable any external
+	     programs for keyserver calls or photo IDs.  Since the
+	     external program to call is set in the options file, a
+	     unsafe options file can lead to an arbitrary program
+	     being run. */
+
+	  opt.exec_disable=1;
+	}
+
 	configlineno = 0;
 	configfp = fopen( configname, "r" );
 	if( !configfp ) {
@@ -746,9 +1000,9 @@ main( int argc, char **argv )
 	    else {
 		log_error(_("option file `%s': %s\n"),
 				    configname, strerror(errno) );
-		gpg_exit(2);
+		g10_exit(2);
 	    }
-	    gcry_free(configname); configname = NULL;
+	    m_free(configname); configname = NULL;
 	}
 	if( parse_debug && configname )
 	    log_info(_("reading options from `%s'\n"), configname );
@@ -764,37 +1018,47 @@ main( int argc, char **argv )
 	  case aFastImport: set_cmd( &cmd, aFastImport); break;
 	  case aSendKeys: set_cmd( &cmd, aSendKeys); break;
 	  case aRecvKeys: set_cmd( &cmd, aRecvKeys); break;
+	  case aSearchKeys: set_cmd( &cmd, aSearchKeys); break;
+	  case aRefreshKeys: set_cmd( &cmd, aRefreshKeys); break;
 	  case aExport: set_cmd( &cmd, aExport); break;
 	  case aExportAll: set_cmd( &cmd, aExportAll); break;
 	  case aListKeys: set_cmd( &cmd, aListKeys); break;
 	  case aListSigs: set_cmd( &cmd, aListSigs); break;
 	  case aExportSecret: set_cmd( &cmd, aExportSecret); break;
 	  case aExportSecretSub: set_cmd( &cmd, aExportSecretSub); break;
-	  case aDeleteSecretKey: set_cmd( &cmd, aDeleteSecretKey);
+	  case aDeleteSecretKeys: set_cmd( &cmd, aDeleteSecretKeys);
 							greeting=1; break;
-	  case aDeleteKey: set_cmd( &cmd, aDeleteKey); greeting=1; break;
+	  case aDeleteSecretAndPublicKeys:
+            set_cmd( &cmd, aDeleteSecretAndPublicKeys);
+            greeting=1; 
+            break;
+	  case aDeleteKeys: set_cmd( &cmd, aDeleteKeys); greeting=1; break;
 
 	  case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break;
 	  case aSym: set_cmd( &cmd, aSym); break;
 
 	  case aDecrypt: set_cmd( &cmd, aDecrypt); break;
+          case aDecryptFiles: set_cmd( &cmd, aDecryptFiles); break;
 
 	  case aEncr: set_cmd( &cmd, aEncr); break;
+	  case aEncrFiles: set_cmd( &cmd, aEncrFiles ); break;
 	  case aSign: set_cmd( &cmd, aSign );  break;
 	  case aKeygen: set_cmd( &cmd, aKeygen); greeting=1; break;
 	  case aSignKey: set_cmd( &cmd, aSignKey); break;
 	  case aLSignKey: set_cmd( &cmd, aLSignKey); break;
+	  case aNRSignKey: set_cmd( &cmd, aNRSignKey); break;
+	  case aNRLSignKey: set_cmd( &cmd, aNRLSignKey); break;
 	  case aStore: set_cmd( &cmd, aStore); break;
 	  case aEditKey: set_cmd( &cmd, aEditKey); greeting=1; break;
 	  case aClearsign: set_cmd( &cmd, aClearsign); break;
 	  case aGenRevoke: set_cmd( &cmd, aGenRevoke); break;
+	  case aDesigRevoke: set_cmd( &cmd, aDesigRevoke); break;
 	  case aVerify: set_cmd( &cmd, aVerify); break;
 	  case aVerifyFiles: set_cmd( &cmd, aVerifyFiles); break;
 	  case aPrimegen: set_cmd( &cmd, aPrimegen); break;
 	  case aGenRandom: set_cmd( &cmd, aGenRandom); break;
 	  case aPrintMD: set_cmd( &cmd, aPrintMD); break;
 	  case aPrintMDs: set_cmd( &cmd, aPrintMDs); break;
-	  case aPrintHMAC: set_cmd( &cmd, aPrintHMAC); break;
 	  case aListTrustDB: set_cmd( &cmd, aListTrustDB); break;
 	  case aCheckTrustDB: set_cmd( &cmd, aCheckTrustDB); break;
 	  case aUpdateTrustDB: set_cmd( &cmd, aUpdateTrustDB); break;
@@ -804,6 +1068,8 @@ main( int argc, char **argv )
 	  case aEnArmor: set_cmd( &cmd, aEnArmor); break;
 	  case aExportOwnerTrust: set_cmd( &cmd, aExportOwnerTrust); break;
 	  case aImportOwnerTrust: set_cmd( &cmd, aImportOwnerTrust); break;
+          case aPipeMode: set_cmd( &cmd, aPipeMode); break;
+          case aRebuildKeydbCaches: set_cmd( &cmd, aRebuildKeydbCaches); break;
 
 	  case oArmor: opt.armor = 1; opt.no_armor=0; break;
 	  case oOutput: opt.outfile = pargs.r.ret_str; break;
@@ -811,41 +1077,75 @@ main( int argc, char **argv )
 	  case oNoTTY: tty_no_terminal(1); break;
 	  case oDryRun: opt.dry_run = 1; break;
 	  case oInteractive: opt.interactive = 1; break;
-	  case oVerbose:
-		opt.verbose++; opt.list_sigs=1;
-		gcry_control( GCRYCTL_SET_VERBOSITY, (int)opt.verbose );
-		break;
+	  case oVerbose: g10_opt_verbose++;
+		    opt.verbose++; opt.list_sigs=1; break;
 	  case oKOption: set_cmd( &cmd, aKMode ); break;
 
-	  case oBatch: opt.batch = 1; greeting = 0; break;
-          case oUseAgent: opt.use_agent = 1; break;
+	  case oBatch: opt.batch = 1; nogreeting = 1; break;
+          case oUseAgent:
+#ifndef __riscos__
+            opt.use_agent = 1;
+#else /* __riscos__ */
+            opt.use_agent = 0;
+            not_implemented("use-agent");
+#endif /* __riscos__ */
+            break;
+          case oNoUseAgent: opt.use_agent = 0; break;
+	  case oGpgAgentInfo: opt.gpg_agent_info = pargs.r.ret_str; break;
 	  case oAnswerYes: opt.answer_yes = 1; break;
 	  case oAnswerNo: opt.answer_no = 1; break;
 	  case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break;
+	  case oShowKeyring: opt.show_keyring = 1; break;
 	  case oDebug: opt.debug |= pargs.r.ret_ulong; break;
 	  case oDebugAll: opt.debug = ~0; break;
-	  case oStatusFD: set_status_fd( pargs.r.ret_int ); break;
-	  case oLoggerFD: log_set_logfile( NULL, pargs.r.ret_int ); break;
+	  case oStatusFD:
+            set_status_fd( iobuf_translate_file_handle (pargs.r.ret_int, 1) );
+            break;
+#ifdef __riscos__
+	  case oStatusFile:
+            set_status_fd( iobuf_translate_file_handle ( fdopenfile (pargs.r.ret_str, 1), 1) );
+            break;
+#endif /* __riscos__ */
+	  case oAttributeFD:
+            set_attrib_fd(iobuf_translate_file_handle (pargs.r.ret_int, 1));
+            break;
+#ifdef __riscos__
+	  case oAttributeFile:
+            set_attrib_fd(iobuf_translate_file_handle ( fdopenfile (pargs.r.ret_str, 1), 1) );
+            break;
+#endif /* __riscos__ */
+	  case oLoggerFD:
+            log_set_logfile( NULL,
+                             iobuf_translate_file_handle (pargs.r.ret_int, 1) );
+            break;
+#ifdef __riscos__
+	  case oLoggerFile:
+            log_set_logfile( NULL,
+                             iobuf_translate_file_handle ( fdopenfile (pargs.r.ret_str, 1), 1) );
+            break;
+#endif /* __riscos__ */
 	  case oWithFingerprint:
-		with_fpr=1; /*fall thru*/
+            opt.with_fingerprint = 1;
+            with_fpr=1; /*fall thru*/
 	  case oFingerprint: opt.fingerprint++; break;
 	  case oSecretKeyring: append_to_strlist( &sec_nrings, pargs.r.ret_str); break;
 	  case oOptions:
 	    /* config files may not be nested (silently ignore them) */
 	    if( !configfp ) {
-		gcry_free(configname);
-		configname = gcry_xstrdup(pargs.r.ret_str);
+		m_free(configname);
+		configname = m_strdup(pargs.r.ret_str);
 		goto next_pass;
 	    }
 	    break;
 	  case oNoArmor: opt.no_armor=1; opt.armor=0; break;
 	  case oNoDefKeyring: default_keyring = 0; break;
+          case oDefCertCheckLevel: opt.def_cert_check_level=pargs.r.ret_int; break;
 	  case oNoGreeting: nogreeting = 1; break;
-	  case oNoVerbose:
-		opt.verbose = 0; opt.list_sigs=0;
-		gcry_control( GCRYCTL_SET_VERBOSITY, (int)opt.verbose );
-		break;
-	  case oNoComment: opt.no_comment=1; break;
+	  case oNoVerbose: g10_opt_verbose = 0;
+			   opt.verbose = 0; opt.list_sigs=0; break;
+	  case oQuickRandom: quick_random_gen(1); break;
+	  case oSKComments: opt.sk_comments=1; break;
+	  case oNoSKComments: opt.sk_comments=0; break;
 	  case oNoVersion: opt.no_version=1; break;
 	  case oEmitVersion: opt.no_version=0; break;
 	  case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break;
@@ -858,15 +1158,15 @@ main( int argc, char **argv )
 			opt.def_recipient = make_username(pargs.r.ret_str);
 		    break;
 	  case oDefRecipientSelf:
-		    gcry_free(opt.def_recipient); opt.def_recipient = NULL;
+		    m_free(opt.def_recipient); opt.def_recipient = NULL;
 		    opt.def_recipient_self = 1;
 		    break;
 	  case oNoDefRecipient:
-		    gcry_free(opt.def_recipient); opt.def_recipient = NULL;
+		    m_free(opt.def_recipient); opt.def_recipient = NULL;
 		    opt.def_recipient_self = 0;
 		    break;
-	  case oNoOptions: break; /* no-options */
-	  case oHomedir: opt.homedir = pargs.r.ret_str; break;
+	  case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */
+	  case oHomedir: break;
 	  case oNoBatch: opt.batch = 0; break;
 	  case oWithKeyData: opt.with_key_data=1; /* fall thru */
 	  case oWithColons: opt.with_colons=':'; break;
@@ -877,17 +1177,26 @@ main( int argc, char **argv )
 	  case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
 	  case oAlwaysTrust: opt.always_trust = 1; break;
 	  case oLoadExtension:
-	    register_extension(orig_argc? *orig_argv:NULL, pargs.r.ret_str);
+#ifndef __riscos__
+	    add_to_strlist(&extensions,pargs.r.ret_str);
+	    register_cipher_extension(orig_argc? *orig_argv:NULL,
+				      pargs.r.ret_str);
+#else /* __riscos__ */
+            not_implemented("load-extension");
+#endif /* __riscos__ */
 	    break;
 	  case oRFC1991:
 	    opt.rfc1991 = 1;
 	    opt.rfc2440 = 0;
-	    opt.no_comment = 1;
+	    opt.force_v4_certs = 0;
+	    opt.sk_comments = 0;
 	    opt.escape_from = 1;
 	    break;
 	  case oOpenPGP:
 	    opt.rfc1991 = 0;
 	    opt.rfc2440 = 1;
+	    opt.allow_non_selfsigned_uid = 1;
+	    opt.allow_freeform_uid = 1;
 	    opt.pgp2_workarounds = 0;
 	    opt.escape_from = 0;
 	    opt.force_v3_sigs = 0;
@@ -896,32 +1205,63 @@ main( int argc, char **argv )
 	    opt.not_dash_escaped = 0;
 	    opt.def_cipher_algo = 0;
 	    opt.def_digest_algo = 0;
+	    opt.cert_digest_algo = 0;
 	    opt.def_compress_algo = 1;
-	    opt.s2k_mode = 3; /* iterated+salted */
-	    opt.s2k_digest_algo = GCRY_MD_SHA1;
-	    opt.s2k_cipher_algo = GCRY_CIPHER_CAST5;
+            opt.s2k_mode = 3; /* iterated+salted */
+	    opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
+	    opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
 	    break;
+	  case oPGP2: opt.pgp2 = 1; break;
+	  case oNoPGP2: opt.pgp2 = 0; break;
+	  case oPGP6: opt.pgp6 = 1; break;
+	  case oNoPGP6: opt.pgp6 = 0; break;
+	  case oPGP7: opt.pgp7 = 1; break;
+	  case oNoPGP7: opt.pgp7 = 0; break;
+	  case oEmuChecksumBug: opt.emulate_bugs |= EMUBUG_GPGCHKSUM; break;
+	  case oEmu3DESS2KBug:	opt.emulate_bugs |= EMUBUG_3DESS2K; break;
 	  case oEmuMDEncodeBug: opt.emulate_bugs |= EMUBUG_MDENCODE; break;
 	  case oCompressSigs: opt.compress_sigs = 1; break;
 	  case oRunAsShmCP:
+#ifndef __riscos__
 	  #ifndef USE_SHM_COPROCESSING
 	    /* not possible in the option file,
 	     * but we print the warning here anyway */
 	    log_error("shared memory coprocessing is not available\n");
 	  #endif
+#else /* __riscos__ */
+            not_implemented("run-as-shm-coprocess");
+#endif /* __riscos__ */
 	    break;
 	  case oSetFilename: opt.set_filename = pargs.r.ret_str; break;
-	  case oSetPolicyURL: opt.set_policy_url = pargs.r.ret_str; break;
+	  case oForYourEyesOnly: eyes_only = 1; break;
+	  case oNoForYourEyesOnly: eyes_only = 0; break;
+	  case oSetPolicyURL:
+	    add_policy_url(pargs.r.ret_str,0);
+	    add_policy_url(pargs.r.ret_str,1);
+	    break;
+	  case oSigPolicyURL: add_policy_url(pargs.r.ret_str,0); break;
+	  case oCertPolicyURL: add_policy_url(pargs.r.ret_str,1); break;
+          case oShowPolicyURL: opt.show_policy_url=1; break;
+    	  case oNoShowPolicyURL: opt.show_policy_url=0; break;
 	  case oUseEmbeddedFilename: opt.use_embedded_filename = 1; break;
 	  case oComment: opt.comment_string = pargs.r.ret_str; break;
 	  case oDefaultComment: opt.comment_string = NULL; break;
 	  case oThrowKeyid: opt.throw_keyid = 1; break;
+	  case oShowPhotos: opt.show_photos = 1; break;
+	  case oNoShowPhotos: opt.show_photos = 0; break;
+	  case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
 	  case oForceV3Sigs: opt.force_v3_sigs = 1; break;
+	  case oNoForceV3Sigs: opt.force_v3_sigs = 0; break;
+          case oForceV4Certs: opt.force_v4_certs = 1; break;
+          case oNoForceV4Certs: opt.force_v4_certs = 0; break;
 	  case oForceMDC: opt.force_mdc = 1; break;
+	  case oNoForceMDC: opt.force_mdc = 0; break;
+	  case oDisableMDC: opt.disable_mdc = 1; break;
+	  case oNoDisableMDC: opt.disable_mdc = 0; break;
 	  case oS2KMode:   opt.s2k_mode = pargs.r.ret_int; break;
-	  case oS2KDigest: s2k_digest_string = gcry_xstrdup(pargs.r.ret_str); break;
-	  case oS2KCipher: s2k_cipher_string = gcry_xstrdup(pargs.r.ret_str); break;
-
+	  case oS2KDigest: s2k_digest_string = m_strdup(pargs.r.ret_str); break;
+	  case oS2KCipher: s2k_cipher_string = m_strdup(pargs.r.ret_str); break;
+          case oSimpleSKChecksum: opt.simple_sk_checksum = 1; break;
 	  case oNoEncryptTo: opt.no_encrypt_to = 1; break;
 	  case oEncryptTo: /* store the recipient in the second list */
 	    sl = add_to_strlist2( &remusr, pargs.r.ret_str, utf8_strings );
@@ -929,18 +1269,41 @@ main( int argc, char **argv )
 	    break;
 	  case oRecipient: /* store the recipient */
 	    add_to_strlist2( &remusr, pargs.r.ret_str, utf8_strings );
+            any_explicit_recipient = 1;
 	    break;
 	  case oTextmodeShort: opt.textmode = 2; break;
 	  case oTextmode: opt.textmode=1;  break;
+	  case oExpert: opt.expert = 1; break;
+	  case oNoExpert: opt.expert = 0; break;
+	  case oAskSigExpire: opt.ask_sig_expire = 1; break;
+	  case oNoAskSigExpire: opt.ask_sig_expire = 0; break;
+	  case oAskCertExpire: opt.ask_cert_expire = 1; break;
+	  case oNoAskCertExpire: opt.ask_cert_expire = 0; break;
 	  case oUser: /* store the local users */
 	    add_to_strlist2( &locusr, pargs.r.ret_str, utf8_strings );
 	    break;
 	  case oCompress: opt.compress = pargs.r.ret_int; break;
-	  case oPasswdFD: pwfd = pargs.r.ret_int; break;
-	  case oCommandFD: opt.command_fd = pargs.r.ret_int; break;
-	  case oCipherAlgo: def_cipher_string = gcry_xstrdup(pargs.r.ret_str); break;
-	  case oDigestAlgo: def_digest_string = gcry_xstrdup(pargs.r.ret_str); break;
-	  case oNoSecmemWarn: gcry_control( GCRYCTL_DISABLE_SECMEM_WARN ); break;
+	  case oPasswdFD:
+            pwfd = iobuf_translate_file_handle (pargs.r.ret_int, 0);
+            break;
+#ifdef __riscos__
+	  case oPasswdFile:
+            pwfd = iobuf_translate_file_handle ( fdopenfile (pargs.r.ret_str, 0), 0);
+            break;
+#endif /* __riscos__ */
+	  case oCommandFD:
+            opt.command_fd = iobuf_translate_file_handle (pargs.r.ret_int, 0);
+            break;
+#ifdef __riscos__
+	  case oCommandFile:
+            opt.command_fd = iobuf_translate_file_handle ( fdopenfile (pargs.r.ret_str, 0), 0);
+            break;
+#endif /* __riscos__ */
+	  case oCipherAlgo: def_cipher_string = m_strdup(pargs.r.ret_str); break;
+	  case oDigestAlgo: def_digest_string = m_strdup(pargs.r.ret_str); break;
+	  case oCertDigestAlgo: cert_digest_string = m_strdup(pargs.r.ret_str); break;
+	  case oNoSecmemWarn: secmem_set_flags( secmem_get_flags() | 1 ); break;
+	  case oNoPermissionWarn: opt.no_perm_warn=1; break;
 	  case oCharset:
 	    if( set_native_charset( pargs.r.ret_str ) )
 		log_error(_("%s is not a valid character set\n"),
@@ -948,54 +1311,129 @@ main( int argc, char **argv )
 	    break;
 	  case oNotDashEscaped: opt.not_dash_escaped = 1; break;
 	  case oEscapeFrom: opt.escape_from = 1; break;
+	  case oNoEscapeFrom: opt.escape_from = 0; break;
 	  case oLockOnce: opt.lock_once = 1; break;
-	  #if 0
-	  #warning no disable_dotlock() yet
 	  case oLockNever: disable_dotlock(); break;
-	  #endif
-	  case oLockMultiple: opt.lock_once = 0; break;
-	  case oKeyServer: opt.keyserver_name = pargs.r.ret_str; break;
-	  case oNotation: add_notation_data( pargs.r.ret_str ); break;
+	  case oLockMultiple:
+#ifndef __riscos__
+	    opt.lock_once = 0;
+#else /* __riscos__ */
+            not_implemented("lock-multiple");
+#endif /* __riscos__ */
+            break;
+	  case oKeyServer:
+	    if(parse_keyserver_uri(pargs.r.ret_str,configname,configlineno))
+	      log_error(_("could not parse keyserver URI\n"));
+	    break;
+	  case oKeyServerOptions:
+	    parse_keyserver_options(pargs.r.ret_str);
+	    break;
+	  case oTempDir: opt.temp_dir=pargs.r.ret_str; break;
+	  case oExecPath:
+	    {
+	      /* Notice that path is never freed.  That is
+		 intentional due to the way putenv() works. */
+	      char *path=m_alloc(5+strlen(pargs.r.ret_str)+1);
+	      strcpy(path,"PATH=");
+	      strcat(path,pargs.r.ret_str);
+	      if(putenv(path)!=0)
+		log_error(_("unable to set exec-path to %s\n"),path);
+	    }
+	    break;
+	  case oNotation:
+	    add_notation_data( pargs.r.ret_str, 0 );
+	    add_notation_data( pargs.r.ret_str, 1 );
+	    break;
+	  case oSigNotation: add_notation_data( pargs.r.ret_str, 0 ); break;
+	  case oCertNotation: add_notation_data( pargs.r.ret_str, 1 ); break;
+	  case oShowNotation: opt.show_notation=1; break;
+	  case oNoShowNotation: opt.show_notation=0; break;
 	  case oUtf8Strings: utf8_strings = 1; break;
 	  case oNoUtf8Strings: utf8_strings = 0; break;
-	  case oDisableCipherAlgo: {
-		    int algo = gcry_cipher_map_name(pargs.r.ret_str);
-		    gcry_cipher_ctl( NULL, GCRYCTL_DISABLE_ALGO,
-					     &algo, sizeof algo );
-		}
+	  case oDisableCipherAlgo:
+		disable_cipher_algo( string_to_cipher_algo(pargs.r.ret_str) );
 		break;
-	  case oDisablePubkeyAlgo: {
-		    int algo = gcry_pk_map_name(pargs.r.ret_str);
-		    gcry_pk_ctl( GCRYCTL_DISABLE_ALGO,
-				       &algo, sizeof algo );
-		}
+	  case oDisablePubkeyAlgo:
+		disable_pubkey_algo( string_to_pubkey_algo(pargs.r.ret_str) );
 		break;
+          case oNoSigCache: opt.no_sig_cache = 1; break;
+          case oNoSigCreateCheck: opt.no_sig_create_check = 1; break;
 	  case oAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid = 1; break;
+	  case oNoAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid=0; break;
 	  case oAllowFreeformUID: opt.allow_freeform_uid = 1; break;
+	  case oNoAllowFreeformUID: opt.allow_freeform_uid = 0; break;
 	  case oNoLiteral: opt.no_literal = 1; break;
 	  case oSetFilesize: opt.set_filesize = pargs.r.ret_ulong; break;
-	  case oHonorHttpProxy: opt.honor_http_proxy = 1; break;
+	  case oHonorHttpProxy:
+                opt.keyserver_options.honor_http_proxy = 1;
+		deprecated_warning(configname,configlineno,
+				   "--honor-http-proxy",
+				   "--keyserver-options ",
+				   "honor-http-proxy");
+		break;
 	  case oFastListMode: opt.fast_list_mode = 1; break;
+	  case oFixedListMode: opt.fixed_list_mode = 1; break;
 	  case oListOnly: opt.list_only=1; break;
 	  case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
+	  case oIgnoreValidFrom: opt.ignore_valid_from = 1; break;
+	  case oIgnoreCrcError: opt.ignore_crc_error = 1; break;
 	  case oNoRandomSeedFile: use_random_seed = 0; break;
-	  case oNoAutoKeyRetrieve: opt.auto_key_retrieve = 0; break;
+	  case oAutoKeyRetrieve:
+	  case oNoAutoKeyRetrieve:
+	        opt.keyserver_options.auto_key_retrieve=
+	                                     (pargs.r_opt==oAutoKeyRetrieve);
+		deprecated_warning(configname,configlineno,
+			   pargs.r_opt==oAutoKeyRetrieve?"--auto-key-retrieve":
+			       "--no-auto-key-retrieve","--keyserver-options ",
+			   pargs.r_opt==oAutoKeyRetrieve?"auto-key-retrieve":
+			       "no-auto-key-retrieve");
+		break;
+	  case oShowSessionKey: opt.show_session_key = 1; break;
+	  case oOverrideSessionKey:
+		opt.override_session_key = pargs.r.ret_str;
+		break;
 	  case oMergeOnly: opt.merge_only = 1; break;
+          case oAllowSecretKeyImport: /* obsolete */ break;
 	  case oTryAllSecrets: opt.try_all_secrets = 1; break;
           case oTrustedKey: register_trusted_key( pargs.r.ret_str ); break;
-
+          case oEnableSpecialFilenames:
+            iobuf_enable_special_filenames (1);
+            break;
+          case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break;
+          case oAutoCheckTrustDB: opt.no_auto_check_trustdb=0; break;
+          case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break;
+          case oPreservePermissions: opt.preserve_permissions=1; break;
+          case oDefaultPreferenceList:
+	    opt.def_preference_list = pargs.r.ret_str;
+	    break;
+          case oPersonalCipherPreferences:
+	    pers_cipher_list=pargs.r.ret_str;
+	    break;
+          case oPersonalDigestPreferences:
+	    pers_digest_list=pargs.r.ret_str;
+	    break;
+          case oPersonalCompressPreferences:
+	    pers_compress_list=pargs.r.ret_str;
+	    break;
+          case oDisplay: opt.display = pargs.r.ret_str; break;
+          case oTTYname: opt.ttyname = pargs.r.ret_str; break;
+          case oTTYtype: opt.ttytype = pargs.r.ret_str; break;
+          case oLCctype: opt.lc_ctype = pargs.r.ret_str; break;
+          case oLCmessages: opt.lc_messages = pargs.r.ret_str; break;
+	  case oGroup: add_group(pargs.r.ret_str); break;
 	  default : pargs.err = configfp? 1:2; break;
 	}
     }
+
     if( configfp ) {
 	fclose( configfp );
 	configfp = NULL;
-	gcry_free(configname); configname = NULL;
+	m_free(configname); configname = NULL;
 	goto next_pass;
     }
-    gcry_free( configname ); configname = NULL;
+    m_free( configname ); configname = NULL;
     if( log_get_errorcount(0) )
-	gpg_exit(2);
+	g10_exit(2);
     if( nogreeting )
 	greeting = 0;
 
@@ -1012,9 +1450,39 @@ main( int argc, char **argv )
     }
   #endif
 
+    check_permissions(opt.homedir,0,0);
+
+    if(unsafe_files)
+      {
+	STRLIST tmp;
+
+	for(tmp=unsafe_files;tmp;tmp=tmp->next)
+	  check_permissions(tmp->d,0,0);
+
+	free_strlist(unsafe_files);
+      }
+
+    if(extensions)
+      {
+	STRLIST tmp;
+
+	for(tmp=extensions;tmp;tmp=tmp->next)
+	  check_permissions(tmp->d,1,0);
+
+	free_strlist(extensions);
+      }
+
     if( may_coredump && !opt.quiet )
 	log_info(_("WARNING: program may create a core file!\n"));
 
+    if (eyes_only) {
+      if (opt.set_filename)
+	  log_info(_("WARNING: %s overrides %s\n"),
+		   "--for-your-eyes-only","--set-filename");
+
+      opt.set_filename="_CONSOLE";
+    }
+
     if (opt.no_literal) {
 	log_info(_("NOTE: %s is not for normal use!\n"), "--no-literal");
 	if (opt.textmode)
@@ -1022,51 +1490,142 @@ main( int argc, char **argv )
 		       "--textmode", "--no-literal" );
 	if (opt.set_filename)
 	    log_error(_("%s makes no sense with %s!\n"),
-			"--set-filename", "--no-literal" );
+			eyes_only?"--for-your-eyes-only":"--set-filename",
+		        "--no-literal" );
     }
+
     if (opt.set_filesize)
 	log_info(_("NOTE: %s is not for normal use!\n"), "--set-filesize");
     if( opt.batch )
 	tty_batchmode( 1 );
 
-    gcry_control( GCRYCTL_RESUME_SECMEM_WARN );
+    secmem_set_flags( secmem_get_flags() & ~2 ); /* resume warnings */
 
     set_debug();
-    /* FIXME: should set filenames of libgcrypt explicitly
-     * gpg_opt_homedir = opt.homedir; */
+    g10_opt_homedir = opt.homedir;
+
+    /* Do these after the switch(), so they can override settings. */
+    if(opt.pgp2 && (opt.pgp6 || opt.pgp7))
+      log_error(_("%s not allowed with %s!\n"),
+		"--pgp2",opt.pgp6?"--pgp6":"--pgp7");
+    else
+      {
+	if(opt.pgp2)
+	  {
+	    int unusable=0;
+
+	    if(cmd==aSign && !detached_sig)
+	      {
+		log_info(_("you can only make detached or clear signatures "
+			   "while in --pgp2 mode\n"));
+		unusable=1;
+	      }
+	    else if(cmd==aSignEncr || cmd==aSignSym)
+	      {
+		log_info(_("you can't sign and encrypt at the "
+			   "same time while in --pgp2 mode\n"));
+		unusable=1;
+	      }
+	    else if(argc==0 && (cmd==aSign || cmd==aEncr || cmd==aSym))
+	      {
+		log_info(_("you must use files (and not a pipe) when "
+			   "working with --pgp2 enabled.\n"));
+		unusable=1;
+	      }
+	    else if(cmd==aEncr || cmd==aSym)
+	      {
+		/* Everything else should work without IDEA (except using
+		   a secret key encrypted with IDEA and setting an IDEA
+		   preference, but those have their own error
+		   messages). */
+
+		if(check_cipher_algo(CIPHER_ALGO_IDEA))
+		  {
+		    log_info(_("encrypting a message in --pgp2 mode requires "
+			       "the IDEA cipher\n"));
+		    idea_cipher_warn(1);
+		    unusable=1;
+		  }
+		else if(cmd==aSym)
+		  {
+		    m_free(def_cipher_string);
+		    def_cipher_string = m_strdup("idea");
+		  }
+	      }
+
+	    if(unusable)
+	      {
+		log_info(_("this message may not be usable by PGP 2.x\n"));
+		opt.pgp2=0;
+	      }
+	    else
+	      {
+		opt.rfc1991 = 1;
+		opt.rfc2440 = 0;
+		opt.force_mdc = 0;
+		opt.disable_mdc = 1;
+		opt.force_v4_certs = 0;
+		opt.sk_comments = 0;
+		opt.escape_from = 1;
+		opt.force_v3_sigs = 1;
+		opt.pgp2_workarounds = 1;
+		opt.ask_sig_expire = 0;
+		opt.ask_cert_expire = 0;
+		m_free(def_digest_string);
+		def_digest_string = m_strdup("md5");
+		opt.def_compress_algo = 1;
+	      }
+	  }
+
+	if(opt.pgp6 || opt.pgp7)
+	  {
+	    opt.force_mdc=0;
+	    opt.disable_mdc=1;
+	    opt.sk_comments=0;
+	    opt.escape_from=1;
+	    opt.force_v3_sigs=1;
+	    opt.ask_sig_expire=0;
+	    opt.def_compress_algo=1;
+	  }
+      }
 
     /* must do this after dropping setuid, because string_to...
      * may try to load an module */
     if( def_cipher_string ) {
-	opt.def_cipher_algo = gcry_cipher_map_name(def_cipher_string);
-	gcry_free(def_cipher_string); def_cipher_string = NULL;
-	if( openpgp_cipher_test_algo(opt.def_cipher_algo) )
+	opt.def_cipher_algo = string_to_cipher_algo(def_cipher_string);
+	if(opt.def_cipher_algo==0 &&
+	   ascii_strcasecmp(def_cipher_string,"idea")==0)
+	  idea_cipher_warn(1);
+	m_free(def_cipher_string); def_cipher_string = NULL;
+	if( check_cipher_algo(opt.def_cipher_algo) )
 	    log_error(_("selected cipher algorithm is invalid\n"));
     }
     if( def_digest_string ) {
-	opt.def_digest_algo = gcry_md_map_name(def_digest_string);
-	gcry_free(def_digest_string); def_digest_string = NULL;
-	if( openpgp_md_test_algo(opt.def_digest_algo) )
+	opt.def_digest_algo = string_to_digest_algo(def_digest_string);
+	m_free(def_digest_string); def_digest_string = NULL;
+	if( check_digest_algo(opt.def_digest_algo) )
 	    log_error(_("selected digest algorithm is invalid\n"));
     }
+    if( cert_digest_string ) {
+	opt.cert_digest_algo = string_to_digest_algo(cert_digest_string);
+	m_free(cert_digest_string); cert_digest_string = NULL;
+	if( check_digest_algo(opt.cert_digest_algo) )
+	    log_error(_("selected certification digest algorithm is invalid\n"));
+    }
     if( s2k_cipher_string ) {
-	opt.s2k_cipher_algo = gcry_cipher_map_name(s2k_cipher_string);
-	gcry_free(s2k_cipher_string); s2k_cipher_string = NULL;
-	if( openpgp_cipher_test_algo(opt.s2k_cipher_algo) )
+	opt.s2k_cipher_algo = string_to_cipher_algo(s2k_cipher_string);
+	m_free(s2k_cipher_string); s2k_cipher_string = NULL;
+	if( check_cipher_algo(opt.s2k_cipher_algo) )
 	    log_error(_("selected cipher algorithm is invalid\n"));
     }
     if( s2k_digest_string ) {
-	opt.s2k_digest_algo = gcry_md_map_name(s2k_digest_string);
-	gcry_free(s2k_digest_string); s2k_digest_string = NULL;
-	if( openpgp_md_test_algo(opt.s2k_digest_algo) )
+	opt.s2k_digest_algo = string_to_digest_algo(s2k_digest_string);
+	m_free(s2k_digest_string); s2k_digest_string = NULL;
+	if( check_digest_algo(opt.s2k_digest_algo) )
 	    log_error(_("selected digest algorithm is invalid\n"));
     }
-    if( opt.set_policy_url ) {
-	if( check_policy_url( opt.set_policy_url ) )
-	    log_error(_("the given policy URL is invalid\n"));
-    }
-    if( opt.def_compress_algo < 1 || opt.def_compress_algo > 2 )
-	log_error(_("compress algorithm must be in range %d..%d\n"), 1, 2);
+    if( opt.def_compress_algo < -1 || opt.def_compress_algo > 2 )
+	log_error(_("compress algorithm must be in range %d..%d\n"), 0, 2);
     if( opt.completes_needed < 1 )
 	log_error(_("completes-needed must be greater than 0\n"));
     if( opt.marginals_needed < 2 )
@@ -1082,18 +1641,40 @@ main( int argc, char **argv )
 	log_error(_("invalid S2K mode; must be 0, 1 or 3\n"));
     }
 
+    if(opt.def_cert_check_level<0 || opt.def_cert_check_level>3)
+      log_error(_("invalid default-check-level; must be 0, 1, 2, or 3\n"));
+
+    /* This isn't actually needed, but does serve to error out if the
+       string is invalid. */
+    if(opt.def_preference_list &&
+	keygen_set_std_prefs(opt.def_preference_list,0))
+      log_error(_("invalid default preferences\n"));
+
+    /* We provide defaults for the personal digest list */
+    if(!pers_digest_list)
+      pers_digest_list="h2";
+
+    if(pers_cipher_list &&
+       keygen_set_std_prefs(pers_cipher_list,PREFTYPE_SYM))
+      log_error(_("invalid personal cipher preferences\n"));
+
+    if(pers_digest_list &&
+       keygen_set_std_prefs(pers_digest_list,PREFTYPE_HASH))
+      log_error(_("invalid personal digest preferences\n"));
+
+    if(pers_compress_list &&
+       keygen_set_std_prefs(pers_compress_list,PREFTYPE_ZIP))
+      log_error(_("invalid personal compress preferences\n"));
 
     if( log_get_errorcount(0) )
-	gpg_exit(2);
+	g10_exit(2);
 
     /* set the random seed file */
     if( use_random_seed ) {
 	char *p = make_filename(opt.homedir, "random_seed", NULL );
-	#if 0
-	#warning set_random_seed_file missing
+	check_permissions(p,0,0);
 	set_random_seed_file(p);
-	#endif
-	gcry_free(p);
+	m_free(p);
     }
 
     if( !cmd && opt.fingerprint && !with_fpr ) {
@@ -1112,9 +1693,12 @@ main( int argc, char **argv )
 	    opt.list_sigs++;
 
 	opt.verbose = opt.verbose > 1;
-	gcry_control( GCRYCTL_SET_VERBOSITY, (int)opt.verbose );
+	g10_opt_verbose = opt.verbose;
     }
 
+    /* Compression algorithm 0 means no compression at all */
+    if( opt.def_compress_algo == 0)
+        opt.compress = 0;
 
     /* kludge to let -sat generate a clear text signature */
     if( opt.textmode == 2 && !detached_sig && opt.armor && cmd == aSign )
@@ -1123,20 +1707,27 @@ main( int argc, char **argv )
     if( opt.verbose > 1 )
 	set_packet_list_mode(1);
 
-    /* add the keyrings, but not for some special commands and
-     * not in case of "-kvv userid keyring" */
+    /* Add the keyrings, but not for some special commands and not in
+       case of "-kvv userid keyring".  Also avoid adding the secret
+       keyring for a couple of commands to avoid unneeded access in
+       case the secrings are stored on a floppy */
     if( cmd != aDeArmor && cmd != aEnArmor
-	&& !(cmd == aKMode && argc == 2 ) ) {
-
-	if( !sec_nrings && default_keyring )  /* add default secret rings */
-	    add_keyblock_resource("secring.gpg", 0, 1);
-	for(sl = sec_nrings; sl; sl = sl->next )
-	    add_keyblock_resource( sl->d, 0, 1 );
-	if( !nrings && default_keyring )  /* add default ring */
-	    add_keyblock_resource("pubring.gpg", 0, 0);
+	&& !(cmd == aKMode && argc == 2 ) ) 
+      {
+        if (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys
+            && cmd != aVerify && cmd != aVerifyFiles
+            && cmd != aSym)
+          {
+            if (!sec_nrings || default_keyring) /* add default secret rings */
+              keydb_add_resource ("secring" EXTSEP_S "gpg", 0, 1);
+            for (sl = sec_nrings; sl; sl = sl->next)
+              keydb_add_resource ( sl->d, 0, 1 );
+          }
+	if( !nrings || default_keyring )  /* add default ring */
+	    keydb_add_resource ("pubring" EXTSEP_S "gpg", 0, 0);
 	for(sl = nrings; sl; sl = sl->next )
-	    add_keyblock_resource( sl->d, 0, 0 );
-    }
+	    keydb_add_resource ( sl->d, 0, 0 );
+      }
     FREE_STRLIST(nrings);
     FREE_STRLIST(sec_nrings);
 
@@ -1150,7 +1741,6 @@ main( int argc, char **argv )
       case aPrimegen:
       case aPrintMD:
       case aPrintMDs:
-      case aPrintHMAC:
       case aGenRandom:
       case aDeArmor:
       case aEnArmor:
@@ -1168,8 +1758,22 @@ main( int argc, char **argv )
       default: rc = setup_trustdb(1, trustdb_name ); break;
     }
     if( rc )
-	log_error(_("failed to initialize the TrustDB: %s\n"), gpg_errstr(rc));
-
+	log_error(_("failed to initialize the TrustDB: %s\n"), g10_errstr(rc));
+
+
+    switch (cmd) {
+      case aStore: 
+      case aSym:  
+      case aSign: 
+      case aSignSym: 
+      case aClearsign: 
+        if (!opt.quiet && any_explicit_recipient)
+          log_info (_("WARNING: recipients (-r) given "
+                      "without using public key encryption\n"));
+	break;
+      default:
+        break;
+    }
 
     switch( cmd ) {
       case aStore: /* only store the file */
@@ -1177,23 +1781,27 @@ main( int argc, char **argv )
 	    wrong_args(_("--store [filename]"));
 	if( (rc = encode_store(fname)) )
 	    log_error_f( print_fname_stdin(fname),
-			"store failed: %s\n", gpg_errstr(rc) );
+			"store failed: %s\n", g10_errstr(rc) );
 	break;
       case aSym: /* encrypt the given file only with the symmetric cipher */
 	if( argc > 1 )
 	    wrong_args(_("--symmetric [filename]"));
 	if( (rc = encode_symmetric(fname)) )
 	    log_error_f(print_fname_stdin(fname),
-			"symmetric encryption failed: %s\n",gpg_errstr(rc) );
+			"symmetric encryption failed: %s\n",g10_errstr(rc) );
 	break;
 
       case aEncr: /* encrypt the given file */
 	if( argc > 1 )
 	    wrong_args(_("--encrypt [filename]"));
 	if( (rc = encode_crypt(fname,remusr)) )
-	    log_error("%s: encryption failed: %s\n", print_fname_stdin(fname), gpg_errstr(rc) );
+	    log_error("%s: encryption failed: %s\n", print_fname_stdin(fname), g10_errstr(rc) );
 	break;
 
+      case aEncrFiles: /* encrypt the given files */
+        encode_crypt_files(argc, argv, remusr);
+    	break;
+          
       case aSign: /* sign the given file */
 	sl = NULL;
 	if( detached_sig ) { /* sign all files */
@@ -1204,12 +1812,12 @@ main( int argc, char **argv )
 	    if( argc > 1 )
 		wrong_args(_("--sign [filename]"));
 	    if( argc ) {
-		sl = gcry_xcalloc( 1, sizeof *sl + strlen(fname));
+		sl = m_alloc_clear( sizeof *sl + strlen(fname));
 		strcpy(sl->d, fname);
 	    }
 	}
 	if( (rc = sign_file( sl, detached_sig, locusr, 0, NULL, NULL)) )
-	    log_error("signing failed: %s\n", gpg_errstr(rc) );
+	    log_error("signing failed: %s\n", g10_errstr(rc) );
 	free_strlist(sl);
 	break;
 
@@ -1217,47 +1825,60 @@ main( int argc, char **argv )
 	if( argc > 1 )
 	    wrong_args(_("--sign --encrypt [filename]"));
 	if( argc ) {
-	    sl = gcry_xcalloc( 1, sizeof *sl + strlen(fname));
+	    sl = m_alloc_clear( sizeof *sl + strlen(fname));
 	    strcpy(sl->d, fname);
 	}
 	else
 	    sl = NULL;
 	if( (rc = sign_file(sl, detached_sig, locusr, 1, remusr, NULL)) )
-	    log_error("%s: sign+encrypt failed: %s\n", print_fname_stdin(fname), gpg_errstr(rc) );
+	    log_error("%s: sign+encrypt failed: %s\n", print_fname_stdin(fname), g10_errstr(rc) );
 	free_strlist(sl);
 	break;
 
+      case aSignSym: /* sign and conventionally encrypt the given file */
+	if (argc > 1)
+	    wrong_args(_("--sign --symmetric [filename]"));
+	rc = sign_symencrypt_file (fname, locusr);
+        if (rc)
+	    log_error("%s: sign+symmetric failed: %s\n",
+                      print_fname_stdin(fname), g10_errstr(rc) );
+	break;
+
       case aClearsign: /* make a clearsig */
 	if( argc > 1 )
 	    wrong_args(_("--clearsign [filename]"));
 	if( (rc = clearsign_file(fname, locusr, NULL)) )
-	    log_error("%s: clearsign failed: %s\n", print_fname_stdin(fname), gpg_errstr(rc) );
+	    log_error("%s: clearsign failed: %s\n",
+                      print_fname_stdin(fname), g10_errstr(rc) );
 	break;
 
       case aVerify:
 	if( (rc = verify_signatures( argc, argv ) ))
-	    log_error("verify signatures failed: %s\n", gpg_errstr(rc) );
+	    log_error("verify signatures failed: %s\n", g10_errstr(rc) );
 	break;
 
       case aVerifyFiles:
 	if( (rc = verify_files( argc, argv ) ))
-	    log_error("verify files failed: %s\n", gpg_errstr(rc) );
+	    log_error("verify files failed: %s\n", g10_errstr(rc) );
 	break;
 
       case aDecrypt:
 	if( argc > 1 )
 	    wrong_args(_("--decrypt [filename]"));
 	if( (rc = decrypt_message( fname ) ))
-	    log_error("decrypt_message failed: %s\n", gpg_errstr(rc) );
+	    log_error("decrypt_message failed: %s\n", g10_errstr(rc) );
 	break;
 
-
+      case aDecryptFiles:
+        decrypt_messages(argc, argv);
+        break;
+            
       case aSignKey: /* sign the key given as argument */
 	if( argc != 1 )
 	    wrong_args(_("--sign-key user-id"));
 	username = make_username( fname );
 	keyedit_menu(fname, locusr, NULL, 1 );
-	gcry_free(username);
+	m_free(username);
 	break;
 
       case aLSignKey:
@@ -1265,9 +1886,25 @@ main( int argc, char **argv )
 	    wrong_args(_("--lsign-key user-id"));
 	username = make_username( fname );
 	keyedit_menu(fname, locusr, NULL, 2 );
-	gcry_free(username);
+	m_free(username);
 	break;
 
+      case aNRSignKey:
+	if( argc != 1 )
+	    wrong_args(_("--nrsign-key user-id"));
+	username = make_username( fname );
+	keyedit_menu(fname, locusr, NULL, 3 );
+        m_free(username);
+        break;
+
+      case aNRLSignKey:
+	if( argc != 1 )
+	    wrong_args(_("--nrlsign-key user-id"));
+	username = make_username( fname );
+	keyedit_menu(fname, locusr, NULL, 4 );
+        m_free(username);
+        break;
+
       case aEditKey: /* Edit a key signature */
 	if( !argc )
 	    wrong_args(_("--edit-key user-id [commands]"));
@@ -1281,22 +1918,22 @@ main( int argc, char **argv )
 	}
 	else
 	    keyedit_menu(username, locusr, NULL, 0 );
-	gcry_free(username);
+	m_free(username);
 	break;
 
-      case aDeleteSecretKey:
-	if( argc != 1 )
-	    wrong_args(_("--delete-secret-key user-id"));
-      case aDeleteKey:
-	if( argc != 1 )
-	    wrong_args(_("--delete-key user-id"));
-	username = make_username( fname );
-	if( (rc = delete_key(username, cmd==aDeleteSecretKey)) )
-	    log_error("%s: delete key failed: %s\n", username, gpg_errstr(rc) );
-	gcry_free(username);
+      case aDeleteKeys:
+      case aDeleteSecretKeys:
+      case aDeleteSecretAndPublicKeys:
+	sl = NULL;
+	/* I'm adding these in reverse order as add_to_strlist2
+           reverses them again, and it's easier to understand in the
+           proper order :) */
+	for( ; argc; argc-- )
+	  add_to_strlist2( &sl, argv[argc-1], utf8_strings );
+	delete_keys(sl,cmd==aDeleteSecretKeys,cmd==aDeleteSecretAndPublicKeys);
+	free_strlist(sl);
 	break;
 
-
       case aCheckKeys:
 	opt.check_sigs = 1;
       case aListSigs:
@@ -1332,7 +1969,7 @@ main( int argc, char **argv )
 	    else {
 		/* add keyring (default keyrings are not registered in this
 		 * special case */
-		add_keyblock_resource( argv[1], 0, 0 );
+		keydb_add_resource( argv[1], 0, 0 );
 		sl = NULL;
 		if (**argv)
 		    add_to_strlist2( &sl, *argv, utf8_strings );
@@ -1359,7 +1996,7 @@ main( int argc, char **argv )
 
       case aFastImport:
       case aImport:
-	import_keys( argc? argv:NULL, argc, (cmd == aFastImport) );
+	import_keys( argc? argv:NULL, argc, (cmd == aFastImport), NULL );
 	break;
 
       case aExport:
@@ -1370,14 +2007,31 @@ main( int argc, char **argv )
 	for( ; argc; argc--, argv++ )
 	    add_to_strlist2( &sl, *argv, utf8_strings );
 	if( cmd == aSendKeys )
-	    hkp_export( sl );
+	    keyserver_export( sl );
 	else if( cmd == aRecvKeys )
-	    hkp_import( sl );
+	    keyserver_import( sl );
 	else
 	    export_pubkeys( sl, (cmd == aExport) );
 	free_strlist(sl);
 	break;
 
+     case aSearchKeys:
+	sl = NULL;
+	for( ; argc; argc--, argv++ )
+	  append_to_strlist2( &sl, *argv, utf8_strings );
+
+	keyserver_search( sl );
+	free_strlist(sl);
+	break;
+
+      case aRefreshKeys:
+	sl = NULL;
+	for( ; argc; argc--, argv++ )
+	    add_to_strlist2( &sl, *argv, utf8_strings );
+	keyserver_refresh(sl);
+	free_strlist(sl);
+	break;
+
       case aExportSecret:
 	sl = NULL;
 	for( ; argc; argc--, argv++ )
@@ -1399,7 +2053,15 @@ main( int argc, char **argv )
 	    wrong_args("--gen-revoke user-id");
 	username =  make_username(*argv);
 	gen_revoke( username );
-	gcry_free( username );
+	m_free( username );
+	break;
+
+      case aDesigRevoke:
+	if( argc != 1 )
+	    wrong_args("--desig-revoke user-id");
+	username =  make_username(*argv);
+	gen_desig_revoke( username );
+	m_free( username );
 	break;
 
       case aDeArmor:
@@ -1407,7 +2069,7 @@ main( int argc, char **argv )
 	    wrong_args("--dearmor [file]");
 	rc = dearmor_file( argc? *argv: NULL );
 	if( rc )
-	    log_error(_("dearmoring failed: %s\n"), gpg_errstr(rc));
+	    log_error(_("dearmoring failed: %s\n"), g10_errstr(rc));
 	break;
 
       case aEnArmor:
@@ -1415,17 +2077,12 @@ main( int argc, char **argv )
 	    wrong_args("--enarmor [file]");
 	rc = enarmor_file( argc? *argv: NULL );
 	if( rc )
-	    log_error(_("enarmoring failed: %s\n"), gpg_errstr(rc));
+	    log_error(_("enarmoring failed: %s\n"), g10_errstr(rc));
 	break;
 
 
       case aPrimegen:
-	{ 
-          #if 1
-            log_error( "command is currently not implemented\n");
-          #else
-	   /* FIXME: disabled until we have an API to create primes */
-            int mode = argc < 2 ? 0 : atoi(*argv);
+	{   int mode = argc < 2 ? 0 : atoi(*argv);
 
 	    if( mode == 1 && argc == 2 ) {
 		mpi_print( stdout, generate_public_prime( atoi(argv[1]) ), 1);
@@ -1450,12 +2107,11 @@ main( int argc, char **argv )
 						 atoi(argv[2]), g, NULL ), 1);
 		putchar('\n');
 		mpi_print( stdout, g, 1 );
-		mpi_release(g);
+		mpi_free(g);
 	    }
 	    else
 		wrong_args("--gen-prime mode bits [qbits] ");
 	    putchar('\n');
-          #endif
 	}
 	break;
 
@@ -1470,17 +2126,33 @@ main( int argc, char **argv )
 
 	    while( endless || count ) {
 		byte *p;
-		size_t n = !endless && count < 100? count : 100;
+                /* Wee need a multiple of 3, so that in case of
+                   armored output we get a correct string.  No
+                   linefolding is done, as it is best to levae this to
+                   other tools */
+		size_t n = !endless && count < 99? count : 99;
 
-		p = gcry_random_bytes( n, level );
+		p = get_random_bits( n*8, level, 0);
 	      #ifdef HAVE_DOSISH_SYSTEM
 		setmode ( fileno(stdout), O_BINARY );
 	      #endif
-		fwrite( p, n, 1, stdout );
-		gcry_free(p);
+                if (opt.armor) {
+                    char *tmp = make_radix64_string (p, n);
+                    fputs (tmp, stdout);
+                    m_free (tmp);
+                    if (n%3 == 1)
+                      putchar ('=');
+                    if (n%3)
+                      putchar ('=');
+                } else {
+                    fwrite( p, n, 1, stdout );
+                }
+		m_free(p);
 		if( !endless )
 		    count -= n;
 	    }
+            if (opt.armor)
+                putchar ('\n');
 	}
 	break;
 
@@ -1489,53 +2161,28 @@ main( int argc, char **argv )
 	    wrong_args("--print-md algo [files]");
 	{
 	    int all_algos = (**argv=='*' && !(*argv)[1]);
-	    int algo = all_algos? 0 : gcry_md_map_name(*argv);
-
-	    if( !algo && !all_algos )
-		log_error(_("invalid hash algorithm `%s'\n"), *argv );
-	    else {
-		argc--; argv++;
-		if( !argc )
-		    print_mds(NULL, algo, NULL);
-		else {
-		    for(; argc; argc--, argv++ )
-			print_mds(*argv, algo, NULL);
-		}
-	    }
-	}
-	break;
-
-      case aPrintHMAC:
-	if( argc < 2 )
-	    wrong_args("--print-hmac hash-algo key [files]");
-	{
-	    int all_algos = (**argv=='*' && !(*argv)[1]);
-	    int algo = all_algos? 0 : gcry_md_map_name(*argv);
+	    int algo = all_algos? 0 : string_to_digest_algo(*argv);
 
 	    if( !algo && !all_algos )
 		log_error(_("invalid hash algorithm `%s'\n"), *argv );
 	    else {
-		const char *key;
-		argc--; argv++;
-		key = *argv;
 		argc--; argv++;
 		if( !argc )
-		    print_mds(NULL, algo, key );
+		    print_mds(NULL, algo);
 		else {
 		    for(; argc; argc--, argv++ )
-			print_mds(*argv, algo, key );
+			print_mds(*argv, algo);
 		}
 	    }
 	}
 	break;
 
-
       case aPrintMDs: /* old option */
 	if( !argc )
-	    print_mds(NULL,0,NULL);
+	    print_mds(NULL,0);
 	else {
 	    for(; argc; argc--, argv++ )
-		print_mds(*argv,0,NULL);
+		print_mds(*argv,0);
 	}
 	break;
 
@@ -1555,15 +2202,8 @@ main( int argc, char **argv )
 	break;
 
       case aCheckTrustDB:
-	if( !argc )
-	    check_trustdb(NULL);
-	else {
-	    for( ; argc; argc--, argv++ ) {
-		username = make_username( *argv );
-		check_trustdb( username );
-		gcry_free(username);
-	    }
-	}
+        /* Old versions allowed for arguments - ignore them */
+        check_trustdb();
 	break;
 
       case aFixTrustDB:
@@ -1578,7 +2218,7 @@ main( int argc, char **argv )
 	for( ; argc; argc--, argv++ ) {
 	    username = make_username( *argv );
 	    list_trust_path( username );
-	    gcry_free(username);
+	    m_free(username);
 	}
 	break;
 
@@ -1593,9 +2233,21 @@ main( int argc, char **argv )
 	    wrong_args("--import-ownertrust [file]");
 	import_ownertrust( argc? *argv:NULL );
 	break;
+      
+      case aPipeMode:
+        if ( argc )
+            wrong_args ("--pipemode");
+        run_in_pipemode ();
+        break;
+
+      case aRebuildKeydbCaches:
+        if (argc)
+            wrong_args ("--rebuild-keydb-caches");
+        keydb_rebuild_caches ();
+        break;
 
       case aListPackets:
-	opt.list_packets=1;
+	opt.list_packets=2;
       default:
 	if( argc > 1 )
 	    wrong_args(_("[filename]"));
@@ -1620,7 +2272,7 @@ main( int argc, char **argv )
 	    }
 	    rc = proc_packets(NULL, a );
 	    if( rc )
-		log_error("processing message failed: %s\n", gpg_errstr(rc) );
+		log_error("processing message failed: %s\n", g10_errstr(rc) );
 	    iobuf_close(a);
 	}
 	break;
@@ -1629,28 +2281,24 @@ main( int argc, char **argv )
     /* cleanup */
     FREE_STRLIST(remusr);
     FREE_STRLIST(locusr);
-    gpg_exit(0);
+    g10_exit(0);
     return 8; /*NEVER REACHED*/
 }
 
 
 void
-gpg_exit( int rc )
+g10_exit( int rc )
 {
-  #if 0
-    #warning no update_random_seed_file
     update_random_seed_file();
-  #endif
     if( opt.debug & DBG_MEMSTAT_VALUE ) {
-	gcry_control( GCRYCTL_DUMP_MEMORY_STATS );
-	gcry_control( GCRYCTL_DUMP_RANDOM_STATS );
+	m_print_stats("on exit");
+	random_dump_stats();
     }
     if( opt.debug )
-	gcry_control( GCRYCTL_DUMP_SECMEM_STATS );
-    gcry_control( GCRYCTL_TERM_SECMEM );
+	secmem_dump_stats();
+    secmem_term();
     rc = rc? rc : log_get_errorcount(0)? 2 :
-			gpg_errors_seen? 1 : 0;
-    /*write_status( STATUS_LEAVE );*/
+			g10_errors_seen? 1 : 0;
     exit(rc );
 }
 
@@ -1692,71 +2340,106 @@ print_hex( byte *p, size_t n )
 }
 
 static void
-print_mds( const char *fname, int algo, const char *key )
+print_hashline( MD_HANDLE md, int algo, const char *fname )
+{
+    int i, n;
+    const byte *p;
+    
+    if ( fname ) {
+        for (p = fname; *p; p++ ) {
+            if ( *p <= 32 || *p > 127 || *p == ':' || *p == '%' )
+                printf("%%%02X", *p );
+            else 
+                putchar( *p );
+        }
+    }
+    putchar(':');
+    printf("%d:", algo );
+    p = md_read( md, algo );
+    n = md_digest_length(algo);
+    for(i=0; i < n ; i++, p++ ) 
+        printf("%02X", *p );
+    putchar(':');
+    putchar('\n');
+}
+
+static void
+print_mds( const char *fname, int algo )
 {
     FILE *fp;
     char buf[1024];
     size_t n;
-    GCRY_MD_HD md;
+    MD_HANDLE md;
     char *pname;
-    int have_tiger = 0;
 
     if( !fname ) {
 	fp = stdin;
       #ifdef HAVE_DOSISH_SYSTEM
 	setmode ( fileno(fp) , O_BINARY );
       #endif
-	pname = gcry_xstrdup("[stdin]: ");
+	pname = m_strdup("[stdin]: ");
     }
     else {
-	pname = gcry_xmalloc(strlen(fname)+3);
+	pname = m_alloc(strlen(fname)+3);
 	strcpy(stpcpy(pname,fname),": ");
 	fp = fopen( fname, "rb" );
     }
     if( !fp ) {
 	log_error("%s%s\n", pname, strerror(errno) );
-	gcry_free(pname);
+	m_free(pname);
 	return;
     }
 
-    md = gcry_md_open( 0, key? GCRY_MD_FLAG_HMAC : 0 );
+    md = md_open( 0, 0 );
     if( algo )
-	gcry_md_enable( md, algo );
+	md_enable( md, algo );
     else {
-	/* Fixme: this does not work with hmac */
-	gcry_md_enable( md, GCRY_MD_MD5 );
-	gcry_md_enable( md, GCRY_MD_SHA1 );
-	gcry_md_enable( md, GCRY_MD_RMD160 );
-	have_tiger = !gcry_md_enable( md, GCRY_MD_TIGER );
+	md_enable( md, DIGEST_ALGO_MD5 );
+	md_enable( md, DIGEST_ALGO_SHA1 );
+	md_enable( md, DIGEST_ALGO_RMD160 );
+	if( !check_digest_algo(DIGEST_ALGO_TIGER) )
+	    md_enable( md, DIGEST_ALGO_TIGER );
     }
-    if( key )
-	gcry_md_setkey( md, key, strlen(key) );
 
     while( (n=fread( buf, 1, DIM(buf), fp )) )
-	gcry_md_write( md, buf, n );
+	md_write( md, buf, n );
     if( ferror(fp) )
 	log_error("%s%s\n", pname, strerror(errno) );
     else {
-	if( algo ) {
-	    if( fname )
-		fputs( pname, stdout );
-	    print_hex(gcry_md_read(md, algo), gcry_md_get_algo_dlen(algo) );
-	}
-	else {
-	    printf(  "%s   MD5 = ", fname?pname:"" );
-			    print_hex(gcry_md_read(md, GCRY_MD_MD5), 16 );
-	    printf("\n%s  SHA1 = ", fname?pname:""  );
-			    print_hex(gcry_md_read(md, GCRY_MD_SHA1), 20 );
-	    printf("\n%sRMD160 = ", fname?pname:""  );
-			    print_hex(gcry_md_read(md, GCRY_MD_RMD160), 20 );
-	    if( have_tiger ) {
-		printf("\n%s TIGER = ", fname?pname:""  );
-			    print_hex(gcry_md_read(md, GCRY_MD_TIGER), 24 );
-	    }
-	}
-	putchar('\n');
+	md_final(md);
+        if ( opt.with_colons ) {
+            if ( algo ) 
+                print_hashline( md, algo, fname );
+            else {
+                print_hashline( md, DIGEST_ALGO_MD5, fname );
+                print_hashline( md, DIGEST_ALGO_SHA1, fname );
+                print_hashline( md, DIGEST_ALGO_RMD160, fname );
+                if( !check_digest_algo(DIGEST_ALGO_TIGER) ) 
+                    print_hashline( md, DIGEST_ALGO_TIGER, fname );
+            }
+        }
+        else {
+            if( algo ) {
+                if( fname )
+                    fputs( pname, stdout );
+                print_hex(md_read(md, algo), md_digest_length(algo) );
+            }
+            else {
+                printf(  "%s   MD5 = ", fname?pname:"" );
+                print_hex(md_read(md, DIGEST_ALGO_MD5), 16 );
+                printf("\n%s  SHA1 = ", fname?pname:""  );
+                print_hex(md_read(md, DIGEST_ALGO_SHA1), 20 );
+                printf("\n%sRMD160 = ", fname?pname:""  );
+                print_hex(md_read(md, DIGEST_ALGO_RMD160), 20 );
+                if( !check_digest_algo(DIGEST_ALGO_TIGER) ) {
+                    printf("\n%s TIGER = ", fname?pname:""  );
+                    print_hex(md_read(md, DIGEST_ALGO_TIGER), 24 );
+                }
+            }
+            putchar('\n');
+        }
     }
-    gcry_md_close(md);
+    md_close(md);
 
     if( fp != stdin )
 	fclose(fp);
@@ -1765,41 +2448,35 @@ print_mds( const char *fname, int algo, const char *key )
 
 /****************
  * Check the supplied name,value string and add it to the notation
- * data to be used for signatures.
- */
+ * data to be used for signatures.  which==0 for sig notations, and 1
+ * for cert notations.
+*/
 static void
-add_notation_data( const char *string )
+add_notation_data( const char *string, int which )
 {
     const char *s;
-    const char *s2;
-    STRLIST sl;
+    STRLIST sl,*notation_data;
     int critical=0;
     int highbit=0;
 
+    if(which)
+      notation_data=&opt.cert_notation_data;
+    else
+      notation_data=&opt.sig_notation_data;
+
     if( *string == '!' ) {
 	critical = 1;
 	string++;
     }
-    s = string;
 
-    if( !*s || (*s & 0x80) || (!isalpha(*s) && *s != '_') ) {
-	log_error(_("the first character of a notation name "
-		    "must be a letter or an underscore\n") );
-	return;
-    }
-    for(s++; *s != '='; s++ ) {
-	if( !*s || (*s & 0x80) || (!isalnum(*s) && *s != '_' && *s != '.' ) ) {
-	    log_error(_("a notation name must have only letters, "
-			"digits, dots or underscores and end with an '='\n") );
+    for( s=string ; *s != '='; s++ ) {
+	if( !*s || (*s & 0x80) || (!isgraph(*s) && !isspace(*s)) ) {
+	    log_error(_("a notation name must have only printable characters "
+			"or spaces, and end with an '='\n") );
 	    return;
 	}
     }
-    if( s[-1] == '.' || ((s2=strstr(string, "..")) && s2 < s ) ) {
-	log_error(_("dots in a notation name must be surrounded "
-		    "by other characters\n") );
-	return;
-    }
-    /* we do only support printabe text - therefore we enforce the use
+    /* we only support printable text - therefore we enforce the use
      * of only printable characters (an empty value is valid) */
     for( s++; *s ; s++ ) {
 	if( iscntrl(*s) ) {
@@ -1812,26 +2489,44 @@ add_notation_data( const char *string )
     }
 
     if( highbit )   /* must use UTF8 encoding */
-	sl = add_to_strlist2( &opt.notation_data, string, utf8_strings );
+	sl = add_to_strlist2( notation_data, string, utf8_strings );
     else
-	sl = add_to_strlist( &opt.notation_data, string );
+	sl = add_to_strlist( notation_data, string );
 
     if( critical )
 	sl->flags |= 1;
 }
 
 
-static int
-check_policy_url( const char *s )
+static void
+add_policy_url( const char *string, int which )
 {
-    if( *s == '!' )
-	s++;
-    if( !*s )
-	return -1;
-    for(; *s ; s++ ) {
-	if( (*s & 0x80) || iscntrl(*s) )
-	    return -1;
+  int i,critical=0;
+  STRLIST sl;
+
+  if(*string=='!')
+    {
+      string++;
+      critical=1;
     }
-    return 0;
-}
 
+  for(i=0;i<strlen(string);i++)
+    if(string[i]&0x80 || iscntrl(string[i]))
+      break;
+
+  if(i==0 || i<strlen(string))
+    {
+      if(which)
+	log_error(_("the given certification policy URL is invalid\n"));
+      else
+	log_error(_("the given signature policy URL is invalid\n"));
+    }
+
+  if(which)
+    sl=add_to_strlist( &opt.cert_policy_url, string );
+  else
+    sl=add_to_strlist( &opt.sig_policy_url, string );
+
+  if(critical)
+    sl->flags |= 1;    
+}
diff --git a/g10/getkey.c b/g10/getkey.c
index 8f38c4a34..87680502a 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -1,5 +1,5 @@
 /* getkey.c -  Get a key from the database
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -24,10 +24,9 @@
 #include <string.h>
 #include <assert.h>
 #include <ctype.h>
-
 #include "util.h"
 #include "packet.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "iobuf.h"
 #include "keydb.h"
 #include "options.h"
@@ -35,81 +34,26 @@
 #include "trustdb.h"
 #include "i18n.h"
 
+#define MAX_PK_CACHE_ENTRIES   200
+#define MAX_UID_CACHE_ENTRIES  200
 
-#if 0
-#define MAX_UNK_CACHE_ENTRIES 1000   /* we use a linked list - so I guess
-				      * this is a reasonable limit */
-#define MAX_PK_CACHE_ENTRIES	50
+#if MAX_PK_CACHE_ENTRIES < 2
+  #error We need the cache for key creation
 #endif
-#define MAX_UID_CACHE_ENTRIES	50
-
-/* A map of the all characters valid used for word_match()
- * Valid characters are in in this table converted to uppercase.
- * because the upper 128 bytes have special meaning, we assume
- * that they are all valid.
- * Note: We must use numerical values here in case that this program
- * will be converted to those little blue HAL9000s with their strange
- * EBCDIC character set (user ids are UTF-8).
- * wk 2000-04-13: Hmmm, does this really make sense, given the fact that
- * we can run gpg now on a S/390 running GNU/Linux, where the code
- * translation is done by the device drivers?
- */
-static const byte word_match_chars[256] = {
-  /* 00 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 08 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 10 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 18 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 20 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 28 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 30 */  0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
-  /* 38 */  0x38, 0x39, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 40 */  0x00, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
-  /* 48 */  0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
-  /* 50 */  0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
-  /* 58 */  0x58, 0x59, 0x5a, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 60 */  0x00, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
-  /* 68 */  0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
-  /* 70 */  0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
-  /* 78 */  0x58, 0x59, 0x5a, 0x00, 0x00, 0x00, 0x00, 0x00,
-  /* 80 */  0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
-  /* 88 */  0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
-  /* 90 */  0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
-  /* 98 */  0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
-  /* a0 */  0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
-  /* a8 */  0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
-  /* b0 */  0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
-  /* b8 */  0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
-  /* c0 */  0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
-  /* c8 */  0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
-  /* d0 */  0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
-  /* d8 */  0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
-  /* e0 */  0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
-  /* e8 */  0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
-  /* f0 */  0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
-  /* f8 */  0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
-};
 
-typedef struct {
-    int mode;
-    u32 keyid[2];
-    byte fprint[20];
-    char *namebuf;
-    const char *name;
-} getkey_item_t;
 
 struct getkey_ctx_s {
-    /* make an array or a linked list from dome fields */
-    int primary;
+    int exact;
     KBNODE keyblock;
-    KBPOS kbpos;
+    KBPOS  kbpos;
     KBNODE found_key; /* pointer into some keyblock */
     int last_rc;
     int req_usage;
     int req_algo;
-    ulong count;
+    KEYDB_HANDLE kr_handle;
     int not_allocated;
     int nitems;
-    getkey_item_t items[1];
+    KEYDB_SEARCH_DESC items[1];
 };
 
 #if 0
@@ -127,12 +71,6 @@ typedef struct keyid_list {
 } *keyid_list_t;
 
 
-#if MAX_UNK_CACHE_ENTRIES
-  static keyid_list_t unknown_keyids;
-  static int unk_cache_entries;   /* number of entries in unknown keys cache */
-  static int unk_cache_disabled;
-#endif
-
 #if MAX_PK_CACHE_ENTRIES
   typedef struct pk_cache_entry {
       struct pk_cache_entry *next;
@@ -156,11 +94,9 @@ typedef struct user_id_db {
 static user_id_db_t user_id_db;
 static int uid_cache_entries;	/* number of entries in uid cache */
 
-
-
-static char* prepare_word_match( const byte *name );
-static int lookup( GETKEY_CTX ctx, KBNODE *ret_kb, int secmode );
-
+static void merge_selfsigs( KBNODE keyblock );
+static int lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode );
+static int check_revocation_keys(PKT_public_key *pk,PKT_signature *sig);
 
 #if 0
 static void
@@ -180,7 +116,7 @@ print_stats()
 #endif
 
 
-static void
+void
 cache_public_key( PKT_public_key *pk )
 {
   #if MAX_PK_CACHE_ENTRIES
@@ -190,8 +126,11 @@ cache_public_key( PKT_public_key *pk )
     if( pk_cache_disabled )
 	return;
 
+    if( pk->dont_cache )
+        return;
+
     if( is_ELGAMAL(pk->pubkey_algo)
-	|| pk->pubkey_algo == GCRY_PK_DSA
+	|| pk->pubkey_algo == PUBKEY_ALGO_DSA
 	|| is_RSA(pk->pubkey_algo) ) {
 	keyid_from_pk( pk, keyid );
     }
@@ -213,7 +152,7 @@ cache_public_key( PKT_public_key *pk )
 	return;
     }
     pk_cache_entries++;
-    ce = gcry_xmalloc( sizeof *ce );
+    ce = m_alloc( sizeof *ce );
     ce->next = pk_cache;
     pk_cache = ce;
     ce->pk = copy_public_key( NULL, pk );
@@ -222,6 +161,7 @@ cache_public_key( PKT_public_key *pk )
   #endif
 }
 
+
 /*
  * Return the user ID from the given keyblock.
  * We use the primary uid flag which has been set by the merge_selfsigs
@@ -232,16 +172,21 @@ static const char *
 get_primary_uid ( KBNODE keyblock, size_t *uidlen )
 {
     KBNODE k;
+    const char *s;
 
     for (k=keyblock; k; k=k->next ) {
         if ( k->pkt->pkttype == PKT_USER_ID
+             && !k->pkt->pkt.user_id->attrib_data
              && k->pkt->pkt.user_id->is_primary ) {
             *uidlen = k->pkt->pkt.user_id->len;
             return k->pkt->pkt.user_id->name;
         }
     } 
-    *uidlen = 12;
-    return "[No user ID]";
+    /* fixme: returning translatable constants instead of a user ID is 
+     * not good because they are probably not utf-8 encoded. */
+    s = _("[User id not found]");
+    *uidlen = strlen (s);
+    return s;
 }
 
 
@@ -250,7 +195,7 @@ release_keyid_list ( keyid_list_t k )
 {
     while (  k ) {
         keyid_list_t k2 = k->next;
-        gcry_free (k);
+        m_free (k);
         k = k2;
     }
 }
@@ -259,7 +204,7 @@ release_keyid_list ( keyid_list_t k )
  * Store the association of keyid and userid
  * Feed only public keys to this function.
  */
-void
+static void
 cache_user_id( KBNODE keyblock )
 {
     user_id_db_t r;
@@ -271,7 +216,7 @@ cache_user_id( KBNODE keyblock )
     for (k=keyblock; k; k = k->next ) {
         if ( k->pkt->pkttype == PKT_PUBLIC_KEY
              || k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
-            keyid_list_t a = gcry_xcalloc ( 1, sizeof *a );
+            keyid_list_t a = m_alloc_clear ( sizeof *a );
             /* Hmmm: For a long list of keyids it might be an advantage
              * to append the keys */
             keyid_from_pk( k->pkt->pkt.public_key, a->keyid );
@@ -284,7 +229,7 @@ cache_user_id( KBNODE keyblock )
                         if( DBG_CACHE )
                             log_debug("cache_user_id: already in cache\n");
                         release_keyid_list ( keyids );
-                        gcry_free ( a );
+                        m_free ( a );
                         return;
                     }
                 }
@@ -305,10 +250,10 @@ cache_user_id( KBNODE keyblock )
 	r = user_id_db;
 	user_id_db = r->next;
         release_keyid_list ( r->keyids );
-	gcry_free(r);
+	m_free(r);
 	uid_cache_entries--;
     }
-    r = gcry_xmalloc( sizeof *r + uidlen-1 );
+    r = m_alloc( sizeof *r + uidlen-1 );
     r->keyids = keyids;
     r->len = uidlen;
     memcpy(r->name, uid, r->len);
@@ -321,17 +266,6 @@ cache_user_id( KBNODE keyblock )
 void
 getkey_disable_caches()
 {
-  #if MAX_UNK_CACHE_ENTRIES
-    {
-	keyid_list_t kl, kl2;
-	for( kl = unknown_keyids; kl; kl = kl2 ) {
-	    kl2 = kl->next;
-	    gcry_free(kl);
-	}
-	unknown_keyids = NULL;
-	unk_cache_disabled = 1;
-    }
-  #endif
   #if MAX_PK_CACHE_ENTRIES
     {
 	pk_cache_entry_t ce, ce2;
@@ -339,7 +273,7 @@ getkey_disable_caches()
 	for( ce = pk_cache; ce; ce = ce2 ) {
 	    ce2 = ce->next;
 	    free_public_key( ce->pk );
-	    gcry_free( ce );
+	    m_free( ce );
 	}
 	pk_cache_disabled=1;
 	pk_cache_entries = 0;
@@ -351,15 +285,14 @@ getkey_disable_caches()
 
 
 static void
-pk_from_block ( GETKEY_CTX ctx,
-                PKT_public_key *pk, KBNODE keyblock, const char *namehash )
+pk_from_block ( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE keyblock )
 {
     KBNODE a = ctx->found_key ? ctx->found_key : keyblock;
 
     assert ( a->pkt->pkttype == PKT_PUBLIC_KEY
              ||  a->pkt->pkttype == PKT_PUBLIC_SUBKEY );
      
-    copy_public_key_new_namehash( pk, a->pkt->pkt.public_key, namehash);
+    copy_public_key ( pk, a->pkt->pkt.public_key );
 }
 
 static void
@@ -386,15 +319,6 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
     int internal = 0;
     int rc = 0;
 
-  #if MAX_UNK_CACHE_ENTRIES
-    {	/* let's see whether we checked the keyid already */
-	keyid_list_t kl;
-	for( kl = unknown_keyids; kl; kl = kl->next )
-	    if( kl->keyid[0] == keyid[0] && kl->keyid[1] == keyid[1] )
-		return GPGERR_NO_PUBKEY; /* already checked and not found */
-    }
-  #endif
-
   #if MAX_PK_CACHE_ENTRIES
     {	/* Try to get it from the cache */
 	pk_cache_entry_t ce;
@@ -409,7 +333,7 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
   #endif
     /* more init stuff */
     if( !pk ) {
-	pk = gcry_xcalloc( 1, sizeof *pk );
+	pk = m_alloc_clear( sizeof *pk );
 	internal++;
     }
 
@@ -418,16 +342,18 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
     {	struct getkey_ctx_s ctx;
         KBNODE kb = NULL;
 	memset( &ctx, 0, sizeof ctx );
+        ctx.exact = 1; /* use the key ID exactly as given */
 	ctx.not_allocated = 1;
+        ctx.kr_handle = keydb_new (0);
 	ctx.nitems = 1;
-	ctx.items[0].mode = 11;
-	ctx.items[0].keyid[0] = keyid[0];
-	ctx.items[0].keyid[1] = keyid[1];
+	ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID;
+	ctx.items[0].u.kid[0] = keyid[0];
+	ctx.items[0].u.kid[1] = keyid[1];
         ctx.req_algo  = pk->req_algo;
         ctx.req_usage = pk->req_usage;
 	rc = lookup( &ctx, &kb, 0 );
         if ( !rc ) {
-            pk_from_block ( &ctx, pk, kb, NULL );
+            pk_from_block ( &ctx, pk, kb );
         }
 	get_pubkey_end( &ctx );
         release_kbnode ( kb );
@@ -435,26 +361,7 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
     if( !rc )
 	goto leave;
 
-  #if MAX_UNK_CACHE_ENTRIES
-    /* not found: store it for future reference */
-    if( unk_cache_disabled )
-	;
-    else if( ++unk_cache_entries > MAX_UNK_CACHE_ENTRIES ) {
-	unk_cache_disabled = 1;
-	if( opt.verbose > 1 )
-	    log_info(_("too many entries in unk cache - disabled\n"));
-    }
-    else {
-	keyid_list_t kl;
-
-	kl = gcry_xmalloc( sizeof *kl );
-	kl->keyid[0] = keyid[0];
-	kl->keyid[1] = keyid[1];
-	kl->next = unknown_keyids;
-	unknown_keyids = kl;
-    }
-  #endif
-    rc = GPGERR_NO_PUBKEY;
+    rc = G10ERR_NO_PUBKEY;
 
   leave:
     if( !rc )
@@ -473,11 +380,13 @@ get_pubkeyblock( u32 *keyid )
     KBNODE keyblock = NULL;
 
     memset( &ctx, 0, sizeof ctx );
+    /* no need to set exact here because we want the entire block */
     ctx.not_allocated = 1;
+    ctx.kr_handle = keydb_new (0);
     ctx.nitems = 1;
-    ctx.items[0].mode = 11;
-    ctx.items[0].keyid[0] = keyid[0];
-    ctx.items[0].keyid[1] = keyid[1];
+    ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID;
+    ctx.items[0].u.kid[0] = keyid[0];
+    ctx.items[0].u.kid[1] = keyid[1];
     rc = lookup( &ctx, &keyblock, 0 );
     get_pubkey_end( &ctx );
 
@@ -498,11 +407,13 @@ get_seckey( PKT_secret_key *sk, u32 *keyid )
     KBNODE kb = NULL;
 
     memset( &ctx, 0, sizeof ctx );
+    ctx.exact = 1; /* use the key ID exactly as given */
     ctx.not_allocated = 1;
+    ctx.kr_handle = keydb_new (1);
     ctx.nitems = 1;
-    ctx.items[0].mode = 11;
-    ctx.items[0].keyid[0] = keyid[0];
-    ctx.items[0].keyid[1] = keyid[1];
+    ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID;
+    ctx.items[0].u.kid[0] = keyid[0];
+    ctx.items[0].u.kid[1] = keyid[1];
     ctx.req_algo  = sk->req_algo;
     ctx.req_usage = sk->req_usage;
     rc = lookup( &ctx, &kb, 1 );
@@ -524,61 +435,30 @@ get_seckey( PKT_secret_key *sk, u32 *keyid )
 
 
 /****************
- * Check whether the secret key is available
+ * Check whether the secret key is available.  This is just a fast
+ * check and does not tell us whether the secret key is valid.  It
+ * merely tells other whether there is some secret key.
  * Returns: 0 := key is available
- *	    GPGERR_NO_SECKEY := not availabe
+ * G10ERR_NO_SECKEY := not availabe
  */
 int
 seckey_available( u32 *keyid )
 {
     int rc;
-    struct getkey_ctx_s ctx;
-    KBNODE kb = NULL;
+    KEYDB_HANDLE hd = keydb_new (1);
 
-    memset( &ctx, 0, sizeof ctx );
-    ctx.not_allocated = 1;
-    ctx.nitems = 1;
-    ctx.items[0].mode = 11;
-    ctx.items[0].keyid[0] = keyid[0];
-    ctx.items[0].keyid[1] = keyid[1];
-    rc = lookup( &ctx, &kb, 1 );
-    get_seckey_end( &ctx );
-    release_kbnode ( kb );
+    rc = keydb_search_kid (hd, keyid);
+    if ( rc == -1 )
+        rc = G10ERR_NO_SECKEY;
+    keydb_release (hd);
     return rc;
 }
 
 
-
-static int
-hextobyte( const byte *s )
-{
-    int c;
-
-    if( *s >= '0' && *s <= '9' )
-	c = 16 * (*s - '0');
-    else if( *s >= 'A' && *s <= 'F' )
-	c = 16 * (10 + *s - 'A');
-    else if( *s >= 'a' && *s <= 'f' )
-	c = 16 * (10 + *s - 'a');
-    else
-	return -1;
-    s++;
-    if( *s >= '0' && *s <= '9' )
-	c += *s - '0';
-    else if( *s >= 'A' && *s <= 'F' )
-	c += 10 + *s - 'A';
-    else if( *s >= 'a' && *s <= 'f' )
-	c += 10 + *s - 'a';
-    else
-	return -1;
-    return c;
-}
-
-
-
 /****************
  * Return the type of the user id:
  *
+ * Please use the constants KEYDB_SERCH_MODE_xxx
  *  0 = Invalid user ID
  *  1 = exact match
  *  2 = match a substring
@@ -594,8 +474,6 @@ hextobyte( const byte *s )
  * 21 = Unified fingerprint :fpr:pk_algo:
  *      (We don't use pk_algo yet)
  *
- * if fprint is not NULL, it should be an array of at least 20 bytes.
- *
  * Rules used:
  * - If the username starts with 8,9,16 or 17 hex-digits (the first one
  *   must be in the range 0..9), this is considered a keyid; depending
@@ -620,16 +498,21 @@ hextobyte( const byte *s )
  *   is not case sensitive.
  */
 
-int
-classify_user_id( const char *name, u32 *keyid, byte *fprint,
-		  const char **retstr, size_t *retlen )
+static int
+classify_user_id2( const char *name, 
+                   KEYDB_SEARCH_DESC *desc,
+                   int *force_exact )
 {
-    const char *	s;
-    int 		mode = 0;
-    int 		hexprefix = 0;
-    int 		hexlength;
-
-    /* skip leading spaces.   FIXME: what is with leading spaces? */
+    const char *s;
+    int hexprefix = 0;
+    int hexlength;
+    int mode = 0;   
+    
+    /* clear the structure so that the mode field is set to zero unless
+     * we set it to the correct value right at the end of this function */
+    memset (desc, 0, sizeof *desc);
+    *force_exact = 0;
+    /* skip leading spaces.  Fixme: what is with trailing spaces? */
     for(s = name; *s && isspace(*s); s++ )
 	;
 
@@ -638,42 +521,42 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
 	    return 0;
 
 	case '.':  /* an email address, compare from end */
-	    mode = 5;
+	    mode = KEYDB_SEARCH_MODE_MAILEND;
 	    s++;
+            desc->u.name = s;
 	    break;
 
 	case '<':  /* an email address */
-	    mode = 3;
+	    mode = KEYDB_SEARCH_MODE_MAIL;
+            desc->u.name = s;
 	    break;
 
 	case '@':  /* part of an email address */
-	    mode = 4;
+	    mode = KEYDB_SEARCH_MODE_MAILSUB;
 	    s++;
+            desc->u.name = s;
 	    break;
 
 	case '=':  /* exact compare */
-	    mode = 1;
+	    mode = KEYDB_SEARCH_MODE_EXACT;
 	    s++;
+            desc->u.name = s;
 	    break;
 
 	case '*':  /* case insensitive substring search */
-	    mode = 2;
+	    mode = KEYDB_SEARCH_MODE_SUBSTR;
 	    s++;
+            desc->u.name = s;
 	    break;
 
 	case '+':  /* compare individual words */
-	    mode = 6;
+	    mode = KEYDB_SEARCH_MODE_WORDS;
 	    s++;
+            desc->u.name = s;
 	    break;
 
 	case '#':  /* local user id */
-	    mode = 12;
-	    s++;
-	    if (keyid) {
-		if (keyid_from_lid(strtoul(s, NULL, 10), keyid))
-		    keyid[0] = keyid[1] = 0;
-	    }
-	    break;
+            return 0; /* This is now obsolete and van't not be used anymore*/
         
         case ':': /*Unified fingerprint */
             {  
@@ -689,14 +572,12 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
                 }
                 if (i != 32 && i != 40)
                     return 0; /* invalid length of fpr*/
-		if (fprint) {
-		    for (i=0,si=s; si < se; i++, si +=2) 
-			fprint[i] = hextobyte(si);
-                    for ( ; i < 20; i++)
-                        fprint[i]= 0;
-		}
+                for (i=0,si=s; si < se; i++, si +=2) 
+                    desc->u.fpr[i] = hextobyte(si);
+                for ( ; i < 20; i++)
+                    desc->u.fpr[i]= 0;
                 s = se + 1;
-                mode = 21;
+                mode = KEYDB_SEARCH_MODE_FPR;
             } 
             break;
            
@@ -707,6 +588,10 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
 	    }
 
 	    hexlength = strspn(s, "0123456789abcdefABCDEF");
+            if (hexlength >= 8 && s[hexlength] =='!') {
+                *force_exact = 1;
+                hexlength++; /* just for the following check */
+            }
 
 	    /* check if a hexadecimal number is terminated by EOS or blank */
 	    if (hexlength && s[hexlength] && !isspace(s[hexlength])) {
@@ -716,16 +601,17 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
 		    hexlength = 0;  /* a hex number, but really were not. */
 	    }
 
+            if (*force_exact)
+                hexlength--;
+
 	    if (hexlength == 8
                 || (!hexprefix && hexlength == 9 && *s == '0')){
 		/* short keyid */
 		if (hexlength == 9)
 		    s++;
-		if (keyid) {
-		    keyid[0] = 0;
-		    keyid[1] = strtoul( s, NULL, 16 );
-		}
-		mode = 10;
+                desc->u.kid[0] = 0;
+                desc->u.kid[1] = strtoul( s, NULL, 16 );
+		mode = KEYDB_SEARCH_MODE_SHORT_KID;
 	    }
 	    else if (hexlength == 16
                      || (!hexprefix && hexlength == 17 && *s == '0')) {
@@ -734,9 +620,9 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
 		if (hexlength == 17)
 		    s++;
 		mem2str(buf, s, 9 );
-		keyid[0] = strtoul( buf, NULL, 16 );
-		keyid[1] = strtoul( s+8, NULL, 16 );
-		mode = 11;
+		desc->u.kid[0] = strtoul( buf, NULL, 16 );
+		desc->u.kid[1] = strtoul( s+8, NULL, 16 );
+		mode = KEYDB_SEARCH_MODE_LONG_KID;
 	    }
 	    else if (hexlength == 32 || (!hexprefix && hexlength == 33
 							    && *s == '0')) {
@@ -744,16 +630,14 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
 		int i;
 		if (hexlength == 33)
 		    s++;
-		if (fprint) {
-		    memset(fprint+16, 4, 0);
-		    for (i=0; i < 16; i++, s+=2) {
-			int c = hextobyte(s);
-			if (c == -1)
-			    return 0;
-			fprint[i] = c;
-		    }
-		}
-		mode = 16;
+                memset(desc->u.fpr+16, 0, 4); 
+                for (i=0; i < 16; i++, s+=2) {
+                    int c = hextobyte(s);
+                    if (c == -1)
+                        return 0;
+                    desc->u.fpr[i] = c;
+                }
+		mode = KEYDB_SEARCH_MODE_FPR16;
 	    }
 	    else if (hexlength == 40 || (!hexprefix && hexlength == 41
 							      && *s == '0')) {
@@ -761,131 +645,140 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
 		int i;
 		if (hexlength == 41)
 		    s++;
-		if (fprint) {
-		    for (i=0; i < 20; i++, s+=2) {
-			int c = hextobyte(s);
-			if (c == -1)
-			    return 0;
-			fprint[i] = c;
-		    }
-		}
-		mode = 20;
+                for (i=0; i < 20; i++, s+=2) {
+                    int c = hextobyte(s);
+                    if (c == -1)
+                        return 0;
+                    desc->u.fpr[i] = c;
+                }
+		mode = KEYDB_SEARCH_MODE_FPR20;
 	    }
 	    else {
 		if (hexprefix)	/* This was a hex number with a prefix */
 		    return 0;	/* and a wrong length */
 
-		mode = 2;   /* Default is case insensitive substring search */
+                *force_exact = 0;
+                desc->u.name = s;
+		mode = KEYDB_SEARCH_MODE_SUBSTR;   /* default mode */
 	    }
     }
 
-    if( retstr )
-	*retstr = s;
-    if( retlen )
-	*retlen = strlen(s);
-
+    desc->mode = mode;
     return mode;
 }
 
+int
+classify_user_id (const char *name, KEYDB_SEARCH_DESC *desc)
+{
+    int dummy;
+    KEYDB_SEARCH_DESC dummy_desc;
 
+    if (!desc)
+        desc = &dummy_desc;
+    return classify_user_id2 (name, desc, &dummy);
+}
 
 /****************
  * Try to get the pubkey by the userid. This function looks for the
  * first pubkey certificate which has the given name in a user_id.
  * if pk/sk has the pubkey algo set, the function will only return
  * a pubkey with that algo.
- * The caller must provide provide storage for either the pk or the sk.
- * If ret_kb is not NULL the funtion will return the keyblock there.
+ * The caller should provide storage for either the pk or the sk.
+ * If ret_kb is not NULL the function will return the keyblock there.
  */
 
 static int
 key_byname( GETKEY_CTX *retctx, STRLIST namelist,
-	    PKT_public_key *pk, PKT_secret_key *sk, KBNODE *ret_kb )
+	    PKT_public_key *pk, PKT_secret_key *sk, int secmode,
+            KBNODE *ret_kb, KEYDB_HANDLE *ret_kdbhd )
 {
     int rc = 0;
     int n;
     STRLIST r;
     GETKEY_CTX ctx;
     KBNODE help_kb = NULL;
+    int exact;
     
-    if( retctx ) /* reset the returned context in case of error */
+    if( retctx ) {/* reset the returned context in case of error */
+        assert (!ret_kdbhd);  /* not allowed because the handle is
+                                 stored in the context */
 	*retctx = NULL;
+    }
+    if (ret_kdbhd)
+        *ret_kdbhd = NULL;
 
     /* build the search context */
-    /* Performance hint: Use a static buffer if there is only one name */
-    /*			 and we don't have mode 6 */
     for(n=0, r=namelist; r; r = r->next )
 	n++;
-    ctx = gcry_xcalloc( 1, sizeof *ctx + (n-1)*sizeof ctx->items );
+    ctx = m_alloc_clear (sizeof *ctx + (n-1)*sizeof ctx->items );
     ctx->nitems = n;
 
     for(n=0, r=namelist; r; r = r->next, n++ ) {
-	int mode = classify_user_id( r->d,
-                                 ctx->items[n].keyid,
-                                 ctx->items[n].fprint,
-                                 &ctx->items[n].name,
-                                 NULL );
-
-        /* if we don't use one of the exact key specifications, we assume that
-         * the primary key is requested */
-        if ( mode != 10 && mode != 11
-             && mode != 16 && mode == 20 && mode != 21 )
-            ctx->primary = 1; 
-
-	ctx->items[n].mode = mode;
-        if( !ctx->items[n].mode ) {
-	    gcry_free( ctx );
-	    return GPGERR_INV_USER_ID;
-	}
-	if( ctx->items[n].mode == 6 ) {
-	    ctx->items[n].namebuf = prepare_word_match(ctx->items[n].name);
-	    ctx->items[n].name = ctx->items[n].namebuf;
+	classify_user_id2 (r->d, &ctx->items[n], &exact);
+        
+        if (exact)
+            ctx->exact = 1;
+        if (!ctx->items[n].mode) {
+	    m_free (ctx);
+	    return G10ERR_INV_USER_ID;
 	}
     }
 
-
-
+    ctx->kr_handle = keydb_new (secmode);
     if ( !ret_kb ) 
         ret_kb = &help_kb;
 
-    if( sk ) {
+    if( secmode ) {
+        if (sk) {
+            ctx->req_algo  = sk->req_algo;
+            ctx->req_usage = sk->req_usage;
+        }
 	rc = lookup( ctx, ret_kb, 1 );
         if ( !rc && sk ) {
             sk_from_block ( ctx, sk, *ret_kb );
         }
     }
     else {
-       
+        if (pk) {
+            ctx->req_algo  = pk->req_algo;
+            ctx->req_usage = pk->req_usage;
+        }
 	rc = lookup( ctx, ret_kb, 0 );
         if ( !rc && pk ) {
-            pk_from_block ( ctx, pk, *ret_kb, NULL /* FIXME need to get the namehash*/ );
+            pk_from_block ( ctx, pk, *ret_kb );
         }
     }
 
     release_kbnode ( help_kb );
 
-    if( retctx ) /* caller wants the context */
+    if (retctx) /* caller wants the context */
 	*retctx = ctx;
     else {
-	/* Hmmm, why not get_pubkey-end here?? */
-	enum_keyblocks_end( ctx->kbpos ); ctx->kbpos = NULL;
-	for(n=0; n < ctx->nitems; n++ )
-	    gcry_free( ctx->items[n].namebuf );
-	gcry_free( ctx );
+        if (ret_kdbhd) {
+            *ret_kdbhd = ctx->kr_handle;
+            ctx->kr_handle = NULL;
+        }
+        get_pubkey_end (ctx);
     }
 
     return rc;
 }
 
+/*
+ * Find a public key from NAME and returh the keyblock or the key.
+ * If ret_kdb is not NULL, the KEYDB handle used to locate this keyblock is
+ * returned and the caller is responsible for closing it.
+ */
 int
-get_pubkey_byname( GETKEY_CTX *retctx, PKT_public_key *pk,
-		   const char *name, KBNODE *ret_keyblock )
+get_pubkey_byname (PKT_public_key *pk,
+		   const char *name, KBNODE *ret_keyblock,
+                   KEYDB_HANDLE *ret_kdbhd ) 
 {
     int rc;
     STRLIST namelist = NULL;
 
     add_to_strlist( &namelist, name );
-    rc = key_byname( retctx, namelist, pk, NULL, ret_keyblock );
+    rc = key_byname( NULL, namelist, pk, NULL, 0, ret_keyblock, ret_kdbhd);
     free_strlist( namelist );
     return rc;
 }
@@ -894,7 +787,7 @@ int
 get_pubkey_bynames( GETKEY_CTX *retctx, PKT_public_key *pk,
 		    STRLIST names, KBNODE *ret_keyblock )
 {
-    return key_byname( retctx, names, pk, NULL, ret_keyblock );
+    return key_byname( retctx, names, pk, NULL, 0, ret_keyblock, NULL);
 }
 
 int
@@ -904,7 +797,7 @@ get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock )
 
     rc = lookup( ctx, ret_keyblock, 0 );
     if ( !rc && pk && ret_keyblock )
-        pk_from_block ( ctx, pk, *ret_keyblock, NULL );
+        pk_from_block ( ctx, pk, *ret_keyblock );
     
     return rc;
 }
@@ -914,70 +807,15 @@ void
 get_pubkey_end( GETKEY_CTX ctx )
 {
     if( ctx ) {
-	int n;
-
-	enum_keyblocks_end( ctx->kbpos ); ctx->kbpos = NULL;
-	for(n=0; n < ctx->nitems; n++ )
-	    gcry_free( ctx->items[n].namebuf );
+        memset (&ctx->kbpos, 0, sizeof ctx->kbpos);
+        keydb_release (ctx->kr_handle);
 	if( !ctx->not_allocated )
-	    gcry_free( ctx );
+	    m_free( ctx );
     }
 }
 
 
 
-/****************
- * Combined function to search for a username and get the position
- * of the keyblock.
- */
-int
-find_keyblock_byname( KBNODE *retblock, const char *username )
-{
-    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-    int rc;
-
-    rc = get_pubkey_byname( NULL, pk, username, retblock );
-    free_public_key(pk);
-    return rc;
-}
-
-
-/****************
- * Combined function to search for a key and get the position
- * of the keyblock.  Used for merging while importing keys.
- */
-int
-find_keyblock_bypk( KBNODE *retblock, PKT_public_key *pk )
-{
-    char ufpr[50];
-
-    unified_fingerprint_from_pk( pk, ufpr, sizeof ufpr );
-    return find_keyblock_byname( retblock, ufpr );
-}
-
-int 
-find_kblocation_bypk( void *re_opaque, PKT_public_key *pk )
-{
-    PKT_public_key *dummy_pk = gcry_xcalloc( 1, sizeof *pk );
-    char ufpr[50];
-    GETKEY_CTX ctx;
-    int rc;
-     
-    unified_fingerprint_from_pk( pk, ufpr, sizeof ufpr );
-    /* FIXME: There is no need to return any informaton, we just
-     * wnat to know the location.  Using the general lookup function
-     * has the problem that we might not get the key becuase it has expired
-     * or due to some similar probelm.  A solotion would be a locate-only
-     * flag in the ctx */
-    rc = get_pubkey_byname( &ctx, dummy_pk, ufpr, NULL );
-    free_public_key(dummy_pk);
-    if ( !rc )
-        ringedit_copy_kbpos( re_opaque, ctx->kbpos );
-    get_pubkey_end( ctx );
-
-    return rc;
-}
-
 
 /****************
  * Search for a key with the given fingerprint.
@@ -996,18 +834,21 @@ get_pubkey_byfprint( PKT_public_key *pk,
         KBNODE kb = NULL;
 
 	memset( &ctx, 0, sizeof ctx );
+        ctx.exact = 1 ;
 	ctx.not_allocated = 1;
+        ctx.kr_handle = keydb_new (0);
 	ctx.nitems = 1;
-	ctx.items[0].mode = fprint_len;
-	memcpy( ctx.items[0].fprint, fprint, fprint_len );
+	ctx.items[0].mode = fprint_len==16? KEYDB_SEARCH_MODE_FPR16
+                                          : KEYDB_SEARCH_MODE_FPR20;
+	memcpy( ctx.items[0].u.fpr, fprint, fprint_len );
 	rc = lookup( &ctx, &kb, 0 );
         if (!rc && pk )
-            pk_from_block ( &ctx, pk, kb, NULL );
+            pk_from_block ( &ctx, pk, kb );
         release_kbnode ( kb );
 	get_pubkey_end( &ctx );
     }
     else
-	rc = GPGERR_GENERAL; /* Oops */
+	rc = G10ERR_GENERAL; /* Oops */
     return rc;
 }
 
@@ -1026,54 +867,27 @@ get_keyblock_byfprint( KBNODE *ret_keyblock, const byte *fprint,
 
 	memset( &ctx, 0, sizeof ctx );
 	ctx.not_allocated = 1;
+        ctx.kr_handle = keydb_new (0);
 	ctx.nitems = 1;
-	ctx.items[0].mode = fprint_len;
-	memcpy( ctx.items[0].fprint, fprint, fprint_len );
+	ctx.items[0].mode = fprint_len==16? KEYDB_SEARCH_MODE_FPR16
+                                          : KEYDB_SEARCH_MODE_FPR20;
+	memcpy( ctx.items[0].u.fpr, fprint, fprint_len );
 	rc = lookup( &ctx, ret_keyblock, 0 );
 	get_pubkey_end( &ctx );
     }
     else
-	rc = GPGERR_GENERAL; /* Oops */
+	rc = G10ERR_GENERAL; /* Oops */
 
     return rc;
 }
 
 
-
-/****************
- * Search for a key with the given lid and return the entire keyblock
- */
-int
-get_keyblock_bylid( KBNODE *ret_keyblock, ulong lid )
-{
-    int rc;
-    struct getkey_ctx_s ctx;
-    u32 kid[2];
-
-    if( keyid_from_lid( lid, kid ) )
-	kid[0] = kid[1] = 0;
-    memset( &ctx, 0, sizeof ctx );
-    ctx.not_allocated = 1;
-    ctx.nitems = 1;
-    ctx.items[0].mode = 12;
-    ctx.items[0].keyid[0] = kid[0];
-    ctx.items[0].keyid[1] = kid[1];
-    rc = lookup( &ctx,  ret_keyblock, 0 );
-    get_pubkey_end( &ctx );
-
-    return rc;
-}
-
-
-
-
-
 /****************
  * Get a secret key by name and store it into sk
  * If NAME is NULL use the default key
  */
-int
-get_seckey_byname( GETKEY_CTX *retctx,
+static int
+get_seckey_byname2( GETKEY_CTX *retctx,
                    PKT_secret_key *sk, const char *name, int unprotect,
                    KBNODE *retblock )
 {
@@ -1082,7 +896,7 @@ get_seckey_byname( GETKEY_CTX *retctx,
 
     if( !name && opt.def_secret_key && *opt.def_secret_key ) {
 	add_to_strlist( &namelist, opt.def_secret_key );
-	rc = key_byname( retctx, namelist, NULL, sk, retblock );
+	rc = key_byname( retctx, namelist, NULL, sk, 1, retblock, NULL );
     }
     else if( !name ) { /* use the first one as default key */
 	struct getkey_ctx_s ctx;
@@ -1092,9 +906,9 @@ get_seckey_byname( GETKEY_CTX *retctx,
         assert (!retblock);
 	memset( &ctx, 0, sizeof ctx );
 	ctx.not_allocated = 1;
-	ctx.primary = 1;
+        ctx.kr_handle = keydb_new (1);
 	ctx.nitems = 1;
-	ctx.items[0].mode = 15;
+	ctx.items[0].mode = KEYDB_SEARCH_MODE_FIRST;
 	rc = lookup( &ctx, &kb, 1 );
         if (!rc && sk )
             sk_from_block ( &ctx, sk, kb );
@@ -1103,7 +917,7 @@ get_seckey_byname( GETKEY_CTX *retctx,
     }
     else {
 	add_to_strlist( &namelist, name );
-	rc = key_byname( retctx, namelist, NULL, sk, retblock );
+	rc = key_byname( retctx, namelist, NULL, sk, 1, retblock, NULL );
     }
 
     free_strlist( namelist );
@@ -1114,11 +928,18 @@ get_seckey_byname( GETKEY_CTX *retctx,
     return rc;
 }
 
+int 
+get_seckey_byname( PKT_secret_key *sk, const char *name, int unlock )
+{
+    return get_seckey_byname2 ( NULL, sk, name, unlock, NULL );
+}
+
+
 int
 get_seckey_bynames( GETKEY_CTX *retctx, PKT_secret_key *sk,
 		    STRLIST names, KBNODE *ret_keyblock )
 {
-    return key_byname( retctx, names, NULL, sk, ret_keyblock );
+    return key_byname( retctx, names, NULL, sk, 1, ret_keyblock, NULL );
 }
 
 
@@ -1142,200 +963,41 @@ get_seckey_end( GETKEY_CTX ctx )
 }
 
 
-
-/****************
- * Combined function to search for a username and get the position
- * of the keyblock. This function does not unprotect the secret key.
- */
-int
-find_secret_keyblock_byname( KBNODE *retblock, const char *username )
-{
-    PKT_secret_key *sk = gcry_xcalloc( 1, sizeof *sk );
-    int rc;
-
-    rc = get_seckey_byname( NULL, sk, username, 0, retblock );
-    free_secret_key(sk);
-    return rc;
-}
-
-
-
 /****************
- * Combined function to search for a key and get the position
- * of the keyblock.
+ * Search for a key with the given fingerprint.
+ * FIXME:
+ * We should replace this with the _byname function.  Thiscsan be done
+ * by creating a userID conforming to the unified fingerprint style. 
  */
 int
-find_keyblock_bysk( KBNODE *retblock, PKT_secret_key *sk )
-{
-    char ufpr[50];
-
-    unified_fingerprint_from_sk( sk, ufpr, sizeof ufpr );
-    return find_secret_keyblock_byname( retblock, ufpr );
-}
-
-int 
-find_kblocation_bysk( void *re_opaque, PKT_secret_key *sk )
+get_seckey_byfprint( PKT_secret_key *sk,
+                     const byte *fprint, size_t fprint_len)
 {
-    PKT_secret_key *dummy_sk = gcry_xcalloc( 1, sizeof *sk );
-    char ufpr[50];
-    GETKEY_CTX ctx;
     int rc;
-     
-    unified_fingerprint_from_sk( sk, ufpr, sizeof ufpr );
-    rc = get_seckey_byname( &ctx, dummy_sk, ufpr, 0, NULL );
-    free_secret_key(dummy_sk);
-    if ( !rc )
-        ringedit_copy_kbpos( re_opaque, &ctx->kbpos );
-    get_seckey_end( ctx );
-
-    return rc;
-}
-
-
-
-
-/*******************************************************
- ************** compare functions **********************
- *******************************************************/
-
-/****************
- * Do a word match (original user id starts with a '+').
- * The pattern is already tokenized to a more suitable format:
- * There are only the real words in it delimited by one space
- * and all converted to uppercase.
- *
- * Returns: 0 if all words match.
- *
- * Note: This algorithm is a straightforward one and not very
- *	 fast.	It works for UTF-8 strings.  The uidlen should
- *	 be removed but due to the fact that old versions of
- *	 pgp don't use UTF-8 we still use the length; this should
- *	 be fixed in parse-packet (and replace \0 by some special
- *	 UTF-8 encoding)
- */
-static int
-word_match( const byte *uid, size_t uidlen, const byte *pattern )
-{
-    size_t wlen, n;
-    const byte *p;
-    const byte *s;
-
-    for( s=pattern; *s; ) {
-	do {
-	    /* skip leading delimiters */
-	    while( uidlen && !word_match_chars[*uid] )
-		uid++, uidlen--;
-	    /* get length of the word */
-	    n = uidlen; p = uid;
-	    while( n && word_match_chars[*p] )
-		p++, n--;
-	    wlen = p - uid;
-	    /* and compare against the current word from pattern */
-	    for(n=0, p=uid; n < wlen && s[n] != ' ' && s[n] ; n++, p++ ) {
-		if( word_match_chars[*p] != s[n] )
-		    break;
-	    }
-	    if( n == wlen && (s[n] == ' ' || !s[n]) )
-		break; /* found */
-	    uid += wlen;
-	    uidlen -= wlen;
-	} while( uidlen );
-	if( !uidlen )
-	    return -1; /* not found */
-
-	/* advance to next word in pattern */
-	for(; *s != ' ' && *s ; s++ )
-	    ;
-	if( *s )
-	    s++ ;
-    }
-    return 0; /* found */
-}
-
-/****************
- * prepare word word_match; that is parse the name and
- * build the pattern.
- * caller has to free the returned pattern
- */
-static char*
-prepare_word_match( const byte *name )
-{
-    byte *pattern, *p;
-    int c;
-
-    /* the original length is always enough for the pattern */
-    p = pattern = gcry_xmalloc(strlen(name)+1);
-    do {
-	/* skip leading delimiters */
-	while( *name && !word_match_chars[*name] )
-	    name++;
-	/* copy as long as we don't have a delimiter and convert
-	 * to uppercase.
-	 * fixme: how can we handle utf8 uppercasing */
-	for( ; *name &&  (c=word_match_chars[*name]); name++ )
-	    *p++ = c;
-	*p++ = ' '; /* append pattern delimiter */
-    } while( *name );
-    p[-1] = 0; /* replace last pattern delimiter by EOS */
-
-    return pattern;
-}
-
 
+    if( fprint_len == 20 || fprint_len == 16 ) {
+	struct getkey_ctx_s ctx;
+        KBNODE kb = NULL;
 
-
-
-static int
-compare_name( const char *uid, size_t uidlen, const char *name, int mode )
-{
-    int i;
-    const char *s, *se;
-
-    if( mode == 1 ) {  /* exact match */
-	for(i=0; name[i] && uidlen; i++, uidlen-- )
-	    if( uid[i] != name[i] )
-		break;
-	if( !uidlen && !name[i] )
-	    return 0; /* found */
-    }
-    else if( mode == 2 ) { /* case insensitive substring */
-	if( memistr( uid, uidlen, name ) )
-	    return 0;
-    }
-    else if( mode >= 3 && mode <= 5 ) { /* look at the email address */
-	for( i=0, s= uid; i < uidlen && *s != '<'; s++, i++ )
-	    ;
-	if( i < uidlen )  {
-	    /* skip opening delim and one char and look for the closing one*/
-	    s++; i++;
-	    for( se=s+1, i++; i < uidlen && *se != '>'; se++, i++ )
-		;
-	    if( i < uidlen ) {
-		i = se - s;
-		if( mode == 3 ) { /* exact email address */
-		    if( strlen(name)-2 == i && !memicmp( s, name+1, i) )
-			return 0;
-		}
-		else if( mode == 4 ) {	/* email substring */
-		    if( memistr( s, i, name ) )
-			return 0;
-		}
-		else { /* email from end */
-		    /* nyi */
-		}
-	    }
-	}
+	memset( &ctx, 0, sizeof ctx );
+        ctx.exact = 1 ;
+	ctx.not_allocated = 1;
+        ctx.kr_handle = keydb_new (1);
+	ctx.nitems = 1;
+	ctx.items[0].mode = fprint_len==16? KEYDB_SEARCH_MODE_FPR16
+                                          : KEYDB_SEARCH_MODE_FPR20;
+	memcpy( ctx.items[0].u.fpr, fprint, fprint_len );
+	rc = lookup( &ctx, &kb, 1 );
+        if (!rc && sk )
+            sk_from_block ( &ctx, sk, kb );
+        release_kbnode ( kb );
+	get_pubkey_end( &ctx );
     }
-    else if( mode == 6 )
-	return word_match( uid, uidlen, name );
     else
-	BUG();
-
-    return -1; /* not found */
+	rc = G10ERR_GENERAL; /* Oops */
+    return rc;
 }
 
-
-
 
 /************************************************
  ************* Merging stuff ********************
@@ -1344,7 +1006,11 @@ compare_name( const char *uid, size_t uidlen, const char *name, int mode )
 /****************
  * merge all selfsignatures with the keys.
  * FIXME: replace this at least for the public key parts
- *        by merge_selfsigs
+ *        by merge_selfsigs.
+ *        It is still used in keyedit.c and
+ *        at 2 or 3 other places - check whether it is really needed.
+ *        It might be needed by the key edit and import stuff because
+ *        the keylock is changed.
  */
 void
 merge_keys_and_selfsig( KBNODE keyblock )
@@ -1356,6 +1022,13 @@ merge_keys_and_selfsig( KBNODE keyblock )
     u32 kid[2] = { 0, 0 };
     u32 sigdate = 0;
 
+    if (keyblock && keyblock->pkt->pkttype == PKT_PUBLIC_KEY ) {
+        /* divert to our new function */
+        merge_selfsigs (keyblock);
+        return;
+    }
+    /* still need the old one because the new one can't handle secret keys */
+
     for(k=keyblock; k; k = k->next ) {
 	if( k->pkt->pkttype == PKT_PUBLIC_KEY
 	    || k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
@@ -1394,7 +1067,7 @@ merge_keys_and_selfsig( KBNODE keyblock )
 	    const byte *p;
 	    u32 ed;
 
-	    p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL );
+	    p = parse_sig_subpkt( sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL );
 	    if( pk ) {
 		ed = p? pk->timestamp + buffer_to_u32(p):0;
 		if( sig->timestamp > sigdate ) {
@@ -1410,49 +1083,71 @@ merge_keys_and_selfsig( KBNODE keyblock )
 		}
 	    }
 	}
+
+	if(pk && (pk->expiredate==0 ||
+		  (pk->max_expiredate && pk->expiredate>pk->max_expiredate)))
+	  pk->expiredate=pk->max_expiredate;
+
+	if(sk && (sk->expiredate==0 ||
+		  (sk->max_expiredate && sk->expiredate>sk->max_expiredate)))
+	  sk->expiredate=sk->max_expiredate;
     }
 }
 
-
+/*
+ * Apply information from SIGNODE (which is the valid self-signature
+ * associated with that UID) to the UIDNODE:
+ * - wether the UID has been revoked
+ * - assumed creation date of the UID
+ * - temporary store the keyflags here
+ * - temporary store the key expiration time here
+ * - mark whether the primary user ID flag hat been set.
+ * - store the preferences
+ */
 static void
-fixup_uidnode ( KBNODE uidnode, KBNODE signode )
+fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
 {
     PKT_user_id   *uid = uidnode->pkt->pkt.user_id;
     PKT_signature *sig = signode->pkt->pkt.signature;
-    const byte *p;
-    size_t n;
+    const byte *p, *sym, *hash, *zip;
+    size_t n, nsym, nhash, nzip;
 
     uid->created = 0; /* not created == invalid */
-    if ( !signode ) 
-        return; /* no self-signature */
-    if ( IS_UID_REV ( sig ) )
+    if ( IS_UID_REV ( sig ) ) {
+        uid->is_revoked = 1;
         return; /* has been revoked */
+    }
+
+    uid->created = sig->timestamp; /* this one is okay */
+    uid->selfsigversion = sig->version;
+    /* If we got this far, it's not expired :) */
+    uid->is_expired = 0;
+    uid->expiredate = sig->expiredate;
 
-    uid->created = sig->timestamp; /* this one is okay */    
- 
-        
     /* store the key flags in the helper variable for later processing */
     uid->help_key_usage = 0;
-    p = parse_sig_subpkt ( sig->hashed_data, SIGSUBPKT_KEY_FLAGS, &n );
+    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n );
     if ( p && n ) {
         /* first octet of the keyflags */   
         if ( (*p & 3) )
-            uid->help_key_usage |= GCRY_PK_USAGE_SIGN;
+            uid->help_key_usage |= PUBKEY_USAGE_SIG;
         if ( (*p & 12) )    
-            uid->help_key_usage |= GCRY_PK_USAGE_ENCR;
+            uid->help_key_usage |= PUBKEY_USAGE_ENC;
+        /* Note: we do not set the CERT flag here because it can be assumed
+         * that thre is no real policy to set it. */
     }
 
     /* ditto or the key expiration */
     uid->help_key_expire = 0;
-    p = parse_sig_subpkt ( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL);
-    if ( p ) {
-        uid->help_key_expire = sig->timestamp + buffer_to_u32(p);
+    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
+    if ( p ) { 
+        uid->help_key_expire = keycreated + buffer_to_u32(p);
     }
 
     /* Set the primary user ID flag - we will later wipe out some
-     * of them to only have one in out keyblock */
+     * of them to only have one in our keyblock */
     uid->is_primary = 0;
-    p = parse_sig_subpkt ( sig->hashed_data, SIGSUBPKT_PRIMARY_UID, NULL );
+    p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PRIMARY_UID, NULL );
     if ( p && *p )
         uid->is_primary = 1;
     /* We could also query this from the unhashed area if it is not in
@@ -1460,6 +1155,46 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode )
      * there should be no security problem with this.
      * For now we only look at the hashed one. 
      */
+
+    /* Now build the preferences list.  These must come from the
+       hashed section so nobody can modify the ciphers a key is
+       willing to accept. */
+    p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_SYM, &n );
+    sym = p; nsym = p?n:0;
+    p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_HASH, &n );
+    hash = p; nhash = p?n:0;
+    p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n );
+    zip = p; nzip = p?n:0;
+    if (uid->prefs) 
+        m_free (uid->prefs);
+    n = nsym + nhash + nzip;
+    if (!n)
+        uid->prefs = NULL;
+    else {
+        uid->prefs = m_alloc (sizeof (*uid->prefs) * (n+1));
+        n = 0;
+        for (; nsym; nsym--, n++) {
+            uid->prefs[n].type = PREFTYPE_SYM;
+            uid->prefs[n].value = *sym++;
+        }
+        for (; nhash; nhash--, n++) {
+            uid->prefs[n].type = PREFTYPE_HASH;
+            uid->prefs[n].value = *hash++;
+        }
+        for (; nzip; nzip--, n++) {
+            uid->prefs[n].type = PREFTYPE_ZIP;
+            uid->prefs[n].value = *zip++;
+        }
+        uid->prefs[n].type = PREFTYPE_NONE; /* end of list marker */
+        uid->prefs[n].value = 0;
+    }
+
+    /* see whether we have the MDC feature */
+    uid->mdc_feature = 0;
+    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES, &n);
+    if (p && n && (p[0] & 0x01))
+        uid->mdc_feature = 1;
+            
 }
 
 static void
@@ -1472,29 +1207,38 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
     KBNODE signode, uidnode, uidnode2;
     u32 curtime = make_timestamp ();
     unsigned int key_usage = 0;
+    u32 keytimestamp = 0;
     u32 key_expire = 0;
     int key_expire_seen = 0;
+    byte sigversion = 0;
 
     *r_revoked = 0;
     if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY )
         BUG ();
     pk = keyblock->pkt->pkt.public_key;
-    pk->created = 0;
+    keytimestamp = pk->timestamp;
+
     keyid_from_pk( pk, kid );
     pk->main_keyid[0] = kid[0];
     pk->main_keyid[1] = kid[1];
 
     if ( pk->version < 4 ) {
-        /* before v4 the key packet itself contains the expiration date
-         * and there was noway to change it.  So we also use only the
-         * one from the key packet */
-        key_expire = pk->expiredate;
+        /* before v4 the key packet itself contains the expiration
+         * date and there was no way to change it, so we start with
+         * the one from the key packet */
+        key_expire = pk->max_expiredate;
         key_expire_seen = 1;
     }
 
     /* first pass: find the latest direct key self-signature.
      * We assume that the newest one overrides all others
      */
+
+    /* In case this key was already merged */
+    m_free(pk->revkey);
+    pk->revkey=NULL;
+    pk->numrevkeys=0;
+
     signode = NULL;
     sigdate = 0; /* helper to find the latest signature */
     for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) {
@@ -1505,30 +1249,82 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
                     ; /* signature did not verify */
                 else if ( IS_KEY_REV (sig) ){
                     /* key has been revoked - there is no way to override
-                     * such a revocation, so we can stop now.
-                     * we can't cope with expiration times for revocations
-                     * here because we have to assumethat an attacker can
-                     * generate all kinds of signatures.
+                     * such a revocation, so we theoretically can stop now.
+                     * We should not cope with expiration times for revocations
+                     * here because we have to assume that an attacker can
+                     * generate all kinds of signatures.  However due to the
+                     * fact that the key has been revoked it does not harm
+                     * either and by continuing we gather some more info on 
+                     * that key.
                      */ 
                     *r_revoked = 1;
-                    return;
                 }
-                else if ( IS_KEY_SIG (sig) && sig->timestamp >= sigdate ) {
-                    const byte *p;
-                    
-                    p = parse_sig_subpkt( sig->hashed_data,
-                                          SIGSUBPKT_SIG_EXPIRE, NULL );
-                    if ( p && (sig->timestamp + buffer_to_u32(p)) >= curtime )
+                else if ( IS_KEY_SIG (sig) ) {
+		  /* Add any revocation keys onto the pk.  This is
+		     particularly interesting since we normally only
+		     get data from the most recent 1F signature, but
+		     you need multiple 1F sigs to properly handle
+		     revocation keys (PGP does it this way, and a
+		     revocation key could be sensitive and hence in a
+		     different signature). */
+		  if(sig->revkey) {
+		    int i;
+
+		    pk->revkey=
+		      m_realloc(pk->revkey,sizeof(struct revocation_key)*
+				(pk->numrevkeys+sig->numrevkeys));
+
+		    for(i=0;i<sig->numrevkeys;i++)
+		      memcpy(&pk->revkey[pk->numrevkeys++],
+			     sig->revkey[i],
+			     sizeof(struct revocation_key));
+		  }
+
+		  if( sig->timestamp >= sigdate ) {
+		    if(sig->flags.expired)
                         ; /* signature has expired - ignore it */
                     else {
                         sigdate = sig->timestamp;
                         signode = k;
-                    }
+			sigversion = sig->version;
+
+		    }
+		  }
                 }
             }
         }
     }
 
+    /* Remove dupes from the revocation keys */
+
+    if(pk->revkey)
+      {
+	int i,j,x,changed=0;
+
+	for(i=0;i<pk->numrevkeys;i++)
+	  {
+	    for(j=i+1;j<pk->numrevkeys;j++)
+	      {
+		if(memcmp(&pk->revkey[i],&pk->revkey[j],
+			  sizeof(struct revocation_key))==0)
+		  {
+		    /* remove j */
+
+		    for(x=j;x<pk->numrevkeys-1;x++)
+		      pk->revkey[x]=pk->revkey[x+1];
+
+		    pk->numrevkeys--;
+		    j--;
+		    changed=1;
+		  }
+	      }
+	  }
+
+	if(changed)
+	  pk->revkey=m_realloc(pk->revkey,
+			       pk->numrevkeys*sizeof(struct revocation_key));
+      }
+
     if ( signode ) {
         /* some information from a direct key signature take precedence
          * over the same information given in UID sigs.
@@ -1537,40 +1333,60 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
         const byte *p;
         size_t n;
         
-        p = parse_sig_subpkt ( sig->hashed_data, SIGSUBPKT_KEY_FLAGS, &n );
+        p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n );
         if ( p && n ) {
             /* first octet of the keyflags */   
             if ( (*p & 3) )
-                key_usage |= GCRY_PK_USAGE_SIGN;
+                key_usage |= PUBKEY_USAGE_SIG;
             if ( (*p & 12) )    
-                key_usage |= GCRY_PK_USAGE_ENCR;
+                key_usage |= PUBKEY_USAGE_ENC;
         }
 
-        if ( pk->version > 3 ) {
-            p = parse_sig_subpkt ( sig->hashed_data,
-                                   SIGSUBPKT_KEY_EXPIRE, NULL);
-            if ( p ) {
-                key_expire = sig->timestamp + buffer_to_u32(p);
-                key_expire_seen = 1;
-            }
+	p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
+	if ( p ) {
+	  key_expire = keytimestamp + buffer_to_u32(p);
+	  key_expire_seen = 1;
         }
-        /* and set the created field */
-        pk->created = sigdate;
-        /* and mark that key as valid: one direct key signature should 
+
+        /* mark that key as valid: one direct key signature should 
          * render a key as valid */
         pk->is_valid = 1;
     }
 
+    /* pass 1.5: look for key revocation signatures that were not made
+       by the key (i.e. did a revocation key issue a revocation for
+       us?).  Only bother to do this if there is a revocation key in
+       the first place. */
+
+    if(pk->revkey)
+      for(k=keyblock; k && k->pkt->pkttype != PKT_USER_ID; k = k->next )
+	{
+	  if ( k->pkt->pkttype == PKT_SIGNATURE )
+	    {
+	      PKT_signature *sig = k->pkt->pkt.signature;
+
+	      if(IS_KEY_REV(sig) &&
+		 (sig->keyid[0]!=kid[0] || sig->keyid[1]!=kid[1]))
+		{ 
+		  if(check_revocation_keys(pk,sig))
+		    ; /* did not verify, or loop broken */
+		  else
+		    *r_revoked=1;
+
+		  /* In the future handle subkey and cert revocations?
+                     PGP doesn't, but it's in 2440. */
+		}
+	    }
+	}
 
     /* second pass: look at the self-signature of all user IDs */
     signode = uidnode = NULL;
     sigdate = 0; /* helper to find the latest signature in one user ID */
     uiddate = 0; /* and over of all user IDs */
     for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) {
-	if ( k->pkt->pkttype == PKT_USER_ID
-             || k->pkt->pkttype == PKT_PHOTO_ID ) {
-            if ( uidnode ) 
-                fixup_uidnode ( uidnode, signode );
+	if ( k->pkt->pkttype == PKT_USER_ID ) {
+            if ( uidnode && signode ) 
+                fixup_uidnode ( uidnode, signode, keytimestamp );
             uidnode = k;
             signode = NULL;
             if ( sigdate > uiddate )
@@ -1582,48 +1398,89 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
             if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { 
                 if ( check_key_signature( keyblock, k, NULL ) )
                     ; /* signature did not verify */
-                else if ( IS_UID_SIG (sig) || IS_UID_REV (sig)) {
-                    /* Note: we allow to invalidated cert revocations
+                else if ( (IS_UID_SIG (sig) || IS_UID_REV (sig))
+                          && sig->timestamp >= sigdate ) {
+                    /* Note: we allow to invalidate cert revocations
                      * by a newer signature.  An attacker can't use this
                      * because a key should be revoced with a key revocation.
                      * The reason why we have to allow for that is that at
                      * one time an email address may become invalid but later
                      * the same email address may become valid again (hired,
                      * fired, hired again).
-                     */                    
-                    const byte *p;
-                    
-                    p = parse_sig_subpkt( sig->hashed_data,
-                                          SIGSUBPKT_SIG_EXPIRE, NULL );
-                    if ( p && (sig->timestamp + buffer_to_u32(p)) >= curtime )
-                        ; /* signature/revocation has expired - ignore it */
+                     */
+		    if(sig->flags.expired) {
+		      /* Expired uids don't get to be primary unless
+                         they are the only uid there is. */
+		      uidnode->pkt->pkt.user_id->is_primary=0;
+		      uidnode->pkt->pkt.user_id->is_expired=1;
+		      uidnode->pkt->pkt.user_id->expiredate=sig->expiredate;
+		    }
                     else {
                         sigdate = sig->timestamp;
                         signode = k;
+			if( sig->version > sigversion )
+			  sigversion = sig->version;
                     }
                 }
             }
         }
     }
-    if ( uidnode ) {
-        fixup_uidnode ( uidnode, signode );
+    if ( uidnode && signode ) {
+        fixup_uidnode ( uidnode, signode, keytimestamp );
         pk->is_valid = 1;
     }
-    if ( sigdate > uiddate )
-        uiddate = sigdate;
-    /* if we do not have a direct key signature, take the key creation date
-     * from the latest user ID.  Hmmm, another possibilty would be to take 
-     * it from the latest primary user ID - but we don't implement it for
-     * now */
-    if ( !pk->created )
-        pk->created = uiddate;
-    if ( !pk->created ) {
-        /* oops, still no creation date: use the timestamp */
-        if (DBG_CACHE)
-            log_debug( "merge_selfsigs_main: "
-                       "using timestamp as creation date\n");    
-        pk->created = pk->timestamp;
-    }
+
+    /* If the key isn't valid yet, and we have
+       --allow-non-selfsigned-uid set, then force it valid. */
+    if(!pk->is_valid && opt.allow_non_selfsigned_uid)
+      {
+	if(opt.verbose)
+	  log_info(_("Invalid key %08lX made valid by "
+		     "--allow-non-selfsigned-uid\n"),
+		   (ulong)keyid_from_pk(pk,NULL));
+
+	pk->is_valid = 1;
+      }
+
+    /* The key STILL isn't valid, so try and find an ultimately
+       trusted signature. */
+    if(!pk->is_valid)
+      {
+	uidnode=NULL;
+
+	for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k=k->next)
+	  {
+	    if ( k->pkt->pkttype == PKT_USER_ID )
+	      uidnode = k;
+	    else if ( k->pkt->pkttype == PKT_SIGNATURE && uidnode )
+	      {
+		PKT_signature *sig = k->pkt->pkt.signature;
+
+		if(sig->keyid[0] != kid[0] || sig->keyid[1]!=kid[1])
+		  {
+		    PKT_public_key *ultimate_pk;
+
+		    ultimate_pk=m_alloc_clear(sizeof(*ultimate_pk));
+
+		    if(get_pubkey(ultimate_pk,sig->keyid)==0 &&
+		       check_key_signature(keyblock,k,NULL)==0 &&
+		       get_ownertrust(ultimate_pk)==TRUST_ULTIMATE)
+		      {
+			free_public_key(ultimate_pk);
+			pk->is_valid=1;
+			break;
+		      }
+
+		    free_public_key(ultimate_pk);
+		  }
+	      }
+	  }
+      }
+
+    /* Record the highest selfsigversion so we know if this is a v3
+       key through and through, or a v3 key with a v4 selfsig, which
+       means we can trust the preferences (if any). */
+    pk->selfsigversion=sigversion;
 
     /* Now that we had a look at all user IDs we can now get some information
      * from those user IDs.
@@ -1634,8 +1491,7 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
         uiddate = 0; /* helper to find the latest user ID */
         for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY;
             k = k->next ) {
-            if ( k->pkt->pkttype == PKT_USER_ID
-                 || k->pkt->pkttype == PKT_PHOTO_ID ) {
+            if ( k->pkt->pkttype == PKT_USER_ID ) {
                 PKT_user_id *uid = k->pkt->pkt.user_id;
                 if ( uid->help_key_usage && uid->created > uiddate ) {
                     key_usage = uid->help_key_usage;
@@ -1654,16 +1510,14 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
     }
     pk->pubkey_usage = key_usage;
 
-
     if ( !key_expire_seen ) {
         /* find the latest valid user ID with a key expiration set 
-         * Note, that this may be a diferent one from the above because
+         * Note, that this may be a different one from the above because
          * some user IDs may have no expiration date set */
         uiddate = 0; 
         for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY;
             k = k->next ) {
-            if ( k->pkt->pkttype == PKT_USER_ID
-                 || k->pkt->pkttype == PKT_PHOTO_ID ) {
+            if ( k->pkt->pkttype == PKT_USER_ID ) {
                 PKT_user_id *uid = k->pkt->pkt.user_id;
                 if ( uid->help_key_expire && uid->created > uiddate ) {
                     key_expire = uid->help_key_expire;
@@ -1672,17 +1526,23 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
             }
       	}
     }
-   
-    pk->has_expired = key_expire >= curtime? 0 : key_expire;
-    /* FIXME: we should see how to get rid of the expiretime fields */
 
+    /* Currently only v3 keys have a maximum expiration date, but I'll
+       bet v5 keys get this feature again. */
+    if(key_expire==0 || (pk->max_expiredate && key_expire>pk->max_expiredate))
+      key_expire=pk->max_expiredate;
+
+    pk->has_expired = key_expire >= curtime? 0 : key_expire;
+    pk->expiredate = key_expire;
+    /* Fixme: we should see how to get rid of the expiretime fields  but
+     * this needs changes at other places too. */
 
     /* and now find the real primary user ID and delete all others */
     uiddate = uiddate2 = 0;
     uidnode = uidnode2 = NULL;
     for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) {
-        if ( k->pkt->pkttype == PKT_USER_ID
-             || k->pkt->pkttype == PKT_PHOTO_ID ) {
+        if ( k->pkt->pkttype == PKT_USER_ID &&
+	     !k->pkt->pkt.user_id->attrib_data) {
             PKT_user_id *uid = k->pkt->pkt.user_id;
             if ( uid->is_primary && uid->created > uiddate ) {
                 uiddate = uid->created;
@@ -1697,8 +1557,8 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
     if ( uidnode ) {
         for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY;
             k = k->next ) {
-            if ( k->pkt->pkttype == PKT_USER_ID
-                 || k->pkt->pkttype == PKT_PHOTO_ID ) {
+            if ( k->pkt->pkttype == PKT_USER_ID &&
+		 !k->pkt->pkt.user_id->attrib_data) {
                 PKT_user_id *uid = k->pkt->pkt.user_id;
                 if ( k != uidnode ) 
                     uid->is_primary = 0;
@@ -1709,7 +1569,23 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
         /* none is flagged primary - use the latest user ID we have */
         uidnode2->pkt->pkt.user_id->is_primary = 1;
     }
-
+    else
+      {
+	/* None of our uids were self-signed, so pick the first one to
+	   be the primary.  This is the best we can do here since
+	   there are no self sigs to date the uids. */
+
+	for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY;
+	    k = k->next )
+	  {
+	    if(k->pkt->pkttype==PKT_USER_ID &&
+	       !k->pkt->pkt.user_id->attrib_data)
+	      {
+		k->pkt->pkt.user_id->is_primary=1;
+		break;
+	      }
+	  }
+      }
 }
 
 
@@ -1724,6 +1600,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
     KBNODE signode;
     u32 curtime = make_timestamp ();
     unsigned int key_usage = 0;
+    u32 keytimestamp = 0;
     u32 key_expire = 0;
     const byte *p;
     size_t n;
@@ -1735,11 +1612,11 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
         return; /* (actually this should never happen) */
     keyid_from_pk( mainpk, mainkid );
     subpk = subnode->pkt->pkt.public_key;
+    keytimestamp = subpk->timestamp;
+
     subpk->is_valid = 0;
     subpk->main_keyid[0] = mainpk->main_keyid[0];
     subpk->main_keyid[1] = mainpk->main_keyid[1];
-    if ( subpk->version < 4 )
-        return; /* there are no v3 subkeys */
 
     /* find the latest key binding self-signature. */
     signode = NULL;
@@ -1752,17 +1629,13 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
            	if ( check_key_signature( keyblock, k, NULL ) )
                     ; /* signature did not verify */
                 else if ( IS_SUBKEY_REV (sig) ) {
-                    /* key has been revoked - given the fact that it is easy
-                     * to create a new subkey, it does not make sense to
-                     * revive a revoked key.  So we can stop here.
-                     */
                     subpk->is_revoked = 1;
-                    return;
+                    /* although we could stop now, we continue to 
+                     * figure out other information like the old expiration
+                     * time */
                 }
                 else if ( IS_SUBKEY_SIG (sig) && sig->timestamp >= sigdate ) {
-                    p = parse_sig_subpkt( sig->hashed_data,
-                                          SIGSUBPKT_SIG_EXPIRE, NULL );
-                    if ( p && (sig->timestamp + buffer_to_u32(p)) >= curtime )
+		    if(sig->flags.expired)
                         ; /* signature has expired - ignore it */
                     else {
                         sigdate = sig->timestamp;
@@ -1774,21 +1647,19 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
     }
 
     if ( !signode ) {
-        subpk->created = subpk->timestamp;
         return;  /* no valid key binding */
     }
 
     subpk->is_valid = 1;
-    subpk->created = sigdate; 
     sig = signode->pkt->pkt.signature;
         
-    p = parse_sig_subpkt ( sig->hashed_data, SIGSUBPKT_KEY_FLAGS, &n );
+    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n );
     if ( p && n ) {
         /* first octet of the keyflags */   
         if ( (*p & 3) )
-            key_usage |= GCRY_PK_USAGE_SIGN;
+            key_usage |= PUBKEY_USAGE_SIG;
         if ( (*p & 12) )    
-            key_usage |= GCRY_PK_USAGE_ENCR;
+            key_usage |= PUBKEY_USAGE_ENC;
     }
     if ( !key_usage ) { /* no key flags at all: get it from the algo */
         key_usage = openpgp_pk_algo_usage ( subpk->pubkey_algo );
@@ -1800,12 +1671,13 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
     }
     subpk->pubkey_usage = key_usage;
     
-    p = parse_sig_subpkt ( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL);
+    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
     if ( p ) 
-        key_expire = sig->timestamp + buffer_to_u32(p);
+        key_expire = keytimestamp + buffer_to_u32(p);
     else
         key_expire = 0;
     subpk->has_expired = key_expire >= curtime? 0 : key_expire;
+    subpk->expiredate = key_expire;
 }
 
 
@@ -1828,9 +1700,20 @@ merge_selfsigs( KBNODE keyblock )
     KBNODE k;
     int revoked;
     PKT_public_key *main_pk;
-
-    if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY )
+    prefitem_t *prefs;
+    int mdc_feature;
+
+    if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY ) {
+        if (keyblock->pkt->pkttype == PKT_SECRET_KEY ) {
+            log_error ("expected public key but found secret key "
+                       "- must stop\n");
+            /* we better exit here becuase a public key is expected at
+               other places too.  FIXME: Figure this out earlier and
+               don't get to here at all */
+            g10_exit (1);
+        }
         BUG ();
+    }
 
     merge_selfsigs_main ( keyblock, &revoked );
     main_pk = keyblock->pkt->pkt.public_key;
@@ -1855,6 +1738,44 @@ merge_selfsigs( KBNODE keyblock )
             merge_selfsigs_subkey ( keyblock, k );
         }
     }
+
+    /* If the main key is not valid, then the subkeys aren't either,
+       even if they have binding sigs. */
+    if(!main_pk->is_valid)
+      for(k=keyblock; k; k=k->next)
+	if(k->pkt->pkttype==PKT_PUBLIC_SUBKEY)
+	  k->pkt->pkt.public_key->is_valid=0;
+
+    /* set the preference list of all keys to those of the primary real
+     * user ID.  Note: we use these preferences when we don't know by
+     * which user ID the key has been selected.
+     * fixme: we should keep atoms of commonly used preferences or
+     * use reference counting to optimize the preference lists storage.
+     * FIXME: it might be better to use the intersection of 
+     * all preferences.
+     * Do a similar thing for the MDC feature flag.
+     */
+    prefs = NULL;
+    mdc_feature = 0;
+    for (k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) {
+        if (k->pkt->pkttype == PKT_USER_ID
+	    && !k->pkt->pkt.user_id->attrib_data
+            && k->pkt->pkt.user_id->is_primary) {
+            prefs = k->pkt->pkt.user_id->prefs;
+            mdc_feature = k->pkt->pkt.user_id->mdc_feature;
+            break;
+        }
+    }    
+    for(k=keyblock; k; k = k->next ) {
+        if ( k->pkt->pkttype == PKT_PUBLIC_KEY
+             || k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
+            PKT_public_key *pk = k->pkt->pkt.public_key;
+            if (pk->prefs)
+                m_free (pk->prefs);
+            pk->prefs = copy_prefs (prefs);
+            pk->mdc_feature = mdc_feature;
+        }
+    }
 }
 
 
@@ -1865,7 +1786,7 @@ merge_selfsigs( KBNODE keyblock )
  * keys at all and have a way to store just the real secret parts
  * from the key.
  */
-void
+static void
 merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
 {
     KBNODE pub;
@@ -1898,7 +1819,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
                     if ( !cmp_public_secret_key ( pk, sk ) ) {
                         copy_public_parts_to_secret_key ( pk, sk );
                         free_public_key ( pk );
-                        pub->pkt->pkttype = PKT_SECRET_KEY;
+                        pub->pkt->pkttype = PKT_SECRET_SUBKEY;
                         pub->pkt->pkt.secret_key = copy_secret_key (NULL, sk);
                         break;
                     }
@@ -1911,11 +1832,12 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
 }
 
 /* This function checks that for every public subkey a corresponding
- * secret subkey is avalable and deletes the public subkey otherwise.
- * We need this function becuase we can'tdelete it later when we
+ * secret subkey is available and deletes the public subkey otherwise.
+ * We need this function because we can't delete it later when we
  * actually merge the secret parts into the pubring.
+ * The function also plays some games with the node flags.
  */
-void
+static void
 premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
 {
     KBNODE last, pub;
@@ -1924,6 +1846,7 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
     assert ( secblock->pkt->pkttype == PKT_SECRET_KEY );
     
     for (pub=pubblock,last=NULL; pub; last = pub, pub = pub->next ) {
+        pub->flag &= ~3; /* reset bits 0 and 1 */
         if ( pub->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
             KBNODE sec;
             PKT_public_key *pk = pub->pkt->pkt.public_key;
@@ -1931,14 +1854,25 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
             for (sec=secblock->next; sec; sec = sec->next ) {
                 if ( sec->pkt->pkttype == PKT_SECRET_SUBKEY ) {
                     PKT_secret_key *sk = sec->pkt->pkt.secret_key;
-                    if ( !cmp_public_secret_key ( pk, sk ) ) 
+                    if ( !cmp_public_secret_key ( pk, sk ) ) {
+                        if ( sk->protect.s2k.mode == 1001 ) {
+                            /* The secret parts are not available so
+                               we can't use that key for signing etc.
+                               Fix the pubkey usage */
+                            pk->pubkey_usage &= ~PUBKEY_USAGE_SIG;
+                        }
+                        /* transfer flag bits 0 and 1 to the pubblock */
+                        pub->flag |= (sec->flag &3);
                         break;
+                    }
                 }
             }
             if ( !sec ) {
                 KBNODE next, ll;
-                log_error ( "no corresponding secret subkey "
-                            "for public subkey - removing\n" );
+
+                log_info ( "no secret subkey "
+                           "for public subkey %08lX - ignoring\n",  
+                           (ulong)keyid_from_pk (pk,NULL) );
                 /* we have to remove the subkey in this case */
                 assert ( last );
                 /* find the next subkey */
@@ -1956,108 +1890,25 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
             }
         }
     }
+    /* We need to copy the found bits (0 and 1) from the secret key to
+       the public key.  This has already been done for the subkeys but
+       got lost on the primary key - fix it here *. */
+    pubblock->flag |= (secblock->flag & 3);
 }
 
 
 
 
-/************************************************
- ************* Find stuff ***********************
- ************************************************/
-
-static int 
-find_by_name( KBNODE keyblock, const char *name,
-	      int mode, byte *namehash )
-{
-    KBNODE k;
-
-    for(k=keyblock; k; k = k->next ) {
-	if( k->pkt->pkttype == PKT_USER_ID
-	    && !compare_name( k->pkt->pkt.user_id->name,
-			      k->pkt->pkt.user_id->len, name, mode)) {
-	    /* we found a matching name, look for the key */
-            if( k->pkt->pkt.user_id->photo ) {
-                /* oops: this can never happen */
-                gcry_md_hash_buffer( GCRY_MD_RMD160, namehash,
-                                     k->pkt->pkt.user_id->photo,
-                                     k->pkt->pkt.user_id->photolen );
-            }
-            else {
-                gcry_md_hash_buffer( GCRY_MD_RMD160, namehash,
-                                     k->pkt->pkt.user_id->name,
-                                     k->pkt->pkt.user_id->len );
-            }
-            return 1; 
-        }
-    }
-    
-    return 0;
-}
-
-
-
-static KBNODE
-find_by_keyid( KBNODE keyblock, u32 *keyid, int mode )
-{
-    KBNODE k;
-
-    for(k=keyblock; k; k = k->next ) {
-	if(    k->pkt->pkttype == PKT_PUBLIC_KEY
-	    || k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
-	    u32 aki[2];
-	    keyid_from_pk( k->pkt->pkt.public_key, aki );
-	    if( aki[1] == keyid[1] && ( mode == 10 || aki[0] == keyid[0] ) ) {
-                return k; /* found */
-	    }
-	}
-    }
-    return NULL;
-}
-
-
-
-static KBNODE
-find_by_fpr( KBNODE keyblock,  const char *name, int mode )
-{
-    KBNODE k;
-
-    for(k=keyblock; k; k = k->next ) {
-	if(    k->pkt->pkttype == PKT_PUBLIC_KEY
-	    || k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
-	    byte afp[MAX_FINGERPRINT_LEN];
-	    size_t an;
-
-	    fingerprint_from_pk(k->pkt->pkt.public_key, afp, &an );
-            if ( mode == 21 ) {
-                /* Unified fingerprint. The fingerprint is always 20 bytes*/
-                while ( an < 20 )
-                    afp[an++] = 0;
-                if ( !memcmp( afp, name, 20 ) )
-                    return k;
-            }
-	    else { 
-                if( an == mode && !memcmp( afp, name, an) ) {
-                    return k;
-                }
-            }
-	}
-    }
-    return NULL;
-}
-
-
-
-
 /* See see whether the key fits
  * our requirements and in case we do not
- * request a the primary key, we should select
+ * request the primary key, we should select
  * a suitable subkey.
  * FIXME: Check against PGP 7 whether we still need a kludge
  *        to favor type 16 keys over type 20 keys when type 20
  *        has not been explitely requested.
  * Returns: True when a suitable key has been found.
  *
- * We have to distinguish four cases:
+ * We have to distinguish four cases:  FIXME!
  *  1. No usage and no primary key requested
  *     Examples for this case are that we have a keyID to be used
  *     for decrytion or verification.
@@ -2069,35 +1920,79 @@ find_by_fpr( KBNODE keyblock,  const char *name, int mode )
  *  4. Usage but no primary key requested
  *     FIXME
  * FIXME: Tell what is going to happen here and something about the rationale
+ * Note: We don't use this function if no specific usage is requested;
+ *       This way the getkey functions can be used for plain key listings.
  *
+ * CTX ist the keyblock we are investigating, if FOUNDK is not NULL this
+ * is the key we actually found by looking at the keyid or a fingerprint and
+ * may eitehr point to the primary or one of the subkeys.
  */
 
 static int
-finish_lookup( GETKEY_CTX ctx,  KBNODE foundk )
+finish_lookup (GETKEY_CTX ctx)
 {
     KBNODE keyblock = ctx->keyblock;
     KBNODE k;
-  #define USAGE_MASK  (GCRY_PK_USAGE_SIGN|GCRY_PK_USAGE_ENCR)
+    KBNODE foundk = NULL;
+    PKT_user_id *foundu = NULL;
+  #define USAGE_MASK  (PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC)
     unsigned int req_usage = ( ctx->req_usage & USAGE_MASK );
+    /* Request the primary if we're certifying another key, and also
+       if signing data while --pgp6 or --pgp7 is on since pgp 6 and 7
+       do not understand signatures made by a signing subkey. */
+    int req_prim = (ctx->req_usage & PUBKEY_USAGE_CERT) ||
+      ((opt.pgp6 || opt.pgp7) && (ctx->req_usage & PUBKEY_USAGE_SIG));
     u32 latest_date;
     KBNODE latest_key;
+    u32 curtime = make_timestamp ();
 
-    assert( !foundk || foundk->pkt->pkttype == PKT_PUBLIC_KEY
-	            || foundk->pkt->pkttype == PKT_PUBLIC_SUBKEY );
     assert( keyblock->pkt->pkttype == PKT_PUBLIC_KEY );
    
     ctx->found_key = NULL;
-    
+
+    if (ctx->exact) {
+        for (k=keyblock; k; k = k->next) {
+            if ( (k->flag & 1) ) {
+                assert ( k->pkt->pkttype == PKT_PUBLIC_KEY
+                         || k->pkt->pkttype == PKT_PUBLIC_SUBKEY );
+                foundk = k;
+                break;
+            }
+        }
+    }
+
+    for (k=keyblock; k; k = k->next) {
+        if ( (k->flag & 2) ) {
+            assert (k->pkt->pkttype == PKT_USER_ID);
+            foundu = k->pkt->pkt.user_id;
+            break;
+        }
+    }
+
     if ( DBG_CACHE )
-        log_debug( "finish_lookup: checking %s (req_usage=%x)\n",
-                   foundk? "one key":"all keys", req_usage);
+        log_debug( "finish_lookup: checking key %08lX (%s)(req_usage=%x)\n",
+                   (ulong)keyid_from_pk( keyblock->pkt->pkt.public_key, NULL),
+                   foundk? "one":"all", req_usage);
 
+    if (!req_usage) {
+        latest_key = foundk? foundk:keyblock;
+        goto found;
+    }
+    
+    if (!req_usage) {
+        PKT_public_key *pk = foundk->pkt->pkt.public_key;
+        if (pk->user_id)
+            free_user_id (pk->user_id);
+        pk->user_id = scopy_user_id (foundu);
+        ctx->found_key = foundk;
+        cache_user_id( keyblock );
+        return 1; /* found */
+    }
+    
     latest_date = 0;
     latest_key  = NULL;
-    /* We do check the subkeys only if we either have requested a specific
-     * usage or have not requested to get the primary key. */
-    if ( (req_usage || !ctx->primary)
-         && (!foundk || foundk->pkt->pkttype == PKT_PUBLIC_SUBKEY) ) {
+    /* do not look at subkeys if a certification key is requested */
+    if ((!foundk || foundk->pkt->pkttype == PKT_PUBLIC_SUBKEY) && !req_prim) {
         KBNODE nextk;
         /* either start a loop or check just this one subkey */
         for (k=foundk?foundk:keyblock; k; k = nextk ) {
@@ -2108,6 +2003,9 @@ finish_lookup( GETKEY_CTX ctx,  KBNODE foundk )
             if ( foundk )
                 nextk = NULL;  /* what a hack */
             pk = k->pkt->pkt.public_key;
+            if (DBG_CACHE)
+                log_debug( "\tchecking subkey %08lX\n",
+                           (ulong)keyid_from_pk( pk, NULL));
             if ( !pk->is_valid ) {
                 if (DBG_CACHE)
                     log_debug( "\tsubkey not valid\n");
@@ -2123,9 +2021,13 @@ finish_lookup( GETKEY_CTX ctx,  KBNODE foundk )
                     log_debug( "\tsubkey has expired\n");
                 continue;
             }
+            if ( pk->timestamp > curtime && !opt.ignore_valid_from ) {
+                if (DBG_CACHE)
+                    log_debug( "\tsubkey not yet valid\n");
+                continue;
+            }
             
-            if ( req_usage &&
-                 !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
+            if ( !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
                 if (DBG_CACHE)
                     log_debug( "\tusage does not match: want=%x have=%x\n",
                                req_usage, pk->pubkey_usage );
@@ -2133,18 +2035,19 @@ finish_lookup( GETKEY_CTX ctx,  KBNODE foundk )
             }
 
             if (DBG_CACHE)
-                log_debug( "\tconsidering key %08lX\n",
-                           (ulong)keyid_from_pk( pk, NULL));
-            if ( pk->created > latest_date ) {
-                latest_date = pk->created;
+                log_debug( "\tsubkey looks fine\n");
+            if ( pk->timestamp > latest_date ) {
+                latest_date = pk->timestamp;
                 latest_key  = k;
             }
         }
     }
 
-    if ( !latest_key ) {
+    /* Okay now try the primary key unless we want an exact 
+     * key ID match on a subkey */
+    if ((!latest_key && !(ctx->exact && foundk != keyblock)) || req_prim) {
         PKT_public_key *pk;
-        if (DBG_CACHE && !foundk )
+        if (DBG_CACHE && !foundk && !req_prim )
             log_debug( "\tno suitable subkeys found - trying primary\n");
         pk = keyblock->pkt->pkt.public_key;
         if ( !pk->is_valid ) {
@@ -2159,17 +2062,17 @@ finish_lookup( GETKEY_CTX ctx,  KBNODE foundk )
             if (DBG_CACHE)
                 log_debug( "\tprimary key has expired\n");
         }
-        else  if ( req_usage
-                   && !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
+        else  if ( !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
             if (DBG_CACHE)
-                log_debug( "\tusage does not match: want=%x have=%x\n",
+                log_debug( "\tprimary key usage does not match: "
+                           "want=%x have=%x\n",
                            req_usage, pk->pubkey_usage );
         }
         else { /* okay */
             if (DBG_CACHE)
                 log_debug( "\tprimary key may be used\n");
             latest_key = keyblock;
-            latest_date = pk->created;
+            latest_date = pk->timestamp;
         }
     }
     
@@ -2179,13 +2082,21 @@ finish_lookup( GETKEY_CTX ctx,  KBNODE foundk )
         return 0;
     }
 
+ found:
     if (DBG_CACHE)
         log_debug( "\tusing key %08lX\n",
                 (ulong)keyid_from_pk( latest_key->pkt->pkt.public_key, NULL) );
 
+    if (latest_key) {
+        PKT_public_key *pk = latest_key->pkt->pkt.public_key;
+        if (pk->user_id)
+            free_user_id (pk->user_id);
+        pk->user_id = scopy_user_id (foundu);
+    }    
+        
     ctx->found_key = latest_key;
 
-    if ( latest_key != keyblock ) {
+    if (latest_key != keyblock && opt.verbose) {
         log_info(_("using secondary key %08lX "
                    "instead of primary key %08lX\n"),
                  (ulong)keyid_from_pk( latest_key->pkt->pkt.public_key, NULL),
@@ -2197,109 +2108,91 @@ finish_lookup( GETKEY_CTX ctx,  KBNODE foundk )
     return 1; /* found */
 }
 
- 
+
 static int
 lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
 {
     int rc;
-    int oldmode = set_packet_list_mode(0);
-    byte namehash[20];
-    int use_namehash=0;
     KBNODE secblock = NULL; /* helper */
-
-    if( !ctx->count ) /* first time */
-	rc = enum_keyblocks_begin( &ctx->kbpos, secmode );
-    else
-	rc = 0;
-    if( !rc ) {
-	while( !(rc = enum_keyblocks_next( ctx->kbpos, 1, &ctx->keyblock )) ) {
-	    int n;
-	    getkey_item_t *item;
-
-            if ( secmode ) {
-                /* find the correspondig public key and use this 
-                 * this one for the selection process */
-                u32 aki[2];
-                KBNODE k = ctx->keyblock;
-                
-                if ( k->pkt->pkttype != PKT_SECRET_KEY )
-                    BUG();
-                keyid_from_sk( k->pkt->pkt.secret_key, aki );
-	        k = get_pubkeyblock( aki );
-	        if( !k ) {
-	            log_info(_("key %08lX: secret key without public key "
+    int no_suitable_key = 0;
+    
+    rc = 0;
+    while (!(rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems))) {
+        /* If we are searching for the first key we have to make sure
+           that the next interation does not no an implicit reset.
+           This can be triggered by an empty key ring. */
+        if (ctx->nitems && ctx->items->mode == KEYDB_SEARCH_MODE_FIRST)
+            ctx->items->mode = KEYDB_SEARCH_MODE_NEXT;
+
+        rc = keydb_get_keyblock (ctx->kr_handle, &ctx->keyblock);
+        if (rc) {
+            log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
+            rc = 0;
+            goto skip;
+        }
+                       
+        if ( secmode ) {
+            /* find the correspondig public key and use this 
+             * this one for the selection process */
+            u32 aki[2];
+            KBNODE k = ctx->keyblock;
+            
+            if (k->pkt->pkttype != PKT_SECRET_KEY)
+                BUG();
+
+            keyid_from_sk (k->pkt->pkt.secret_key, aki);
+            k = get_pubkeyblock (aki);
+            if( !k ) {
+                if (!opt.quiet)
+                    log_info(_("key %08lX: secret key without public key "
                                "- skipped\n"),  (ulong)aki[1] );
-                    goto skip;
-                }
-                secblock = ctx->keyblock;
-                ctx->keyblock = k;
-                premerge_public_with_secret ( ctx->keyblock, secblock );
+                goto skip;
             }
+            secblock = ctx->keyblock;
+            ctx->keyblock = k;
 
+            premerge_public_with_secret ( ctx->keyblock, secblock );
+        }
 
-	    /* loop over all the user ids we want to look for */
-	    item = ctx->items;
-	    for(n=0; n < ctx->nitems; n++, item++ ) {
-                KBNODE k = NULL;
-                int found = 0;
-    
-		if( item->mode < 10 ) {
-		    found = find_by_name( ctx->keyblock,
-                                          item->name, item->mode,
-                                          namehash );
-                    use_namehash = found;
-                }
-		else if( item->mode >= 10 && item->mode <= 12 ) {
-		    k = find_by_keyid( ctx->keyblock, 
-				       item->keyid, item->mode );
-                    found = !!k;
-                }
-		else if( item->mode == 15 ) {
-		    found = 1;
-                }
-		else if( item->mode == 16 || item->mode == 20
-                         || item->mode == 21 ) {
-		    k = find_by_fpr( ctx->keyblock,
-				     item->fprint, item->mode );
-                    found = !!k;
-                }
-		else
-		    BUG();
-		if( found ) { 
-                    /* this keyblock looks fine - do further investigation */
-                    merge_selfsigs ( ctx->keyblock );
-		    if ( finish_lookup( ctx, k ) ) {
-                        if ( secmode ) {
-                            merge_public_with_secret ( ctx->keyblock,
-                                                       secblock);
-                            release_kbnode (secblock);
-                            secblock = NULL;
-                        }
-                        goto found;
-                    }
-		}
-	    }
-          skip:
-            /* release resources and try the next keyblock */
+        /* warning: node flag bits 0 and 1 should be preserved by
+         * merge_selfsigs.  For secret keys, premerge did tranfer the
+         * keys to the keyblock */
+        merge_selfsigs ( ctx->keyblock );
+        if ( finish_lookup (ctx) ) {
+            no_suitable_key = 0;
             if ( secmode ) {
-                release_kbnode( secblock );
+                merge_public_with_secret ( ctx->keyblock,
+                                           secblock);
+                release_kbnode (secblock);
                 secblock = NULL;
             }
-	    release_kbnode( ctx->keyblock );
-	    ctx->keyblock = NULL;
-	}
-      found:
-        ;
+            goto found;
+        }
+        else
+            no_suitable_key = 1;
+        
+      skip:
+        /* release resources and continue search */
+        if ( secmode ) {
+            release_kbnode( secblock );
+            secblock = NULL;
+        }
+        release_kbnode( ctx->keyblock );
+        ctx->keyblock = NULL;
     }
+
+  found:
     if( rc && rc != -1 )
-	log_error("enum_keyblocks failed: %s\n", gpg_errstr(rc));
+	log_error("keydb_search failed: %s\n", g10_errstr(rc));
 
     if( !rc ) {
         *ret_keyblock = ctx->keyblock; /* return the keyblock */
         ctx->keyblock = NULL;
     }
+    else if (rc == -1 && no_suitable_key)
+        rc = secmode ? G10ERR_UNU_SECKEY : G10ERR_UNU_PUBKEY;
     else if( rc == -1 )
-	rc = secmode ? GPGERR_NO_SECKEY : GPGERR_NO_PUBKEY;
+	rc = secmode ? G10ERR_NO_SECKEY : G10ERR_NO_PUBKEY;
 
     if ( secmode ) {
         release_kbnode( secblock );
@@ -2307,36 +2200,14 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
     }
     release_kbnode( ctx->keyblock );
     ctx->keyblock = NULL;
-    set_packet_list_mode(oldmode);
-  #if 0
-    if( opt.debug & DBG_MEMSTAT_VALUE ) {
-	static int initialized;
-
-	if( !initialized ) {
-	    initialized = 1;
-	    atexit( print_stats );
-	}
-
-	assert( ctx->mode < DIM(lkup_stats) );
-	lkup_stats[ctx->mode].any = 1;
-	if( !rc )
-	    lkup_stats[ctx->mode].okay_count++;
-	else if ( rc == GPGERR_NO_PUBKEY || rc == GPGERR_NO_SECKEY )
-	    lkup_stats[ctx->mode].nokey_count++;
-	else
-	    lkup_stats[ctx->mode].error_count++;
-    }
-   #endif
 
     ctx->last_rc = rc;
-    ctx->count++;
     return rc;
 }
 
 
 
 
-
 /****************
  * FIXME: Replace by the generic function 
  *        It does not work as it is right now - it is used at 
@@ -2352,34 +2223,33 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
  *     to indicate EOF.
  *  4) Always call this function a last time with SK set to NULL,
  *     so that can free it's context.
- *
- *
  */
 int
 enum_secret_keys( void **context, PKT_secret_key *sk, int with_subkeys )
 {
     int rc=0;
-    PACKET pkt;
-    int save_mode;
     struct {
 	int eof;
-	int sequence;
-	const char *name;
-	IOBUF iobuf;
+        int first;
+	KEYDB_HANDLE hd;
+        KBNODE keyblock;
+        KBNODE node;
     } *c = *context;
 
 
     if( !c ) { /* make a new context */
-	c = gcry_xcalloc( 1, sizeof *c );
+	c = m_alloc_clear( sizeof *c );
 	*context = c;
-	c->sequence = 0;
-	c->name = enum_keyblock_resources( &c->sequence, 1 );
+	c->hd = keydb_new (1);
+        c->first = 1;
+        c->keyblock = NULL;
+        c->node = NULL;
     }
 
     if( !sk ) { /* free the context */
-	if( c->iobuf )
-	    iobuf_close(c->iobuf);
-	gcry_free( c );
+        keydb_release (c->hd);
+        release_kbnode (c->keyblock);
+	m_free( c );
 	*context = NULL;
 	return 0;
     }
@@ -2387,33 +2257,33 @@ enum_secret_keys( void **context, PKT_secret_key *sk, int with_subkeys )
     if( c->eof )
 	return -1;
 
-    /* FIXME: This assumes a plain keyring file */
-    for( ; c->name; c->name = enum_keyblock_resources( &c->sequence, 1 ) ) {
-	if( !c->iobuf ) {
-	    if( !(c->iobuf = iobuf_open( c->name ) ) ) {
-		log_error("enum_secret_keys: can't open `%s'\n", c->name );
-		continue; /* try next file */
-	    }
-	}
+    do {
+        /* get the next secret key from the current keyblock */
+        for (; c->node; c->node = c->node->next) {
+            if (c->node->pkt->pkttype == PKT_SECRET_KEY
+                || (with_subkeys
+                    && c->node->pkt->pkttype == PKT_SECRET_SUBKEY) ) {
+                copy_secret_key (sk, c->node->pkt->pkt.secret_key );
+                c->node = c->node->next;
+                return 0; /* found */
+            }
+        }
+        release_kbnode (c->keyblock);
+        c->keyblock = c->node = NULL;
+        
+        rc = c->first? keydb_search_first (c->hd) : keydb_search_next (c->hd);
+        c->first = 0;
+        if (rc) {
+            keydb_release (c->hd); c->hd = NULL;
+            c->eof = 1;
+            return -1; /* eof */
+        }
+        
+        rc = keydb_get_keyblock (c->hd, &c->keyblock);
+        c->node = c->keyblock;
+    } while (!rc);
 
-	save_mode = set_packet_list_mode(0);
-	init_packet(&pkt);
-	while( (rc=parse_packet(c->iobuf, &pkt, NULL)) != -1 ) {
-	    if( rc )
-		; /* e.g. unknown packet */
-	    else if( pkt.pkttype == PKT_SECRET_KEY
-		     || ( with_subkeys && pkt.pkttype == PKT_SECRET_SUBKEY ) ) {
-		copy_secret_key( sk, pkt.pkt.secret_key );
-		set_packet_list_mode(save_mode);
-		return 0; /* found */
-	    }
-	    free_packet(&pkt);
-	}
-	set_packet_list_mode(save_mode);
-	iobuf_close(c->iobuf); c->iobuf = NULL;
-    }
-    c->eof = 1;
-    return -1;
+    return rc; /* error */
 }
 
 
@@ -2438,7 +2308,7 @@ get_user_id_string( u32 *keyid )
             keyid_list_t a;
             for (a=r->keyids; a; a= a->next ) {
                 if( a->keyid[0] == keyid[0] && a->keyid[1] == keyid[1] ) {
-                    p = gcry_xmalloc( r->len + 10 );
+                    p = m_alloc( r->len + 10 );
                     sprintf(p, "%08lX %.*s",
                             (ulong)keyid[1], r->len, r->name );
                     return p;
@@ -2446,7 +2316,7 @@ get_user_id_string( u32 *keyid )
             }
         }
     } while( ++pass < 2 && !get_pubkey( NULL, keyid ) );
-    p = gcry_xmalloc( 15 );
+    p = m_alloc( 15 );
     sprintf(p, "%08lX [?]", (ulong)keyid[1] );
     return p;
 }
@@ -2456,9 +2326,9 @@ char*
 get_user_id_string_native( u32 *keyid )
 {
     char *p = get_user_id_string( keyid );
-    char *p2 = utf8_to_native( p, strlen(p) );
+    char *p2 = utf8_to_native( p, strlen(p), 0 );
 
-    gcry_free(p);
+    m_free(p);
     return p2;
 }
 
@@ -2475,7 +2345,7 @@ get_long_user_id_string( u32 *keyid )
             keyid_list_t a;
             for (a=r->keyids; a; a= a->next ) {
                 if( a->keyid[0] == keyid[0] && a->keyid[1] == keyid[1] ) {
-                    p = gcry_xmalloc( r->len + 20 );
+                    p = m_alloc( r->len + 20 );
                     sprintf(p, "%08lX%08lX %.*s",
                             (ulong)keyid[0], (ulong)keyid[1],
                             r->len, r->name );
@@ -2484,7 +2354,7 @@ get_long_user_id_string( u32 *keyid )
             }
         }
     } while( ++pass < 2 && !get_pubkey( NULL, keyid ) );
-    p = gcry_xmalloc( 25 );
+    p = m_alloc( 25 );
     sprintf(p, "%08lX%08lX [?]", (ulong)keyid[0], (ulong)keyid[1] );
     return p;
 }
@@ -2502,7 +2372,7 @@ get_user_id( u32 *keyid, size_t *rn )
             keyid_list_t a;
             for (a=r->keyids; a; a= a->next ) {
                 if( a->keyid[0] == keyid[0] && a->keyid[1] == keyid[1] ) {
-                    p = gcry_xmalloc( r->len );
+                    p = m_alloc( r->len );
                     memcpy(p, r->name, r->len );
                     *rn = r->len;
                     return p;
@@ -2510,9 +2380,84 @@ get_user_id( u32 *keyid, size_t *rn )
             }
         }
     } while( ++pass < 2 && !get_pubkey( NULL, keyid ) );
-    p = gcry_xstrdup( _("[User id not found]") );
+    p = m_strdup( _("[User id not found]") );
     *rn = strlen(p);
     return p;
 }
 
+char*
+get_user_id_native( u32 *keyid )
+{
+    size_t rn;
+
+    char *p = get_user_id( keyid, &rn );
+    char *p2 = utf8_to_native( p, rn, 0 );
+
+    m_free(p);
+    return p2;
+}
+
+KEYDB_HANDLE
+get_ctx_handle(GETKEY_CTX ctx)
+{
+  return ctx->kr_handle;
+}
+
+/* Check the revocation keys to see if any of them have revoked our
+   pk.  sig is the revocation sig.  pk is the key it is on.  This code
+   will need to be modified if gpg ever becomes multi-threaded.  Note
+   that this is written so that a revoked revoker can still issue
+   revocations: i.e. If A revokes B, but A is revoked, B is still
+   revoked.  I'm not completely convinced this is the proper behavior,
+   but it matches how PGP does it. -dms */
 
+/* Return 0 if pk is revoked, non-0 if not revoked */
+static int
+check_revocation_keys(PKT_public_key *pk,PKT_signature *sig)
+{
+  static int busy=0;
+  int i,rc=-1;
+
+  assert(IS_KEY_REV(sig));
+  assert((sig->keyid[0]!=pk->keyid[0]) || (sig->keyid[0]!=pk->keyid[1]));
+
+  if(busy)
+    {
+      /* return -1 (i.e. not revoked), but mark the pk as uncacheable
+         as we don't really know its revocation status until it is
+         checked directly. */
+
+      pk->dont_cache=1;
+      return -1;
+    }
+
+  busy=1;
+
+  /*  printf("looking at %08lX with a sig from %08lX\n",(ulong)pk->keyid[1],
+      (ulong)sig->keyid[1]); */
+
+  /* is the issuer of the sig one of our revokers? */
+  if( !pk->revkey && pk->numrevkeys )
+     BUG();
+  else
+      for(i=0;i<pk->numrevkeys;i++) {
+          u32 keyid[2];
+    
+          keyid_from_fingerprint(pk->revkey[i].fpr,MAX_FINGERPRINT_LEN,keyid);
+    
+          if(keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1]) {
+              MD_HANDLE md;
+    
+              md=md_open(sig->digest_algo,0);
+              hash_public_key(md,pk);
+              if(signature_check(sig,md)==0) {
+                  rc=0;
+                  break;
+              }
+          }
+      }
+
+  busy=0;
+
+  return rc;
+} 
diff --git a/g10/basicdefs.h b/g10/global.h
index 1a7f0901a..3c4e59ec4 100644
--- a/g10/basicdefs.h
+++ b/g10/global.h
@@ -1,5 +1,5 @@
-/* basicdefs.h - Some definitions used at many place
- *	Copyright (C) 1999 Free Software Foundation, Inc.
+/* global.h - Local typedefs and constants
+ * Copyright (C) 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -18,23 +18,12 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
-#ifndef GPG_BASICDEFS_H
-#define GPG_BASICDEFS_H
+#ifndef GPG_GLOBAL_H
+#define GPG_GLOBAL_H
 
-#include "types.h"
+#define MAX_FINGERPRINT_LEN 20
 
-typedef struct {
-    int algo;
-    int keylen;
-    byte key[32]; /* this is the largest used keylen (256 bit) */
-} DEK;
+typedef struct kbnode_struct *KBNODE;
+typedef struct keydb_search_desc KEYDB_SEARCH_DESC;
 
-
-struct pk_list;
-struct sk_list;
-typedef struct pk_list *PK_LIST;
-typedef struct sk_list *SK_LIST;
-
-
-
-#endif /* GPG_BASICDEFS_H */
+#endif /*GPG_GLOBAL_H*/
diff --git a/g10/gpgd.c b/g10/gpgd.c
index 8ca37d34a..365556604 100644
--- a/g10/gpgd.c
+++ b/g10/gpgd.c
@@ -1,5 +1,5 @@
-/* ggpd.c - The GnuPG daemon (keyserver)
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+/* gpd.c - The GnuPG daemon (keyserver)
+ * Copyright (C) 1998, 1999 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -112,7 +112,7 @@ build_list( const char *text, const char * (*mapf)(int), int (*chkf)(int) )
     for(i=1; i < 100; i++ )
 	if( !chkf(i) && (s=mapf(i)) )
 	    n += strlen(s) + 2;
-    list = gcry_xmalloc( 21 + n ); *list = 0;
+    list = m_alloc( 21 + n ); *list = 0;
     for(p=NULL, i=1; i < 100; i++ ) {
 	if( !chkf(i) && (s=mapf(i)) ) {
 	    if( !p )
@@ -201,9 +201,9 @@ main( int argc, char **argv )
 	    else {
 		log_error("option file `%s': %s\n",
 				    configname, strerror(errno) );
-		gpg_exit(1);
+		g10_exit(1);
 	    }
-	    gcry_free(configname); configname = NULL;
+	    m_free(configname); configname = NULL;
 	}
 	if( parse_debug && configname )
 	    log_info("reading options from `%s'\n", configname );
@@ -216,8 +216,8 @@ main( int argc, char **argv )
 	  case 'v': opt.verbose++; break;
 	  case 501:
 	    if( !configfp ) {
-		gcry_free(configname);
-		configname = gcry_xstrdup(pargs.r.ret_str);
+		m_free(configname);
+		configname = m_strdup(pargs.r.ret_str);
 		goto next_pass;
 	    }
 	    break;
@@ -230,12 +230,12 @@ main( int argc, char **argv )
     if( configfp ) {
 	fclose( configfp );
 	configfp = NULL;
-	gcry_free(configname); configname = NULL;
+	m_free(configname); configname = NULL;
 	goto next_pass;
     }
-    gcry_free( configname ); configname = NULL;
+    m_free( configname ); configname = NULL;
     if( log_get_errorcount(0) )
-	gpg_exit(2);
+	g10_exit(2);
 
     fprintf(stderr, "%s %s; %s\n", strusage(11), strusage(13), strusage(14) );
     fprintf(stderr, "%s\n", strusage(15) );
@@ -245,13 +245,13 @@ main( int argc, char **argv )
 	become_daemon();
 
 
-    gpg_exit(0);
+    g10_exit(0);
     return 8; /*NEVER REACHED*/
 }
 
 
 void
-gpg_exit( int rc )
+g10_exit( int rc )
 {
     secmem_term();
     rc = rc? rc : log_get_errorcount(0)? 2:0;
diff --git a/g10/gpgv.c b/g10/gpgv.c
new file mode 100644
index 000000000..362f5c528
--- /dev/null
+++ b/g10/gpgv.c
@@ -0,0 +1,372 @@
+/* gpgv.c - The GnuPG signature verify utility
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <unistd.h>
+#ifdef HAVE_DOSISH_SYSTEM
+  #include <fcntl.h> /* for setmode() */
+#endif
+
+#define INCLUDED_BY_MAIN_MODULE 1
+#include "packet.h"
+#include "iobuf.h"
+#include "memory.h"
+#include "util.h"
+#include "main.h"
+#include "options.h"
+#include "keydb.h"
+#include "trustdb.h"
+#include "mpi.h"
+#include "cipher.h"
+#include "filter.h"
+#include "ttyio.h"
+#include "i18n.h"
+#include "status.h"
+#include "g10defs.h"
+
+
+enum cmd_and_opt_values { aNull = 0,
+    oQuiet	  = 'q',
+    oVerbose	  = 'v',
+    oBatch	  = 500,
+    oKeyring,
+    oIgnoreTimeConflict,                      
+    oStatusFD,
+    oLoggerFD,
+    oHomedir,
+aTest };
+
+
+static ARGPARSE_OPTS opts[] = {
+
+    { 301, NULL, 0, N_("@\nOptions:\n ") },
+
+    { oVerbose, "verbose",   0, N_("verbose") },
+    { oQuiet,	"quiet",     0, N_("be somewhat more quiet") },
+    { oKeyring, "keyring"   ,2, N_("take the keys from this keyring")},
+    { oIgnoreTimeConflict, "ignore-time-conflict", 0, 
+                           N_("make timestamp conflicts only a warning") },
+    { oStatusFD, "status-fd" ,1, N_("|FD|write status info to this FD") },
+    { oLoggerFD, "logger-fd",1, "@" },
+    { oHomedir, "homedir", 2, "@" },   /* defaults to "~/.gnupg" */
+
+{0} };
+
+
+
+int g10_errors_seen = 0;
+
+#ifdef __riscos__
+RISCOS_GLOBAL_STATICS("GnuPG (gpgv) Heap")
+#endif /* __riscos__ */
+
+const char *
+strusage( int level )
+{
+    const char *p;
+    switch( level ) {
+      case 11: p = "gpgv (GnuPG)";
+	break;
+      case 13: p = VERSION; break;
+      case 17: p = PRINTABLE_OS_NAME; break;
+      case 19: p =
+	    _("Please report bugs to <[email protected]>.\n");
+	break;
+      case 1:
+      case 40:	p =
+	    _("Usage: gpgv [options] [files] (-h for help)");
+	break;
+      case 41:	p =
+	    _("Syntax: gpg [options] [files]\n"
+	      "Check signatures against known trusted keys\n");
+	break;
+
+      default:	p = default_strusage(level);
+    }
+    return p;
+}
+
+
+
+
+static void
+i18n_init(void)
+{
+  #ifdef USE_SIMPLE_GETTEXT
+    set_gettext_file( PACKAGE );
+  #else
+  #ifdef ENABLE_NLS
+    #ifdef HAVE_LC_MESSAGES
+       setlocale( LC_TIME, "" );
+       setlocale( LC_MESSAGES, "" );
+    #else
+       setlocale( LC_ALL, "" );
+    #endif
+    bindtextdomain( PACKAGE, G10_LOCALEDIR );
+    textdomain( PACKAGE );
+  #endif
+  #endif
+}
+
+
+int
+main( int argc, char **argv )
+{
+    ARGPARSE_ARGS pargs;
+    int rc=0;
+    STRLIST sl;
+    STRLIST nrings=NULL;
+    unsigned configlineno;
+
+  #ifdef __riscos__
+    riscos_global_defaults();
+  #endif /* __riscos__ */
+
+    log_set_name("gpgv");
+    init_signals();
+    i18n_init();
+    opt.command_fd = -1; /* no command fd */
+    opt.pgp2_workarounds = 1;
+    opt.keyserver_options.auto_key_retrieve = 1;
+    opt.always_trust = 1;
+    opt.batch = 1;
+
+  #if defined (__MINGW32__) || defined (__CYGWIN32__)
+    opt.homedir = read_w32_registry_string( NULL, "Software\\GNU\\GnuPG", "HomeDir" );
+  #else
+    opt.homedir = getenv("GNUPGHOME");
+  #endif
+    if( !opt.homedir || !*opt.homedir ) {
+	opt.homedir = GNUPG_HOMEDIR;
+    }
+    tty_no_terminal(1);
+    tty_batchmode(1);
+    disable_dotlock();
+    
+    pargs.argc = &argc;
+    pargs.argv = &argv;
+    pargs.flags=  1;  /* do not remove the args */
+    while( optfile_parse( NULL, NULL, &configlineno, &pargs, opts) ) {
+	switch( pargs.r_opt ) {
+	  case oQuiet: opt.quiet = 1; break;
+          case oVerbose: g10_opt_verbose++;
+		  opt.verbose++; opt.list_sigs=1; break;
+          case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break;
+	  case oStatusFD: set_status_fd( pargs.r.ret_int ); break;
+	  case oLoggerFD: log_set_logfile( NULL, pargs.r.ret_int ); break;
+	  case oHomedir: opt.homedir = pargs.r.ret_str; break;
+	  default : pargs.err = 2; break;
+	}
+    }
+
+    if( log_get_errorcount(0) )
+	g10_exit(2);
+
+    g10_opt_homedir = opt.homedir;
+
+    if( opt.verbose > 1 )
+	set_packet_list_mode(1);
+
+    if( !nrings )  /* no keyring given: use default one */
+        keydb_add_resource ("trustedkeys" EXTSEP_S "gpg", 0, 0);
+    for(sl = nrings; sl; sl = sl->next )
+        keydb_add_resource (sl->d, 0, 0 );
+    
+    FREE_STRLIST(nrings);
+    
+    if( (rc = verify_signatures( argc, argv ) ))
+        log_error("verify signatures failed: %s\n", g10_errstr(rc) );
+
+    /* cleanup */
+    g10_exit(0);
+    return 8; /*NEVER REACHED*/
+}
+
+
+void
+g10_exit( int rc )
+{
+    rc = rc? rc : log_get_errorcount(0)? 2 :
+			g10_errors_seen? 1 : 0;
+    exit(rc );
+}
+
+
+/* Stub:
+ * We have to override the trustcheck from pkclist.c becuase 
+ * this utility assumes that all keys in the keyring are trustworthy
+ */
+int
+check_signatures_trust( PKT_signature *sig )
+{
+    return 0;
+}
+
+
+/* Stub: 
+ * We don't have the trustdb , so we have to provide some stub functions
+ * instead
+ */
+int
+get_validity_info (PKT_public_key *pk, const byte *namehash )
+{
+    return '?';
+}
+
+/* Stub: */
+int
+get_ownertrust_info (PKT_public_key *pk)
+{
+    return '?';
+}
+
+unsigned int
+get_ownertrust (PKT_public_key *pk)
+{
+    return TRUST_UNKNOWN;
+}
+
+
+/* Stub:
+ * Because we only work with trusted keys, it does not make sense to
+ * get them from a keyserver
+ */
+int
+keyserver_import_keyid( u32 *keyid, void *dummy )
+{
+    return -1;
+}
+
+/* Stub:
+ * No encryption here but mainproc links to these functions.
+ */
+int
+get_session_key( PKT_pubkey_enc *k, DEK *dek )
+{
+    return G10ERR_GENERAL;
+}
+/* Stub: */
+int
+get_override_session_key( DEK *dek, const char *string )
+{
+    return G10ERR_GENERAL;
+}
+/* Stub: */
+int
+decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
+{
+    return G10ERR_GENERAL;
+}
+
+
+/* Stub:
+ * No interactive commnds, so we don't need the helptexts
+ */
+void
+display_online_help( const char *keyword )
+{
+}
+
+/* Stub:
+ * We don't use secret keys, but getkey.c links to this
+ */
+int
+check_secret_key( PKT_secret_key *sk, int n )
+{
+    return G10ERR_GENERAL;
+}
+
+/* Stub:
+ * No secret key, so no passphrase needed 
+ */
+DEK *
+passphrase_to_dek( u32 *keyid, int pubkey_algo,
+		   int cipher_algo, STRING2KEY *s2k, int mode,
+                   const char *tmp)
+{
+    return NULL;
+}
+
+/* Stubs to avoid linking to photoid.c */
+void show_photos(const struct user_attribute *attrs,int count,PKT_public_key *pk) {}
+int parse_image_header(const struct user_attribute *attr,byte *type,u32 *len) {return 0;}
+char *image_type_to_string(byte type,int string) {return NULL;}
+
+/* Stubs to void linking to ../cipher/cipher.c */
+int string_to_cipher_algo( const char *string ) { return 0; }
+const char *cipher_algo_to_string( int algo ) { return "?";}
+void disable_cipher_algo( int algo ) {}
+int check_cipher_algo( int algo ) { return -1;}
+unsigned int cipher_get_keylen( int algo ) { return 0; }
+unsigned int cipher_get_blocksize( int algo ) {return 0;}
+CIPHER_HANDLE cipher_open( int algo, int mode, int secure ) { return NULL;}
+void cipher_close( CIPHER_HANDLE c ) {}
+int cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen ) { return -1;}
+void cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen ){}
+void cipher_encrypt( CIPHER_HANDLE c, byte *outbuf,
+                     byte *inbuf, unsigned nbytes ) {}
+void cipher_decrypt( CIPHER_HANDLE c, byte *outbuf,
+                     byte *inbuf, unsigned nbytes ) {}
+void cipher_sync( CIPHER_HANDLE c ) {}
+
+/* Stubs to avoid linking to ../cipher/random.c */
+void random_dump_stats(void) {}
+int quick_random_gen( int onoff ) { return -1;}
+void randomize_buffer( byte *buffer, size_t length, int level ) {}
+int random_is_faked() { return -1;}
+byte *get_random_bits( size_t nbits, int level, int secure ) { return NULL;}
+void set_random_seed_file( const char *name ) {}
+void update_random_seed_file() {}
+void fast_random_poll() {}
+
+/* Stubs to avoid linking of ../cipher/primegen.c */
+void register_primegen_progress ( void (*cb)( void *, int), void *cb_data ) {}
+MPI generate_secret_prime( unsigned  nbits ) { return NULL;}
+MPI generate_public_prime( unsigned  nbits ) { return NULL;}
+MPI generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
+                        MPI g, MPI **ret_factors ) { return NULL;}
+
+/* Do not link to ../cipher/rndlinux.c */
+void rndlinux_constructor(void) {}
+
+
+/* Stubs to avoid linking to ../util/ttyio.c */
+int tty_batchmode( int onoff ) { return 0; }
+void tty_printf( const char *fmt, ... ) { }
+void tty_print_string( byte *p, size_t n ) { }
+void tty_print_utf8_string( byte *p, size_t n ) {}
+void tty_print_utf8_string2( byte *p, size_t n, size_t max_n ) {}
+char *tty_get( const char *prompt ) { return NULL;}
+char *tty_get_hidden( const char *prompt ) {return NULL; }
+void tty_kill_prompt(void) {}
+int tty_get_answer_is_yes( const char *prompt ) {return 0;}
+int tty_no_terminal(int onoff) {return 0;}
+
+/* We do not do any locking, so use these stubs here */
+void disable_dotlock(void) {}
+DOTLOCK create_dotlock( const char *file_to_lock ) { return NULL; }
+int make_dotlock( DOTLOCK h, long timeout ) { return 0;}
+int release_dotlock( DOTLOCK h ) {return 0;}
+void remove_lockfiles(void) {}
diff --git a/g10/helptext.c b/g10/helptext.c
index 4a7a14fde..0150c549c 100644
--- a/g10/helptext.c
+++ b/g10/helptext.c
@@ -1,5 +1,5 @@
 /* helptext.c  - English help texts
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -49,6 +49,13 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
 "to do with the (implicitly created) web-of-certificates."
 )},
 
+{ "edit_ownertrust.set_ultimate.okay", N_(
+ "To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+ "ultimately trusted - those are usually the keys for which you have\n"
+ "access to the secret key.  Answer \"yes\" to set this key to\n"
+ "ultimately trusted\n"
+)},
+
 { "revoked_key.override", N_(
 "If you want to use this revoked key anyway, answer \"yes\"."
 )},
@@ -87,6 +94,12 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
 "with them are quite large and very slow to verify."
 )},
 
+{ "keygen.algo.rsa_se", N_(
+"In general it is not a good idea to use the same key for signing and\n"
+"encryption.  This algorithm should only be used in certain domains.\n"
+"Please consult your security expert first."
+)},
+
 
 { "keygen.size", N_(
  "Enter the size of the key"
@@ -145,6 +158,29 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
  "Answer \"yes\" or \"no\""
 )},
 
+{ "sign_uid.class", N_(
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n\n"
+"\"0\" means you make no particular claim as to how carefully you verified the\n"
+"    key.\n\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous user.\n\n"
+"\"2\" means you did casual verification of the key.  For example, this could\n"
+"    mean that you verified the key fingerprint and checked the user ID on the\n"
+"    key against a photo ID.\n\n"
+"\"3\" means you did extensive verification of the key.  For example, this could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with a\n"
+"    photo ID (such as a passport) that the name of the key owner matches the\n"
+"    name in the user ID on the key, and finally that you verified (by exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive\"\n"
+"mean to you when you sign other keys.\n\n"
+"If you don't know what the right answer is, answer \"0\"."
+)},
 
 { "change_passwd.empty.okay", N_(
  "Answer \"yes\" or \"no\""
@@ -197,11 +233,16 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
  "a second one is available."
 )},
 
+{ "keyedit.updpref.okay", N_(
+ "Change the preferences of all user IDs (or just of the selected ones)\n"
+ "to the current list of preferences.  The timestamp of all affected\n"
+ "self-signatures will be advanced by one second.\n"
+)},
+
 
 { "passphrase.enter", N_(
  ""
 "Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
 )},
 
 
@@ -231,7 +272,7 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
  "  \"Key has been compromised\"\n"
  "      Use this if you have a reason to believe that unauthorized persons\n"
  "      got access to your secret key.\n"
- "  \"Key is superseeded\"\n"
+ "  \"Key is superseded\"\n"
  "      Use this if you have replaced this key with a newer one.\n"
  "  \"Key is no longer used\"\n"
  "      Use this if you have retired this key.\n"
@@ -271,5 +312,3 @@ display_online_help( const char *keyword )
     }
     tty_printf("\n");
 }
-
-
diff --git a/g10/hkp.c b/g10/hkp.c
index 2f6031361..7b96570cd 100644
--- a/g10/hkp.c
+++ b/g10/hkp.c
@@ -1,5 +1,5 @@
-/* hkp.c  -  Horrowitz Keyserver Protocol
- *	Copyright (C) 1999 Free Software Foundation, Inc.
+/* hkp.c  -  Horowitz Keyserver Protocol
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -34,6 +34,7 @@
 #include "filter.h"
 #include "http.h"
 #include "main.h"
+#include "keyserver-internal.h"
 
 static int urlencode_filter( void *opaque, int control,
 			     IOBUF a, byte *buf, size_t *ret_len);
@@ -47,95 +48,72 @@ static int urlencode_filter( void *opaque, int control,
  *	    or other error codes.
  */
 int
-hkp_ask_import( u32 *keyid )
+hkp_ask_import( KEYDB_SEARCH_DESC *desc, void *stats_handle)
 {
-  #ifdef HAVE_DOSISH_SYSTEM
-    return -1;
-  #else
     struct http_context hd;
     char *request;
     int rc;
-    unsigned int hflags = opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
+    unsigned int hflags = opt.keyserver_options.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
+    u32 key[2];
 
-    if( !opt.keyserver_name )
-	return -1;
-    log_info(_("requesting key %08lX from %s ...\n"), (ulong)keyid[1],
-						   opt.keyserver_name );
-    request = gcry_xmalloc( strlen( opt.keyserver_name ) + 100 );
+    if(desc->mode==KEYDB_SEARCH_MODE_FPR20)
+      keyid_from_fingerprint(desc->u.fpr,MAX_FINGERPRINT_LEN,key);
+    else if(desc->mode==KEYDB_SEARCH_MODE_LONG_KID ||
+	    desc->mode==KEYDB_SEARCH_MODE_SHORT_KID)
+      {
+	key[0]=desc->u.kid[0];
+	key[1]=desc->u.kid[1];
+      }
+    else
+      return -1; /* HKP does not support v3 fingerprints */
+
+    log_info(_("requesting key %08lX from HKP keyserver %s\n"),
+	     (ulong)key[1],opt.keyserver_host );
+    request = m_alloc( strlen( opt.keyserver_host ) + 100 );
     /* hkp does not accept the long keyid - we should really write a
      * nicer one :-)
      * FIXME: request binary mode - need to pass no_armor mode
      * down to the import function.  Marc told that there is such a
      * binary mode ... how?
      */
-    sprintf( request, "x-hkp://%s:11371/pks/lookup?op=get&search=0x%08lX",
-			opt.keyserver_name, (ulong)keyid[1] );
+
+    if(opt.keyserver_options.broken_http_proxy)
+      hflags |= HTTP_FLAG_NO_SHUTDOWN;
+
+    sprintf(request,"x-hkp://%s%s%s/pks/lookup?op=get&search=0x%08lX",
+	    opt.keyserver_host,
+	    atoi(opt.keyserver_port)>0?":":"",
+	    atoi(opt.keyserver_port)>0?opt.keyserver_port:"",
+	    (ulong)key[1] );
+
+  if(opt.keyserver_options.verbose>2)
+    log_info("request is \"%s\"\n",request);
+
     rc = http_open_document( &hd, request, hflags );
     if( rc ) {
 	log_info(_("can't get key from keyserver: %s\n"),
-			rc == GPGERR_NETWORK? strerror(errno)
-					    : gpg_errstr(rc) );
+			rc == G10ERR_NETWORK? strerror(errno)
+					    : g10_errstr(rc) );
     }
     else {
-	rc = import_keys_stream( hd.fp_read , 0 );
+      rc = import_keys_stream( hd.fp_read, 0, stats_handle);
 	http_close( &hd );
     }
 
-    gcry_free( request );
+    m_free( request );
     return rc;
-  #endif
-}
-
-
-
-int
-hkp_import( STRLIST users )
-{
-  #ifdef HAVE_DOSISH_SYSTEM
-    return -1;
-  #else
-    if( !opt.keyserver_name ) {
-	log_error(_("no keyserver known (use option --keyserver)\n"));
-	return -1;
-    }
-
-    for( ; users; users = users->next ) {
-	u32 kid[2];
-	int type = classify_user_id( users->d, kid, NULL, NULL, NULL );
-	if( type != 10 && type != 11 ) {
-	    log_info(_("%s: not a valid key ID\n"), users->d );
-	    continue;
-	}
-	/* because the function may use log_info in some situations, the
-	 * errorcounter ist not increaed and the program will return
-	 * with success - which is not good when this function is used.
-	 */
-	if( hkp_ask_import( kid ) )
-	    log_inc_errorcount();
-    }
-    return 0;
-  #endif
 }
 
-
 int
 hkp_export( STRLIST users )
 {
-  #ifdef HAVE_DOSISH_SYSTEM
-    return -1;
-  #else
     int rc;
     armor_filter_context_t afx;
     IOBUF temp = iobuf_temp();
     struct http_context hd;
     char *request;
     unsigned int status;
-    unsigned int hflags = opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
-
-    if( !opt.keyserver_name ) {
-	log_error(_("no keyserver known (use option --keyserver)\n"));
-	return -1;
-    }
+    unsigned int hflags = opt.keyserver_options.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
 
     iobuf_push_filter( temp, urlencode_filter, NULL );
 
@@ -151,23 +129,34 @@ hkp_export( STRLIST users )
 
     iobuf_flush_temp( temp );
 
-    request = gcry_xmalloc( strlen( opt.keyserver_name ) + 100 );
-    sprintf( request, "x-hkp://%s:11371/pks/add", opt.keyserver_name );
+    request = m_alloc( strlen( opt.keyserver_host ) + 100 );
+
+    if(opt.keyserver_options.broken_http_proxy)
+      hflags |= HTTP_FLAG_NO_SHUTDOWN;
+
+    sprintf( request, "x-hkp://%s%s%s/pks/add",
+	     opt.keyserver_host,
+	     atoi(opt.keyserver_port)>0?":":"",
+	     atoi(opt.keyserver_port)>0?opt.keyserver_port:"");
+
+  if(opt.keyserver_options.verbose>2)
+    log_info("request is \"%s\"\n",request);
+
     rc = http_open( &hd, HTTP_REQ_POST, request , hflags );
     if( rc ) {
 	log_error(_("can't connect to `%s': %s\n"),
-		   opt.keyserver_name,
-			rc == GPGERR_NETWORK? strerror(errno)
-					    : gpg_errstr(rc) );
+		   opt.keyserver_host,
+			rc == G10ERR_NETWORK? strerror(errno)
+					    : g10_errstr(rc) );
 	iobuf_close(temp);
-	gcry_free( request );
+	m_free( request );
 	return rc;
     }
 
     sprintf( request, "Content-Length: %u\n",
 		      (unsigned)iobuf_get_temp_length(temp) + 9 );
     iobuf_writestr( hd.fp_write, request );
-    gcry_free( request );
+    m_free( request );
     http_start_data( &hd );
 
     iobuf_writestr( hd.fp_write, "keytext=" );
@@ -180,26 +169,28 @@ hkp_export( STRLIST users )
     rc = http_wait_response( &hd, &status );
     if( rc ) {
 	log_error(_("error sending to `%s': %s\n"),
-		   opt.keyserver_name, gpg_errstr(rc) );
+		   opt.keyserver_host, g10_errstr(rc) );
     }
     else {
       #if 1
 	if( opt.verbose ) {
 	    int c;
 	    while( (c=iobuf_get(hd.fp_read)) != EOF )
+              if ( c >= 32 && c < 127 )
 		putchar( c );
+              else
+                putchar ( '?' );
 	}
       #endif
 	if( (status/100) == 2 )
 	    log_info(_("success sending to `%s' (status=%u)\n"),
-					opt.keyserver_name, status  );
+					opt.keyserver_host, status  );
 	else
 	    log_error(_("failed sending to `%s': status=%u\n"),
-					opt.keyserver_name, status  );
+					opt.keyserver_host, status  );
     }
     http_close( &hd );
     return rc;
-  #endif
 }
 
 static int
@@ -228,3 +219,373 @@ urlencode_filter( void *opaque, int control,
     return rc;
 }
 
+static int
+write_quoted(IOBUF a, const char *buf, char delim)
+{
+  char quoted[5];
+
+  sprintf(quoted,"\\x%02X",delim);
+
+  while(*buf)
+    {
+      if(*buf==delim)
+	{
+	  if(iobuf_writestr(a,quoted))
+	    return -1;
+	}
+      else if(*buf=='\\')
+	{
+	  if(iobuf_writestr(a,"\\x5c"))
+	    return -1;
+	}
+      else
+	{
+	  if(iobuf_writebyte(a,*buf))
+	    return -1;
+	}
+
+      buf++;
+    }
+
+  return 0;
+}
+
+/* pub  2048/<a href="/pks/lookup?op=get&search=0x3CB3B415">3CB3B415</a> 1998/04/03 David M. Shaw &lt;<a href="/pks/lookup?op=get&search=0x3CB3B415">[email protected]</a>&gt; */
+
+/* Luckily enough, both the HKP server and NAI HKP interface to their
+   LDAP server are close enough in output so the same function can
+   parse them both. */
+
+static int 
+parse_hkp_index(IOBUF buffer,char *line)
+{
+  static int open=0,revoked=0;
+  static char *key=NULL;
+#ifdef __riscos__
+  static char *uid=NULL;
+#else
+  static unsigned char *uid=NULL;
+#endif
+  static u32 bits,createtime;
+  int ret=0;
+
+  /* printf("Open %d, LINE: %s, uid: %s\n",open,line,uid); */
+
+  /* Try and catch some bastardization of HKP.  If we don't have
+     certain unchanging landmarks, we can't reliably parse the
+     response. */
+  if(open && ascii_memcasecmp(line,"</pre>",6)!=0 &&
+     ascii_memcasecmp(line,"pub  ",5)!=0 &&
+     ascii_memcasecmp(line,"     ",5)!=0)
+    {
+      m_free(key);
+      m_free(uid);
+      log_error(_("this keyserver is not fully HKP compatible\n"));
+      return -1;
+    }
+
+  /* For multiple UIDs */
+  if(open && uid!=NULL)
+    {
+      ret=0;
+
+      if(!(revoked && !opt.keyserver_options.include_revoked))
+	{
+	  char intstr[11];
+
+	  if(key)
+	    write_quoted(buffer,key,':');
+	  iobuf_writestr(buffer,":");
+	  write_quoted(buffer,uid,':');
+	  iobuf_writestr(buffer,":");
+	  iobuf_writestr(buffer,revoked?"1:":":");
+	  sprintf(intstr,"%u",createtime);
+	  write_quoted(buffer,intstr,':');
+	  iobuf_writestr(buffer,"::::");
+	  sprintf(intstr,"%u",bits);
+	  write_quoted(buffer,intstr,':');
+	  iobuf_writestr(buffer,"\n");
+
+	  ret=1;
+	}
+
+      if(strncmp(line,"     ",5)!=0)
+	{
+	  revoked=0;
+	  m_free(key);
+	  m_free(uid);
+	  uid=NULL;
+	  open=0;
+	}
+    }
+
+  if(ascii_memcasecmp(line,"pub  ",5)==0)
+    {
+      char *tok,*temp;
+
+      open=1;
+
+      line+=4;
+
+      tok=strsep(&line,"/");
+      if(tok==NULL)
+	return ret;
+
+      bits=atoi(tok);
+
+      tok=strsep(&line,">");
+      if(tok==NULL)
+	return ret;
+
+      tok=strsep(&line,"<");
+      if(tok==NULL)
+	return ret;
+
+      key=m_strdup(tok);
+
+      tok=strsep(&line," ");
+      if(tok==NULL)
+	return ret;
+
+      tok=strsep(&line," ");
+      if(tok==NULL)
+	return ret;
+  
+      /* The date parser wants '-' instead of '/', so... */
+      temp=tok;
+      while(*temp!='\0')
+      	{
+	  if(*temp=='/')
+	    *temp='-';
+
+	  temp++;
+	}
+
+      createtime=scan_isodatestr(tok);
+    }
+
+  if(open)
+    {
+      int uidindex=0;
+
+      if(line==NULL)
+	{
+	  uid=m_strdup("Key index corrupted");
+	  return ret;
+	}
+
+      /* All that's left is the user name.  Strip off anything
+	 <between brackets> and de-urlencode it. */
+
+      while(*line==' ' && *line!='\0')
+	line++;
+
+      if(strncmp(line,"*** KEY REVOKED ***",19)==0)
+	{
+	  revoked=1;
+	  return ret;
+	}
+
+      uid=m_alloc(strlen(line)+1);
+
+      while(*line!='\0')
+	{
+	  switch(*line)
+	    {
+	    case '<':
+	      while(*line!='>' && *line!='\0')
+		line++;
+
+	      if(*line!='\0')
+		line++;
+	      break;
+
+	    case '&':
+	      if((*(line+1)!='\0' && tolower(*(line+1))=='l') &&
+		 (*(line+2)!='\0' && tolower(*(line+2))=='t') &&
+		 (*(line+3)!='\0' && *(line+3)==';'))
+		{
+		  uid[uidindex++]='<';
+		  line+=4;
+		  break;
+		}
+	      else if((*(line+1)!='\0' && tolower(*(line+1))=='g') &&
+		 (*(line+2)!='\0' && tolower(*(line+2))=='t') &&
+		 (*(line+3)!='\0' && *(line+3)==';'))
+		{
+		  uid[uidindex++]='>';
+		  line+=4;
+		  break;
+		}
+	      else if((*(line+1)!='\0' && tolower(*(line+1))=='a') &&
+		 (*(line+2)!='\0' && tolower(*(line+2))=='m') &&
+		 (*(line+3)!='\0' && tolower(*(line+3))=='p') &&
+		 (*(line+4)!='\0' && *(line+4)==';'))
+		{
+		  uid[uidindex++]='&';
+		  line+=5;
+		  break;
+		}
+
+	    default:
+	      uid[uidindex++]=*line;
+	      line++;
+	      break;
+	    }
+	}
+
+      uid[uidindex]='\0';
+
+      /* Chop off the trailing \r, \n, or both. This is fussy as the
+         true HKP servers have \r\n, and the NAI HKP servers have just
+         \n. */
+
+      if(isspace(uid[uidindex-1]))
+	uid[uidindex-1]='\0';
+
+      if(isspace(uid[uidindex-2]))
+	uid[uidindex-2]='\0';
+    }
+
+  return ret;
+}
+
+int hkp_search(STRLIST tokens)
+{
+  int rc=0,len=0,max,first=1;
+  unsigned int maxlen=1024,buflen=0;
+#ifndef __riscos__
+  unsigned char *searchstr=NULL,*searchurl;
+  unsigned char *request;
+#else
+  char *searchstr=NULL,*searchurl;
+  char *request;
+#endif
+  struct http_context hd;
+  unsigned int hflags=opt.keyserver_options.honor_http_proxy?HTTP_FLAG_TRY_PROXY:0;
+  byte *line=NULL;
+
+  /* Glue the tokens together to make a search string */
+
+  for(;tokens;tokens=tokens->next)
+    {
+      len+=strlen(tokens->d)+1;
+
+      searchstr=m_realloc(searchstr,len+1);
+      if(first)
+	{
+	  searchstr[0]='\0';
+	  first=0;
+	}
+
+      strcat(searchstr,tokens->d);
+      strcat(searchstr," ");
+    }
+
+  if(len<=1)
+    {
+      m_free(searchstr);
+      return 0;
+    }
+
+  searchstr[len-1]='\0';
+
+  log_info(_("searching for \"%s\" from HKP server %s\n"),
+	   searchstr,opt.keyserver_host);
+
+  /* Now make it url-ish */
+
+  max=0;
+  len=0;
+  searchurl=NULL;
+  request=searchstr;
+
+  while(*request!='\0')
+    {
+      if(max-len<3)
+	{
+	  max+=100;
+	  searchurl=m_realloc(searchurl,max+1); /* Note +1 for \0 */
+	}
+
+      if(isalnum(*request) || *request=='-')
+	searchurl[len++]=*request;
+      else if(*request==' ')
+	searchurl[len++]='+';
+      else
+	{
+	  sprintf(&searchurl[len],"%%%02X",*request);
+	  len+=3;
+	}
+
+      request++;
+    }
+
+  searchurl[len]='\0';
+
+  request=m_alloc(strlen(opt.keyserver_host) + 100 + strlen(searchurl));
+
+  if(opt.keyserver_options.broken_http_proxy)
+    hflags |= HTTP_FLAG_NO_SHUTDOWN;
+
+  sprintf(request,"x-hkp://%s%s%s/pks/lookup?op=index&search=%s",
+	  opt.keyserver_host,
+	  atoi(opt.keyserver_port)>0?":":"",
+	  atoi(opt.keyserver_port)>0?opt.keyserver_port:"",
+	  searchurl);
+
+  if(opt.keyserver_options.verbose>2)
+    log_info("request is \"%s\"\n",request);
+
+  rc=http_open_document(&hd,request,hflags);
+  if(rc)
+    {
+      log_error(_("can't search keyserver: %s\n"),
+	       rc==G10ERR_NETWORK?strerror(errno):g10_errstr(rc));
+    }
+  else
+    {
+      IOBUF buffer;
+      int count=1;
+      int ret;
+
+      buffer=iobuf_temp();
+
+      rc=1;
+      while(rc!=0)
+	{
+	  /* This is a judgement call.  Is it better to slurp up all
+             the results before prompting the user?  On the one hand,
+             it probably makes the keyserver happier to not be blocked
+             on sending for a long time while the user picks a key.
+             On the other hand, it might be nice for the server to be
+             able to stop sending before a large search result page is
+             complete. */
+
+	  rc=iobuf_read_line(hd.fp_read,&line,&buflen,&maxlen);
+
+	  ret=parse_hkp_index(buffer,line);
+	  if(ret==-1)
+	    break;
+
+	  if(rc!=0)
+	    count+=ret;
+	}
+
+      http_close(&hd);
+
+      count--;
+
+      if(ret>-1)
+	keyserver_search_prompt(buffer,count,searchstr);
+
+      iobuf_close(buffer);
+      m_free(line);
+    }
+
+  m_free(request);
+  m_free(searchurl);
+  m_free(searchstr);
+
+  return rc;
+}
diff --git a/g10/hkp.h b/g10/hkp.h
index 64f049739..1fbf123f5 100644
--- a/g10/hkp.h
+++ b/g10/hkp.h
@@ -1,5 +1,5 @@
-/* hkp.h  -  Horrowitz Keyserver Protocol
- *	Copyright (C) 1999, 2000 Free Software Foundation, Inc.
+/* hkp.h  -  Horowitz Keyserver Protocol
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -18,13 +18,12 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
-#ifndef GPG_HKP_H
-#define GPG_HKP_H 1
+#ifndef G10_HKP_H
+#define G10_HKP_H 1
 
-
-int hkp_ask_import( u32 *keyid );
+int hkp_ask_import( KEYDB_SEARCH_DESC *desc, void *stats_handle);
 int hkp_import( STRLIST users );
 int hkp_export( STRLIST users );
+int hkp_search(STRLIST tokens);
 
-
-#endif /*GPG_HKP_H*/
+#endif /*G10_HKP_H*/
diff --git a/g10/import.c b/g10/import.c
index 7e2e5bc18..ccc665145 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1,5 +1,5 @@
 /* import.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -29,15 +29,15 @@
 #include "packet.h"
 #include "errors.h"
 #include "keydb.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
 #include "trustdb.h"
 #include "main.h"
 #include "i18n.h"
 #include "status.h"
+#include "keyserver-internal.h"
 
-
-static struct {
+struct stats_s {
     ulong count;
     ulong no_user_id;
     ulong imported;
@@ -51,18 +51,22 @@ static struct {
     ulong secret_imported;
     ulong secret_dups;
     ulong skipped_new_keys;
-} stats;
+};
 
 
-static int import( IOBUF inp, int fast, const char* fname );
-static void print_stats(void);
+static int import( IOBUF inp, int fast, const char* fname,
+                   struct stats_s *stats );
 static int read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root );
-static int import_one( const char *fname, KBNODE keyblock, int fast );
-static int import_secret_one( const char *fname, KBNODE keyblock );
-static int import_revoke_cert( const char *fname, KBNODE node );
+static void revocation_present(KBNODE keyblock);
+static void remove_bad_stuff (KBNODE keyblock);
+static int import_one( const char *fname, KBNODE keyblock, int fast,
+                       struct stats_s *stats);
+static int import_secret_one( const char *fname, KBNODE keyblock,
+                              struct stats_s *stats );
+static int import_revoke_cert( const char *fname, KBNODE node,
+                               struct stats_s *stats);
 static int chk_self_sigs( const char *fname, KBNODE keyblock,
 			  PKT_public_key *pk, u32 *keyid );
-static void mark_non_selfsigned_uids_valid( KBNODE keyblock, u32 *kid );
 static int delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid );
 static int merge_blocks( const char *fname, KBNODE keyblock_orig,
 			 KBNODE keyblock, u32 *keyid,
@@ -77,6 +81,18 @@ static int merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs,
 			     const char *fname, u32 *keyid );
 
 
+void *
+import_new_stats_handle (void)
+{
+    return m_alloc_clear ( sizeof (struct stats_s) );
+}
+
+void
+import_release_stats_handle (void *p)
+{
+    m_free (p);
+}
+
 /****************
  * Import the public keys from the given filename. Input may be armored.
  * This function rejects all keys which are not validly self signed on at
@@ -109,12 +125,13 @@ static int merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs,
  *
  */
 void
-import_keys( char **fnames, int nnames, int fast )
+import_keys( char **fnames, int nnames, int fast, void *stats_handle )
 {
     int i;
+    struct stats_s *stats = stats_handle;
 
-    /* fixme: don't use static variables */
-    memset( &stats, 0, sizeof( stats ) );
+    if (!stats)
+        stats = import_new_stats_handle ();
 
     if( !fnames && !nnames )
 	nnames = 1;  /* Ohh what a ugly hack to jump into the loop */
@@ -127,36 +144,42 @@ import_keys( char **fnames, int nnames, int fast )
 	if( !inp )
 	    log_error(_("can't open `%s': %s\n"), fname, strerror(errno) );
 	else {
-	    int rc = import( inp, fast, fname );
+	    int rc = import( inp, fast, fname, stats );
 	    iobuf_close(inp);
 	    if( rc )
 		log_error("import from `%s' failed: %s\n", fname,
-							   gpg_errstr(rc) );
+							   g10_errstr(rc) );
 	}
 	if( !fname )
 	    break;
     }
-    print_stats();
-    if( !fast )
-	sync_trustdb();
+    if (!stats_handle) {
+        import_print_stats (stats);
+        import_release_stats_handle (stats);
+    }
+
 }
 
 int
-import_keys_stream( IOBUF inp, int fast )
+import_keys_stream( IOBUF inp, int fast, void *stats_handle )
 {
     int rc = 0;
+    struct stats_s *stats = stats_handle;
+
+    if (!stats)
+        stats = import_new_stats_handle ();
+
+    rc = import( inp, fast, "[stream]", stats);
+    if (!stats_handle) {
+        import_print_stats (stats);
+        import_release_stats_handle (stats);
+    }
 
-    /* fixme: don't use static variables */
-    memset( &stats, 0, sizeof( stats ) );
-    rc = import( inp, fast, "[stream]" );
-    print_stats();
-    if( !fast )
-	sync_trustdb();
     return rc;
 }
 
 static int
-import( IOBUF inp, int fast, const char* fname )
+import( IOBUF inp, int fast, const char* fname, struct stats_s *stats )
 {
     PACKET *pending_pkt = NULL;
     KBNODE keyblock;
@@ -165,19 +188,20 @@ import( IOBUF inp, int fast, const char* fname )
     getkey_disable_caches();
 
     if( !opt.no_armor ) { /* armored reading is not disabled */
-	armor_filter_context_t *afx = gcry_xcalloc( 1, sizeof *afx );
+	armor_filter_context_t *afx = m_alloc_clear( sizeof *afx );
 	afx->only_keyblocks = 1;
 	iobuf_push_filter2( inp, armor_filter, afx, 1 );
     }
 
     while( !(rc = read_block( inp, &pending_pkt, &keyblock) )) {
+        remove_bad_stuff (keyblock);
 	if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY )
-	    rc = import_one( fname, keyblock, fast );
-	else if( keyblock->pkt->pkttype == PKT_SECRET_KEY )
-	    rc = import_secret_one( fname, keyblock );
+	    rc = import_one( fname, keyblock, fast, stats );
+	else if( keyblock->pkt->pkttype == PKT_SECRET_KEY ) 
+                rc = import_secret_one( fname, keyblock, stats );
 	else if( keyblock->pkt->pkttype == PKT_SIGNATURE
 		 && keyblock->pkt->pkt.signature->sig_class == 0x20 )
-	    rc = import_revoke_cert( fname, keyblock );
+	    rc = import_revoke_cert( fname, keyblock, stats );
 	else {
 	    log_info( _("skipping block of type %d\n"),
 					    keyblock->pkt->pkttype );
@@ -185,67 +209,70 @@ import( IOBUF inp, int fast, const char* fname )
 	release_kbnode(keyblock);
 	if( rc )
 	    break;
-	if( !(++stats.count % 100) && !opt.quiet )
-	    log_info(_("%lu keys so far processed\n"), stats.count );
+	if( !(++stats->count % 100) && !opt.quiet )
+	    log_info(_("%lu keys so far processed\n"), stats->count );
     }
     if( rc == -1 )
 	rc = 0;
-    else if( rc && rc != GPGERR_INV_KEYRING )
-	log_error( _("error reading `%s': %s\n"), fname, gpg_errstr(rc));
+    else if( rc && rc != G10ERR_INV_KEYRING )
+	log_error( _("error reading `%s': %s\n"), fname, g10_errstr(rc));
 
     return rc;
 }
 
 
-static void
-print_stats()
+void
+import_print_stats (void *hd)
 {
+    struct stats_s *stats = hd;
+
     if( !opt.quiet ) {
-	log_info(_("Total number processed: %lu\n"), stats.count );
-	if( stats.skipped_new_keys )
+	log_info(_("Total number processed: %lu\n"), stats->count );
+	if( stats->skipped_new_keys )
 	    log_info(_("      skipped new keys: %lu\n"),
-						stats.skipped_new_keys );
-	if( stats.no_user_id )
-	    log_info(_("          w/o user IDs: %lu\n"), stats.no_user_id );
-	if( stats.imported || stats.imported_rsa ) {
-	    log_info(_("              imported: %lu"), stats.imported );
-	    if( stats.imported_rsa )
-		fprintf(stderr, "  (RSA: %lu)", stats.imported_rsa );
+						stats->skipped_new_keys );
+	if( stats->no_user_id )
+	    log_info(_("          w/o user IDs: %lu\n"), stats->no_user_id );
+	if( stats->imported || stats->imported_rsa ) {
+	    log_info(_("              imported: %lu"), stats->imported );
+	    if( stats->imported_rsa )
+		fprintf(stderr, "  (RSA: %lu)", stats->imported_rsa );
 	    putc('\n', stderr);
 	}
-	if( stats.unchanged )
-	    log_info(_("             unchanged: %lu\n"), stats.unchanged );
-	if( stats.n_uids )
-	    log_info(_("          new user IDs: %lu\n"), stats.n_uids );
-	if( stats.n_subk )
-	    log_info(_("           new subkeys: %lu\n"), stats.n_subk );
-	if( stats.n_sigs )
-	    log_info(_("        new signatures: %lu\n"), stats.n_sigs );
-	if( stats.n_revoc )
-	    log_info(_("   new key revocations: %lu\n"), stats.n_revoc );
-	if( stats.secret_read )
-	    log_info(_("      secret keys read: %lu\n"), stats.secret_read );
-	if( stats.secret_imported )
-	    log_info(_("  secret keys imported: %lu\n"), stats.secret_imported );
-	if( stats.secret_dups )
-	    log_info(_(" secret keys unchanged: %lu\n"), stats.secret_dups );
+	if( stats->unchanged )
+	    log_info(_("             unchanged: %lu\n"), stats->unchanged );
+	if( stats->n_uids )
+	    log_info(_("          new user IDs: %lu\n"), stats->n_uids );
+	if( stats->n_subk )
+	    log_info(_("           new subkeys: %lu\n"), stats->n_subk );
+	if( stats->n_sigs )
+	    log_info(_("        new signatures: %lu\n"), stats->n_sigs );
+	if( stats->n_revoc )
+	    log_info(_("   new key revocations: %lu\n"), stats->n_revoc );
+	if( stats->secret_read )
+	    log_info(_("      secret keys read: %lu\n"), stats->secret_read );
+	if( stats->secret_imported )
+	    log_info(_("  secret keys imported: %lu\n"), stats->secret_imported );
+	if( stats->secret_dups )
+	    log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups );
     }
 
     if( is_status_enabled() ) {
-	char buf[12*20];
-	sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
-		stats.count,
-		stats.no_user_id,
-		stats.imported,
-		stats.imported_rsa,
-		stats.unchanged,
-		stats.n_uids,
-		stats.n_subk,
-		stats.n_sigs,
-		stats.n_revoc,
-		stats.secret_read,
-		stats.secret_imported,
-		stats.secret_dups);
+	char buf[13*20];
+	sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
+		stats->count,
+		stats->no_user_id,
+		stats->imported,
+		stats->imported_rsa,
+		stats->unchanged,
+		stats->n_uids,
+		stats->n_subk,
+		stats->n_sigs,
+		stats->n_revoc,
+		stats->secret_read,
+		stats->secret_imported,
+		stats->secret_dups,
+		stats->skipped_new_keys );
 	write_status_text( STATUS_IMPORT_RES, buf );
     }
 }
@@ -272,13 +299,13 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
     }
     else
 	in_cert = 0;
-    pkt = gcry_xmalloc( sizeof *pkt );
+    pkt = m_alloc( sizeof *pkt );
     init_packet(pkt);
-    while( (rc=parse_packet(a, pkt, NULL)) != -1 ) {
+    while( (rc=parse_packet(a, pkt)) != -1 ) {
 	if( rc ) {  /* ignore errors */
-	    if( rc != GPGERR_UNKNOWN_PACKET ) {
-		log_error("read_block: read error: %s\n", gpg_errstr(rc) );
-		rc = GPGERR_INV_KEYRING;
+	    if( rc != G10ERR_UNKNOWN_PACKET ) {
+		log_error("read_block: read error: %s\n", g10_errstr(rc) );
+		rc = G10ERR_INV_KEYRING;
 		goto ready;
 	    }
 	    free_packet( pkt );
@@ -300,11 +327,11 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
 	  case PKT_COMPRESSED:
 	    if( pkt->pkt.compressed->algorithm < 1
 		|| pkt->pkt.compressed->algorithm > 2 ) {
-		rc = GPGERR_COMPR_ALGO;
+		rc = G10ERR_COMPR_ALGO;
 		goto ready;
 	    }
 	    {
-		compress_filter_context_t *cfx = gcry_xcalloc( 1, sizeof *cfx );
+		compress_filter_context_t *cfx = m_alloc_clear( sizeof *cfx );
 		cfx->algo = pkt->pkt.compressed->algorithm;
 		pkt->pkt.compressed->buf = NULL;
 		iobuf_push_filter2( a, compress_filter, cfx, 1 );
@@ -313,6 +340,11 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
 	    init_packet(pkt);
 	    break;
 
+          case PKT_RING_TRUST:
+            /* skip those packets */
+	    free_packet( pkt );
+	    init_packet(pkt);
+            break;
 
 	  case PKT_PUBLIC_KEY:
 	  case PKT_SECRET_KEY:
@@ -328,7 +360,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
 		    root = new_kbnode( pkt );
 		else
 		    add_kbnode( root, new_kbnode( pkt ) );
-		pkt = gcry_xmalloc( sizeof *pkt );
+		pkt = m_alloc( sizeof *pkt );
 	    }
 	    init_packet(pkt);
 	    break;
@@ -343,19 +375,125 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
     else
 	*ret_root = root;
     free_packet( pkt );
-    gcry_free( pkt );
+    m_free( pkt );
     return rc;
 }
 
 
+static void
+remove_bad_stuff (KBNODE keyblock)
+{
+    KBNODE node;
+
+    for (node=keyblock; node; node = node->next ) {
+        if( node->pkt->pkttype == PKT_SIGNATURE ) {
+            /* delete the subpackets we used to use for the
+               verification cache */
+            delete_sig_subpkt (node->pkt->pkt.signature->unhashed,
+                               SIGSUBPKT_PRIV_VERIFY_CACHE);
+        }
+    }
+}
+
+/* Clean the subkeys on a pk so that they each have at most 1 binding
+   sig and at most 1 revocation sig.  This works based solely on the
+   timestamps like the rest of gpg.  If the standard does get
+   revocation targets, this may need to be revised. */
+
+static int
+clean_subkeys(KBNODE keyblock,u32 *keyid)
+{
+  int removed=0;
+  KBNODE node,sknode=keyblock;
+
+  while((sknode=find_kbnode(sknode,PKT_PUBLIC_SUBKEY)))
+    {
+      KBNODE bsnode=NULL,rsnode=NULL;
+      u32 bsdate=0,rsdate=0;
+
+      sknode=sknode->next;
+
+      for(node=sknode;node;node=node->next)
+	{
+	  if(node->pkt->pkttype==PKT_SIGNATURE)
+	    {
+	      PKT_signature *sig=node->pkt->pkt.signature;
+
+	      /* We're only interested in valid sigs */
+	      if(check_key_signature(keyblock,node,NULL))
+		continue;
+
+	      if(IS_SUBKEY_SIG(sig) && bsdate<=sig->timestamp)
+		{
+		  bsnode=node;
+		  bsdate=sig->timestamp;
+		}
+	      else if(IS_SUBKEY_REV(sig) && rsdate<=sig->timestamp)
+		{
+		  rsnode=node;
+		  rsdate=sig->timestamp;
+		}
+	      /* If it's not a subkey sig or rev, then it shouldn't be
+                 here so ignore it. */
+	    }
+	  else
+	    break;
+	}
+
+      /* We now know the most recent binding sig and revocation sig
+         (if any).  If the binding sig is more recent than the
+         revocation sig, strip everything but the binding sig.  If the
+         revocation sig is more recent than the binding sig, strip
+         everything but the binding sig and the revocation sig. */
+
+      if(bsdate>=rsdate)
+	{
+	  rsnode=NULL;
+	  rsdate=0;
+	}
+
+     for(node=sknode;node;node=node->next)
+	{
+	  if(node->pkt->pkttype==PKT_SIGNATURE)
+	    {
+	      PKT_signature *sig=node->pkt->pkt.signature;
+
+	      if(IS_SUBKEY_SIG(sig) && node!=bsnode)
+		{
+		  delete_kbnode(node);
+		  removed++;
+		}
+	      else if(IS_SUBKEY_REV(sig) && node!=rsnode)
+		{
+		  delete_kbnode(node);
+		  removed++;
+		}
+	    }
+	  else
+	    break;
+	}
+    }
+
+  if(removed)
+    {
+      log_info(_("key %08lX: removed multiple subkey binding\n"),
+	       (ulong)keyid[1]);
+      commit_kbnode(&keyblock);
+    }
+
+  return removed;
+}
+
+
 /****************
  * Try to import one keyblock.	Return an error only in serious cases, but
  * never for an invalid keyblock.  It uses log_error to increase the
  * internal errorcount, so that invalid input can be detected by programs
- * which called gpg.
+ * which called g10.
  */
 static int
-import_one( const char *fname, KBNODE keyblock, int fast )
+import_one( const char *fname, KBNODE keyblock, int fast,
+            struct stats_s *stats )
 {
     PKT_public_key *pk;
     PKT_public_key *pk_orig;
@@ -395,8 +533,18 @@ import_one( const char *fname, KBNODE keyblock, int fast )
     if( rc )
 	return rc== -1? 0:rc;
 
+    /* If we allow such a thing, mark unsigned uids as valid */
     if( opt.allow_non_selfsigned_uid )
-	mark_non_selfsigned_uids_valid( keyblock, keyid );
+      for( node=keyblock; node; node = node->next )
+	if( node->pkt->pkttype == PKT_USER_ID && !(node->flag & 1) )
+	  {
+	    char *user=utf8_to_native(node->pkt->pkt.user_id->name,
+				      node->pkt->pkt.user_id->len,0);
+	    node->flag |= 1;
+	    log_info( _("key %08lX: accepted non self-signed user ID '%s'\n"),
+		      (ulong)keyid[1],user);
+	    m_free(user);
+	  }
 
     if( !delete_inv_parts( fname, keyblock, keyid ) ) {
 	if( !opt.quiet ) {
@@ -404,47 +552,63 @@ import_one( const char *fname, KBNODE keyblock, int fast )
 							(ulong)keyid[1]);
 	    log_info(_("this may be caused by a missing self-signature\n"));
 	}
-	stats.no_user_id++;
+	stats->no_user_id++;
 	return 0;
     }
 
-
     /* do we have this key already in one of our pubrings ? */
-    pk_orig = gcry_xcalloc( 1, sizeof *pk_orig );
+    pk_orig = m_alloc_clear( sizeof *pk_orig );
     rc = get_pubkey( pk_orig, keyid );
-    if( rc && rc != GPGERR_NO_PUBKEY ) {
+    if( rc && rc != G10ERR_NO_PUBKEY && rc != G10ERR_UNU_PUBKEY ) {
 	log_error( _("key %08lX: public key not found: %s\n"),
-				(ulong)keyid[1], gpg_errstr(rc));
+				(ulong)keyid[1], g10_errstr(rc));
     }
     else if ( rc && opt.merge_only ) {
 	if( opt.verbose )
 	    log_info( _("key %08lX: new key - skipped\n"), (ulong)keyid[1] );
 	rc = 0;
 	fast = 1; /* so that we don't get into the trustdb update */
-	stats.skipped_new_keys++;
+	stats->skipped_new_keys++;
     }
     else if( rc ) { /* insert this key */
-#if 0 /* we don't know wehre we are going to write */
+        KEYDB_HANDLE hd = keydb_new (0);
+
+        rc = keydb_locate_writable (hd, NULL);
+	if (rc) {
+	    log_error (_("no writable keyring found: %s\n"), g10_errstr (rc));
+            keydb_release (hd);
+	    return G10ERR_GENERAL;
+	}
 	if( opt.verbose > 1 )
-	    log_info( _("writing to `%s'\n"),
-                      keyblock_resource_name(kbpos) );
-#endif
-	if( (rc=insert_keyblock( keyblock )) )
-	   log_error( _("error writing key: %s\n"), gpg_errstr(rc) );
-        /* we are ready */
-	if( !opt.quiet )
-	    log_info( _("key %08lX: public key imported\n"), (ulong)keyid[1]);
+	    log_info (_("writing to `%s'\n"), keydb_get_resource_name (hd) );
+	clean_subkeys(keyblock,keyid);
+	rc = keydb_insert_keyblock (hd, keyblock );
+        if (rc)
+	   log_error (_("error writing keyring `%s': %s\n"),
+		       keydb_get_resource_name (hd), g10_errstr(rc));
+	else
+	   revalidation_mark ();
+        keydb_release (hd);
+
+	/* we are ready */
+	if( !opt.quiet ) {
+	    char *p=get_user_id_native(keyid);
+	    log_info( _("key %08lX: public key \"%s\" imported\n"),
+		      (ulong)keyid[1],p);
+	    m_free(p);
+	}
 	if( is_status_enabled() ) {
 	    char *us = get_long_user_id_string( keyid );
 	    write_status_text( STATUS_IMPORTED, us );
-	    gcry_free(us);
+	    m_free(us);
 	}
-	stats.imported++;
+	stats->imported++;
 	if( is_RSA( pk->pubkey_algo ) )
-	    stats.imported_rsa++;
+	    stats->imported_rsa++;
 	new_key = 1;
     }
     else { /* merge */
+        KEYDB_HANDLE hd;
 	int n_uids, n_sigs, n_subk;
 
 	/* Compare the original against the new key; just to be sure nothing
@@ -452,15 +616,31 @@ import_one( const char *fname, KBNODE keyblock, int fast )
 	if( cmp_public_keys( pk_orig, pk ) ) {
 	    log_error( _("key %08lX: doesn't match our copy\n"),
 							  (ulong)keyid[1]);
-	    rc = GPGERR_GENERAL;
 	    goto leave;
 	}
 
 	/* now read the original keyblock */
-	rc = find_keyblock_bypk( &keyblock_orig, pk_orig );
+        hd = keydb_new (0);
+        {
+            byte afp[MAX_FINGERPRINT_LEN];
+            size_t an;
+
+            fingerprint_from_pk (pk_orig, afp, &an);
+            while (an < MAX_FINGERPRINT_LEN) 
+                afp[an++] = 0;
+            rc = keydb_search_fpr (hd, afp);
+        }
 	if( rc ) {
-	    log_error( _("key %08lX: can't locate original keyblock: %s\n"),
-				     (ulong)keyid[1], gpg_errstr(rc));
+	    log_error (_("key %08lX: can't locate original keyblock: %s\n"),
+				     (ulong)keyid[1], g10_errstr(rc));
+            keydb_release (hd);
+	    goto leave;
+	}
+	rc = keydb_get_keyblock (hd, &keyblock_orig );
+	if (rc) {
+	    log_error (_("key %08lX: can't read original keyblock: %s\n"),
+					    (ulong)keyid[1], g10_errstr(rc));
+            keydb_release (hd);
 	    goto leave;
 	}
 
@@ -471,73 +651,80 @@ import_one( const char *fname, KBNODE keyblock, int fast )
 	n_uids = n_sigs = n_subk = 0;
 	rc = merge_blocks( fname, keyblock_orig, keyblock,
 				keyid, &n_uids, &n_sigs, &n_subk );
-	if( rc )
+	if( rc ) {
+            keydb_release (hd);
 	    goto leave;
+        }
 	if( n_uids || n_sigs || n_subk ) {
 	    mod_key = 1;
 	    /* keyblock_orig has been updated; write */
-	    if( (rc=update_keyblock( keyblock_orig )) )
-		log_error( _("error writing key: %s\n"), gpg_errstr(rc) );
+	    n_sigs-=clean_subkeys(keyblock_orig,keyid);
+	    rc = keydb_update_keyblock (hd, keyblock_orig);
+            if (rc)
+		log_error (_("error writing keyring `%s': %s\n"),
+			     keydb_get_resource_name (hd), g10_errstr(rc) );
+	    else
+	      revalidation_mark ();
+
 	    /* we are ready */
 	    if( !opt.quiet ) {
+	        char *p=get_user_id_native(keyid);
 		if( n_uids == 1 )
-		    log_info( _("key %08lX: 1 new user ID\n"),
-					     (ulong)keyid[1]);
+		    log_info( _("key %08lX: \"%s\" 1 new user ID\n"),
+					     (ulong)keyid[1], p);
 		else if( n_uids )
-		    log_info( _("key %08lX: %d new user IDs\n"),
-					     (ulong)keyid[1], n_uids );
+		    log_info( _("key %08lX: \"%s\" %d new user IDs\n"),
+					     (ulong)keyid[1], p, n_uids );
 		if( n_sigs == 1 )
-		    log_info( _("key %08lX: 1 new signature\n"),
-					     (ulong)keyid[1]);
+		    log_info( _("key %08lX: \"%s\" 1 new signature\n"),
+					     (ulong)keyid[1], p);
 		else if( n_sigs )
-		    log_info( _("key %08lX: %d new signatures\n"),
-					     (ulong)keyid[1], n_sigs );
+		    log_info( _("key %08lX: \"%s\" %d new signatures\n"),
+					     (ulong)keyid[1], p, n_sigs );
 		if( n_subk == 1 )
-		    log_info( _("key %08lX: 1 new subkey\n"),
-					     (ulong)keyid[1]);
+		    log_info( _("key %08lX: \"%s\" 1 new subkey\n"),
+					     (ulong)keyid[1], p);
 		else if( n_subk )
-		    log_info( _("key %08lX: %d new subkeys\n"),
-					     (ulong)keyid[1], n_subk );
+		    log_info( _("key %08lX: \"%s\" %d new subkeys\n"),
+					     (ulong)keyid[1], p, n_subk );
+		m_free(p);
 	    }
 
-	    stats.n_uids +=n_uids;
-	    stats.n_sigs +=n_sigs;
-	    stats.n_subk +=n_subk;
+	    stats->n_uids +=n_uids;
+	    stats->n_sigs +=n_sigs;
+	    stats->n_subk +=n_subk;
 	}
 	else {
-	    if( !opt.quiet )
-		log_info( _("key %08lX: not changed\n"), (ulong)keyid[1] );
-	    stats.unchanged++;
-	}
-    }
-    if( !rc && !fast ) {
-	rc = query_trust_record( new_key? pk : pk_orig );
-	if( rc && rc != -1 )
-	    log_error("trustdb error: %s\n", gpg_errstr(rc) );
-	else if( rc == -1 ) { /* not found trustdb */
-	    rc = insert_trust_record( new_key? keyblock : keyblock_orig );
-	    if( rc )
-		log_error("key %08lX: trustdb insert failed: %s\n",
-					(ulong)keyid[1], gpg_errstr(rc) );
+	    if( !opt.quiet ) {
+	        char *p=get_user_id_native(keyid);
+		log_info( _("key %08lX: \"%s\" not changed\n"),
+			  (ulong)keyid[1],p);
+		m_free(p);
+	    }
+	    stats->unchanged++;
 	}
-	else if( mod_key )
-	    rc = update_trust_record( keyblock_orig, 1, NULL );
-	else
-	    rc = clear_trust_checked_flag( new_key? pk : pk_orig );
+        keydb_release (hd); hd = NULL;
     }
 
   leave:
     release_kbnode( keyblock_orig );
     free_public_key( pk_orig );
+
+    revocation_present(keyblock);
+
     return rc;
 }
 
 
 /****************
  * Ditto for secret keys.  Handling is simpler than for public keys.
+ * We allow secret key importing only when allow is true, this is so
+ * that a secret key can not be imported accidently and thereby tampering
+ * with the trust calculation.
  */
 static int
-import_secret_one( const char *fname, KBNODE keyblock )
+import_secret_one( const char *fname, KBNODE keyblock, 
+                   struct stats_s *stats)
 {
     PKT_secret_key *sk;
     KBNODE node, uidnode;
@@ -563,7 +750,8 @@ import_secret_one( const char *fname, KBNODE keyblock )
 				       uidnode->pkt->pkt.user_id->len );
 	putc('\n', stderr);
     }
-    stats.secret_read++;
+    stats->secret_read++;
+
     if( !uidnode ) {
 	log_error( _("key %08lX: no user ID\n"), (ulong)keyid[1]);
 	return 0;
@@ -573,22 +761,34 @@ import_secret_one( const char *fname, KBNODE keyblock )
 
     /* do we have this key already in one of our secrings ? */
     rc = seckey_available( keyid );
-    if( rc == GPGERR_NO_SECKEY && !opt.merge_only ) { /*just insert this key*/
-	if( (rc=insert_keyblock( keyblock )) )
-	    log_error( _("error writing key: %s\n"), gpg_errstr(rc) );
+    if( rc == G10ERR_NO_SECKEY && !opt.merge_only ) { /* simply insert this key */
+        KEYDB_HANDLE hd = keydb_new (1);
+
+	/* get default resource */
+        rc = keydb_locate_writable (hd, NULL);
+	if (rc) {
+	    log_error (_("no default secret keyring: %s\n"), g10_errstr (rc));
+            keydb_release (hd);
+	    return G10ERR_GENERAL;
+	}
+	rc = keydb_insert_keyblock (hd, keyblock );
+        if (rc)
+	    log_error (_("error writing keyring `%s': %s\n"),
+                       keydb_get_resource_name (hd), g10_errstr(rc) );
+        keydb_release (hd);
 	/* we are ready */
 	if( !opt.quiet )
 	    log_info( _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
-	stats.secret_imported++;
+	stats->secret_imported++;
     }
     else if( !rc ) { /* we can't merge secret keys */
 	log_error( _("key %08lX: already in secret keyring\n"),
 							(ulong)keyid[1]);
-	stats.secret_dups++;
+	stats->secret_dups++;
     }
     else
 	log_error( _("key %08lX: secret key not found: %s\n"),
-				(ulong)keyid[1], gpg_errstr(rc));
+				(ulong)keyid[1], g10_errstr(rc));
 
     return rc;
 }
@@ -598,10 +798,11 @@ import_secret_one( const char *fname, KBNODE keyblock )
  * Import a revocation certificate; this is a single signature packet.
  */
 static int
-import_revoke_cert( const char *fname, KBNODE node )
+import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
 {
     PKT_public_key *pk=NULL;
     KBNODE onode, keyblock = NULL;
+    KEYDB_HANDLE hd = NULL;
     u32 keyid[2];
     int rc = 0;
 
@@ -612,9 +813,9 @@ import_revoke_cert( const char *fname, KBNODE node )
     keyid[0] = node->pkt->pkt.signature->keyid[0];
     keyid[1] = node->pkt->pkt.signature->keyid[1];
 
-    pk = gcry_xcalloc( 1, sizeof *pk );
+    pk = m_alloc_clear( sizeof *pk );
     rc = get_pubkey( pk, keyid );
-    if( rc == GPGERR_NO_PUBKEY ) {
+    if( rc == G10ERR_NO_PUBKEY ) {
 	log_info( _("key %08lX: no public key - "
 		 "can't apply revocation certificate\n"), (ulong)keyid[1]);
 	rc = 0;
@@ -622,15 +823,30 @@ import_revoke_cert( const char *fname, KBNODE node )
     }
     else if( rc ) {
 	log_error( _("key %08lX: public key not found: %s\n"),
-				       (ulong)keyid[1], gpg_errstr(rc));
+				       (ulong)keyid[1], g10_errstr(rc));
 	goto leave;
     }
 
     /* read the original keyblock */
-    rc = find_keyblock_bypk( &keyblock, pk );
-    if( rc ) {
-	log_error( _("key %08lX: can't locate original keyblock: %s\n"),
-					(ulong)keyid[1], gpg_errstr(rc));
+    hd = keydb_new (0);
+    {
+        byte afp[MAX_FINGERPRINT_LEN];
+        size_t an;
+        
+        fingerprint_from_pk (pk, afp, &an);
+        while (an < MAX_FINGERPRINT_LEN) 
+            afp[an++] = 0;
+        rc = keydb_search_fpr (hd, afp);
+    }
+    if (rc) {
+	log_error (_("key %08lX: can't locate original keyblock: %s\n"),
+                   (ulong)keyid[1], g10_errstr(rc));
+	goto leave;
+    }
+    rc = keydb_get_keyblock (hd, &keyblock );
+    if (rc) {
+	log_error (_("key %08lX: can't read original keyblock: %s\n"),
+                   (ulong)keyid[1], g10_errstr(rc));
 	goto leave;
     }
 
@@ -641,7 +857,8 @@ import_revoke_cert( const char *fname, KBNODE node )
     rc = check_key_signature( keyblock, node, NULL);
     if( rc ) {
 	log_error( _("key %08lX: invalid revocation certificate"
-		  ": %s - rejected\n"), (ulong)keyid[1], gpg_errstr(rc));
+		  ": %s - rejected\n"), (ulong)keyid[1], g10_errstr(rc));
+	goto leave;
     }
 
 
@@ -663,24 +880,23 @@ import_revoke_cert( const char *fname, KBNODE node )
     insert_kbnode( keyblock, clone_kbnode(node), 0 );
 
     /* and write the keyblock back */
-    if( (rc=update_keyblock( keyblock )) )
-	log_error( _("error writing key: %s\n"), gpg_errstr(rc) );
+    rc = keydb_update_keyblock (hd, keyblock );
+    if (rc)
+	log_error (_("error writing keyring `%s': %s\n"),
+                   keydb_get_resource_name (hd), g10_errstr(rc) );
+    keydb_release (hd); hd = NULL;
     /* we are ready */
-    if( !opt.quiet )
-	log_info( _("key %08lX: revocation certificate imported\n"),
-					(ulong)keyid[1]);
-    stats.n_revoc++;
-    if( clear_trust_checked_flag( pk ) ) {
-	/* seems that we have to insert the record first */
-	rc = insert_trust_record( keyblock );
-	if( rc )
-	    log_error("key %08lX: trustdb insert failed: %s\n",
-					(ulong)keyid[1], gpg_errstr(rc) );
-	else
-	    rc = clear_trust_checked_flag( pk );
+    if( !opt.quiet ) {
+        char *p=get_user_id_native(keyid);
+	log_info( _("key %08lX: \"%s\" revocation certificate imported\n"),
+					(ulong)keyid[1],p);
+	m_free(p);
     }
+    stats->n_revoc++;
+    revalidation_mark ();
 
   leave:
+    keydb_release (hd);
     release_kbnode( keyblock );
     free_public_key( pk );
     return rc;
@@ -713,16 +929,25 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
 					    (ulong)keyid[1]);
 		    return -1;	/* the complete keyblock is invalid */
 		}
-		rc = check_key_signature( keyblock, n, NULL);
-		if( rc ) {
-		    log_info( rc == GPGERR_PUBKEY_ALGO ?
-			 _("key %08lX: unsupported public key algorithm\n"):
-			 _("key %08lX: invalid self-signature\n"),
-				     (ulong)keyid[1]);
 
-		    unode->flag |= 2; /* mark as invalid */
+		/* If it hasn't been marked valid yet, keep trying */
+		if(!(unode->flag&1)) {
+		  rc = check_key_signature( keyblock, n, NULL);
+		  if( rc )
+		    {
+		      char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
+				      strlen(unode->pkt->pkt.user_id->name),0);
+		      log_info( rc == G10ERR_PUBKEY_ALGO ?
+				_("key %08lX: unsupported public key "
+				  "algorithm on user id \"%s\"\n"):
+				_("key %08lX: invalid self-signature "
+				  "on user id \"%s\"\n"),
+				(ulong)keyid[1],p);
+		      m_free(p);
+		    }
+		  else
+		    unode->flag |= 1; /* mark that signature checked */
 		}
-		unode->flag |= 1; /* mark that signature checked */
 	    }
 	    else if( sig->sig_class == 0x18 ) {
 		KBNODE knode = find_prev_kbnode( keyblock,
@@ -737,16 +962,17 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
 		    n->flag |= 4; /* delete this */
 		}
 		else {
+		  /* If it hasn't been marked valid yet, keep trying */
+		  if(!(knode->flag&1)) {
 		    rc = check_key_signature( keyblock, n, NULL);
-		    if( rc ) {
-			log_info(  rc == GPGERR_PUBKEY_ALGO ?
+		    if( rc )
+			log_info(  rc == G10ERR_PUBKEY_ALGO ?
 			   _("key %08lX: unsupported public key algorithm\n"):
 			   _("key %08lX: invalid subkey binding\n"),
 					 (ulong)keyid[1]);
-
-			knode->flag |= 2; /* mark as invalid */
-		    }
-		    knode->flag |= 1; /* mark that signature checked */
+		    else
+		      knode->flag |= 1; /* mark that signature checked */
+		  }
 		}
 	    }
 	}
@@ -754,30 +980,6 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
     return 0;
 }
 
-
-
-/****************
- * If a user ID has at least one signature, mark it as valid
- */
-static void
-mark_non_selfsigned_uids_valid( KBNODE keyblock, u32 *kid )
-{
-    KBNODE node;
-    for(node=keyblock->next; node; node = node->next ) {
-	if( node->pkt->pkttype == PKT_USER_ID && !(node->flag & 1) ) {
-	    if( (node->next && node->next->pkt->pkttype == PKT_SIGNATURE)
-		|| !node->next ) {
-		node->flag |= 1;
-		log_info( _("key %08lX: accepted non self-signed user ID '"),
-							 (ulong)kid[1]);
-		print_string( log_stream(), node->pkt->pkt.user_id->name,
-					    node->pkt->pkt.user_id->len, 0 );
-		fputs("'\n", log_stream() );
-	    }
-	}
-    }
-}
-
 /****************
  * delete all parts which are invalid and those signatures whose
  * public key algorithm is not available in this implemenation;
@@ -790,7 +992,6 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
 {
     KBNODE node;
     int nvalid=0, uid_seen=0;
-    const char *p;
 
     for(node=keyblock->next; node; node = node->next ) {
 	if( node->pkt->pkttype == PKT_USER_ID ) {
@@ -833,14 +1034,12 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
 	    }
 	}
 	else if( node->pkt->pkttype == PKT_SIGNATURE
-		 && openpgp_pk_test_algo( node->pkt->pkt.signature->pubkey_algo, 0 )
-		 && node->pkt->pkt.signature->pubkey_algo != GCRY_PK_RSA )
+		 && check_pubkey_algo( node->pkt->pkt.signature->pubkey_algo)
+		 && node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
 	    delete_kbnode( node ); /* build_packet() can't handle this */
-	else if( node->pkt->pkttype == PKT_SIGNATURE
-		 && (p = parse_sig_subpkt2( node->pkt->pkt.signature,
-					    SIGSUBPKT_EXPORTABLE, NULL ))
-		 && !*p
-		 && seckey_available( node->pkt->pkt.signature->keyid ) ) {
+	else if( node->pkt->pkttype == PKT_SIGNATURE &&
+		 !node->pkt->pkt.signature->flags.exportable &&
+		 seckey_available( node->pkt->pkt.signature->keyid ) ) {
 	    /* here we violate the rfc a bit by still allowing
 	     * to import non-exportable signature when we have the
 	     * the secret key used to create this signature - it
@@ -860,12 +1059,22 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
 		delete_kbnode( node );
 	    }
 	    else {
-		int rc = check_key_signature( keyblock, node, NULL);
-		if( rc ) {
-		    log_error( _("key %08lX: invalid revocation "
-			      "certificate: %s - skipped\n"),
-			      (ulong)keyid[1], gpg_errstr(rc));
-		    delete_kbnode( node );
+	      /* If the revocation cert is from a different key than
+                 the one we're working on don't check it - it's
+                 probably from a revocation key and won't be
+                 verifiable with this key anyway. */
+
+	      if(node->pkt->pkt.signature->keyid[0]==keyid[0] &&
+		 node->pkt->pkt.signature->keyid[1]==keyid[1])
+		{
+		  int rc = check_key_signature( keyblock, node, NULL);
+		  if( rc )
+		    {
+		      log_error( _("key %08lX: invalid revocation "
+				   "certificate: %s - skipped\n"),
+				 (ulong)keyid[1], g10_errstr(rc));
+		      delete_kbnode( node );
+		    }
 		}
 	    }
 	}
@@ -968,7 +1177,84 @@ collapse_uids( KBNODE *keyblock )
     return 1;
 }
 
+/* Check for a 0x20 revocation from a revocation key that is not
+   present.  This gets called without the benefit of merge_xxxx so you
+   can't rely on pk->revkey and friends. */
+static void
+revocation_present(KBNODE keyblock)
+{
+  KBNODE onode,inode;
+  PKT_public_key *pk=keyblock->pkt->pkt.public_key;
+
+  for(onode=keyblock->next;onode;onode=onode->next)
+    {
+      /* If we reach user IDs, we're done. */
+      if(onode->pkt->pkttype==PKT_USER_ID)
+	break;
+
+      if(onode->pkt->pkttype==PKT_SIGNATURE &&
+	 onode->pkt->pkt.signature->sig_class==0x1F &&
+	 onode->pkt->pkt.signature->revkey)
+	{
+	  int idx;
+	  PKT_signature *sig=onode->pkt->pkt.signature;
+
+	  for(idx=0;idx<sig->numrevkeys;idx++)
+	    {
+	      u32 keyid[2];
+
+	      keyid_from_fingerprint(sig->revkey[idx]->fpr,
+				     MAX_FINGERPRINT_LEN,keyid);
+
+	      for(inode=keyblock->next;inode;inode=inode->next)
+		{
+		  /* If we reach user IDs, we're done. */
+		  if(inode->pkt->pkttype==PKT_USER_ID)
+		    break;
 
+		  if(inode->pkt->pkttype==PKT_SIGNATURE &&
+		     inode->pkt->pkt.signature->sig_class==0x20 &&
+		     inode->pkt->pkt.signature->keyid[0]==keyid[0] &&
+		     inode->pkt->pkt.signature->keyid[1]==keyid[1])
+		    {
+		      /* Okay, we have a revocation key, and a
+                         revocation issued by it.  Do we have the key
+                         itself? */
+		      int rc;
+
+		      rc=get_pubkey_byfprint(NULL,sig->revkey[idx]->fpr,
+					     MAX_FINGERPRINT_LEN);
+		      if(rc==G10ERR_NO_PUBKEY || rc==G10ERR_UNU_PUBKEY)
+			{
+			  /* No, so try and get it */
+			  if(opt.keyserver_scheme &&
+			     opt.keyserver_options.auto_key_retrieve)
+			    {
+			      log_info(_("Warning: key %08lX may be revoked: "
+					 "fetching revocation key %08lX\n"),
+				       (ulong)keyid_from_pk(pk,NULL),
+				       (ulong)keyid[1]);
+			      keyserver_import_fprint(sig->revkey[idx]->fpr,
+						      MAX_FINGERPRINT_LEN);
+
+			      /* Do we have it now? */
+			      rc=get_pubkey_byfprint(NULL,
+						     sig->revkey[idx]->fpr,
+						     MAX_FINGERPRINT_LEN);
+			    }
+
+			  if(rc==G10ERR_NO_PUBKEY || rc==G10ERR_UNU_PUBKEY)
+			    log_info(_("Warning: key %08lX may be revoked: "
+				       "revocation key %08lX not present.\n"),
+				     (ulong)keyid_from_pk(pk,NULL),
+				     (ulong)keyid[1]);
+			}
+		    }
+		}
+	    }
+	}
+    }
+}
 
 /****************
  * compare and merge the blocks
@@ -1010,16 +1296,49 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
 		}
 	    }
 	    if( !found ) {
+	        char *p=get_user_id_native(keyid);
 		KBNODE n2 = clone_kbnode(node);
 		insert_kbnode( keyblock_orig, n2, 0 );
 		n2->flag |= 1;
-		log_info( _("key %08lX: revocation certificate added\n"),
+                ++*n_sigs;
+		log_info(_("key %08lX: \"%s\" revocation certificate added\n"),
+					 (ulong)keyid[1],p);
+		m_free(p);
+	    }
+	}
+    }
+
+    /* 2nd: merge in any direct key (0x1F) sigs */
+    for(node=keyblock->next; node; node=node->next ) {
+	if( node->pkt->pkttype == PKT_USER_ID )
+	    break;
+	else if( node->pkt->pkttype == PKT_SIGNATURE
+		 && node->pkt->pkt.signature->sig_class == 0x1F )  {
+	    /* check whether we already have this */
+	    found = 0;
+	    for(onode=keyblock_orig->next; onode; onode=onode->next ) {
+		if( onode->pkt->pkttype == PKT_USER_ID )
+		    break;
+		else if( onode->pkt->pkttype == PKT_SIGNATURE
+			 && onode->pkt->pkt.signature->sig_class == 0x1F
+			 && !cmp_signatures(onode->pkt->pkt.signature,
+					    node->pkt->pkt.signature)) {
+		    found = 1;
+		    break;
+		}
+	    }
+	    if( !found ) {
+		KBNODE n2 = clone_kbnode(node);
+		insert_kbnode( keyblock_orig, n2, 0 );
+		n2->flag |= 1;
+                ++*n_sigs;
+		log_info( _("key %08lX: direct key signature added\n"),
 					 (ulong)keyid[1]);
 	    }
 	}
     }
 
-    /* 2nd: try to merge new certificates in */
+    /* 3rd: try to merge new certificates in */
     for(onode=keyblock_orig->next; onode; onode=onode->next ) {
 	if( !(onode->flag & 1) && onode->pkt->pkttype == PKT_USER_ID) {
 	    /* find the user id in the imported keyblock */
@@ -1036,7 +1355,7 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
 	}
     }
 
-    /* 3rd: add new user-ids */
+    /* 4th: add new user-ids */
     for(node=keyblock->next; node; node=node->next ) {
 	if( node->pkt->pkttype == PKT_USER_ID) {
 	    /* do we have this in the original keyblock */
@@ -1054,7 +1373,7 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
 	}
     }
 
-    /*	add new subkeys */
+    /* 5th: add new subkeys */
     for(node=keyblock->next; node; node=node->next ) {
 	onode = NULL;
 	if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
@@ -1087,7 +1406,7 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
 	}
     }
 
-    /* merge subkey certificates */
+    /* 6th: merge subkey certificates */
     for(onode=keyblock_orig->next; onode; onode=onode->next ) {
 	if( !(onode->flag & 1)
 	    &&	(   onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
@@ -1126,11 +1445,6 @@ append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
     KBNODE n, n_where=NULL;
 
     assert(node->pkt->pkttype == PKT_USER_ID );
-    if( !node->next || node->next->pkt->pkttype == PKT_USER_ID ) {
-	log_error( _("key %08lX: our copy has no self-signature\n"),
-						  (ulong)keyid[1]);
-	return GPGERR_GENERAL;
-    }
 
     /* find the position */
     for( n = keyblock; n; n_where = n, n = n->next ) {
@@ -1179,12 +1493,6 @@ merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
 
     assert(dst->pkt->pkttype == PKT_USER_ID );
     assert(src->pkt->pkttype == PKT_USER_ID );
-    if( !dst->next || dst->next->pkt->pkttype == PKT_USER_ID ) {
-	log_error( _("key %08lX: our copy has no self-signature\n"),
-						  (ulong)keyid[1]);
-	return 0;
-    }
-
 
     for(n=src->next; n && n->pkt->pkttype != PKT_USER_ID; n = n->next ) {
 	if( n->pkt->pkttype != PKT_SIGNATURE )
@@ -1304,4 +1612,3 @@ append_key( KBNODE keyblock, KBNODE node, int *n_sigs,
 
     return 0;
 }
-
diff --git a/g10/kbnode.c b/g10/kbnode.c
index 2c1e2ad3c..06d28f844 100644
--- a/g10/kbnode.c
+++ b/g10/kbnode.c
@@ -1,5 +1,5 @@
 /* kbnode.c -  keyblock node utility functions
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,9 +23,8 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-
-#include <gcrypt.h>
 #include "util.h"
+#include "memory.h"
 #include "packet.h"
 #include "keydb.h"
 
@@ -42,7 +41,7 @@ alloc_node(void)
     if( n )
 	unused_nodes = n->next;
     else
-	n = gcry_xmalloc( sizeof *n );
+	n = m_alloc( sizeof *n );
     n->next = NULL;
     n->pkt = NULL;
     n->flag = 0;
@@ -59,7 +58,7 @@ free_node( KBNODE n )
 	n->next = unused_nodes;
 	unused_nodes = n;
       #else
-	gcry_free( n );
+	m_free( n );
       #endif
     }
 }
@@ -95,7 +94,7 @@ release_kbnode( KBNODE n )
 	n2 = n->next;
 	if( !is_cloned_kbnode(n) ) {
 	    free_packet( n->pkt );
-	    gcry_free( n->pkt );
+	    m_free( n->pkt );
 	}
 	free_node( n );
 	n = n2;
@@ -165,9 +164,10 @@ find_prev_kbnode( KBNODE root, KBNODE node, int pkttype )
 {
     KBNODE n1;
 
-    for(n1=NULL ; root && root != node; root = root->next )
-	if( !pkttype || root->pkt->pkttype == pkttype  )
-	    n1 = root;
+    for (n1=NULL; root && root != node; root = root->next ) {
+        if (!pkttype ||root->pkt->pkttype == pkttype)
+            n1 = root;
+    }
     return n1;
 }
 
@@ -185,7 +185,7 @@ find_next_kbnode( KBNODE node, int pkttype )
     for( node=node->next ; node; node = node->next ) {
 	if( !pkttype )
 	    return node;
-	else if( pkttype == PKT_USER_ID
+	else if( pkttype == PKT_USER_ID 
 		 && (	node->pkt->pkttype == PKT_PUBLIC_KEY
 		     || node->pkt->pkttype == PKT_SECRET_KEY ) )
 	    return NULL;
@@ -267,7 +267,7 @@ commit_kbnode( KBNODE *root )
 		nl->next = n->next;
 	    if( !is_cloned_kbnode(n) ) {
 		free_packet( n->pkt );
-		gcry_free( n->pkt );
+		m_free( n->pkt );
 	    }
 	    free_node( n );
 	    changed = 1;
@@ -291,7 +291,7 @@ remove_kbnode( KBNODE *root, KBNODE node )
 		nl->next = n->next;
 	    if( !is_cloned_kbnode(n) ) {
 		free_packet( n->pkt );
-		gcry_free( n->pkt );
+		m_free( n->pkt );
 	    }
 	    free_node( n );
 	}
@@ -356,28 +356,44 @@ dump_kbnode( KBNODE node )
 	  case PKT_PLAINTEXT:	s="plaintext"; break;
 	  case PKT_COMPRESSED:	s="compressed"; break;
 	  case PKT_ENCRYPTED:	s="encrypted"; break;
+          case PKT_GPG_CONTROL: s="gpg-control"; break;
 	  default:		s="unknown"; break;
 	}
 	fprintf(stderr, "node %p %02x/%02x type=%s",
 		node, node->flag, node->private_flag, s);
 	if( node->pkt->pkttype == PKT_USER_ID ) {
+            PKT_user_id *uid = node->pkt->pkt.user_id;
 	    fputs("  \"", stderr);
-	    print_string( stderr, node->pkt->pkt.user_id->name,
-				  node->pkt->pkt.user_id->len, 0 );
-	    fputs("\"\n", stderr);
+	    print_string( stderr, uid->name, uid->len, 0 );
+	    fprintf (stderr, "\" %c%c%c%c\n",
+                     uid->is_expired? 'e':'.',
+                     uid->is_revoked? 'r':'.',
+                     uid->created?    'v':'.',
+                     uid->is_primary? 'p':'.' );
 	}
 	else if( node->pkt->pkttype == PKT_SIGNATURE ) {
-	    fprintf(stderr, "  class=%02x keyid=%08lX\n",
+	    fprintf(stderr, "  class=%02x keyid=%08lX ts=%lu\n",
 		   node->pkt->pkt.signature->sig_class,
-		   (ulong)node->pkt->pkt.signature->keyid[1] );
+		   (ulong)node->pkt->pkt.signature->keyid[1],
+                   (ulong)node->pkt->pkt.signature->timestamp);
+	}
+	else if( node->pkt->pkttype == PKT_GPG_CONTROL ) {
+	    fprintf(stderr, " ctrl=%d len=%u\n",
+                    node->pkt->pkt.gpg_control->control,
+                    (unsigned int)node->pkt->pkt.gpg_control->datalen);
 	}
 	else if( node->pkt->pkttype == PKT_PUBLIC_KEY
 		 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
-	    fprintf(stderr, "  keyid=%08lX\n", (ulong)
-		  keyid_from_pk( node->pkt->pkt.public_key, NULL ));
+            PKT_public_key *pk = node->pkt->pkt.public_key;
+	    fprintf(stderr, "  keyid=%08lX a=%d u=%d %c%c%c%c\n",
+                    (ulong)keyid_from_pk( pk, NULL ),
+                    pk->pubkey_algo, pk->pubkey_usage,
+                    pk->has_expired? 'e':'.',  
+                    pk->is_revoked?  'r':'.',  
+                    pk->is_valid?    'v':'.',
+                    pk->mdc_feature? 'm':'.');
 	}
 	else
 	    fputs("\n", stderr);
     }
 }
-
diff --git a/g10/kbx.h b/g10/kbx.h
deleted file mode 100644
index 25825a4ec..000000000
--- a/g10/kbx.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/* kbx.h  -  The GnuPG Keybox
- *	Copyright (C) 2000 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-#ifndef GPG_KBX_H
-#define GPG_KBX_H 1
-
-#include "keydb.h"
-
-/*-- kbxblob.c */
-struct kbxblob;
-typedef struct kbxblob *KBXBLOB;
-
-int kbx_new_blob ( KBXBLOB *r_blob,  char *image, size_t imagelen );
-int kbx_create_blob ( KBXBLOB *r_blob,	KBNODE keyblock );
-void kbx_release_blob ( KBXBLOB blob );
-const char *kbx_get_blob_image ( KBXBLOB blob, size_t *n );
-
-int kbx_dump_blob ( FILE *fp, KBXBLOB blob  );
-int kbx_blob_has_fpr ( KBXBLOB blob, const byte *fpr );
-int kbx_blob_has_kid ( KBXBLOB blob, const byte *keyidbuf, size_t keyidlen );
-int kbx_blob_has_uid ( KBXBLOB blob,
-		       int (*cmp)(const byte *, size_t, void *), void *opaque );
-
-/*-- kbxio.c --*/
-int kbx_read_blob ( KBXBLOB *r_blob, FILE *a );
-
-/*-- kbxfile.c --*/
-int kbxfile_search_by_fpr( const char *filename, const byte *fpr );
-int kbxfile_search_by_kid ( const char *filename, u32 *kid, int mode );
-int kbxfile_search_by_uid ( const char *filename, const char *name );
-void print_kbxfile( const char *filename );
-
-
-#endif /*GPG_KBX_H*/
diff --git a/g10/kbxblob.c b/g10/kbxblob.c
deleted file mode 100644
index 01d0dfe10..000000000
--- a/g10/kbxblob.c
+++ /dev/null
@@ -1,895 +0,0 @@
-/* kbxblob.c - KBX Blob handling
- *	Copyright (C) 2000 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-
-/* The keybox data formats
-
-The KeyBox uses an augmented OpenPGP key format.  This makes random
-access to a keyblock easier and also gives the opportunity to store
-additional information (e.g. the fingerprint) along with the key.
-All integers are stored in network byte order, offsets are counted from
-the beginning of the Blob.
-
-The first record of a plain KBX file has a special format:
-
- u32  length of the first record
- byte Blob type (1)
- byte version number (1)
- byte reserved
- byte reserved
- u32  magic 'KBXf'
- byte marginals  used for validity calculation of this file
- byte completes  ditto.
- byte cert_depth ditto.
-
-The standard KBX Blob looks like this:
-
- u32  length of this blob (including these 4 bytes)
- byte Blob type (2)
- byte version number of this blob type (1)
- u16  Blob flags
-	bit 0 = contains secret key material
-
- u32  offset to the OpenPGP keyblock
- u32  length of the keyblock
- u16  number of keys (at least 1!)
- u16  size of additional key information
- n times:
-   b20	The keys fingerprint
-	(fingerprints are always 20 bytes, MD5 left padded with zeroes)
-   u32	offset to the n-th key's keyID (a keyID is always 8 byte)
-   u16	special key flags
-	 bit 0 =
-   u16	reserved
- u16  number of user IDs
- u16  size of additional user ID information
- n times:
-   u32	offset to the n-th user ID
-   u32	length of this user ID.
-   u16	special user ID flags.
-	 bit 0 =
-   byte validity
-   byte reserved
- u16  number of signatures
- u16  size of signature information (4)
-   u32	expiration time of signature with some special values:
-	0x00000000 = not checked
-	0x00000001 = missing key
-	0x00000002 = bad signature
-	0x10000000 = valid and expires at some date in 1978.
-	0xffffffff = valid and does not expire
- u8	assigned ownertrust
- u8	all_validity
- u16	reserved
- u32	recheck_after
- u32	Newest timestamp in the keyblock (useful for KS syncronsiation?)
- u32	Blob created at
- u32	size of reserved space (not including this field)
-      reserved space
-
-    Here we might want to put other data
-
-    Here comes the keyblock
-
-    maybe we put a signature here later.
-
- b16	MD5 checksum  (useful for KS syncronisation)
- *
- */
-
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <assert.h>
-#include <gcrypt.h>
-
-#include "iobuf.h"
-#include "util.h"
-#include "kbx.h"
-
-/* special values of the signature status */
-#define SF_NONE(a)  ( !(a) )
-#define SF_NOKEY(a) ((a) & (1<<0))
-#define SF_BAD(a)   ((a) & (1<<1))
-#define SF_VALID(a) ((a) & (1<<29))
-
-#if MAX_FINGERPRINT_LEN < 20
-  #error fingerprints are 20 bytes
-#endif
-
-struct kbxblob_key {
-    char   fpr[20];
-    u32    off_kid;
-    ulong  off_kid_addr;
-    u16    flags;
-};
-struct kbxblob_uid {
-    ulong  off_addr;
-    u32    len;
-    u16    flags;
-    byte   validity;
-};
-
-struct keyid_list {
-    struct keyid_list *next;
-    int seqno;
-    byte kid[8];
-};
-
-struct fixup_list {
-    struct fixup_list *next;
-    u32 off;
-    u32 val;
-};
-
-
-struct kbxblob {
-    byte *blob;
-    size_t bloblen;
-
-    /* stuff used only by kbx_create_blob */
-    int nkeys;
-    struct kbxblob_key *keys;
-    int nuids;
-    struct kbxblob_uid *uids;
-    int nsigs;
-    u32  *sigs;
-    struct fixup_list *fixups;
-
-    struct keyid_list *temp_kids;
-    IOBUF buf;	/* the KBX is temporarly stored here */
-};
-
-void kbx_release_blob ( KBXBLOB blob );
-
-/* Note: this functions are only used for temportay iobufs and therefore
- * they can't fail */
-static void
-put8 ( IOBUF out, byte a )
-{
-    iobuf_put ( out, a );
-}
-
-static void
-put16 ( IOBUF out, u16 a )
-{
-    iobuf_put ( out, a>>8 );
-    iobuf_put ( out, a );
-}
-
-static void
-put32 ( IOBUF out, u32 a )
-{
-    iobuf_put (out, a>> 24);
-    iobuf_put (out, a>> 16);
-    iobuf_put (out, a>> 8);
-    iobuf_put (out, a );
-}
-
-static void
-putn ( IOBUF out, const byte *p, size_t n )
-{
-    for ( ; n; p++, n-- ) {
-	iobuf_put ( out, *p );
-    }
-}
-
-
-/****************
- * We must store the keyid at some place because we can't calculate the
- * offset yet.	This is only used for v3 keyIDs.  Function returns an index
- * value for later fixupd; this must be a non-zero value
- */
-static int
-temp_store_kid ( KBXBLOB blob, PKT_public_key *pk )
-{
-    struct keyid_list *k, *r;
-
-    k = gcry_xmalloc ( sizeof *k );
-    k->kid[0] = pk->keyid[0] >> 24 ;
-    k->kid[1] = pk->keyid[0] >> 16 ;
-    k->kid[2] = pk->keyid[0] >>  8 ;
-    k->kid[3] = pk->keyid[0]	   ;
-    k->kid[4] = pk->keyid[0] >> 24 ;
-    k->kid[5] = pk->keyid[0] >> 16 ;
-    k->kid[6] = pk->keyid[0] >>  8 ;
-    k->kid[7] = pk->keyid[0]	   ;
-    k->seqno = 0;
-    k->next = blob->temp_kids;
-    blob->temp_kids = k;
-    for ( r=k; r; r = r->next ) {
-	k->seqno++;
-    }
-
-    return k->seqno;
-}
-
-static void
-put_stored_kid( KBXBLOB blob, int seqno )
-{
-    struct keyid_list *r;
-
-    for ( r = blob->temp_kids; r; r = r->next ) {
-	if( r->seqno == seqno ) {
-	    putn ( blob->buf, r->kid, 8 );
-	    return;
-	}
-    }
-    BUG();
-}
-
-static void
-release_kid_list ( struct keyid_list *kl )
-{
-    struct keyid_list *r, *r2;
-
-    for ( r = kl; r; r = r2 ) {
-	r2 = r->next;
-	gcry_free( r );
-    }
-}
-
-
-static int
-create_key_part( KBXBLOB blob, KBNODE keyblock )
-{
-    KBNODE node;
-    size_t fprlen;
-    int n;
-
-    for ( n=0, node = keyblock; node; node = node->next ) {
-	if ( node->pkt->pkttype == PKT_PUBLIC_KEY
-	     || node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
-	    PKT_public_key *pk = node->pkt->pkt.public_key;
-	    char tmp[20];
-
-	    fingerprint_from_pk( pk, tmp , &fprlen );
-	    memcpy(blob->keys[n].fpr,tmp,20);
-	    if ( fprlen != 20 ) { /*v3 fpr - shift right and fill with zeroes*/
-		assert( fprlen == 16 );
-		memmove( blob->keys[n].fpr+4, blob->keys[n].fpr, 16);
-		memset( blob->keys[n].fpr, 0, 4 );
-		blob->keys[n].off_kid = temp_store_kid( blob, pk );
-	    }
-	    else {
-		blob->keys[n].off_kid = 0; /* will be fixed up later */
-	    }
-	    blob->keys[n].flags = 0;
-	    n++;
-	}
-	else if ( node->pkt->pkttype == PKT_SECRET_KEY
-		  || node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
-	    BUG(); /* not yet implemented */
-	}
-    }
-    assert( n == blob->nkeys );
-    return 0;
-}
-
-static int
-create_uid_part( KBXBLOB blob, KBNODE keyblock )
-{
-    KBNODE node;
-    int n;
-
-    for ( n=0, node = keyblock; node; node = node->next ) {
-	if ( node->pkt->pkttype == PKT_USER_ID ) {
-	    PKT_user_id *u = node->pkt->pkt.user_id;
-
-	    blob->uids[n].len	= u->len;
-	    blob->uids[n].flags = 0;
-	    blob->uids[n].validity = 0;
-	    n++;
-	}
-    }
-    assert( n == blob->nuids );
-    return 0;
-}
-
-static int
-create_sig_part( KBXBLOB blob, KBNODE keyblock )
-{
-    KBNODE node;
-    int n;
-
-    for ( n=0, node = keyblock; node; node = node->next ) {
-	if ( node->pkt->pkttype == PKT_SIGNATURE ) {
-	    PKT_signature *sig = node->pkt->pkt.signature;
-
-	    blob->sigs[n] = 0;	/* FIXME: check the signature here */
-	    n++;
-	}
-    }
-    assert( n == blob->nsigs );
-    return 0;
-}
-
-
-static int
-create_blob_header( KBXBLOB blob )
-{
-    IOBUF a = blob->buf;
-    int i;
-
-    put32 ( a, 0 ); /* blob length, needs fixup */
-    put8 ( a, 2 );  /* blob type */
-    put8 ( a, 1 );  /* blob type version */
-    put16 ( a, 0 ); /* blob flags */
-
-    put32 ( a, 0 ); /* offset to the keyblock, needs fixup */
-    put32 ( a, 0 ); /* length of the keyblock, needs fixup */
-
-    put16 ( a, blob->nkeys );
-    put16 ( a, 20 + 4 + 2 + 2 );  /* size of key info */
-    for ( i=0; i < blob->nkeys; i++ ) {
-	putn ( a, blob->keys[i].fpr, 20 );
-	blob->keys[i].off_kid_addr = iobuf_get_temp_length (a);
-	put32 ( a, 0 ); /* offset to keyid, fixed up later */
-	put16 ( a, blob->keys[i].flags );
-	put16 ( a, 0 ); /* reserved */
-    }
-
-    put16 ( a, blob->nuids );
-    put16 ( a, 4 + 4 + 2 + 1 + 1 );  /* size of uid info */
-    for ( i=0; i < blob->nuids; i++ ) {
-	blob->uids[i].off_addr = iobuf_get_temp_length ( a );
-	put32 ( a, 0 ); /* offset to userid, fixed up later */
-	put32 ( a, blob->uids[i].len );
-	put16 ( a, blob->uids[i].flags );
-	put8  ( a, 0 ); /* validity */
-	put8  ( a, 0 ); /* reserved */
-    }
-
-    put16 ( a, blob->nsigs );
-    put16 ( a, 4 );  /* size of sig info */
-    for ( i=0; i < blob->nsigs; i++ ) {
-	put32 ( a, blob->sigs[i] );
-    }
-
-    put8 ( a, 0 );  /* assigned ownertrust */
-    put8 ( a, 0 );  /* validity of all user IDs */
-    put16 ( a, 0 );  /* reserved */
-    put32 ( a, 0 );  /* time of next recheck */
-    put32 ( a, 0 );  /* newest timestamp (none) */
-    put32 ( a, make_timestamp() );  /* creation time */
-    put32 ( a, 0 );  /* size of reserved space */
-	/* reserved space (which is currently of size 0) */
-
-    /* We need to store the keyids for all v3 keys because those key IDs are
-     * not part of the fingerprint.  While we are doing that, we fixup all
-     * the keyID offsets */
-    for ( i=0; i < blob->nkeys; i++ ) {
-	struct fixup_list *fl = gcry_xcalloc(1, sizeof *fl );
-	fl->off = blob->keys[i].off_kid_addr;
-	fl->next = blob->fixups;
-	blob->fixups = fl;
-
-	if ( blob->keys[i].off_kid ) { /* this is a v3 one */
-	    fl->val = iobuf_get_temp_length (a);
-	    put_stored_kid ( blob, blob->keys[i].off_kid );
-	}
-	else { /* the better v4 key IDs - just store an offset 8 bytes back */
-	    fl->val = blob->keys[i].off_kid_addr-8;
-	}
-    }
-
-
-    return 0;
-}
-
-static int
-create_blob_keyblock( KBXBLOB blob, KBNODE keyblock )
-{
-    IOBUF a = blob->buf;
-    KBNODE node;
-    int rc;
-    int n;
-    u32 kbstart = iobuf_get_temp_length ( a );
-
-    {
-	    struct fixup_list *fl = gcry_xcalloc(1, sizeof *fl );
-	    fl->off = 8;
-	    fl->val = kbstart;
-	    fl->next = blob->fixups;
-	    blob->fixups = fl;
-    }
-    for ( n = 0, node = keyblock; node; node = node->next ) {
-	rc = build_packet ( a, node->pkt );
-	if ( rc ) {
-	    gpg_log_error("build_packet(%d) for kbxblob failed: %s\n",
-			node->pkt->pkttype, gpg_errstr(rc) );
-	    return GPGERR_WRITE_FILE;
-	}
-	if ( node->pkt->pkttype == PKT_USER_ID ) {
-	    PKT_user_id *u = node->pkt->pkt.user_id;
-	    /* build_packet has set the offset of the name into u ;
-	     * now we can do the fixup */
-	    struct fixup_list *fl = gcry_xcalloc(1, sizeof *fl );
-	    fl->off = blob->uids[n].off_addr;
-	    fl->val = u->stored_at;
-	    fl->next = blob->fixups;
-	    blob->fixups = fl;
-	    n++;
-	}
-    }
-    assert( n == blob->nuids );
-    {
-	    struct fixup_list *fl = gcry_xcalloc(1, sizeof *fl );
-	    fl->off = 12;
-	    fl->val = iobuf_get_temp_length (a) - kbstart;
-	    fl->next = blob->fixups;
-	    blob->fixups = fl;
-    }
-    return 0;
-}
-
-static int
-create_blob_trailer( KBXBLOB blob )
-{
-    IOBUF a = blob->buf;
-    return 0;
-}
-
-static int
-create_blob_finish( KBXBLOB blob )
-{
-    IOBUF a = blob->buf;
-    byte *p;
-    char *pp;
-    int i;
-    size_t n;
-
-    /* write a placeholder for the checksum */
-    for ( i = 0; i < 16; i++ )
-	put32( a, 0 );
-    /* get the memory area */
-    iobuf_flush_temp ( a );
-    p = iobuf_get_temp_buffer ( a );
-    n = iobuf_get_temp_length ( a );
-    assert( n >= 20 );
-
-    /* fixup the length */
-    {
-	struct fixup_list *fl = gcry_xcalloc(1, sizeof *fl );
-	fl->off = 0;
-	fl->val = n;
-	fl->next = blob->fixups;
-	blob->fixups = fl;
-    }
-    /* do the fixups */
-    {
-	struct fixup_list *fl;
-	for ( fl = blob->fixups; fl; fl = fl->next ) {
-	    assert( fl->off+4 <= n );
-	    p[fl->off+0] = fl->val >> 24 ;
-	    p[fl->off+1] = fl->val >> 16 ;
-	    p[fl->off+2] = fl->val >>  8 ;
-	    p[fl->off+3] = fl->val	 ;
-	}
-
-    }
-
-    /* calculate and store the MD5 checksum */
-    gcry_md_hash_buffer( GCRY_MD_MD5, p + n - 16, p, n - 16 );
-
-    pp = gcry_malloc ( n );
-    if ( !pp )
-	return GCRYERR_NO_MEM;
-    memcpy ( pp , p, n );
-    blob->blob = pp;
-    blob->bloblen = n;
-
-    return 0;
-}
-
-
-int
-kbx_create_blob ( KBXBLOB *r_blob,  KBNODE keyblock )
-{
-    int rc = 0;
-    KBNODE node;
-    KBXBLOB blob;
-
-    *r_blob = NULL;
-    blob = gcry_xcalloc (1, sizeof *blob );
-    if( !blob )
-	return GCRYERR_NO_MEM;
-
-    /* fixme: Do some sanity checks on the keyblock */
-
-    /* count userids and keys so that we can allocate the arrays */
-    for ( node = keyblock; node; node = node->next ) {
-	switch ( node->pkt->pkttype ) {
-	  case PKT_PUBLIC_KEY:
-	  case PKT_SECRET_KEY:
-	  case PKT_PUBLIC_SUBKEY:
-	  case PKT_SECRET_SUBKEY: blob->nkeys++; break;
-	  case PKT_USER_ID:  blob->nuids++; break;
-	  case PKT_SIGNATURE: blob->nsigs++; break;
-	  default: break;
-	}
-    }
-    blob->keys = gcry_xcalloc ( blob->nkeys, sizeof ( *blob->keys ) );
-    blob->uids = gcry_xcalloc ( blob->nuids, sizeof ( *blob->uids ) );
-    blob->sigs = gcry_xcalloc ( blob->nsigs, sizeof ( *blob->sigs ) );
-    if ( !blob->keys || !blob->uids || !blob->sigs ) {
-	rc = GCRYERR_NO_MEM;
-	goto leave;
-    }
-
-    rc = create_key_part ( blob, keyblock );
-    if( rc )
-	goto leave;
-    rc = create_uid_part ( blob, keyblock );
-    if( rc )
-	goto leave;
-    rc = create_sig_part ( blob, keyblock );
-    if( rc )
-	goto leave;
-
-    blob->buf = iobuf_temp();
-    rc = create_blob_header ( blob );
-    if( rc )
-	goto leave;
-    rc = create_blob_keyblock ( blob, keyblock );
-    if( rc )
-	goto leave;
-    rc = create_blob_trailer ( blob );
-    if( rc )
-	goto leave;
-    rc = create_blob_finish ( blob );
-    if( rc )
-	goto leave;
-
-
-  leave:
-    release_kid_list( blob->temp_kids );
-    blob->temp_kids = NULL;
-    if ( rc ) {
-	kbx_release_blob ( blob );
-	*r_blob = NULL;
-    }
-    else  {
-	*r_blob = blob;
-    }
-    return rc;
-}
-
-int
-kbx_new_blob ( KBXBLOB *r_blob,  char *image, size_t imagelen )
-{
-    KBXBLOB blob;
-
-    *r_blob = NULL;
-    blob = gcry_xcalloc (1, sizeof *blob );
-    if( !blob )
-	return GCRYERR_NO_MEM;
-    blob->blob = image;
-    blob->bloblen = imagelen;
-    *r_blob = blob;
-    return 0;
-}
-
-
-
-const char *
-kbx_get_blob_image ( KBXBLOB blob, size_t *n )
-{
-    *n = blob->bloblen;
-    return blob->blob;
-}
-
-void
-kbx_release_blob ( KBXBLOB blob )
-{
-    if( !blob )
-	return;
-    if( blob->buf )
-	iobuf_cancel( blob->buf );
-    gcry_free( blob->keys );
-    gcry_free( blob->uids );
-    gcry_free( blob->sigs );
-
-    gcry_free ( blob->blob );
-
-    gcry_free( blob );
-}
-
-static ulong
-get32( const byte *buffer )
-{
-    ulong a;
-    a =  *buffer << 24;
-    a |= buffer[1] << 16;
-    a |= buffer[2] << 8;
-    a |= buffer[3];
-    return a;
-}
-
-static ulong
-get16( const byte *buffer )
-{
-    ulong a;
-    a =  *buffer << 8;
-    a |= buffer[1];
-    return a;
-}
-
-
-int
-kbx_dump_blob ( FILE *fp, KBXBLOB blob	)
-{
-    const byte *buffer = blob->blob;
-    size_t length = blob->bloblen;
-    ulong n, nkeys, keyinfolen;
-    ulong nuids, uidinfolen;
-    ulong nsigs, siginfolen;
-    ulong keyblock_off, keyblock_len;
-    const byte *p;
-
-    if( length < 40 )  {
-	fprintf( fp, "blob too short\n");
-	return -1;
-    }
-    n = get32( buffer );
-    if( n > length ) {
-	fprintf( fp, "blob larger than length - output truncated\n");
-    }
-    else
-	length = n;  /* ignore the rest */
-    fprintf( fp, "Length: %lu\n", n );
-    fprintf( fp, "Type:   %d\n", buffer[4] );
-    fprintf( fp, "Version: %d\n", buffer[5] );
-    if( buffer[4] != 2 ) {
-	fprintf( fp, "can't dump this blob type\n" );
-	return 0;
-    }
-
-    n = get16( buffer + 6 );
-    fprintf( fp, "Blob-Flags: %04lX\n", n );
-    keyblock_off = get32( buffer + 8 );
-    keyblock_len = get32( buffer + 12 );
-    fprintf( fp, "Keyblock-Offset: %lu\n", keyblock_off );
-    fprintf( fp, "Keyblock-Length: %lu\n", keyblock_len );
-
-    nkeys = get16( buffer + 16 );
-    fprintf( fp, "Key-Count: %lu\n", nkeys );
-    keyinfolen = get16( buffer + 18 );
-    fprintf( fp, "Key-Info-Length: %lu\n", keyinfolen );
-    /* fixme: check bounds */
-    p = buffer + 20;
-    for(n=0; n < nkeys; n++, p += keyinfolen ) {
-	int i;
-	ulong kidoff, kflags;
-
-	fprintf( fp, "Key-%lu-Fpr: ", n );
-	for(i=0; i < 20; i++ )
-	    fprintf( fp, "%02X", p[i] );
-	kidoff = get32( p + 20 );
-	fprintf( fp, "\nKey-%lu-Kid-Off: %lu\n", n, kidoff );
-	fprintf( fp, "Key-%lu-Kid: ", n );
-	/* fixme: check bounds */
-	for(i=0; i < 8; i++ )
-	    fprintf( fp, "%02X", buffer[kidoff+i] );
-	kflags = get16( p + 24 );
-	fprintf( fp, "\nKey-%lu-Flags: %04lX\n", n, kflags );
-    }
-
-
-    nuids = get16( p );
-    fprintf( fp, "Uid-Count: %lu\n", nuids );
-    uidinfolen = get16( p + 2 );
-    fprintf( fp, "Uid-Info-Length: %lu\n", uidinfolen );
-    /* fixme: check bounds */
-    p += 4;
-    for(n=0; n < nuids; n++, p += uidinfolen ) {
-	ulong uidoff, uidlen, uflags;
-
-	uidoff = get32( p );
-	uidlen = get32( p+4 );
-	fprintf( fp, "Uid-%lu-Off: %lu\n", n, uidoff );
-	fprintf( fp, "Uid-%lu-Len: %lu\n", n, uidlen );
-	fprintf( fp, "Uid-%lu: \"", n );
-	print_string( fp, buffer+uidoff, uidlen, '\"' );
-	fputs("\"\n", fp );
-	uflags = get16( p + 8 );
-	fprintf( fp, "Uid-%lu-Flags: %04lX\n", n, uflags );
-	fprintf( fp, "Uid-%lu-Validity: %d\n", n, p[10] );
-    }
-
-    nsigs = get16( p );
-    fprintf( fp, "Sig-Count: %lu\n", nsigs );
-    siginfolen = get16( p + 2 );
-    fprintf( fp, "Sig-Info-Length: %lu\n", siginfolen );
-    /* fixme: check bounds  */
-    p += 4;
-    for(n=0; n < nsigs; n++, p += siginfolen ) {
-	ulong sflags;
-
-	sflags = get32( p );
-	fprintf( fp, "Sig-%lu-Expire: ", n );
-	if( !sflags )
-	    fputs( "[not checked]", fp );
-	else if( sflags == 1 )
-	    fputs( "[missing key]", fp );
-	else if( sflags == 2 )
-	    fputs( "[bad signature]", fp );
-	else if( sflags < 0x10000000 )
-	    fprintf( fp, "[bad flag %0lx]", sflags );
-	else if( sflags == 0xffffffff )
-	    fputs( "0", fp );
-	else
-	    fputs( strtimestamp( sflags ), fp );
-	putc('\n', fp );
-    }
-
-    fprintf( fp, "Ownertrust: %d\n", p[0] );
-    fprintf( fp, "All-Validity: %d\n", p[1] );
-    p += 4;
-    n = get32( p ); p += 4;
-    fprintf( fp, "Recheck-After: %s\n", n? strtimestamp(n) : "0" );
-    n = get32( p ); p += 4;
-    fprintf( fp, "Latest-Timestamp: %s\n", strtimestamp(n) );
-    n = get32( p ); p += 4;
-    fprintf( fp, "Created-At: %s\n", strtimestamp(n) );
-    n = get32( p ); p += 4;
-    fprintf( fp, "Reserved-Space: %lu\n", n );
-
-
-    /* check that the keyblock is at the correct offset and other bounds */
-
-
-    fprintf( fp, "Blob-Checksum: [MD5-hash]\n" );
-    return 0;
-}
-
-/****************
- * Check whether the given fingerprint (20 bytes) is in the
- * given keyblob.  fpr is always 20 bytes.
- * Return: 0 = found
- *	   -1 = not found
-	  other = error  (fixme: do not always reurn gpgerr_general)
- */
-int
-kbx_blob_has_fpr ( KBXBLOB blob, const byte *fpr )
-{
-    ulong n, nkeys, keyinfolen;
-    const byte *p, *pend;
-    byte *buffer = blob->blob;
-    size_t buflen = blob->bloblen;
-
-    if ( buflen < 40 )
-	return GPGERR_GENERAL; /* blob too short */
-    n = get32( buffer );
-    if ( n > buflen )
-	return GPGERR_GENERAL; /* blob larger than announced length */
-    buflen = n;  /* ignore trailing stuff */
-    pend = buffer + n - 1;
-
-    if ( buffer[4] != 2 )
-	return GPGERR_GENERAL; /* invalid blob type */
-    if ( buffer[5] != 1 )
-	return GPGERR_GENERAL; /* invalid blob format version */
-
-    nkeys = get16( buffer + 16 );
-    keyinfolen = get16( buffer + 18 );
-    p = buffer + 20;
-    for(n=0; n < nkeys; n++, p += keyinfolen ) {
-	if ( p+20 > pend )
-	    return GPGERR_GENERAL; /* blob shorter than required */
-	if (!memcmp ( p, fpr, 20 ) )
-	    return 0; /* found */
-    }
-    return -1;
-}
-
-/****************
- * Check whether the given keyID (20 bytes) is in the
- * given keyblob.
- * Return: 0 = found
- *	   -1 = not found
-	  other = error  (fixme: do not always return gpgerr_general)
- */
-int
-kbx_blob_has_kid ( KBXBLOB blob, const byte *keyidbuf, size_t keyidlen )
-{
-    ulong n, nkeys, keyinfolen, off;
-    const byte *p, *pend;
-    byte *buffer = blob->blob;
-    size_t buflen = blob->bloblen;
-
-    if ( buflen < 40 )
-	return GPGERR_GENERAL; /* blob too short */
-    n = get32( buffer );
-    if ( n > buflen )
-	return GPGERR_GENERAL; /* blob larger than announced length */
-    buflen = n;  /* ignore trailing stuff */
-    pend = buffer + n - 1;
-
-    if ( buffer[4] != 2 )
-	return GPGERR_GENERAL; /* invalid blob type */
-    if ( buffer[5] != 1 )
-	return GPGERR_GENERAL; /* invalid blob format version */
-
-    nkeys = get16( buffer + 16 );
-    keyinfolen = get16( buffer + 18 );
-    p = buffer + 20;
-    for(n=0; n < nkeys; n++, p += keyinfolen ) {
-	if ( p+24 > pend )
-	    return GPGERR_GENERAL; /* blob shorter than required */
-	off = get32 ( p + 20 );
-	if (keyidlen < 8 ) /* actually keyidlen may either be 4 or 8 */
-	    off +=4;
-	if ( off+keyidlen > buflen )
-	    return GPGERR_GENERAL; /* offset out of bounds */
-	if ( !memcmp ( buffer+off, keyidbuf, keyidlen ) )
-	    return 0; /* found */
-    }
-    return -1;
-}
-
-
-
-int
-kbx_blob_has_uid ( KBXBLOB blob,
-		   int (*cmp)(const byte *, size_t, void *), void *opaque )
-{
-    ulong n, nuids, uidinfolen, off, len;
-    const byte *p, *pend;
-    byte *buffer = blob->blob;
-    size_t buflen = blob->bloblen;
-
-    if ( buflen < 40 )
-	return GPGERR_GENERAL; /* blob too short */
-    n = get32( buffer );
-    if ( n > buflen )
-	return GPGERR_GENERAL; /* blob larger than announced length */
-    buflen = n;  /* ignore trailing stuff */
-    pend = buffer + n - 1;
-
-    if ( buffer[4] != 2 )
-	return GPGERR_GENERAL; /* invalid blob type */
-    if ( buffer[5] != 1 )
-	return GPGERR_GENERAL; /* invalid blob format version */
-
-    p = buffer + 20 + get16( buffer + 16 ) * get16( buffer + 18 );
-    if ( p+4 > pend )
-	return GPGERR_GENERAL; /* blob shorter than required */
-
-    nuids = get16( p ); p+= 2;
-    uidinfolen = get16( p ); p+=2;
-    for(n=0; n < nuids; n++, p += uidinfolen ) {
-	if ( p+8 > pend )
-	    return GPGERR_GENERAL; /* blob shorter than required */
-	off = get32 ( p );
-	len = get32 ( p + 4 );
-	if ( off+len > buflen )
-	    return GPGERR_GENERAL; /* offset out of bounds */
-	if ( (*cmp) ( buffer+off, len, opaque ) )
-	    return 0; /* found */
-    }
-
-    return -1;
-}
-
-
diff --git a/g10/kbxfile.c b/g10/kbxfile.c
deleted file mode 100644
index 94ef13f83..000000000
--- a/g10/kbxfile.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/* kbxfile.c - KBX file handling
- *	Copyright (C) 2000 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-/****************
- * We will change the whole system to use only KBX.  This file here
- * will implement the methods needed to operate on plain KBXfiles.
- * Most stuff from getkey and ringedit will be replaced by stuff here.
- * To make things even more easier we will only allow one updateable kbxfile
- * and optionally some read-only files.
- */
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <assert.h>
-#include <gcrypt.h>
-
-#include "kbx.h"
-#include "options.h"
-#include "util.h"
-#include "i18n.h"
-#include "main.h"
-
-/****************
- * Read the blob at the current fileposition and return an allocated
- * pointer nto the blob if it was found.
- * Fixme: return a blob object.
- */
-static int
-do_search_by_fpr ( const char *filename, FILE *a, const char *fpr,
-						  KBXBLOB *r_blob )
-{
-    KBXBLOB blob;
-    int rc;
-
-    *r_blob = NULL;
-    rc = kbx_read_blob ( &blob, a );
-    if ( rc && rc != -1 ) {
-	log_error (_("file `%s': error reading blob\n"), filename );
-    }
-    else if ( !rc ) {
-	rc = kbx_blob_has_fpr ( blob, fpr );
-    }
-    else
-	log_info ("eof\n");
-
-    if ( !rc ) {
-	*r_blob = blob;
-    }
-    else {
-	kbx_release_blob ( blob );
-    }
-    return rc;
-}
-
-int
-kbxfile_search_by_fpr( const char *filename, const byte *fpr )
-{
-    FILE *fp;
-    KBXBLOB blob;
-    int rc;
-
-    fp = fopen ( filename, "rb" );
-    if( !fp ) {
-	log_error(_("can't open `%s': %s\n"), filename, strerror(errno) );
-	return 1;
-    }
-
-    while ( (rc=do_search_by_fpr ( filename, fp, fpr, &blob )) == -1 )
-	;
-    if ( !rc ) {
-	fputs ("FOUND\n", stderr );
-	kbx_dump_blob ( stderr, blob );
-	kbx_release_blob ( blob );
-    }
-
-    fclose (fp);
-    return -1;
-}
-
-
-/****************
- * Read the blob at the current fileposition and return an allocated
- * pointer nto the blob if it was found.
- * Fixme: return a blob object.
- */
-static int
-do_search_by_keyid ( const char *filename, FILE *a,
-		     const byte *keyidbuf, size_t keyidlen, KBXBLOB *r_blob )
-{
-    KBXBLOB blob;
-    int rc;
-
-    *r_blob = NULL;
-    rc = kbx_read_blob ( &blob, a );
-    if ( rc && rc != -1 ) {
-	log_error (_("file `%s': error reading blob\n"), filename );
-    }
-    else if ( !rc ) {
-	rc = kbx_blob_has_kid ( blob, keyidbuf, keyidlen );
-    }
-    else
-	rc = GPGERR_GENERAL;  /* eof */
-
-    if ( !rc ) {
-	*r_blob = blob;
-    }
-    else {
-	kbx_release_blob ( blob );
-    }
-    return rc;
-}
-
-/****************
- * Look for a KBX described by an keyid.  This function will in
- * turn return each matching keyid because there may me duplicates
- * (which can't happen for fingerprints)
- * mode 10 = short keyid
- *	11 = long keyid
- */
-int
-kbxfile_search_by_kid ( const char *filename, u32 *kid, int mode )
-{
-    FILE *fp;
-    KBXBLOB blob;
-    int rc;
-    byte kbuf[8], *kbufptr;
-    int kbuflen;
-
-    fp = fopen ( filename, "rb" );
-    if( !fp ) {
-	log_error(_("can't open `%s': %s\n"), filename, strerror(errno) );
-	return 1;
-    }
-
-    kbuf[0] = kid[0] >> 24;
-    kbuf[1] = kid[0] >> 16;
-    kbuf[2] = kid[0] >> 8;
-    kbuf[3] = kid[0];
-    kbuf[4] = kid[1] >> 24;
-    kbuf[5] = kid[1] >> 16;
-    kbuf[6] = kid[1] >> 8;
-    kbuf[7] = kid[1];
-    if ( mode == 10 ) {
-	kbufptr=kbuf+4;
-	kbuflen = 4;
-    }
-    else if (mode == 11 ) {
-	kbufptr=kbuf;
-	kbuflen = 8;
-    }
-    else {
-	BUG();
-    }
-
-    do {
-	while ( (rc=do_search_by_keyid ( filename, fp,
-					 kbufptr, kbuflen, &blob )) == -1 )
-	    ;
-	if ( !rc ) {
-	    fputs ("FOUND:\n", stderr );
-	    kbx_dump_blob ( stderr, blob );
-	    kbx_release_blob ( blob );
-	}
-    } while ( !rc );
-
-    fclose (fp);
-    return -1;
-}
-
-
-static int
-do_search_by_uid ( const char *filename, FILE *a,
-		    int (*cmpfnc)(const byte*,size_t,void*), void *cmpdata,
-							   KBXBLOB *r_blob )
-{
-    KBXBLOB blob;
-    int rc;
-
-    *r_blob = NULL;
-    rc = kbx_read_blob ( &blob, a );
-    if ( rc && rc != -1 ) {
-	log_error (_("file `%s': error reading blob\n"), filename );
-    }
-    else if ( !rc ) {
-	rc = kbx_blob_has_uid ( blob, cmpfnc, cmpdata );
-    }
-    else
-	rc = GPGERR_GENERAL;  /* eof */
-
-    if ( !rc ) {
-	*r_blob = blob;
-    }
-    else {
-	kbx_release_blob ( blob );
-    }
-    return rc;
-}
-
-
-static int
-substr_compare ( const byte *buf, size_t buflen, void *opaque )
-{
-    return !!memistr ( buf, buflen, opaque );
-}
-
-
-int
-kbxfile_search_by_uid ( const char *filename, const char *name )
-{
-    FILE *fp;
-    KBXBLOB blob;
-    int rc;
-    byte kbuf[8], *kbufptr;
-    int kbuflen;
-
-    fp = fopen ( filename, "rb" );
-    if( !fp ) {
-	log_error(_("can't open `%s': %s\n"), filename, strerror(errno) );
-	return 1;
-    }
-
-
-    do {
-	while ( (rc=do_search_by_uid ( filename, fp,
-					substr_compare, name, &blob )) == -1 )
-	    ;
-	if ( !rc ) {
-	    fputs ("FOUND:\n", stderr );
-	    kbx_dump_blob ( stderr, blob );
-	    kbx_release_blob ( blob );
-	}
-    } while ( !rc );
-
-    fclose ( fp );
-    return -1;
-}
-
-
-
-void
-export_as_kbxfile(void)
-{
-
-    KBPOS kbpos;
-    KBNODE keyblock = NULL;
-    int rc=0;
-
-    rc = enum_keyblocks_begin( &kbpos, 0 );
-    if( rc ) {
-	if( rc != -1 )
-	    log_error("enum_keyblocks(open) failed: %s\n", gpg_errstr(rc) );
-	goto leave;
-    }
-
-    while( !(rc = enum_keyblocks_next( kbpos, 1, &keyblock )) ) {
-	KBXBLOB blob;
-	const char *p;
-	size_t n;
-
-	merge_keys_and_selfsig( keyblock );
-	rc = kbx_create_blob ( &blob, keyblock );
-	if( rc ) {
-	    log_error("kbx_create_blob failed: %s\n", gpg_errstr(rc) );
-	    goto leave;
-	}
-	p = kbx_get_blob_image ( blob, &n );
-	fwrite( p, n, 1, stdout );
-	kbx_release_blob ( blob );
-    }
-
-    if( rc && rc != -1 )
-	log_error("enum_keyblocks(read) failed: %s\n", gpg_errstr(rc));
-
-  leave:
-    enum_keyblocks_end( kbpos );
-    release_kbnode( keyblock );
-}
-
-
-static int
-do_print_kbxfile( const char *filename, FILE *a )
-{
-    KBXBLOB blob;
-    int rc;
-
-    rc = kbx_read_blob ( &blob, a );
-    if ( rc && rc != -1 ) {
-	log_error (_("file `%s': error reading blob\n"), filename );
-    }
-    else if ( ! rc )
-	kbx_dump_blob ( stdout, blob );
-    kbx_release_blob ( blob );
-    return rc;
-}
-
-void
-print_kbxfile( const char *filename )
-{
-    FILE *fp;
-
-    fp = fopen ( filename, "rb" );
-    if( !fp ) {
-	log_error(_("can't open `%s': %s\n"), filename, strerror(errno) );
-	return;
-    }
-
-    while ( !do_print_kbxfile( filename, fp ) )
-	;
-
-    fclose (fp);
-}
-
diff --git a/g10/kbxio.c b/g10/kbxio.c
deleted file mode 100644
index 6c4437bf8..000000000
--- a/g10/kbxio.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* kbxio.c - KBX I/O handling
- *	Copyright (C) 2000 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <assert.h>
-#include <gcrypt.h>
-
-#include "iobuf.h"
-#include "util.h"
-#include "kbx.h"
-
-
-int
-kbx_read_blob ( KBXBLOB *r_blob, FILE *a )
-{
-    char *image;
-    size_t imagelen = 0;
-    int c1, c2, c3, c4;
-    int rc;
-
-    *r_blob = NULL;
-    if (    (c1 = getc ( a )) == EOF
-	 || (c2 = getc ( a )) == EOF
-	 || (c3 = getc ( a )) == EOF
-	 || (c4 = getc ( a )) == EOF ) {
-	if ( c1 == EOF && !ferror ( a ) )
-	    return -1;
-	return GPGERR_GENERAL;
-    }
-    imagelen = (c1 << 24) | (c2 << 16) | (c3 << 8 ) | c4;
-    if ( imagelen > 500000 ) { /* sanity check:blob too large */
-	return GPGERR_GENERAL;
-    }
-    else if ( imagelen < 4 ) { /* blobtoo short */
-	return GPGERR_GENERAL;
-    }
-    image = gcry_malloc ( imagelen );
-    if ( !image ) {
-	return GPGERR_GENERAL;
-    }
-
-    image[0] = c1; image[1] = c2; image[2] = c3; image[3] = c4;
-    if ( fread ( image+4, imagelen-4, 1, a ) != 1 )  {
-	gcry_free ( image );
-	return GPGERR_GENERAL;
-    }
-
-    rc = kbx_new_blob ( r_blob, image, imagelen );
-    return rc;
-}
-
-
-
diff --git a/g10/kbxutil.c b/g10/kbxutil.c
deleted file mode 100644
index 95fcb9cce..000000000
--- a/g10/kbxutil.c
+++ /dev/null
@@ -1,442 +0,0 @@
-/* gpg.c - The GnuPG utility (main for gpg)
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-#include <config.h>
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <unistd.h>
-
-#include <gcrypt.h>
-
-#include "packet.h"
-#include "iobuf.h"
-#include "util.h"
-#include "main.h"
-#include "options.h"
-#include "keydb.h"
-#include "filter.h"
-#include "ttyio.h"
-#include "i18n.h"
-#include "gnupg-defs.h"
-#include "kbx.h"
-
-
-enum cmd_and_opt_values { aNull = 0,
-    oArmor	  = 'a',
-    aDetachedSign = 'b',
-    aSym	  = 'c',
-    aDecrypt	  = 'd',
-    aEncr	  = 'e',
-    oInteractive  = 'i',
-    oKOption	  = 'k',
-    oDryRun	  = 'n',
-    oOutput	  = 'o',
-    oQuiet	  = 'q',
-    oRecipient	  = 'r',
-    aSign	  = 's',
-    oTextmodeShort= 't',
-    oUser	  = 'u',
-    oVerbose	  = 'v',
-    oCompress	  = 'z',
-    oNotation	  = 'N',
-    oBatch	  = 500,
-    aClearsign,
-    aStore,
-    aKeygen,
-    aSignEncr,
-    aSignKey,
-    aLSignKey,
-    aListPackets,
-    aEditKey,
-    aDeleteKey,
-    aDeleteSecretKey,
-    aKMode,
-    aKModeC,
-    aImport,
-    aFastImport,
-    aVerify,
-    aListKeys,
-    aListSigs,
-    aListSecretKeys,
-    aSendKeys,
-    aRecvKeys,
-    aExport,
-    aExportAll,
-    aExportSecret,
-    aCheckKeys,
-    aGenRevoke,
-    aPrimegen,
-    aPrintMD,
-    aPrintHMAC,
-    aPrintMDs,
-    aCheckTrustDB,
-    aUpdateTrustDB,
-    aFixTrustDB,
-    aListTrustDB,
-    aListTrustPath,
-    aExportOwnerTrust,
-    aImportOwnerTrust,
-    aDeArmor,
-    aEnArmor,
-    aGenRandom,
-
-    oTextmode,
-    oFingerprint,
-    oWithFingerprint,
-    oAnswerYes,
-    oAnswerNo,
-    oKeyring,
-    oSecretKeyring,
-    oDefaultKey,
-    oDefRecipient,
-    oDefRecipientSelf,
-    oNoDefRecipient,
-    oOptions,
-    oDebug,
-    oDebugAll,
-    oStatusFD,
-    oNoComment,
-    oNoVersion,
-    oEmitVersion,
-    oCompletesNeeded,
-    oMarginalsNeeded,
-    oMaxCertDepth,
-    oLoadExtension,
-    oRFC1991,
-    oOpenPGP,
-    oCipherAlgo,
-    oDigestAlgo,
-    oCompressAlgo,
-    oPasswdFD,
-    oNoVerbose,
-    oTrustDBName,
-    oNoSecmemWarn,
-    oNoArmor,
-    oNoDefKeyring,
-    oNoGreeting,
-    oNoTTY,
-    oNoOptions,
-    oNoBatch,
-    oHomedir,
-    oWithColons,
-    oWithKeyData,
-    oSkipVerify,
-    oCompressKeys,
-    oCompressSigs,
-    oAlwaysTrust,
-    oEmuChecksumBug,
-    oRunAsShmCP,
-    oSetFilename,
-    oSetPolicyURL,
-    oUseEmbeddedFilename,
-    oComment,
-    oDefaultComment,
-    oThrowKeyid,
-    oForceV3Sigs,
-    oForceMDC,
-    oS2KMode,
-    oS2KDigest,
-    oS2KCipher,
-    oCharset,
-    oNotDashEscaped,
-    oEscapeFrom,
-    oLockOnce,
-    oLockMultiple,
-    oKeyServer,
-    oEncryptTo,
-    oNoEncryptTo,
-    oLoggerFD,
-    oUtf8Strings,
-    oNoUtf8Strings,
-    oDisableCipherAlgo,
-    oDisablePubkeyAlgo,
-    oAllowNonSelfsignedUID,
-    oNoLiteral,
-    oSetFilesize,
-    oEntropyDLLName,
-
-    aFindByFpr,
-    aFindByKid,
-    aFindByUid,
-aTest };
-
-
-static ARGPARSE_OPTS opts[] = {
-
-    { 300, NULL, 0, N_("@Commands:\n ") },
-
-    { aFindByFpr,  "find-by-fpr", 0, "|FPR| find key using it's fingerprnt" },
-    { aFindByKid,  "find-by-kid", 0, "|KID| find key using it's keyid" },
-    { aFindByUid,  "find-by-uid", 0, "|NAME| find key by user name" },
-
-    { 301, NULL, 0, N_("@\nOptions:\n ") },
-
-    { oArmor, "armor",     0, N_("create ascii armored output")},
-    { oArmor, "armour",     0, "@" },
-    { oCompress, NULL,	      1, N_("|N|set compress level N (0 disables)") },
-    { oOutput, "output",    2, N_("use as output file")},
-    { oVerbose, "verbose",   0, N_("verbose") },
-    { oQuiet,	"quiet",   0, N_("be somewhat more quiet") },
-    { oDryRun, "dry-run",   0, N_("do not make any changes") },
-    { oOptions, "options"   , 2, N_("read options from file")},
-
-    { oDebug, "debug"     ,4|16, N_("set debugging flags")},
-    { oDebugAll, "debug-all" ,0, N_("enable full debugging")},
-
-
-{0} };
-
-
-
-int gpg_errors_seen = 0;
-
-
-static const char *
-my_strusage( int level )
-{
-    const char *p;
-    switch( level ) {
-      case 11: p = "kbxutil (GnuPG)";
-	break;
-      case 13: p = VERSION; break;
-      case 17: p = PRINTABLE_OS_NAME; break;
-      case 19: p =
-	    _("Please report bugs to <[email protected]>.\n");
-	break;
-      case 1:
-      case 40:	p =
-	    _("Usage: kbxutil [options] [files] (-h for help)");
-	break;
-      case 41:	p =
-	    _("Syntax: kbxutil [options] [files]\n"
-	      "list, export, import KBX data\n");
-	break;
-
-
-      default:	p = NULL;
-    }
-    return p;
-}
-
-
-static void
-i18n_init(void)
-{
-  #ifdef USE_SIMPLE_GETTEXT
-    set_gettext_file( PACKAGE );
-  #else
-  #ifdef ENABLE_NLS
-    #ifdef HAVE_LC_MESSAGES
-       setlocale( LC_TIME, "" );
-       setlocale( LC_MESSAGES, "" );
-    #else
-       setlocale( LC_ALL, "" );
-    #endif
-    bindtextdomain( PACKAGE, GNUPG_LOCALEDIR );
-    textdomain( PACKAGE );
-  #endif
-  #endif
-}
-
-
-static void
-wrong_args( const char *text )
-{
-    log_error("usage: kbxutil %s\n", text);
-    gpg_exit ( 1 );
-}
-
-
-static int
-hextobyte( const byte *s )
-{
-    int c;
-
-    if( *s >= '0' && *s <= '9' )
-	c = 16 * (*s - '0');
-    else if( *s >= 'A' && *s <= 'F' )
-	c = 16 * (10 + *s - 'A');
-    else if( *s >= 'a' && *s <= 'f' )
-	c = 16 * (10 + *s - 'a');
-    else
-	return -1;
-    s++;
-    if( *s >= '0' && *s <= '9' )
-	c += *s - '0';
-    else if( *s >= 'A' && *s <= 'F' )
-	c += 10 + *s - 'A';
-    else if( *s >= 'a' && *s <= 'f' )
-	c += 10 + *s - 'a';
-    else
-	return -1;
-    return c;
-}
-
-static char *
-format_fingerprint ( const char *s )
-{
-    int i, c;
-    byte fpr[20];
-
-    for (i=0; i < 20 && *s; ) {
-	if ( *s == ' ' || *s == '\t' ) {
-	    s++;
-	    continue;
-	}
-	c = hextobyte(s);
-	if (c == -1) {
-	    return NULL;
-	}
-	fpr[i++] = c;
-	s += 2;
-    }
-    return gcry_xstrdup ( fpr );
-}
-
-static int
-format_keyid ( const char *s, u32 *kid )
-{
-    char helpbuf[9];
-    switch ( strlen ( s ) ) {
-      case 8:
-	kid[0] = 0;
-	kid[1] = strtoul( s, NULL, 16 );
-	return 10;
-
-      case 16:
-	mem2str( helpbuf, s, 9 );
-	kid[0] = strtoul( helpbuf, NULL, 16 );
-	kid[1] = strtoul( s+8, NULL, 16 );
-	return 11;
-    }
-    return 0; /* error */
-}
-
-
-
-int
-main( int argc, char **argv )
-{
-    ARGPARSE_ARGS pargs;
-    enum cmd_and_opt_values cmd = 0;
-
-    set_strusage( my_strusage );
-    log_set_name("kbxutil");
-    /* check that the libraries are suitable.  Do it here because
-     * the option parse may need services of the library */
-    if ( !gcry_check_version ( "1.1.0a" ) ) {
-	log_fatal(_("libgcrypt is too old (need %s, have %s)\n"),
-				VERSION, gcry_check_version(NULL) );
-    }
-
-    create_dotlock(NULL); /* register locking cleanup */
-    i18n_init();
-
-
-    pargs.argc = &argc;
-    pargs.argv = &argv;
-    pargs.flags=  1;  /* do not remove the args */
-    while( arg_parse( &pargs, opts) ) {
-	switch( pargs.r_opt ) {
-	  case oVerbose:
-		opt.verbose++;
-		gcry_control( GCRYCTL_SET_VERBOSITY, (int)opt.verbose );
-		break;
-	  case oDebug: opt.debug |= pargs.r.ret_ulong; break;
-	  case oDebugAll: opt.debug = ~0; break;
-
-	  case aFindByFpr:
-	  case aFindByKid:
-	  case aFindByUid:
-	    cmd = pargs.r_opt;
-	    break;
-
-	  default : pargs.err = 2; break;
-	}
-    }
-    if( log_get_errorcount(0) )
-	gpg_exit(2);
-
-    if ( !cmd ) { /* default is to list a KBX file */
-	if( !argc ) {
-	    print_kbxfile( NULL );
-	}
-	else {
-	    for ( ; argc; argc--, argv++ ) {
-		print_kbxfile( *argv );
-	    }
-	}
-    }
-    else if ( cmd == aFindByFpr ) {
-	char *fpr;
-	if ( argc != 2 )
-	    wrong_args ("kbxfile foingerprint");
-	fpr = format_fingerprint ( argv[1] );
-	if ( !fpr )
-	    log_error ("invalid formatted fingerprint\n");
-	else {
-	    kbxfile_search_by_fpr ( argv[0], fpr );
-	    gcry_free ( fpr );
-	}
-    }
-    else if ( cmd == aFindByKid ) {
-	u32 kid[2];
-	int mode;
-
-	if ( argc != 2 )
-	    wrong_args ("kbxfile short-or-long-keyid");
-	mode = format_keyid ( argv[1], kid );
-	if ( !mode )
-	    log_error ("invalid formatted keyID\n");
-	else {
-	    kbxfile_search_by_kid ( argv[0], kid, mode );
-	}
-    }
-    else if ( cmd == aFindByUid ) {
-	if ( argc != 2 )
-	    wrong_args ("kbxfile userID");
-	kbxfile_search_by_uid ( argv[0], argv[1] );
-    }
-    else
-	log_error ("unsupported action\n");
-
-    gpg_exit(0);
-    return 8; /*NEVER REACHED*/
-}
-
-
-void
-gpg_exit( int rc )
-{
-    if( opt.debug & DBG_MEMSTAT_VALUE ) {
-	gcry_control( GCRYCTL_DUMP_MEMORY_STATS );
-	gcry_control( GCRYCTL_DUMP_RANDOM_STATS );
-    }
-    if( opt.debug )
-	gcry_control( GCRYCTL_DUMP_SECMEM_STATS );
-    rc = rc? rc : log_get_errorcount(0)? 2 :
-			gpg_errors_seen? 1 : 0;
-    exit(rc );
-}
-
-
diff --git a/g10/keydb.c b/g10/keydb.c
new file mode 100644
index 000000000..96d19105a
--- /dev/null
+++ b/g10/keydb.c
@@ -0,0 +1,698 @@
+/* keydb.c - key database dispatcher
+ * Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+#include "util.h"
+#include "options.h"
+#include "main.h" /*try_make_homedir ()*/
+#include "packet.h"
+#include "keyring.h"
+#include "keydb.h" 
+#include "i18n.h"
+
+static int active_handles;
+
+typedef enum {
+    KEYDB_RESOURCE_TYPE_NONE = 0,
+    KEYDB_RESOURCE_TYPE_KEYRING
+} KeydbResourceType;
+#define MAX_KEYDB_RESOURCES 20
+
+struct resource_item {
+  KeydbResourceType type;
+  union {
+    KEYRING_HANDLE kr;
+  } u;
+  void *token;
+  int secret;
+};
+
+static struct resource_item all_resources[MAX_KEYDB_RESOURCES];
+static int used_resources;
+
+struct keydb_handle {
+  int locked;
+  int found;
+  int current;
+  int used; /* items in active */
+  struct resource_item active[MAX_KEYDB_RESOURCES];
+};
+
+
+static int lock_all (KEYDB_HANDLE hd);
+static void unlock_all (KEYDB_HANDLE hd);
+
+
+/*
+ * Register a resource (which currently may only be a keyring file).
+ * The first keyring which is added by this function is
+ * created if it does not exist.
+ * Note: this function may be called before secure memory is
+ * available.
+ */
+int
+keydb_add_resource (const char *url, int force, int secret)
+{
+    static int any_secret, any_public;
+    const char *resname = url;
+    IOBUF iobuf = NULL;
+    char *filename = NULL;
+    int rc = 0;
+    KeydbResourceType rt = KEYDB_RESOURCE_TYPE_NONE;
+    void *token;
+
+    /* Do we have an URL?
+     *	gnupg-ring:filename  := this is a plain keyring
+     *	filename := See what is is, but create as plain keyring.
+     */
+    if (strlen (resname) > 11) {
+	if (!strncmp( resname, "gnupg-ring:", 11) ) {
+	    rt = KEYDB_RESOURCE_TYPE_KEYRING;
+	    resname += 11;
+	}
+      #if !defined(HAVE_DRIVE_LETTERS) && !defined(__riscos__)
+	else if (strchr (resname, ':')) {
+	    log_error ("invalid key resource URL `%s'\n", url );
+	    rc = G10ERR_GENERAL;
+	    goto leave;
+	}
+      #endif /* !HAVE_DRIVE_LETTERS && !__riscos__ */
+    }
+
+    if (*resname != DIRSEP_C ) { /* do tilde expansion etc */
+	if (strchr(resname, DIRSEP_C) )
+	    filename = make_filename (resname, NULL);
+	else
+	    filename = make_filename (opt.homedir, resname, NULL);
+    }
+    else
+	filename = m_strdup (resname);
+
+    check_permissions(filename,0,0);
+
+    if (!force)
+	force = secret? !any_secret : !any_public;
+
+    /* see whether we can determine the filetype */
+    if (rt == KEYDB_RESOURCE_TYPE_NONE) {
+	FILE *fp = fopen( filename, "rb" );
+
+	if (fp) {
+	    u32 magic;
+
+	    if (fread( &magic, 4, 1, fp) == 1 ) {
+		if (magic == 0x13579ace || magic == 0xce9a5713)
+		    ; /* GDBM magic - no more support */
+		else
+		    rt = KEYDB_RESOURCE_TYPE_KEYRING;
+	    }
+	    else /* maybe empty: assume ring */
+		rt = KEYDB_RESOURCE_TYPE_KEYRING;
+	    fclose( fp );
+	}
+	else /* no file yet: create ring */
+	    rt = KEYDB_RESOURCE_TYPE_KEYRING;
+    }
+
+    switch (rt) {
+      case KEYDB_RESOURCE_TYPE_NONE:
+	log_error ("unknown type of key resource `%s'\n", url );
+	rc = G10ERR_GENERAL;
+	goto leave;
+
+      case KEYDB_RESOURCE_TYPE_KEYRING:
+        if (access(filename, F_OK))
+          { /* file does not exist */
+	    char *last_slash_in_filename;
+
+            if (!force) 
+              {
+                rc = G10ERR_OPEN_FILE;
+                goto leave;
+              }
+
+	    last_slash_in_filename = strrchr (filename, DIRSEP_C);
+	    *last_slash_in_filename = 0;
+	    if (access(filename, F_OK))
+              { /* on the first time we try to create the default
+		   homedir and in this case the process will be
+		   terminated, so that on the next invocation it can
+		   read the options file in on startup */
+		try_make_homedir (filename);
+		rc = G10ERR_OPEN_FILE;
+        	*last_slash_in_filename = DIRSEP_C;
+		goto leave;
+              }
+	    *last_slash_in_filename = DIRSEP_C;
+
+	    iobuf = iobuf_create (filename);
+	    if (!iobuf) 
+              {
+		log_error ( _("error creating keyring `%s': %s\n"),
+                            filename, strerror(errno));
+		rc = G10ERR_OPEN_FILE;
+		goto leave;
+              }
+
+#ifndef HAVE_DOSISH_SYSTEM
+            if (secret && !opt.preserve_permissions) 
+              {
+                if (chmod (filename, S_IRUSR | S_IWUSR) ) 
+                  {
+                    log_error (_("changing permission of "
+                                 " `%s' failed: %s\n"),
+                               filename, strerror(errno) );
+                    rc = G10ERR_WRITE_FILE;
+                    goto leave;
+                  }
+              }
+#endif
+            if (!opt.quiet)
+              log_info (_("keyring `%s' created\n"), filename);
+            iobuf_close (iobuf);
+            iobuf = NULL;
+            /* must invalidate that ugly cache */
+            iobuf_ioctl (NULL, 2, 0, (char*)filename);
+          } /* end file creation */
+
+        token = keyring_register_filename (filename, secret);
+        if (!token)
+          ; /* already registered - ignore it */
+        else if (used_resources >= MAX_KEYDB_RESOURCES)
+          rc = G10ERR_RESOURCE_LIMIT;
+        else 
+          {
+            all_resources[used_resources].type = rt;
+            all_resources[used_resources].u.kr = NULL; /* Not used here */
+            all_resources[used_resources].token = token;
+            all_resources[used_resources].secret = secret;
+            used_resources++;
+          }
+	break;
+
+      default:
+	log_error ("resource type of `%s' not supported\n", url);
+	rc = G10ERR_GENERAL;
+	goto leave;
+    }
+
+    /* fixme: check directory permissions and print a warning */
+
+  leave:
+    if (rc)
+	log_error ("keyblock resource `%s': %s\n", filename, g10_errstr(rc));
+    else if (secret)
+	any_secret = 1;
+    else
+	any_public = 1;
+    m_free (filename);
+    return rc;
+}
+
+
+
+
+KEYDB_HANDLE
+keydb_new (int secret)
+{
+  KEYDB_HANDLE hd;
+  int i, j;
+  
+  hd = m_alloc_clear (sizeof *hd);
+  hd->found = -1;
+  
+  assert (used_resources <= MAX_KEYDB_RESOURCES);
+  for (i=j=0; i < used_resources; i++)
+    {
+      if (!all_resources[i].secret != !secret)
+        continue;
+      switch (all_resources[i].type)
+        {
+        case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
+          break;
+        case KEYDB_RESOURCE_TYPE_KEYRING:
+          hd->active[j].type   = all_resources[i].type;
+          hd->active[j].token  = all_resources[i].token;
+          hd->active[j].secret = all_resources[i].secret;
+          hd->active[j].u.kr = keyring_new (all_resources[i].token, secret);
+          if (!hd->active[j].u.kr) {
+            m_free (hd);
+            return NULL; /* fixme: release all previously allocated handles*/
+          }
+          j++;
+          break;
+        }
+    }
+  hd->used = j;
+  
+  active_handles++;
+  return hd;
+}
+
+void 
+keydb_release (KEYDB_HANDLE hd)
+{
+    int i;
+
+    if (!hd)
+        return;
+    assert (active_handles > 0);
+    active_handles--;
+
+    unlock_all (hd);
+    for (i=0; i < hd->used; i++) {
+        switch (hd->active[i].type) {
+          case KEYDB_RESOURCE_TYPE_NONE:
+            break;
+          case KEYDB_RESOURCE_TYPE_KEYRING:
+            keyring_release (hd->active[i].u.kr);
+            break;
+        }
+    }
+
+    m_free (hd);
+}
+
+
+/*
+ * Return the name of the current resource.  This is function first
+ * looks for the last found found, then for the current search
+ * position, and last returns the first available resource.  The
+ * returned string is only valid as long as the handle exists.  This
+ * function does only return NULL if no handle is specified, in all
+ * other error cases an empty string is returned.
+ */
+const char *
+keydb_get_resource_name (KEYDB_HANDLE hd)
+{
+    int idx;
+    const char *s = NULL;
+
+    if (!hd) 
+        return NULL;
+
+    if ( hd->found >= 0 && hd->found < hd->used) 
+        idx = hd->found;
+    else if ( hd->current >= 0 && hd->current < hd->used) 
+        idx = hd->current;
+    else
+        idx = 0;
+
+    switch (hd->active[idx].type) {
+      case KEYDB_RESOURCE_TYPE_NONE:
+        s = NULL; 
+        break;
+      case KEYDB_RESOURCE_TYPE_KEYRING:
+        s = keyring_get_resource_name (hd->active[idx].u.kr);
+        break;
+    }
+
+    return s? s: "";
+}
+
+
+
+static int 
+lock_all (KEYDB_HANDLE hd)
+{
+    int i, rc = 0;
+
+    for (i=0; !rc && i < hd->used; i++) {
+        switch (hd->active[i].type) {
+          case KEYDB_RESOURCE_TYPE_NONE:
+            break;
+          case KEYDB_RESOURCE_TYPE_KEYRING:
+            rc = keyring_lock (hd->active[i].u.kr, 1);
+            break;
+        }
+    }
+
+    if (rc) {
+        /* revert the already set locks */
+        for (i--; i >= 0; i--) {
+            switch (hd->active[i].type) {
+              case KEYDB_RESOURCE_TYPE_NONE:
+                break;
+              case KEYDB_RESOURCE_TYPE_KEYRING:
+                keyring_lock (hd->active[i].u.kr, 0);
+                break;
+            }
+        }
+    }
+    else
+        hd->locked = 1;
+
+    return rc;
+}
+
+static void
+unlock_all (KEYDB_HANDLE hd)
+{
+    int i;
+
+    if (!hd->locked)
+        return;
+
+    for (i=hd->used-1; i >= 0; i--) {
+        switch (hd->active[i].type) {
+          case KEYDB_RESOURCE_TYPE_NONE:
+            break;
+          case KEYDB_RESOURCE_TYPE_KEYRING:
+            keyring_lock (hd->active[i].u.kr, 0);
+            break;
+        }
+    }
+    hd->locked = 0;
+}
+
+
+/*
+ * Return the last found keyring.  Caller must free it.
+ * The returned keyblock has the kbode flag bit 0 set for the node with
+ * the public key used to locate the keyblock or flag bit 1 set for 
+ * the user ID node.
+ */
+int
+keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
+{
+    int rc = 0;
+
+    if (!hd)
+        return G10ERR_INV_ARG;
+
+    if ( hd->found < 0 || hd->found >= hd->used) 
+        return -1; /* nothing found */
+
+    switch (hd->active[hd->found].type) {
+      case KEYDB_RESOURCE_TYPE_NONE:
+        rc = G10ERR_GENERAL; /* oops */
+        break;
+      case KEYDB_RESOURCE_TYPE_KEYRING:
+        rc = keyring_get_keyblock (hd->active[hd->found].u.kr, ret_kb);
+        break;
+    }
+
+    return rc;
+}
+
+/* 
+ * update the current keyblock with KB
+ */
+int
+keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb)
+{
+    int rc = 0;
+
+    if (!hd)
+        return G10ERR_INV_ARG;
+
+    if ( hd->found < 0 || hd->found >= hd->used) 
+        return -1; /* nothing found */
+
+    if( opt.dry_run )
+	return 0;
+
+    rc = lock_all (hd);
+    if (rc)
+        return rc;
+
+    switch (hd->active[hd->found].type) {
+      case KEYDB_RESOURCE_TYPE_NONE:
+        rc = G10ERR_GENERAL; /* oops */
+        break;
+      case KEYDB_RESOURCE_TYPE_KEYRING:
+        rc = keyring_update_keyblock (hd->active[hd->found].u.kr, kb);
+        break;
+    }
+
+    unlock_all (hd);
+    return rc;
+}
+
+
+/* 
+ * Insert a new KB into one of the resources. 
+ */
+int
+keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb)
+{
+    int rc = -1;
+    int idx;
+
+    if (!hd) 
+        return G10ERR_INV_ARG;
+
+    if( opt.dry_run )
+	return 0;
+
+    if ( hd->found >= 0 && hd->found < hd->used) 
+        idx = hd->found;
+    else if ( hd->current >= 0 && hd->current < hd->used) 
+        idx = hd->current;
+    else
+        return G10ERR_GENERAL;
+
+    rc = lock_all (hd);
+    if (rc)
+        return rc;
+
+    switch (hd->active[idx].type) {
+      case KEYDB_RESOURCE_TYPE_NONE:
+        rc = G10ERR_GENERAL; /* oops */
+        break;
+      case KEYDB_RESOURCE_TYPE_KEYRING:
+        rc = keyring_insert_keyblock (hd->active[idx].u.kr, kb);
+        break;
+    }
+
+    unlock_all (hd);
+    return rc;
+}
+
+
+/* 
+ * The current keyblock will be deleted.
+ */
+int
+keydb_delete_keyblock (KEYDB_HANDLE hd)
+{
+    int rc = -1;
+
+    if (!hd)
+        return G10ERR_INV_ARG;
+
+    if ( hd->found < 0 || hd->found >= hd->used) 
+        return -1; /* nothing found */
+
+    if( opt.dry_run )
+	return 0;
+
+    rc = lock_all (hd);
+    if (rc)
+        return rc;
+
+    switch (hd->active[hd->found].type) {
+      case KEYDB_RESOURCE_TYPE_NONE:
+        rc = G10ERR_GENERAL; /* oops */
+        break;
+      case KEYDB_RESOURCE_TYPE_KEYRING:
+        rc = keyring_delete_keyblock (hd->active[hd->found].u.kr);
+        break;
+    }
+
+    unlock_all (hd);
+    return rc;
+}
+
+
+/*
+ * Locate the default writable key resource, so that the next
+ * operation (which is only relevant for inserts) will be done on this
+ * resource.  
+ */
+int
+keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
+{
+  int rc;
+  
+  if (!hd)
+    return G10ERR_INV_ARG;
+  
+  rc = keydb_search_reset (hd); /* this does reset hd->current */
+  if (rc)
+    return rc;
+
+  for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++) 
+    {
+      switch (hd->active[hd->current].type) 
+        {
+        case KEYDB_RESOURCE_TYPE_NONE:
+          BUG();
+          break;
+        case KEYDB_RESOURCE_TYPE_KEYRING:
+          if (keyring_is_writable (hd->active[hd->current].token))
+            return 0; /* found (hd->current is set to it) */
+          break;
+        }
+    }
+  
+  return -1;
+}
+
+/*
+ * Rebuild the caches of all key resources.
+ */
+void
+keydb_rebuild_caches (void)
+{
+  int i, rc;
+  
+  for (i=0; i < used_resources; i++)
+    {
+      if (all_resources[i].secret)
+        continue;
+      switch (all_resources[i].type)
+        {
+        case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
+          break;
+        case KEYDB_RESOURCE_TYPE_KEYRING:
+          rc = keyring_rebuild_cache (all_resources[i].token);
+          if (rc)
+            log_error (_("failed to rebuild keyring cache: %s\n"),
+                       g10_errstr (rc));
+          break;
+        }
+    }
+}
+
+
+
+/* 
+ * Start the next search on this handle right at the beginning
+ */
+int 
+keydb_search_reset (KEYDB_HANDLE hd)
+{
+    int i, rc = 0;
+
+    if (!hd)
+        return G10ERR_INV_ARG;
+
+    hd->current = 0; 
+    hd->found = -1;
+    /* and reset all resources */
+    for (i=0; !rc && i < hd->used; i++) {
+        switch (hd->active[i].type) {
+          case KEYDB_RESOURCE_TYPE_NONE:
+            break;
+          case KEYDB_RESOURCE_TYPE_KEYRING:
+            rc = keyring_search_reset (hd->active[i].u.kr);
+            break;
+        }
+    }
+    return rc; 
+}
+
+
+/* 
+ * Search through all keydb resources, starting at the current position,
+ * for a keyblock which contains one of the keys described in the DESC array.
+ */
+int 
+keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
+{
+    int rc = -1;
+
+    if (!hd)
+        return G10ERR_INV_ARG;
+
+    while (rc == -1 && hd->current >= 0 && hd->current < hd->used) {
+        switch (hd->active[hd->current].type) {
+          case KEYDB_RESOURCE_TYPE_NONE:
+            BUG(); /* we should never see it here */
+            break;
+          case KEYDB_RESOURCE_TYPE_KEYRING:
+            rc = keyring_search (hd->active[hd->current].u.kr, desc, ndesc);
+            break;
+        }
+        if (rc == -1) /* EOF -> switch to next resource */
+            hd->current++; 
+        else if (!rc)
+            hd->found = hd->current;
+    }
+
+    return rc; 
+}
+
+
+int
+keydb_search_first (KEYDB_HANDLE hd)
+{
+    KEYDB_SEARCH_DESC desc;
+
+    memset (&desc, 0, sizeof desc);
+    desc.mode = KEYDB_SEARCH_MODE_FIRST;
+    return keydb_search (hd, &desc, 1);
+}
+
+int
+keydb_search_next (KEYDB_HANDLE hd)
+{
+    KEYDB_SEARCH_DESC desc;
+
+    memset (&desc, 0, sizeof desc);
+    desc.mode = KEYDB_SEARCH_MODE_NEXT;
+    return keydb_search (hd, &desc, 1);
+}
+
+int
+keydb_search_kid (KEYDB_HANDLE hd, u32 *kid)
+{
+    KEYDB_SEARCH_DESC desc;
+
+    memset (&desc, 0, sizeof desc);
+    desc.mode = KEYDB_SEARCH_MODE_LONG_KID;
+    desc.u.kid[0] = kid[0];
+    desc.u.kid[1] = kid[1];
+    return keydb_search (hd, &desc, 1);
+}
+
+int
+keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr)
+{
+    KEYDB_SEARCH_DESC desc;
+
+    memset (&desc, 0, sizeof desc);
+    desc.mode = KEYDB_SEARCH_MODE_FPR;
+    memcpy (desc.u.fpr, fpr, MAX_FINGERPRINT_LEN);
+    return keydb_search (hd, &desc, 1);
+}
+
+
+
diff --git a/g10/keydb.h b/g10/keydb.h
index c2131ada7..34d02d702 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -1,5 +1,5 @@
 /* keydb.h - Key database
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -18,14 +18,18 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
-#ifndef GPG_KEYDB_H
-#define GPG_KEYDB_H
+#ifndef G10_KEYDB_H
+#define G10_KEYDB_H
 
 #include "types.h"
-#include "basicdefs.h"
+#include "global.h"
 #include "packet.h"
+#include "cipher.h"
 
-#define MAX_FINGERPRINT_LEN 20
+/* What qualifies as a certification (rather than a signature?) */
+#define IS_SIG(s) (((s)->sig_class==0x00) || ((s)->sig_class==0x01) || \
+		   ((s)->sig_class==0x02) || ((s)->sig_class==0x40))
+#define IS_CERT(s) (!IS_SIG(s))
 
 #define IS_KEY_SIG(s)    ((s)->sig_class == 0x1f)
 #define IS_UID_SIG(s)    (((s)->sig_class & ~3) == 0x10)
@@ -35,7 +39,6 @@
 #define IS_SUBKEY_REV(s) ((s)->sig_class == 0x28)
 
 
-
 struct getkey_ctx_s;
 typedef struct getkey_ctx_s *GETKEY_CTX;
 
@@ -47,7 +50,6 @@ typedef struct getkey_ctx_s *GETKEY_CTX;
  * This structure is also used to bind arbitrary packets together.
  */
 
-typedef struct kbnode_struct *KBNODE;
 struct kbnode_struct {
     KBNODE next;
     PACKET *pkt;
@@ -62,19 +64,28 @@ struct kbnode_struct {
 
 enum resource_type {
     rt_UNKNOWN = 0,
-    rt_RING = 1,
-    rt_KBXF = 2
+    rt_RING = 1
 };
 
 
 /****************
- * A data structure to hold information about the external position
+ * A data structre to hold information about the external position
  * of a keyblock.
  */
-struct keyblock_pos_struct;
-typedef struct keyblock_pos_struct *KBPOS;
+struct keyblock_pos_struct {
+    int   resno;     /* resource number */
+    enum resource_type rt;
+    off_t offset;    /* position information */
+    unsigned count;  /* length of the keyblock in packets */
+    IOBUF  fp;	     /* used by enum_keyblocks */
+    int secret;      /* working on a secret keyring */
+    PACKET *pkt;     /* ditto */
+    int valid;
+};
+typedef struct keyblock_pos_struct KBPOS;
 
 /* structure to hold a couple of public key certificates */
+typedef struct pk_list *PK_LIST;
 struct pk_list {
     PK_LIST next;
     PKT_public_key *pk;
@@ -82,18 +93,82 @@ struct pk_list {
 };
 
 /* structure to hold a couple of secret key certificates */
+typedef struct sk_list *SK_LIST;
 struct sk_list {
     SK_LIST next;
     PKT_secret_key *sk;
     int mark;
 };
 
+/* structure to collect all information which can be used to
+ * identify a public key */
+typedef struct pubkey_find_info *PUBKEY_FIND_INFO;
+struct pubkey_find_info {
+    u32  keyid[2];
+    unsigned nbits;
+    byte pubkey_algo;
+    byte fingerprint[MAX_FINGERPRINT_LEN];
+    char userid[1];
+};
+
+
+typedef struct keydb_handle *KEYDB_HANDLE;
+
+typedef enum {
+    KEYDB_SEARCH_MODE_NONE,
+    KEYDB_SEARCH_MODE_EXACT,
+    KEYDB_SEARCH_MODE_SUBSTR,
+    KEYDB_SEARCH_MODE_MAIL,
+    KEYDB_SEARCH_MODE_MAILSUB,
+    KEYDB_SEARCH_MODE_MAILEND,
+    KEYDB_SEARCH_MODE_WORDS,
+    KEYDB_SEARCH_MODE_SHORT_KID,
+    KEYDB_SEARCH_MODE_LONG_KID,
+    KEYDB_SEARCH_MODE_FPR16,
+    KEYDB_SEARCH_MODE_FPR20,
+    KEYDB_SEARCH_MODE_FPR,
+    KEYDB_SEARCH_MODE_FIRST,
+    KEYDB_SEARCH_MODE_NEXT
+} KeydbSearchMode;
+
+struct keydb_search_desc {
+    KeydbSearchMode mode;
+    int (*skipfnc)(void *,u32*);
+    void *skipfncvalue;
+    union {
+        const char *name;
+        char fpr[MAX_FINGERPRINT_LEN];
+        u32  kid[2];
+    } u;
+};
+
+/*-- keydb.c --*/
+int keydb_add_resource (const char *url, int force, int secret);
+KEYDB_HANDLE keydb_new (int secret);
+void keydb_release (KEYDB_HANDLE hd);
+const char *keydb_get_resource_name (KEYDB_HANDLE hd);
+int keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb);
+int keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb);
+int keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb);
+int keydb_delete_keyblock (KEYDB_HANDLE hd);
+int keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved);
+void keydb_rebuild_caches (void);
+int keydb_search_reset (KEYDB_HANDLE hd);
+int keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc);
+int keydb_search_first (KEYDB_HANDLE hd);
+int keydb_search_next (KEYDB_HANDLE hd);
+int keydb_search_kid (KEYDB_HANDLE hd, u32 *kid);
+int keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr);
+
 
 /*-- pkclist.c --*/
+void show_revocation_reason( PKT_public_key *pk, int mode );
 int  check_signatures_trust( PKT_signature *sig );
 void release_pk_list( PK_LIST pk_list );
-int  build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use );
-int  select_algo_from_prefs( PK_LIST pk_list, int preftype );
+int  build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use );
+int select_algo_from_prefs( PK_LIST pk_list, int preftype,
+			    int request, void *hint );
+int  select_mdc_from_pklist (PK_LIST pk_list);
 
 /*-- skclist.c --*/
 void release_sk_list( SK_LIST sk_list );
@@ -105,18 +180,19 @@ int  have_static_passphrase(void);
 void read_passphrase_from_fd( int fd );
 void passphrase_clear_cache ( u32 *keyid, int algo );
 DEK *passphrase_to_dek( u32 *keyid, int pubkey_algo,
-			int cipher_algo, STRING2KEY *s2k, int mode);
+			int cipher_algo, STRING2KEY *s2k, int mode,
+                        const char *tryagain_text);
 void set_next_passphrase( const char *s );
 char *get_last_passphrase(void);
 
 /*-- getkey.c --*/
-int classify_user_id( const char *name, u32 *keyid, byte *fprint,
-		      const char **retstr, size_t *retlen );
+int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc);
+void cache_public_key( PKT_public_key *pk );
 void getkey_disable_caches(void);
 int get_pubkey( PKT_public_key *pk, u32 *keyid );
 KBNODE get_pubkeyblock( u32 *keyid );
-int get_pubkey_byname( GETKEY_CTX *rx, PKT_public_key *pk,
-		       const char *name, KBNODE *ret_keyblock );
+int get_pubkey_byname( PKT_public_key *pk,  const char *name,
+                       KBNODE *ret_keyblock, KEYDB_HANDLE *ret_kdbhd);
 int get_pubkey_bynames( GETKEY_CTX *rx, PKT_public_key *pk,
 			STRLIST names, KBNODE *ret_keyblock );
 int get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock );
@@ -129,25 +205,21 @@ int get_keyblock_byfprint( KBNODE *ret_keyblock, const byte *fprint,
 						 size_t fprint_len );
 int get_keyblock_bylid( KBNODE *ret_keyblock, ulong lid );
 int seckey_available( u32 *keyid );
-int get_seckey_byname( GETKEY_CTX *rx,
-                       PKT_secret_key *sk, const char *name, int unlock,
-                       KBNODE *retblock );
+int get_seckey_byname( PKT_secret_key *sk, const char *name, int unlock );
 int get_seckey_bynames( GETKEY_CTX *rx, PKT_secret_key *sk,
 			STRLIST names, KBNODE *ret_keyblock );
+int get_seckey_byfprint( PKT_secret_key *sk,
+			 const byte *fprint, size_t fprint_len);
 int get_seckey_next( GETKEY_CTX ctx, PKT_secret_key *sk, KBNODE *ret_keyblock );
 void get_seckey_end( GETKEY_CTX ctx );
-int find_keyblock_byname( KBNODE *retblock, const char *username );
-int find_secret_keyblock_byname( KBNODE *retblock, const char *username );
-int find_keyblock_bypk( KBNODE *retblock, PKT_public_key *pk );
-int find_keyblock_bysk( KBNODE *retblock, PKT_secret_key *sk );
-
 int enum_secret_keys( void **context, PKT_secret_key *sk, int with_subkeys );
 void merge_keys_and_selfsig( KBNODE keyblock );
-void merge_public_with_secret ( KBNODE pubblock, KBNODE secblock );
 char*get_user_id_string( u32 *keyid );
 char*get_user_id_string_native( u32 *keyid );
 char*get_long_user_id_string( u32 *keyid );
 char*get_user_id( u32 *keyid, size_t *rn );
+char*get_user_id_native( u32 *keyid );
+KEYDB_HANDLE get_ctx_handle(GETKEY_CTX ctx);
 
 /*-- keyid.c --*/
 int pubkey_letter( int algo );
@@ -162,12 +234,16 @@ const char *datestr_from_sk( PKT_secret_key *sk );
 const char *datestr_from_sig( PKT_signature *sig );
 const char *expirestr_from_pk( PKT_public_key *pk );
 const char *expirestr_from_sk( PKT_secret_key *sk );
+const char *expirestr_from_sig( PKT_signature *sig );
+
+const char *colon_strtime (u32 t);
+const char *colon_datestr_from_pk (PKT_public_key *pk);
+const char *colon_datestr_from_sk (PKT_secret_key *sk);
+const char *colon_datestr_from_sig (PKT_signature *sig);
+const char *colon_expirestr_from_sig (PKT_signature *sig);
+
 byte *fingerprint_from_sk( PKT_secret_key *sk, byte *buf, size_t *ret_len );
 byte *fingerprint_from_pk( PKT_public_key *pk, byte *buf, size_t *ret_len );
-char *unified_fingerprint_from_pk( PKT_public_key *pk,
-                                   char *buffer, size_t bufsize );
-char *unified_fingerprint_from_sk( PKT_secret_key *sk,
-                                   char *buffer, size_t bufsize );
 
 /*-- kbnode.c --*/
 KBNODE new_kbnode( PACKET *pkt );
@@ -186,18 +262,4 @@ void clear_kbnode_flags( KBNODE n );
 int  commit_kbnode( KBNODE *root );
 void dump_kbnode( KBNODE node );
 
-/*-- ringedit.c --*/
-const char *enum_keyblock_resources( int *sequence, int secret );
-int add_keyblock_resource( const char *resname, int force, int secret );
-const char *keyblock_resource_name( KBPOS kbpos );
-int get_keyblock_handle( const char *filename, int secret, KBPOS kbpos );
-char *get_writable_keyblock_file( int secret );
-int  enum_keyblocks_begin( KBPOS *kbpos, int mode );
-int  enum_keyblocks_next( KBPOS kbpos, int mode, KBNODE *ret_root );
-void enum_keyblocks_end( KBPOS kbpos );
-int insert_keyblock( KBNODE keyblock );
-int delete_keyblock( KBNODE keyblock );
-int update_keyblock( KBNODE keyblock );
-
-
-#endif /*GPG_KEYDB_H*/
+#endif /*G10_KEYDB_H*/
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 095e43baf..db811ac0c 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1,5 +1,5 @@
 /* keyedit.c - keyedit stuff
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -31,7 +31,8 @@
 #include "errors.h"
 #include "iobuf.h"
 #include "keydb.h"
-#include <gcrypt.h>
+#include "memory.h"
+#include "photoid.h"
 #include "util.h"
 #include "main.h"
 #include "trustdb.h"
@@ -40,26 +41,32 @@
 #include "status.h"
 #include "i18n.h"
 
-static void show_prefs( KBNODE keyblock, PKT_user_id *uid );
-static void show_key_with_all_names( KBNODE keyblock,
-	    int only_marked, int with_fpr, int with_subkeys, int with_prefs );
+static void show_prefs( PKT_user_id *uid, int verbose );
+static void show_key_with_all_names( KBNODE keyblock, int only_marked,
+	    int with_revoker, int with_fpr, int with_subkeys, int with_prefs );
 static void show_key_and_fingerprint( KBNODE keyblock );
-static void show_fingerprint( PKT_public_key *pk );
-static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock );
+static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock, int photo );
 static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
 static int  menu_delsig( KBNODE pub_keyblock );
 static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
+static int menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock );
 static int menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock );
+static int menu_set_primary_uid( KBNODE pub_keyblock, KBNODE sec_keyblock );
+static int menu_set_preferences( KBNODE pub_keyblock, KBNODE sec_keyblock );
 static int menu_select_uid( KBNODE keyblock, int idx );
 static int menu_select_key( KBNODE keyblock, int idx );
 static int count_uids( KBNODE keyblock );
 static int count_uids_with_flag( KBNODE keyblock, unsigned flag );
 static int count_keys_with_flag( KBNODE keyblock, unsigned flag );
 static int count_selected_uids( KBNODE keyblock );
+static int real_uids_left( KBNODE keyblock );
 static int count_selected_keys( KBNODE keyblock );
 static int menu_revsig( KBNODE keyblock );
 static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
 static int enable_disable_key( KBNODE keyblock, int disable );
+static void menu_showphoto( KBNODE keyblock );
+
+static int update_trust=0;
 
 #define CONTROL_D ('D' - 'A' + 1)
 
@@ -68,41 +75,19 @@ static int enable_disable_key( KBNODE keyblock, int disable );
 #define NODFLG_SIGERR (1<<2)  /* other sig error */
 
 #define NODFLG_MARK_A (1<<4)  /* temporary mark */
+#define NODFLG_DELSIG (1<<5)  /* to be deleted */
 
 #define NODFLG_SELUID (1<<8)  /* indicate the selected userid */
 #define NODFLG_SELKEY (1<<9)  /* indicate the selected key */
 #define NODFLG_SELSIG (1<<10) /* indicate a selected signature */
 
-
 struct sign_attrib {
-    int non_exportable;
+    int non_exportable,non_revocable;
     struct revocation_reason_info *reason;
 };
 
-
-
-
-static int
-get_keyblock_byname( KBNODE *keyblock, KBPOS *kbpos, const char *username )
-{
-    int rc;
-
-    *keyblock = NULL;
-    /* search the userid */
-    rc = find_keyblock_byname( keyblock, username );
-    if( rc ) {
-	log_error(_("%s: user not found: %s\n"), username, gpg_errstr(rc) );
-	return rc;
-    }
-
-    merge_keys_and_selfsig( *keyblock );
-
-    return rc;
-}
-
-
 /****************
- * Print information about a signature, chek it and return true
+ * Print information about a signature, check it and return true
  * if the signature is okay. NODE must be a signature packet.
  */
 static int
@@ -119,13 +104,14 @@ print_and_check_one_sig( KBNODE keyblock, KBNODE node,
 	node->flag &= ~(NODFLG_BADSIG|NODFLG_NOKEY|NODFLG_SIGERR);
 	sigrc = '!';
 	break;
-      case GPGERR_BAD_SIGN:
+      case G10ERR_BAD_SIGN:
 	node->flag = NODFLG_BADSIG;
 	sigrc = '-';
 	if( inv_sigs )
 	    ++*inv_sigs;
 	break;
-      case GPGERR_NO_PUBKEY:
+      case G10ERR_NO_PUBKEY:
+      case G10ERR_UNU_PUBKEY:
 	node->flag = NODFLG_NOKEY;
 	sigrc = '?';
 	if( no_key )
@@ -139,11 +125,18 @@ print_and_check_one_sig( KBNODE keyblock, KBNODE node,
 	break;
     }
     if( sigrc != '?' || print_without_key ) {
-	tty_printf("%s%c       %08lX %s   ",
-		is_rev? "rev":"sig",
-		sigrc, sig->keyid[1], datestr_from_sig(sig));
+        tty_printf("%s%c%c %c%c%c%c%c %08lX %s   ",
+		   is_rev? "rev":"sig",sigrc,
+		   (sig->sig_class-0x10>0 &&
+		    sig->sig_class-0x10<4)?'0'+sig->sig_class-0x10:' ',
+		   sig->flags.exportable?' ':'L',
+		   sig->flags.revocable?' ':'R',
+		   sig->flags.policy_url?'P':' ',
+		   sig->flags.notation?'N':' ',
+                   sig->flags.expired?'X':' ',
+		   (ulong)sig->keyid[1], datestr_from_sig(sig));
 	if( sigrc == '%' )
-	    tty_printf("[%s] ", gpg_errstr(rc) );
+	    tty_printf("[%s] ", g10_errstr(rc) );
 	else if( sigrc == '?' )
 	    ;
 	else if( *is_selfsig ) {
@@ -154,10 +147,17 @@ print_and_check_one_sig( KBNODE keyblock, KBNODE node,
 	    size_t n;
 	    char *p = get_user_id( sig->keyid, &n );
 	    tty_print_utf8_string2( p, n, 40 );
-	    gcry_free(p);
+	    m_free(p);
 	}
 	tty_printf("\n");
+
+	if(sig->flags.policy_url && opt.show_policy_url)
+	  show_policy_url(sig,3);
+
+	if(sig->flags.notation && opt.show_notation)
+	  show_notation(sig,3);
     }
+
     return (sigrc == '!');
 }
 
@@ -212,7 +212,7 @@ check_all_keysigs( KBNODE keyblock, int only_selected )
     if( !has_selfsig )
 	mis_selfsig++;
     if( inv_sigs == 1 )
-	tty_printf(_("1 bad signature\n"), inv_sigs );
+	tty_printf(_("1 bad signature\n") );
     else if( inv_sigs )
 	tty_printf(_("%d bad signatures\n"), inv_sigs );
     if( no_key == 1 )
@@ -245,6 +245,12 @@ sign_mk_attrib( PKT_signature *sig, void *opaque )
 	buf[0] = 0; /* not exportable */
 	build_sig_subpkt( sig, SIGSUBPKT_EXPORTABLE, buf, 1 );
     }
+
+    if( attrib->non_revocable ) {
+	buf[0] = 0; /* not revocable */
+	build_sig_subpkt( sig, SIGSUBPKT_REVOCABLE, buf, 1 );
+    }
+
     if( attrib->reason )
 	revocation_reason_build_cb( sig, attrib->reason );
 
@@ -259,7 +265,8 @@ sign_mk_attrib( PKT_signature *sig, void *opaque )
  * if some user_ids are marked those will be signed.
  */
 static int
-sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
+sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
+	   int local , int nonrevocable )
 {
     int rc = 0;
     SK_LIST sk_list = NULL;
@@ -268,18 +275,40 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
     KBNODE node, uidnode;
     PKT_public_key *primary_pk=NULL;
     int select_all = !count_selected_uids(keyblock);
-    int upd_trust = 0;
-
-    /* build a list of all signators */
-    rc=build_sk_list( locusr, &sk_list, 0, 1 );
+    int all_v3=1;
+
+    /* Are there any non-v3 sigs on this key already? */
+    if(opt.pgp2)
+      for(node=keyblock;node;node=node->next)
+	if(node->pkt->pkttype==PKT_SIGNATURE &&
+	   node->pkt->pkt.signature->version>3)
+	  {
+	    all_v3=0;
+	    break;
+	  }
+
+    /* build a list of all signators.
+     *    
+     * We use the CERT flag to request the primary which must always
+     * be one which is capable of signing keys.  I can't see a reason
+     * why to sign keys using a subkey.  Implementation of USAGE_CERT
+     * is just a hack in getkey.c and does not mean that a subkey
+     * marked as certification capable will be used */
+    rc=build_sk_list( locusr, &sk_list, 0, PUBKEY_USAGE_SIG|PUBKEY_USAGE_CERT);
     if( rc )
 	goto leave;
 
-    /* loop over all signaturs */
+    /* loop over all signators */
     for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
-	u32 sk_keyid[2];
+        u32 sk_keyid[2],pk_keyid[2];
 	size_t n;
 	char *p;
+	int force_v4=0,class=0,selfsig=0;
+	u32 duration=0,timestamp=0;
+
+	if(local || nonrevocable ||
+	   opt.cert_policy_url || opt.cert_notation_data)
+	  force_v4=1;
 
 	/* we have to use a copy of the sk, because make_keysig_packet
 	 * may remove the protection from sk and if we did other
@@ -299,18 +328,129 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
 	/* reset mark for uids which are already signed */
 	uidnode = NULL;
 	for( node=keyblock; node; node = node->next ) {
-	    if( node->pkt->pkttype == PKT_USER_ID ) {
+	    if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
+  	        primary_pk=node->pkt->pkt.public_key;
+		keyid_from_pk( primary_pk, pk_keyid );
+
+		/* Is this a self-sig? */
+		if(pk_keyid[0]==sk_keyid[0] && pk_keyid[1]==sk_keyid[1])
+		  {
+		    selfsig=1;
+		    /* Do not force a v4 sig here, otherwise it would
+                       be difficult to remake a v3 selfsig.  If this
+                       is a v3->v4 promotion case, then we set
+                       force_v4 later anyway. */
+		    force_v4=0;
+		  }
+	    }
+	    else if( node->pkt->pkttype == PKT_USER_ID ) {
 		uidnode = (node->flag & NODFLG_MARK_A)? node : NULL;
+		if(uidnode)
+		  {
+		    char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
+					      uidnode->pkt->pkt.user_id->len,
+					      0);
+
+		    if(uidnode->pkt->pkt.user_id->is_revoked)
+		      {
+			tty_printf(_("User ID \"%s\" is revoked."),user);
+
+			if(opt.expert)
+			  {
+			    tty_printf("\n");
+			    /* No, so remove the mark and continue */
+			    if(!cpr_get_answer_is_yes("sign_uid.revoke_okay",
+						      _("Are you sure you "
+							"still want to sign "
+							"it? (y/N) ")))
+			      uidnode->flag &= ~NODFLG_MARK_A;
+			  }
+			else
+			  {
+			    uidnode->flag &= ~NODFLG_MARK_A;
+			    tty_printf(_("  Unable to sign.\n"));
+			  }
+		      }
+		    else if(!uidnode->pkt->pkt.user_id->created)
+		      {
+			tty_printf(_("Warning: user ID \"%s\" is not "
+				     "self-signed.\n"),user);
+		      }
+
+		    m_free(user);
+		  }
 	    }
 	    else if( uidnode && node->pkt->pkttype == PKT_SIGNATURE
 		&& (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) {
 		if( sk_keyid[0] == node->pkt->pkt.signature->keyid[0]
 		    && sk_keyid[1] == node->pkt->pkt.signature->keyid[1] ) {
+                    char buf[50];
+		    char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
+					      uidnode->pkt->pkt.user_id->len,
+					      0);
+
+		    /* It's a v3 self-sig.  Make it into a v4 self-sig? */
+		    if(node->pkt->pkt.signature->version<4 && selfsig)
+		      {
+			tty_printf(_("The self-signature on \"%s\"\n"
+				     "is a PGP 2.x-style signature.\n"),user);
+ 
+			/* Note that the regular PGP2 warning below
+			   still applies if there are no v4 sigs on
+			   this key at all. */
+
+			if(opt.expert)
+			  if(cpr_get_answer_is_yes("sign_uid.v4_promote_okay",
+						   _("Do you want to promote "
+						     "it to an OpenPGP self-"
+						     "signature? (y/N) ")))
+			    {
+			      force_v4=1;
+			      node->flag|=NODFLG_DELSIG;
+			      continue;
+			    }
+		      }
+
+		    if(!node->pkt->pkt.signature->flags.exportable && !local)
+		      {
+			/* It's a local sig, and we want to make a
+                           exportable sig. */
+			tty_printf(_("Your current signature on \"%s\"\n"
+				     "is a local signature.\n"),user);
+
+			if(cpr_get_answer_is_yes("sign_uid.local_promote_okay",
+						 _("Do you want to promote "
+						   "it to a full exportable "
+						   "signature? (y/N) ")))
+			  {
+			    /* Mark these for later deletion.  We
+                               don't want to delete them here, just in
+                               case the replacement signature doesn't
+                               happen for some reason.  We only delete
+                               these after the replacement is already
+                               in place. */
+
+			    node->flag|=NODFLG_DELSIG;
+			    continue;
+			  }
+		      }
+
 		    /* Fixme: see whether there is a revocation in which
 		     * case we should allow to sign it again. */
-		    tty_printf(_("Already signed by key %08lX\n"),
-							(ulong)sk_keyid[1] );
+                    if (!node->pkt->pkt.signature->flags.exportable && local)
+                      tty_printf(_(
+                         "\"%s\" was already locally signed by key %08lX\n"),
+				 user,(ulong)sk_keyid[1] );
+                    else
+                      tty_printf(_(
+                         "\"%s\" was already signed by key %08lX\n"),
+                                 user,(ulong)sk_keyid[1] );
+                    sprintf (buf, "%08lX%08lX",
+                             (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
+                    write_status_text (STATUS_ALREADY_SIGNED, buf);
 		    uidnode->flag &= ~NODFLG_MARK_A; /* remove mark */
+
+		    m_free(user);
 		}
 	    }
 	}
@@ -322,25 +462,186 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
 	}
 	/* Ask whether we really should sign these user id(s) */
 	tty_printf("\n");
-	show_key_with_all_names( keyblock, 1, 1, 0, 0 );
+	show_key_with_all_names( keyblock, 1, 0, 1, 0, 0 );
 	tty_printf("\n");
-	tty_printf(_(
-	     "Are you really sure that you want to sign this key\n"
-	     "with your key: \""));
+
+	if(primary_pk->expiredate && !selfsig)
+	  {
+	    u32 now=make_timestamp();
+
+	    if(primary_pk->expiredate<=now)
+	      {
+		tty_printf(_("This key has expired!"));
+
+		if(opt.expert)
+		  {
+		    tty_printf("  ");
+		    if(!cpr_get_answer_is_yes("sign_uid.expired_okay",
+					      _("Are you sure you still "
+						"want to sign it? (y/N) ")))
+		      continue;
+		  }
+		else
+		  {
+		    tty_printf(_("  Unable to sign.\n"));
+		    continue;
+		  }
+	      }
+	    else
+	      {
+		char *answer;
+
+		tty_printf(_("This key is due to expire on %s.\n"),
+			   expirestr_from_pk(primary_pk));
+
+		answer=cpr_get("sign_uid.expire",
+			       _("Do you want your signature to "
+				 "expire at the same time? (Y/n) "));
+		if(answer_is_yes_no_default(answer,1))
+		  {
+		    /* This fixes the signature timestamp we're going
+		       to make as now.  This is so the expiration date
+		       is exactly correct, and not a few seconds off
+		       (due to the time it takes to answer the
+		       questions, enter the passphrase, etc). */
+		    timestamp=now;
+		    duration=primary_pk->expiredate-now;
+		    force_v4=1;
+		  }
+
+		cpr_kill_prompt();
+		m_free(answer);
+	      }
+	  }
+
+	/* Only ask for duration if we haven't already set it to match
+           the expiration of the pk */
+	if(opt.ask_cert_expire && !duration && !selfsig)
+	  duration=ask_expire_interval(1);
+
+	if(duration)
+	  force_v4=1;
+
+	/* Is --pgp2 on, it's a v3 key, all the sigs on the key are
+	   currently v3 and we're about to sign it with a v4 sig?  If
+	   so, danger! */
+	if(opt.pgp2 && all_v3 &&
+	   (sk->version>3 || force_v4) && primary_pk->version<=3)
+	  {
+	    tty_printf(_("You may not make an OpenPGP signature on a "
+			 "PGP 2.x key while in --pgp2 mode.\n"));
+	    tty_printf(_("This would make the key unusable in PGP 2.x.\n"));
+
+	    if(opt.expert)
+	      {
+		if(!cpr_get_answer_is_yes("sign_uid.v4_on_v3_okay",
+					  _("Are you sure you still "
+					    "want to sign it? (y/N) ")))
+		  continue;
+
+		all_v3=0;
+	      }
+	    else
+	      continue;
+	  }
+
+	if(selfsig)
+	  ;
+	else if(opt.batch)
+	  class=0x10+opt.def_cert_check_level;
+	else
+	  {
+	    char *answer;
+
+	    tty_printf(_("How carefully have you verified the key you are "
+			 "about to sign actually belongs\nto the person named "
+			 "above?  If you don't know what to answer, enter \"0\".\n"));
+	    tty_printf("\n");
+	    tty_printf(_("   (0) I will not answer.%s\n"),
+		       opt.def_cert_check_level==0?" (default)":"");
+	    tty_printf(_("   (1) I have not checked at all.%s\n"),
+		       opt.def_cert_check_level==1?" (default)":"");
+	    tty_printf(_("   (2) I have done casual checking.%s\n"),
+		       opt.def_cert_check_level==2?" (default)":"");
+	    tty_printf(_("   (3) I have done very careful checking.%s\n"),
+		       opt.def_cert_check_level==3?" (default)":"");
+	    tty_printf("\n");
+
+	    while(class==0)
+	      {
+		answer = cpr_get("sign_uid.class",_("Your selection? "));
+
+		if(answer[0]=='\0')
+		  class=0x10+opt.def_cert_check_level; /* Default */
+		else if(ascii_strcasecmp(answer,"0")==0)
+		  class=0x10; /* Generic */
+		else if(ascii_strcasecmp(answer,"1")==0)
+		  class=0x11; /* Persona */
+		else if(ascii_strcasecmp(answer,"2")==0)
+		  class=0x12; /* Casual */
+		else if(ascii_strcasecmp(answer,"3")==0)
+		  class=0x13; /* Positive */
+		else
+		  tty_printf(_("Invalid selection.\n"));
+
+		m_free(answer);
+	      }
+	  }
+
+	tty_printf(_("Are you really sure that you want to sign this key\n"
+		     "with your key: \""));
 	p = get_user_id( sk_keyid, &n );
 	tty_print_utf8_string( p, n );
-	gcry_free(p); p = NULL;
-	tty_printf("\"\n\n");
+	m_free(p); p = NULL;
+	tty_printf("\"\n");
+
+	if(selfsig)
+	  {
+	    tty_printf(_("\nThis will be a self-signature.\n"));
+
+	    if( local )
+	      tty_printf(
+			 _("\nWarning: the signature will not be marked "
+			   "as non-exportable.\n"));
+
+	    if( nonrevocable )
+	      tty_printf(
+			 _("\nWarning: the signature will not be marked "
+			   "as non-revocable.\n"));
+	  }
+	else
+	  {
+	    if( local )
+	      tty_printf(
+		     _("\nThe signature will be marked as non-exportable.\n"));
+
+	    if( nonrevocable )
+	      tty_printf(
+		      _("\nThe signature will be marked as non-revocable.\n"));
+
+	    switch(class)
+	      {
+	      case 0x11:
+		tty_printf(_("\nI have not checked this key at all.\n"));
+		break;
 
-	if( local )
-	    tty_printf(
-		  _("The signature will be marked as non-exportable.\n\n"));
+	      case 0x12:
+		tty_printf(_("\nI have checked this key casually.\n"));
+		break;
 
+	      case 0x13:
+		tty_printf(_("\nI have checked this key very carefully.\n"));
+		break;
+	      }
+	  }
+
+	tty_printf("\n");
 
 	if( opt.batch && opt.answer_yes )
-	    ;
+	  ;
 	else if( !cpr_get_answer_is_yes("sign_uid.okay", _("Really sign? ")) )
 	    continue;
+
 	/* now we can sign the user ids */
       reloop: /* (must use this, because we are modifing the list) */
 	primary_pk = NULL;
@@ -356,33 +657,50 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
 		assert( primary_pk );
 		memset( &attrib, 0, sizeof attrib );
 		attrib.non_exportable = local;
+		attrib.non_revocable = nonrevocable;
 		node->flag &= ~NODFLG_MARK_A;
-		rc = make_keysig_packet( &sig, primary_pk,
-					       node->pkt->pkt.user_id,
-					       NULL,
-					       sk,
-					       0x10, 0,
-					       sign_mk_attrib,
-					       &attrib );
+
+                /* we force creation of a v4 signature for local
+                 * signatures, otherwise we would not generate the
+                 * subpacket with v3 keys and the signature becomes
+                 * exportable */
+
+		if(selfsig)
+		  rc = make_keysig_packet( &sig, primary_pk,
+					   node->pkt->pkt.user_id,
+					   NULL,
+					   sk,
+					   0x13, 0, force_v4?4:0, 0, 0,
+					   keygen_add_std_prefs, primary_pk);
+		else
+		  rc = make_keysig_packet( &sig, primary_pk,
+					   node->pkt->pkt.user_id,
+					   NULL,
+					   sk,
+					   class, 0, force_v4?4:0,
+					   timestamp, duration,
+					   sign_mk_attrib, &attrib );
 		if( rc ) {
-		    log_error(_("signing failed: %s\n"), gpg_errstr(rc));
+		    log_error(_("signing failed: %s\n"), g10_errstr(rc));
 		    goto leave;
 		}
+
 		*ret_modified = 1; /* we changed the keyblock */
-		upd_trust = 1;
+		update_trust = 1;
 
-		pkt = gcry_xcalloc( 1, sizeof *pkt );
+		pkt = m_alloc_clear( sizeof *pkt );
 		pkt->pkttype = PKT_SIGNATURE;
 		pkt->pkt.signature = sig;
 		insert_kbnode( node, new_kbnode(pkt), PKT_SIGNATURE );
 		goto reloop;
 	    }
 	}
-    } /* end loop over signators */
-    if( upd_trust && primary_pk ) {
-	rc = clear_trust_checked_flag( primary_pk );
-    }
 
+	/* Delete any sigs that got promoted */
+	for( node=keyblock; node; node = node->next )
+	  if( node->flag & NODFLG_DELSIG)
+	    delete_kbnode(node);
+    } /* end loop over signators */
 
   leave:
     release_sk_list( sk_list );
@@ -416,7 +734,7 @@ change_passphrase( KBNODE keyblock )
 
     switch( is_secret_key_protected( sk ) ) {
       case -1:
-	rc = GPGERR_PUBKEY_ALGO;
+	rc = G10ERR_PUBKEY_ALGO;
 	break;
       case 0:
 	tty_printf(_("This key is not protected.\n"));
@@ -447,10 +765,11 @@ change_passphrase( KBNODE keyblock )
     }
 
     if( rc )
-	tty_printf(_("Can't edit this key: %s\n"), gpg_errstr(rc));
+	tty_printf(_("Can't edit this key: %s\n"), g10_errstr(rc));
     else {
 	DEK *dek = NULL;
-	STRING2KEY *s2k = gcry_xmalloc_secure( sizeof *s2k );
+	STRING2KEY *s2k = m_alloc_secure( sizeof *s2k );
+        const char *errtext = NULL;
 
 	tty_printf(_("Enter the new passphrase for this secret key.\n\n") );
 
@@ -458,9 +777,11 @@ change_passphrase( KBNODE keyblock )
 	for(;;) {
 	    s2k->mode = opt.s2k_mode;
 	    s2k->hash_algo = opt.s2k_digest_algo;
-	    dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2 );
+	    dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo,
+                                     s2k, 2, errtext);
 	    if( !dek ) {
-		tty_printf(_("passphrase not correctly repeated; try again.\n"));
+		errtext = _("passphrase not correctly repeated; try again");
+		tty_printf ("%s.\n", errtext);
 	    }
 	    else if( !dek->keylen ) {
 		rc = 0;
@@ -487,18 +808,18 @@ change_passphrase( KBNODE keyblock )
 		    }
 		}
 		if( rc )
-		    log_error("protect_secret_key failed: %s\n", gpg_errstr(rc) );
+		    log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
 		else
 		    changed++;
 		break;
 	    }
 	}
-	gcry_free(s2k);
-	gcry_free(dek);
+	m_free(s2k);
+	m_free(dek);
     }
 
   leave:
-    gcry_free( passphrase );
+    m_free( passphrase );
     set_next_passphrase( NULL );
     return changed && !rc;
 }
@@ -560,11 +881,12 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 {
     enum cmdids { cmdNONE = 0,
 	   cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
-	   cmdLSIGN, cmdREVSIG, cmdREVKEY, cmdDELSIG,
-	   cmdDEBUG, cmdSAVE, cmdADDUID, cmdDELUID, cmdADDKEY, cmdDELKEY,
-	   cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF, cmdEXPIRE,
-	   cmdENABLEKEY, cmdDISABLEKEY,
-	   cmdINVCMD, cmdNOP };
+           cmdLSIGN, cmdNRSIGN, cmdNRLSIGN, cmdREVSIG, cmdREVKEY, cmdDELSIG,
+	   cmdPRIMARY, cmdDEBUG, cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID,
+           cmdADDKEY, cmdDELKEY, cmdADDREVOKER, cmdTOGGLE, cmdSELKEY,
+	   cmdPASSWD, cmdTRUST, cmdPREF, cmdEXPIRE, cmdENABLEKEY,
+	   cmdDISABLEKEY, cmdSHOWPREF, cmdSETPREF, cmdUPDPREF, cmdINVCMD,
+           cmdSHOWPHOTO, cmdUPDTRUST, cmdCHKTRUST, cmdNOP };
     static struct { const char *name;
 		    enum cmdids id;
 		    int need_sk;
@@ -587,30 +909,42 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	{ N_("sign")    , cmdSIGN      , 0,1,1, N_("sign the key") },
 	{ N_("s")       , cmdSIGN      , 0,1,1, NULL },
 	{ N_("lsign")   , cmdLSIGN     , 0,1,1, N_("sign the key locally") },
+	{ N_("nrsign")  , cmdNRSIGN    , 0,1,1, N_("sign the key non-revocably") },
+	{ N_("nrlsign") , cmdNRLSIGN   , 0,1,1, N_("sign the key locally and non-revocably") },
 	{ N_("debug")   , cmdDEBUG     , 0,0,0, NULL },
 	{ N_("adduid")  , cmdADDUID    , 1,1,0, N_("add a user ID") },
+	{ N_("addphoto"), cmdADDPHOTO  , 1,1,0, N_("add a photo ID") },
 	{ N_("deluid")  , cmdDELUID    , 0,1,0, N_("delete user ID") },
+	/* delphoto is really deluid in disguise */
+	{ N_("delphoto"), cmdDELUID    , 0,1,0, NULL },
 	{ N_("addkey")  , cmdADDKEY    , 1,1,0, N_("add a secondary key") },
 	{ N_("delkey")  , cmdDELKEY    , 0,1,0, N_("delete a secondary key") },
+	{ N_("addrevoker"),cmdADDREVOKER,1,1,0, N_("add a revocation key") },
 	{ N_("delsig")  , cmdDELSIG    , 0,1,0, N_("delete signatures") },
 	{ N_("expire")  , cmdEXPIRE    , 1,1,0, N_("change the expire date") },
+        { N_("primary") , cmdPRIMARY   , 1,1,0, N_("flag user ID as primary")},
 	{ N_("toggle")  , cmdTOGGLE    , 1,0,0, N_("toggle between secret "
 						   "and public key listing") },
 	{ N_("t"     )  , cmdTOGGLE    , 1,0,0, NULL },
-	{ N_("pref")    , cmdPREF      , 0,1,0, N_("list preferences") },
+	{ N_("pref")    , cmdPREF      , 0,1,0, N_("list preferences (expert)") },
+	{ N_("showpref"), cmdSHOWPREF  , 0,1,0, N_("list preferences (verbose)") },
+	{ N_("setpref") , cmdSETPREF   , 1,1,0, N_("set preference list") },
+	{ N_("updpref") , cmdUPDPREF   , 1,1,0, N_("updated preferences") },
 	{ N_("passwd")  , cmdPASSWD    , 1,1,0, N_("change the passphrase") },
 	{ N_("trust")   , cmdTRUST     , 0,1,0, N_("change the ownertrust") },
 	{ N_("revsig")  , cmdREVSIG    , 0,1,0, N_("revoke signatures") },
 	{ N_("revkey")  , cmdREVKEY    , 1,1,0, N_("revoke a secondary key") },
 	{ N_("disable") , cmdDISABLEKEY, 0,1,0, N_("disable a key") },
 	{ N_("enable")  , cmdENABLEKEY , 0,1,0, N_("enable a key") },
+	{ N_("showphoto"),cmdSHOWPHOTO , 0,0,0, N_("show photo ID") },
 
     { NULL, cmdNONE } };
     enum cmdids cmd = 0;
     int rc = 0;
     KBNODE keyblock = NULL;
-    KBPOS keyblockpos;
+    KEYDB_HANDLE kdbhd = NULL;
     KBNODE sec_keyblock = NULL;
+    KEYDB_HANDLE sec_kdbhd = NULL;
     KBNODE cur_keyblock;
     char *answer = NULL;
     int redisplay = 1;
@@ -619,34 +953,23 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
     int toggle;
     int have_commands = !!commands;
 
-
-    if( opt.batch && !have_commands ) {
+    if ( opt.command_fd != -1 )
+        ;
+    else if( opt.batch && !have_commands  ) {
 	log_error(_("can't do that in batchmode\n"));
 	goto leave;
     }
 
     if( sign_mode ) {
 	commands = NULL;
-	append_to_strlist( &commands, sign_mode == 1? "sign":"lsign" );
+	append_to_strlist( &commands, sign_mode == 1? "sign":
+			   sign_mode == 2?"lsign":
+			   sign_mode == 3?"nrsign":"nrlsign");
 	have_commands = 1;
     }
 
-
-    if( !sign_mode ) {
-	/* first try to locate it as secret key */
-	rc = find_secret_keyblock_byname( &sec_keyblock, username );
-        if( rc && rc != GPGERR_NO_SECKEY ) 
-            log_debug("%s: secret keyblock read problem: %s\n",
-						username, gpg_errstr(rc));
-	if( !rc ) {
-	    merge_keys_and_selfsig( sec_keyblock );
-	    if( fix_keyblock( sec_keyblock ) )
-		sec_modified++;
-	}
-    }
-
-    /* and now get the public key */
-    rc = get_keyblock_byname( &keyblock, &keyblockpos, username );
+    /* get the public key */
+    rc = get_pubkey_byname (NULL, username, &keyblock, &kdbhd);
     if( rc )
 	goto leave;
     if( fix_keyblock( keyblock ) )
@@ -654,44 +977,79 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
     if( collapse_uids( &keyblock ) )
 	modified++;
 
-    if( sec_keyblock ) { /* check that they match */
-	/* fixme: check that they both match */
+    if( !sign_mode ) {/* see whether we have a matching secret key */
+        PKT_public_key *pk = keyblock->pkt->pkt.public_key;
+
+        sec_kdbhd = keydb_new (1);
+        {
+            byte afp[MAX_FINGERPRINT_LEN];
+            size_t an;
+
+            fingerprint_from_pk (pk, afp, &an);
+            while (an < MAX_FINGERPRINT_LEN) 
+                afp[an++] = 0;
+            rc = keydb_search_fpr (sec_kdbhd, afp);
+        }
+	if (!rc) {
+	    rc = keydb_get_keyblock (sec_kdbhd, &sec_keyblock);
+	    if (rc) {
+		log_error (_("error reading secret keyblock `%s': %s\n"),
+						username, g10_errstr(rc));
+	    }
+            else {
+                merge_keys_and_selfsig( sec_keyblock );
+                if( fix_keyblock( sec_keyblock ) )
+                    sec_modified++;
+            }
+	}
+
+        if (rc) {
+            sec_keyblock = NULL;
+            keydb_release (sec_kdbhd); sec_kdbhd = NULL;
+            rc = 0;
+        }
+    }
+
+    if( sec_keyblock ) { 
 	tty_printf(_("Secret key is available.\n"));
     }
 
     toggle = 0;
     cur_keyblock = keyblock;
     for(;;) { /* main loop */
-	int i, arg_number;
+	int i, arg_number, photo;
+        const char *arg_string = "";
 	char *p;
+	PKT_public_key *pk=keyblock->pkt->pkt.public_key;
 
 	tty_printf("\n");
 	if( redisplay ) {
-	    show_key_with_all_names( cur_keyblock, 0, 0, 1, 0 );
+	    show_key_with_all_names( cur_keyblock, 0, 1, 0, 1, 0 );
 	    tty_printf("\n");
 	    redisplay = 0;
 	}
 	do {
-	    gcry_free(answer);
+	    m_free(answer);
 	    if( have_commands ) {
 		if( commands ) {
-		    answer = gcry_xstrdup( commands->d );
+		    answer = m_strdup( commands->d );
 		    commands = commands->next;
 		}
 		else if( opt.batch ) {
-		    answer = gcry_xstrdup("quit");
+		    answer = m_strdup("quit");
 		}
 		else
 		    have_commands = 0;
 	    }
 	    if( !have_commands ) {
-		answer = cpr_get("keyedit.prompt", _("Command> "));
+		answer = cpr_get_no_help("keyedit.prompt", _("Command> "));
 		cpr_kill_prompt();
 	    }
 	    trim_spaces(answer);
 	} while( *answer == '#' );
 
-	arg_number = 0; /* Yes, here is the init which egcc complains about*/
+	arg_number = 0; /* Yes, here is the init which egcc complains about */
+	photo = 0; /* This too */
 	if( !*answer )
 	    cmd = cmdLIST;
 	else if( *answer == CONTROL_D )
@@ -706,10 +1064,11 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 		trim_spaces(answer);
 		trim_spaces(p);
 		arg_number = atoi(p);
+                arg_string = p;
 	    }
 
 	    for(i=0; cmds[i].name; i++ ) {
-		if( !stricmp( answer, cmds[i].name ) )
+		if( !ascii_strcasecmp( answer, cmds[i].name ) )
 		    break;
 	    }
 	    if( sign_mode && !cmds[i].signmode )
@@ -764,6 +1123,27 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 
 	  case cmdSIGN: /* sign (only the public key) */
 	  case cmdLSIGN: /* sign (only the public key) */
+	  case cmdNRSIGN: /* sign (only the public key) */
+	  case cmdNRLSIGN: /* sign (only the public key) */
+	    if( pk->is_revoked )
+	      {
+		tty_printf(_("Key is revoked."));
+
+		if(opt.expert)
+		  {
+		    tty_printf("  ");
+		    if(!cpr_get_answer_is_yes("keyedit.sign_revoked.okay",
+					      _("Are you sure you still want "
+						"to sign it? (y/N) ")))
+		      break;
+		  }
+		else
+		  {
+		    tty_printf(_("  Unable to sign.\n"));
+		    break;
+		  }
+	      }
+
 	    if( count_uids(keyblock) > 1 && !count_selected_uids(keyblock) ) {
 		if( !cpr_get_answer_is_yes("keyedit.sign_all.okay",
 					   _("Really sign all user IDs? ")) ) {
@@ -771,14 +1151,11 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 		    break;
 		}
 	    }
-	    if( !sign_uids( keyblock, locusr, &modified, cmd == cmdLSIGN )
+	    if( !sign_uids( keyblock, locusr, &modified,
+			    (cmd == cmdLSIGN) || (cmd == cmdNRLSIGN),
+			    (cmd == cmdNRSIGN) || (cmd==cmdNRLSIGN))
 		&& sign_mode )
-		goto do_cmd_save;
-	    /* Actually we should do a update_trust_record() here so that
-	     * the trust gets displayed correctly. however this is not possible
-	     * because we would have to save the keyblock first - something
-	     * we don't want to do without an explicit save command.
-	     */
+	        goto do_cmd_save;
 	    break;
 
 	  case cmdDEBUG:
@@ -791,18 +1168,23 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	    redisplay = 1;
 	    break;
 
+	  case cmdADDPHOTO:
+            if (opt.rfc2440 || opt.rfc1991 || opt.pgp2)
+              {
+                tty_printf(
+                   _("This command is not allowed while in %s mode.\n"),
+		   opt.rfc2440?"OpenPGP":opt.pgp2?"PGP2":"RFC-1991");
+                break;
+              }
+	    photo=1;
+	    /* fall through */
+
 	  case cmdADDUID:
-	    if( menu_adduid( keyblock, sec_keyblock ) ) {
+	    if( menu_adduid( keyblock, sec_keyblock, photo ) ) {
 		redisplay = 1;
 		sec_modified = modified = 1;
-		/* must update the trustdb already here, so that preferences
-		 * get listed correctly */
-		rc = update_trust_record( keyblock, 0, NULL );
-		if( rc ) {
-		    log_error(_("update of trustdb failed: %s\n"),
-				gpg_errstr(rc) );
-		    rc = 0;
-		}
+		merge_keys_and_selfsig( sec_keyblock );
+		merge_keys_and_selfsig( keyblock );
 	    }
 	    break;
 
@@ -811,7 +1193,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 
 		if( !(n1=count_selected_uids(keyblock)) )
 		    tty_printf(_("You must select at least one user ID.\n"));
-		else if( count_uids(keyblock) - n1 < 1 )
+		else if( real_uids_left(keyblock) < 1 )
 		    tty_printf(_("You can't delete the last user ID!\n"));
 		else if( cpr_get_answer_is_yes(
 			    "keyedit.remove.uid.okay",
@@ -844,6 +1226,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	    if( generate_subkeypair( keyblock, sec_keyblock ) ) {
 		redisplay = 1;
 		sec_modified = modified = 1;
+		merge_keys_and_selfsig( sec_keyblock );
+		merge_keys_and_selfsig( keyblock );
 	    }
 	    break;
 
@@ -870,6 +1254,15 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	    }
 	    break;
 
+	  case cmdADDREVOKER:
+	    if( menu_addrevoker( keyblock, sec_keyblock ) ) {
+		redisplay = 1;
+		sec_modified = modified = 1;
+		merge_keys_and_selfsig( sec_keyblock );
+		merge_keys_and_selfsig( keyblock );
+	    }
+	    break;
+
 	  case cmdREVKEY: {
 		int n1;
 
@@ -902,23 +1295,62 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	    }
 	    break;
 
+	  case cmdPRIMARY:
+	    if( menu_set_primary_uid ( keyblock, sec_keyblock ) ) {
+		merge_keys_and_selfsig( keyblock );
+		modified = 1;
+		redisplay = 1;
+	    }
+	    break;
+
 	  case cmdPASSWD:
 	    if( change_passphrase( sec_keyblock ) )
 		sec_modified = 1;
 	    break;
 
 	  case cmdTRUST:
-	    show_key_with_all_names( keyblock, 0, 0, 1, 0 );
+	    show_key_with_all_names( keyblock, 0, 0, 0, 1, 0 );
 	    tty_printf("\n");
 	    if( edit_ownertrust( find_kbnode( keyblock,
-		      PKT_PUBLIC_KEY )->pkt->pkt.public_key->local_id, 1 ) )
+                                 PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
 		redisplay = 1;
-	    /* we don't need to set modified here, as the trustvalues
-	     * are updated immediately */
+		/* No real need to set update_trust here as
+		   edit_ownertrust() calls revalidation_mark()
+		   anyway. */
+		update_trust=1;
+            }
 	    break;
 
 	  case cmdPREF:
-	    show_key_with_all_names( keyblock, 0, 0, 0, 1 );
+	    show_key_with_all_names( keyblock, 0, 0, 0, 0, 1 );
+	    break;
+
+	  case cmdSHOWPREF:
+	    show_key_with_all_names( keyblock, 0, 0, 0, 0, 2 );
+	    break;
+
+          case cmdSETPREF:
+            keygen_set_std_prefs ( !*arg_string? "default" : arg_string, 0);
+            break;
+
+	  case cmdUPDPREF: 
+            {
+                p = keygen_get_std_prefs ();
+                tty_printf (("Current preference list: %s\n"), p);
+                m_free (p);
+            }
+            if (cpr_get_answer_is_yes ("keyedit.updpref.okay",
+                                        count_selected_uids (keyblock)?
+                                        _("Really update the preferences"
+                                          " for the selected user IDs? "):
+                                       _("Really update the preferences? "))){
+
+                if ( menu_set_preferences (keyblock, sec_keyblock) ) {
+                    merge_keys_and_selfsig (keyblock);
+                    modified = 1;
+                    redisplay = 1;
+                }
+            }
 	    break;
 
 	  case cmdNOP:
@@ -939,6 +1371,10 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	    }
 	    break;
 
+         case cmdSHOWPHOTO:
+           menu_showphoto(keyblock);
+           break;
+
 	  case cmdQUIT:
 	    if( have_commands )
 		goto leave;
@@ -957,32 +1393,29 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	  do_cmd_save:
 	    if( modified || sec_modified  ) {
 		if( modified ) {
-		    rc = update_keyblock( keyblock );
+		    rc = keydb_update_keyblock (kdbhd, keyblock);
 		    if( rc ) {
-			log_error(_("update failed: %s\n"), gpg_errstr(rc) );
+			log_error(_("update failed: %s\n"), g10_errstr(rc) );
 			break;
 		    }
 		}
 		if( sec_modified ) {
-		    rc = update_keyblock( sec_keyblock );
+		    rc = keydb_update_keyblock (sec_kdbhd, sec_keyblock );
 		    if( rc ) {
-			log_error(_("update secret failed: %s\n"),
-							    gpg_errstr(rc) );
+			log_error( _("update secret failed: %s\n"),
+                                   g10_errstr(rc) );
 			break;
 		    }
 		}
 	    }
 	    else
 		tty_printf(_("Key not changed so no update needed.\n"));
-	    /* TODO: we should keep track whether we have changed
-	     *	     something relevant to the trustdb */
-	    if( !modified && sign_mode )
-		rc = 0; /* we can skip at least in this case */
-	    else
-		rc = update_trust_record( keyblock, 0, NULL );
-	    if( rc )
-		log_error(_("update of trustdb failed: %s\n"),
-			    gpg_errstr(rc) );
+
+	    if( update_trust )
+	      {
+		revalidation_mark ();
+		update_trust=0;
+	      }
 	    goto leave;
 
 	  case cmdINVCMD:
@@ -996,7 +1429,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
   leave:
     release_kbnode( keyblock );
     release_kbnode( sec_keyblock );
-    gcry_free(answer);
+    keydb_release (kdbhd);
+    m_free(answer);
 }
 
 
@@ -1004,45 +1438,246 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
  * show preferences of a public keyblock.
  */
 static void
-show_prefs( KBNODE keyblock, PKT_user_id *uid )
+show_prefs (PKT_user_id *uid, int verbose)
 {
-    KBNODE node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
-    PKT_public_key *pk;
-    byte *p;
+    const prefitem_t fake={0,0};
+    const prefitem_t *prefs;
     int i;
-    size_t n;
-    byte namehash[20];
-
-    if( !node )
-	return; /* is a secret keyblock */
-    pk = node->pkt->pkt.public_key;
-    if( !pk->local_id ) {
-	log_error("oops: no LID\n");
-	return;
-    }
 
-    if( uid->photo ) {
-	gcry_md_hash_buffer( GCRY_MD_RMD160, namehash, uid->photo,
-						       uid->photolen );
+    if( !uid )
+        return;
+
+    if( uid->prefs )
+        prefs=uid->prefs;
+    else if(verbose)
+        prefs=&fake;
+    else
+      return;
+
+    if (verbose) {
+        int any, des_seen=0, sha1_seen=0, uncomp_seen=0;
+        tty_printf ("     Cipher: ");
+        for(i=any=0; prefs[i].type; i++ ) {
+            if( prefs[i].type == PREFTYPE_SYM ) {
+                const char *s = cipher_algo_to_string (prefs[i].value);
+                
+                if (any)
+                    tty_printf (", ");
+                any = 1;
+                /* We don't want to display strings for experimental algos */
+                if (s && prefs[i].value < 100 )
+                    tty_printf ("%s", s );
+                else
+                    tty_printf ("[%d]", prefs[i].value);
+                if (prefs[i].value == CIPHER_ALGO_3DES )
+                    des_seen = 1;
+            }    
+        }
+        if (!des_seen) {
+            if (any)
+                tty_printf (", ");
+            tty_printf ("%s",cipher_algo_to_string(CIPHER_ALGO_3DES));
+        }
+        tty_printf ("\n     Hash: ");
+        for(i=any=0; prefs[i].type; i++ ) {
+            if( prefs[i].type == PREFTYPE_HASH ) {
+                const char *s = digest_algo_to_string (prefs[i].value);
+                
+                if (any)
+                    tty_printf (", ");
+                any = 1;
+                /* We don't want to display strings for experimental algos */
+                if (s && prefs[i].value < 100 )
+                    tty_printf ("%s", s );
+                else
+                    tty_printf ("[%d]", prefs[i].value);
+                if (prefs[i].value == DIGEST_ALGO_SHA1 )
+                    sha1_seen = 1;
+            }
+        }
+        if (!sha1_seen) {
+            if (any)
+                tty_printf (", ");
+            tty_printf ("%s",digest_algo_to_string(DIGEST_ALGO_SHA1));
+        }
+        tty_printf ("\n     Compression: ");
+        for(i=any=0; prefs[i].type; i++ ) {
+            if( prefs[i].type == PREFTYPE_ZIP ) {
+                const char *s=compress_algo_to_string(prefs[i].value);
+                
+                if (any)
+                    tty_printf (", ");
+                any = 1;
+                /* We don't want to display strings for experimental algos */
+                if (s && prefs[i].value < 100 )
+                    tty_printf ("%s", s );
+                else
+                    tty_printf ("[%d]", prefs[i].value);
+                if (prefs[i].value == 0 )
+                    uncomp_seen = 1;
+            }
+        }
+        if (!uncomp_seen) {
+            if (any)
+                tty_printf (", ");
+	    else {
+	      tty_printf ("%s",compress_algo_to_string(1));
+	      tty_printf (", ");
+	    }
+	    tty_printf ("%s",compress_algo_to_string(0));
+        }
+        tty_printf ("\n     Features: ");
+	if(uid->mdc_feature)
+	  tty_printf ("MDC");
+	tty_printf("\n");
     }
     else {
-	gcry_md_hash_buffer( GCRY_MD_RMD160, namehash, uid->name, uid->len );
+        tty_printf("    ");
+        for(i=0; prefs[i].type; i++ ) {
+            tty_printf( " %c%d", prefs[i].type == PREFTYPE_SYM   ? 'S' :
+                                 prefs[i].type == PREFTYPE_HASH  ? 'H' :
+                                 prefs[i].type == PREFTYPE_ZIP ? 'Z':'?',
+                                 prefs[i].value);
+        }
+        if (uid->mdc_feature)
+            tty_printf (" [mdc]");
+        tty_printf("\n");
     }
+}
 
-    p = get_pref_data( pk->local_id, namehash, &n );
-    if( !p )
-	return;
 
-    tty_printf("    ");
-    for(i=0; i < n; i+=2 ) {
-	if( p[i] )
-	    tty_printf( " %c%d", p[i] == PREFTYPE_SYM    ? 'S' :
-				 p[i] == PREFTYPE_HASH	 ? 'H' :
-				 p[i] == PREFTYPE_COMPR  ? 'Z' : '?', p[i+1]);
+/* This is the version of show_key_with_all_names used when
+   opt.with_colons is used.  It prints all available data in a easy to
+   parse format and does not translate utf8 */
+static void
+show_key_with_all_names_colon (KBNODE keyblock)
+{
+  KBNODE node;
+  int i, j;
+  byte pk_version=0;
+
+  /* the keys */
+  for ( node = keyblock; node; node = node->next )
+    {
+      if (node->pkt->pkttype == PKT_PUBLIC_KEY
+          || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) )
+        {
+          PKT_public_key *pk = node->pkt->pkt.public_key;
+          int otrust=0, trust=0;
+          u32 keyid[2];
+
+          if (node->pkt->pkttype == PKT_PUBLIC_KEY)
+            {
+              trust = get_validity_info (pk, NULL);
+              otrust = get_ownertrust_info (pk);
+              pk_version = pk->version;
+	    }
+
+          keyid_from_pk (pk, keyid);
+
+          fputs (node->pkt->pkttype == PKT_PUBLIC_KEY?"pub:":"sub:", stdout);
+          if (!pk->is_valid)
+            putchar ('i');
+          else if (pk->is_revoked)
+            putchar ('r');
+          else if (pk->has_expired)
+            putchar ('e');
+          else 
+            putchar (trust);
+          printf (":%u:%d:%08lX%08lX:%lu:%lu:",
+                  nbits_from_pk (pk),
+                  pk->pubkey_algo,
+                  (ulong)keyid[0], (ulong)keyid[1],
+                  (ulong)pk->timestamp,
+                  (ulong)pk->expiredate );
+          if (pk->local_id)
+            printf ("%lu", pk->local_id);
+          putchar (':');
+          putchar (otrust);
+          putchar(':');
+          putchar('\n');
+          
+          print_fingerprint (pk, NULL, 0);
+
+          /* print the revoker record */
+          if( !pk->revkey && pk->numrevkeys )
+            BUG();
+          else
+            {
+              for (i=0; i < pk->numrevkeys; i++)
+                {
+                  byte *p;
+
+                  printf ("rvk:::%d::::::", pk->revkey[i].algid);
+                  p = pk->revkey[i].fpr;
+                  for (j=0; j < 20; j++, p++ )
+                    printf ("%02X", *p);
+                  printf (":%02x%c:\n", pk->revkey[i].class,
+                          (pk->revkey[i].class&0x40)? 'l':'x');
+                }
+            }
+        }
     }
-    tty_printf("\n");
+  
+    /* the user ids */
+    i = 0;
+    for (node = keyblock; node; node = node->next) 
+      {
+	if ( node->pkt->pkttype == PKT_USER_ID )
+          {
+            PKT_user_id *uid = node->pkt->pkt.user_id;
+            int trustletter = '?';
 
-    gcry_free(p);
+	    ++i;
+	    if(uid->attrib_data)
+	      {
+		printf ("uat:%c::::::::%u %lu", trustletter,
+			uid->numattribs,uid->attrib_len);
+	      }
+	    else
+	      {
+		printf ("uid:%c::::::::", trustletter);
+		print_string (stdout, uid->name, uid->len, ':');
+	      }
+            putchar (':');
+            /* signature class */
+            putchar (':');
+            /* capabilities */
+            putchar (':');
+            /* preferences */
+            if (pk_version>3 || uid->selfsigversion>3)
+              {
+                const prefitem_t *prefs = uid->prefs;
+                
+                for (j=0; prefs && prefs[j].type; j++)
+                  {
+                    if (j)
+                      putchar (' ');
+                    printf ("%c%d", prefs[j].type == PREFTYPE_SYM   ? 'S' :
+                            prefs[j].type == PREFTYPE_HASH  ? 'H' :
+                            prefs[j].type == PREFTYPE_ZIP ? 'Z':'?',
+                            prefs[j].value);
+                  } 
+                if (uid->mdc_feature)
+                  printf (",mdc");
+              } 
+            putchar (':');
+            /* flags */
+            printf ("%d,", i);
+            if (uid->is_primary)
+              putchar ('p');
+            if (uid->is_revoked)
+              putchar ('r');
+            if (uid->is_expired)
+              putchar ('e');
+            if ((node->flag & NODFLG_SELUID))
+              putchar ('s');
+            if ((node->flag & NODFLG_MARK_A))
+              putchar ('m');
+            putchar (':');
+            putchar('\n');
+          }
+      }
 }
 
 
@@ -1051,11 +1686,19 @@ show_prefs( KBNODE keyblock, PKT_user_id *uid )
  * so for user ids with mark A flag set and dont display the index number
  */
 static void
-show_key_with_all_names( KBNODE keyblock, int only_marked,
+show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
 			 int with_fpr, int with_subkeys, int with_prefs )
 {
     KBNODE node;
     int i, rc;
+    int do_warn = 0;
+    byte pk_version=0;
+
+    if (opt.with_colons)
+      {
+        show_key_with_all_names_colon (keyblock);
+        return;
+      }
 
     /* the keys */
     for( node = keyblock; node; node = node->next ) {
@@ -1067,10 +1710,43 @@ show_key_with_all_names( KBNODE keyblock, int only_marked,
 	    if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
 		/* do it here, so that debug messages don't clutter the
 		 * output */
-		trust = query_trust_info(pk, NULL);
-		otrust = get_ownertrust_info( pk->local_id );
+                static int did_warn = 0;
+
+                trust = get_validity_info (pk, NULL);
+		otrust = get_ownertrust_info (pk);
+
+                /* Show a warning once */
+                if (!did_warn
+                    && (get_validity (pk, NULL) & TRUST_FLAG_PENDING_CHECK)) {
+                    did_warn = 1;
+                    do_warn = 1;
+                }
+
+		pk_version=pk->version;
 	    }
 
+	    if(with_revoker) {
+	        if( !pk->revkey && pk->numrevkeys )
+	            BUG();
+	        else
+                    for(i=0;i<pk->numrevkeys;i++) {
+                        u32 r_keyid[2];
+                        char *user;
+           
+                        keyid_from_fingerprint(pk->revkey[i].fpr,
+                                               MAX_FINGERPRINT_LEN,r_keyid);
+                        
+                        user=get_user_id_string (r_keyid);
+                        tty_printf (_("This key may be revoked by %s key "),
+                                 pubkey_algo_to_string (pk->revkey[i].algid));
+                        tty_print_utf8_string (user, strlen (user));
+                        if ((pk->revkey[i].class&0x40))
+                          tty_printf (_(" (sensitive)"));
+                        tty_printf ("\n");
+                        m_free(user);
+                      }
+            }
+
 	    tty_printf(_("%s%c %4u%c/%08lX  created: %s expires: %s"),
 			  node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub",
 			  (node->flag & NODFLG_SELKEY)? '*':' ',
@@ -1082,14 +1758,14 @@ show_key_with_all_names( KBNODE keyblock, int only_marked,
 	    if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
 		tty_printf(_(" trust: %c/%c"), otrust, trust );
 		if( node->pkt->pkttype == PKT_PUBLIC_KEY
-		    && (get_ownertrust( pk->local_id )&TRUST_FLAG_DISABLED)) {
+		    && (get_ownertrust (pk)&TRUST_FLAG_DISABLED)) {
 		    tty_printf("\n*** ");
 		    tty_printf(_("This key has been disabled"));
 		}
 
 		if( with_fpr  ) {
 		    tty_printf("\n");
-		    show_fingerprint( pk );
+		    print_fingerprint ( pk, NULL, 2 );
 		}
 	    }
 	    tty_printf("\n");
@@ -1115,11 +1791,11 @@ show_key_with_all_names( KBNODE keyblock, int only_marked,
 	    if( !rc )
 		tty_printf( _("rev! subkey has been revoked: %s\n"),
 			    datestr_from_sig( sig ) );
-	    else if( rc == GPGERR_BAD_SIGN )
+	    else if( rc == G10ERR_BAD_SIGN )
 		tty_printf( _("rev- faked revocation found\n") );
 	    else if( rc )
 		tty_printf( _("rev? problem checking revocation: %s\n"),
-							 gpg_errstr(rc) );
+							 g10_errstr(rc) );
 	}
     }
     /* the user ids */
@@ -1133,15 +1809,33 @@ show_key_with_all_names( KBNODE keyblock, int only_marked,
 		   tty_printf("     ");
 		else if( node->flag & NODFLG_SELUID )
 		   tty_printf("(%d)* ", i);
+		else if( uid->is_primary )
+		   tty_printf("(%d). ", i);
 		else
 		   tty_printf("(%d)  ", i);
+                if ( uid->is_revoked )
+                    tty_printf ("[revoked] ");
+                if ( uid->is_expired )
+                    tty_printf ("[expired] ");
 		tty_print_utf8_string( uid->name, uid->len );
 		tty_printf("\n");
 		if( with_prefs )
-		    show_prefs( keyblock, uid );
+		  {
+		    if(pk_version>3 || uid->selfsigversion>3)
+		      show_prefs (uid, with_prefs == 2);
+		    else
+		      tty_printf(_("There are no preferences on a "
+				   "PGP 2.x-style key.\n"));
+		  }
 	    }
 	}
     }
+
+    if (do_warn)
+        tty_printf (_("Please note that the shown key validity "
+                      "is not necessarily correct\n"
+                      "unless you restart the program.\n")); 
+
 }
 
 static void
@@ -1167,44 +1861,18 @@ show_key_and_fingerprint( KBNODE keyblock )
     }
     tty_printf("\n");
     if( pk )
-	show_fingerprint( pk );
+	print_fingerprint( pk, NULL, 2 );
 }
 
 
-static void
-show_fingerprint( PKT_public_key *pk )
-{
-    byte array[MAX_FINGERPRINT_LEN], *p;
-    size_t i, n;
-
-    fingerprint_from_pk( pk, array, &n );
-    p = array;
-    tty_printf(_("             Fingerprint:"));
-    if( n == 20 ) {
-	for(i=0; i < n ; i++, i++, p += 2 ) {
-	    if( i == 10 )
-		tty_printf(" ");
-	    tty_printf(" %02X%02X", *p, p[1] );
-	}
-    }
-    else {
-	for(i=0; i < n ; i++, p++ ) {
-	    if( i && !(i%8) )
-		tty_printf(" ");
-	    tty_printf(" %02X", *p );
-	}
-    }
-    tty_printf("\n");
-}
-
 
 /****************
- * Ask for a new user id , do the selfsignature and put it into
+ * Ask for a new user id, do the selfsignature and put it into
  * both keyblocks.
  * Return true if there is a new user id
  */
 static int
-menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock )
+menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock, int photo)
 {
     PKT_user_id *uid;
     PKT_public_key *pk=NULL;
@@ -1215,10 +1883,6 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock )
     KBNODE pub_where=NULL, sec_where=NULL;
     int rc;
 
-    uid = generate_user_id();
-    if( !uid )
-	return 0;
-
     for( node = pub_keyblock; node; pub_where = node, node = node->next ) {
 	if( node->pkt->pkttype == PKT_PUBLIC_KEY )
 	    pk = node->pkt->pkt.public_key;
@@ -1235,27 +1899,69 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock )
     }
     if( !node ) /* no subkey */
 	sec_where = NULL;
-    assert(pk && sk );
+    assert(pk && sk);
+
+    if(photo) {
+      int hasattrib=0;
+
+      for( node = pub_keyblock; node; node = node->next )
+	if( node->pkt->pkttype == PKT_USER_ID &&
+	    node->pkt->pkt.user_id->attrib_data!=NULL)
+	  {
+	    hasattrib=1;
+	    break;
+	  }
+
+      /* It is legal but bad for compatibility to add a photo ID to a
+         v3 key as it means that PGP2 will not be able to use that key
+         anymore.  Don't bother to ask this if the key already has a
+         photo - any damage has already been done at that point. -dms */
+      if(pk->version==3 && !hasattrib)
+	{
+	  if(opt.expert)
+	    {
+	      tty_printf(_("WARNING: This is a PGP2-style key.  "
+			   "Adding a photo ID may cause some versions\n"
+			   "         of PGP to reject this key.\n"));
+
+	      if(!cpr_get_answer_is_yes("keyedit.v3_photo.okay",
+					_("Are you sure you still want "
+					  "to add it? (y/N) ")))
+		return 0;
+	    }
+	  else
+	    {
+	      tty_printf(_("You may not add a photo ID to "
+			   "a PGP2-style key.\n"));
+	      return 0;
+	    }
+	}
 
-    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0,
+      uid = generate_photo_id(pk);
+    } else
+      uid = generate_user_id();
+    if( !uid )
+	return 0;
+
+    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
 			     keygen_add_std_prefs, pk );
     free_secret_key( sk );
     if( rc ) {
-	log_error("signing failed: %s\n", gpg_errstr(rc) );
+	log_error("signing failed: %s\n", g10_errstr(rc) );
 	free_user_id(uid);
 	return 0;
     }
 
     /* insert/append to secret keyblock */
-    pkt = gcry_xcalloc( 1, sizeof *pkt );
+    pkt = m_alloc_clear( sizeof *pkt );
     pkt->pkttype = PKT_USER_ID;
-    pkt->pkt.user_id = copy_user_id(NULL, uid);
+    pkt->pkt.user_id = scopy_user_id(uid);
     node = new_kbnode(pkt);
     if( sec_where )
 	insert_kbnode( sec_where, node, 0 );
     else
 	add_kbnode( sec_keyblock, node );
-    pkt = gcry_xcalloc( 1, sizeof *pkt );
+    pkt = m_alloc_clear( sizeof *pkt );
     pkt->pkttype = PKT_SIGNATURE;
     pkt->pkt.signature = copy_signature(NULL, sig);
     if( sec_where )
@@ -1263,7 +1969,7 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock )
     else
 	add_kbnode( sec_keyblock, new_kbnode(pkt) );
     /* insert/append to public keyblock */
-    pkt = gcry_xcalloc( 1, sizeof *pkt );
+    pkt = m_alloc_clear( sizeof *pkt );
     pkt->pkttype = PKT_USER_ID;
     pkt->pkt.user_id = uid;
     node = new_kbnode(pkt);
@@ -1271,7 +1977,7 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	insert_kbnode( pub_where, node, 0 );
     else
 	add_kbnode( pub_keyblock, node );
-    pkt = gcry_xcalloc( 1, sizeof *pkt );
+    pkt = m_alloc_clear( sizeof *pkt );
     pkt->pkttype = PKT_SIGNATURE;
     pkt->pkt.signature = copy_signature(NULL, sig);
     if( pub_where )
@@ -1295,6 +2001,10 @@ menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	if( node->pkt->pkttype == PKT_USER_ID ) {
 	    selected = node->flag & NODFLG_SELUID;
 	    if( selected ) {
+		/* Only cause a trust update if we delete a
+                   non-revoked user id */
+		if(!node->pkt->pkt.user_id->is_revoked)
+		  update_trust=1;
 		delete_kbnode( node );
 		if( sec_keyblock ) {
 		    KBNODE snode;
@@ -1353,10 +2063,16 @@ menu_delsig( KBNODE pub_keyblock )
 					    &inv_sig, &no_key, &other_err,
 					    &selfsig, 1 );
 
-	   if( valid )
+	   if( valid ) {
 	       okay = cpr_get_answer_yes_no_quit(
 		   "keyedit.delsig.valid",
 		   _("Delete this good signature? (y/N/q)"));
+
+	       /* Only update trust if we delete a good signature.
+                  The other two cases do not affect trust. */
+	       if(okay)
+		 update_trust=1;
+	   }
 	   else if( inv_sig || other_err )
 	       okay = cpr_get_answer_yes_no_quit(
 		   "keyedit.delsig.invalid",
@@ -1440,9 +2156,147 @@ menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
     commit_kbnode( &pub_keyblock );
     if( sec_keyblock )
 	commit_kbnode( &sec_keyblock );
+
+    /* No need to set update_trust here since signing keys no longer
+       are used to certify other keys, so there is no change in trust
+       when revoking/removing them */
 }
 
 
+/****************
+ * Ask for a new revoker, do the selfsignature and put it into
+ * both keyblocks.
+ * Return true if there is a new revoker
+ */
+static int
+menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock )
+{
+  PKT_public_key *pk=NULL,*revoker_pk=NULL;
+  PKT_secret_key *sk=NULL;
+  PKT_signature *sig=NULL;
+  PACKET *pkt;
+  struct revocation_key revkey;
+  size_t fprlen;
+  int rc;
+
+  assert(pub_keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+  assert(sec_keyblock->pkt->pkttype==PKT_SECRET_KEY);
+
+  pk=pub_keyblock->pkt->pkt.public_key;
+  sk=copy_secret_key(NULL,sec_keyblock->pkt->pkt.secret_key);
+
+  for(;;)
+    {
+      char *answer;
+      u32 keyid[2];
+      char *p;
+      size_t n;
+
+      if(revoker_pk)
+	free_public_key(revoker_pk);
+
+      revoker_pk=m_alloc_clear(sizeof(*revoker_pk));
+
+      tty_printf("\n");
+
+      answer=cpr_get_utf8("keyedit.add_revoker",
+			  _("Enter the user ID of the designated revoker: "));
+      if(answer[0]=='\0' || answer[0]=='\004')
+	goto fail;
+
+      rc=get_pubkey_byname(revoker_pk,answer,NULL,NULL);
+
+      if(rc)
+	{
+	  log_error (_("key `%s' not found: %s\n"),answer,g10_errstr(rc));
+	  continue;
+	}
+
+      fingerprint_from_pk(revoker_pk,revkey.fpr,&fprlen);
+      if(fprlen!=20)
+	{
+	  log_error(_("cannot appoint a PGP 2.x style key as a "
+		      "designated revoker\n"));
+	  continue;
+	}
+
+      if(cmp_public_keys(revoker_pk,pk)==0)
+	{
+	  /* This actually causes no harm (after all, a key that
+	     designates itself as a revoker is the same as a
+	     regular key), but it's easy enough to check. */
+	  log_error(_("you cannot appoint a key as its own "
+		      "designated revoker\n"));
+	  continue;
+	}
+
+      keyid_from_pk(revoker_pk,keyid);
+
+      tty_printf("\npub  %4u%c/%08lX %s   ",
+		 nbits_from_pk( revoker_pk ),
+		 pubkey_letter( revoker_pk->pubkey_algo ),
+		 (ulong)keyid[1], datestr_from_pk(pk) );
+
+      p = get_user_id( keyid, &n );
+      tty_print_utf8_string( p, n );
+      m_free(p);
+      tty_printf("\n");
+      print_fingerprint(revoker_pk,NULL,2);
+      tty_printf("\n");
+
+      tty_printf("WARNING: appointing a key as a designated revoker "
+		 "cannot be undone!\n");
+
+      tty_printf("\n");
+
+      if(!cpr_get_answer_is_yes("keyedit.add_revoker.okay",
+				"Are you sure you want to appoint this "
+				"key as a designated revoker? (y/N): "))
+	continue;
+
+      /* todo: handle 0x40 sensitive flag here */
+      revkey.class=0x80;
+      revkey.algid=revoker_pk->pubkey_algo;
+      free_public_key(revoker_pk);
+      break;
+    }
+
+  rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x1F, 0, 0, 0, 0,
+			   keygen_add_revkey,&revkey );
+  if( rc )
+    {
+      log_error("signing failed: %s\n", g10_errstr(rc) );
+      goto fail;
+    }
+
+  free_secret_key(sk);
+  sk=NULL;
+
+  /* insert into secret keyblock */
+  pkt = m_alloc_clear( sizeof *pkt );
+  pkt->pkttype = PKT_SIGNATURE;
+  pkt->pkt.signature = copy_signature(NULL, sig);
+  insert_kbnode( sec_keyblock, new_kbnode(pkt), PKT_SIGNATURE );
+
+  /* insert into public keyblock */
+  pkt = m_alloc_clear( sizeof *pkt );
+  pkt->pkttype = PKT_SIGNATURE;
+  pkt->pkt.signature = sig;
+  insert_kbnode( pub_keyblock, new_kbnode(pkt), PKT_SIGNATURE );
+
+  return 1;
+
+ fail:
+  if(sk)
+    free_secret_key(sk);
+  if(sig)
+    free_seckey_enc(sig);
+  if(revoker_pk)
+    free_public_key(revoker_pk);
+
+  return 0;
+}
+
 
 static int
 menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
@@ -1495,7 +2349,7 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	else if( node->pkt->pkttype == PKT_USER_ID )
 	    uid = node->pkt->pkt.user_id;
 	else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE
-		 && (mainkey || sub_pk )  ) {
+		 && ( mainkey || sub_pk ) ) {
 	    PKT_signature *sig = node->pkt->pkt.signature;
 	    if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
 		&& (	(mainkey && uid && (sig->sig_class&~3) == 0x10)
@@ -1532,31 +2386,31 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 		/* create new self signature */
 		if( mainkey )
 		    rc = make_keysig_packet( &newsig, main_pk, uid, NULL,
-					     sk, 0x13, 0,
+					     sk, 0x13, 0, 0, 0, 0,
 					     keygen_add_std_prefs, main_pk );
 		else
 		    rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk,
-					     sk, 0x18, 0,
+					     sk, 0x18, 0, 0, 0, 0,
 					     keygen_add_key_expire, sub_pk );
 		if( rc ) {
 		    log_error("make_keysig_packet failed: %s\n",
-						    gpg_errstr(rc));
+						    g10_errstr(rc));
 		    free_secret_key( sk );
 		    return 0;
 		}
 		/* replace the packet */
-		newpkt = gcry_xcalloc( 1, sizeof *newpkt );
+		newpkt = m_alloc_clear( sizeof *newpkt );
 		newpkt->pkttype = PKT_SIGNATURE;
 		newpkt->pkt.signature = newsig;
 		free_packet( node->pkt );
-		gcry_free( node->pkt );
+		m_free( node->pkt );
 		node->pkt = newpkt;
 		if( sn ) {
-		    newpkt = gcry_xcalloc( 1, sizeof *newpkt );
+		    newpkt = m_alloc_clear( sizeof *newpkt );
 		    newpkt->pkttype = PKT_SIGNATURE;
 		    newpkt->pkt.signature = copy_signature( NULL, newsig );
 		    free_packet( sn->pkt );
-		    gcry_free( sn->pkt );
+		    m_free( sn->pkt );
 		    sn->pkt = newpkt;
 		}
 		sub_pk = NULL;
@@ -1565,9 +2419,235 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
     }
 
     free_secret_key( sk );
+    update_trust=1;
     return 1;
 }
 
+static int
+change_primary_uid_cb ( PKT_signature *sig, void *opaque )
+{
+    byte buf[1];
+
+    /* first clear all primary uid flags so that we are sure none are
+     * lingering around */
+    delete_sig_subpkt (sig->hashed,   SIGSUBPKT_PRIMARY_UID);
+    delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PRIMARY_UID);
+
+    /* if opaque is set,we want to set the primary id */
+    if (opaque) { 
+        buf[0] = 1;
+        build_sig_subpkt (sig, SIGSUBPKT_PRIMARY_UID, buf, 1 );
+    }
+
+    return 0;
+}
+
+
+/*
+ * Set the primary uid flag for the selected UID.  We will also reset
+ * all other primary uid flags.  For this to work with have to update
+ * all the signature timestamps.  If we would do this with the current
+ * time, we lose quite a lot of information, so we use a a kludge to
+ * do this: Just increment the timestamp by one second which is
+ * sufficient to updated a signature during import.
+ */
+static int
+menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
+{
+    PKT_secret_key *sk;    /* copy of the main sk */
+    PKT_public_key *main_pk;
+    PKT_user_id *uid;
+    KBNODE node;
+    u32 keyid[2];
+    int selected;
+    int attribute = 0;
+    int modified = 0;
+
+    if ( count_selected_uids (pub_keyblock) != 1 ) {
+	tty_printf(_("Please select exactly one user ID.\n"));
+	return 0;
+    }
+
+    node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
+    sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
+
+    /* Now we can actually change the self signature(s) */
+    main_pk = NULL;
+    uid = NULL;
+    selected = 0;
+
+    /* Is our selected uid an attribute packet? */
+    for ( node=pub_keyblock; node; node = node->next )
+      if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID)
+	attribute = (node->pkt->pkt.user_id->attrib_data!=NULL);
+
+    for ( node=pub_keyblock; node; node = node->next ) {
+	if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
+            break; /* ready */
+
+	if ( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
+	    main_pk = node->pkt->pkt.public_key;
+	    keyid_from_pk( main_pk, keyid );
+	}
+	else if ( node->pkt->pkttype == PKT_USER_ID ) {
+	    uid = node->pkt->pkt.user_id;
+       	    selected = node->flag & NODFLG_SELUID;
+        }
+	else if ( main_pk && uid && node->pkt->pkttype == PKT_SIGNATURE ) {
+	    PKT_signature *sig = node->pkt->pkt.signature;
+	    if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
+		&& (uid && (sig->sig_class&~3) == 0x10)
+		&& attribute == (uid->attrib_data!=NULL)) {
+	      if(sig->version < 4) {
+		char *user=utf8_to_native(uid->name,strlen(uid->name),0);
+
+		log_info(_("skipping v3 self-signature on user id \"%s\"\n"),
+			 user);
+		m_free(user);
+	      }
+	      else {
+	        /* This is a selfsignature which is to be replaced.
+		   We can just ignore v3 signatures because they are
+		   not able to carry the primary ID flag.  We also
+		   ignore self-sigs on user IDs that are not of the
+		   same type that we are making primary.  That is, if
+		   we are making a user ID primary, we alter user IDs.
+		   If we are making an attribute packet primary, we
+		   alter attribute packets. */
+
+                /* FIXME: We must make sure that we only have one
+                   self-signature per user ID here (not counting
+                   revocations) */
+		PKT_signature *newsig;
+		PACKET *newpkt;
+                const byte *p;
+                int action;
+
+                /* see whether this signature has the primary UID flag */
+                p = parse_sig_subpkt (sig->hashed,
+                                      SIGSUBPKT_PRIMARY_UID, NULL );
+                if ( !p )
+                    p = parse_sig_subpkt (sig->unhashed,
+                                          SIGSUBPKT_PRIMARY_UID, NULL );
+                if ( p && *p ) /* yes */
+                    action = selected? 0 : -1;
+                else /* no */
+                    action = selected? 1 : 0;
+
+                if (action) {
+                    int rc = update_keysig_packet (&newsig, sig,
+                                               main_pk, uid, 
+                                               sk,
+                                               change_primary_uid_cb,
+                                               action > 0? "x":NULL );
+                    if( rc ) {
+                        log_error ("update_keysig_packet failed: %s\n",
+                                   g10_errstr(rc));
+                        free_secret_key( sk );
+                        return 0;
+                    }
+                    /* replace the packet */
+                    newpkt = m_alloc_clear( sizeof *newpkt );
+                    newpkt->pkttype = PKT_SIGNATURE;
+                    newpkt->pkt.signature = newsig;
+                    free_packet( node->pkt );
+                    m_free( node->pkt );
+                    node->pkt = newpkt;
+                    modified = 1;
+		}
+	      }
+	    }
+	}
+    }
+
+    free_secret_key( sk );
+    return modified;
+}
+
+
+/* 
+ * Set preferences to new values for the selected user IDs
+ */
+static int
+menu_set_preferences (KBNODE pub_keyblock, KBNODE sec_keyblock )
+{
+    PKT_secret_key *sk;    /* copy of the main sk */
+    PKT_public_key *main_pk;
+    PKT_user_id *uid;
+    KBNODE node;
+    u32 keyid[2];
+    int selected, select_all;
+    int modified = 0;
+
+    select_all = !count_selected_uids (pub_keyblock);
+
+    node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
+    sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
+
+    /* Now we can actually change the self signature(s) */
+    main_pk = NULL;
+    uid = NULL;
+    selected = 0;
+    for ( node=pub_keyblock; node; node = node->next ) {
+	if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
+            break; /* ready */
+
+	if ( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
+	    main_pk = node->pkt->pkt.public_key;
+	    keyid_from_pk( main_pk, keyid );
+	}
+	else if ( node->pkt->pkttype == PKT_USER_ID ) {
+	    uid = node->pkt->pkt.user_id;
+       	    selected = select_all || (node->flag & NODFLG_SELUID);
+        }
+	else if ( main_pk && uid && selected
+                  && node->pkt->pkttype == PKT_SIGNATURE ) {
+	    PKT_signature *sig = node->pkt->pkt.signature;
+	    if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
+		 && (uid && (sig->sig_class&~3) == 0x10) ) {
+	      if( sig->version < 4 ) {
+		char *user=utf8_to_native(uid->name,strlen(uid->name),0);
+
+		log_info(_("skipping v3 self-signature on user id \"%s\"\n"),
+			 user);
+		m_free(user);
+	      }
+	      else {
+		/* This is a selfsignature which is to be replaced 
+                 * We have to ignore v3 signatures because they are
+                 * not able to carry the preferences */
+		PKT_signature *newsig;
+		PACKET *newpkt;
+                int rc;
+
+                rc = update_keysig_packet (&newsig, sig,
+                                           main_pk, uid, 
+                                           sk,
+                                           keygen_upd_std_prefs,
+                                           NULL );
+                if( rc ) {
+                    log_error ("update_keysig_packet failed: %s\n",
+                               g10_errstr(rc));
+                    free_secret_key( sk );
+                    return 0;
+                }
+                /* replace the packet */
+                newpkt = m_alloc_clear( sizeof *newpkt );
+                newpkt->pkttype = PKT_SIGNATURE;
+                newpkt->pkt.signature = newsig;
+                free_packet( node->pkt );
+                m_free( node->pkt );
+                node->pkt = newpkt;
+                modified = 1;
+	      }
+            }
+	}
+    }
+    
+    free_secret_key( sk );
+    return modified;
+}
+
 
 /****************
  * Select one user id or remove all selection if index is 0.
@@ -1717,6 +2797,21 @@ count_selected_keys( KBNODE keyblock )
     return count_keys_with_flag( keyblock, NODFLG_SELKEY);
 }
 
+/* returns how many real (i.e. not attribute) uids are unmarked */
+static int
+real_uids_left( KBNODE keyblock )
+{
+  KBNODE node;
+  int real=0;
+
+  for(node=keyblock;node;node=node->next)
+    if(node->pkt->pkttype==PKT_USER_ID && !(node->flag&NODFLG_SELUID) &&
+       !node->pkt->pkt.user_id->attrib_data)
+      real++;
+
+  return real;
+}
+
 /*
  * Ask whether the signature should be revoked.  If the user commits this,
  * flag bit MARK_A is set on the signature and the user ID.
@@ -1724,6 +2819,7 @@ count_selected_keys( KBNODE keyblock )
 static void
 ask_revoke_sig( KBNODE keyblock, KBNODE node )
 {
+    int doit=0;
     PKT_signature *sig = node->pkt->pkt.signature;
     KBNODE unode = find_prev_kbnode( keyblock, node, PKT_USER_ID );
 
@@ -1735,13 +2831,29 @@ ask_revoke_sig( KBNODE keyblock, KBNODE node )
     tty_printf(_("user ID: \""));
     tty_print_utf8_string( unode->pkt->pkt.user_id->name,
 			   unode->pkt->pkt.user_id->len );
-    tty_printf(_("\"\nsigned with your key %08lX at %s\n"),
-		sig->keyid[1], datestr_from_sig(sig) );
 
-    if( cpr_get_answer_is_yes("ask_revoke_sig.one",
-	 _("Create a revocation certificate for this signature? (y/N)")) ) {
-	node->flag |= NODFLG_MARK_A;
-	unode->flag |= NODFLG_MARK_A;
+    if(sig->flags.exportable)
+      tty_printf(_("\"\nsigned with your key %08lX at %s\n"),
+		 (ulong)sig->keyid[1], datestr_from_sig(sig) );
+    else
+      tty_printf(_("\"\nlocally signed with your key %08lX at %s\n"),
+		 (ulong)sig->keyid[1], datestr_from_sig(sig) );
+
+    if(sig->flags.expired)
+      {
+	tty_printf(_("This signature expired on %s.\n"),
+		   expirestr_from_sig(sig));
+	/* Use a different question so we can have different help text */
+	doit=cpr_get_answer_is_yes("ask_revoke_sig.expired",
+			_("Are you sure you still want to revoke it? (y/N) "));
+      }
+    else
+      doit=cpr_get_answer_is_yes("ask_revoke_sig.one",
+	      _("Create a revocation certificate for this signature? (y/N) "));
+
+    if(doit) {
+      node->flag |= NODFLG_MARK_A;
+      unode->flag |= NODFLG_MARK_A;
     }
 }
 
@@ -1758,7 +2870,6 @@ menu_revsig( KBNODE keyblock )
     PKT_public_key *primary_pk;
     KBNODE node;
     int changed = 0;
-    int upd_trust = 0;
     int rc, any;
     struct revocation_reason_info *reason = NULL;
 
@@ -1775,15 +2886,18 @@ menu_revsig( KBNODE keyblock )
 	}
 	else if( node->pkt->pkttype == PKT_SIGNATURE
 		&& ((sig = node->pkt->pkt.signature),
-		     !seckey_available( sig->keyid )  ) ) {
+                     !seckey_available(sig->keyid)  ) ) {
 	    if( (sig->sig_class&~3) == 0x10 ) {
-		tty_printf(_("   signed by %08lX at %s\n"),
-			    sig->keyid[1], datestr_from_sig(sig) );
-		node->flag |= NODFLG_SELSIG;
+		tty_printf(_("   signed by %08lX at %s%s%s\n"),
+			   (ulong)sig->keyid[1], datestr_from_sig(sig),
+			   sig->flags.exportable?"":" (non-exportable)",
+			   sig->flags.revocable?"":" (non-revocable)");
+		if(sig->flags.revocable)
+		  node->flag |= NODFLG_SELSIG;
 	    }
 	    else if( sig->sig_class == 0x30 ) {
 		tty_printf(_("   revoked by %08lX at %s\n"),
-			    sig->keyid[1], datestr_from_sig(sig) );
+			    (ulong)sig->keyid[1], datestr_from_sig(sig) );
 	    }
 	}
     }
@@ -1812,15 +2926,16 @@ menu_revsig( KBNODE keyblock )
 	}
 	else if( node->pkt->pkttype == PKT_SIGNATURE ) {
 	    sig = node->pkt->pkt.signature;
-	    tty_printf(_("   signed by %08lX at %s\n"),
-			    sig->keyid[1], datestr_from_sig(sig) );
+	    tty_printf(_("   signed by %08lX at %s%s\n"),
+ 		       (ulong)sig->keyid[1], datestr_from_sig(sig),
+		       sig->flags.exportable?"":_(" (non-exportable)") );
 	}
     }
     if( !any )
 	return 0; /* none selected */
 
     if( !cpr_get_answer_is_yes("ask_revoke_sig.okay",
-	 _("Really create the revocation certificates? (y/N)")) )
+	 _("Really create the revocation certificates? (y/N) ")) )
 	return 0; /* forget it */
 
     reason = ask_revocation_reason( 0, 1, 0 );
@@ -1845,9 +2960,10 @@ menu_revsig( KBNODE keyblock )
 
 	memset( &attrib, 0, sizeof attrib );
 	attrib.reason = reason;
+	attrib.non_exportable=!node->pkt->pkt.signature->flags.exportable;
 
 	node->flag &= ~NODFLG_MARK_A;
-	sk = gcry_xcalloc_secure( 1, sizeof *sk );
+	sk = m_alloc_secure_clear( sizeof *sk );
 	if( get_seckey( sk, node->pkt->pkt.signature->keyid ) ) {
 	    log_info(_("no secret key\n"));
 	    continue;
@@ -1856,27 +2972,25 @@ menu_revsig( KBNODE keyblock )
 				       unode->pkt->pkt.user_id,
 				       NULL,
 				       sk,
-				       0x30, 0,
+				       0x30, 0, 0, 0, 0,
 				       sign_mk_attrib,
 				       &attrib );
 	free_secret_key(sk);
 	if( rc ) {
-	    log_error(_("signing failed: %s\n"), gpg_errstr(rc));
+	    log_error(_("signing failed: %s\n"), g10_errstr(rc));
 	    release_revocation_reason_info( reason );
 	    return changed;
 	}
 	changed = 1; /* we changed the keyblock */
-	upd_trust = 1;
+	update_trust = 1;
 
-	pkt = gcry_xcalloc( 1, sizeof *pkt );
+	pkt = m_alloc_clear( sizeof *pkt );
 	pkt->pkttype = PKT_SIGNATURE;
 	pkt->pkt.signature = sig;
 	insert_kbnode( unode, new_kbnode(pkt), 0 );
 	goto reloop;
     }
 
-    if( upd_trust )
-	clear_trust_checked_flag( primary_pk );
     release_revocation_reason_info( reason );
     return changed;
 }
@@ -1892,7 +3006,6 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
     PKT_public_key *mainpk;
     KBNODE node;
     int changed = 0;
-    int upd_trust = 0;
     int rc;
     struct revocation_reason_info *reason = NULL;
 
@@ -1918,19 +3031,18 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
 
 	    node->flag &= ~NODFLG_SELKEY;
 	    sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
-	    rc = make_keysig_packet( &sig, mainpk, NULL, subpk, sk, 0x28, 0,
-				       sign_mk_attrib,
-				       &attrib );
+	    rc = make_keysig_packet( &sig, mainpk, NULL, subpk, sk,
+                                     0x28, 0, 0, 0, 0,
+				     sign_mk_attrib, &attrib );
 	    free_secret_key(sk);
 	    if( rc ) {
-		log_error(_("signing failed: %s\n"), gpg_errstr(rc));
+		log_error(_("signing failed: %s\n"), g10_errstr(rc));
 		release_revocation_reason_info( reason );
 		return changed;
 	    }
 	    changed = 1; /* we changed the keyblock */
-	    upd_trust = 1;
 
-	    pkt = gcry_xcalloc( 1, sizeof *pkt );
+	    pkt = m_alloc_clear( sizeof *pkt );
 	    pkt->pkttype = PKT_SIGNATURE;
 	    pkt->pkt.signature = sig;
 	    insert_kbnode( node, new_kbnode(pkt), 0 );
@@ -1940,8 +3052,9 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
     commit_kbnode( &pub_keyblock );
     /*commit_kbnode( &sec_keyblock );*/
 
-    if( upd_trust )
-	clear_trust_checked_flag( mainpk );
+    /* No need to set update_trust here since signing keys no longer
+       are used to certify other keys, so there is no change in trust
+       when revoking/removing them */
 
     release_revocation_reason_info( reason );
     return changed;
@@ -1951,20 +3064,67 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
 static int
 enable_disable_key( KBNODE keyblock, int disable )
 {
-    ulong lid = find_kbnode( keyblock, PKT_PUBLIC_KEY )
-			    ->pkt->pkt.public_key->local_id;
+    PKT_public_key *pk = find_kbnode( keyblock, PKT_PUBLIC_KEY )
+			    ->pkt->pkt.public_key;
     unsigned int trust, newtrust;
 
-    /* Note: Because the keys have beed displayed, we have
-     * ensured that local_id has been set */
-    trust = newtrust = get_ownertrust( lid );
+    trust = newtrust = get_ownertrust (pk);
     newtrust &= ~TRUST_FLAG_DISABLED;
     if( disable )
 	newtrust |= TRUST_FLAG_DISABLED;
     if( trust == newtrust )
 	return 0; /* already in that state */
-    if( !update_ownertrust( lid, newtrust ) )
-	return 1;
+    update_ownertrust(pk, newtrust );
     return 0;
 }
 
+
+static void
+menu_showphoto( KBNODE keyblock )
+{
+  KBNODE node;
+  int select_all = !count_selected_uids(keyblock);
+  int count=0;
+  PKT_public_key *pk=NULL;
+  u32 keyid[2];
+
+  /* Look for the public key first.  We have to be really, really,
+     explicit as to which photo this is, and what key it is a UID on
+     since people may want to sign it. */
+
+  for( node = keyblock; node; node = node->next )
+    {
+      if( node->pkt->pkttype == PKT_PUBLIC_KEY )
+	{
+	  pk = node->pkt->pkt.public_key;
+	  keyid_from_pk(pk, keyid);
+	}
+      else if( node->pkt->pkttype == PKT_USER_ID )
+	{
+	  PKT_user_id *uid = node->pkt->pkt.user_id;
+	  count++;
+
+	  if((select_all || (node->flag & NODFLG_SELUID)) &&
+	     uid->attribs!=NULL)
+	    {
+	      int i;
+
+	      for(i=0;i<uid->numattribs;i++)
+		{
+		  byte type;
+		  u32 size;
+
+		  if(uid->attribs[i].type==ATTRIB_IMAGE &&
+		     parse_image_header(&uid->attribs[i],&type,&size))
+		    {
+		      tty_printf(_("Displaying %s photo ID of size %ld for "
+				   "key 0x%08lX (uid %d)\n"),
+				 image_type_to_string(type,1),
+				 (ulong)size,(ulong)keyid[1],count);
+		      show_photos(&uid->attribs[i],1,pk,NULL);
+		    }
+		}
+	    }
+	}
+    }
+}
diff --git a/g10/keygen.c b/g10/keygen.c
index 1e2accd0c..b8398b88a 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -1,5 +1,5 @@
 /* keygen.c - generate a key pair
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -26,23 +26,31 @@
 #include <errno.h>
 #include <assert.h>
 #include "util.h"
-#include <gcrypt.h>
 #include "main.h"
 #include "packet.h"
+#include "cipher.h"
 #include "ttyio.h"
 #include "options.h"
 #include "keydb.h"
+#include "trustdb.h"
 #include "status.h"
 #include "i18n.h"
 
+#define MAX_PREFS 30 
+
+
 enum para_name {
   pKEYTYPE,
   pKEYLENGTH,
+  pKEYUSAGE,
   pSUBKEYTYPE,
   pSUBKEYLENGTH,
+  pSUBKEYUSAGE,
   pNAMEREAL,
   pNAMEEMAIL,
   pNAMECOMMENT,
+  pPREFERENCES,
+  pREVOKER,
   pUSERID,
   pEXPIREDATE,
   pKEYEXPIRE, /* in n seconds */
@@ -57,10 +65,12 @@ struct para_data_s {
     int lnr;
     enum para_name key;
     union {
-       DEK *dek;
-       STRING2KEY *s2k;
-       u32 expire;
-       char value[1];
+        DEK *dek;
+        STRING2KEY *s2k;
+        u32 expire;
+        unsigned int usage;
+        struct revocation_key revkey;
+        char value[1];
     } u;
 };
 
@@ -83,6 +93,21 @@ struct output_control_s {
 };
 
 
+struct opaque_data_usage_and_pk {
+    unsigned int usage;
+    PKT_public_key *pk;
+};
+
+
+static int prefs_initialized = 0;
+static byte sym_prefs[MAX_PREFS];
+static int nsym_prefs;
+static byte hash_prefs[MAX_PREFS];
+static int nhash_prefs;
+static byte zip_prefs[MAX_PREFS];
+static int nzip_prefs;
+static int mdc_available;
+
 static void do_generate_keypair( struct para_data_s *para,
 				 struct output_control_s *outctrl );
 static int  write_keyblock( IOBUF out, KBNODE node );
@@ -91,16 +116,32 @@ static int  write_keyblock( IOBUF out, KBNODE node );
 static void
 write_uid( KBNODE root, const char *s )
 {
-    PACKET *pkt = gcry_xcalloc( 1,sizeof *pkt );
+    PACKET *pkt = m_alloc_clear(sizeof *pkt );
     size_t n = strlen(s);
 
     pkt->pkttype = PKT_USER_ID;
-    pkt->pkt.user_id = gcry_xcalloc( 1, sizeof *pkt->pkt.user_id + n - 1 );
+    pkt->pkt.user_id = m_alloc_clear( sizeof *pkt->pkt.user_id + n - 1 );
     pkt->pkt.user_id->len = n;
+    pkt->pkt.user_id->ref = 1;
     strcpy(pkt->pkt.user_id->name, s);
     add_kbnode( root, new_kbnode( pkt ) );
 }
 
+static void
+do_add_key_flags (PKT_signature *sig, unsigned int use)
+{
+    byte buf[1];
+
+    if (!use) 
+        return;
+
+    buf[0] = 0;
+    if (use & PUBKEY_USAGE_SIG)
+        buf[0] |= 0x01 | 0x02;
+    if (use & PUBKEY_USAGE_ENC)
+        buf[0] |= 0x04 | 0x08;
+    build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
+}
 
 
 int
@@ -123,34 +164,318 @@ keygen_add_key_expire( PKT_signature *sig, void *opaque )
     return 0;
 }
 
+static int
+keygen_add_key_flags_and_expire (PKT_signature *sig, void *opaque)
+{
+    struct opaque_data_usage_and_pk *oduap = opaque;
+
+    do_add_key_flags (sig, oduap->usage);
+    return keygen_add_key_expire (sig, oduap->pk);
+}
+
+static int
+set_one_pref (ulong val, int type, int (*cf)(int), byte *buf, int *nbuf)
+{
+    int i;
+
+    if (cf (val)) {
+        log_info (_("preference %c%lu is not valid\n"), type, val);
+	if(type=='S' && val==CIPHER_ALGO_IDEA)
+	  idea_cipher_warn(1);
+        return -1;
+    }
+    for (i=0; i < *nbuf; i++ ) {
+        if (buf[i] == val) {
+            log_info (_("preference %c%lu duplicated\n"), type, val);
+            return -1;
+        }
+    }
+    if (*nbuf >= MAX_PREFS) {
+        log_info (_("too many `%c' preferences\n"), type);
+        return -1;
+    }
+    buf[(*nbuf)++] = val;
+    return 0;
+}
+
+
+/*
+ * Parse the supplied string and use it to set the standard preferences.
+ * The String is expected to be in a forma like the one printed by "prefs",
+ * something like:  "S10 S3 H3 H2 Z2 Z1".  Use NULL to set the default
+ * preferences.
+ * Returns: 0 = okay
+ */
+int
+keygen_set_std_prefs (const char *string,int personal)
+{
+    byte sym[MAX_PREFS], hash[MAX_PREFS], zip[MAX_PREFS];
+    int  nsym=0, nhash=0, nzip=0, mdc=1; /* mdc defaults on */
+    ulong val;
+    const char *s, *s2;
+    int rc = 0;
+
+    if (!string || !ascii_strcasecmp (string, "default")) {
+      if (opt.def_preference_list)
+	string=opt.def_preference_list;
+      else if ( !check_cipher_algo(CIPHER_ALGO_IDEA) )
+        string = "S7 S3 S2 S1 H2 H3 Z2 Z1";
+      else
+        string = "S7 S3 S2 H2 H3 Z2 Z1";
+
+      /* If we have it, IDEA goes *after* 3DES so it won't be used
+         unless we're encrypting along with a V3 key.  Ideally, we
+         would only put the S1 preference in if the key was RSA and
+         <=2048 bits, as that is what won't break PGP2, but that is
+         difficult with the current code, and not really worth
+         checking as a non-RSA <=2048 bit key wouldn't be usable by
+         PGP2 anyway -dms */
+    }
+    else if (!ascii_strcasecmp (string, "none"))
+        string = "";
+
+    for (s=string; *s; s = s2) {
+        if ((*s=='s' || *s == 'S') && isdigit(s[1]) ) {
+            val = strtoul (++s, (char**)&s2, 10);
+            if (set_one_pref (val, 'S', check_cipher_algo, sym, &nsym))
+                rc = -1;
+        }
+        else if ((*s=='h' || *s == 'H') && isdigit(s[1]) ) {
+            val = strtoul (++s, (char**)&s2, 10);
+            if (set_one_pref (val, 'H', check_digest_algo, hash, &nhash))
+                rc = -1;
+        }
+        else if ((*s=='z' || *s == 'Z') && isdigit(s[1]) ) {
+            val = strtoul (++s, (char**)&s2, 10);
+            if (set_one_pref (val, 'Z', check_compress_algo, zip, &nzip))
+                rc = -1;
+        }
+	else if (ascii_strcasecmp(s,"mdc")==0) {
+	  mdc=1;
+	  s2=s+3;
+	}
+	else if (ascii_strcasecmp(s,"no-mdc")==0) {
+	  mdc=0;
+	  s2=s+6;
+	}
+        else if (isspace (*s))
+            s2 = s+1;
+        else {
+            log_info (_("invalid character in preference string\n"));
+            return -1;
+        }
+    }
+
+    if (!rc)
+      {
+	if(personal)
+	  {
+	    if(personal==PREFTYPE_SYM)
+	      {
+		m_free(opt.personal_cipher_prefs);
+
+		if(nsym==0)
+		  opt.personal_cipher_prefs=NULL;
+		else
+		  {
+		    int i;
+
+		    opt.personal_cipher_prefs=
+		      m_alloc(sizeof(prefitem_t *)*(nsym+1));
+
+		    for (i=0; i<nsym; i++)
+		      {
+			opt.personal_cipher_prefs[i].type = PREFTYPE_SYM;
+			opt.personal_cipher_prefs[i].value = sym[i];
+		      }
+
+		    opt.personal_cipher_prefs[i].type = PREFTYPE_NONE;
+		    opt.personal_cipher_prefs[i].value = 0;
+		  }
+	      }
+	    else if(personal==PREFTYPE_HASH)
+	      {
+		m_free(opt.personal_digest_prefs);
+
+		if(nhash==0)
+		  opt.personal_digest_prefs=NULL;
+		else
+		  {
+		    int i;
+
+		    opt.personal_digest_prefs=
+		      m_alloc(sizeof(prefitem_t *)*(nhash+1));
+
+		    for (i=0; i<nhash; i++)
+		      {
+			opt.personal_digest_prefs[i].type = PREFTYPE_HASH;
+			opt.personal_digest_prefs[i].value = hash[i];
+		      }
+
+		    opt.personal_digest_prefs[i].type = PREFTYPE_NONE;
+		    opt.personal_digest_prefs[i].value = 0;
+		  }
+	      }
+	    else if(personal==PREFTYPE_ZIP)
+	      {
+		m_free(opt.personal_compress_prefs);
+
+		if(nzip==0)
+		  opt.personal_compress_prefs=NULL;
+		else
+		  {
+		    int i;
+
+		    opt.personal_compress_prefs=
+		      m_alloc(sizeof(prefitem_t *)*(nzip+1));
+
+		    for (i=0; i<nzip; i++)
+		      {
+			opt.personal_compress_prefs[i].type = PREFTYPE_ZIP;
+			opt.personal_compress_prefs[i].value = zip[i];
+		      }
+
+		    opt.personal_compress_prefs[i].type = PREFTYPE_NONE;
+		    opt.personal_compress_prefs[i].value = 0;
+		  }
+	      }
+	  }
+	else
+	  {
+	    memcpy (sym_prefs,  sym,  (nsym_prefs=nsym));
+	    memcpy (hash_prefs, hash, (nhash_prefs=nhash));
+	    memcpy (zip_prefs,  zip,  (nzip_prefs=nzip));
+	    mdc_available = mdc;
+	    prefs_initialized = 1;
+	  }
+      }
+
+    return rc;
+}
+
+
+/* 
+ * Return a printable list of preferences.  Caller must free.
+ */
+char *
+keygen_get_std_prefs ()
+{
+    char *buf;
+    int i;
+
+    if (!prefs_initialized)
+        keygen_set_std_prefs (NULL,0);
+
+    buf = m_alloc ( MAX_PREFS*3*5 + 5 + 1);
+    *buf = 0;
+    for (i=0; i < nsym_prefs; i++ )
+        sprintf (buf+strlen(buf), "S%d ", sym_prefs[i]);
+    for (i=0; i < nhash_prefs; i++ )
+        sprintf (buf+strlen(buf), "H%d ", hash_prefs[i]);
+    for (i=0; i < nzip_prefs; i++ )
+        sprintf (buf+strlen(buf), "Z%d ", zip_prefs[i]);
+
+    if(mdc_available)
+      sprintf(buf+strlen(buf),"[mdc]");
+    else if (*buf) /* trim the trailing space */
+      buf[strlen(buf)-1] = 0;
+
+    return buf;
+}
+
+
+static void
+add_feature_mdc (PKT_signature *sig,int enabled)
+{
+    const byte *s;
+    size_t n;
+    int i;
+    char *buf;
+
+    s = parse_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES, &n );
+    /* Already set or cleared */
+    if (s && n &&
+	((enabled && (s[0] & 0x01)) || (!enabled && !(s[0] & 0x01))))
+      return;
+
+    if (!s || !n) { /* create a new one */
+        n = 1;
+        buf = m_alloc_clear (n);
+    }
+    else {
+        buf = m_alloc (n);
+        memcpy (buf, s, n);
+    }
+
+    if(enabled)
+      buf[0] |= 0x01; /* MDC feature */
+    else
+      buf[0] &= ~0x01;
+
+    /* Are there any bits set? */
+    for(i=0;i<n;i++)
+      if(buf[i]!=0)
+	break;
+
+    if(i==n)
+      delete_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES);
+    else
+      build_sig_subpkt (sig, SIGSUBPKT_FEATURES, buf, n);
+
+    m_free (buf);
+}
+
+int
+keygen_upd_std_prefs( PKT_signature *sig, void *opaque )
+{
+    if (!prefs_initialized)
+        keygen_set_std_prefs (NULL, 0);
+
+    if (nsym_prefs) 
+        build_sig_subpkt (sig, SIGSUBPKT_PREF_SYM, sym_prefs, nsym_prefs);
+    else
+      {
+        delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_SYM);
+        delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_SYM);
+      }
+
+    if (nhash_prefs)
+        build_sig_subpkt (sig, SIGSUBPKT_PREF_HASH, hash_prefs, nhash_prefs);
+    else
+      {
+	delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_HASH);
+	delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_HASH);
+      }
+
+    if (nzip_prefs)
+        build_sig_subpkt (sig, SIGSUBPKT_PREF_COMPR, zip_prefs, nzip_prefs);
+    else
+      {
+        delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_COMPR);
+        delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_COMPR);
+      }
+
+    /* Make sure that the MDC feature flag is set if needed */
+    add_feature_mdc (sig,mdc_available);
+
+    return 0;
+}
+
 
 /****************
  * Add preference to the self signature packet.
  * This is only called for packets with version > 3.
+
  */
 int
 keygen_add_std_prefs( PKT_signature *sig, void *opaque )
 {
+    PKT_public_key *pk = opaque;
     byte buf[8];
 
+    do_add_key_flags (sig, pk->pubkey_usage);
     keygen_add_key_expire( sig, opaque );
-
-    buf[0] = GCRY_CIPHER_RIJNDAEL;
-    buf[1] = GCRY_CIPHER_TWOFISH;
-    buf[2] = GCRY_CIPHER_CAST5;
-    buf[3] = GCRY_CIPHER_BLOWFISH;
-    build_sig_subpkt( sig, SIGSUBPKT_PREF_SYM, buf, 4 );
-
-    buf[0] = GCRY_MD_RMD160;
-    buf[1] = GCRY_MD_SHA1;
-    build_sig_subpkt( sig, SIGSUBPKT_PREF_HASH, buf, 2 );
-
-    buf[0] = 2;
-    buf[1] = 1;
-    build_sig_subpkt( sig, SIGSUBPKT_PREF_COMPR, buf, 2 );
-
-    buf[0] = 1; /* supports MDC packets (15 + 16) */
-    build_sig_subpkt( sig, SIGSUBPKT_FEATURES, buf, 1 );
+    keygen_upd_std_prefs (sig, opaque);
 
     buf[0] = 0x80; /* no modify - It is reasonable that a key holder
 		    * has the possibility to reject signatures from users
@@ -163,10 +488,69 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
     return 0;
 }
 
+int
+keygen_add_revkey(PKT_signature *sig, void *opaque)
+{
+  struct revocation_key *revkey=opaque;
+  byte buf[2+MAX_FINGERPRINT_LEN];
+
+  buf[0]=revkey->class;
+  buf[1]=revkey->algid;
+  memcpy(&buf[2],revkey->fpr,MAX_FINGERPRINT_LEN);
+
+  build_sig_subpkt(sig,SIGSUBPKT_REV_KEY,buf,2+MAX_FINGERPRINT_LEN);
 
+  /* All sigs with revocation keys set are nonrevocable */
+  sig->flags.revocable=0;
+  buf[0] = 0;
+  build_sig_subpkt( sig, SIGSUBPKT_REVOCABLE, buf, 1 );
+
+  parse_revkeys(sig);
+
+  return 0;
+}
 
 static int
-write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
+write_direct_sig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
+		  struct revocation_key *revkey )
+{
+    PACKET *pkt;
+    PKT_signature *sig;
+    int rc=0;
+    KBNODE node;
+    PKT_public_key *pk;
+
+    if( opt.verbose )
+	log_info(_("writing direct signature\n"));
+
+    /* get the pk packet from the pub_tree */
+    node = find_kbnode( pub_root, PKT_PUBLIC_KEY );
+    if( !node )
+	BUG();
+    pk = node->pkt->pkt.public_key;
+
+    /* we have to cache the key, so that the verification of the signature
+     * creation is able to retrieve the public key */
+    cache_public_key (pk);
+
+    /* and make the signature */
+    rc = make_keysig_packet(&sig,pk,NULL,NULL,sk,0x1F,0,0,0,0,
+			    keygen_add_revkey,revkey);
+    if( rc ) {
+	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
+	return rc;
+    }
+
+    pkt = m_alloc_clear( sizeof *pkt );
+    pkt->pkttype = PKT_SIGNATURE;
+    pkt->pkt.signature = sig;
+    add_kbnode( root, new_kbnode( pkt ) );
+    return rc;
+}
+
+static int
+write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
+               unsigned int use )
 {
     PACKET *pkt;
     PKT_signature *sig;
@@ -188,16 +572,20 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
     if( !node )
 	BUG();
     pk = node->pkt->pkt.public_key;
+    pk->pubkey_usage = use;
+    /* we have to cache the key, so that the verification of the signature
+     * creation is able to retrieve the public key */
+    cache_public_key (pk);
 
     /* and make the signature */
-    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0,
-			     keygen_add_std_prefs, pk );
+    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
+        		     keygen_add_std_prefs, pk );
     if( rc ) {
-	log_error("make_keysig_packet failed: %s\n", gpg_errstr(rc) );
+	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
 	return rc;
     }
 
-    pkt = gcry_xcalloc( 1, sizeof *pkt );
+    pkt = m_alloc_clear( sizeof *pkt );
     pkt->pkttype = PKT_SIGNATURE;
     pkt->pkt.signature = sig;
     add_kbnode( root, new_kbnode( pkt ) );
@@ -205,13 +593,15 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
 }
 
 static int
-write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
+write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
+                  unsigned int use )
 {
     PACKET *pkt;
     PKT_signature *sig;
     int rc=0;
     KBNODE node;
     PKT_public_key *pk, *subpk;
+    struct opaque_data_usage_and_pk oduap;
 
     if( opt.verbose )
 	log_info(_("writing key binding signature\n"));
@@ -221,6 +611,10 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
     if( !node )
 	BUG();
     pk = node->pkt->pkt.public_key;
+    /* we have to cache the key, so that the verification of the signature
+     * creation is able to retrieve the public key */
+    cache_public_key (pk);
+ 
     /* find the last subkey */
     subpk = NULL;
     for(node=pub_root; node; node = node->next ) {
@@ -231,14 +625,16 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
 	BUG();
 
     /* and make the signature */
-    rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0,
-				    keygen_add_key_expire, subpk );
+    oduap.usage = use;
+    oduap.pk = subpk;
+    rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0, 0, 0, 0,
+        		     keygen_add_key_flags_and_expire, &oduap );
     if( rc ) {
-	log_error("make_keysig_packet failed: %s\n", gpg_errstr(rc) );
+	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
 	return rc;
     }
 
-    pkt = gcry_xcalloc( 1, sizeof *pkt );
+    pkt = m_alloc_clear( sizeof *pkt );
     pkt->pkttype = PKT_SIGNATURE;
     pkt->pkt.signature = sig;
     add_kbnode( root, new_kbnode( pkt ) );
@@ -246,63 +642,17 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
 }
 
 
-
-static int
-key_from_sexp( GCRY_MPI *array,
-	       GCRY_SEXP sexp, const char *topname, const char *elems )
-{
-    GCRY_SEXP list, l2;
-    const char *s;
-    int i, idx;
-
-    list = gcry_sexp_find_token( sexp, topname, 0 );
-    if( !list )
-	return GCRYERR_INV_OBJ;
-    l2 = gcry_sexp_cadr( list );
-    gcry_sexp_release ( list );
-    list = l2;
-    if( !list )
-	return GCRYERR_NO_OBJ;
-
-    idx = 0;
-    for(s=elems; *s; s++, idx++ ) {
-	l2 = gcry_sexp_find_token( list, s, 1 );
-	if( !l2 ) {
-	    for(i=0; i<idx; i++) {
-		gcry_free( array[i] );
-		array[i] = NULL;
-	    }
-	    gcry_sexp_release ( list );
-	    return GCRYERR_NO_OBJ; /* required parameter not found */
-	}
-	array[idx] = gcry_sexp_nth_mpi( l2, 1, GCRYMPI_FMT_USG );
-	gcry_sexp_release ( l2 );
-	if( !array[idx] ) {
-	    for(i=0; i<idx; i++) {
-		gcry_free( array[i] );
-		array[i] = NULL;
-	    }
-	    gcry_sexp_release ( list );
-	    return GCRYERR_INV_OBJ; /* required parameter is invalid */
-	}
-    }
-    gcry_sexp_release ( list );
-
-    return 0;
-}
-
-
-
 static int
 gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval )
 {
     int rc;
+    int i;
     PACKET *pkt;
     PKT_secret_key *sk;
     PKT_public_key *pk;
-    GCRY_SEXP misc_key_info;
-    GCRY_SEXP s_parms, s_key;
+    MPI skey[4];
+    MPI *factors;
 
     assert( is_ELGAMAL(algo) );
 
@@ -316,46 +666,31 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	log_info(_("keysize rounded up to %u bits\n"), nbits );
     }
 
-    if ( gcry_sexp_build ( &s_parms, NULL,
-			   "(genkey(%s(nbits %d)))",
-			   algo == GCRY_PK_ELG_E ? "openpgp-elg" :
-			   algo == GCRY_PK_ELG	 ? "elg" : "x-oops" ,
-			   (int)nbits ) )
-	BUG ();
-    rc = gcry_pk_genkey( &s_key, s_parms );
-    gcry_sexp_release( s_parms );
+    rc = pubkey_generate( algo, nbits, skey, &factors );
     if( rc ) {
-	log_error("pk_genkey failed: %s\n", gpg_errstr(rc) );
+	log_error("pubkey_generate failed: %s\n", g10_errstr(rc) );
 	return rc;
     }
 
-
-    sk = gcry_xcalloc( 1, sizeof *sk );
-    pk = gcry_xcalloc( 1, sizeof *pk );
+    sk = m_alloc_clear( sizeof *sk );
+    pk = m_alloc_clear( sizeof *pk );
     sk->timestamp = pk->timestamp = make_timestamp();
     sk->version = pk->version = 4;
     if( expireval ) {
 	sk->expiredate = pk->expiredate = sk->timestamp + expireval;
     }
     sk->pubkey_algo = pk->pubkey_algo = algo;
-
-    rc = key_from_sexp( pk->pkey, s_key, "public-key", "pgy" );
-    if( rc ) {
-	log_error("key_from_sexp failed: rc=%d\n", rc );
-	return rc;
-    }
-    rc = key_from_sexp( sk->skey, s_key, "private-key", "pgyx" );
-    if( rc ) {
-	log_error("key_from_sexp failed: rc=%d\n", rc );
-	return rc;
-    }
-    misc_key_info = gcry_sexp_find_token( s_key, "misc-key-info", 0 );
-    gcry_sexp_release ( s_key );
-
+		       pk->pkey[0] = mpi_copy( skey[0] );
+		       pk->pkey[1] = mpi_copy( skey[1] );
+		       pk->pkey[2] = mpi_copy( skey[2] );
+    sk->skey[0] = skey[0];
+    sk->skey[1] = skey[1];
+    sk->skey[2] = skey[2];
+    sk->skey[3] = skey[3];
     sk->is_protected = 0;
     sk->protect.algo = 0;
 
-    sk->csum = checksum_mpi( sk->skey[3] );
+    sk->csum = checksum_mpi_counted_nbits( sk->skey[3] );
     if( ret_sk ) /* not a subkey: return an unprotected version of the sk */
 	*ret_sk = copy_secret_key( NULL, sk );
 
@@ -364,39 +699,27 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	sk->protect.s2k = *s2k;
 	rc = protect_secret_key( sk, dek );
 	if( rc ) {
-	    log_error("protect_secret_key failed: %s\n", gpg_errstr(rc) );
+	    log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
 	    free_public_key(pk);
 	    free_secret_key(sk);
 	    return rc;
 	}
     }
 
-    pkt = gcry_xcalloc( 1,sizeof *pkt);
+    pkt = m_alloc_clear(sizeof *pkt);
     pkt->pkttype = ret_sk ? PKT_PUBLIC_KEY : PKT_PUBLIC_SUBKEY;
     pkt->pkt.public_key = pk;
     add_kbnode(pub_root, new_kbnode( pkt ));
 
     /* don't know whether it makes sense to have the factors, so for now
      * we store them in the secret keyring (but they are not secret) */
-    pkt = gcry_xcalloc( 1,sizeof *pkt);
+    pkt = m_alloc_clear(sizeof *pkt);
     pkt->pkttype = ret_sk ? PKT_SECRET_KEY : PKT_SECRET_SUBKEY;
     pkt->pkt.secret_key = sk;
     add_kbnode(sec_root, new_kbnode( pkt ));
-    if ( misc_key_info ) {
-	size_t n;
-	char *buf;
-
-	n = gcry_sexp_sprint ( misc_key_info, 0, NULL, 0 );
-	buf = gcry_xmalloc ( n+4 );
-	strcpy ( buf, "#::" );
-	n = gcry_sexp_sprint ( misc_key_info, 0, buf+3, n );
-	if ( n ) {
-	    n += 3;
-	    add_kbnode( sec_root, make_comment_node_from_buffer( buf, n ));
-	}
-	gcry_free ( buf );
-	gcry_sexp_release (misc_key_info);
-    }
+    for(i=0; factors[i]; i++ )
+	add_kbnode( sec_root,
+		    make_mpi_comment_node("#:ELG_factor:", factors[i] ));
 
     return 0;
 }
@@ -410,11 +733,12 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	    STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval )
 {
     int rc;
+    int i;
     PACKET *pkt;
     PKT_secret_key *sk;
     PKT_public_key *pk;
-    GCRY_SEXP misc_key_info;
-    GCRY_SEXP s_parms, s_key;
+    MPI skey[5];
+    MPI *factors;
 
     if( nbits > 1024 || nbits < 512 ) {
 	nbits = 1024;
@@ -426,44 +750,33 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	log_info(_("keysize rounded up to %u bits\n"), nbits );
     }
 
-    if ( gcry_sexp_build ( &s_parms, NULL,
-			  "(genkey(dsa(nbits %d)))", (int)nbits ) )
-	BUG ();
-
-    rc = gcry_pk_genkey( &s_key, s_parms );
-    gcry_sexp_release( s_parms );
+    rc = pubkey_generate( PUBKEY_ALGO_DSA, nbits, skey, &factors );
     if( rc ) {
-	log_error("pk_genkey failed: %s\n", gpg_errstr(rc) );
+	log_error("pubkey_generate failed: %s\n", g10_errstr(rc) );
 	return rc;
     }
 
-
-    sk = gcry_xcalloc( 1, sizeof *sk );
-    pk = gcry_xcalloc( 1, sizeof *pk );
+    sk = m_alloc_clear( sizeof *sk );
+    pk = m_alloc_clear( sizeof *pk );
     sk->timestamp = pk->timestamp = make_timestamp();
     sk->version = pk->version = 4;
     if( expireval ) {
 	sk->expiredate = pk->expiredate = sk->timestamp + expireval;
     }
-    sk->pubkey_algo = pk->pubkey_algo = GCRY_PK_DSA;
-
-    rc = key_from_sexp( pk->pkey, s_key, "public-key", "pqgy" );
-    if( rc ) {
-	log_error("key_from_sexp failed: rc=%d\n", rc );
-	return rc;
-    }
-    rc = key_from_sexp( sk->skey, s_key, "private-key", "pqgyx" );
-    if( rc ) {
-	log_error("key_from_sexp failed: rc=%d\n", rc );
-	return rc;
-    }
-    misc_key_info = gcry_sexp_find_token( s_key, "misc-key-info", 0 );
-    gcry_sexp_release ( s_key );
-
+    sk->pubkey_algo = pk->pubkey_algo = PUBKEY_ALGO_DSA;
+		       pk->pkey[0] = mpi_copy( skey[0] );
+		       pk->pkey[1] = mpi_copy( skey[1] );
+		       pk->pkey[2] = mpi_copy( skey[2] );
+		       pk->pkey[3] = mpi_copy( skey[3] );
+    sk->skey[0] = skey[0];
+    sk->skey[1] = skey[1];
+    sk->skey[2] = skey[2];
+    sk->skey[3] = skey[3];
+    sk->skey[4] = skey[4];
     sk->is_protected = 0;
     sk->protect.algo = 0;
 
-    sk->csum = checksum_mpi( sk->skey[4] );
+    sk->csum = checksum_mpi_counted_nbits( sk->skey[4] );
     if( ret_sk ) /* not a subkey: return an unprotected version of the sk */
 	*ret_sk = copy_secret_key( NULL, sk );
 
@@ -472,47 +785,39 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	sk->protect.s2k = *s2k;
 	rc = protect_secret_key( sk, dek );
 	if( rc ) {
-	    log_error("protect_secret_key failed: %s\n", gpg_errstr(rc) );
+	    log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
 	    free_public_key(pk);
 	    free_secret_key(sk);
-	    gcry_sexp_release (misc_key_info);
 	    return rc;
 	}
     }
 
-    pkt = gcry_xcalloc( 1,sizeof *pkt);
+    pkt = m_alloc_clear(sizeof *pkt);
     pkt->pkttype = ret_sk ? PKT_PUBLIC_KEY : PKT_PUBLIC_SUBKEY;
     pkt->pkt.public_key = pk;
     add_kbnode(pub_root, new_kbnode( pkt ));
 
     /* don't know whether it makes sense to have the factors, so for now
      * we store them in the secret keyring (but they are not secret)
+     * p = 2 * q * f1 * f2 * ... * fn
+     * We store only f1 to f_n-1;  fn can be calculated because p and q
+     * are known.
      */
-    pkt = gcry_xcalloc( 1,sizeof *pkt);
+    pkt = m_alloc_clear(sizeof *pkt);
     pkt->pkttype = ret_sk ? PKT_SECRET_KEY : PKT_SECRET_SUBKEY;
     pkt->pkt.secret_key = sk;
     add_kbnode(sec_root, new_kbnode( pkt ));
-    if ( misc_key_info ) {
-	size_t n;
-	char *buf;
-
-	n = gcry_sexp_sprint ( misc_key_info, 0, NULL, 0 );
-	buf = gcry_xmalloc ( n+4 );
-	strcpy ( buf, "#::" );
-	n = gcry_sexp_sprint ( misc_key_info, 0, buf+3, n );
-	if ( n ) {
-	    n += 3;
-	    add_kbnode( sec_root, make_comment_node_from_buffer( buf, n ));
-	}
-	gcry_free ( buf );
-	gcry_sexp_release (misc_key_info);
-    }
-    /* fixme: Merge this with the elg-generate function and release
-     * some more stuff (memory-leak) */
+    for(i=1; factors[i]; i++ )	/* the first one is q */
+	add_kbnode( sec_root,
+		    make_mpi_comment_node("#:DSA_factor:", factors[i] ));
+
     return 0;
 }
 
-#if 0
+
+/* 
+ * Generate an RSA key.
+ */
 static int
 gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval )
@@ -521,7 +826,7 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
     PACKET *pkt;
     PKT_secret_key *sk;
     PKT_public_key *pk;
-    MPI skey[4];
+    MPI skey[6];
     MPI *factors;
 
     assert( is_RSA(algo) );
@@ -538,12 +843,12 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 
     rc = pubkey_generate( algo, nbits, skey, &factors );
     if( rc ) {
-	log_error("pubkey_generate failed: %s\n", gpg_errstr(rc) );
+	log_error("pubkey_generate failed: %s\n", g10_errstr(rc) );
 	return rc;
     }
 
-    sk = gcry_xcalloc( 1, sizeof *sk );
-    pk = gcry_xcalloc( 1, sizeof *pk );
+    sk = m_alloc_clear( sizeof *sk );
+    pk = m_alloc_clear( sizeof *pk );
     sk->timestamp = pk->timestamp = make_timestamp();
     sk->version = pk->version = 4;
     if( expireval ) {
@@ -573,26 +878,25 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	sk->protect.s2k = *s2k;
 	rc = protect_secret_key( sk, dek );
 	if( rc ) {
-	    log_error("protect_secret_key failed: %s\n", gpg_errstr(rc) );
+	    log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
 	    free_public_key(pk);
 	    free_secret_key(sk);
 	    return rc;
 	}
     }
 
-    pkt = gcry_xcalloc( 1,sizeof *pkt);
+    pkt = m_alloc_clear(sizeof *pkt);
     pkt->pkttype = ret_sk ? PKT_PUBLIC_KEY : PKT_PUBLIC_SUBKEY;
     pkt->pkt.public_key = pk;
     add_kbnode(pub_root, new_kbnode( pkt ));
 
-    pkt = gcry_xcalloc( 1,sizeof *pkt);
+    pkt = m_alloc_clear(sizeof *pkt);
     pkt->pkttype = ret_sk ? PKT_SECRET_KEY : PKT_SECRET_SUBKEY;
     pkt->pkt.secret_key = sk;
     add_kbnode(sec_root, new_kbnode( pkt ));
 
     return 0;
 }
-#endif
 
 
 /****************
@@ -625,55 +929,69 @@ check_valid_days( const char *s )
 
 /****************
  * Returns: 0 to create both a DSA and a ElGamal key.
+ *          and only if key flags are to be written the desired usage.
  */
 static int
-ask_algo( int addmode )
+ask_algo (int addmode, unsigned int *r_usage)
 {
     char *answer;
     int algo;
 
+    *r_usage = 0;
     tty_printf(_("Please select what kind of key you want:\n"));
     if( !addmode )
 	tty_printf(_("   (%d) DSA and ElGamal (default)\n"), 1 );
     tty_printf(    _("   (%d) DSA (sign only)\n"), 2 );
     if( addmode )
 	tty_printf(    _("   (%d) ElGamal (encrypt only)\n"), 3 );
-    tty_printf(    _("   (%d) ElGamal (sign and encrypt)\n"), 4 );
-  #if 0
-    tty_printf(    _("   (%d) RSA (sign and encrypt)\n"), 5 );
-  #endif
+    if (opt.expert)
+        tty_printf(    _("   (%d) ElGamal (sign and encrypt)\n"), 4 );
+    tty_printf(    _("   (%d) RSA (sign only)\n"), 5 );
+    if (addmode)
+        tty_printf(    _("   (%d) RSA (encrypt only)\n"), 6 );
+    if (opt.expert)
+      tty_printf(    _("   (%d) RSA (sign and encrypt)\n"), 7 );
 
     for(;;) {
 	answer = cpr_get("keygen.algo",_("Your selection? "));
 	cpr_kill_prompt();
 	algo = *answer? atoi(answer): 1;
-	gcry_free(answer);
+	m_free(answer);
 	if( algo == 1 && !addmode ) {
 	    algo = 0;	/* create both keys */
 	    break;
 	}
-      #if 0
+	else if( algo == 7 && opt.expert ) {
+	    if (cpr_get_answer_is_yes ("keygen.algo.rsa_se",_(
+		"The use of this algorithm is deprecated - create anyway? "))){
+              algo = PUBKEY_ALGO_RSA;
+              *r_usage = PUBKEY_USAGE_ENC | PUBKEY_USAGE_SIG;
+              break;
+            }
+	}
+	else if( algo == 6 && addmode ) {
+	    algo = PUBKEY_ALGO_RSA;
+            *r_usage = PUBKEY_USAGE_ENC;
+	    break;
+	}
 	else if( algo == 5 ) {
-	    if( cpr_get_answer_is_yes("keygen.algo.rsa_se",_(
-		"Do you really want to create a sign and encrypt key? "))) {
-		algo = GCRY_PK_RSA;
-		break;
-	    }
+	    algo = PUBKEY_ALGO_RSA;
+            *r_usage = PUBKEY_USAGE_SIG;
+	    break;
 	}
-      #endif
-	else if( algo == 4 ) {
+	else if( algo == 4 && opt.expert) {
 	    if( cpr_get_answer_is_yes("keygen.algo.elg_se",_(
-		"Do you really want to create a sign and encrypt key? "))) {
-		algo = GCRY_PK_ELG;
+		"The use of this algorithm is deprecated - create anyway? "))){
+		algo = PUBKEY_ALGO_ELGAMAL;
 		break;
 	    }
 	}
 	else if( algo == 3 && addmode ) {
-	    algo = GCRY_PK_ELG_E;
+	    algo = PUBKEY_ALGO_ELGAMAL_E;
 	    break;
 	}
 	else if( algo == 2 ) {
-	    algo = GCRY_PK_DSA;
+	    algo = PUBKEY_ALGO_DSA;
 	    break;
 	}
 	else
@@ -689,24 +1007,28 @@ ask_keysize( int algo )
     char *answer;
     unsigned nbits;
 
-    tty_printf(_("About to generate a new %s keypair.\n"
-		 "              minimum keysize is  768 bits\n"
-		 "              default keysize is 1024 bits\n"
-		 "    highest suggested keysize is 2048 bits\n"),
-					gcry_pk_algo_name(algo) );
+    if (algo != PUBKEY_ALGO_DSA && algo != PUBKEY_ALGO_RSA) {
+        tty_printf (_("About to generate a new %s keypair.\n"
+                      "              minimum keysize is  768 bits\n"
+                      "              default keysize is 1024 bits\n"
+                      "    highest suggested keysize is 2048 bits\n"),
+                    pubkey_algo_to_string(algo) );
+    }
+
     for(;;) {
 	answer = cpr_get("keygen.size",
 			  _("What keysize do you want? (1024) "));
 	cpr_kill_prompt();
 	nbits = *answer? atoi(answer): 1024;
-	gcry_free(answer);
-	if( algo == GCRY_PK_DSA && (nbits < 512 || nbits > 1024) )
+	m_free(answer);
+	if( algo == PUBKEY_ALGO_DSA && (nbits < 512 || nbits > 1024) )
 	    tty_printf(_("DSA only allows keysizes from 512 to 1024\n"));
-	else if( nbits < 768 )
-	    tty_printf(_("keysize too small; 768 is smallest value allowed.\n"));
-	else if( algo == GCRY_PK_RSA && nbits < 1024 )
+	else if( algo == PUBKEY_ALGO_RSA && nbits < 1024 )
 	    tty_printf(_("keysize too small;"
 			 " 1024 is smallest value allowed for RSA.\n"));
+	else if( nbits < 768 )
+	    tty_printf(_("keysize too small;"
+			 " 768 is smallest value allowed.\n"));
 	else if( nbits > 4096 ) {
 	    /* It is ridiculous and an annoyance to use larger key sizes!
 	     * GnuPG can handle much larger sizes; but it takes an eternity
@@ -731,16 +1053,11 @@ ask_keysize( int algo )
 		break;
 	    }
 	}
-	else if( nbits > 1536 && !cpr_enabled() && algo != GCRY_PK_RSA ) {
-	    if( cpr_get_answer_is_yes("keygen.size.large.okay",_(
-		    "Do you really need such a large keysize? ")) )
-		break;
-	}
 	else
 	    break;
     }
     tty_printf(_("Requested keysize is %u bits\n"), nbits );
-    if( algo == GCRY_PK_DSA && (nbits % 64) ) {
+    if( algo == PUBKEY_ALGO_DSA && (nbits % 64) ) {
 	nbits = ((nbits + 63) / 64) * 64;
 	tty_printf(_("rounded up to %u bits\n"), nbits );
     }
@@ -786,20 +1103,38 @@ parse_expire_string( const char *string )
     return valid_days;
 }
 
-
-static u32
-ask_expire_interval(void)
+/* object == 0 for a key, and 1 for a sig */
+u32
+ask_expire_interval(int object)
 {
     char *answer;
     int valid_days=0;
     u32 interval = 0;
 
-    tty_printf(_("Please specify how long the key should be valid.\n"
-		 "         0 = key does not expire\n"
-		 "      <n>  = key expires in n days\n"
-		 "      <n>w = key expires in n weeks\n"
-		 "      <n>m = key expires in n months\n"
-		 "      <n>y = key expires in n years\n"));
+    switch(object)
+      {
+      case 0:
+	tty_printf(_("Please specify how long the key should be valid.\n"
+		     "         0 = key does not expire\n"
+		     "      <n>  = key expires in n days\n"
+		     "      <n>w = key expires in n weeks\n"
+		     "      <n>m = key expires in n months\n"
+		     "      <n>y = key expires in n years\n"));
+	break;
+
+      case 1:
+	tty_printf(_("Please specify how long the signature should be valid.\n"
+		     "         0 = signature does not expire\n"
+		     "      <n>  = signature expires in n days\n"
+		     "      <n>w = signature expires in n weeks\n"
+		     "      <n>m = signature expires in n months\n"
+		     "      <n>y = signature expires in n years\n"));
+	break;
+
+      default:
+	BUG();
+      }
+
     /* Note: The elgamal subkey for DSA has no expiration date because
      * it must be signed with the DSA key and this one has the expiration
      * date */
@@ -808,8 +1143,11 @@ ask_expire_interval(void)
     for(;;) {
 	u32 curtime=make_timestamp();
 
-	gcry_free(answer);
-	answer = cpr_get("keygen.valid",_("Key is valid for? (0) "));
+	m_free(answer);
+	if(object==0)
+	  answer = cpr_get("keygen.valid",_("Key is valid for? (0) "));
+	else
+	  answer = cpr_get("siggen.valid",_("Signature is valid for? (0) "));
 	cpr_kill_prompt();
 	trim_spaces(answer);
 	valid_days = parse_expire_string( answer );
@@ -819,14 +1157,18 @@ ask_expire_interval(void)
 	}
 
 	if( !valid_days ) {
-	    tty_printf(_("Key does not expire at all\n"));
+	    tty_printf(_("%s does not expire at all\n"),
+		       object==0?"Key":"Signature");
 	    interval = 0;
 	}
 	else {
 	    interval = valid_days * 86400L;
 	    /* print the date when the key expires */
-	    tty_printf(_("Key expires at %s\n"),
+	    tty_printf(_("%s expires at %s\n"),
+		        object==0?"Key":"Signature",
 			asctimestamp((ulong)(curtime + interval) ) );
+            /* FIXME: This check yields warning on alhas:
+               write a configure check and to this check here only for 32 bit machines */
 	    if( (time_t)((ulong)(curtime+interval)) < 0 )
 		tty_printf(_("Your system can't display dates beyond 2038.\n"
 		    "However, it will be correctly handled up to 2106.\n"));
@@ -836,14 +1178,14 @@ ask_expire_interval(void)
 					    _("Is this correct (y/n)? ")) )
 	    break;
     }
-    gcry_free(answer);
+    m_free(answer);
     return interval;
 }
 
 u32
 ask_expiredate()
 {
-    u32 x = ask_expire_interval();
+    u32 x = ask_expire_interval(0);
     return x? make_timestamp() + x : 0;
 }
 
@@ -887,7 +1229,7 @@ ask_user_id( int mode )
 
 	if( !aname ) {
 	    for(;;) {
-		gcry_free(aname);
+		m_free(aname);
 		aname = cpr_get("keygen.name",_("Real name: "));
 		trim_spaces(aname);
 		cpr_kill_prompt();
@@ -907,7 +1249,7 @@ ask_user_id( int mode )
 	}
 	if( !amail ) {
 	    for(;;) {
-		gcry_free(amail);
+		m_free(amail);
 		amail = cpr_get("keygen.email",_("Email address: "));
 		trim_spaces(amail);
 		cpr_kill_prompt();
@@ -926,7 +1268,7 @@ ask_user_id( int mode )
 	}
 	if( !acomment ) {
 	    for(;;) {
-		gcry_free(acomment);
+		m_free(acomment);
 		acomment = cpr_get("keygen.comment",_("Comment: "));
 		trim_spaces(acomment);
 		cpr_kill_prompt();
@@ -940,8 +1282,8 @@ ask_user_id( int mode )
 	}
 
 
-	gcry_free(uid);
-	uid = p = gcry_xmalloc(strlen(aname)+strlen(amail)+strlen(acomment)+12+10);
+	m_free(uid);
+	uid = p = m_alloc(strlen(aname)+strlen(amail)+strlen(acomment)+12+10);
 	p = stpcpy(p, aname );
 	if( *acomment )
 	    p = stpcpy(stpcpy(stpcpy(p," ("), acomment),")");
@@ -950,10 +1292,8 @@ ask_user_id( int mode )
 
 	/* append a warning if we do not have dev/random
 	 * or it is switched into  quick testmode */
-      #if 0
 	if( quick_random_gen(-1) )
 	    strcpy(p, " (INSECURE!)" );
-      #endif
 
 	/* print a note in case that UTF8 mapping has to be done */
 	for(p=uid; *p; p++ ) {
@@ -973,12 +1313,12 @@ ask_user_id( int mode )
 	}
 
 	for(;;) {
-	    char *ansstr = _("NnCcEeOoQq");
+	    const char *ansstr = _("NnCcEeOoQq");
 
 	    if( strlen(ansstr) != 10 )
 		BUG();
 	    if( cpr_enabled() ) {
-		answer = gcry_xstrdup(ansstr+6);
+		answer = m_strdup(ansstr+6);
 		answer[1] = 0;
 	    }
 	    else {
@@ -990,15 +1330,15 @@ ask_user_id( int mode )
 	    if( strlen(answer) > 1 )
 		;
 	    else if( *answer == ansstr[0] || *answer == ansstr[1] ) {
-		gcry_free(aname); aname = NULL;
+		m_free(aname); aname = NULL;
 		break;
 	    }
 	    else if( *answer == ansstr[2] || *answer == ansstr[3] ) {
-		gcry_free(acomment); acomment = NULL;
+		m_free(acomment); acomment = NULL;
 		break;
 	    }
 	    else if( *answer == ansstr[4] || *answer == ansstr[5] ) {
-		gcry_free(amail); amail = NULL;
+		m_free(amail); amail = NULL;
 		break;
 	    }
 	    else if( *answer == ansstr[6] || *answer == ansstr[7] ) {
@@ -1006,29 +1346,29 @@ ask_user_id( int mode )
 		    tty_printf(_("Please correct the error first\n"));
 		}
 		else {
-		    gcry_free(aname); aname = NULL;
-		    gcry_free(acomment); acomment = NULL;
-		    gcry_free(amail); amail = NULL;
+		    m_free(aname); aname = NULL;
+		    m_free(acomment); acomment = NULL;
+		    m_free(amail); amail = NULL;
 		    break;
 		}
 	    }
 	    else if( *answer == ansstr[8] || *answer == ansstr[9] ) {
-		gcry_free(aname); aname = NULL;
-		gcry_free(acomment); acomment = NULL;
-		gcry_free(amail); amail = NULL;
-		gcry_free(uid); uid = NULL;
+		m_free(aname); aname = NULL;
+		m_free(acomment); acomment = NULL;
+		m_free(amail); amail = NULL;
+		m_free(uid); uid = NULL;
 		break;
 	    }
-	    gcry_free(answer);
+	    m_free(answer);
 	}
-	gcry_free(answer);
+	m_free(answer);
 	if( !amail && !acomment && !amail )
 	    break;
-	gcry_free(uid); uid = NULL;
+	m_free(uid); uid = NULL;
     }
     if( uid ) {
 	char *p = native_to_utf8( uid );
-	gcry_free( uid );
+	m_free( uid );
 	uid = p;
     }
     return uid;
@@ -1040,20 +1380,22 @@ ask_passphrase( STRING2KEY **ret_s2k )
 {
     DEK *dek = NULL;
     STRING2KEY *s2k;
+    const char *errtext = NULL;
 
     tty_printf(_("You need a Passphrase to protect your secret key.\n\n") );
 
-    s2k = gcry_xmalloc_secure( sizeof *s2k );
+    s2k = m_alloc_secure( sizeof *s2k );
     for(;;) {
 	s2k->mode = opt.s2k_mode;
 	s2k->hash_algo = opt.s2k_digest_algo;
-	dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2 );
+	dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k,2,errtext);
 	if( !dek ) {
-	    tty_printf(_("passphrase not correctly repeated; try again.\n"));
+	    errtext = _("passphrase not correctly repeated; try again");
+	    tty_printf(_("%s.\n"), errtext);
 	}
 	else if( !dek->keylen ) {
-	    gcry_free(dek); dek = NULL;
-	    gcry_free(s2k); s2k = NULL;
+	    m_free(dek); dek = NULL;
+	    m_free(s2k); s2k = NULL;
 	    tty_printf(_(
 	    "You don't want a passphrase - this is probably a *bad* idea!\n"
 	    "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1069,7 +1411,7 @@ ask_passphrase( STRING2KEY **ret_s2k )
 
 
 static int
-do_create( int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root,
+do_create( int algo, unsigned int nbits, KBNODE pub_root, KBNODE sec_root,
 	   DEK *dek, STRING2KEY *s2k, PKT_secret_key **sk, u32 expiredate )
 {
     int rc=0;
@@ -1081,14 +1423,12 @@ do_create( int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root,
 "disks) during the prime generation; this gives the random number\n"
 "generator a better chance to gain enough entropy.\n") );
 
-    if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E )
+    if( algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E )
 	rc = gen_elg(algo, nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
-    else if( algo == GCRY_PK_DSA )
+    else if( algo == PUBKEY_ALGO_DSA )
 	rc = gen_dsa(nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
-  #if 0
-    else if( algo == GCRY_PK_RSA )
+    else if( algo == PUBKEY_ALGO_RSA )
 	rc = gen_rsa(algo, nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
-  #endif
     else
 	BUG();
 
@@ -1120,9 +1460,10 @@ generate_user_id()
     if( !p )
 	return NULL;
     n = strlen(p);
-    uid = gcry_xcalloc( 1, sizeof *uid + n - 1 );
+    uid = m_alloc_clear( sizeof *uid + n - 1 );
     uid->len = n;
     strcpy(uid->name, p);
+    uid->ref = 1;
     return uid;
 }
 
@@ -1135,11 +1476,11 @@ release_parameter_list( struct para_data_s *r )
     for( ; r ; r = r2 ) {
 	r2 = r->next;
 	if( r->key == pPASSPHRASE_DEK )
-	    gcry_free( r->u.dek );
+	    m_free( r->u.dek );
 	else if( r->key == pPASSPHRASE_S2K )
-	    gcry_free( r->u.s2k );
+	    m_free( r->u.s2k );
 
-	gcry_free(r);
+	m_free(r);
     }
 }
 
@@ -1163,12 +1504,102 @@ get_parameter_value( struct para_data_s *para, enum para_name key )
 static int
 get_parameter_algo( struct para_data_s *para, enum para_name key )
 {
+    int i;
     struct para_data_s *r = get_parameter( para, key );
     if( !r )
 	return -1;
     if( isdigit( *r->u.value ) )
-	return atoi( r->u.value );
-    return gcry_pk_map_name( r->u.value );
+	i = atoi( r->u.value );
+    else
+        i = string_to_pubkey_algo( r->u.value );
+    if (i == PUBKEY_ALGO_RSA_E || i == PUBKEY_ALGO_RSA_S)
+      i = 0; /* we don't want to allow generation of these algorithms */
+    return i;
+}
+
+/* 
+ * parse the usage parameter and set the keyflags.  Return true on error.
+ */
+static int
+parse_parameter_usage (const char *fname,
+                       struct para_data_s *para, enum para_name key)
+{
+    struct para_data_s *r = get_parameter( para, key );
+    char *p, *pn;
+    unsigned int use;
+
+    if( !r )
+	return 0; /* none (this is an optional parameter)*/
+    
+    use = 0;
+    pn = r->u.value;
+    while ( (p = strsep (&pn, " \t,")) ) {
+        if ( !*p)
+            ;
+        else if ( !ascii_strcasecmp (p, "sign") )
+            use |= PUBKEY_USAGE_SIG;
+        else if ( !ascii_strcasecmp (p, "encrypt") )
+            use |= PUBKEY_USAGE_ENC;
+        else {
+            log_error("%s:%d: invalid usage list\n", fname, r->lnr );
+            return -1; /* error */
+        }
+    }
+    r->u.usage = use;
+    return 0;
+}
+
+static int
+parse_revocation_key (const char *fname,
+		      struct para_data_s *para, enum para_name key)
+{
+  struct para_data_s *r = get_parameter( para, key );
+  struct revocation_key revkey;
+  char *pn;
+  int i;
+
+  if( !r )
+    return 0; /* none (this is an optional parameter) */
+
+  pn = r->u.value;
+
+  revkey.class=0x80;
+  revkey.algid=atoi(pn);
+  if(!revkey.algid)
+    goto fail;
+
+  /* Skip to the fpr */
+  while(*pn && *pn!=':')
+    pn++;
+
+  if(*pn!=':')
+    goto fail;
+
+  pn++;
+
+  for(i=0;i<MAX_FINGERPRINT_LEN && *pn;i++,pn+=2)
+    {
+      int c=hextobyte(pn);
+      if(c==-1)
+	goto fail;
+
+      revkey.fpr[i]=c;
+    }
+
+  /* skip to the tag */
+  while(*pn && *pn!='s' && *pn!='S')
+    pn++;
+
+  if(ascii_strcasecmp(pn,"sensitive")==0)
+    revkey.class|=0x40;
+
+  memcpy(&r->u.revkey,&revkey,sizeof(struct revocation_key));
+
+  return 0;
+
+  fail:
+  log_error("%s:%d: invalid revocation key\n", fname, r->lnr );
+  return -1; /* error */
 }
 
 
@@ -1181,6 +1612,8 @@ get_parameter_u32( struct para_data_s *para, enum para_name key )
 	return 0;
     if( r->key == pKEYEXPIRE || r->key == pSUBKEYEXPIRE )
 	return r->u.expire;
+    if( r->key == pKEYUSAGE || r->key == pSUBKEYUSAGE )
+	return r->u.usage;
 
     return (unsigned int)strtoul( r->u.value, NULL, 10 );
 }
@@ -1205,10 +1638,16 @@ get_parameter_s2k( struct para_data_s *para, enum para_name key )
     return r? r->u.s2k : NULL;
 }
 
+static struct revocation_key *
+get_parameter_revkey( struct para_data_s *para, enum para_name key )
+{
+    struct para_data_s *r = get_parameter( para, key );
+    return r? &r->u.revkey : NULL;
+}
 
 static int
 proc_parameter_file( struct para_data_s *para, const char *fname,
-				       struct output_control_s *outctrl )
+                     struct output_control_s *outctrl )
 {
     struct para_data_s *r;
     const char *s1, *s2, *s3;
@@ -1219,18 +1658,24 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
     /* check that we have all required parameters */
     assert( get_parameter( para, pKEYTYPE ) );
     i = get_parameter_algo( para, pKEYTYPE );
-    if( i < 1 || openpgp_pk_test_algo( i, GCRY_PK_USAGE_SIGN ) ) {
+    if( i < 1 || check_pubkey_algo2( i, PUBKEY_USAGE_SIG ) ) {
 	r = get_parameter( para, pKEYTYPE );
 	log_error("%s:%d: invalid algorithm\n", fname, r->lnr );
 	return -1;
     }
 
+    if (parse_parameter_usage (fname, para, pKEYUSAGE))
+        return -1;
+
     i = get_parameter_algo( para, pSUBKEYTYPE );
-    if( i > 1 && openpgp_pk_test_algo( i, 0 ) ) {
+    if( i > 0 && check_pubkey_algo( i ) ) {
 	r = get_parameter( para, pSUBKEYTYPE );
 	log_error("%s:%d: invalid algorithm\n", fname, r->lnr );
 	return -1;
     }
+    if (i > 0 && parse_parameter_usage (fname, para, pSUBKEYUSAGE))
+        return -1;
+
 
     if( !get_parameter_value( para, pUSERID ) ) {
 	/* create the formatted user ID */
@@ -1239,7 +1684,7 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
 	s3 = get_parameter_value( para, pNAMEEMAIL );
 	if( s1 || s2 || s3 ) {
 	    n = (s1?strlen(s1):0) + (s2?strlen(s2):0) + (s3?strlen(s3):0);
-	    r = gcry_xcalloc( 1, sizeof *r + n + 20 );
+	    r = m_alloc_clear( sizeof *r + n + 20 );
 	    r->key = pUSERID;
 	    p = r->u.value;
 	    if( s1 )
@@ -1253,6 +1698,13 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
 	}
     }
 
+    /* Set preferences, if any. */
+    keygen_set_std_prefs(get_parameter_value( para, pPREFERENCES ), 0);
+
+    /* Set revoker, if any. */
+    if (parse_revocation_key (fname, para, pREVOKER))
+      return -1;
+
     /* make DEK and S2K from the Passphrase */
     r = get_parameter( para, pPASSPHRASE );
     if( r && *r->u.value ) {
@@ -1262,21 +1714,21 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
 	STRING2KEY *s2k;
 	DEK *dek;
 
-	s2k = gcry_xmalloc_secure( sizeof *s2k );
+	s2k = m_alloc_secure( sizeof *s2k );
 	s2k->mode = opt.s2k_mode;
 	s2k->hash_algo = opt.s2k_digest_algo;
 	set_next_passphrase( r->u.value );
-	dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2 );
+	dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2, NULL );
 	set_next_passphrase( NULL );
 	assert( dek );
 	memset( r->u.value, 0, strlen(r->u.value) );
 
-	r = gcry_xcalloc( 1, sizeof *r );
+	r = m_alloc_clear( sizeof *r );
 	r->key = pPASSPHRASE_S2K;
 	r->u.s2k = s2k;
 	r->next = para;
 	para = r;
-	r = gcry_xcalloc( 1, sizeof *r );
+	r = m_alloc_clear( sizeof *r );
 	r->key = pPASSPHRASE_DEK;
 	r->u.dek = dek;
 	r->next = para;
@@ -1294,7 +1746,7 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
 	r->u.expire = i * 86400L;
 	r->key = pKEYEXPIRE;  /* change hat entry */
 	/* also set it for the subkey */
-	r = gcry_xcalloc( 1, sizeof *r + 20 );
+	r = m_alloc_clear( sizeof *r + 20 );
 	r->key = pSUBKEYEXPIRE;
 	r->u.expire = i * 86400L;
 	r->next = para;
@@ -1324,13 +1776,17 @@ read_parameter_file( const char *fname )
     } keywords[] = {
 	{ "Key-Type",       pKEYTYPE},
 	{ "Key-Length",     pKEYLENGTH },
+	{ "Key-Usage",      pKEYUSAGE },
 	{ "Subkey-Type",    pSUBKEYTYPE },
 	{ "Subkey-Length",  pSUBKEYLENGTH },
+	{ "Subkey-Usage",   pSUBKEYUSAGE },
 	{ "Name-Real",      pNAMEREAL },
 	{ "Name-Email",     pNAMEEMAIL },
 	{ "Name-Comment",   pNAMECOMMENT },
 	{ "Expire-Date",    pEXPIREDATE },
 	{ "Passphrase",     pPASSPHRASE },
+	{ "Preferences",    pPREFERENCES },
+	{ "Revoker",        pREVOKER },
 	{ NULL, 0 }
     };
     FILE *fp;
@@ -1366,45 +1822,45 @@ read_parameter_file( const char *fname )
 	    err = "line too long";
 	    break;
 	}
-	for( p = line; isspace(*p); p++ )
+	for( p = line; isspace(*(byte*)p); p++ )
 	    ;
 	if( !*p || *p == '#' )
 	    continue;
 	keyword = p;
 	if( *keyword == '%' ) {
-	    for( ; !isspace(*p); p++ )
+	    for( ; !isspace(*(byte*)p); p++ )
 		;
 	    if( *p )
 		*p++ = 0;
-	    for( ; isspace(*p); p++ )
+	    for( ; isspace(*(byte*)p); p++ )
 		;
 	    value = p;
 	    trim_trailing_ws( value, strlen(value) );
-	    if( !stricmp( keyword, "%echo" ) )
+	    if( !ascii_strcasecmp( keyword, "%echo" ) )
 		log_info("%s\n", value );
-	    else if( !stricmp( keyword, "%dry-run" ) )
+	    else if( !ascii_strcasecmp( keyword, "%dry-run" ) )
 		outctrl.dryrun = 1;
-	    else if( !stricmp( keyword, "%commit" ) ) {
+	    else if( !ascii_strcasecmp( keyword, "%commit" ) ) {
 		outctrl.lnr = lnr;
 		proc_parameter_file( para, fname, &outctrl );
 		release_parameter_list( para );
 		para = NULL;
 	    }
-	    else if( !stricmp( keyword, "%pubring" ) ) {
+	    else if( !ascii_strcasecmp( keyword, "%pubring" ) ) {
 		if( outctrl.pub.fname && !strcmp( outctrl.pub.fname, value ) )
 		    ; /* still the same file - ignore it */
 		else {
-		    gcry_free( outctrl.pub.newfname );
-		    outctrl.pub.newfname = gcry_xstrdup( value );
+		    m_free( outctrl.pub.newfname );
+		    outctrl.pub.newfname = m_strdup( value );
 		    outctrl.use_files = 1;
 		}
 	    }
-	    else if( !stricmp( keyword, "%secring" ) ) {
+	    else if( !ascii_strcasecmp( keyword, "%secring" ) ) {
 		if( outctrl.sec.fname && !strcmp( outctrl.sec.fname, value ) )
 		    ; /* still the same file - ignore it */
 		else {
-		   gcry_free( outctrl.sec.newfname );
-		   outctrl.sec.newfname = gcry_xstrdup( value );
+		   m_free( outctrl.sec.newfname );
+		   outctrl.sec.newfname = m_strdup( value );
 		   outctrl.use_files = 1;
 		}
 	    }
@@ -1422,7 +1878,7 @@ read_parameter_file( const char *fname )
 	}
 	if( *p )
 	    *p++ = 0;
-	for( ; isspace(*p); p++ )
+	for( ; isspace(*(byte*)p); p++ )
 	    ;
 	if( !*p ) {
 	    err = "missing argument";
@@ -1432,7 +1888,7 @@ read_parameter_file( const char *fname )
 	trim_trailing_ws( value, strlen(value) );
 
 	for(i=0; keywords[i].name; i++ ) {
-	    if( !stricmp( keywords[i].name, keyword ) )
+	    if( !ascii_strcasecmp( keywords[i].name, keyword ) )
 		break;
 	}
 	if( !keywords[i].name ) {
@@ -1460,7 +1916,7 @@ read_parameter_file( const char *fname )
 		break;
 	    }
 	}
-	r = gcry_xcalloc( 1, sizeof *r + strlen( value ) );
+	r = m_alloc_clear( sizeof *r + strlen( value ) );
 	r->lnr = lnr;
 	r->key = keywords[i].key;
 	strcpy( r->u.value, value );
@@ -1480,10 +1936,10 @@ read_parameter_file( const char *fname )
     if( outctrl.use_files ) { /* close open streams */
 	iobuf_close( outctrl.pub.stream );
 	iobuf_close( outctrl.sec.stream );
-	gcry_free( outctrl.pub.fname );
-	gcry_free( outctrl.pub.newfname );
-	gcry_free( outctrl.sec.fname );
-	gcry_free( outctrl.sec.newfname );
+	m_free( outctrl.pub.fname );
+	m_free( outctrl.pub.newfname );
+	m_free( outctrl.sec.fname );
+	m_free( outctrl.sec.newfname );
     }
 
     release_parameter_list( para );
@@ -1504,6 +1960,7 @@ generate_keypair( const char *fname )
     DEK *dek;
     STRING2KEY *s2k;
     int algo;
+    unsigned int use;
     int both = 0;
     u32 expire;
     struct para_data_s *para = NULL;
@@ -1517,50 +1974,61 @@ generate_keypair( const char *fname )
 	return;
     }
 
-    algo = ask_algo( 0 );
+    algo = ask_algo( 0, &use );
     if( !algo ) { /* default: DSA with ElG subkey of the specified size */
 	both = 1;
-	r = gcry_xcalloc( 1, sizeof *r + 20 );
+	r = m_alloc_clear( sizeof *r + 20 );
 	r->key = pKEYTYPE;
-	sprintf( r->u.value, "%d", GCRY_PK_DSA );
+	sprintf( r->u.value, "%d", PUBKEY_ALGO_DSA );
 	r->next = para;
 	para = r;
 	tty_printf(_("DSA keypair will have 1024 bits.\n"));
-	r = gcry_xcalloc( 1, sizeof *r + 20 );
+	r = m_alloc_clear( sizeof *r + 20 );
 	r->key = pKEYLENGTH;
 	strcpy( r->u.value, "1024" );
 	r->next = para;
 	para = r;
 
-	algo = GCRY_PK_ELG_E;
-	r = gcry_xcalloc( 1, sizeof *r + 20 );
+	algo = PUBKEY_ALGO_ELGAMAL_E;
+	r = m_alloc_clear( sizeof *r + 20 );
 	r->key = pSUBKEYTYPE;
 	sprintf( r->u.value, "%d", algo );
 	r->next = para;
 	para = r;
     }
     else {
-	r = gcry_xcalloc( 1, sizeof *r + 20 );
+	r = m_alloc_clear( sizeof *r + 20 );
 	r->key = pKEYTYPE;
 	sprintf( r->u.value, "%d", algo );
 	r->next = para;
 	para = r;
+
+        if (use) {
+            r = m_alloc_clear( sizeof *r + 20 );
+            r->key = pKEYUSAGE;
+            sprintf( r->u.value, "%s%s",
+                     (use & PUBKEY_USAGE_SIG)? "sign ":"",
+                     (use & PUBKEY_USAGE_ENC)? "encrypt ":"" );
+            r->next = para;
+            para = r;
+        }
+
     }
 
     nbits = ask_keysize( algo );
-    r = gcry_xcalloc( 1, sizeof *r + 20 );
+    r = m_alloc_clear( sizeof *r + 20 );
     r->key = both? pSUBKEYLENGTH : pKEYLENGTH;
     sprintf( r->u.value, "%u", nbits);
     r->next = para;
     para = r;
 
-    expire = ask_expire_interval();
-    r = gcry_xcalloc( 1, sizeof *r + 20 );
+    expire = ask_expire_interval(0);
+    r = m_alloc_clear( sizeof *r + 20 );
     r->key = pKEYEXPIRE;
     r->u.expire = expire;
     r->next = para;
     para = r;
-    r = gcry_xcalloc( 1, sizeof *r + 20 );
+    r = m_alloc_clear( sizeof *r + 20 );
     r->key = pSUBKEYEXPIRE;
     r->u.expire = expire;
     r->next = para;
@@ -1572,7 +2040,7 @@ generate_keypair( const char *fname )
 	release_parameter_list( para );
 	return;
     }
-    r = gcry_xcalloc( 1, sizeof *r + strlen(uid) );
+    r = m_alloc_clear( sizeof *r + strlen(uid) );
     r->key = pUSERID;
     strcpy( r->u.value, uid );
     r->next = para;
@@ -1580,12 +2048,12 @@ generate_keypair( const char *fname )
 
     dek = ask_passphrase( &s2k );
     if( dek ) {
-	r = gcry_xcalloc( 1, sizeof *r );
+	r = m_alloc_clear( sizeof *r );
 	r->key = pPASSPHRASE_DEK;
 	r->u.dek = dek;
 	r->next = para;
 	para = r;
-	r = gcry_xcalloc( 1, sizeof *r );
+	r = m_alloc_clear( sizeof *r );
 	r->key = pPASSPHRASE_S2K;
 	r->u.s2k = s2k;
 	r->next = para;
@@ -1601,13 +2069,13 @@ static void
 do_generate_keypair( struct para_data_s *para,
 		     struct output_control_s *outctrl )
 {
-    char *pub_fname = NULL;
-    char *sec_fname = NULL;
     KBNODE pub_root = NULL;
     KBNODE sec_root = NULL;
     PKT_secret_key *sk = NULL;
     const char *s;
+    struct revocation_key *revkey;
     int rc;
+    int did_sub = 0;
 
     if( outctrl->dryrun ) {
 	log_info("dry-run mode - key generation skipped\n");
@@ -1619,7 +2087,7 @@ do_generate_keypair( struct para_data_s *para,
 	if( outctrl->pub.newfname ) {
 	    iobuf_close(outctrl->pub.stream);
 	    outctrl->pub.stream = NULL;
-	    gcry_free( outctrl->pub.fname );
+	    m_free( outctrl->pub.fname );
 	    outctrl->pub.fname =  outctrl->pub.newfname;
 	    outctrl->pub.newfname = NULL;
 
@@ -1638,7 +2106,7 @@ do_generate_keypair( struct para_data_s *para,
 	if( outctrl->sec.newfname ) {
 	    iobuf_close(outctrl->sec.stream);
 	    outctrl->sec.stream = NULL;
-	    gcry_free( outctrl->sec.fname );
+	    m_free( outctrl->sec.fname );
 	    outctrl->sec.fname =  outctrl->sec.newfname;
 	    outctrl->sec.newfname = NULL;
 
@@ -1654,20 +2122,14 @@ do_generate_keypair( struct para_data_s *para,
 						    &outctrl->sec.afx );
 	    }
 	}
-	pub_fname = outctrl->pub.fname; /* only for info output */
-	sec_fname = outctrl->sec.fname; /* only for info output */
 	assert( outctrl->pub.stream );
 	assert( outctrl->sec.stream );
-    }
-    else {
-	pub_fname = get_writable_keyblock_file( 0 );
-	sec_fname = get_writable_keyblock_file( 1 );
+        if( opt.verbose ) {
+            log_info(_("writing public key to `%s'\n"), outctrl->pub.fname );
+            log_info(_("writing secret key to `%s'\n"), outctrl->sec.fname );
+        }
     }
 
-    if( opt.verbose ) {
-	log_info(_("writing public key to `%s'\n"), pub_fname );
-	log_info(_("writing secret key to `%s'\n"), sec_fname );
-    }
 
     /* we create the packets as a tree of kbnodes. Because the structure
      * we create is known in advance we simply generate a linked list
@@ -1684,14 +2146,24 @@ do_generate_keypair( struct para_data_s *para,
 		    get_parameter_s2k( para, pPASSPHRASE_S2K ),
 		    &sk,
 		    get_parameter_u32( para, pKEYEXPIRE ) );
+
+    if(!rc && (revkey=get_parameter_revkey(para,pREVOKER)))
+      {
+	rc=write_direct_sig(pub_root,pub_root,sk,revkey);
+	if(!rc)
+	  write_direct_sig(sec_root,pub_root,sk,revkey);
+      }
+
     if( !rc && (s=get_parameter_value(para, pUSERID)) ) {
 	write_uid(pub_root, s );
 	if( !rc )
 	    write_uid(sec_root, s );
 	if( !rc )
-	    rc = write_selfsig(pub_root, pub_root, sk);
+	    rc = write_selfsig(pub_root, pub_root, sk,
+                               get_parameter_uint (para, pKEYUSAGE));
 	if( !rc )
-	    rc = write_selfsig(sec_root, pub_root, sk);
+	    rc = write_selfsig(sec_root, pub_root, sk,
+                               get_parameter_uint (para, pKEYUSAGE));
     }
 
     if( get_parameter( para, pSUBKEYTYPE ) ) {
@@ -1703,64 +2175,90 @@ do_generate_keypair( struct para_data_s *para,
 			NULL,
 			get_parameter_u32( para, pSUBKEYEXPIRE ) );
 	if( !rc )
-	    rc = write_keybinding(pub_root, pub_root, sk);
+	    rc = write_keybinding(pub_root, pub_root, sk,
+               			  get_parameter_uint (para, pSUBKEYUSAGE));
 	if( !rc )
-	    rc = write_keybinding(sec_root, pub_root, sk);
+	    rc = write_keybinding(sec_root, pub_root, sk,
+               			  get_parameter_uint (para, pSUBKEYUSAGE));
+        did_sub = 1;
     }
 
 
     if( !rc && outctrl->use_files ) { /* direct write to specified files */
 	rc = write_keyblock( outctrl->pub.stream, pub_root );
 	if( rc )
-	    log_error("can't write public key: %s\n", gpg_errstr(rc) );
+	    log_error("can't write public key: %s\n", g10_errstr(rc) );
 	if( !rc ) {
 	    rc = write_keyblock( outctrl->sec.stream, sec_root );
 	    if( rc )
-		log_error("can't write secret key: %s\n", gpg_errstr(rc) );
+		log_error("can't write secret key: %s\n", g10_errstr(rc) );
 	}
 
     }
     else if( !rc ) { /* write to the standard keyrings */
-	KBPOS pub_kbpos;
-	KBPOS sec_kbpos;
-	int rc1 = -1;
-	int rc2 = -1;
-
-	/* we can now write the certificates */
-	if( get_keyblock_handle( pub_fname, 0, &pub_kbpos ) ) {
-	    if( add_keyblock_resource( pub_fname, 1, 0 ) ) {
-		log_error("can add keyblock file `%s'\n", pub_fname );
-		rc = GPGERR_CREATE_FILE;
-	    }
-	    else if( get_keyblock_handle( pub_fname, 0, &pub_kbpos ) ) {
-		log_error("can get keyblock handle for `%s'\n", pub_fname );
-		rc = GPGERR_CREATE_FILE;
-	    }
-	}
-	if( rc )
-	    ;
-	else if( get_keyblock_handle( sec_fname, 1, &sec_kbpos ) ) {
-	    if( add_keyblock_resource( sec_fname, 1, 1 ) ) {
-		log_error("can add keyblock file `%s'\n", sec_fname );
-		rc = GPGERR_CREATE_FILE;
-	    }
-	    else if( get_keyblock_handle( sec_fname, 1, &sec_kbpos ) ) {
-		log_error("can get keyblock handle for `%s'\n", sec_fname );
-		rc = GPGERR_CREATE_FILE;
-	    }
-	}
+	KEYDB_HANDLE pub_hd = keydb_new (0);
+	KEYDB_HANDLE sec_hd = keydb_new (1);
+
+        /* FIXME: we may have to create the keyring first */
+        rc = keydb_locate_writable (pub_hd, NULL);
+        if (rc) 
+    	    log_error (_("no writable public keyring found: %s\n"),
+                       g10_errstr (rc));
+
+        if (!rc) {  
+            rc = keydb_locate_writable (sec_hd, NULL);
+            if (rc) 
+                log_error (_("no writable secret keyring found: %s\n"),
+                           g10_errstr (rc));
+        }
+
+        if (!rc && opt.verbose) {
+            log_info(_("writing public key to `%s'\n"),
+                     keydb_get_resource_name (pub_hd));
+            log_info(_("writing secret key to `%s'\n"),
+                     keydb_get_resource_name (sec_hd));
+        }
+
+        if (!rc) {
+	    rc = keydb_insert_keyblock (pub_hd, pub_root);
+            if (rc)
+                log_error (_("error writing public keyring `%s': %s\n"),
+                           keydb_get_resource_name (pub_hd), g10_errstr(rc));
+        }
+
+        if (!rc) {
+	    rc = keydb_insert_keyblock (sec_hd, sec_root);
+            if (rc)
+                log_error (_("error writing secret keyring `%s': %s\n"),
+                           keydb_get_resource_name (pub_hd), g10_errstr(rc));
+        }
+
+        keydb_release (pub_hd);
+        keydb_release (sec_hd);
+
+	if (!rc) {
+            int no_enc_rsa =
+                get_parameter_algo(para, pKEYTYPE) == PUBKEY_ALGO_RSA
+                && get_parameter_uint( para, pKEYUSAGE )
+                && !(get_parameter_uint( para,pKEYUSAGE) & PUBKEY_USAGE_ENC);
+            PKT_public_key *pk = find_kbnode (pub_root, 
+                                    PKT_PUBLIC_KEY)->pkt->pkt.public_key;
+            
+            update_ownertrust (pk,
+                               ((get_ownertrust (pk) & ~TRUST_MASK)
+                                | TRUST_ULTIMATE ));
+
+	    if (!opt.batch) {
+                tty_printf(_("public and secret key created and signed.\n") );
+                tty_printf(_("key marked as ultimately trusted.\n") );
+		tty_printf("\n");
+		list_keyblock(pub_root,0,1,NULL);
+            }
+            
 
-	if( rc )
-	    ;
-	else if( (rc=insert_keyblock( pub_root )) )
-	    log_error("can't write public key: %s\n", gpg_errstr(rc) );
-	else if( (rc=insert_keyblock( sec_root )) )
-	    log_error("can't write secret key: %s\n", gpg_errstr(rc) );
-	else {
-	    if( !opt.batch )
-		 tty_printf(_("public and secret key created and signed.\n") );
 	    if( !opt.batch
-		&& get_parameter_algo( para, pKEYTYPE ) == GCRY_PK_DSA
+		&& ( get_parameter_algo( para, pKEYTYPE ) == PUBKEY_ALGO_DSA
+                     || no_enc_rsa )
 		&& !get_parameter( para, pSUBKEYTYPE ) )
 	    {
 		tty_printf(_("Note that this key cannot be used for "
@@ -1769,23 +2267,21 @@ do_generate_keypair( struct para_data_s *para,
 			     "secondary key for this purpose.\n") );
 	    }
 	}
-
     }
 
     if( rc ) {
 	if( opt.batch )
-	    log_error("key generation failed: %s\n", gpg_errstr(rc) );
+	    log_error("key generation failed: %s\n", g10_errstr(rc) );
 	else
-	    tty_printf(_("Key generation failed: %s\n"), gpg_errstr(rc) );
+	    tty_printf(_("Key generation failed: %s\n"), g10_errstr(rc) );
+    }
+    else {
+        write_status_text (STATUS_KEY_CREATED, did_sub? "B":"P");
     }
     release_kbnode( pub_root );
     release_kbnode( sec_root );
     if( sk ) /* the unprotected  secret key */
 	free_secret_key(sk);
-    if( !outctrl->use_files ) {
-	gcry_free(pub_fname);
-	gcry_free(sec_fname);
-    }
 }
 
 
@@ -1800,6 +2296,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
     KBNODE node;
     PKT_secret_key *sk = NULL; /* this is the primary sk */
     int algo;
+    unsigned int use;
     u32 expire;
     unsigned nbits;
     char *passphrase = NULL;
@@ -1825,16 +2322,21 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
 		       : _("key has been created %lu seconds "
 			   "in future (time warp or clock problem)\n"), d );
 	if( !opt.ignore_time_conflict ) {
-	    rc = GPGERR_TIME_CONFLICT;
+	    rc = G10ERR_TIME_CONFLICT;
 	    goto leave;
 	}
     }
 
+    if (sk->version < 4) {
+        log_info (_("NOTE: creating subkeys for v3 keys "
+                    "is not OpenPGP compliant\n"));
+	goto leave;
+    }
 
     /* unprotect to get the passphrase */
     switch( is_secret_key_protected( sk ) ) {
       case -1:
-	rc = GPGERR_PUBKEY_ALGO;
+	rc = G10ERR_PUBKEY_ALGO;
 	break;
       case 0:
 	tty_printf("This key is not protected.\n");
@@ -1850,37 +2352,39 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	goto leave;
 
 
-    algo = ask_algo( 1 );
+    algo = ask_algo( 1, &use );
     assert(algo);
     nbits = ask_keysize( algo );
-    expire = ask_expire_interval();
+    expire = ask_expire_interval(0);
     if( !cpr_enabled() && !cpr_get_answer_is_yes("keygen.sub.okay",
 						  _("Really create? ") ) )
 	goto leave;
 
     if( passphrase ) {
-	s2k = gcry_xmalloc_secure( sizeof *s2k );
+	s2k = m_alloc_secure( sizeof *s2k );
 	s2k->mode = opt.s2k_mode;
 	s2k->hash_algo = opt.s2k_digest_algo;
 	set_next_passphrase( passphrase );
-	dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2 );
+	dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2, NULL );
     }
 
     rc = do_create( algo, nbits, pub_keyblock, sec_keyblock,
 				      dek, s2k, NULL, expire );
     if( !rc )
-	rc = write_keybinding(pub_keyblock, pub_keyblock, sk);
-    if( !rc )
-	rc = write_keybinding(sec_keyblock, pub_keyblock, sk);
+	rc = write_keybinding(pub_keyblock, pub_keyblock, sk, use);
     if( !rc )
+	rc = write_keybinding(sec_keyblock, pub_keyblock, sk, use);
+    if( !rc ) {
 	okay = 1;
+        write_status_text (STATUS_KEY_CREATED, "S");
+    }
 
   leave:
     if( rc )
-	log_error(_("Key generation failed: %s\n"), gpg_errstr(rc) );
-    gcry_free( passphrase );
-    gcry_free( dek );
-    gcry_free( s2k );
+	log_error(_("Key generation failed: %s\n"), g10_errstr(rc) );
+    m_free( passphrase );
+    m_free( dek );
+    m_free( s2k );
     if( sk ) /* release the copy of the (now unprotected) secret key */
 	free_secret_key(sk);
     set_next_passphrase( NULL );
@@ -1897,10 +2401,9 @@ write_keyblock( IOBUF out, KBNODE node )
 	int rc = build_packet( out, node->pkt );
 	if( rc ) {
 	    log_error("build_packet(%d) failed: %s\n",
-			node->pkt->pkttype, gpg_errstr(rc) );
-	    return GPGERR_WRITE_FILE;
+			node->pkt->pkttype, g10_errstr(rc) );
+	    return G10ERR_WRITE_FILE;
 	}
     }
     return 0;
 }
-
diff --git a/g10/keyid.c b/g10/keyid.c
index 0269a6bb0..43e531e3e 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -1,5 +1,5 @@
-/* keyid.c - jeyid and fingerprint handling
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+/* keyid.c - key ID and fingerprint handling
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,12 +25,11 @@
 #include <errno.h>
 #include <time.h>
 #include <assert.h>
-
-#include <gcrypt.h>
 #include "util.h"
 #include "main.h"
 #include "packet.h"
 #include "options.h"
+#include "mpi.h"
 #include "keydb.h"
 #include "i18n.h"
 
@@ -39,58 +38,48 @@ int
 pubkey_letter( int algo )
 {
     switch( algo ) {
-      case GCRY_PK_RSA: return 'R' ;
-      case GCRY_PK_RSA_E:	return 'r' ;
-      case GCRY_PK_RSA_S:	return 's' ;
-      case GCRY_PK_ELG_E: return 'g';
-      case GCRY_PK_ELG: return 'G' ;
-      case GCRY_PK_DSA: return 'D' ;
+      case PUBKEY_ALGO_RSA:	return 'R' ;
+      case PUBKEY_ALGO_RSA_E:	return 'r' ;
+      case PUBKEY_ALGO_RSA_S:	return 's' ;
+      case PUBKEY_ALGO_ELGAMAL_E: return 'g';
+      case PUBKEY_ALGO_ELGAMAL: return 'G' ;
+      case PUBKEY_ALGO_DSA:	return 'D' ;
       default: return '?';
     }
 }
 
-
-static GCRY_MD_HD
+static MD_HANDLE
 do_fingerprint_md( PKT_public_key *pk )
 {
-    GCRY_MD_HD md;
-    unsigned int n;
-    unsigned int nn[GNUPG_MAX_NPKEY];
-    byte *pp[GNUPG_MAX_NPKEY];
+    MD_HANDLE md;
+    unsigned n;
+    unsigned nb[PUBKEY_MAX_NPKEY];
+    unsigned nn[PUBKEY_MAX_NPKEY];
+    byte *pp[PUBKEY_MAX_NPKEY];
     int i;
     int npkey = pubkey_get_npkey( pk->pubkey_algo );
 
-    md = gcry_md_open( pk->version < 4 ? GCRY_MD_RMD160 : GCRY_MD_SHA1, 0);
-    if( !md )
-	BUG();
+    md = md_open( pk->version < 4 ? DIGEST_ALGO_RMD160 : DIGEST_ALGO_SHA1, 0);
     n = pk->version < 4 ? 8 : 6;
     for(i=0; i < npkey; i++ ) {
-	int rc;
-	size_t nbytes;
-
-	rc = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, &nbytes, pk->pkey[i] );
-	assert( !rc );
-	/* fixme: we should try to allocate a buffer on the stack */
-	pp[i] = gcry_xmalloc(nbytes);
-	rc = gcry_mpi_print( GCRYMPI_FMT_PGP, pp[i], &nbytes, pk->pkey[i] );
-	assert( !rc );
-	nn[i] = nbytes;
-	n += nn[i];
+	nb[i] = mpi_get_nbits(pk->pkey[i]);
+	pp[i] = mpi_get_buffer( pk->pkey[i], nn+i, NULL );
+	n += 2 + nn[i];
     }
 
-    gcry_md_putc( md, 0x99 );	  /* ctb */
-    gcry_md_putc( md, n >> 8 );   /* 2 byte length header */
-    gcry_md_putc( md, n );
+    md_putc( md, 0x99 );     /* ctb */
+    md_putc( md, n >> 8 );   /* 2 byte length header */
+    md_putc( md, n );
     if( pk->version < 4 )
-	gcry_md_putc( md, 3 );
+	md_putc( md, 3 );
     else
-	gcry_md_putc( md, 4 );
+	md_putc( md, 4 );
 
     {	u32 a = pk->timestamp;
-	gcry_md_putc( md, a >> 24 );
-	gcry_md_putc( md, a >> 16 );
-	gcry_md_putc( md, a >>	8 );
-	gcry_md_putc( md, a	  );
+	md_putc( md, a >> 24 );
+	md_putc( md, a >> 16 );
+	md_putc( md, a >>  8 );
+	md_putc( md, a	     );
     }
     if( pk->version < 4 ) {
 	u16 a;
@@ -99,20 +88,22 @@ do_fingerprint_md( PKT_public_key *pk )
 	    a = (u16)((pk->expiredate - pk->timestamp) / 86400L);
 	else
 	    a = 0;
-	gcry_md_putc( md, a >> 8 );
-	gcry_md_putc( md, a	 );
+	md_putc( md, a >> 8 );
+	md_putc( md, a	    );
     }
-    gcry_md_putc( md, pk->pubkey_algo );
+    md_putc( md, pk->pubkey_algo );
     for(i=0; i < npkey; i++ ) {
-	gcry_md_write( md, pp[i], nn[i] );
-	gcry_free(pp[i]);
+	md_putc( md, nb[i]>>8);
+	md_putc( md, nb[i] );
+	md_write( md, pp[i], nn[i] );
+	m_free(pp[i]);
     }
-    gcry_md_final( md );
+    md_final( md );
 
     return md;
 }
 
-static GCRY_MD_HD
+static MD_HANDLE
 do_fingerprint_md_sk( PKT_secret_key *sk )
 {
     PKT_public_key pk;
@@ -130,30 +121,6 @@ do_fingerprint_md_sk( PKT_secret_key *sk )
 }
 
 
-static void
-v3_keyid( MPI a, u32 *ki )
-{
-    int rc;
-    byte *buffer;
-    size_t nbytes;
-
-    rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, a );
-    assert( !rc );
-    /* fixme: allocate it on the stack */
-    buffer = gcry_xmalloc(nbytes);
-    rc = gcry_mpi_print( GCRYMPI_FMT_USG, buffer, &nbytes, a );
-    assert( !rc );
-    if( nbytes < 8 ) { /* oops */
-	ki[0] = ki[1] = 0;
-    }
-    else  {
-	memcpy( ki+0, buffer+nbytes-8, 4);
-	memcpy( ki+1, buffer+nbytes-4, 4);
-    }
-    gcry_free( buffer );
-}
-
-
 /****************
  * Get the keyid from the secret key and put it into keyid
  * if this is not NULL. Return the 32 low bits of the keyid.
@@ -161,36 +128,28 @@ v3_keyid( MPI a, u32 *ki )
 u32
 keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
 {
+    u32 lowbits;
     u32 dummy_keyid[2];
 
     if( !keyid )
 	keyid = dummy_keyid;
 
-    if( sk->keyid[0] || sk->keyid[1] ) {
-	keyid[0] = sk->keyid[0];
-	keyid[1] = sk->keyid[1];
-    }
-    else if( sk->version < 4 && is_RSA(sk->pubkey_algo) ) {
-	if( pubkey_get_npkey(sk->pubkey_algo) )
-	    v3_keyid( sk->skey[0], keyid ); /* take n */
-	else
-	    keyid[0] = keyid[1] = 0;
-	sk->keyid[0] = keyid[0];
-	sk->keyid[1] = keyid[1];
+    if( sk->version < 4 && is_RSA(sk->pubkey_algo) ) {
+	lowbits = pubkey_get_npkey(sk->pubkey_algo) ?
+		     mpi_get_keyid( sk->skey[0], keyid ) : 0; /* take n */
     }
     else {
 	const byte *dp;
-	GCRY_MD_HD md;
+	MD_HANDLE md;
 	md = do_fingerprint_md_sk(sk);
-	dp = gcry_md_read( md, 0 );
+	dp = md_read( md, 0 );
 	keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
 	keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
-	gcry_md_close(md);
-	sk->keyid[0] = keyid[0];
-	sk->keyid[1] = keyid[1];
+	lowbits = keyid[1];
+	md_close(md);
     }
 
-    return keyid[1];
+    return lowbits;
 }
 
 
@@ -201,6 +160,7 @@ keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
 u32
 keyid_from_pk( PKT_public_key *pk, u32 *keyid )
 {
+    u32 lowbits;
     u32 dummy_keyid[2];
 
     if( !keyid )
@@ -209,28 +169,28 @@ keyid_from_pk( PKT_public_key *pk, u32 *keyid )
     if( pk->keyid[0] || pk->keyid[1] ) {
 	keyid[0] = pk->keyid[0];
 	keyid[1] = pk->keyid[1];
+	lowbits = keyid[1];
     }
     else if( pk->version < 4 && is_RSA(pk->pubkey_algo) ) {
-	if( pubkey_get_npkey(pk->pubkey_algo) )
-	    v3_keyid( pk->pkey[0], keyid ); /* from n */
-	else
-	    keyid[0] = keyid[1] = 0;
+	lowbits = pubkey_get_npkey(pk->pubkey_algo) ?
+		     mpi_get_keyid( pk->pkey[0], keyid ) : 0 ; /* from n */
 	pk->keyid[0] = keyid[0];
 	pk->keyid[1] = keyid[1];
     }
     else {
 	const byte *dp;
-	GCRY_MD_HD md;
+	MD_HANDLE md;
 	md = do_fingerprint_md(pk);
-	dp = gcry_md_read( md, 0 );
+	dp = md_read( md, 0 );
 	keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
 	keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
-	gcry_md_close(md);
+	lowbits = keyid[1];
+	md_close(md);
 	pk->keyid[0] = keyid[0];
 	pk->keyid[1] = keyid[1];
     }
 
-    return keyid[1];
+    return lowbits;
 }
 
 
@@ -299,6 +259,21 @@ nbits_from_sk( PKT_secret_key *sk )
     return pubkey_nbits( sk->pubkey_algo, sk->skey );
 }
 
+static const char *
+mk_datestr (char *buffer, time_t atime)
+{
+    struct tm *tp;
+
+    if ( atime < 0 ) /* 32 bit time_t and after 2038-01-19 */
+        strcpy (buffer, "????" "-??" "-??"); /* mark this as invalid */
+    else {
+        tp = gmtime (&atime);
+        sprintf (buffer,"%04d-%02d-%02d",
+                 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
+    }
+    return buffer;
+}
+
 /****************
  * return a string with the creation date of the pk
  * Note: this is alloced in a static buffer.
@@ -308,67 +283,122 @@ const char *
 datestr_from_pk( PKT_public_key *pk )
 {
     static char buffer[11+5];
-    struct tm *tp;
     time_t atime = pk->timestamp;
 
-    tp = gmtime( &atime );
-    sprintf(buffer,"%04d-%02d-%02d", 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
-    return buffer;
+    return mk_datestr (buffer, atime);
 }
 
 const char *
 datestr_from_sk( PKT_secret_key *sk )
 {
     static char buffer[11+5];
-    struct tm *tp;
     time_t atime = sk->timestamp;
 
-    tp = gmtime( &atime );
-    sprintf(buffer,"%04d-%02d-%02d", 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
-    return buffer;
+    return mk_datestr (buffer, atime);
 }
 
 const char *
 datestr_from_sig( PKT_signature *sig )
 {
     static char buffer[11+5];
-    struct tm *tp;
     time_t atime = sig->timestamp;
 
-    tp = gmtime( &atime );
-    sprintf(buffer,"%04d-%02d-%02d", 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
-    return buffer;
+    return mk_datestr (buffer, atime);
 }
 
-
 const char *
 expirestr_from_pk( PKT_public_key *pk )
 {
     static char buffer[11+5];
-    struct tm *tp;
     time_t atime;
 
     if( !pk->expiredate )
 	return _("never     ");
     atime = pk->expiredate;
-    tp = gmtime( &atime );
-    sprintf(buffer,"%04d-%02d-%02d", 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
-    return buffer;
+    return mk_datestr (buffer, atime);
 }
 
 const char *
 expirestr_from_sk( PKT_secret_key *sk )
 {
     static char buffer[11+5];
-    struct tm *tp;
     time_t atime;
 
     if( !sk->expiredate )
 	return _("never     ");
     atime = sk->expiredate;
-    tp = gmtime( &atime );
-    sprintf(buffer,"%04d-%02d-%02d", 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
-    return buffer;
+    return mk_datestr (buffer, atime);
+}
+
+const char *
+expirestr_from_sig( PKT_signature *sig )
+{
+    static char buffer[11+5];
+    time_t atime;
+
+    if(!sig->expiredate)
+      return _("never     ");
+    atime=sig->expiredate;
+    return mk_datestr (buffer, atime);
+}
+
+const char *
+colon_strtime (u32 t)
+{
+    if (!t)
+        return "";
+    if (opt.fixed_list_mode) {
+        static char buf[15];
+        sprintf (buf, "%lu", (ulong)t);
+        return buf;
+    }
+    return strtimestamp(t);
+}
+
+const char *
+colon_datestr_from_pk (PKT_public_key *pk)
+{
+    if (opt.fixed_list_mode) {
+        static char buf[15];
+        sprintf (buf, "%lu", (ulong)pk->timestamp);
+        return buf;
+    }
+    return datestr_from_pk (pk);
+}
+
+const char *
+colon_datestr_from_sk (PKT_secret_key *sk)
+{
+    if (opt.fixed_list_mode) {
+        static char buf[15];
+        sprintf (buf, "%lu", (ulong)sk->timestamp);
+        return buf;
+    }
+    return datestr_from_sk (sk);
+}
+
+const char *
+colon_datestr_from_sig (PKT_signature *sig)
+{
+    if (opt.fixed_list_mode) {
+        static char buf[15];
+        sprintf (buf, "%lu", (ulong)sig->timestamp);
+        return buf;
+    }
+    return datestr_from_sig (sig);
+}
+
+const char *
+colon_expirestr_from_sig (PKT_signature *sig)
+{
+    if(!sig->expiredate)
+        return "";
+    if (opt.fixed_list_mode) {
+        static char buf[15];
+        sprintf (buf, "%lu", (ulong)sig->expiredate);
+        return buf;
+    }
+    return expirestr_from_sig (sig);
 }
 
 
@@ -381,184 +411,92 @@ expirestr_from_sk( PKT_secret_key *sk )
 byte *
 fingerprint_from_pk( PKT_public_key *pk, byte *array, size_t *ret_len )
 {
-    byte *buf;
-    const char *dp;
+    byte *p, *buf;
+    const byte *dp;
     size_t len;
+    unsigned int n;
 
     if( pk->version < 4 && is_RSA(pk->pubkey_algo) ) {
 	/* RSA in version 3 packets is special */
-	GCRY_MD_HD md;
+	MD_HANDLE md;
 
-	md = gcry_md_open( GCRY_MD_MD5, 0);
-	if( !md )
-	    BUG();
+	md = md_open( DIGEST_ALGO_MD5, 0);
 	if( pubkey_get_npkey( pk->pubkey_algo ) > 1 ) {
-	    int rc;
-	    size_t nbytes;
-
-	    rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, pk->pkey[0] );
-	    assert( !rc );
-	    /* fixme: allocate it on the stack */
-	    buf = gcry_xmalloc(nbytes);
-	    rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, pk->pkey[0] );
-	    assert( !rc );
-	    gcry_md_write( md, buf, nbytes );
-	    gcry_free(buf);
-	    rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, pk->pkey[1] );
-	    assert( !rc );
-	    /* fixme: allocate it on the stack */
-	    buf = gcry_xmalloc(nbytes);
-	    rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, pk->pkey[1] );
-	    assert( !rc );
-	    gcry_md_write( md, buf, nbytes );
-	    gcry_free(buf);
+	    p = buf = mpi_get_buffer( pk->pkey[0], &n, NULL );
+	    md_write( md, p, n );
+	    m_free(buf);
+	    p = buf = mpi_get_buffer( pk->pkey[1], &n, NULL );
+	    md_write( md, p, n );
+	    m_free(buf);
 	}
-	gcry_md_final(md);
+	md_final(md);
 	if( !array )
-	    array = gcry_xmalloc( 16 );
+	    array = m_alloc( 16 );
 	len = 16;
-	memcpy(array, gcry_md_read(md, GCRY_MD_MD5), 16 );
-	gcry_md_close(md);
+	memcpy(array, md_read(md, DIGEST_ALGO_MD5), 16 );
+	md_close(md);
     }
     else {
-	GCRY_MD_HD md;
+	MD_HANDLE md;
 	md = do_fingerprint_md(pk);
-	dp = gcry_md_read( md, 0 );
-	len = gcry_md_get_algo_dlen( gcry_md_get_algo( md ) );
+	dp = md_read( md, 0 );
+	len = md_digest_length( md_get_algo( md ) );
 	assert( len <= MAX_FINGERPRINT_LEN );
 	if( !array )
-	    array = gcry_xmalloc( len );
+	    array = m_alloc( len );
 	memcpy(array, dp, len );
-	gcry_md_close(md);
+	pk->keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
+	pk->keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
+	md_close(md);
     }
 
     *ret_len = len;
     return array;
 }
 
-
-/* Create a unified fingerprint, that is a printable fingerprint along
- * wth some other information suitable to passto get_pubkye_byname.
- * Pass NULL for buffer to let this function allocate the buffer.
- * This function will truncate the buffer in a way that a valid C string
- * is returnd (unless bufsize is 0)
- * Returns: Supplied buffer or newly allocated buffer
- */
-char *
-unified_fingerprint_from_pk( PKT_public_key *pk,
-                             char *buffer, size_t bufsize )
-{
-    byte fpr[MAX_FINGERPRINT_LEN];
-    size_t fprlen;
-    int i;
-
-    fingerprint_from_pk( pk, fpr, &fprlen );
-    if ( !buffer ) {
-        bufsize = 1+fprlen*2+1+4+1+1;
-        buffer = gcry_xmalloc( bufsize );
-    }
-    if ( bufsize < 1+fprlen*2+1+4+1+1 ) {
-        /* Hmmm, that should be sufficiend also not very nice */
-        if ( bufsize )
-            *buffer = 0;
-        return buffer;
-    }
-    *buffer = ':';
-    for (i=0; i < fprlen; i++ )
-        sprintf( buffer+1+i*2, "%02X", fpr[i] );
-    sprintf( buffer+1+i*2, ":%d:", (pk->pubkey_algo & 0xff) );
-    return buffer;
-}
-
 byte *
 fingerprint_from_sk( PKT_secret_key *sk, byte *array, size_t *ret_len )
 {
-    byte *buf;
+    byte *p, *buf;
     const char *dp;
     size_t len;
+    unsigned n;
 
     if( sk->version < 4 && is_RSA(sk->pubkey_algo) ) {
 	/* RSA in version 3 packets is special */
-	GCRY_MD_HD md;
+	MD_HANDLE md;
 
-	md = gcry_md_open( GCRY_MD_MD5, 0);
-	if( !md )
-	    BUG();
+	md = md_open( DIGEST_ALGO_MD5, 0);
 	if( pubkey_get_npkey( sk->pubkey_algo ) > 1 ) {
-	    int rc;
-	    size_t nbytes;
-
-	    /* FIXME: Why is the hash sequence for secret keys different */
-	    rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, sk->skey[1] );
-	    assert( !rc );
-	    /* fixme: allocate it on the stack */
-	    buf = gcry_xmalloc(nbytes);
-	    rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, sk->skey[1] );
-	    assert( !rc );
-	    gcry_md_write( md, buf, nbytes );
-	    gcry_free(buf);
-	    rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, sk->skey[0] );
-	    assert( !rc );
-	    /* fixme: allocate it on the stack */
-	    buf = gcry_xmalloc(nbytes);
-	    rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, sk->skey[0] );
-	    assert( !rc );
-	    gcry_md_write( md, buf, nbytes );
-	    gcry_free(buf);
+	    p = buf = mpi_get_buffer( sk->skey[0], &n, NULL );
+	    md_write( md, p, n );
+	    m_free(buf);
+	    p = buf = mpi_get_buffer( sk->skey[1], &n, NULL );
+	    md_write( md, p, n );
+	    m_free(buf);
 	}
-	gcry_md_final(md);
+	md_final(md);
 	if( !array )
-	    array = gcry_xmalloc( 16 );
+	    array = m_alloc( 16 );
 	len = 16;
-	memcpy(array, gcry_md_read(md, GCRY_MD_MD5), 16 );
-	gcry_md_close(md);
+	memcpy(array, md_read(md, DIGEST_ALGO_MD5), 16 );
+	md_close(md);
     }
     else {
-	GCRY_MD_HD md;
+	MD_HANDLE md;
 	md = do_fingerprint_md_sk(sk);
-	dp = gcry_md_read( md, 0 );
-	len = gcry_md_get_algo_dlen( gcry_md_get_algo( md ) );
+	dp = md_read( md, 0 );
+	len = md_digest_length( md_get_algo( md ) );
 	assert( len <= MAX_FINGERPRINT_LEN );
 	if( !array )
-	    array = gcry_xmalloc( len );
+	    array = m_alloc( len );
 	memcpy(array, dp, len );
-	gcry_md_close(md);
+	md_close(md);
     }
 
     *ret_len = len;
     return array;
 }
 
-char *
-unified_fingerprint_from_sk( PKT_secret_key *sk,
-                             char *buffer, size_t bufsize )
-{
-    byte fpr[MAX_FINGERPRINT_LEN];
-    size_t fprlen;
-    int i;
-
-    fingerprint_from_sk( sk, fpr, &fprlen );
-    if ( !buffer ) {
-        bufsize = 1+fprlen*2+1+4+1+1;
-        buffer = gcry_xmalloc( bufsize );
-    }
-    if ( bufsize < 1+fprlen*2+1+4+1+1 ) {
-        /* Hmmm, that should be sufficiend also not very nice */
-        if ( bufsize )
-            *buffer = 0;
-        return buffer;
-    }
-    *buffer = ':';
-    for (i=0; i < fprlen; i++ )
-        sprintf( buffer+1+i*2, "%02X", fpr[i] );
-    sprintf( buffer+1+i*2, ":%d:", (sk->pubkey_algo & 0xff) );
-    return buffer;
-}
-
-
-
-
-
-
 
 
diff --git a/g10/keylist.c b/g10/keylist.c
index 89691873a..e226ee071 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -1,5 +1,5 @@
 /* keylist.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -29,17 +29,26 @@
 #include "packet.h"
 #include "errors.h"
 #include "keydb.h"
-#include <gcrypt.h>
+#include "memory.h"
+#include "photoid.h"
 #include "util.h"
+#include "ttyio.h"
 #include "trustdb.h"
 #include "main.h"
 #include "i18n.h"
+#include "status.h"
 
 static void list_all(int);
 static void list_one( STRLIST names, int secret);
-static void list_keyblock( KBNODE keyblock, int secret );
-static void fingerprint( PKT_public_key *pk, PKT_secret_key *sk );
 
+struct sig_stats
+{
+  int inv_sigs;
+  int no_key;
+  int oth_err;
+};
+
+static FILE *attrib_fp=NULL;
 
 /****************
  * List the keys
@@ -63,123 +72,146 @@ secret_key_list( STRLIST list )
 	list_one( list, 1 );
 }
 
+void
+show_policy_url(PKT_signature *sig,int indent)
+{
+  const byte *p;
+  size_t len;
+  int seq=0,crit;
+
+  while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_POLICY,&len,&seq,&crit)))
+    {
+      int i;
+
+      for(i=0;i<indent;i++)
+	putchar(' ');
+
+      /* This isn't UTF8 as it is a URL(?) */
+      if(crit)
+	printf(_("Critical signature policy: "));
+      else
+	printf(_("Signature policy: "));
+      print_string(stdout,p,len,0);
+      printf("\n");
+    }
+}
+
+void
+show_notation(PKT_signature *sig,int indent)
+{
+  const byte *p;
+  size_t len;
+  int seq=0,crit;
+
+  /* There may be multiple notations in the same sig. */
+
+  while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,&len,&seq,&crit)))
+    if(len>=8)
+      {
+	int n1,n2,i;
+
+	n1=(p[4]<<8)|p[5];
+	n2=(p[6]<<8)|p[7];
+
+	if(8+n1+n2!=len)
+	  {
+	    log_info(_("WARNING: invalid notation data found\n"));
+	    return;
+	  }
+
+	for(i=0;i<indent;i++)
+	  putchar(' ');
+
+	/* This is UTF8 */
+	if(crit)
+	  printf(_("Critical signature notation: "));
+	else
+	  printf(_("Signature notation: "));
+	print_utf8_string(stdout,p+8,n1);
+	printf("=");
+
+	if(*p&0x80)
+	  print_utf8_string(stdout,p+8+n1,n2);
+	else
+	  printf("[ %s ]",_("not human readable"));
+
+	printf("\n");
+      }
+  else
+    log_info(_("WARNING: invalid notation data found\n"));
+}
+
+static void
+print_signature_stats(struct sig_stats *s)
+{
+  if( s->inv_sigs == 1 )
+    tty_printf(_("1 bad signature\n") );
+  else if( s->inv_sigs )
+    tty_printf(_("%d bad signatures\n"), s->inv_sigs );
+  if( s->no_key == 1 )
+    tty_printf(_("1 signature not checked due to a missing key\n") );
+  else if( s->no_key )
+    tty_printf(_("%d signatures not checked due to missing keys\n"),s->no_key);
+  if( s->oth_err == 1 )
+    tty_printf(_("1 signature not checked due to an error\n") );
+  else if( s->oth_err )
+    tty_printf(_("%d signatures not checked due to errors\n"), s->oth_err );
+}
 
 static void
 list_all( int secret )
 {
-    KBPOS kbpos;
+    KEYDB_HANDLE hd;
     KBNODE keyblock = NULL;
     int rc=0;
-    int lastresno;
+    const char *lastresname, *resname;
+    struct sig_stats stats;
+
+    memset(&stats,0,sizeof(stats));
 
-    rc = enum_keyblocks_begin( &kbpos, secret );
+    hd = keydb_new (secret);
+    if (!hd)
+        rc = G10ERR_GENERAL;
+    else
+        rc = keydb_search_first (hd);
     if( rc ) {
 	if( rc != -1 )
-	    log_error("enum_keyblocks(open) failed: %s\n", gpg_errstr(rc) );
+	    log_error("keydb_search_first failed: %s\n", g10_errstr(rc) );
 	goto leave;
     }
 
-    lastresno = -1;
-    while( !(rc = enum_keyblocks_next( kbpos, 1, &keyblock )) ) {
-	if( 1 /*lastresno != kbpos.resno FIXME!!! */ ) {
-	    const char *s = "foo" /*keyblock_resource_name( &kbpos ) */;
+    lastresname = NULL;
+    do {
+        rc = keydb_get_keyblock (hd, &keyblock);
+        if (rc) {
+            log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
+            goto leave;
+        }
+        resname = keydb_get_resource_name (hd);
+	if (lastresname != resname ) {
 	    int i;
 
-	    /* FIXME lastresno = kbpos.resno*/
-	    printf("%s\n", s );
-	    for(i=strlen(s); i; i-- )
+	    printf("%s\n", resname );
+	    for(i=strlen(resname); i; i-- )
 		putchar('-');
 	    putchar('\n');
+            lastresname = resname;
 	}
-	merge_keys_and_selfsig( keyblock );
-	list_keyblock( keyblock, secret );
-	release_kbnode( keyblock ); keyblock = NULL;
-    }
-
+        merge_keys_and_selfsig( keyblock );
+	list_keyblock( keyblock, secret, opt.fingerprint,
+		       opt.check_sigs?&stats:NULL);
+	release_kbnode( keyblock ); 
+        keyblock = NULL;
+    } while (!(rc = keydb_search_next (hd)));
     if( rc && rc != -1 )
-	log_error("enum_keyblocks(read) failed: %s\n", gpg_errstr(rc));
+	log_error ("keydb_search_next failed: %s\n", g10_errstr(rc));
 
-  leave:
-    enum_keyblocks_end( kbpos ); 
-    release_kbnode( keyblock );
-}
+    if(opt.check_sigs && !opt.with_colons)
+      print_signature_stats(&stats);
 
-
-/****************
- * Check whether the user ID at NODE is valid; that is it has a
- * valid self-signature but no later valid revocation.
- * Caller has to pass the keyID of the primary in mainkey.
- * Returns: NULL = valid
- *	    string with the reason why it is invalid
- */
-static const char *
-is_uid_valid ( KBNODE keyblock, KBNODE uidnode, u32 *mainkid )
-{
-    KBNODE node;
-    PKT_signature *selfsig = NULL; /* the latest valid self signature */
-
-    /* The key signature verify function can's handle secret keys yet and
-     * becuase we are not sure whether the duplication of user IDs and
-     * self-signatures should be kept on secret keys we are not going to fix
-     * it there. */
-    if ( keyblock->pkt->pkttype == PKT_SECRET_KEY )
-	return NULL;
-
-    assert ( uidnode->pkt->pkttype == PKT_USER_ID
-	     || uidnode->pkt->pkttype == PKT_PHOTO_ID );
-
-    /* first find out about the latest valid self-signature */
-    for ( node = uidnode->next; node; node = node->next ) {
-	PKT_signature *sig;
-
-	if ( node->pkt->pkttype == PKT_USER_ID
-	     || node->pkt->pkttype == PKT_PHOTO_ID
-	     || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
-	     || node->pkt->pkttype == PKT_SECRET_SUBKEY )
-	    break;
-	if ( node->pkt->pkttype != PKT_SIGNATURE )
-	    continue;
-	sig = node->pkt->pkt.signature;
-	if ( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] )
-	    continue; /* we only care about self-signatures for now */
-
-	if ( (sig->sig_class&~3) == 0x10 ) { /* regular self signature */
-	    if ( !check_key_signature( keyblock, node, NULL ) ) {
-		if ( !selfsig )
-		    selfsig = sig; /* use the first valid sig */
-		else if ( sig->timestamp > selfsig->timestamp
-			  && sig->sig_class >= selfsig->sig_class )
-		    selfsig = sig; /* but this one is newer */
-	    }
-	}
-    }
-
-    if ( !selfsig )
-	return _("invalid"); /* no valid self signature */
-
-    /* watch out for a newer revocation */
-    for ( node = uidnode->next; node; node = node->next ) {
-	PKT_signature *sig;
-
-	if ( node->pkt->pkttype == PKT_USER_ID
-	     || node->pkt->pkttype == PKT_PHOTO_ID
-	     || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
-	     || node->pkt->pkttype == PKT_SECRET_SUBKEY )
-	    break;
-	if ( node->pkt->pkttype != PKT_SIGNATURE )
-	    continue;
-	sig = node->pkt->pkt.signature;
-	if ( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] )
-	    continue; /* we only care about self-signatures for now */
-
-	if ( sig->sig_class == 0x30
-	     && sig->timestamp >= selfsig->timestamp ) {
-	    if ( !check_key_signature( keyblock, node, NULL ) )
-		return _("revoked");
-	}
-    }
-
-    return NULL; /* UID is valid */
+  leave:
+    release_kbnode (keyblock);
+    keydb_release (hd);
 }
 
 
@@ -189,17 +221,38 @@ list_one( STRLIST names, int secret )
     int rc = 0;
     KBNODE keyblock = NULL;
     GETKEY_CTX ctx;
+    const char *resname;
+    char *keyring_str = N_("Keyring");
+    int i;
+    struct sig_stats stats;
 
+    memset(&stats,0,sizeof(stats));
+
+    /* fixme: using the bynames function has the disadvantage that we
+     * don't know wether one of the names given was not found.  OTOH,
+     * this function has the advantage to list the names in the
+     * sequence as defined by the keyDB and does not duplicate
+     * outputs.  A solution could be do test whether all given have
+     * been listed (this needs a way to use the keyDB search
+     * functions) or to have the search function return indicators for
+     * found names.  Yet another way is to use the keydb search
+     * facilities directly. */
     if( secret ) {
 	rc = get_seckey_bynames( &ctx, NULL, names, &keyblock );
 	if( rc ) {
-	    log_error("error reading key: %s\n",  gpg_errstr(rc) );
+	    log_error("error reading key: %s\n",  g10_errstr(rc) );
 	    get_seckey_end( ctx );
 	    return;
 	}
 	do {
-	    merge_keys_and_selfsig( keyblock );
-	    list_keyblock( keyblock, 1 );
+	    if (opt.show_keyring) {
+		resname = keydb_get_resource_name (get_ctx_handle(ctx));
+		printf("%s: %s\n", keyring_str, resname);
+		for(i = strlen(resname) + strlen(keyring_str) + 2; i; i-- )
+		    putchar('-');
+		putchar('\n');
+	    }
+	    list_keyblock( keyblock, 1, opt.fingerprint, &stats );
 	    release_kbnode( keyblock );
 	} while( !get_seckey_next( ctx, NULL, &keyblock ) );
 	get_seckey_end( ctx );
@@ -207,17 +260,27 @@ list_one( STRLIST names, int secret )
     else {
 	rc = get_pubkey_bynames( &ctx, NULL, names, &keyblock );
 	if( rc ) {
-	    log_error("error reading key: %s\n", gpg_errstr(rc) );
+	    log_error("error reading key: %s\n", g10_errstr(rc) );
 	    get_pubkey_end( ctx );
 	    return;
 	}
 	do {
-	    merge_keys_and_selfsig( keyblock );
-	    list_keyblock( keyblock, 0 );
+	    if (opt.show_keyring) {
+		resname = keydb_get_resource_name (get_ctx_handle(ctx));
+		printf("%s: %s\n", keyring_str, resname);
+		for(i = strlen(resname) + strlen(keyring_str) + 2; i; i-- )
+		    putchar('-');
+		putchar('\n');
+	    }
+	    list_keyblock( keyblock, 0, opt.fingerprint,
+			   opt.check_sigs?&stats:NULL );
 	    release_kbnode( keyblock );
 	} while( !get_pubkey_next( ctx, NULL, &keyblock ) );
 	get_pubkey_end( ctx );
     }
+
+    if(opt.check_sigs && !opt.with_colons)
+      print_signature_stats(&stats);
 }
 
 static void
@@ -227,16 +290,103 @@ print_key_data( PKT_public_key *pk, u32 *keyid )
     int i;
 
     for(i=0; i < n; i++ ) {
-	printf("pkd:%d:%u:", i, gcry_mpi_get_nbits( pk->pkey[i] ) );
+	printf("pkd:%d:%u:", i, mpi_get_nbits( pk->pkey[i] ) );
 	mpi_print(stdout, pk->pkey[i], 1 );
 	putchar(':');
 	putchar('\n');
     }
 }
 
+static void
+print_capabilities (PKT_public_key *pk, PKT_secret_key *sk, KBNODE keyblock)
+{
+    unsigned int use = pk? pk->pubkey_usage : sk->pubkey_usage;
+    
+    if ( use & PUBKEY_USAGE_ENC ) {
+        putchar ('e');
+    }
+    if ( use & PUBKEY_USAGE_SIG ) {
+        putchar ('s');
+        putchar ('c');
+    }
+    if ( keyblock ) { /* figure our the usable capabilities */
+        KBNODE k;
+        int enc=0, sign=0, cert=0;
+
+        for (k=keyblock; k; k = k->next ) {
+            if ( k->pkt->pkttype == PKT_PUBLIC_KEY 
+                 || k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
+                pk = k->pkt->pkt.public_key;
+                if ( pk->is_valid && !pk->is_revoked && !pk->has_expired ) {
+                    if ( pk->pubkey_usage & PUBKEY_USAGE_ENC )
+                        enc = 1;
+                    if ( pk->pubkey_usage & PUBKEY_USAGE_SIG )
+                        sign = cert = 1;
+                }
+            }
+            else if ( k->pkt->pkttype == PKT_SECRET_KEY 
+                      || k->pkt->pkttype == PKT_SECRET_SUBKEY ) {
+                sk = k->pkt->pkt.secret_key;
+                if ( sk->is_valid && !sk->is_revoked && !sk->has_expired ) {
+                    if ( sk->pubkey_usage & PUBKEY_USAGE_ENC )
+                        enc = 1;
+                    if ( sk->pubkey_usage & PUBKEY_USAGE_SIG )
+                        sign = cert = 1;
+                }
+            }
+        }
+        if (enc)
+            putchar ('E');
+        if (sign)
+            putchar ('S');
+        if (cert)
+            putchar ('C');
+    }
+    putchar(':');
+}
+
+static void dump_attribs(const PKT_user_id *uid,
+			 PKT_public_key *pk,PKT_secret_key *sk)
+{
+  int i;
+
+  if(!attrib_fp)
+    BUG();
+
+  for(i=0;i<uid->numattribs;i++)
+    {
+      if(is_status_enabled())
+	{
+	  byte array[MAX_FINGERPRINT_LEN], *p;
+	  char buf[(MAX_FINGERPRINT_LEN*2)+90];
+	  size_t j,n;
+
+	  if(pk)
+	    fingerprint_from_pk( pk, array, &n );
+	  else if(sk)
+	    fingerprint_from_sk( sk, array, &n );
+	  else
+	    BUG();
+
+	  p = array;
+	  for(j=0; j < n ; j++, p++ )
+	    sprintf(buf+2*j, "%02X", *p );
+
+	  sprintf(buf+strlen(buf)," %lu %u %u %u %lu %lu %u",
+		  uid->attribs[i].len,uid->attribs[i].type,i+1,
+		  uid->numattribs,(ulong)uid->created,(ulong)uid->expiredate,
+		  ((uid->is_primary?0x01:0)|
+		   (uid->is_revoked?0x02:0)|
+		   (uid->is_expired?0x04:0)));
+	  write_status_text(STATUS_ATTRIBUTE,buf);
+	}
+
+      fwrite(uid->attribs[i].data,uid->attribs[i].len,1,attrib_fp);
+    }
+}
 
 static void
-list_keyblock( KBNODE keyblock, int secret )
+list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
 {
     int rc = 0;
     KBNODE kbctx;
@@ -245,8 +395,7 @@ list_keyblock( KBNODE keyblock, int secret )
     PKT_secret_key *sk;
     u32 keyid[2];
     int any=0;
-    int trustletter = 0;
-    int ulti_hack = 0;
+    struct sig_stats *stats=opaque;
 
     /* get the keyid from the keyblock */
     node = find_kbnode( keyblock, secret? PKT_SECRET_KEY : PKT_PUBLIC_KEY );
@@ -260,16 +409,7 @@ list_keyblock( KBNODE keyblock, int secret )
 	pk = NULL;
 	sk = node->pkt->pkt.secret_key;
 	keyid_from_sk( sk, keyid );
-	if( opt.with_colons )
-	    printf("sec:u:%u:%d:%08lX%08lX:%s:%s:::",
-		    nbits_from_sk( sk ),
-		    sk->pubkey_algo,
-		    (ulong)keyid[0],(ulong)keyid[1],
-		    datestr_from_sk( sk ),
-		    sk->expiredate? strtimestamp(sk->expiredate):""
-		    /* fixme: add LID here */ );
-	else
-	    printf("sec  %4u%c/%08lX %s ", nbits_from_sk( sk ),
+        printf("sec  %4u%c/%08lX %s ", nbits_from_sk( sk ),
 				       pubkey_letter( sk->pubkey_algo ),
 				       (ulong)keyid[1],
 				       datestr_from_sk( sk ) );
@@ -278,80 +418,309 @@ list_keyblock( KBNODE keyblock, int secret )
 	pk = node->pkt->pkt.public_key;
 	sk = NULL;
 	keyid_from_pk( pk, keyid );
-	if( opt.with_colons ) {
-	    if ( opt.fast_list_mode ) {
-		fputs( "pub::", stdout );
-		trustletter = 0;
+        printf("pub  %4u%c/%08lX %s ", nbits_from_pk( pk ),
+				       pubkey_letter( pk->pubkey_algo ),
+				       (ulong)keyid[1],
+				       datestr_from_pk( pk ) );
+    }
+
+    for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
+	if( node->pkt->pkttype == PKT_USER_ID && !opt.fast_list_mode ) {
+	    if(attrib_fp && node->pkt->pkt.user_id->attrib_data!=NULL)
+	      dump_attribs(node->pkt->pkt.user_id,pk,sk);
+            /* don't list revoked UIDS unless we are in verbose mode and 
+             * signature listing has not been requested */
+            if ( !opt.verbose && !opt.list_sigs
+                 && node->pkt->pkt.user_id->is_revoked )
+                continue; 
+
+	    if( any ) 
+                printf("uid%*s", 28, "");
+
+            if ( node->pkt->pkt.user_id->is_revoked )
+                fputs ("[revoked] ", stdout);
+            if ( node->pkt->pkt.user_id->is_expired )
+                fputs ("[expired] ", stdout);
+            print_utf8_string( stdout,  node->pkt->pkt.user_id->name,
+                               node->pkt->pkt.user_id->len );
+	    putchar('\n');
+	    if( !any ) {
+		if( fpr )
+		    print_fingerprint( pk, sk, 0 );
+		if( opt.with_key_data )
+		    print_key_data( pk, keyid );
+		any = 1;
+	    }
+
+	    if(opt.show_photos && node->pkt->pkt.user_id->attribs!=NULL)
+	      show_photos(node->pkt->pkt.user_id->attribs,
+			  node->pkt->pkt.user_id->numattribs,pk,sk);
+	}
+	else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
+	    u32 keyid2[2];
+	    PKT_public_key *pk2 = node->pkt->pkt.public_key;
+
+	    if( !any ) {
+		putchar('\n');
+		if( fpr )
+		    print_fingerprint( pk, sk, 0 ); /* of the main key */
+		any = 1;
+	    }
+
+	    keyid_from_pk( pk2, keyid2 );
+            printf("sub  %4u%c/%08lX %s", nbits_from_pk( pk2 ),
+                   pubkey_letter( pk2->pubkey_algo ),
+                   (ulong)keyid2[1],
+                   datestr_from_pk( pk2 ) );
+            if( pk2->expiredate ) {
+                printf(_(" [expires: %s]"), expirestr_from_pk( pk2 ) );
+            }
+            putchar('\n');
+	    if( fpr > 1 )
+		print_fingerprint( pk2, NULL, 0 );
+	    if( opt.with_key_data )
+		print_key_data( pk2, keyid2 );
+	}
+	else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
+	    u32 keyid2[2];
+	    PKT_secret_key *sk2 = node->pkt->pkt.secret_key;
+
+	    if( !any ) {
+		putchar('\n');
+		if( fpr )
+		    print_fingerprint( pk, sk, 0 ); /* of the main key */
+		any = 1;
+	    }
+
+	    keyid_from_sk( sk2, keyid2 );
+            printf("ssb  %4u%c/%08lX %s\n", nbits_from_sk( sk2 ),
+					   pubkey_letter( sk2->pubkey_algo ),
+					   (ulong)keyid2[1],
+					   datestr_from_sk( sk2 ) );
+	    if( fpr > 1 )
+		print_fingerprint( NULL, sk2, 0 );
+	}
+	else if( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE ) {
+	    PKT_signature *sig = node->pkt->pkt.signature;
+	    int sigrc;
+            char *sigstr;
+
+	    if( stats ) {
+                /*fflush(stdout);*/
+		rc = check_key_signature( keyblock, node, NULL );
+		switch( rc ) {
+		 case 0:		 sigrc = '!'; break;
+		 case G10ERR_BAD_SIGN:   stats->inv_sigs++; sigrc = '-'; break;
+		 case G10ERR_NO_PUBKEY: 
+		 case G10ERR_UNU_PUBKEY: stats->no_key++; continue;
+		 default:		 stats->oth_err++; sigrc = '%'; break;
+		}
 	    }
 	    else {
-		trustletter = query_trust_info( pk, NULL );
-		if( trustletter == 'u' )
-		    ulti_hack = 1;
-		printf("pub:%c:", trustletter );
+		rc = 0;
+		sigrc = ' ';
 	    }
-	    printf("%u:%d:%08lX%08lX:%s:%s:",
+
+	    if( !any ) { /* no user id, (maybe a revocation follows)*/
+	      /* Check if the pk is really revoked - there could be a
+                 0x20 sig packet there even if we are not revoked
+                 (say, if a revocation key issued the packet, but the
+                 revocation key isn't present to verify it.) */
+		if( sig->sig_class == 0x20 && pk->is_revoked )
+		    puts("[revoked]");
+		else if( sig->sig_class == 0x18 )
+		    puts("[key binding]");
+		else if( sig->sig_class == 0x28 )
+		    puts("[subkey revoked]");
+		else
+		    putchar('\n');
+		if( fpr )
+		    print_fingerprint( pk, sk, 0 );
+		any=1;
+	    }
+
+	    if( sig->sig_class == 0x20 || sig->sig_class == 0x28
+				       || sig->sig_class == 0x30 )
+	       sigstr = "rev";
+	    else if( (sig->sig_class&~3) == 0x10 )
+	       sigstr = "sig";
+	    else if( sig->sig_class == 0x18 )
+	       sigstr = "sig";
+	    else if( sig->sig_class == 0x1F )
+	       sigstr = "sig";
+	    else {
+                printf("sig                             "
+		       "[unexpected signature class 0x%02x]\n",sig->sig_class );
+		continue;
+	    }
+
+            fputs( sigstr, stdout );
+	    printf("%c%c %c%c%c%c%c %08lX %s   ",
+                   sigrc,(sig->sig_class-0x10>0 &&
+                          sig->sig_class-0x10<4)?'0'+sig->sig_class-0x10:' ',
+                   sig->flags.exportable?' ':'L',
+                   sig->flags.revocable?' ':'R',
+                   sig->flags.policy_url?'P':' ',
+                   sig->flags.notation?'N':' ',
+                   sig->flags.expired?'X':' ',
+                   (ulong)sig->keyid[1], datestr_from_sig(sig));
+	    if( sigrc == '%' )
+		printf("[%s] ", g10_errstr(rc) );
+	    else if( sigrc == '?' )
+		;
+	    else if ( !opt.fast_list_mode ) {
+		size_t n;
+		char *p = get_user_id( sig->keyid, &n );
+                print_utf8_string( stdout, p, n );
+		m_free(p);
+	    }
+	    putchar('\n');
+
+	    if(sig->flags.policy_url && opt.show_policy_url)
+	      show_policy_url(sig,3);
+
+	    if(sig->flags.notation && opt.show_notation)
+	      show_notation(sig,3);
+
+	    /* fixme: check or list other sigs here */
+	}
+    }
+    putchar('\n');
+}
+
+
+static void
+list_keyblock_colon( KBNODE keyblock, int secret, int fpr )
+{
+    int rc = 0;
+    KBNODE kbctx;
+    KBNODE node;
+    PKT_public_key *pk;
+    PKT_secret_key *sk;
+    u32 keyid[2];
+    int any=0;
+    int trustletter = 0;
+    int ulti_hack = 0;
+
+    /* get the keyid from the keyblock */
+    node = find_kbnode( keyblock, secret? PKT_SECRET_KEY : PKT_PUBLIC_KEY );
+    if( !node ) {
+	log_error("Oops; key lost!\n");
+	dump_kbnode( keyblock );
+	return;
+    }
+
+    if( secret ) {
+	pk = NULL;
+	sk = node->pkt->pkt.secret_key;
+	keyid_from_sk( sk, keyid );
+        printf("sec:u:%u:%d:%08lX%08lX:%s:%s:::",
+		    nbits_from_sk( sk ),
+		    sk->pubkey_algo,
+		    (ulong)keyid[0],(ulong)keyid[1],
+		    colon_datestr_from_sk( sk ),
+		    colon_strtime (sk->expiredate)
+		    /* fixme: add LID here */ );
+    }
+    else {
+	pk = node->pkt->pkt.public_key;
+	sk = NULL;
+	keyid_from_pk( pk, keyid );
+        fputs( "pub:", stdout );
+        trustletter = 0;
+        if ( !pk->is_valid )
+            putchar ('i');
+        else if ( pk->is_revoked )
+            putchar ('r');
+        else if ( pk->has_expired )
+            putchar ('e');
+        else if ( opt.fast_list_mode || opt.no_expensive_trust_checks ) 
+            ;
+        else {
+            trustletter = get_validity_info ( pk, NULL );
+            if( trustletter == 'u' )
+                ulti_hack = 1;
+            putchar(trustletter);
+        }
+        printf(":%u:%d:%08lX%08lX:%s:%s:",
 		    nbits_from_pk( pk ),
 		    pk->pubkey_algo,
 		    (ulong)keyid[0],(ulong)keyid[1],
-		    datestr_from_pk( pk ),
-		    pk->expiredate? strtimestamp(pk->expiredate):"" );
-	    if( pk->local_id )
-		printf("%lu", pk->local_id );
+		    colon_datestr_from_pk( pk ),
+		    colon_strtime (pk->expiredate) );
+        if( pk->local_id )
+            printf("%lu", pk->local_id );
+        putchar(':');
+        if( !opt.fast_list_mode && !opt.no_expensive_trust_checks  )
+            putchar( get_ownertrust_info(pk) );
 	    putchar(':');
-	    if( pk->local_id && !opt.fast_list_mode )
-		putchar( get_ownertrust_info( pk->local_id ) );
-	    putchar(':');
-	}
-	else
-	    printf("pub  %4u%c/%08lX %s ", nbits_from_pk( pk ),
-				       pubkey_letter( pk->pubkey_algo ),
-				       (ulong)keyid[1],
-				       datestr_from_pk( pk ) );
+    }
+    
+    if (opt.fixed_list_mode) {
+        /* do not merge the first uid with the primary key */
+        putchar(':');
+        putchar(':');
+        print_capabilities (pk, sk, keyblock);
+        putchar('\n');
+        if( fpr )
+            print_fingerprint( pk, sk, 0 );
+        if( opt.with_key_data )
+            print_key_data( pk, keyid );
+        any = 1;
     }
 
+
     for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
 	if( node->pkt->pkttype == PKT_USER_ID && !opt.fast_list_mode ) {
+	    if(attrib_fp && node->pkt->pkt.user_id->attrib_data!=NULL)
+	      dump_attribs(node->pkt->pkt.user_id,pk,sk);
+            /*
+             * Fixme: We need a is_valid flag here too 
+             */
 	    if( any ) {
-		if ( opt.with_colons ) {
+	        char *str=node->pkt->pkt.user_id->attrib_data?"uat":"uid";
+                if ( node->pkt->pkt.user_id->is_revoked )
+        	    printf("%s:r::::::::",str);
+                else if ( node->pkt->pkt.user_id->is_expired )
+        	    printf("%s:e::::::::",str);
+		else if ( opt.no_expensive_trust_checks ) {
+        	    printf("%s:::::::::",str);
+	        }
+                else {
 		    byte namehash[20];
 
 		    if( pk && !ulti_hack ) {
-			if( node->pkt->pkt.user_id->photo ) {
-			    gcry_md_hash_buffer( GCRY_MD_RMD160, namehash,
+			if( node->pkt->pkt.user_id->attrib_data )
+			    rmd160_hash_buffer( namehash,
+					   node->pkt->pkt.user_id->attrib_data,
+					   node->pkt->pkt.user_id->attrib_len);
+			else
+			    rmd160_hash_buffer( namehash,
 					    node->pkt->pkt.user_id->name,
 					    node->pkt->pkt.user_id->len  );
-			}
-			else {
-			    gcry_md_hash_buffer( GCRY_MD_RMD160, namehash,
-					    node->pkt->pkt.user_id->name,
-					    node->pkt->pkt.user_id->len  );
-			}
-			trustletter = query_trust_info( pk, namehash );
+			trustletter = get_validity_info( pk, namehash );
 		    }
 		    else
 			trustletter = 'u';
-		    printf("uid:%c::::::::", trustletter);
-		}
-		else
-		    printf("uid%*s", 28, "");
-	    }
-	    if( opt.with_colons ) {
-		print_string( stdout,  node->pkt->pkt.user_id->name,
-			      node->pkt->pkt.user_id->len, ':' );
-		putchar(':');
+		    printf("%s:%c::::::::",str,trustletter);
+                }
 	    }
-	    else {
-		const char *s = is_uid_valid ( keyblock, node, keyid );
-		if ( s )
-		    printf ("[%s] ", s );
-		print_utf8_string( stdout,  node->pkt->pkt.user_id->name,
-				   node->pkt->pkt.user_id->len );
-	    }
-
-	    putchar('\n');
-	    if( !any ) {
-		if( opt.fingerprint )
-		    fingerprint( pk, sk );
+	    if(node->pkt->pkt.user_id->attrib_data)
+	      printf("%u %lu",
+		     node->pkt->pkt.user_id->numattribs,
+		     node->pkt->pkt.user_id->attrib_len);
+            else
+	      print_string( stdout,  node->pkt->pkt.user_id->name,
+			    node->pkt->pkt.user_id->len, ':' );
+            putchar(':');
+	    if (any)
+                putchar('\n');
+            else {
+                putchar(':');
+                print_capabilities (pk, sk, keyblock);
+                putchar('\n');
+		if( fpr )
+		    print_fingerprint( pk, sk, 0 );
 		if( opt.with_key_data )
 		    print_key_data( pk, keyid );
 		any = 1;
@@ -362,48 +731,46 @@ list_keyblock( KBNODE keyblock, int secret )
 	    PKT_public_key *pk2 = node->pkt->pkt.public_key;
 
 	    if( !any ) {
-		putchar('\n');
-		if( opt.fingerprint )
-		    fingerprint( pk, sk ); /* of the main key */
+                putchar(':');
+                putchar(':');
+                print_capabilities (pk, sk, keyblock);
+                putchar('\n');
+		if( fpr )
+		    print_fingerprint( pk, sk, 0 ); /* of the main key */
 		any = 1;
 	    }
 
-
-
 	    keyid_from_pk( pk2, keyid2 );
-	    if( opt.with_colons ) {
-		if ( opt.fast_list_mode ) {
-		    fputs( "sub::", stdout );
-		}
-		else {
-		    printf("sub:%c:", trustletter );
-		}
-		printf("%u:%d:%08lX%08lX:%s:%s:",
+            fputs ("sub:", stdout );
+            if ( !pk2->is_valid )
+                putchar ('i');
+            else if ( pk2->is_revoked )
+                putchar ('r');
+            else if ( pk2->has_expired )
+                putchar ('e');
+            else if ( opt.fast_list_mode || opt.no_expensive_trust_checks )
+                ;
+            else {
+                printf("%c", trustletter );
+            }
+            printf(":%u:%d:%08lX%08lX:%s:%s:",
 			nbits_from_pk( pk2 ),
 			pk2->pubkey_algo,
 			(ulong)keyid2[0],(ulong)keyid2[1],
-			datestr_from_pk( pk2 ),
-			pk2->expiredate? strtimestamp(pk2->expiredate):""
+			colon_datestr_from_pk( pk2 ),
+			colon_strtime (pk2->expiredate)
 			/* fixme: add LID and ownertrust here */
 						);
-		if( pk->local_id ) /* use the local_id of the main key??? */
-		    printf("%lu", pk->local_id );
-		putchar(':');
-		putchar(':');
-		putchar('\n');
-	    }
-	    else {
-		printf("sub  %4u%c/%08lX %s", nbits_from_pk( pk2 ),
-					   pubkey_letter( pk2->pubkey_algo ),
-					   (ulong)keyid2[1],
-					   datestr_from_pk( pk2 ) );
-		if( pk2->expiredate ) {
-		    printf(_(" [expires: %s]"), expirestr_from_pk( pk2 ) );
-		}
-		putchar('\n');
-	    }
-	    if( opt.fingerprint > 1 )
-		fingerprint( pk2, NULL );
+            if( pk->local_id ) /* use the local_id of the main key??? */
+                printf("%lu", pk->local_id );
+            putchar(':');
+            putchar(':');
+            putchar(':');
+            putchar(':');
+            print_capabilities (pk2, NULL, NULL);
+            putchar('\n');
+	    if( fpr > 1 )
+		print_fingerprint( pk2, NULL, 0 );
 	    if( opt.with_key_data )
 		print_key_data( pk2, keyid2 );
 	}
@@ -412,47 +779,47 @@ list_keyblock( KBNODE keyblock, int secret )
 	    PKT_secret_key *sk2 = node->pkt->pkt.secret_key;
 
 	    if( !any ) {
+                putchar(':');
+                putchar(':');
+                print_capabilities (pk, sk, keyblock);
 		putchar('\n');
-		if( opt.fingerprint )
-		    fingerprint( pk, sk ); /* of the main key */
+		if( fpr )
+		    print_fingerprint( pk, sk, 0 ); /* of the main key */
 		any = 1;
 	    }
 
 	    keyid_from_sk( sk2, keyid2 );
-	    if( opt.with_colons )
-		printf("ssb::%u:%d:%08lX%08lX:%s:%s:::\n",
+            printf("ssb::%u:%d:%08lX%08lX:%s:%s:::::",
 			nbits_from_sk( sk2 ),
 			sk2->pubkey_algo,
 			(ulong)keyid2[0],(ulong)keyid2[1],
-			datestr_from_sk( sk2 ),
-			sk2->expiredate? strtimestamp(sk2->expiredate):""
-			/* fixme: add LID */
-						);
-	    else
-		printf("ssb  %4u%c/%08lX %s\n", nbits_from_sk( sk2 ),
-					   pubkey_letter( sk2->pubkey_algo ),
-					   (ulong)keyid2[1],
-					   datestr_from_sk( sk2 ) );
-	    if( opt.fingerprint > 1 )
-		fingerprint( NULL, sk2 );
-
+			colon_datestr_from_sk( sk2 ),
+			colon_strtime (sk2->expiredate)
+                   /* fixme: add LID */ );
+            print_capabilities (NULL, sk2, NULL);
+            putchar ('\n');
+	    if( fpr > 1 )
+		print_fingerprint( NULL, sk2, 0 );
 	}
 	else if( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE ) {
 	    PKT_signature *sig = node->pkt->pkt.signature;
 	    int sigrc;
-	   char *sigstr;
+            char *sigstr;
 
 	    if( !any ) { /* no user id, (maybe a revocation follows)*/
 		if( sig->sig_class == 0x20 )
-		    puts("[revoked]");
+		    fputs("[revoked]:", stdout);
 		else if( sig->sig_class == 0x18 )
-		    puts("[key binding]");
+		    fputs("[key binding]:", stdout);
 		else if( sig->sig_class == 0x28 )
-		    puts("[subkey revoked]");
-		else
-		    putchar('\n');
-		if( opt.fingerprint )
-		    fingerprint( pk, sk );
+		    fputs("[subkey revoked]:", stdout);
+                else
+                    putchar (':');
+                putchar(':');
+                print_capabilities (pk, sk, keyblock);
+                putchar('\n');
+		if( fpr )
+		    print_fingerprint( pk, sk, 0 );
 		any=1;
 	    }
 
@@ -464,11 +831,8 @@ list_keyblock( KBNODE keyblock, int secret )
 	    else if( sig->sig_class == 0x18 )
 	       sigstr = "sig";
 	    else {
-		if( opt.with_colons )
-		    printf("sig::::::::::%02x:\n",sig->sig_class );
-		else
-		    printf("sig                             "
-		       "[unexpected signature class 0x%02x]\n",sig->sig_class );
+                printf ("sig::::::::::%02x%c:\n",
+                        sig->sig_class, sig->flags.exportable?'x':'l');
 		continue;
 	    }
 	    if( opt.check_sigs ) {
@@ -476,8 +840,9 @@ list_keyblock( KBNODE keyblock, int secret )
 		rc = check_key_signature( keyblock, node, NULL );
 		switch( rc ) {
 		  case 0:		   sigrc = '!'; break;
-		  case GPGERR_BAD_SIGN:    sigrc = '-'; break;
-		  case GPGERR_NO_PUBKEY:   sigrc = '?'; break;
+		  case G10ERR_BAD_SIGN:    sigrc = '-'; break;
+		  case G10ERR_NO_PUBKEY: 
+		  case G10ERR_UNU_PUBKEY:  sigrc = '?'; break;
 		  default:		   sigrc = '%'; break;
 		}
 	    }
@@ -485,80 +850,191 @@ list_keyblock( KBNODE keyblock, int secret )
 		rc = 0;
 		sigrc = ' ';
 	    }
-	   fputs( sigstr, stdout );
-	    if( opt.with_colons ) {
-		putchar(':');
-		if( sigrc != ' ' )
-		    putchar(sigrc);
-		printf("::%d:%08lX%08lX:%s::::", sig->pubkey_algo,
+            fputs( sigstr, stdout );
+            putchar(':');
+            if( sigrc != ' ' )
+                putchar(sigrc);
+            printf("::%d:%08lX%08lX:%s:%s:::", sig->pubkey_algo,
 						 (ulong)sig->keyid[0],
-			   (ulong)sig->keyid[1], datestr_from_sig(sig));
-	    }
-	    else
-		printf("%c       %08lX %s  ",
-		    sigrc, (ulong)sig->keyid[1], datestr_from_sig(sig));
+			   (ulong)sig->keyid[1], colon_datestr_from_sig(sig),
+		           colon_expirestr_from_sig(sig));
 	    if( sigrc == '%' )
-		printf("[%s] ", gpg_errstr(rc) );
+		printf("[%s] ", g10_errstr(rc) );
 	    else if( sigrc == '?' )
 		;
 	    else if ( !opt.fast_list_mode ) {
 		size_t n;
 		char *p = get_user_id( sig->keyid, &n );
-		if( opt.with_colons )
-		    print_string( stdout, p, n, ':' );
-		else
-		    print_utf8_string( stdout, p, n );
-		gcry_free(p);
+                print_string( stdout, p, n, ':' );
+		m_free(p);
 	    }
-	    if( opt.with_colons )
-		printf(":%02x:", sig->sig_class );
-	    putchar('\n');
-	    /* FIXME: check or list other sigs here (subpkt PRIV_ADD_SIG)*/
+            printf(":%02x%c:\n", sig->sig_class,sig->flags.exportable?'x':'l');
+	    /* fixme: check or list other sigs here */
 	}
     }
     if( !any ) {/* oops, no user id */
-	if( opt.with_colons )
-	    putchar(':');
+        putchar(':');
+        putchar(':');
+        print_capabilities (pk, sk, keyblock);
 	putchar('\n');
     }
-    else if( !opt.with_colons )
-	putchar('\n');  /* separator line */
 }
 
+/*
+ * Reorder the keyblock so that the primary user ID (and not attribute
+ * packet) comes first.  Fixme: Replace this by a generic sort
+ * function.  */
+static void
+reorder_keyblock (KBNODE keyblock)
+{
+    KBNODE primary = NULL, primary0 = NULL, primary2 = NULL;
+    KBNODE last, node;
+
+    for (node=keyblock; node; primary0=node, node = node->next) {
+	if( node->pkt->pkttype == PKT_USER_ID &&
+	    !node->pkt->pkt.user_id->attrib_data &&
+            node->pkt->pkt.user_id->is_primary ) {
+            primary = primary2 = node;
+            for (node=node->next; node; primary2=node, node = node->next ) {
+                if( node->pkt->pkttype == PKT_USER_ID 
+                    || node->pkt->pkttype == PKT_PUBLIC_SUBKEY 
+                    || node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
+                    break;
+                }
+            }
+            break;
+        }
+    }
+    if ( !primary )
+        return;  /* no primary key flag found (should not happen) */
 
+    for (last=NULL, node=keyblock; node; last = node, node = node->next) {
+	if( node->pkt->pkttype == PKT_USER_ID )
+            break;
+    }
+    assert (node);
+    assert (last); /* the user ID is never the first packet */
+    assert (primary0);  /* ditto (this is the node before primary) */
+    if ( node == primary )
+        return; /* already the first one */
 
-static void
-fingerprint( PKT_public_key *pk, PKT_secret_key *sk )
+    last->next = primary;
+    primary0->next = primary2->next;
+    primary2->next = node;
+}
+
+void
+list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque )
 {
-    byte *array, *p;
+    reorder_keyblock (keyblock);
+    if (opt.with_colons)
+        list_keyblock_colon (keyblock, secret, fpr );
+    else
+        list_keyblock_print (keyblock, secret, fpr, opaque );
+}
+
+/*
+ * standard function to print the finperprint.
+ * mode 0: as used in key listings, opt.with_colons is honored
+ *      1: print using log_info ()
+ *      2: direct use of tty
+ */
+void
+print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode )
+{
+    byte array[MAX_FINGERPRINT_LEN], *p;
     size_t i, n;
+    FILE *fp;
+    const char *text;
 
-    p = array = pk? fingerprint_from_pk( pk, NULL, &n )
-		   : fingerprint_from_sk( sk, NULL, &n );
-    if( opt.with_colons ) {
-	printf("fpr:::::::::");
-	for(i=0; i < n ; i++, p++ )
-	    printf("%02X", *p );
-	putchar(':');
+    if (mode == 1) {
+        fp = log_stream ();
+        text = _("Fingerprint:");
+    }
+    else if (mode == 2) {
+        fp = NULL; /* use tty */
+        /* Translators: this should fit into 24 bytes to that the fingerprint
+         * data is properly aligned with the user ID */
+        text = _("             Fingerprint:");
     }
     else {
-	printf("     Key fingerprint =");
-	if( n == 20 ) {
-	    for(i=0; i < n ; i++, i++, p += 2 ) {
-		if( i == 10 )
-		    putchar(' ');
-		printf(" %02X%02X", *p, p[1] );
+        fp = stdout;
+        text = _("     Key fingerprint =");
+    }
+  
+    if (sk)
+	fingerprint_from_sk (sk, array, &n);
+    else
+	fingerprint_from_pk (pk, array, &n);
+    p = array;
+    if (opt.with_colons && !mode) {
+	fprintf (fp, "fpr:::::::::");
+	for (i=0; i < n ; i++, p++ )
+	    fprintf (fp, "%02X", *p );
+	putc(':', fp);
+    }
+    else {
+        if (fp)
+            fputs (text, fp);
+        else
+            tty_printf ("%s", text);
+	if (n == 20) {
+	    for (i=0; i < n ; i++, i++, p += 2 ) {
+                if (fp) {
+                    if (i == 10 )
+                        putc(' ', fp);
+                    fprintf (fp, " %02X%02X", *p, p[1] );
+                }
+                else {
+                    if (i == 10 )
+                        tty_printf (" ");
+                    tty_printf (" %02X%02X", *p, p[1]);
+                }
 	    }
 	}
 	else {
-	    for(i=0; i < n ; i++, p++ ) {
-		if( i && !(i%8) )
-		    putchar(' ');
-		printf(" %02X", *p );
+	    for (i=0; i < n ; i++, p++ ) {
+                if (fp) {
+                    if (i && !(i%8) )
+                        putc (' ', fp);
+                    fprintf (fp, " %02X", *p );
+                }
+                else {
+                    if (i && !(i%8) )
+                        tty_printf (" ");
+                    tty_printf (" %02X", *p );
+                }
 	    }
 	}
     }
-    putchar('\n');
-    gcry_free(array);
+    if (fp)
+        putc ('\n', fp);
+    else
+        tty_printf ("\n");
 }
 
+void set_attrib_fd(int fd)
+{
+  static int last_fd=-1;
+
+  if ( fd != -1 && last_fd == fd )
+    return;
+
+  if ( attrib_fp && attrib_fp != stdout && attrib_fp != stderr )
+    fclose (attrib_fp);
+  attrib_fp = NULL;
+  if ( fd == -1 ) 
+    return;
+
+  if( fd == 1 )
+    attrib_fp = stdout;
+  else if( fd == 2 )
+    attrib_fp = stderr;
+  else
+    attrib_fp = fdopen( fd, "w" );
+  if( !attrib_fp ) {
+    log_fatal("can't open fd %d for attribute output: %s\n",
+	      fd, strerror(errno));
+  }
+  last_fd = fd;
+}
diff --git a/g10/keyring.c b/g10/keyring.c
new file mode 100644
index 000000000..f75a79dfe
--- /dev/null
+++ b/g10/keyring.c
@@ -0,0 +1,1550 @@
+/* keyring.c - keyring file handling
+ * Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "util.h"
+#include "keyring.h"
+#include "packet.h"
+#include "keydb.h" 
+#include "options.h"
+#include "main.h" /*for check_key_signature()*/
+#include "i18n.h"
+
+/* off_item is a funny named for an object used to keep track of known
+ * keys.  The idea was to use the offset to seek to the known keyblock, but
+ * this is not possible if more than one process is using the keyring.
+ */
+struct off_item {
+  struct off_item *next;
+  u32 kid[2];
+  /*off_t off;*/
+};
+
+typedef struct off_item **OffsetHashTable; 
+
+
+typedef struct keyring_name *KR_NAME;
+struct keyring_name {
+  struct keyring_name *next;
+  int secret;
+  DOTLOCK lockhd;
+  int is_locked;
+  int did_full_scan;
+  char fname[1];
+};
+typedef struct keyring_name const * CONST_KR_NAME;
+
+static KR_NAME kr_names;
+static int active_handles;
+
+static OffsetHashTable kr_offtbl;
+static int kr_offtbl_ready;
+
+
+struct keyring_handle {
+  CONST_KR_NAME resource;
+  int secret;             /* this is for a secret keyring */
+  struct {
+    CONST_KR_NAME kr;
+    IOBUF iobuf;
+    int eof;
+    int error;
+  } current;
+  struct {
+    CONST_KR_NAME kr; 
+    off_t offset;
+    size_t pk_no;
+    size_t uid_no;
+    unsigned int n_packets; /*used for delete and update*/
+  } found;
+  struct {
+    char *name;
+    char *pattern;
+  } word_match;
+};
+
+
+
+static int do_copy (int mode, const char *fname, KBNODE root, int secret,
+                    off_t start_offset, unsigned int n_packets );
+
+
+
+static struct off_item *
+new_offset_item (void)
+{
+  struct off_item *k;
+  
+  k = m_alloc_clear (sizeof *k);
+  return k;
+}
+
+#if 0
+static void
+release_offset_items (struct off_item *k)
+{
+  struct off_item *k2;
+
+  for (; k; k = k2)
+    {
+      k2 = k->next;
+      m_free (k);
+    }
+}
+#endif
+
+static OffsetHashTable 
+new_offset_hash_table (void)
+{
+  struct off_item **tbl;
+
+  tbl = m_alloc_clear (2048 * sizeof *tbl);
+  return tbl;
+}
+
+#if 0
+static void
+release_offset_hash_table (OffsetHashTable tbl)
+{
+  int i;
+
+  if (!tbl)
+    return;
+  for (i=0; i < 2048; i++)
+    release_offset_items (tbl[i]);
+  m_free (tbl);
+}
+#endif
+
+static struct off_item *
+lookup_offset_hash_table (OffsetHashTable tbl, u32 *kid)
+{
+  struct off_item *k;
+
+  for (k = tbl[(kid[1] & 0x07ff)]; k; k = k->next)
+    if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
+      return k;
+  return NULL;
+}
+
+static void
+update_offset_hash_table (OffsetHashTable tbl, u32 *kid, off_t off)
+{
+  struct off_item *k;
+
+  for (k = tbl[(kid[1] & 0x07ff)]; k; k = k->next)
+    {
+      if (k->kid[0] == kid[0] && k->kid[1] == kid[1]) 
+        {
+          /*k->off = off;*/
+          return;
+        }
+    }
+
+  k = new_offset_item ();
+  k->kid[0] = kid[0];
+  k->kid[1] = kid[1];
+  /*k->off = off;*/
+  k->next = tbl[(kid[1] & 0x07ff)];
+  tbl[(kid[1] & 0x07ff)] = k;
+}
+
+static void
+update_offset_hash_table_from_kb (OffsetHashTable tbl, KBNODE node, off_t off)
+{
+  for (; node; node = node->next)
+    {
+      if (node->pkt->pkttype == PKT_PUBLIC_KEY
+          || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+        {
+          u32 aki[2];
+          keyid_from_pk (node->pkt->pkt.public_key, aki);
+          update_offset_hash_table (tbl, aki, off);
+        }
+    }
+}
+
+
+
+
+/* 
+ * Register a filename for plain keyring files.  Returns a pointer to
+ * be used to create a handles etc or NULL to indicate that it has
+ * already been registered */
+void *
+keyring_register_filename (const char *fname, int secret)
+{
+    KR_NAME kr;
+
+    if (active_handles)
+        BUG (); /* We don't allow that */
+
+    for (kr=kr_names; kr; kr = kr->next) {
+        if ( !compare_filenames (kr->fname, fname) )
+            return NULL; /* already registered */
+    }
+
+    kr = m_alloc (sizeof *kr + strlen (fname));
+    strcpy (kr->fname, fname);
+    kr->secret = !!secret;
+    kr->lockhd = NULL;
+    kr->is_locked = 0;
+    kr->did_full_scan = 0;
+    /* keep a list of all issued pointers */
+    kr->next = kr_names;
+    kr_names = kr;
+
+    /* create the offset table the first time a function here is used */
+    if (!kr_offtbl)
+      kr_offtbl = new_offset_hash_table ();
+
+    return kr;
+}
+
+int
+keyring_is_writable (void *token)
+{
+  KR_NAME r = token;
+
+  return r? !access (r->fname, W_OK) : 0;
+}
+    
+
+
+/* Create a new handle for the resource associated with TOKEN.  SECRET
+   is just just as a cross-check.
+   
+   The returned handle must be released using keyring_release (). */
+KEYRING_HANDLE
+keyring_new (void *token, int secret)
+{
+  KEYRING_HANDLE hd;
+  KR_NAME resource = token;
+
+  assert (resource && !resource->secret == !secret);
+  
+  hd = m_alloc_clear (sizeof *hd);
+  hd->resource = resource;
+  hd->secret = !!secret;
+  active_handles++;
+  return hd;
+}
+
+void 
+keyring_release (KEYRING_HANDLE hd)
+{
+    if (!hd)
+        return;
+    assert (active_handles > 0);
+    active_handles--;
+    m_free (hd->word_match.name);
+    m_free (hd->word_match.pattern);
+    iobuf_close (hd->current.iobuf);
+    m_free (hd);
+}
+
+
+const char *
+keyring_get_resource_name (KEYRING_HANDLE hd)
+{
+    if (!hd || !hd->resource)
+      return NULL;
+    return hd->resource->fname;
+}
+
+
+/*
+ * Lock the keyring with the given handle, or unlok if yes is false.
+ * We ignore the handle and lock all registered files.
+ */
+int 
+keyring_lock (KEYRING_HANDLE hd, int yes)
+{
+    KR_NAME kr;
+    int rc = 0;
+
+    if (yes) {
+        /* first make sure the lock handles are created */
+        for (kr=kr_names; kr; kr = kr->next) {
+            if (!keyring_is_writable(kr))
+                continue;
+            if (!kr->lockhd) {
+                kr->lockhd = create_dotlock( kr->fname );
+                if (!kr->lockhd) {
+                    log_info ("can't allocate lock for `%s'\n", kr->fname );
+                    rc = G10ERR_GENERAL;
+                }
+            }
+        }
+        if (rc)
+            return rc;
+        
+        /* and now set the locks */
+        for (kr=kr_names; kr; kr = kr->next) {
+            if (!keyring_is_writable(kr))
+                continue;
+            if (kr->is_locked)
+                ;
+            else if (make_dotlock (kr->lockhd, -1) ) {
+                log_info ("can't lock `%s'\n", kr->fname );
+                rc = G10ERR_GENERAL;
+            }
+            else 
+                kr->is_locked = 1;
+        }
+    }
+
+    if (rc || !yes) {
+        for (kr=kr_names; kr; kr = kr->next) {
+            if (!keyring_is_writable(kr))
+                continue;
+            if (!kr->is_locked)
+                ;
+            else if (release_dotlock (kr->lockhd))
+                log_info ("can't unlock `%s'\n", kr->fname );
+            else 
+                kr->is_locked = 0;
+        }
+    } 
+
+    return rc;
+}
+
+
+
+/*
+ * Return the last found keyring.  Caller must free it.
+ * The returned keyblock has the kbode flag bit 0 set for the node with
+ * the public key used to locate the keyblock or flag bit 1 set for 
+ * the user ID node.
+ */
+int
+keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
+{
+    PACKET *pkt;
+    int rc;
+    KBNODE keyblock = NULL, node, lastnode;
+    IOBUF a;
+    int in_cert = 0;
+    int pk_no = 0;
+    int uid_no = 0;
+    int save_mode;
+
+    if (ret_kb)
+        *ret_kb = NULL;
+
+    if (!hd->found.kr)
+        return -1; /* no successful search */
+
+    a = iobuf_open (hd->found.kr->fname);
+    if (!a) {
+	log_error ("can't open `%s'\n", hd->found.kr->fname);
+	return G10ERR_KEYRING_OPEN;
+    }
+
+    if (iobuf_seek (a, hd->found.offset) ) {
+        log_error ("can't seek `%s'\n", hd->found.kr->fname);
+	iobuf_close(a);
+	return G10ERR_KEYRING_OPEN;
+    }
+
+    pkt = m_alloc (sizeof *pkt);
+    init_packet (pkt);
+    hd->found.n_packets = 0;;
+    lastnode = NULL;
+    save_mode = set_packet_list_mode(0);
+    while ((rc=parse_packet (a, pkt)) != -1) {
+        hd->found.n_packets++;
+        if (rc == G10ERR_UNKNOWN_PACKET) {
+	    free_packet (pkt);
+	    init_packet (pkt);
+	    continue;
+	}
+	if (rc) {  
+            log_error ("keyring_get_keyblock: read error: %s\n",
+                       g10_errstr(rc) );
+            rc = G10ERR_INV_KEYRING;
+            break;
+        }
+	if (pkt->pkttype == PKT_COMPRESSED) {
+	    log_error ("skipped compressed packet in keyring\n");
+	    free_packet(pkt);
+	    init_packet(pkt);
+	    continue;
+        }
+
+        if (in_cert && (pkt->pkttype == PKT_PUBLIC_KEY
+                        || pkt->pkttype == PKT_SECRET_KEY)) {
+            hd->found.n_packets--; /* fix counter */
+            break; /* ready */
+        }
+
+        in_cert = 1;
+        if (pkt->pkttype == PKT_RING_TRUST) {
+            /*(this code is duplicated after the loop)*/
+            if ( lastnode 
+                 && lastnode->pkt->pkttype == PKT_SIGNATURE
+                 && (pkt->pkt.ring_trust->sigcache & 1) ) {
+                /* this is a ring trust packet with a checked signature 
+                 * status cache following directly a signature paket.
+                 * Set the cache status into that signature packet */
+                PKT_signature *sig = lastnode->pkt->pkt.signature;
+                
+                sig->flags.checked = 1;
+                sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
+            }
+            /* reset lastnode, so that we set the cache status only from
+             * the ring trust packet immediately folling a signature */
+            lastnode = NULL;
+        }
+        else {
+            node = lastnode = new_kbnode (pkt);
+            if (!keyblock)
+                keyblock = node;
+            else
+                add_kbnode (keyblock, node);
+
+            if ( pkt->pkttype == PKT_PUBLIC_KEY
+                 || pkt->pkttype == PKT_PUBLIC_SUBKEY
+                 || pkt->pkttype == PKT_SECRET_KEY
+                 || pkt->pkttype == PKT_SECRET_SUBKEY) {
+                if (++pk_no == hd->found.pk_no)
+                    node->flag |= 1;
+            }
+            else if ( pkt->pkttype == PKT_USER_ID) {
+                if (++uid_no == hd->found.uid_no)
+                    node->flag |= 2;
+            }
+        }
+
+        pkt = m_alloc (sizeof *pkt);
+        init_packet(pkt);
+    }
+    set_packet_list_mode(save_mode);
+
+    if (rc == -1 && keyblock) 
+	rc = 0; /* got the entire keyblock */
+
+    if (rc || !ret_kb)
+	release_kbnode (keyblock);
+    else {
+        /*(duplicated form the loop body)*/
+        if ( pkt && pkt->pkttype == PKT_RING_TRUST
+             && lastnode 
+             && lastnode->pkt->pkttype == PKT_SIGNATURE
+             && (pkt->pkt.ring_trust->sigcache & 1) ) {
+            PKT_signature *sig = lastnode->pkt->pkt.signature;
+            sig->flags.checked = 1;
+            sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
+        }
+	*ret_kb = keyblock;
+    }
+    free_packet (pkt);
+    m_free (pkt);
+    iobuf_close(a);
+
+    /* Make sure that future search operations fail immediately when
+     * we know that we are working on a invalid keyring 
+     */
+    if (rc == G10ERR_INV_KEYRING)
+        hd->current.error = rc;
+
+    return rc;
+}
+
+int
+keyring_update_keyblock (KEYRING_HANDLE hd, KBNODE kb)
+{
+    int rc;
+
+    if (!hd->found.kr)
+        return -1; /* no successful prior search */
+
+    if (!hd->found.n_packets) {
+        /* need to know the number of packets - do a dummy get_keyblock*/
+        rc = keyring_get_keyblock (hd, NULL);
+        if (rc) {
+            log_error ("re-reading keyblock failed: %s\n", g10_errstr (rc));
+            return rc;
+        }
+        if (!hd->found.n_packets)
+            BUG ();
+    }
+
+    /* The open iobuf isn't needed anymore and in fact is a problem when
+       it comes to renaming the keyring files on some operating systems,
+       so close it here */
+    iobuf_close(hd->current.iobuf);
+    hd->current.iobuf = NULL;
+
+    /* do the update */
+    rc = do_copy (3, hd->found.kr->fname, kb, hd->secret,
+                  hd->found.offset, hd->found.n_packets );
+    if (!rc) {
+      if (!hd->secret && kr_offtbl)
+        {
+          update_offset_hash_table_from_kb (kr_offtbl, kb, 0);
+        }
+      /* better reset the found info */
+      hd->found.kr = NULL;
+      hd->found.offset = 0;
+    }
+    return rc;
+}
+
+int
+keyring_insert_keyblock (KEYRING_HANDLE hd, KBNODE kb)
+{
+    int rc;
+    const char *fname;
+
+    if (!hd)
+        fname = NULL;
+    else if (hd->found.kr)
+        fname = hd->found.kr->fname;
+    else if (hd->current.kr)
+        fname = hd->current.kr->fname;
+    else 
+        fname = hd->resource? hd->resource->fname:NULL;
+
+    if (!fname)
+        return G10ERR_GENERAL; 
+
+    /* close this one otherwise we will lose the position for
+     * a next search.  Fixme: it would be better to adjust the position
+     * after the write opertions.
+     */
+    iobuf_close (hd->current.iobuf);
+    hd->current.iobuf = NULL;
+
+    /* do the insert */
+    rc = do_copy (1, fname, kb, hd->secret, 0, 0 );
+    if (!rc && !hd->secret && kr_offtbl)
+      {
+        update_offset_hash_table_from_kb (kr_offtbl, kb, 0);
+      }
+      
+    return rc;
+}
+
+
+int
+keyring_delete_keyblock (KEYRING_HANDLE hd)
+{
+    int rc;
+
+    if (!hd->found.kr)
+        return -1; /* no successful prior search */
+
+    if (!hd->found.n_packets) {
+        /* need to know the number of packets - do a dummy get_keyblock*/
+        rc = keyring_get_keyblock (hd, NULL);
+        if (rc) {
+            log_error ("re-reading keyblock failed: %s\n", g10_errstr (rc));
+            return rc;
+        }
+        if (!hd->found.n_packets)
+            BUG ();
+    }
+
+    /* close this one otherwise we will lose the position for
+     * a next search.  Fixme: it would be better to adjust the position
+     * after the write opertions.
+     */
+    iobuf_close (hd->current.iobuf);
+    hd->current.iobuf = NULL;
+
+    /* do the delete */
+    rc = do_copy (2, hd->found.kr->fname, NULL, hd->secret,
+                  hd->found.offset, hd->found.n_packets );
+    if (!rc) {
+        /* better reset the found info */
+        hd->found.kr = NULL;
+        hd->found.offset = 0;
+        /* Delete is a rare operations, so we don't remove the keys
+         * from the offset table */
+    }
+    return rc;
+}
+
+
+
+/* 
+ * Start the next search on this handle right at the beginning
+ */
+int 
+keyring_search_reset (KEYRING_HANDLE hd)
+{
+    assert (hd);
+
+    hd->current.kr = NULL;
+    iobuf_close (hd->current.iobuf);
+    hd->current.iobuf = NULL;
+    hd->current.eof = 0;
+    hd->current.error = 0;
+    
+    hd->found.kr = NULL;
+    hd->found.offset = 0;
+    return 0; 
+}
+
+
+static int
+prepare_search (KEYRING_HANDLE hd)
+{
+    if (hd->current.error)  
+        return hd->current.error; /* still in error state */
+
+    if (hd->current.kr && !hd->current.eof) {
+        if ( !hd->current.iobuf )
+            return G10ERR_GENERAL; /* position invalid after a modify */
+        return 0; /* okay */
+    }
+
+    if (!hd->current.kr && hd->current.eof)  
+        return -1; /* still EOF */
+
+    if (!hd->current.kr) { /* start search with first keyring */
+        hd->current.kr = hd->resource;
+        if (!hd->current.kr) {
+            hd->current.eof = 1;
+            return -1; /* keyring not available */
+        }
+        assert (!hd->current.iobuf);
+    }
+    else { /* EOF */
+        iobuf_close (hd->current.iobuf); 
+        hd->current.iobuf = NULL;
+        hd->current.kr = NULL;
+        hd->current.eof = 1;
+        return -1;
+    }
+
+    hd->current.eof = 0;
+    hd->current.iobuf = iobuf_open (hd->current.kr->fname);
+    if (!hd->current.iobuf) {
+        log_error ("can't open `%s'\n", hd->current.kr->fname );
+        return (hd->current.error = G10ERR_OPEN_FILE);
+    }
+
+    return 0;
+}
+
+
+/* A map of the all characters valid used for word_match()
+ * Valid characters are in in this table converted to uppercase.
+ * because the upper 128 bytes have special meaning, we assume
+ * that they are all valid.
+ * Note: We must use numerical values here in case that this program
+ * will be converted to those little blue HAL9000s with their strange
+ * EBCDIC character set (user ids are UTF-8).
+ * wk 2000-04-13: Hmmm, does this really make sense, given the fact that
+ * we can run gpg now on a S/390 running GNU/Linux, where the code
+ * translation is done by the device drivers?
+ */
+static const byte word_match_chars[256] = {
+  /* 00 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 08 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 10 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 18 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 20 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 28 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 30 */  0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+  /* 38 */  0x38, 0x39, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 40 */  0x00, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+  /* 48 */  0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
+  /* 50 */  0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+  /* 58 */  0x58, 0x59, 0x5a, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 60 */  0x00, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+  /* 68 */  0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
+  /* 70 */  0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+  /* 78 */  0x58, 0x59, 0x5a, 0x00, 0x00, 0x00, 0x00, 0x00,
+  /* 80 */  0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
+  /* 88 */  0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+  /* 90 */  0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
+  /* 98 */  0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
+  /* a0 */  0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
+  /* a8 */  0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
+  /* b0 */  0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
+  /* b8 */  0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
+  /* c0 */  0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
+  /* c8 */  0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
+  /* d0 */  0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
+  /* d8 */  0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
+  /* e0 */  0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
+  /* e8 */  0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+  /* f0 */  0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+  /* f8 */  0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
+};
+
+/****************
+ * Do a word match (original user id starts with a '+').
+ * The pattern is already tokenized to a more suitable format:
+ * There are only the real words in it delimited by one space
+ * and all converted to uppercase.
+ *
+ * Returns: 0 if all words match.
+ *
+ * Note: This algorithm is a straightforward one and not very
+ *	 fast.	It works for UTF-8 strings.  The uidlen should
+ *	 be removed but due to the fact that old versions of
+ *	 pgp don't use UTF-8 we still use the length; this should
+ *	 be fixed in parse-packet (and replace \0 by some special
+ *	 UTF-8 encoding)
+ */
+static int
+word_match( const byte *uid, size_t uidlen, const byte *pattern )
+{
+    size_t wlen, n;
+    const byte *p;
+    const byte *s;
+
+    for( s=pattern; *s; ) {
+	do {
+	    /* skip leading delimiters */
+	    while( uidlen && !word_match_chars[*uid] )
+		uid++, uidlen--;
+	    /* get length of the word */
+	    n = uidlen; p = uid;
+	    while( n && word_match_chars[*p] )
+		p++, n--;
+	    wlen = p - uid;
+	    /* and compare against the current word from pattern */
+	    for(n=0, p=uid; n < wlen && s[n] != ' ' && s[n] ; n++, p++ ) {
+		if( word_match_chars[*p] != s[n] )
+		    break;
+	    }
+	    if( n == wlen && (s[n] == ' ' || !s[n]) )
+		break; /* found */
+	    uid += wlen;
+	    uidlen -= wlen;
+	} while( uidlen );
+	if( !uidlen )
+	    return -1; /* not found */
+
+	/* advance to next word in pattern */
+	for(; *s != ' ' && *s ; s++ )
+	    ;
+	if( *s )
+	    s++ ;
+    }
+    return 0; /* found */
+}
+
+/****************
+ * prepare word word_match; that is parse the name and
+ * build the pattern.
+ * caller has to free the returned pattern
+ */
+static char*
+prepare_word_match (const byte *name)
+{
+    byte *pattern, *p;
+    int c;
+
+    /* the original length is always enough for the pattern */
+    p = pattern = m_alloc(strlen(name)+1);
+    do {
+	/* skip leading delimiters */
+	while( *name && !word_match_chars[*name] )
+	    name++;
+	/* copy as long as we don't have a delimiter and convert
+	 * to uppercase.
+	 * fixme: how can we handle utf8 uppercasing */
+	for( ; *name &&  (c=word_match_chars[*name]); name++ )
+	    *p++ = c;
+	*p++ = ' '; /* append pattern delimiter */
+    } while( *name );
+    p[-1] = 0; /* replace last pattern delimiter by EOS */
+
+    return pattern;
+}
+
+
+
+
+static int
+compare_name (int mode, const char *name, const char *uid, size_t uidlen)
+{
+    int i;
+    const char *s, *se;
+
+    if (mode == KEYDB_SEARCH_MODE_EXACT) { 
+	for (i=0; name[i] && uidlen; i++, uidlen--)
+	    if (uid[i] != name[i])
+		break;
+	if (!uidlen && !name[i])
+	    return 0; /* found */
+    }
+    else if (mode == KEYDB_SEARCH_MODE_SUBSTR) {
+	if (ascii_memistr( uid, uidlen, name ))
+	    return 0;
+    }
+    else if (   mode == KEYDB_SEARCH_MODE_MAIL 
+             || mode == KEYDB_SEARCH_MODE_MAILSUB
+             || mode == KEYDB_SEARCH_MODE_MAILEND) {
+	for (i=0, s= uid; i < uidlen && *s != '<'; s++, i++)
+	    ;
+	if (i < uidlen)  {
+	    /* skip opening delim and one char and look for the closing one*/
+	    s++; i++;
+	    for (se=s+1, i++; i < uidlen && *se != '>'; se++, i++)
+		;
+	    if (i < uidlen) {
+		i = se - s;
+		if (mode == KEYDB_SEARCH_MODE_MAIL) { 
+		    if( strlen(name)-2 == i
+                        && !ascii_memcasecmp( s, name+1, i) )
+			return 0;
+		}
+		else if (mode == KEYDB_SEARCH_MODE_MAILSUB) {
+		    if( ascii_memistr( s, i, name ) )
+			return 0;
+		}
+		else { /* email from end */
+		    /* nyi */
+		}
+	    }
+	}
+    }
+    else if (mode == KEYDB_SEARCH_MODE_WORDS)
+	return word_match (uid, uidlen, name);
+    else
+	BUG();
+
+    return -1; /* not found */
+}
+
+
+/* 
+ * Search through the keyring(s), starting at the current position,
+ * for a keyblock which contains one of the keys described in the DESC array.
+ */
+int 
+keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
+{
+  int rc;
+  PACKET pkt;
+  int save_mode;
+  off_t offset, main_offset;
+  size_t n;
+  int need_uid, need_words, need_keyid, need_fpr, any_skip;
+  int pk_no, uid_no;
+  int initial_skip;
+  int use_offtbl;
+  PKT_user_id *uid = NULL;
+  PKT_public_key *pk = NULL;
+  PKT_secret_key *sk = NULL;
+
+  /* figure out what information we need */
+  need_uid = need_words = need_keyid = need_fpr = any_skip = 0;
+  for (n=0; n < ndesc; n++) 
+    {
+      switch (desc[n].mode) 
+        {
+        case KEYDB_SEARCH_MODE_EXACT: 
+        case KEYDB_SEARCH_MODE_SUBSTR:
+        case KEYDB_SEARCH_MODE_MAIL:
+        case KEYDB_SEARCH_MODE_MAILSUB:
+        case KEYDB_SEARCH_MODE_MAILEND:
+          need_uid = 1;
+          break;
+        case KEYDB_SEARCH_MODE_WORDS: 
+          need_uid = 1;
+          need_words = 1;
+          break;
+        case KEYDB_SEARCH_MODE_SHORT_KID: 
+        case KEYDB_SEARCH_MODE_LONG_KID:
+          need_keyid = 1;
+          break;
+        case KEYDB_SEARCH_MODE_FPR16: 
+        case KEYDB_SEARCH_MODE_FPR20:
+        case KEYDB_SEARCH_MODE_FPR: 
+          need_fpr = 1;
+          break;
+        case KEYDB_SEARCH_MODE_FIRST:
+          /* always restart the search in this mode */
+          keyring_search_reset (hd);
+          break;
+        default: break;
+	}
+      if (desc[n].skipfnc) 
+        {
+          any_skip = 1;
+          need_keyid = 1;
+        }
+    }
+
+  rc = prepare_search (hd);
+  if (rc)
+    return rc;
+
+  use_offtbl = !hd->secret && kr_offtbl;
+  if (!use_offtbl)
+    ;
+  else if (!kr_offtbl_ready)
+    need_keyid = 1;
+  else if (ndesc == 1 && desc[0].mode == KEYDB_SEARCH_MODE_LONG_KID)
+    {
+      struct off_item *oi;
+            
+      oi = lookup_offset_hash_table (kr_offtbl, desc[0].u.kid);
+      if (!oi)
+        { /* We know that we don't have this key */
+          hd->found.kr = NULL;
+          hd->current.eof = 1;
+          return -1;
+        }
+      /* We could now create a positive search status and return.
+       * However the problem is that another instance of gpg may 
+       * have changed the keyring so that the offsets are not valid
+       * anymore - therefore we don't do it 
+       */
+    }
+
+  if (need_words)
+    {
+      const char *name = NULL;
+
+      log_debug ("word search mode does not yet work\n");
+      /* FIXME: here is a long standing bug in our function and in addition we
+         just use the first search description */
+      for (n=0; n < ndesc && !name; n++) 
+        {
+          if (desc[n].mode == KEYDB_SEARCH_MODE_WORDS) 
+            name = desc[n].u.name;
+        }
+      assert (name);
+      if ( !hd->word_match.name || strcmp (hd->word_match.name, name) ) 
+        {
+          /* name changed */
+          m_free (hd->word_match.name);
+          m_free (hd->word_match.pattern);
+          hd->word_match.name = m_strdup (name);
+          hd->word_match.pattern = prepare_word_match (name);
+        }
+      name = hd->word_match.pattern;
+    }
+
+  init_packet(&pkt);
+  save_mode = set_packet_list_mode(0);
+
+  hd->found.kr = NULL;
+  main_offset = 0;
+  pk_no = uid_no = 0;
+  initial_skip = 1; /* skip until we see the start of a keyblock */
+  while (!(rc=search_packet (hd->current.iobuf, &pkt, &offset, need_uid))) 
+    {
+      byte afp[MAX_FINGERPRINT_LEN];
+      size_t an;
+      u32 aki[2];
+
+      if (pkt.pkttype == PKT_PUBLIC_KEY  || pkt.pkttype == PKT_SECRET_KEY) 
+        {
+          main_offset = offset;
+          pk_no = uid_no = 0;
+          initial_skip = 0;
+        }
+      if (initial_skip) 
+        {
+          free_packet (&pkt);
+          continue;
+        }
+	
+      pk = NULL;
+      sk = NULL;
+      uid = NULL;
+      if (   pkt.pkttype == PKT_PUBLIC_KEY
+             || pkt.pkttype == PKT_PUBLIC_SUBKEY)
+        {
+          pk = pkt.pkt.public_key;
+          ++pk_no;
+
+          if (need_fpr) {
+            fingerprint_from_pk (pk, afp, &an);
+            while (an < 20) /* fill up to 20 bytes */
+              afp[an++] = 0;
+          }
+          if (need_keyid)
+            keyid_from_pk (pk, aki);
+
+          if (use_offtbl && !kr_offtbl_ready)
+            update_offset_hash_table (kr_offtbl, aki, main_offset);
+        }
+      else if (pkt.pkttype == PKT_USER_ID) 
+        {
+          uid = pkt.pkt.user_id;
+          ++uid_no;
+        }
+      else if (    pkt.pkttype == PKT_SECRET_KEY
+                   || pkt.pkttype == PKT_SECRET_SUBKEY) 
+        {
+          sk = pkt.pkt.secret_key;
+          ++pk_no;
+
+          if (need_fpr) {
+            fingerprint_from_sk (sk, afp, &an);
+            while (an < 20) /* fill up to 20 bytes */
+              afp[an++] = 0;
+          }
+          if (need_keyid)
+            keyid_from_sk (sk, aki);
+            
+        }
+
+      for (n=0; n < ndesc; n++) 
+        {
+          switch (desc[n].mode) {
+          case KEYDB_SEARCH_MODE_NONE: 
+            BUG ();
+            break;
+          case KEYDB_SEARCH_MODE_EXACT: 
+          case KEYDB_SEARCH_MODE_SUBSTR:
+          case KEYDB_SEARCH_MODE_MAIL:
+          case KEYDB_SEARCH_MODE_MAILSUB:
+          case KEYDB_SEARCH_MODE_MAILEND:
+          case KEYDB_SEARCH_MODE_WORDS: 
+            if ( uid && !compare_name (desc[n].mode,
+                                       desc[n].u.name,
+                                       uid->name, uid->len)) 
+              goto found;
+            break;
+                
+          case KEYDB_SEARCH_MODE_SHORT_KID: 
+            if ((pk||sk) && desc[n].u.kid[1] == aki[1])
+              goto found;
+            break;
+          case KEYDB_SEARCH_MODE_LONG_KID:
+            if ((pk||sk) && desc[n].u.kid[0] == aki[0]
+                && desc[n].u.kid[1] == aki[1])
+              goto found;
+            break;
+          case KEYDB_SEARCH_MODE_FPR16:
+            if ((pk||sk) && !memcmp (desc[n].u.fpr, afp, 16))
+              goto found;
+            break;
+          case KEYDB_SEARCH_MODE_FPR20:
+          case KEYDB_SEARCH_MODE_FPR: 
+            if ((pk||sk) && !memcmp (desc[n].u.fpr, afp, 20))
+              goto found;
+            break;
+          case KEYDB_SEARCH_MODE_FIRST: 
+            if (pk||sk)
+              goto found;
+            break;
+          case KEYDB_SEARCH_MODE_NEXT: 
+            if (pk||sk)
+              goto found;
+            break;
+          default: 
+            rc = G10ERR_INV_ARG;
+            goto found;
+          }
+	}
+      free_packet (&pkt);
+      continue;
+    found:  
+      for (n=any_skip?0:ndesc; n < ndesc; n++) 
+        {
+          if (desc[n].skipfnc
+              && desc[n].skipfnc (desc[n].skipfncvalue, aki))
+            break;
+        }
+      if (n == ndesc)
+        goto real_found;
+      free_packet (&pkt);
+    }
+ real_found:
+  if (!rc)
+    {
+      hd->found.offset = main_offset;
+      hd->found.kr = hd->current.kr;
+      hd->found.pk_no = (pk||sk)? pk_no : 0;
+      hd->found.uid_no = uid? uid_no : 0;
+    }
+  else if (rc == -1)
+    {
+      hd->current.eof = 1;
+      /* if we scanned all keyrings, we are sure that
+       * all known key IDs are in our offtbl, mark that. */
+      if (use_offtbl && !kr_offtbl_ready)
+        {
+          KR_NAME kr;
+          
+          /* First set the did_full_scan flag for this keyring (ignore
+             secret keyrings) */
+          for (kr=kr_names; kr; kr = kr->next)
+            {
+              if (!kr->secret && hd->resource == kr) 
+                {
+                  kr->did_full_scan = 1;
+                  break;
+                }
+            }
+          /* Then check whether all flags are set and if so, mark the
+             offtbl ready */
+          for (kr=kr_names; kr; kr = kr->next)
+            {
+              if (!kr->secret && !kr->did_full_scan) 
+                break;
+            }
+          if (!kr)
+            kr_offtbl_ready = 1;
+        }
+    }
+  else 
+    hd->current.error = rc;
+
+  free_packet(&pkt);
+  set_packet_list_mode(save_mode);
+  return rc;
+}
+
+
+static int
+create_tmp_file (const char *template,
+                 char **r_bakfname, char **r_tmpfname, IOBUF *r_fp)
+{  
+  char *bakfname, *tmpfname;
+
+  *r_bakfname = NULL;
+  *r_tmpfname = NULL;
+
+# ifdef USE_ONLY_8DOT3
+  /* Here is another Windoze bug?:
+   * you cant rename("pubring.gpg.tmp", "pubring.gpg");
+   * but	rename("pubring.gpg.tmp", "pubring.aaa");
+   * works.  So we replace .gpg by .bak or .tmp
+   */
+  if (strlen (template) > 4
+      && !strcmp (template+strlen(template)-4, EXTSEP_S "gpg") )
+    {
+      bakfname = m_alloc (strlen (template) + 1);
+      strcpy (bakfname, template);
+      strcpy (bakfname+strlen(template)-4, EXTSEP_S "bak");
+
+      tmpfname = m_alloc (strlen( template ) + 1 );
+      strcpy (tmpfname,template);
+      strcpy (tmpfname+strlen(template)-4, EXTSEP_S "tmp");
+    }
+    else 
+      { /* file does not end with gpg; hmmm */
+	bakfname = m_alloc (strlen( template ) + 5);
+	strcpy (stpcpy(bakfname, template), EXTSEP_S "bak");
+
+	tmpfname = m_alloc (strlen( template ) + 5);
+	strcpy (stpcpy(tmpfname, template), EXTSEP_S "tmp");
+    }
+# else /* Posix file names */
+    bakfname = m_alloc (strlen( template ) + 2);
+    strcpy (stpcpy (bakfname,template),"~");
+
+    tmpfname = m_alloc (strlen( template ) + 5);
+    strcpy (stpcpy(tmpfname,template), EXTSEP_S "tmp");
+# endif /* Posix filename */
+
+    *r_fp = iobuf_create (tmpfname);
+    if (!*r_fp) {
+	log_error ("can't create `%s': %s\n", tmpfname, strerror(errno) );
+        m_free (tmpfname);
+        m_free (bakfname);
+	return G10ERR_OPEN_FILE;
+    }
+    
+    *r_bakfname = bakfname;
+    *r_tmpfname = tmpfname;
+    return 0;
+}
+
+
+static int
+rename_tmp_file (const char *bakfname, const char *tmpfname,
+                 const char *fname, int secret )
+{
+  int rc=0;
+
+  /* restrict the permissions for secret keyrings */
+#ifndef HAVE_DOSISH_SYSTEM
+  if (secret && !opt.preserve_permissions)
+    {
+      if (chmod (tmpfname, S_IRUSR | S_IWUSR) ) 
+        {
+          log_error ("chmod of `%s' failed: %s\n",
+                     tmpfname, strerror(errno) );
+          return G10ERR_WRITE_FILE;
+	}
+    }
+#endif
+
+  /* invalidate close caches*/
+  iobuf_ioctl (NULL, 2, 0, (char*)tmpfname );
+  iobuf_ioctl (NULL, 2, 0, (char*)bakfname );
+  iobuf_ioctl (NULL, 2, 0, (char*)fname );
+
+  /* first make a backup file except for secret keyrings */
+  if (!secret)
+    { 
+#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
+      remove (bakfname);
+#endif
+      if (rename (fname, bakfname) )
+        {
+          log_error ("renaming `%s' to `%s' failed: %s\n",
+                     fname, bakfname, strerror(errno) );
+          return G10ERR_RENAME_FILE;
+	}
+    }
+  
+  /* then rename the file */
+#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
+  remove( fname );
+#endif
+  if (rename (tmpfname, fname) )
+    {
+      log_error ("renaming `%s' to `%s' failed: %s\n",
+                 tmpfname, fname, strerror(errno) );
+      rc = G10ERR_RENAME_FILE;
+      if (secret)
+        {
+          log_info(_("WARNING: 2 files with confidential"
+                     " information exists.\n"));
+          log_info(_("%s is the unchanged one\n"), fname );
+          log_info(_("%s is the new one\n"), tmpfname );
+          log_info(_("Please fix this possible security flaw\n"));
+	}
+      return rc;
+    }
+
+  return 0;
+}
+
+
+static int
+write_keyblock (IOBUF fp, KBNODE keyblock)
+{
+  KBNODE kbctx = NULL, node;
+  int rc;
+  
+  while ( (node = walk_kbnode (keyblock, &kbctx, 0)) ) 
+    {
+      if (node->pkt->pkttype == PKT_RING_TRUST) 
+        continue; /* we write it later on our own */
+
+      if ( (rc = build_packet (fp, node->pkt) ))
+        {
+          log_error ("build_packet(%d) failed: %s\n",
+                     node->pkt->pkttype, g10_errstr(rc) );
+          return rc;
+        }
+      if (node->pkt->pkttype == PKT_SIGNATURE) 
+        { /* always write a signature cache packet */
+          PKT_signature *sig = node->pkt->pkt.signature;
+          unsigned int cacheval = 0;
+          
+          if (sig->flags.checked) 
+            {
+              cacheval |= 1;
+              if (sig->flags.valid)
+                cacheval |= 2;
+            }
+          iobuf_put (fp, 0xb0); /* old style packet 12, 1 byte len*/
+          iobuf_put (fp, 2);    /* 2 bytes */
+          iobuf_put (fp, 0);    /* unused */
+          if (iobuf_put (fp, cacheval)) {
+            log_error ("writing sigcache packet failed\n");
+            return G10ERR_WRITE_FILE;
+          }
+        }
+    }
+  return 0;
+}
+
+/* 
+ * Walk over all public keyrings, check the signatures and replace the
+ * keyring with a new one where the signature cache is then updated.
+ * This is only done for the public keyrings.
+ */
+int
+keyring_rebuild_cache (void *token)
+{
+  KEYRING_HANDLE hd;
+  KEYDB_SEARCH_DESC desc;
+  KBNODE keyblock = NULL, node;
+  const char *lastresname = NULL, *resname;
+  IOBUF tmpfp = NULL;
+  char *tmpfilename = NULL;
+  char *bakfilename = NULL;
+  int rc;
+  ulong count = 0, sigcount = 0;
+
+  hd = keyring_new (token, 0);
+  memset (&desc, 0, sizeof desc);
+  desc.mode = KEYDB_SEARCH_MODE_FIRST;
+
+  while ( !(rc = keyring_search (hd, &desc, 1)) )
+    {
+      desc.mode = KEYDB_SEARCH_MODE_NEXT;
+      resname = keyring_get_resource_name (hd);
+      if (lastresname != resname )
+        { /* we have switched to a new keyring - commit changes */
+          if (tmpfp)
+            {
+              if (iobuf_close (tmpfp))
+                {
+                  log_error ("error closing `%s': %s\n",
+                             tmpfilename, strerror (errno));
+                  rc = G10ERR_CLOSE_FILE;
+                  goto leave;
+                }
+              /* because we have switched resources, we can be sure that
+               * the original file is closed */
+              tmpfp = NULL;
+            }
+          rc = lastresname? rename_tmp_file (bakfilename, tmpfilename, 
+                                             lastresname, 0) : 0;
+          m_free (tmpfilename);  tmpfilename = NULL;
+          m_free (bakfilename);  bakfilename = NULL;
+          if (rc)
+            goto leave;
+          lastresname = resname;
+          if (!opt.quiet)
+            log_info (_("checking keyring `%s'\n"), resname);
+          rc = create_tmp_file (resname, &bakfilename, &tmpfilename, &tmpfp);
+          if (rc)
+            goto leave;
+        }
+      
+      release_kbnode (keyblock);
+      rc = keyring_get_keyblock (hd, &keyblock);
+      if (rc) 
+        {
+          log_error ("keyring_get_keyblock failed: %s\n", g10_errstr(rc));
+          goto leave;
+        }
+      assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
+
+      /* check all signature to set the signature's cache flags */
+      for (node=keyblock; node; node=node->next)
+        {
+          if (node->pkt->pkttype == PKT_SIGNATURE)
+            {
+              check_key_signature (keyblock, node, NULL);
+              sigcount++;
+            }
+        }
+      
+      /* write the keyblock to the temporary file */
+      rc = write_keyblock (tmpfp, keyblock);
+      if (rc)
+        goto leave;
+
+      if ( !(++count % 50) && !opt.quiet)
+        log_info(_("%lu keys so far checked (%lu signatures)\n"),
+                 count, sigcount );
+
+    } /* end main loop */ 
+  if (rc == -1)
+    rc = 0;
+  if (rc) 
+    {
+      log_error ("keyring_search failed: %s\n", g10_errstr(rc));
+      goto leave;
+    }
+  log_info(_("%lu keys checked (%lu signatures)\n"), count, sigcount );
+  if (tmpfp)
+    {
+      if (iobuf_close (tmpfp))
+        {
+          log_error ("error closing `%s': %s\n",
+                     tmpfilename, strerror (errno));
+          rc = G10ERR_CLOSE_FILE;
+          goto leave;
+        }
+      /* because we have switched resources, we can be sure that
+       * the original file is closed */
+      tmpfp = NULL;
+    }
+  rc = lastresname? rename_tmp_file (bakfilename, tmpfilename,
+                                     lastresname, 0) : 0;
+  m_free (tmpfilename);  tmpfilename = NULL;
+  m_free (bakfilename);  bakfilename = NULL;
+
+ leave:
+  if (tmpfp)
+    iobuf_cancel (tmpfp);
+  m_free (tmpfilename);  
+  m_free (bakfilename);  
+  release_kbnode (keyblock);
+  keyring_release (hd);
+  return rc;
+}
+
+
+/****************
+ * Perform insert/delete/update operation.
+ * mode 1 = insert
+ *	2 = delete
+ *	3 = update
+ */
+static int
+do_copy (int mode, const char *fname, KBNODE root, int secret,
+         off_t start_offset, unsigned int n_packets )
+{
+    IOBUF fp, newfp;
+    int rc=0;
+    char *bakfname = NULL;
+    char *tmpfname = NULL;
+
+    /* Open the source file. Because we do a rname, we have to check the 
+       permissions of the file */
+    if (access (fname, W_OK))
+      return G10ERR_WRITE_FILE;
+
+    fp = iobuf_open (fname);
+    if (mode == 1 && !fp && errno == ENOENT) { 
+	/* insert mode but file does not exist: create a new file */
+	KBNODE kbctx, node;
+
+	newfp = iobuf_create (fname);
+	if( !newfp ) {
+	    log_error (_("%s: can't create: %s\n"),
+                       fname, strerror(errno));
+	    return G10ERR_OPEN_FILE;
+	}
+	if( !opt.quiet )
+	    log_info(_("%s: keyring created\n"), fname );
+
+	kbctx=NULL;
+	while ( (node = walk_kbnode( root, &kbctx, 0 )) ) {
+	    if( (rc = build_packet( newfp, node->pkt )) ) {
+		log_error("build_packet(%d) failed: %s\n",
+			    node->pkt->pkttype, g10_errstr(rc) );
+		iobuf_cancel(newfp);
+		return G10ERR_WRITE_FILE;
+	    }
+	}
+	if( iobuf_close(newfp) ) {
+	    log_error ("%s: close failed: %s\n", fname, strerror(errno));
+	    return G10ERR_CLOSE_FILE;
+	}
+	if (chmod( fname, S_IRUSR | S_IWUSR )) {
+	    log_error("%s: chmod failed: %s\n", fname, strerror(errno) );
+	    return G10ERR_WRITE_FILE;
+	}
+	return 0; /* ready */
+    }
+
+    if( !fp ) {
+	log_error ("%s: can't open: %s\n", fname, strerror(errno) );
+	rc = G10ERR_OPEN_FILE;
+	goto leave;
+    }
+
+    /* create the new file */
+    rc = create_tmp_file (fname, &bakfname, &tmpfname, &newfp);
+    if (rc) {
+	iobuf_close(fp);
+	goto leave;
+    }
+    if( mode == 1 ) { /* insert */
+	/* copy everything to the new file */
+	rc = copy_all_packets (fp, newfp);
+	if( rc != -1 ) {
+	    log_error("%s: copy to `%s' failed: %s\n",
+		      fname, tmpfname, g10_errstr(rc) );
+	    iobuf_close(fp);
+	    iobuf_cancel(newfp);
+	    goto leave;
+	}
+	rc = 0;
+    }
+
+    if( mode == 2 || mode == 3 ) { /* delete or update */
+	/* copy first part to the new file */
+	rc = copy_some_packets( fp, newfp, start_offset );
+	if( rc ) { /* should never get EOF here */
+	    log_error ("%s: copy to `%s' failed: %s\n",
+                       fname, tmpfname, g10_errstr(rc) );
+	    iobuf_close(fp);
+	    iobuf_cancel(newfp);
+	    goto leave;
+	}
+	/* skip this keyblock */
+	assert( n_packets );
+	rc = skip_some_packets( fp, n_packets );
+	if( rc ) {
+	    log_error("%s: skipping %u packets failed: %s\n",
+			    fname, n_packets, g10_errstr(rc));
+	    iobuf_close(fp);
+	    iobuf_cancel(newfp);
+	    goto leave;
+	}
+    }
+
+    if( mode == 1 || mode == 3 ) { /* insert or update */
+        rc = write_keyblock (newfp, root);
+        if (rc) {
+          iobuf_close(fp);
+          iobuf_cancel(newfp);
+          goto leave;
+        }
+    }
+
+    if( mode == 2 || mode == 3 ) { /* delete or update */
+	/* copy the rest */
+	rc = copy_all_packets( fp, newfp );
+	if( rc != -1 ) {
+	    log_error("%s: copy to `%s' failed: %s\n",
+		      fname, tmpfname, g10_errstr(rc) );
+	    iobuf_close(fp);
+	    iobuf_cancel(newfp);
+	    goto leave;
+	}
+	rc = 0;
+    }
+
+    /* close both files */
+    if( iobuf_close(fp) ) {
+	log_error("%s: close failed: %s\n", fname, strerror(errno) );
+	rc = G10ERR_CLOSE_FILE;
+	goto leave;
+    }
+    if( iobuf_close(newfp) ) {
+	log_error("%s: close failed: %s\n", tmpfname, strerror(errno) );
+	rc = G10ERR_CLOSE_FILE;
+	goto leave;
+    }
+
+    rc = rename_tmp_file (bakfname, tmpfname, fname, secret);
+
+  leave:
+    m_free(bakfname);
+    m_free(tmpfname);
+    return rc;
+}
diff --git a/g10/keyring.h b/g10/keyring.h
new file mode 100644
index 000000000..cb8e404a4
--- /dev/null
+++ b/g10/keyring.h
@@ -0,0 +1,45 @@
+/* keyring.h - Keyring operations
+ *	Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#ifndef GPG_KEYRING_H
+#define GPG_KEYRING_H 1
+
+#include "global.h"
+
+
+typedef struct keyring_handle *KEYRING_HANDLE;
+
+void *keyring_register_filename (const char *fname, int secret);
+int keyring_is_writable (void *token);
+
+KEYRING_HANDLE keyring_new (void *token, int secret);
+void keyring_release (KEYRING_HANDLE hd);
+const char *keyring_get_resource_name (KEYRING_HANDLE hd);
+int keyring_lock (KEYRING_HANDLE hd, int yes);
+int keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb);
+int keyring_update_keyblock (KEYRING_HANDLE hd, KBNODE kb);
+int keyring_insert_keyblock (KEYRING_HANDLE hd, KBNODE kb);
+int keyring_locate_writable (KEYRING_HANDLE hd);
+int keyring_delete_keyblock (KEYRING_HANDLE hd);
+int keyring_search_reset (KEYRING_HANDLE hd);
+int keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc);
+int keyring_rebuild_cache (void *);
+
+#endif /*GPG_KEYRING_H*/
diff --git a/g10/keyserver-internal.h b/g10/keyserver-internal.h
new file mode 100644
index 000000000..9f0d2e8c0
--- /dev/null
+++ b/g10/keyserver-internal.h
@@ -0,0 +1,22 @@
+/* Keyserver internals */
+
+#ifndef _KEYSERVER_INTERNAL_H_
+#define _KEYSERVER_INTERNAL_H_
+
+#include <time.h>
+#include "keyserver.h"
+#include "iobuf.h"
+#include "types.h"
+
+void parse_keyserver_options(char *options);
+int parse_keyserver_uri(char *uri,
+			const char *configname,unsigned int configlineno);
+int keyserver_export(STRLIST users);
+int keyserver_import(STRLIST users);
+int keyserver_import_fprint(const byte *fprint,size_t fprint_len);
+int keyserver_import_keyid(u32 *keyid);
+int keyserver_refresh(STRLIST users);
+int keyserver_search(STRLIST tokens);
+void keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr);
+
+#endif /* !_KEYSERVER_INTERNAL_H_ */
diff --git a/g10/keyserver.c b/g10/keyserver.c
new file mode 100644
index 000000000..9338bfbb7
--- /dev/null
+++ b/g10/keyserver.c
@@ -0,0 +1,1033 @@
+/* keyserver.c - generic keyserver code
+ * Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "filter.h"
+#include "keydb.h"
+#include "status.h"
+#include "exec.h"
+#include "main.h"
+#include "i18n.h"
+#include "hkp.h"
+#include "iobuf.h"
+#include "memory.h"
+#include "options.h"
+#include "packet.h"
+#include "keyserver-internal.h"
+#include "util.h"
+
+#define KEYSERVER_PROTO_VERSION 0
+
+#define GET    0
+#define SEND   1
+#define SEARCH 2
+
+struct kopts
+{
+  char *name;
+  int tell; /* tell remote process about this one */
+  int *flag;
+} keyserver_opts[]=
+{
+  {"include-revoked",1,&opt.keyserver_options.include_revoked},
+  {"include-disabled",1,&opt.keyserver_options.include_disabled},
+  {"include-subkeys",1,&opt.keyserver_options.include_subkeys},
+  {"keep-temp-files",0,&opt.keyserver_options.keep_temp_files},
+  {"honor-http-proxy",1,&opt.keyserver_options.honor_http_proxy},
+  {"broken-http-proxy",1,&opt.keyserver_options.broken_http_proxy},
+  {"refresh-add-fake-v3-keyids",0,&opt.keyserver_options.fake_v3_keyids},
+  {"auto-key-retrieve",0,&opt.keyserver_options.auto_key_retrieve},
+  {NULL}
+};
+
+void 
+parse_keyserver_options(char *options)
+{
+  char *tok="";
+
+  do
+    {
+      struct kopts *kopts=keyserver_opts;
+      int i,hit=0;
+
+      for(i=0,kopts=keyserver_opts;kopts[i].name;i++)
+	{
+	  if(ascii_strcasecmp(tok,kopts[i].name)==0)
+	    {
+	      *(kopts[i].flag)=1;
+	      hit=1;
+	      break;
+	    }
+	  else if(ascii_memcasecmp("no-",tok,3)==0 && strlen(tok)>3 &&
+		  ascii_strcasecmp(&tok[3],kopts[i].name)==0)
+	    {
+	      *(kopts[i].flag)=0;
+	      hit=1;
+	      break;
+	    }
+	}
+
+      /* These options need more than just a flag */
+      if(!hit)
+	{
+	  if(ascii_strcasecmp(tok,"verbose")==0)
+	    opt.keyserver_options.verbose++;
+	  else if(ascii_strcasecmp(tok,"no-verbose")==0)
+	    opt.keyserver_options.verbose--;
+#ifdef EXEC_TEMPFILE_ONLY
+	  else if(ascii_strcasecmp(tok,"use-temp-files")==0 ||
+		  ascii_strcasecmp(tok,"no-use-temp-files")==0)
+	    log_info(_("Warning: keyserver option \"%s\" is not used "
+		       "on this platform\n"),tok);
+#else
+	  else if(ascii_strcasecmp(tok,"use-temp-files")==0)
+	    opt.keyserver_options.use_temp_files=1;
+	  else if(ascii_strcasecmp(tok,"no-use-temp-files")==0)
+	    opt.keyserver_options.use_temp_files=0;
+#endif
+	  else if(strlen(tok)>0)
+	    add_to_strlist(&opt.keyserver_options.other,tok);
+	}
+
+      tok=strsep(&options," ,");
+    }
+    while(tok!=NULL);
+}
+
+int 
+parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
+{
+  /* Get the scheme */
+
+  opt.keyserver_scheme=strsep(&uri,":");
+  if(uri==NULL)
+    {
+      uri=opt.keyserver_scheme;
+      opt.keyserver_scheme="hkp";
+    }
+
+  if(ascii_strcasecmp(opt.keyserver_scheme,"x-broken-hkp")==0)
+    {
+      deprecated_warning(configname,configlineno,"x-broken-hkp",
+			 "--keyserver-options ","broken-http-proxy");
+      opt.keyserver_scheme="hkp";
+      opt.keyserver_options.broken_http_proxy=1;
+    }
+  else if(ascii_strcasecmp(opt.keyserver_scheme,"x-hkp")==0)
+    {
+      /* Canonicalize this to "hkp" so it works with both the internal
+	 and external keyserver interface. */
+      opt.keyserver_scheme="hkp";
+    }
+
+  /* Skip the "//", if any */
+  if(strlen(uri)>2 && uri[0]=='/' && uri[1]=='/')
+    uri+=2;
+
+  /* Get the host */
+  opt.keyserver_host=strsep(&uri,":/");
+  if(uri==NULL)
+    opt.keyserver_port="0";
+  else
+    {
+      char *ch;
+
+      /* Get the port */
+      opt.keyserver_port=strsep(&uri,"/");
+
+      /* Ports are digits only */
+      ch=opt.keyserver_port;
+      while(*ch!='\0')
+	{
+	  if(!isdigit(*ch))
+	    return G10ERR_BAD_URI;
+
+	  ch++;
+	}
+
+      if(strlen(opt.keyserver_port)==0 ||
+	 atoi(opt.keyserver_port)<1 || atoi(opt.keyserver_port)>65535)
+	return G10ERR_BAD_URI;
+    }
+
+  /* (any path part of the URI is discarded for now as no keyserver
+     uses it) */
+
+  if(opt.keyserver_scheme[0]=='\0' || opt.keyserver_host[0]=='\0')
+    return G10ERR_BAD_URI;
+
+  return 0;
+}
+
+/* Unquote only the delimiter character and backslashes (\x5C) */
+static void 
+printunquoted(char *string,char delim)
+{
+  char *ch=string;
+
+  while(*ch)
+    {
+      if(*ch=='\\')
+	{
+	  int c;
+
+	  sscanf(ch,"\\x%02x",&c);
+	  if(c==delim)
+	    {
+	      printf("%c",c);
+	      ch+=3;
+	    }
+	  else if(c=='\\')
+	    {
+	      fputc('\\',stdout);
+	      ch+=3;
+	    }
+	  else
+	    fputc(*ch,stdout);
+	}
+      else
+	fputc(*ch,stdout);
+
+      ch++;
+    }
+}
+
+static int 
+print_keyinfo(int count,char *keystring,KEYDB_SEARCH_DESC *desc)
+{
+  char *certid,*userid,*keytype,*tok;
+  int flags,keysize=0;
+  time_t createtime=0,expiretime=0,modifytime=0;
+
+  if((certid=strsep(&keystring,":"))==NULL)
+    return -1;
+
+  classify_user_id (certid, desc);
+  if(desc->mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
+     desc->mode!=KEYDB_SEARCH_MODE_LONG_KID &&
+     desc->mode!=KEYDB_SEARCH_MODE_FPR16 &&
+     desc->mode!=KEYDB_SEARCH_MODE_FPR20)
+    return -1;
+
+  if((tok=strsep(&keystring,":"))==NULL)
+    return -1;
+
+  userid=utf8_to_native(tok,strlen(tok),0);
+
+  if((tok=strsep(&keystring,":"))==NULL)
+    return -1;
+
+  flags=atoi(tok);
+
+  if((tok=strsep(&keystring,":"))==NULL)
+    return -1;
+
+  createtime=atoi(tok);
+
+  if((tok=strsep(&keystring,":"))==NULL)
+    return -1;
+
+  expiretime=atoi(tok);
+
+  if((tok=strsep(&keystring,":"))==NULL)
+    return -1;
+
+  modifytime=atoi(tok);
+
+  if((keytype=strsep(&keystring,":"))==NULL)
+    return -1;
+
+  /* The last one */
+  if(keystring!=NULL)
+    keysize=atoi(keystring);
+
+  printf("(%d)\t",count);
+
+  /* No need to check for control characters, as utf8_to_native does
+     this for us. */
+  printunquoted(userid,':');
+
+  if(flags&1)
+    printf(" (revoked)");
+  if(flags&2)
+    printf(" (disabled)");
+
+  if(keytype[0])
+    printf(" %s",keytype);
+
+  if(keysize>0)
+    printf(" %d",keysize);
+
+  printf("\n\t  created %s,",strtimestamp(createtime));
+
+  if(expiretime>0)
+    printf(" expires %s,",strtimestamp(expiretime));
+
+  printf(" key %s\n",certid);
+
+  return 0;
+}
+
+#define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
+#define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
+
+static int 
+keyserver_spawn(int action,STRLIST list,
+		KEYDB_SEARCH_DESC *desc,int count,int *prog)
+{
+  int ret=0,i,gotversion=0,outofband=0;
+  STRLIST temp;
+  unsigned int maxlen=256,buflen;
+  char *command=NULL,*searchstr=NULL;
+  byte *line=NULL;
+  struct kopts *kopts;
+  struct exec_info *spawn;
+
+#ifdef EXEC_TEMPFILE_ONLY
+  opt.keyserver_options.use_temp_files=1;
+#endif
+
+  /* Build the filename for the helper to execute */
+
+  command=m_alloc(strlen("gpgkeys_")+strlen(opt.keyserver_scheme)+1);
+  strcpy(command,"gpgkeys_");
+  strcat(command,opt.keyserver_scheme);
+
+  if(opt.keyserver_options.use_temp_files)
+    {
+      if(opt.keyserver_options.keep_temp_files)
+	{
+	  command=m_realloc(command,strlen(command)+
+			    strlen(KEYSERVER_ARGS_KEEP)+1);
+	  strcat(command,KEYSERVER_ARGS_KEEP);
+	}
+      else
+	{
+	  command=m_realloc(command,strlen(command)+
+			    strlen(KEYSERVER_ARGS_NOKEEP)+1);
+	  strcat(command,KEYSERVER_ARGS_NOKEEP);  
+	}
+
+      ret=exec_write(&spawn,NULL,command,NULL,0,0);
+    }
+  else
+    ret=exec_write(&spawn,command,NULL,NULL,0,0);
+
+  if(ret)
+    return ret;
+
+  fprintf(spawn->tochild,"# This is a gpg keyserver communications file\n");
+  fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
+  fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
+  fprintf(spawn->tochild,"HOST %s\n",opt.keyserver_host);
+
+  if(atoi(opt.keyserver_port)>0)
+    fprintf(spawn->tochild,"PORT %s\n",opt.keyserver_port);
+
+  /* Write options */
+
+  for(i=0,kopts=keyserver_opts;kopts[i].name;i++)
+    if(*(kopts[i].flag) && kopts[i].tell)
+      fprintf(spawn->tochild,"OPTION %s\n",kopts[i].name);
+
+  for(i=0;i<opt.keyserver_options.verbose;i++)
+    fprintf(spawn->tochild,"OPTION verbose\n");
+
+  temp=opt.keyserver_options.other;
+
+  for(;temp;temp=temp->next)
+    fprintf(spawn->tochild,"OPTION %s\n",temp->d);
+
+  switch(action)
+    {
+    case GET:
+      {
+	fprintf(spawn->tochild,"COMMAND GET\n\n");
+
+	/* Which keys do we want? */
+
+	for(i=0;i<count;i++)
+	  {
+	    if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
+	      {
+		int f;
+
+		fprintf(spawn->tochild,"0x");
+
+		for(f=0;f<MAX_FINGERPRINT_LEN;f++)
+		  fprintf(spawn->tochild,"%02X",(byte)desc[i].u.fpr[f]);
+
+		fprintf(spawn->tochild,"\n");
+	      }
+	    else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
+	      {
+		int f;
+
+		fprintf(spawn->tochild,"0x");
+
+		for(f=0;f<16;f++)
+		  fprintf(spawn->tochild,"%02X",(byte)desc[i].u.fpr[f]);
+
+		fprintf(spawn->tochild,"\n");
+	      }
+	    else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
+	      fprintf(spawn->tochild,"0x%08lX%08lX\n",
+		      (ulong)desc[i].u.kid[0],
+		      (ulong)desc[i].u.kid[1]);
+	    else
+	      fprintf(spawn->tochild,"0x%08lX\n",
+		      (ulong)desc[i].u.kid[1]);
+	  }
+
+	fprintf(spawn->tochild,"\n");
+
+	break;
+      }
+
+    case SEND:
+      {
+	STRLIST key;
+
+	/* Note the extra \n here to send an empty keylist block */
+	fprintf(spawn->tochild,"COMMAND SEND\n\n\n");
+
+	for(key=list;key!=NULL;key=key->next)
+	  {
+	    armor_filter_context_t afx;
+	    IOBUF buffer=iobuf_temp();
+
+	    temp=NULL;
+	    add_to_strlist(&temp,key->d);
+
+	    memset(&afx,0,sizeof(afx));
+	    afx.what=1;
+	    iobuf_push_filter(buffer,armor_filter,&afx);
+
+	    if(export_pubkeys_stream(buffer,temp,1)==-1)
+	      iobuf_close(buffer);
+	    else
+	      {
+		iobuf_flush_temp(buffer);
+
+		fprintf(spawn->tochild,"KEY %s BEGIN\n",key->d);
+		fwrite(iobuf_get_temp_buffer(buffer),
+		       iobuf_get_temp_length(buffer),1,spawn->tochild);
+		fprintf(spawn->tochild,"KEY %s END\n",key->d);
+
+		iobuf_close(buffer);
+	      }
+
+	    free_strlist(temp);
+	  }
+
+	break;
+      }
+
+    case SEARCH:
+      {
+	STRLIST key;
+
+	fprintf(spawn->tochild,"COMMAND SEARCH\n\n");
+
+	/* Which keys do we want?  Remember that the gpgkeys_ program
+           is going to lump these together into a search string. */
+
+	for(key=list;key!=NULL;key=key->next)
+	  {
+	    fprintf(spawn->tochild,"%s\n",key->d);
+	    if(key!=list)
+	      {
+		searchstr=m_realloc(searchstr,
+				    strlen(searchstr)+strlen(key->d)+2);
+		strcat(searchstr," ");
+	      }
+	    else
+	      {
+		searchstr=m_alloc(strlen(key->d)+1);
+		searchstr[0]='\0';
+	      }
+
+	    strcat(searchstr,key->d);
+	  }
+
+	fprintf(spawn->tochild,"\n");
+
+	break;
+      }
+
+    default:
+      log_fatal(_("no keyserver action!\n"));
+      break;
+    }
+
+  /* Done sending, so start reading. */
+  ret=exec_read(spawn);
+  if(ret)
+    goto fail;
+
+  /* Now handle the response */
+
+  for(;;)
+    {
+      char *ptr;
+
+      if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
+	{
+	  ret=G10ERR_READ_FILE;
+	  goto fail; /* i.e. EOF */
+	}
+
+      ptr=line;
+
+      if(*ptr=='\r')
+	ptr++;
+
+      if(*ptr=='\n')
+	ptr++;
+
+      if(*ptr=='\0')
+	break;
+
+      if(ascii_memcasecmp(ptr,"VERSION ",8)==0)
+	{
+	  gotversion=1;
+
+	  if(atoi(&ptr[8])!=KEYSERVER_PROTO_VERSION)
+	    {
+	      log_error(_("invalid keyserver protocol (us %d!=handler %d)\n"),
+			KEYSERVER_PROTO_VERSION,atoi(&ptr[8]));
+	      goto fail;
+	    }
+	}
+      else if(ascii_memcasecmp(ptr,"PROGRAM ",8)==0)
+	{
+	  if(ascii_memcasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
+	    log_info(_("Warning: keyserver handler from a different "
+		       "version of GnuPG (%s)\n"),&ptr[8]);
+	}
+      else if(ascii_memcasecmp(ptr,"OPTION OUTOFBAND",16)==0)
+	outofband=1; /* Currently the only OPTION */
+    }
+
+  m_free(line);
+
+  if(!gotversion)
+    {
+      log_error(_("keyserver did not send VERSION\n"));
+      goto fail;
+    }
+
+  if(!outofband)
+    switch(action)
+      {
+      case GET:
+	{
+	  void *stats_handle;
+
+	  stats_handle=import_new_stats_handle();
+
+	  /* Slurp up all the key data.  In the future, it might be nice
+	     to look for KEY foo OUTOFBAND and FAILED indicators.  It's
+	     harmless to ignore them, but ignoring them does make gpg
+	     complain about "no valid OpenPGP data found".  One way to
+	     do this could be to continue parsing this line-by-line and
+	     make a temp iobuf for each key. */
+
+	  import_keys_stream(spawn->fromchild,0,stats_handle);
+
+	  import_print_stats(stats_handle);
+	  import_release_stats_handle(stats_handle);
+
+	  break;
+	}
+
+	/* Nothing to do here */
+      case SEND:
+	break;
+
+      case SEARCH:
+	{
+	  line=NULL;
+	  buflen = 0;
+	  maxlen = 80;
+	  /* Look for the COUNT line */
+	  do
+	    {
+	      if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
+		{
+		  ret=G10ERR_READ_FILE;
+		  goto fail; /* i.e. EOF */
+		}
+	    }
+	  while(sscanf(line,"COUNT %d\n",&i)!=1);
+
+	  keyserver_search_prompt(spawn->fromchild,i,searchstr);
+
+	  break;
+	}
+
+      default:
+	log_fatal(_("no keyserver action!\n"));
+	break;
+      }
+
+ fail:
+  *prog=exec_finish(spawn);
+
+  return ret;
+}
+
+static int 
+keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
+{
+  int rc=0,ret=0;
+
+  if(opt.keyserver_scheme==NULL ||
+     opt.keyserver_host==NULL ||
+     opt.keyserver_port==NULL)
+    {
+      log_error(_("no keyserver known (use option --keyserver)\n"));
+      return G10ERR_BAD_URI;
+    }
+
+#ifndef USE_EXTERNAL_HKP
+  /* Use the internal HKP code */
+  if(ascii_strcasecmp(opt.keyserver_scheme,"hkp")==0)
+    {
+      void *stats_handle = import_new_stats_handle ();
+
+      switch(action)
+	{
+	case GET:
+	  for(count--;count>=0;count--)
+	    if(hkp_ask_import(&desc[count],stats_handle))
+	      log_inc_errorcount();
+	  break;
+	case SEND:
+	  return hkp_export(list);
+	case SEARCH:
+	  return hkp_search(list);
+	}
+
+      import_print_stats (stats_handle);
+      import_release_stats_handle (stats_handle);
+
+      return 0;
+    }
+#endif
+
+  /* It's not the internal HKP code, so try and spawn a handler for it */
+
+  rc=keyserver_spawn(action,list,desc,count,&ret);
+  if(ret)
+    {
+      switch(ret)
+	{
+	case KEYSERVER_SCHEME_NOT_FOUND:
+	  log_error(_("no handler for keyserver scheme \"%s\"\n"),
+		    opt.keyserver_scheme);
+	  break;
+
+	case KEYSERVER_NOT_SUPPORTED:
+	  log_error(_("action \"%s\" not supported with keyserver "
+		      "scheme \"%s\"\n"),
+		    action==GET?"get":action==SEND?"send":
+		    action==SEARCH?"search":"unknown",
+		    opt.keyserver_scheme);
+
+	case KEYSERVER_INTERNAL_ERROR:
+	default:
+	  log_error(_("keyserver internal error\n"));
+	  break;
+	}
+
+      return G10ERR_KEYSERVER;
+    }
+
+  if(rc)
+    {
+      log_error(_("keyserver communications error: %s\n"),g10_errstr(rc));
+
+      return rc;
+    }
+
+  return 0;
+}
+
+int 
+keyserver_export(STRLIST users)
+{
+  /* We better ask for confirmation when the user entered --send-keys
+     without arguments.  Sending all keys might not be the thing he
+     intended to do */
+  if (users || opt.batch || opt.answer_yes)
+    ;
+  else if ( !cpr_get_answer_is_yes
+            ("keyserver_export.send_all",
+             _("Do you really want to send all your "
+               "public keys to the keyserver? (y/N) ")))
+    return -1;
+
+  return keyserver_work(SEND,users,NULL,0);
+}
+
+int 
+keyserver_import(STRLIST users)
+{
+  KEYDB_SEARCH_DESC *desc;
+  int num=100,count=0;
+  int rc=0;
+
+  /* Build a list of key ids */
+  desc=m_alloc(sizeof(KEYDB_SEARCH_DESC)*num);
+
+  for(;users;users=users->next)
+    {
+      classify_user_id (users->d, &desc[count]);
+      if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
+	 desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
+	 desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
+	 desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
+	{
+	  log_error(_("skipping invalid key ID \"%s\"\n"),users->d);
+	  continue;
+	}
+
+      count++;
+      if(count==num)
+	{
+	  num+=100;
+	  desc=m_realloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
+	}
+    }
+
+  if(count>0)
+    rc=keyserver_work(GET,NULL,desc,count);
+
+  m_free(desc);
+
+  return rc;
+}
+
+int
+keyserver_import_fprint(const byte *fprint,size_t fprint_len)
+{
+  KEYDB_SEARCH_DESC desc;
+
+  memset(&desc,0,sizeof(desc));
+
+  if(fprint_len==16)
+    desc.mode=KEYDB_SEARCH_MODE_FPR16;
+  else if(fprint_len==20)
+    desc.mode=KEYDB_SEARCH_MODE_FPR20;
+  else
+    return -1;
+
+  memcpy(desc.u.fpr,fprint,fprint_len);
+
+  return keyserver_work(GET,NULL,&desc,1);
+}
+
+int 
+keyserver_import_keyid(u32 *keyid)
+{
+  KEYDB_SEARCH_DESC desc;
+
+  memset(&desc,0,sizeof(desc));
+
+  desc.mode=KEYDB_SEARCH_MODE_LONG_KID;
+  desc.u.kid[0]=keyid[0];
+  desc.u.kid[1]=keyid[1];
+
+  return keyserver_work(GET,NULL,&desc,1);
+}
+
+/* code mostly stolen from do_export_stream */
+static int 
+keyidlist(STRLIST users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
+{
+  int rc=0,ndesc,num=100;
+  KBNODE keyblock=NULL,node;
+  KEYDB_HANDLE kdbhd;
+  KEYDB_SEARCH_DESC *desc;
+  STRLIST sl;
+
+  *count=0;
+
+  *klist=m_alloc(sizeof(KEYDB_SEARCH_DESC)*num);
+
+  kdbhd=keydb_new(0);
+
+  if(!users)
+    {
+      ndesc = 1;
+      desc = m_alloc_clear ( ndesc * sizeof *desc);
+      desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
+    }
+  else
+    {
+      for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++) 
+	;
+      desc = m_alloc ( ndesc * sizeof *desc);
+        
+      for (ndesc=0, sl=users; sl; sl = sl->next)
+	{
+	  if(classify_user_id (sl->d, desc+ndesc))
+	    ndesc++;
+	  else
+	    log_error (_("key `%s' not found: %s\n"),
+		       sl->d, g10_errstr (G10ERR_INV_USER_ID));
+	}
+    }
+
+  while (!(rc = keydb_search (kdbhd, desc, ndesc)))
+    {
+      if (!users) 
+	desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
+
+      /* read the keyblock */
+      rc = keydb_get_keyblock (kdbhd, &keyblock );
+      if( rc )
+	{
+	  log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
+	  goto leave;
+	}
+
+      if((node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
+	{
+	  /* This is to work around a bug in some keyservers (pksd and
+             OKS) that calculate v4 RSA keyids as if they were v3 RSA.
+             The answer is to refresh both the correct v4 keyid
+             (e.g. 99242560) and the fake v3 keyid (e.g. 68FDDBC7).
+             This only happens for key refresh using the HKP scheme
+             and if the refresh-add-fake-v3-keyids keyserver option is
+             set. */
+	  if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
+	     node->pkt->pkt.public_key->version>=4)
+	    {
+	      (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
+	      mpi_get_keyid(node->pkt->pkt.public_key->pkey[0],
+			    (*klist)[*count].u.kid);
+	      (*count)++;
+
+	      if(*count==num)
+		{
+		  num+=100;
+		  *klist=m_realloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
+		}
+	    }
+
+	  /* v4 keys get full fingerprints.  v3 keys get long keyids.
+             This is because it's easy to calculate any sort of key id
+             from a v4 fingerprint, but not a v3 fingerprint. */
+
+	  if(node->pkt->pkt.public_key->version<4)
+	    {
+	      (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
+	      keyid_from_pk(node->pkt->pkt.public_key,
+			    (*klist)[*count].u.kid);
+	    }
+	  else
+	    {
+	      size_t dummy;
+
+	      (*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
+	      fingerprint_from_pk(node->pkt->pkt.public_key,
+				  (*klist)[*count].u.fpr,&dummy);
+	    }
+
+	  (*count)++;
+
+	  if(*count==num)
+	    {
+	      num+=100;
+	      *klist=m_realloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
+	    }
+	}
+    }
+
+  if(rc==-1)
+    rc=0;
+  
+ leave:
+  m_free(desc);
+  keydb_release(kdbhd);
+  release_kbnode(keyblock);
+
+  return rc;
+}
+
+/* Note this is different than the original HKP refresh.  It allows
+   usernames to refresh only part of the keyring. */
+
+int 
+keyserver_refresh(STRLIST users)
+{
+  int rc,count,fakev3=0;
+  KEYDB_SEARCH_DESC *desc;
+
+  /* We switch merge_only on during a refresh, as 'refresh' should
+     never import new keys, even if their keyids match.  Is it worth
+     preserving the old merge_only value here? */
+  opt.merge_only=1;
+
+  /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
+     scheme, then enable fake v3 keyid generation. */
+  if(opt.keyserver_options.fake_v3_keyids && opt.keyserver_scheme &&
+     (ascii_strcasecmp(opt.keyserver_scheme,"hkp")==0 ||
+      ascii_strcasecmp(opt.keyserver_scheme,"mailto")==0))
+    fakev3=1;
+
+  rc=keyidlist(users,&desc,&count,fakev3);
+  if(rc)
+    return rc;
+
+  if(count==1)
+    log_info(_("%d key to refresh\n"),count);
+  else
+    log_info(_("%d keys to refresh\n"),count);
+
+  if(count>0)
+    rc=keyserver_work(GET,NULL,desc,count);
+
+  m_free(desc);
+
+  return 0;
+}
+
+int 
+keyserver_search(STRLIST tokens)
+{
+  if(tokens)
+    return keyserver_work(SEARCH,tokens,NULL,0);
+  else
+    return 0;
+}
+
+/* Count and searchstr are just for cosmetics.  If the count is too
+   small, it will grow safely.  If negative it disables the "Key x-y
+   of z" messages. */
+void 
+keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
+{
+  int i=0,validcount=1;
+  unsigned int maxlen=256,buflen=0;
+  KEYDB_SEARCH_DESC *desc;
+  byte *line=NULL;
+  char *answer;
+
+  if(count==0)
+    goto notfound;
+
+  if(count<0)
+    {
+      validcount=0;
+      count=10;
+    }
+
+  desc=m_alloc(count*sizeof(KEYDB_SEARCH_DESC));
+
+  /* Read each line and show it to the user */
+
+  for(;;)
+    {
+      int rl;
+
+      if(validcount && i%10==0)
+	{
+	  printf("Keys %d-%d of %d",i+1,(i+10<count)?i+10:count,count);
+	  if(searchstr)
+	    printf(" for \"%s\"",searchstr);
+	  printf("\n");
+	}
+
+      maxlen=1024;
+      rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
+      if(rl>0)
+	{
+	  if(print_keyinfo(i+1,line,&desc[i])==0)
+	    {
+	      i++;
+
+	      if(i==count)
+		{
+		  count+=10;
+		  desc=m_realloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
+		  validcount=0;
+		}
+	    }
+	  else
+	    continue;
+	}
+
+      if(rl==0 && i==0)
+	{
+	  count=0;
+	  break;
+	}
+
+      if(i%10==0 || rl==0)
+	{
+	  answer=cpr_get_no_help("keysearch.prompt",
+				 _("Enter number(s), N)ext, or Q)uit > "));
+	  /* control-d */
+	  if(answer[0]=='\x04')
+	    {
+	      printf("Q\n");
+	      answer[0]='q';
+	    }
+
+	  if(answer[0]=='q' || answer[0]=='Q')
+	    {
+	      m_free(answer);
+	      break;
+	    }
+	  else if(atoi(answer)>=1 && atoi(answer)<=i)
+	    {
+	      char *split=answer,*num;
+
+	      while((num=strsep(&split," ,"))!=NULL)
+		if(atoi(num)>=1 && atoi(num)<=i)
+		  keyserver_work(GET,NULL,&desc[atoi(num)-1],1);
+
+	      m_free(answer);
+	      break;
+	    }
+	}
+    }
+
+  m_free(desc);
+  m_free(line);
+
+ notfound:
+  if(count==0)
+    {
+      if(searchstr)
+	log_info(_("key \"%s\" not found on keyserver\n"),searchstr);
+      else
+	log_info(_("key not found on keyserver\n"));
+      return;
+    }
+}
diff --git a/g10/ks-proto.c b/g10/ks-proto.c
index 43abf468a..aa7dc56e0 100644
--- a/g10/ks-proto.c
+++ b/g10/ks-proto.c
@@ -1,5 +1,5 @@
 /* ks-proto.c  keyserver protocol handling
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+ * Copyright (C) 1998 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
diff --git a/g10/ks-proto.h b/g10/ks-proto.h
index 6e8bbad0b..cd55b47e2 100644
--- a/g10/ks-proto.h
+++ b/g10/ks-proto.h
@@ -1,5 +1,5 @@
 /* ks-proto.h
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -17,7 +17,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
-#ifndef GPG_KS_PROTO_H
-#define GPG_KS_PROTO_H
+#ifndef G10_KS_PROTO_H
+#define G10_KS_PROTO_H
 
-#endif /*GPG_KS_PROTO_H*/
+#endif /*G10_KS_PROTO_H*/
diff --git a/g10/main.h b/g10/main.h
index d199c5484..e7153bd55 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -1,5 +1,5 @@
 /* main.h
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -17,30 +17,39 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
-#ifndef GPG_MAIN_H
-#define GPG_MAIN_H
-
-#include <gcrypt.h>
-#include "basicdefs.h"
+#ifndef G10_MAIN_H
+#define G10_MAIN_H
+#include "types.h"
 #include "iobuf.h"
+#include "mpi.h"
+#include "cipher.h"
 #include "keydb.h"
 
-#define DEFAULT_CIPHER_ALGO  GCRY_CIPHER_BLOWFISH
-#define DEFAULT_PUBKEY_ALGO  GCRY_PUBKEY_ELGAMAL
-#define DEFAULT_DIGEST_ALGO  GCRY_MD_RMD160
+#define DEFAULT_CIPHER_ALGO   CIPHER_ALGO_CAST5
+#define DEFAULT_PUBKEY_ALGO   PUBKEY_ALGO_ELGAMAL
+#define DEFAULT_DIGEST_ALGO   DIGEST_ALGO_SHA1
+#define DEFAULT_COMPRESS_ALGO 1
 
-#define is_RSA(a)     ((a)==GCRY_PK_RSA || (a)==GCRY_PK_RSA_E \
-					|| (a)==GCRY_PK_RSA_S )
-#define is_ELGAMAL(a) ((a)==GCRY_PK_ELG || (a)==GCRY_PK_ELG_E)
+typedef struct {
+    int header_okay;
+    PK_LIST pk_list;
+    cipher_filter_context_t cfx;
+} encrypt_filter_context_t;
 
+struct groupitem
+{
+  char *name;
+  STRLIST values;
+  struct groupitem *next;
+};
 
-/*-- gpg.c --*/
-extern int gpg_errors_seen;
+/*-- g10.c --*/
+extern int g10_errors_seen;
 
 #if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
-  void gpg_exit(int rc) __attribute__ ((noreturn));
+  void g10_exit(int rc) __attribute__ ((noreturn));
 #else
-  void gpg_exit(int rc);
+  void g10_exit(int rc);
 #endif
 void print_pubkey_algo_note( int algo );
 void print_cipher_algo_note( int algo );
@@ -55,24 +64,29 @@ int disable_core_dumps(void);
 u16 checksum_u16( unsigned n );
 u16 checksum( byte *p, unsigned n );
 u16 checksum_mpi( MPI a );
+u16 checksum_mpi_counted_nbits( MPI a );
 u32 buffer_to_u32( const byte *buffer );
-
-int mpi_write( IOBUF out, GCRY_MPI a );
-int mpi_write_opaque( IOBUF out, MPI a );
-GCRY_MPI mpi_read(IOBUF inp, unsigned int *ret_nread, int secure );
-GCRY_MPI mpi_read_opaque(IOBUF inp, unsigned int *ret_nread );
-int mpi_print( FILE *fp, MPI a, int mode );
-
+const byte *get_session_marker( size_t *rlen );
 int openpgp_cipher_test_algo( int algo );
 int openpgp_pk_test_algo( int algo, unsigned int usage_flags );
 int openpgp_pk_algo_usage ( int algo );
 int openpgp_md_test_algo( int algo );
-
-int pubkey_get_npkey( int algo );
-int pubkey_get_nskey( int algo );
-int pubkey_get_nsig( int algo );
-int pubkey_get_nenc( int algo );
-unsigned int pubkey_nbits( int algo, MPI *pkey );
+int check_permissions(const char *path,int extension,int checkonly);
+void idea_cipher_warn( int show );
+
+struct expando_args
+{
+  PKT_public_key *pk;
+  PKT_secret_key *sk;
+  byte imagetype;
+};
+
+char *pct_expando(const char *string,struct expando_args *args);
+int hextobyte( const char *s );
+void deprecated_warning(const char *configname,unsigned int configlineno,
+			const char *option,const char *repl1,const char *repl2);
+const char *compress_algo_to_string(int algo);
+int check_compress_algo(int algo);
 
 /*-- helptext.c --*/
 void display_online_help( const char *keyword );
@@ -81,15 +95,17 @@ void display_online_help( const char *keyword );
 int encode_symmetric( const char *filename );
 int encode_store( const char *filename );
 int encode_crypt( const char *filename, STRLIST remusr );
+void encode_crypt_files(int nfiles, char **files, STRLIST remusr);
 int encrypt_filter( void *opaque, int control,
 		    IOBUF a, byte *buf, size_t *ret_len);
 
 
 /*-- sign.c --*/
-int complete_sig( PKT_signature *sig, PKT_secret_key *sk, GCRY_MD_HD md );
+int complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md );
 int sign_file( STRLIST filenames, int detached, STRLIST locusr,
 	       int do_encrypt, STRLIST remusr, const char *outfile );
 int clearsign_file( const char *fname, STRLIST locusr, const char *outfile );
+int sign_symencrypt_file (const char *fname, STRLIST locusr);
 
 /*-- sig-check.c --*/
 int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig );
@@ -97,17 +113,22 @@ int check_key_signature2( KBNODE root, KBNODE node,
 			  int *is_selfsig, u32 *r_expiredate, int *r_expired );
 
 /*-- delkey.c --*/
-int delete_key( const char *username, int secure );
+int delete_keys( STRLIST names, int secret, int allow_both );
 
 /*-- keyedit.c --*/
 void keyedit_menu( const char *username, STRLIST locusr, STRLIST cmds,
 							    int sign_mode );
 
 /*-- keygen.c --*/
+u32 ask_expire_interval(int object);
 u32 ask_expiredate(void);
 void generate_keypair( const char *fname );
+int keygen_set_std_prefs (const char *string,int personal);
+char *keygen_get_std_prefs (void);
 int keygen_add_key_expire( PKT_signature *sig, void *opaque );
 int keygen_add_std_prefs( PKT_signature *sig, void *opaque );
+int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
+int keygen_add_revkey(PKT_signature *sig, void *opaque);
 int generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock );
 
 /*-- openfile.c --*/
@@ -121,16 +142,20 @@ void try_make_homedir( const char *fname );
 /*-- seskey.c --*/
 void make_session_key( DEK *dek );
 MPI encode_session_key( DEK *dek, unsigned nbits );
-MPI encode_md_value( int pubkey_algo,  GCRY_MD_HD md,
+MPI encode_md_value( int pubkey_algo,  MD_HANDLE md,
 		     int hash_algo, unsigned nbits, int v3compathack );
 
 /*-- comment.c --*/
-KBNODE make_comment_node_from_buffer( const char *s, size_t n );
 KBNODE make_comment_node( const char *s );
+KBNODE make_mpi_comment_node( const char *s, MPI a );
 
 /*-- import.c --*/
-void import_keys( char **fnames, int nnames, int fast );
-int import_keys_stream( IOBUF inp, int fast );
+void import_keys( char **fnames, int nnames, int fast, void *stats_hd );
+int import_keys_stream( IOBUF inp, int fast, void *stats_hd );
+void *import_new_stats_handle (void);
+void import_release_stats_handle (void *p);
+void import_print_stats (void *hd);
+
 int collapse_uids( KBNODE *keyblock );
 
 /*-- export.c --*/
@@ -146,6 +171,7 @@ int enarmor_file( const char *fname );
 /*-- revoke.c --*/
 struct revocation_reason_info;
 int gen_revoke( const char *uname );
+int gen_desig_revoke( const char *uname );
 int revocation_reason_build_cb( PKT_signature *sig, void *opaque );
 struct revocation_reason_info *
 		ask_revocation_reason( int key_rev, int cert_rev, int hint );
@@ -154,22 +180,32 @@ void release_revocation_reason_info( struct revocation_reason_info *reason );
 /*-- keylist.c --*/
 void public_key_list( STRLIST list );
 void secret_key_list( STRLIST list );
+void list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque );
+void print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode);
+void show_policy_url(PKT_signature *sig,int indent);
+void show_notation(PKT_signature *sig,int indent);
+void set_attrib_fd(int fd);
 
 /*-- verify.c --*/
+void print_file_status( int status, const char *name, int what );
 int verify_signatures( int nfiles, char **files );
 int verify_files( int nfiles, char **files );
 
 /*-- decrypt.c --*/
 int decrypt_message( const char *filename );
+void decrypt_messages(int nfiles, char **files);
 
 /*-- plaintext.c --*/
-int hash_datafiles( GCRY_MD_HD md, GCRY_MD_HD md2,
+int hash_datafiles( MD_HANDLE md, MD_HANDLE md2,
 		    STRLIST files, const char *sigfilename, int textmode );
 
+/*-- pipemode.c --*/
+void run_in_pipemode (void);
+
 /*-- signal.c --*/
 void init_signals(void);
 void pause_on_sigusr( int which );
 void block_all_signals(void);
 void unblock_all_signals(void);
 
-#endif /*GPG_MAIN_H*/
+#endif /*G10_MAIN_H*/
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 7b04b3e6f..bcd1c1c01 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1,5 +1,5 @@
 /* mainproc.c - handle packets
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,18 +25,19 @@
 #include <assert.h>
 #include <time.h>
 
-#include <gcrypt.h>
 #include "packet.h"
 #include "iobuf.h"
+#include "memory.h"
 #include "options.h"
 #include "util.h"
+#include "cipher.h"
 #include "keydb.h"
 #include "filter.h"
 #include "main.h"
 #include "status.h"
 #include "i18n.h"
 #include "trustdb.h"
-#include "hkp.h"
+#include "keyserver-internal.h"
 
 
 struct kidlist_item {
@@ -69,8 +70,11 @@ struct mainproc_context {
     IOBUF iobuf;    /* used to get the filename etc. */
     int trustletter; /* temp usage in list_node */
     ulong local_id;    /* ditto */
-    struct kidlist_item *failed_pkenc;	/* list of packets for which
-					   we do not have a secret key */
+    struct kidlist_item *pkenc_list;	/* list of encryption packets */
+    struct {
+        int op;
+        int stop_now;
+    } pipemode;
 };
 
 
@@ -87,13 +91,18 @@ release_list( CTX c )
 	return;
     proc_tree(c, c->list );
     release_kbnode( c->list );
-    while( c->failed_pkenc ) {
-	struct kidlist_item *tmp = c->failed_pkenc->next;
-	gcry_free( c->failed_pkenc );
-	c->failed_pkenc = tmp;
+    while( c->pkenc_list ) {
+	struct kidlist_item *tmp = c->pkenc_list->next;
+	m_free( c->pkenc_list );
+	c->pkenc_list = tmp;
     }
-    c->failed_pkenc = NULL;
+    c->pkenc_list = NULL;
     c->list = NULL;
+    c->have_data = 0;
+    c->last_was_session_key = 0;
+    c->pipemode.op = 0;
+    c->pipemode.stop_now = 0;
+    m_free(c->dek); c->dek = NULL;
 }
 
 
@@ -103,8 +112,14 @@ add_onepass_sig( CTX c, PACKET *pkt )
     KBNODE node;
 
     if( c->list ) { /* add another packet */
-	if( c->list->pkt->pkttype != PKT_ONEPASS_SIG ) {
-	   log_error("add_onepass_sig: another packet is in the way\n");
+        /* We can only append another onepass packet if the list
+         * does contain only onepass packets */
+        for( node=c->list; node && node->pkt->pkttype == PKT_ONEPASS_SIG;
+             node = node->next )
+            ;
+	if( node ) {
+            /* this is not the case, so we flush the current thing and 
+             * allow this packet to start a new verification thing */
 	   release_list( c );
 	   c->list = new_kbnode( pkt );
 	}
@@ -118,6 +133,48 @@ add_onepass_sig( CTX c, PACKET *pkt )
 }
 
 
+static int
+add_gpg_control( CTX c, PACKET *pkt )
+{
+    if ( pkt->pkt.gpg_control->control == CTRLPKT_CLEARSIGN_START ) {
+        /* New clear text signature.
+         * Process the last one and reset everything */
+        release_list(c);
+    }   
+    else if ( pkt->pkt.gpg_control->control == CTRLPKT_PIPEMODE ) {
+        /* Pipemode control packet */
+        if ( pkt->pkt.gpg_control->datalen < 2 ) 
+            log_fatal ("invalid pipemode control packet length\n");
+        if (pkt->pkt.gpg_control->data[0] == 1) {
+            /* start the whole thing */
+            assert ( !c->list ); /* we should be in a pretty virgin state */
+            assert ( !c->pipemode.op );
+            c->pipemode.op = pkt->pkt.gpg_control->data[1];
+        }
+        else if (pkt->pkt.gpg_control->data[0] == 2) {
+            /* the signed material follows in a plaintext packet */
+            assert ( c->pipemode.op == 'B' );
+        }
+        else if (pkt->pkt.gpg_control->data[0] == 3) {
+            assert ( c->pipemode.op == 'B' );
+            release_list (c);
+            /* and tell the outer loop to terminate */
+            c->pipemode.stop_now = 1;
+        }
+        else 
+            log_fatal ("invalid pipemode control packet code\n");
+        return 0; /* no need to store the packet */
+    }   
+
+    if( c->list )  /* add another packet */
+        add_kbnode( c->list, new_kbnode( pkt ));
+    else /* insert the first one */
+	c->list = new_kbnode( pkt );
+
+    return 1;
+}
+
+
 
 static int
 add_user_id( CTX c, PACKET *pkt )
@@ -180,6 +237,32 @@ add_signature( CTX c, PACKET *pkt )
     return 1;
 }
 
+static void
+symkey_decrypt_sesskey( DEK *dek, byte *sesskey, size_t slen )
+{
+    CIPHER_HANDLE hd;
+
+    if ( slen < 17 || slen > 33 ) {
+        log_error( "weird size for an encrypted session key (%d)\n", slen );
+        return;   
+    }
+    hd = cipher_open( dek->algo, CIPHER_MODE_CFB, 1 );
+    cipher_setkey( hd, dek->key, dek->keylen );
+    cipher_setiv( hd, NULL, 0 );
+    cipher_decrypt( hd, sesskey, sesskey, slen );
+    cipher_close( hd );
+    /* check first byte (the cipher algo) */
+    if ( sesskey[0] > 10 ) {
+        log_error( "invalid symkey algorithm detected (%d)\n", sesskey[0] );
+        return;
+    }
+    /* now we replace the dek components with the real session key
+       to decrypt the contents of the sequencing packet. */
+    dek->keylen = cipher_get_keylen( sesskey[0] ) / 8;
+    dek->algo = sesskey[0];
+    memcpy( dek->key, sesskey + 1, dek->keylen );
+    /*log_hexdump( "thekey", dek->key, dek->keylen );*/
+}   
 
 static void
 proc_symkey_enc( CTX c, PACKET *pkt )
@@ -187,12 +270,28 @@ proc_symkey_enc( CTX c, PACKET *pkt )
     PKT_symkey_enc *enc;
 
     enc = pkt->pkt.symkey_enc;
-    if( enc->seskeylen )
-	log_error( "symkey_enc packet with session keys are not supported!\n");
+    if (!enc)
+        log_error ("invalid symkey encrypted packet\n");
     else {
+        int algo = enc->cipher_algo;
+	const char *s;
+
+	s = cipher_algo_to_string (algo);
+	if( s )
+	    log_info(_("%s encrypted data\n"), s );
+	else
+	    log_info(_("encrypted with unknown algorithm %d\n"), algo );
+
 	c->last_was_session_key = 2;
-	c->dek = passphrase_to_dek( NULL, 0, enc->cipher_algo, &enc->s2k, 0 );
+	if ( opt.list_only )
+    	    goto leave;
+	c->dek = passphrase_to_dek( NULL, 0, algo, &enc->s2k, 0, NULL );
+        if (c->dek)
+            c->dek->algo_info_printed = 1;
+        if ( c->dek && enc->seskeylen )
+            symkey_decrypt_sesskey( c->dek, enc->seskey, enc->seskeylen );
     }
+leave:
     free_packet(pkt);
 }
 
@@ -218,42 +317,64 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
 	write_status_text( STATUS_ENC_TO, buf );
     }
 
-
-    if( is_ELGAMAL(enc->pubkey_algo)
-	|| enc->pubkey_algo == GCRY_PK_DSA
+    if( !opt.list_only && opt.override_session_key ) {
+	/* It does not make much sense to store the session key in
+	 * secure memory because it has already been passed on the
+	 * command line and the GCHQ knows about it */
+	c->dek = m_alloc_clear( sizeof *c->dek );
+	result = get_override_session_key ( c->dek, opt.override_session_key );
+	if ( result ) {
+	    m_free(c->dek); c->dek = NULL;
+	}
+    }
+    else if( is_ELGAMAL(enc->pubkey_algo)
+	|| enc->pubkey_algo == PUBKEY_ALGO_DSA
 	|| is_RSA(enc->pubkey_algo)  ) {
 	if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
+                          || opt.try_all_secrets
 			  || !seckey_available( enc->keyid )) ) {
 	    if( opt.list_only )
 		result = -1;
 	    else {
-		c->dek = gcry_xmalloc_secure( sizeof *c->dek );
+		c->dek = m_alloc_secure_clear( sizeof *c->dek );
 		if( (result = get_session_key( enc, c->dek )) ) {
 		    /* error: delete the DEK */
-		    gcry_free(c->dek); c->dek = NULL;
+		    m_free(c->dek); c->dek = NULL;
 		}
 	    }
 	}
 	else
-	    result = GPGERR_NO_SECKEY;
+	    result = G10ERR_NO_SECKEY;
     }
     else
-	result = GPGERR_PUBKEY_ALGO;
+	result = G10ERR_PUBKEY_ALGO;
 
     if( result == -1 )
 	;
-    else if( !result ) {
-	if( opt.verbose > 1 )
-	    log_info( _("public key encrypted data: good DEK\n") );
-    }
-    else { /* store it for later display */
-	struct kidlist_item *x = gcry_xmalloc( sizeof *x );
-	x->kid[0] = enc->keyid[0];
-	x->kid[1] = enc->keyid[1];
-	x->pubkey_algo = enc->pubkey_algo;
-	x->reason = result;
-	x->next = c->failed_pkenc;
-	c->failed_pkenc = x;
+    else {
+        if( !result ) {
+            if( opt.verbose > 1 )
+                log_info( _("public key encrypted data: good DEK\n") );
+            if ( opt.show_session_key ) {
+                int i;
+                char *buf = m_alloc ( c->dek->keylen*2 + 20 );
+                sprintf ( buf, "%d:", c->dek->algo );
+                for(i=0; i < c->dek->keylen; i++ )
+                    sprintf(buf+strlen(buf), "%02X", c->dek->key[i] );
+                log_info( "session key: \"%s\"\n", buf );
+                write_status_text ( STATUS_SESSION_KEY, buf );
+            }
+        }
+        /* store it for later display */
+        {
+            struct kidlist_item *x = m_alloc( sizeof *x );
+            x->kid[0] = enc->keyid[0];
+            x->kid[1] = enc->keyid[1];
+            x->pubkey_algo = enc->pubkey_algo;
+            x->reason = result;
+            x->next = c->pkenc_list;
+            c->pkenc_list = x;
+        }
     }
     free_packet(pkt);
 }
@@ -265,11 +386,19 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
  * not decrypt.
  */
 static void
-print_failed_pkenc( struct kidlist_item *list )
+print_pkenc_list( struct kidlist_item *list, int failed )
 {
     for( ; list; list = list->next ) {
-	PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-	const char *algstr = gcry_pk_algo_name( list->pubkey_algo );
+	PKT_public_key *pk;
+	const char *algstr;
+        
+        if ( failed && !list->reason )
+            continue;
+        if ( !failed && list->reason )
+            continue;
+
+        algstr = pubkey_algo_to_string( list->pubkey_algo );
+        pk = m_alloc_clear( sizeof *pk );
 
 	if( !algstr )
 	    algstr = "[?]";
@@ -282,8 +411,8 @@ print_failed_pkenc( struct kidlist_item *list )
 		       strtimestamp(pk->timestamp) );
 	    fputs("      \"", log_stream() );
 	    p = get_user_id( list->kid, &n );
-	    print_string( log_stream(), p, n, '"' );
-	    gcry_free(p);
+	    print_utf8_string2 ( log_stream(), p, n, '"' );
+	    m_free(p);
 	    fputs("\"\n", log_stream() );
 	}
 	else {
@@ -292,8 +421,7 @@ print_failed_pkenc( struct kidlist_item *list )
 	}
 	free_public_key( pk );
 
-	if( list->reason == GPGERR_NO_SECKEY ) {
-	    log_info(_("no secret key for decryption available\n"));
+	if( list->reason == G10ERR_NO_SECKEY ) {
 	    if( is_status_enabled() ) {
 		char buf[20];
 		sprintf(buf,"%08lX%08lX", (ulong)list->kid[0],
@@ -301,9 +429,9 @@ print_failed_pkenc( struct kidlist_item *list )
 		write_status_text( STATUS_NO_SECKEY, buf );
 	    }
 	}
-	else
+	else if (list->reason)
 	    log_error(_("public key decryption failed: %s\n"),
-						gpg_errstr(list->reason));
+						g10_errstr(list->reason));
     }
 }
 
@@ -313,7 +441,10 @@ proc_encrypted( CTX c, PACKET *pkt )
 {
     int result = 0;
 
-    print_failed_pkenc( c->failed_pkenc );
+    if (!opt.quiet) {
+        print_pkenc_list ( c->pkenc_list, 1 );
+        print_pkenc_list ( c->pkenc_list, 0 );
+    }
 
     write_status( STATUS_BEGIN_DECRYPTION );
 
@@ -321,19 +452,43 @@ proc_encrypted( CTX c, PACKET *pkt )
     if( opt.list_only )
 	result = -1;
     else if( !c->dek && !c->last_was_session_key ) {
-	/* assume this is old conventional encrypted data
-	 * Actually we should use IDEA and MD5 in this case, but because
-	 * IDEA is patented we can't do so */
-	c->dek = passphrase_to_dek( NULL, 0,
-		    opt.def_cipher_algo ? opt.def_cipher_algo
-					: DEFAULT_CIPHER_ALGO, NULL, 0 );
+        int algo;
+        STRING2KEY s2kbuf, *s2k = NULL;
+
+	/* assume this is old style conventional encrypted data */
+        if ( (algo = opt.def_cipher_algo))
+            log_info (_("assuming %s encrypted data\n"),
+                        cipher_algo_to_string(algo));
+        else if ( check_cipher_algo(CIPHER_ALGO_IDEA) ) {
+            algo = opt.def_cipher_algo;
+            if (!algo)
+                algo = opt.s2k_cipher_algo;
+	    idea_cipher_warn(1);
+            log_info (_("IDEA cipher unavailable, "
+                        "optimistically attempting to use %s instead\n"),
+                       cipher_algo_to_string(algo));
+        }
+        else {
+            algo = CIPHER_ALGO_IDEA;
+            if (!opt.def_digest_algo) {
+                /* If no digest is given we assume MD5 */
+                s2kbuf.mode = 0;
+                s2kbuf.hash_algo = DIGEST_ALGO_MD5;
+                s2k = &s2kbuf;
+            }
+            log_info (_("assuming %s encrypted data\n"), "IDEA");
+        }
+
+	c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL );
+        if (c->dek)
+            c->dek->algo_info_printed = 1;
     }
     else if( !c->dek )
-	result = GPGERR_NO_SECKEY;
+	result = G10ERR_NO_SECKEY;
     if( !result )
 	result = decrypt_data( c, pkt->pkt.encrypted, c->dek );
 
-    gcry_free(c->dek); c->dek = NULL;
+    m_free(c->dek); c->dek = NULL;
     if( result == -1 )
 	;
     else if( !result ) {
@@ -343,13 +498,13 @@ proc_encrypted( CTX c, PACKET *pkt )
 	if( pkt->pkt.encrypted->mdc_method )
 	    write_status( STATUS_GOODMDC );
     }
-    else if( result == GPGERR_BAD_SIGN ) {
+    else if( result == G10ERR_BAD_SIGN ) {
 	log_error(_("WARNING: encrypted message has been manipulated!\n"));
 	write_status( STATUS_BADMDC );
     }
     else {
 	write_status( STATUS_DECRYPTION_FAILED );
-	log_error(_("decryption failed: %s\n"), gpg_errstr(result));
+	log_error(_("decryption failed: %s\n"), g10_errstr(result));
 	/* Hmmm: does this work when we have encrypted using multiple
 	 * ways to specify the session key (symmmetric and PK)*/
     }
@@ -372,9 +527,7 @@ proc_plaintext( CTX c, PACKET *pkt )
     else if( opt.verbose )
 	log_info(_("original file name='%.*s'\n"), pt->namelen, pt->name);
     free_md_filter_context( &c->mfx );
-    c->mfx.md = gcry_md_open( 0, 0);
-    if( !c->mfx.md )
-	BUG();
+    c->mfx.md = md_open( 0, 0);
     /* fixme: we may need to push the textfilter if we have sigclass 1
      * and no armoring - Not yet tested
      * Hmmm, why don't we need it at all if we have sigclass 1
@@ -385,9 +538,9 @@ proc_plaintext( CTX c, PACKET *pkt )
     for(n=c->list; n; n = n->next ) {
 	if( n->pkt->pkttype == PKT_ONEPASS_SIG ) {
 	    if( n->pkt->pkt.onepass_sig->digest_algo ) {
-		gcry_md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
+		md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
 		if( !any && n->pkt->pkt.onepass_sig->digest_algo
-						      == GCRY_MD_MD5 )
+						      == DIGEST_ALGO_MD5 )
 		    only_md5 = 1;
 		else
 		    only_md5 = 0;
@@ -395,27 +548,31 @@ proc_plaintext( CTX c, PACKET *pkt )
 	    }
 	    if( n->pkt->pkt.onepass_sig->sig_class != 0x01 )
 		only_md5 = 0;
-
-	    /* Check whether this is a cleartext signature.  We assume that
-	     * we have one if the sig_class is 1 and the keyid is 0, that
-	     * are the faked packets produced by armor.c.  There is a
-	     * possibility that this fails, but there is no other easy way
-	     * to do it. (We could use a special packet type to indicate
-	     * this, but this may also be faked - it simply can't be verified
-	     * and is _no_ security issue)
-	     */
-	    if( n->pkt->pkt.onepass_sig->sig_class == 0x01
-		&& !n->pkt->pkt.onepass_sig->keyid[0]
-		&& !n->pkt->pkt.onepass_sig->keyid[1] )
-		clearsig = 1;
 	}
+	else if( n->pkt->pkttype == PKT_GPG_CONTROL
+                 && n->pkt->pkt.gpg_control->control
+                    == CTRLPKT_CLEARSIGN_START ) {
+            size_t datalen = n->pkt->pkt.gpg_control->datalen;
+            const byte *data = n->pkt->pkt.gpg_control->data;
+
+            /* check that we have at least the sigclass and one hash */
+            if ( datalen < 2 )
+                log_fatal("invalid control packet CTRLPKT_CLEARSIGN_START\n"); 
+            /* Note that we don't set the clearsig flag for not-dash-escaped
+             * documents */
+            clearsig = (*data == 0x01);
+            for( data++, datalen--; datalen; datalen--, data++ )
+                md_enable( c->mfx.md, *data );
+            any = 1;
+            break;  /* no pass signature pakets are expected */
+        }
     }
 
     if( !any && !opt.skip_verify ) {
 	/* no onepass sig packet: enable all standard algos */
-	gcry_md_enable( c->mfx.md, GCRY_MD_RMD160 );
-	gcry_md_enable( c->mfx.md, GCRY_MD_SHA1 );
-	gcry_md_enable( c->mfx.md, GCRY_MD_MD5 );
+	md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
+	md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
+	md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
     }
     if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) {
 	/* This is a kludge to work around a bug in pgp2.  It does only
@@ -423,25 +580,36 @@ proc_plaintext( CTX c, PACKET *pkt )
 	 * pgp mails we could see whether there is the signature packet
 	 * in front of the plaintext.  If someone needs this, send me a patch.
 	 */
-	c->mfx.md2 = gcry_md_open( GCRY_MD_MD5, 0);
-	if( !c->mfx.md2 )
-	    BUG();
+	c->mfx.md2 = md_open( DIGEST_ALGO_MD5, 0);
     }
     if ( DBG_HASHING ) {
-	gcry_md_start_debug( c->mfx.md, "verify" );
+	md_start_debug( c->mfx.md, "verify" );
 	if ( c->mfx.md2  )
-	    gcry_md_start_debug( c->mfx.md2, "verify2" );
+	    md_start_debug( c->mfx.md2, "verify2" );
     }
-    rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
-    if( rc == GPGERR_CREATE_FILE && !c->sigs_only) {
-	/* can't write output but we hash it anyway to
-	 * check the signature */
-	rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
+    if ( c->pipemode.op == 'B' )
+        rc = handle_plaintext( pt, &c->mfx, 1, 0 );
+    else {
+        rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
+        if( rc == G10ERR_CREATE_FILE && !c->sigs_only) {
+            /* can't write output but we hash it anyway to
+             * check the signature */
+            rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
+        }
     }
     if( rc )
-	log_error( "handle plaintext failed: %s\n", gpg_errstr(rc));
+	log_error( "handle plaintext failed: %s\n", g10_errstr(rc));
     free_packet(pkt);
     c->last_was_session_key = 0;
+
+    /* We add a marker control packet instead of the plaintext packet.
+     * This is so that we can later detect invalid packet sequences.
+     */
+    n = new_kbnode (create_gpg_control (CTRLPKT_PLAINTEXT_MARK, NULL, 0));
+    if (c->list)
+        add_kbnode (c->list, n);
+    else 
+        c->list = n;
 }
 
 
@@ -472,7 +640,7 @@ proc_compressed( CTX c, PACKET *pkt )
     else
 	rc = handle_compressed( c, zd, NULL, NULL );
     if( rc )
-	log_error("uncompressing failed: %s\n", gpg_errstr(rc));
+	log_error("uncompressing failed: %s\n", g10_errstr(rc));
     free_packet(pkt);
     c->last_was_session_key = 0;
 }
@@ -482,11 +650,15 @@ proc_compressed( CTX c, PACKET *pkt )
  * Returns: 0 = valid signature or an error code
  */
 static int
-do_check_sig( CTX c, KBNODE node, int *is_selfsig )
+do_check_sig( CTX c, KBNODE node, int *is_selfsig, int *is_expkey )
 {
     PKT_signature *sig;
-    GCRY_MD_HD md = NULL, md2 = NULL;
-    int algo, rc;
+    MD_HANDLE md = NULL, md2 = NULL;
+    int algo, rc, dum2;
+    u32 dummy;
+
+    if(!is_expkey)
+      is_expkey=&dum2;
 
     assert( node->pkt->pkttype == PKT_SIGNATURE );
     if( is_selfsig )
@@ -494,42 +666,35 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig )
     sig = node->pkt->pkt.signature;
 
     algo = sig->digest_algo;
-    if( (rc=openpgp_md_test_algo(algo)) )
+    if( (rc=check_digest_algo(algo)) )
 	return rc;
 
     if( sig->sig_class == 0x00 ) {
 	if( c->mfx.md )
-	    md = gcry_md_copy( c->mfx.md );
+	    md = md_copy( c->mfx.md );
 	else /* detached signature */
-	    md = gcry_md_open( 0, 0 ); /* signature_check() will enable the md*/
-	if( !md )
-	    BUG();
+	    md = md_open( 0, 0 ); /* signature_check() will enable the md*/
     }
     else if( sig->sig_class == 0x01 ) {
 	/* how do we know that we have to hash the (already hashed) text
 	 * in canonical mode ??? (calculating both modes???) */
 	if( c->mfx.md ) {
-	    md = gcry_md_copy( c->mfx.md );
-	    if( !md )
-		BUG();
-	    if( c->mfx.md2 ) {
-		md2 = gcry_md_copy( c->mfx.md2 );
-		if( !md2 )
-		    BUG();
-	    }
+	    md = md_copy( c->mfx.md );
+	    if( c->mfx.md2 )
+	       md2 = md_copy( c->mfx.md2 );
 	}
 	else { /* detached signature */
-	    log_debug("Do we really need this here?");
-	    md =  gcry_md_open( 0, 0 ); /* signature_check() will enable the md*/
-	    md2 = gcry_md_open( 0, 0 );
-	    if( !md || !md2 )
-		BUG();
+	  log_debug("Do we really need this here?");
+	    md = md_open( 0, 0 ); /* signature_check() will enable the md*/
+	    md2 = md_open( 0, 0 );
 	}
     }
     else if( (sig->sig_class&~3) == 0x10
 	     || sig->sig_class == 0x18
+             || sig->sig_class == 0x1f
 	     || sig->sig_class == 0x20
-	     || sig->sig_class == 0x30	) { /* classes 0x10..0x17,0x20,0x30 */
+	     || sig->sig_class == 0x28
+	     || sig->sig_class == 0x30	) { 
 	if( c->list->pkt->pkttype == PKT_PUBLIC_KEY
 	    || c->list->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
 	    return check_key_signature( c->list, node, is_selfsig );
@@ -537,21 +702,21 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig )
 	else if( sig->sig_class == 0x20 ) {
 	    log_info(_("standalone revocation - "
 		       "use \"gpg --import\" to apply\n"));
-	    return GPGERR_NOT_PROCESSED;
+	    return G10ERR_NOT_PROCESSED;
 	}
 	else {
 	    log_error("invalid root packet for sigclass %02x\n",
 							sig->sig_class);
-	    return GPGERR_SIG_CLASS;
+	    return G10ERR_SIG_CLASS;
 	}
     }
     else
-	return GPGERR_SIG_CLASS;
-    rc = signature_check( sig, md );
-    if( rc == GPGERR_BAD_SIGN && md2 )
-	rc = signature_check( sig, md2 );
-    gcry_md_close(md);
-    gcry_md_close(md2);
+	return G10ERR_SIG_CLASS;
+    rc = signature_check2( sig, md, &dummy, is_expkey );
+    if( rc == G10ERR_BAD_SIGN && md2 )
+	rc = signature_check2( sig, md2, &dummy, is_expkey );
+    md_close(md);
+    md_close(md2);
 
     return rc;
 }
@@ -567,8 +732,15 @@ print_userid( PACKET *pkt )
 	return;
     }
     if( opt.with_colons )
-	print_string( stdout,  pkt->pkt.user_id->name,
-				pkt->pkt.user_id->len, ':');
+      {
+	if(pkt->pkt.user_id->attrib_data)
+	  printf("%u %lu",
+		 pkt->pkt.user_id->numattribs,
+		 pkt->pkt.user_id->attrib_len);
+	else
+	  print_string( stdout,  pkt->pkt.user_id->name,
+			pkt->pkt.user_id->len, ':');
+      }
     else
 	print_utf8_string( stdout,  pkt->pkt.user_id->name,
 				     pkt->pkt.user_id->len );
@@ -576,51 +748,13 @@ print_userid( PACKET *pkt )
 
 
 static void
-print_fingerprint( PKT_public_key *pk, PKT_secret_key *sk )
-{
-    byte array[MAX_FINGERPRINT_LEN], *p;
-    size_t i, n;
-
-    if( sk )
-	fingerprint_from_sk( sk, array, &n );
-    else
-	fingerprint_from_pk( pk, array, &n );
-    p = array;
-    if( opt.with_colons ) {
-	printf("fpr:::::::::");
-	for(i=0; i < n ; i++, p++ )
-	    printf("%02X", *p );
-	putchar(':');
-    }
-    else {
-	printf("     Key fingerprint =");
-	if( n == 20 ) {
-	    for(i=0; i < n ; i++, i++, p += 2 ) {
-		if( i == 10 )
-		    putchar(' ');
-		printf(" %02X%02X", *p, p[1] );
-	    }
-	}
-	else {
-	    for(i=0; i < n ; i++, p++ ) {
-		if( i && !(i%8) )
-		    putchar(' ');
-		printf(" %02X", *p );
-	    }
-	}
-    }
-    putchar('\n');
-}
-
-static void
 print_notation_data( PKT_signature *sig )
 {
     size_t n, n1, n2;
     const byte *p;
     int seq = 0;
 
-    while( (p = enum_sig_subpkt( sig->hashed_data, SIGSUBPKT_NOTATION,
-				 &n, &seq )) ) {
+    while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,&n,&seq,NULL))) {
 	if( n < 8 ) {
 	    log_info(_("WARNING: invalid notation data found\n"));
 	    return;
@@ -639,14 +773,20 @@ print_notation_data( PKT_signature *sig )
 	putc( '=', log_stream() );
 	print_string( log_stream(), p+n1, n2, 0 );
 	putc( '\n', log_stream() );
+        write_status_buffer ( STATUS_NOTATION_NAME, p   , n1, 0 );
+        write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 50 );
     }
-    if( (p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_POLICY, &n ) )) {
+
+    seq=0;
+
+    while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_POLICY,&n,&seq,NULL))) {
 	log_info(_("Policy: ") );
 	print_string( log_stream(), p, n, 0 );
 	putc( '\n', log_stream() );
+        write_status_buffer ( STATUS_POLICY_URL, p, n, 0 );
     }
 
-    /* Now check wheter the key of this signature has some
+    /* Now check whether the key of this signature has some
      * notation data */
 
     /* TODO */
@@ -675,7 +815,7 @@ list_node( CTX c, KBNODE node )
 	    if( mainkey ) {
 		c->local_id = pk->local_id;
 		c->trustletter = opt.fast_list_mode?
-					   0 : query_trust_info( pk, NULL );
+					   0 : get_validity_info( pk, NULL );
 	    }
 	    printf("%s:", mainkey? "pub":"sub" );
 	    if( c->trustletter )
@@ -684,18 +824,18 @@ list_node( CTX c, KBNODE node )
 		    nbits_from_pk( pk ),
 		    pk->pubkey_algo,
 		    (ulong)keyid[0],(ulong)keyid[1],
-		    datestr_from_pk( pk ),
-		    pk->expiredate? strtimestamp(pk->expiredate):"" );
+		    colon_datestr_from_pk( pk ),
+		    colon_strtime (pk->expiredate) );
 	    if( c->local_id )
 		printf("%lu", c->local_id );
 	    putchar(':');
-	    if( c->local_id && !opt.fast_list_mode )
-		putchar( get_ownertrust_info( c->local_id ) );
+	    if( mainkey && !opt.fast_list_mode )
+                 putchar( get_ownertrust_info (pk) );
 	    putchar(':');
 	    if( node->next && node->next->pkt->pkttype == PKT_RING_TRUST) {
 		putchar('\n'); any=1;
 		if( opt.fingerprint )
-		    print_fingerprint( pk, NULL );
+		    print_fingerprint( pk, NULL, 0 );
 		printf("rtv:1:%u:\n",
 			    node->next->pkt->pkt.ring_trust->trustval );
 	    }
@@ -724,7 +864,8 @@ list_node( CTX c, KBNODE node )
 		else if( node->pkt->pkttype == PKT_USER_ID ) {
 		    if( any ) {
 			if( opt.with_colons )
-			    printf("uid:::::::::");
+			    printf("%s:::::::::",
+			      node->pkt->pkt.user_id->attrib_data?"uat":"uid");
 			else
 			    printf( "uid%*s", 28, "" );
 		    }
@@ -733,7 +874,7 @@ list_node( CTX c, KBNODE node )
 			putchar(':');
 		    putchar('\n');
 		    if( opt.fingerprint && !any )
-			print_fingerprint( pk, NULL );
+			print_fingerprint( pk, NULL, 0 );
 		    if( node->next
 			&& node->next->pkt->pkttype == PKT_RING_TRUST ) {
 			printf("rtv:2:%u:\n",
@@ -757,7 +898,7 @@ list_node( CTX c, KBNODE node )
 	if( !any )
 	    putchar('\n');
 	if( !mainkey && opt.fingerprint > 1 )
-	    print_fingerprint( pk, NULL );
+	    print_fingerprint( pk, NULL, 0 );
     }
     else if( (mainkey = (node->pkt->pkttype == PKT_SECRET_KEY) )
 	     || node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
@@ -771,8 +912,8 @@ list_node( CTX c, KBNODE node )
 		    nbits_from_sk( sk ),
 		    sk->pubkey_algo,
 		    (ulong)keyid[0],(ulong)keyid[1],
-		    datestr_from_sk( sk ),
-		    sk->expiredate? strtimestamp(sk->expiredate):""
+		    colon_datestr_from_sk( sk ),
+		    colon_strtime (sk->expiredate)
 		    /* fixme: add LID */ );
 	}
 	else
@@ -798,7 +939,8 @@ list_node( CTX c, KBNODE node )
 		else if( node->pkt->pkttype == PKT_USER_ID ) {
 		    if( any ) {
 			if( opt.with_colons )
-			    printf("uid:::::::::");
+			    printf("%s:::::::::",
+			      node->pkt->pkt.user_id->attrib_data?"uat":"uid");
 			else
 			    printf( "uid%*s", 28, "" );
 		    }
@@ -807,7 +949,7 @@ list_node( CTX c, KBNODE node )
 			putchar(':');
 		    putchar('\n');
 		    if( opt.fingerprint && !any )
-			print_fingerprint( NULL, sk );
+			print_fingerprint( NULL, sk, 0 );
 		    any=1;
 		}
 		else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
@@ -822,7 +964,7 @@ list_node( CTX c, KBNODE node )
 	if( !any )
 	    putchar('\n');
 	if( !mainkey && opt.fingerprint > 1 )
-	    print_fingerprint( NULL, sk );
+	    print_fingerprint( NULL, sk, 0 );
     }
     else if( node->pkt->pkttype == PKT_SIGNATURE  ) {
 	PKT_signature *sig = node->pkt->pkt.signature;
@@ -841,10 +983,11 @@ list_node( CTX c, KBNODE node )
 	    fputs("sig", stdout);
 	if( opt.check_sigs ) {
 	    fflush(stdout);
-	    switch( (rc2=do_check_sig( c, node, &is_selfsig )) ) {
+	    switch( (rc2=do_check_sig( c, node, &is_selfsig, NULL )) ) {
 	      case 0:		       sigrc = '!'; break;
-	      case GPGERR_BAD_SIGN:    sigrc = '-'; break;
-	      case GPGERR_NO_PUBKEY:   sigrc = '?'; break;
+	      case G10ERR_BAD_SIGN:    sigrc = '-'; break;
+	      case G10ERR_NO_PUBKEY: 
+	      case G10ERR_UNU_PUBKEY:  sigrc = '?'; break;
 	      default:		       sigrc = '%'; break;
 	    }
 	}
@@ -868,13 +1011,13 @@ list_node( CTX c, KBNODE node )
 		putchar(sigrc);
 	    printf("::%d:%08lX%08lX:%s::::", sig->pubkey_algo,
 					     (ulong)sig->keyid[0],
-		       (ulong)sig->keyid[1], datestr_from_sig(sig));
+		       (ulong)sig->keyid[1], colon_datestr_from_sig(sig));
 	}
 	else
 	    printf("%c       %08lX %s   ",
 		    sigrc, (ulong)sig->keyid[1], datestr_from_sig(sig));
 	if( sigrc == '%' )
-	    printf("[%s] ", gpg_errstr(rc2) );
+	    printf("[%s] ", g10_errstr(rc2) );
 	else if( sigrc == '?' )
 	    ;
 	else if( is_selfsig ) {
@@ -887,10 +1030,10 @@ list_node( CTX c, KBNODE node )
 	else if( !opt.fast_list_mode ) {
 	    p = get_user_id( sig->keyid, &n );
 	    print_string( stdout, p, n, opt.with_colons );
-	    gcry_free(p);
+	    m_free(p);
 	}
 	if( opt.with_colons )
-	    printf(":%02x:", sig->sig_class );
+	    printf(":%02x%c:", sig->sig_class, sig->flags.exportable?'x':'l');
 	putchar('\n');
     }
     else
@@ -903,11 +1046,11 @@ int
 proc_packets( void *anchor, IOBUF a )
 {
     int rc;
-    CTX c = gcry_xcalloc( 1, sizeof *c );
+    CTX c = m_alloc_clear( sizeof *c );
 
     c->anchor = anchor;
     rc = do_proc_packets( c, a );
-    gcry_free( c );
+    m_free( c );
     return rc;
 }
 
@@ -917,7 +1060,7 @@ int
 proc_signature_packets( void *anchor, IOBUF a,
 			STRLIST signedfiles, const char *sigfilename )
 {
-    CTX c = gcry_xcalloc( 1, sizeof *c );
+    CTX c = m_alloc_clear( sizeof *c );
     int rc;
 
     c->anchor = anchor;
@@ -925,20 +1068,20 @@ proc_signature_packets( void *anchor, IOBUF a,
     c->signed_data = signedfiles;
     c->sigfilename = sigfilename;
     rc = do_proc_packets( c, a );
-    gcry_free( c );
+    m_free( c );
     return rc;
 }
 
 int
 proc_encryption_packets( void *anchor, IOBUF a )
 {
-    CTX c = gcry_xcalloc( 1, sizeof *c );
+    CTX c = m_alloc_clear( sizeof *c );
     int rc;
 
     c->anchor = anchor;
     c->encrypt_only = 1;
     rc = do_proc_packets( c, a );
-    gcry_free( c );
+    m_free( c );
     return rc;
 }
 
@@ -946,18 +1089,20 @@ proc_encryption_packets( void *anchor, IOBUF a )
 int
 do_proc_packets( CTX c, IOBUF a )
 {
-    PACKET *pkt = gcry_xmalloc( sizeof *pkt );
+    PACKET *pkt = m_alloc( sizeof *pkt );
     int rc=0;
     int any_data=0;
     int newpkt;
 
     c->iobuf = a;
     init_packet(pkt);
-    while( (rc=parse_packet(a, pkt, NULL)) != -1 ) {
+    while( (rc=parse_packet(a, pkt)) != -1 ) {
 	any_data = 1;
 	if( rc ) {
 	    free_packet(pkt);
-	    if( rc == GPGERR_INVALID_PACKET )
+            /* stop processing hwne an invalid packet has been encountered
+             * but don't do so when we are doing a --list-packet. */
+	    if( rc == G10ERR_INVALID_PACKET && opt.list_packets != 2 )
 		break;
 	    continue;
 	}
@@ -981,12 +1126,14 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_PUBKEY_ENC:
 	      case PKT_ENCRYPTED:
 	      case PKT_ENCRYPTED_MDC:
-		rc = GPGERR_UNEXPECTED;
+                write_status_text( STATUS_UNEXPECTED, "0" );
+		rc = G10ERR_UNEXPECTED;
 		goto leave;
 	      case PKT_SIGNATURE:   newpkt = add_signature( c, pkt ); break;
 	      case PKT_PLAINTEXT:   proc_plaintext( c, pkt ); break;
 	      case PKT_COMPRESSED:  proc_compressed( c, pkt ); break;
 	      case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break;
+              case PKT_GPG_CONTROL: newpkt = add_gpg_control(c, pkt); break;
 	      default: newpkt = 0; break;
 	    }
 	}
@@ -995,7 +1142,8 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_PUBLIC_KEY:
 	      case PKT_SECRET_KEY:
 	      case PKT_USER_ID:
-		rc = GPGERR_UNEXPECTED;
+                write_status_text( STATUS_UNEXPECTED, "0" );
+		rc = G10ERR_UNEXPECTED;
 		goto leave;
 	      case PKT_SIGNATURE:   newpkt = add_signature( c, pkt ); break;
 	      case PKT_SYMKEY_ENC:  proc_symkey_enc( c, pkt ); break;
@@ -1005,6 +1153,7 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_PLAINTEXT:   proc_plaintext( c, pkt ); break;
 	      case PKT_COMPRESSED:  proc_compressed( c, pkt ); break;
 	      case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break;
+	      case PKT_GPG_CONTROL: newpkt = add_gpg_control(c, pkt); break;
 	      default: newpkt = 0; break;
 	    }
 	}
@@ -1029,23 +1178,38 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_PLAINTEXT:   proc_plaintext( c, pkt ); break;
 	      case PKT_COMPRESSED:  proc_compressed( c, pkt ); break;
 	      case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break;
+              case PKT_GPG_CONTROL: newpkt = add_gpg_control(c, pkt); break;
 	      case PKT_RING_TRUST:  newpkt = add_ring_trust( c, pkt ); break;
 	      default: newpkt = 0; break;
 	    }
 	}
-	if( pkt->pkttype != PKT_SIGNATURE )
+        /* This is a very ugly construct and frankly, I don't remember why
+         * I used it.  Adding the MDC check here is a hack.
+         * The right solution is to initiate another context for encrypted
+         * packet and not to reuse the current one ...  It works right
+         * when there is a compression packet inbetween which adds just
+         * an extra layer.
+         * Hmmm: Rewrite this whole module here?? 
+         */
+	if( pkt->pkttype != PKT_SIGNATURE && pkt->pkttype != PKT_MDC )
 	    c->have_data = pkt->pkttype == PKT_PLAINTEXT;
 
 	if( newpkt == -1 )
 	    ;
 	else if( newpkt ) {
-	    pkt = gcry_xmalloc( sizeof *pkt );
+	    pkt = m_alloc( sizeof *pkt );
 	    init_packet(pkt);
 	}
 	else
 	    free_packet(pkt);
+        if ( c->pipemode.stop_now ) {
+            /* we won't get an EOF in pipemode, so we have to 
+             * break the loop here */ 
+            rc = -1;
+            break;
+        }
     }
-    if( rc == GPGERR_INVALID_PACKET )
+    if( rc == G10ERR_INVALID_PACKET )
 	write_status_text( STATUS_NODATA, "3" );
     if( any_data )
 	rc = 0;
@@ -1055,9 +1219,9 @@ do_proc_packets( CTX c, IOBUF a )
 
   leave:
     release_list( c );
-    gcry_free(c->dek);
+    m_free(c->dek);
     free_packet( pkt );
-    gcry_free( pkt );
+    m_free( pkt );
     free_md_filter_context( &c->mfx );
     return rc;
 }
@@ -1068,76 +1232,190 @@ check_sig_and_print( CTX c, KBNODE node )
 {
     PKT_signature *sig = node->pkt->pkt.signature;
     const char *astr, *tstr;
-    int rc;
+    int rc, is_expkey=0;
 
     if( opt.skip_verify ) {
 	log_info(_("signature verification suppressed\n"));
 	return 0;
     }
 
+    /* It is not in all cases possible to check multiple signatures:
+     * PGP 2 (which is also allowed by OpenPGP), does use the packet
+     * sequence: sig+data,  OpenPGP does use onepas+data=sig and GnuPG
+     * sometimes uses (because I did'nt read the specs right) data+sig.
+     * Because it is possible to create multiple signatures with
+     * different packet sequence (e.g. data+sig and sig+data) it might
+     * not be possible to get it right:  let's say we have:
+     * data+sig, sig+data,sig+data and we have not yet encountered the last
+     * data, we could also see this a one data with 2 signatures and then 
+     * data+sig.
+     * To protect against this we check that all signatures follow
+     * without any intermediate packets.  Note, that we won't get this
+     * error when we use onepass packets or cleartext signatures because
+     * we reset the list every time
+     *
+     * FIXME: Now that we have these marker packets, we should create a 
+     * real grammar and check against this.
+     */
+    {
+        KBNODE n;
+        int n_sig=0;
+
+        for (n=c->list; n; n=n->next ) {
+            if ( n->pkt->pkttype == PKT_SIGNATURE ) 
+                n_sig++;
+        }
+        if (n_sig > 1) { /* more than one signature - check sequence */
+            int tmp, onepass;
+
+            for (tmp=onepass=0,n=c->list; n; n=n->next ) {
+                if (n->pkt->pkttype == PKT_ONEPASS_SIG) 
+                    onepass++;
+                else if (n->pkt->pkttype == PKT_GPG_CONTROL
+                         && n->pkt->pkt.gpg_control->control
+                            == CTRLPKT_CLEARSIGN_START ) {
+                    onepass++; /* handle the same way as a onepass */
+                }
+                else if ( (tmp && n->pkt->pkttype != PKT_SIGNATURE) ) {
+                    log_error(_("can't handle these multiple signatures\n"));
+                    return 0;
+                }
+                else if ( n->pkt->pkttype == PKT_SIGNATURE ) 
+                    tmp = 1;
+                else if (!tmp && !onepass 
+                         && n->pkt->pkttype == PKT_GPG_CONTROL
+                         && n->pkt->pkt.gpg_control->control
+                            == CTRLPKT_PLAINTEXT_MARK ) {
+                    /* plaintext before signatures but no one-pass packets*/
+                    log_error(_("can't handle these multiple signatures\n"));
+                    return 0;
+                }
+            }
+        }
+    }
+    
+
+
     tstr = asctimestamp(sig->timestamp);
-    astr = gcry_pk_algo_name( sig->pubkey_algo );
+    astr = pubkey_algo_to_string( sig->pubkey_algo );
     log_info(_("Signature made %.*s using %s key ID %08lX\n"),
 	    (int)strlen(tstr), tstr, astr? astr: "?", (ulong)sig->keyid[1] );
 
-    rc = do_check_sig(c, node, NULL );
-    if( rc == GPGERR_NO_PUBKEY && opt.keyserver_name && opt.auto_key_retrieve) {
-	if( !hkp_ask_import( sig->keyid ) )
-	    rc = do_check_sig(c, node, NULL );
+    rc = do_check_sig(c, node, NULL, &is_expkey );
+    if( rc == G10ERR_NO_PUBKEY && opt.keyserver_scheme && opt.keyserver_options.auto_key_retrieve) {
+	if( keyserver_import_keyid ( sig->keyid )==0 )
+	    rc = do_check_sig(c, node, NULL, &is_expkey );
     }
-    if( !rc || rc == GPGERR_BAD_SIGN ) {
+    if( !rc || rc == G10ERR_BAD_SIGN ) {
 	KBNODE un, keyblock;
-	char *us;
-	int count=0;
+	int count=0, statno;
+        char keyid_str[50];
+
+	if(rc)
+	  statno=STATUS_BADSIG;
+	else if(sig->flags.expired)
+	  statno=STATUS_EXPSIG;
+	else if(is_expkey)
+	  statno=STATUS_EXPKEYSIG;
+	else
+	  statno=STATUS_GOODSIG;
 
 	keyblock = get_pubkeyblock( sig->keyid );
 
-	us = get_long_user_id_string( sig->keyid );
-	write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, us );
-	gcry_free(us);
+        sprintf (keyid_str, "%08lX%08lX [uncertain] ",
+                 (ulong)sig->keyid[0], (ulong)sig->keyid[1]);
 
-	/* fixme: list only user ids which are valid and add information
-	 *	  about the trustworthiness of each user id, sort them.
-	 *	  Integrate this with check_signatures_trust(). */
+        /* find and print the primary user ID */
 	for( un=keyblock; un; un = un->next ) {
 	    if( un->pkt->pkttype != PKT_USER_ID )
 		continue;
-	    if( !count++ )
-		log_info(rc? _("BAD signature from \"")
-			   : _("Good signature from \""));
-	    else
-		log_info(    _("                aka \""));
+	    if ( !un->pkt->pkt.user_id->created )
+	        continue;
+            if ( un->pkt->pkt.user_id->is_revoked )
+                continue;
+            if ( !un->pkt->pkt.user_id->is_primary )
+                continue;
+            
+            keyid_str[17] = 0; /* cut off the "[uncertain]" part */
+            write_status_text_and_buffer (statno, keyid_str,
+                                          un->pkt->pkt.user_id->name,
+                                          un->pkt->pkt.user_id->len, 
+                                          -1 );
+
+            log_info(rc? _("BAD signature from \"")
+                       : sig->flags.expired ? _("Expired signature from \"")
+		       : _("Good signature from \""));
 	    print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
 					     un->pkt->pkt.user_id->len );
 	    fputs("\"\n", log_stream() );
-	    if( rc )
-		break; /* print only one id in this case */
+            count++;
 	}
 	if( !count ) {	/* just in case that we have no userid */
-	    log_info(rc? _("BAD signature from \"")
+            for( un=keyblock; un; un = un->next ) {
+                if( un->pkt->pkttype == PKT_USER_ID )
+                    break;
+            }
+
+            if (opt.always_trust || !un)
+                keyid_str[17] = 0; /* cut off the "[uncertain]" part */
+
+            write_status_text_and_buffer (statno, keyid_str,
+                                          un? un->pkt->pkt.user_id->name:"[?]",
+                                          un? un->pkt->pkt.user_id->len:3, 
+                                          -1 );
+
+            log_info(rc? _("BAD signature from \"")
+                       : sig->flags.expired ? _("Expired signature from \"")
 		       : _("Good signature from \""));
-	    fputs("[?]\"\n", log_stream() );
+            if (!opt.always_trust && un) {
+                fputs(_("[uncertain]"), log_stream() );
+                putc(' ', log_stream() );
+            }
+            print_utf8_string( log_stream(),
+                               un? un->pkt->pkt.user_id->name:"[?]",
+                               un? un->pkt->pkt.user_id->len:3 );
+	    fputs("\"\n", log_stream() );
+	}
+
+        /* If we have a good signature and already printed 
+         * the primary user ID, print all the other user IDs */
+        if ( count && !rc ) {
+            for( un=keyblock; un; un = un->next ) {
+                if( un->pkt->pkttype != PKT_USER_ID )
+                    continue;
+                if ( un->pkt->pkt.user_id->is_revoked )
+                    continue; 
+                if ( un->pkt->pkt.user_id->is_primary )
+                    continue;
+
+		log_info(    _("                aka \""));
+                print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
+                                                 un->pkt->pkt.user_id->len );
+                fputs("\"\n", log_stream() );
+            }
 	}
 	release_kbnode( keyblock );
+
 	if( !rc )
 	    print_notation_data( sig );
 
 	if( !rc && is_status_enabled() ) {
 	    /* print a status response with the fingerprint */
-	    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
+	    PKT_public_key *pk = m_alloc_clear( sizeof *pk );
 
 	    if( !get_pubkey( pk, sig->keyid ) ) {
 		byte array[MAX_FINGERPRINT_LEN], *p;
-		char buf[MAX_FINGERPRINT_LEN*2+61];
+		char buf[MAX_FINGERPRINT_LEN*2+72];
 		size_t i, n;
 
 		fingerprint_from_pk( pk, array, &n );
 		p = array;
 		for(i=0; i < n ; i++, p++ )
 		    sprintf(buf+2*i, "%02X", *p );
-		sprintf(buf+strlen(buf), " %s %lu",
+		sprintf(buf+strlen(buf), " %s %lu %lu",
 					 strtimestamp( sig->timestamp ),
-					 (ulong)sig->timestamp );
+					 (ulong)sig->timestamp,
+			                 (ulong)sig->expiredate );
 		write_status_text( STATUS_VALIDSIG, buf );
 	    }
 	    free_public_key( pk );
@@ -1145,10 +1423,19 @@ check_sig_and_print( CTX c, KBNODE node )
 
 	if( !rc )
 	    rc = check_signatures_trust( sig );
+
+	if(sig->flags.expired)
+	  {
+	    log_info("Signature expired %s\n",asctimestamp(sig->expiredate));
+	    rc=G10ERR_GENERAL; /* need a better error here? */
+	  }
+	else if(sig->expiredate)
+	  log_info("Signature expires %s\n",asctimestamp(sig->expiredate));
+
 	if( rc )
-	    gpg_errors_seen = 1;
+	    g10_errors_seen = 1;
 	if( opt.batch && rc )
-	    gpg_exit(1);
+	    g10_exit(1);
     }
     else {
 	char buf[50];
@@ -1157,12 +1444,12 @@ check_sig_and_print( CTX c, KBNODE node )
 		     sig->pubkey_algo, sig->digest_algo,
 		     sig->sig_class, (ulong)sig->timestamp, rc );
 	write_status_text( STATUS_ERRSIG, buf );
-	if( rc == GPGERR_NO_PUBKEY ) {
+	if( rc == G10ERR_NO_PUBKEY ) {
 	    buf[16] = 0;
 	    write_status_text( STATUS_NO_PUBKEY, buf );
 	}
-	if( rc != GPGERR_NOT_PROCESSED )
-	    log_error(_("Can't check signature: %s\n"), gpg_errstr(rc) );
+	if( rc != G10ERR_NOT_PROCESSED )
+	    log_error(_("Can't check signature: %s\n"), g10_errstr(rc) );
     }
     return rc;
 }
@@ -1180,6 +1467,18 @@ proc_tree( CTX c, KBNODE node )
     if( opt.list_packets || opt.list_only )
 	return;
 
+    /* we must skip our special plaintext marker packets here becuase
+       they may be the root packet.  These packets are only used in
+       addionla checks and skipping them here doesn't matter */
+    while ( node
+            && node->pkt->pkttype == PKT_GPG_CONTROL
+            && node->pkt->pkt.gpg_control->control
+                         == CTRLPKT_PLAINTEXT_MARK ) {
+        node = node->next;
+    }
+    if (!node)
+        return;
+
     c->local_id = 0;
     c->trustletter = ' ';
     if( node->pkt->pkttype == PKT_PUBLIC_KEY
@@ -1196,12 +1495,11 @@ proc_tree( CTX c, KBNODE node )
 	if( !c->have_data ) {
 	    free_md_filter_context( &c->mfx );
 	    /* prepare to create all requested message digests */
-	    if ( !(c->mfx.md = gcry_md_open(0, 0)) )
-		BUG();
+	    c->mfx.md = md_open(0, 0);
 
 	    /* fixme: why looking for the signature packet and not 1passpacket*/
 	    for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); ) {
-		gcry_md_enable( c->mfx.md, n1->pkt->pkt.signature->digest_algo);
+		md_enable( c->mfx.md, n1->pkt->pkt.signature->digest_algo);
 	    }
 	    /* ask for file and hash it */
 	    if( c->sigs_only ) {
@@ -1211,18 +1509,38 @@ proc_tree( CTX c, KBNODE node )
 	    }
 	    else {
 		rc = ask_for_detached_datafile( c->mfx.md, c->mfx.md2,
-						iobuf_get_fname(c->iobuf),
+						iobuf_get_real_fname(c->iobuf),
 			n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 );
 	    }
 	    if( rc ) {
-		log_error("can't hash datafile: %s\n", gpg_errstr(rc));
+		log_error("can't hash datafile: %s\n", g10_errstr(rc));
 		return;
 	    }
 	}
+        else if ( c->signed_data ) {
+            log_error (_("not a detached signature\n") );
+            return;
+        }
 
 	for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); )
 	    check_sig_and_print( c, n1 );
     }
+    else if( node->pkt->pkttype == PKT_GPG_CONTROL
+             && node->pkt->pkt.gpg_control->control
+                == CTRLPKT_CLEARSIGN_START ) {
+        /* clear text signed message */
+	if( !c->have_data ) {
+            log_error("cleartext signature without data\n" );
+            return;
+        }
+        else if ( c->signed_data ) {
+            log_error (_("not a detached signature\n") );
+            return;
+        }
+	
+	for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); )
+	    check_sig_and_print( c, n1 );
+    }
     else if( node->pkt->pkttype == PKT_SIGNATURE ) {
 	PKT_signature *sig = node->pkt->pkt.signature;
 
@@ -1232,26 +1550,20 @@ proc_tree( CTX c, KBNODE node )
 	else if( !c->have_data ) {
 	    /* detached signature */
 	    free_md_filter_context( &c->mfx );
-	    c->mfx.md = gcry_md_open(sig->digest_algo, 0);
-	    if ( !c->mfx.md )
-		BUG();
+	    c->mfx.md = md_open(sig->digest_algo, 0);
 	    if( !opt.pgp2_workarounds )
 		;
-	    else if( sig->digest_algo == GCRY_MD_MD5
+	    else if( sig->digest_algo == DIGEST_ALGO_MD5
 		     && is_RSA( sig->pubkey_algo ) ) {
 		/* enable a workaround for a pgp2 bug */
-		c->mfx.md2 = gcry_md_open( GCRY_MD_MD5, 0 );
-		if ( !c->mfx.md2 )
-		    BUG();
+		c->mfx.md2 = md_open( DIGEST_ALGO_MD5, 0 );
 	    }
-	    else if( sig->digest_algo == GCRY_MD_SHA1
-		     && sig->pubkey_algo == GCRY_PK_DSA
+	    else if( sig->digest_algo == DIGEST_ALGO_SHA1
+		     && sig->pubkey_algo == PUBKEY_ALGO_DSA
 		     && sig->sig_class == 0x01 ) {
 		/* enable the workaround also for pgp5 when the detached
 		 * signature has been created in textmode */
-		c->mfx.md2 = gcry_md_open( sig->digest_algo, 0 );
-		if ( !c->mfx.md2 )
-		    BUG();
+		c->mfx.md2 = md_open( sig->digest_algo, 0 );
 	    }
 	  #if 0 /* workaround disabled */
 	    /* Here we have another hack to work around a pgp 2 bug
@@ -1263,6 +1575,11 @@ proc_tree( CTX c, KBNODE node )
 	     */
 		    /*	c->mfx.md2? 0 :(sig->sig_class == 0x01) */
 	  #endif
+            if ( DBG_HASHING ) {
+                md_start_debug( c->mfx.md, "verify" );
+                if ( c->mfx.md2  )
+                    md_start_debug( c->mfx.md2, "verify2" );
+            }
 	    if( c->sigs_only ) {
 		rc = hash_datafiles( c->mfx.md, c->mfx.md2,
 				     c->signed_data, c->sigfilename,
@@ -1270,23 +1587,33 @@ proc_tree( CTX c, KBNODE node )
 	    }
 	    else {
 		rc = ask_for_detached_datafile( c->mfx.md, c->mfx.md2,
-						iobuf_get_fname(c->iobuf),
+						iobuf_get_real_fname(c->iobuf),
 						(sig->sig_class == 0x01) );
 	    }
 	    if( rc ) {
-		log_error("can't hash datafile: %s\n", gpg_errstr(rc));
+		log_error("can't hash datafile: %s\n", g10_errstr(rc));
 		return;
 	    }
 	}
-	else
+        else if ( c->signed_data ) {
+            log_error (_("not a detached signature\n") );
+            return;
+        }
+        else if ( c->pipemode.op == 'B' )
+            ; /* this is a detached signature trough the pipemode handler */
+	else if (!opt.quiet)
 	    log_info(_("old style (PGP 2.x) signature\n"));
 
-	check_sig_and_print( c, node );
+	for( n1 = node; n1; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )) )
+	    check_sig_and_print( c, n1 );
     }
-    else
+    else {
+        dump_kbnode (c->list);
 	log_error(_("invalid root packet detected in proc_tree()\n"));
-
+        dump_kbnode (node);
+    }
 }
 
 
 
+
diff --git a/g10/mdfilter.c b/g10/mdfilter.c
index c41ad857e..d6ccacecf 100644
--- a/g10/mdfilter.c
+++ b/g10/mdfilter.c
@@ -1,5 +1,5 @@
 /* mdfilter.c - filter data and calculate a message digest
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,9 +25,9 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "errors.h"
 #include "iobuf.h"
+#include "memory.h"
 #include "util.h"
 #include "filter.h"
 
@@ -50,9 +50,9 @@ md_filter( void *opaque, int control,
 	i = iobuf_read( a, buf, size );
 	if( i == -1 ) i = 0;
 	if( i ) {
-	    gcry_md_write(mfx->md, buf, i );
+	    md_write(mfx->md, buf, i );
 	    if( mfx->md2 )
-		gcry_md_write(mfx->md2, buf, i );
+		md_write(mfx->md2, buf, i );
 	}
 	else
 	    rc = -1; /* eof */
@@ -67,8 +67,8 @@ md_filter( void *opaque, int control,
 void
 free_md_filter_context( md_filter_context_t *mfx )
 {
-    gcry_md_close(mfx->md);
-    gcry_md_close(mfx->md2);
+    md_close(mfx->md);
+    md_close(mfx->md2);
     mfx->md = NULL;
     mfx->md2 = NULL;
     mfx->maxbuf_size = 0;
diff --git a/g10/misc.c b/g10/misc.c
index 2348e46f0..c2330d959 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -1,5 +1,5 @@
 /* misc.c -  miscellaneous functions
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -22,28 +22,44 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
 #include <errno.h>
+#ifdef HAVE_STAT
+#include <sys/stat.h>
+#endif
 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
   #include <asm/sysinfo.h>
   #include <asm/unistd.h>
 #endif
 #ifdef HAVE_SETRLIMIT
+  #include <time.h>
   #include <sys/time.h>
   #include <sys/resource.h>
 #endif
-#include <assert.h>
-
-#include <gcrypt.h>
 #include "util.h"
 #include "main.h"
+#include "photoid.h"
 #include "options.h"
 #include "i18n.h"
 
 
-#define MAX_EXTERN_MPI_BITS 16384
+const char *g10m_revision_string(int);
+const char *g10c_revision_string(int);
+const char *g10u_revision_string(int);
+
+#ifdef __GNUC__
+volatile
+#endif
+	 void
+pull_in_libs(void)
+{
+    g10m_revision_string(0);
+    g10c_revision_string(0);
+    g10u_revision_string(0);
+}
+
 
 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
-#warning using trap_unaligned
 static int
 setsysinfo(unsigned long op, void *buffer, unsigned long size,
 		     int *start, void *arg, unsigned long flag)
@@ -68,7 +84,6 @@ trap_unaligned(void)
 #endif
 
 
-
 int
 disable_core_dumps()
 {
@@ -91,166 +106,23 @@ disable_core_dumps()
 
 
 
-/****************
- * write an mpi to out.
- */
-int
-mpi_write( IOBUF out, MPI a )
-{
-    char buffer[(MAX_EXTERN_MPI_BITS+7)/8];
-    size_t nbytes;
-    int rc;
-
-    nbytes = (MAX_EXTERN_MPI_BITS+7)/8;
-    rc = gcry_mpi_print( GCRYMPI_FMT_PGP, buffer, &nbytes, a );
-    if( !rc )
-	rc = iobuf_write( out, buffer, nbytes );
-
-    return rc;
-}
-
-/****************
- * Writye a MPI to out, but in this case it is an opaque one,
- * s used vor v3 protected keys.
- */
-int
-mpi_write_opaque( IOBUF out, MPI a )
-{
-    size_t nbytes, nbits;
-    int rc;
-    char *p;
-
-    assert( gcry_mpi_get_flag( a, GCRYMPI_FLAG_OPAQUE ) );
-    p = gcry_mpi_get_opaque( a, &nbits );
-    nbytes = (nbits+7) / 8;
-    iobuf_put( out, nbits >> 8 );
-    iobuf_put( out, nbits );
-    rc = iobuf_write( out, p, nbytes );
-    return rc;
-}
-
-
-/****************
- * Read an external representation of an mpi and return the MPI
- * The external format is a 16 bit unsigned value stored in network byte order,
- * giving the number of bits for the following integer. The integer is stored
- * with MSB first (left padded with zeroes to align on a byte boundary).
- */
-MPI
-mpi_read(IOBUF inp, unsigned int *ret_nread, int secure)
+u16
+checksum_u16( unsigned n )
 {
-    int c, c1, c2, i;
-    unsigned int nbits, nbytes, nread=0;
-    MPI a = NULL;
-    byte *buf = NULL;
-    byte *p;
-
-    if( (c = c1 = iobuf_get(inp)) == -1 )
-	goto leave;
-    nbits = c << 8;
-    if( (c = c2 = iobuf_get(inp)) == -1 )
-	goto leave;
-    nbits |= c;
-    if( nbits > MAX_EXTERN_MPI_BITS ) {
-	log_error("mpi too large (%u bits)\n", nbits);
-	goto leave;
-    }
-    nread = 2;
-    nbytes = (nbits+7) / 8;
-    buf = secure? gcry_xmalloc_secure( nbytes+2 ) : gcry_xmalloc( nbytes+2 );
-    p = buf;
-    p[0] = c1;
-    p[1] = c2;
-    for( i=0 ; i < nbytes; i++ ) {
-	p[i+2] = iobuf_get(inp) & 0xff;
-	nread++;
-    }
-    nread += nbytes;
-    if( gcry_mpi_scan( &a, GCRYMPI_FMT_PGP, buf, &nread ) )
-	a = NULL;
-
-  leave:
-    gcry_free(buf);
-    if( nread > *ret_nread )
-	log_bug("mpi larger than packet");
-    else
-	*ret_nread = nread;
-    return a;
-}
+    u16 a;
 
-/****************
- * Same as mpi_read but the value is stored as an opaque MPI.
- * This function is used to read encrypted MPI of v3 packets.
- */
-GCRY_MPI
-mpi_read_opaque(IOBUF inp, unsigned *ret_nread )
-{
-    int c, c1, c2, i;
-    unsigned nbits, nbytes, nread=0;
-    GCRY_MPI a = NULL;
-    byte *buf = NULL;
-    byte *p;
-
-    if( (c = c1 = iobuf_get(inp)) == -1 )
-	goto leave;
-    nbits = c << 8;
-    if( (c = c2 = iobuf_get(inp)) == -1 )
-	goto leave;
-    nbits |= c;
-    if( nbits > MAX_EXTERN_MPI_BITS ) {
-	log_error("mpi too large (%u bits)\n", nbits);
-	goto leave;
-    }
-    nread = 2;
-    nbytes = (nbits+7) / 8;
-    buf = gcry_xmalloc( nbytes );
-    p = buf;
-    for( i=0 ; i < nbytes; i++ ) {
-	p[i] = iobuf_get(inp) & 0xff;
+    a  = (n >> 8) & 0xff;
+    if( opt.emulate_bugs & EMUBUG_GPGCHKSUM ) {
+       a |= n & 0xff;
+       log_debug("csum_u16 emulated for n=%u\n", n);
     }
-    nread += nbytes;
-    a = gcry_mpi_set_opaque(NULL, buf, nbits );
-    buf = NULL;
-
-  leave:
-    gcry_free(buf);
-    if( nread > *ret_nread )
-	log_bug("mpi larger than packet");
     else
-	*ret_nread = nread;
+       a += n & 0xff;
     return a;
 }
 
-
-int
-mpi_print( FILE *fp, MPI a, int mode )
-{
-    int n=0;
-
-    if( !a )
-	return fprintf(fp, "[MPI_NULL]");
-    if( !mode ) {
-	unsigned int n1;
-	n1 = gcry_mpi_get_nbits(a);
-	n += fprintf(fp, "[%u bits]", n1);
-    }
-    else {
-	int rc;
-	char *buffer;
-
-	rc = gcry_mpi_aprint( GCRYMPI_FMT_HEX, (void **)&buffer, NULL, a );
-	assert( !rc );
-	fputs( buffer, fp );
-	n += strlen(buffer);
-	gcry_free( buffer );
-    }
-    return n;
-}
-
-
-
-u16
-checksum_u16( unsigned n )
+static u16
+checksum_u16_nobug( unsigned n )
 {
     u16 a;
 
@@ -272,22 +144,47 @@ checksum( byte *p, unsigned n )
 u16
 checksum_mpi( MPI a )
 {
-    int rc;
     u16 csum;
     byte *buffer;
-    size_t nbytes;
-
-    rc = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, &nbytes, a );
-    assert( !rc );
-    /* fixme: for numbers not in the suecre memory we
-     * should use a stack based buffer and only allocate
-     * a larger one when the mpi_print return an error
+    unsigned nbytes;
+    unsigned nbits;
+
+    buffer = mpi_get_buffer( a, &nbytes, NULL );
+    /* some versions of gpg encode wrong values for the length of an mpi
+     * so that mpi_get_nbits() which counts the mpi yields another (shorter)
+     * value than the one store with the mpi.  mpi_get_nbit_info() returns
+     * this stored value if it is still available.
      */
-    buffer = gcry_is_secure(a)? gcry_xmalloc_secure(nbytes) : gcry_xmalloc(nbytes);
-    rc = gcry_mpi_print( GCRYMPI_FMT_PGP, buffer, &nbytes, a );
-    assert( !rc );
-    csum = checksum( buffer, nbytes );
-    gcry_free( buffer );
+
+    if( opt.emulate_bugs & EMUBUG_GPGCHKSUM )
+	nbits = 0;
+    else
+	nbits = mpi_get_nbit_info(a);
+    if( !nbits )
+       nbits = mpi_get_nbits(a);
+    csum = checksum_u16( nbits );
+    csum += checksum( buffer, nbytes );
+    m_free( buffer );
+    return csum;
+}
+
+/****************
+ * This is the correct function
+ */
+u16
+checksum_mpi_counted_nbits( MPI a )
+{
+    u16 csum;
+    byte *buffer;
+    unsigned nbytes;
+    unsigned nbits;
+
+    buffer = mpi_get_buffer( a, &nbytes, NULL );
+    nbits = mpi_get_nbits(a);
+    mpi_set_nbit_info(a,nbits);
+    csum = checksum_u16_nobug( nbits );
+    csum += checksum( buffer, nbytes );
+    m_free( buffer );
     return csum;
 }
 
@@ -327,11 +224,13 @@ print_cipher_algo_note( int algo )
 {
     if( algo >= 100 && algo <= 110 )
 	no_exp_algo();
-    else if(	algo == GCRY_CIPHER_3DES
-	     || algo == GCRY_CIPHER_CAST5
-	     || algo == GCRY_CIPHER_BLOWFISH
-             || algo == GCRY_CIPHER_RIJNDAEL
-	     || algo == GCRY_CIPHER_TWOFISH
+    else if(	algo == CIPHER_ALGO_3DES
+	     || algo == CIPHER_ALGO_CAST5
+	     || algo == CIPHER_ALGO_BLOWFISH
+	     || algo == CIPHER_ALGO_TWOFISH
+	     || algo == CIPHER_ALGO_RIJNDAEL
+	     || algo == CIPHER_ALGO_RIJNDAEL192
+	     || algo == CIPHER_ALGO_RIJNDAEL256
 	   )
 	;
     else {
@@ -339,7 +238,7 @@ print_cipher_algo_note( int algo )
 
 	if( !did_note ) {
 	    did_note = 1;
-	    log_info(_("this cipher algorithm is depreciated; "
+	    log_info(_("this cipher algorithm is deprecated; "
 		       "please use a more standard one!\n"));
 	}
     }
@@ -353,6 +252,32 @@ print_digest_algo_note( int algo )
 }
 
 
+/* Return a string which is used as a kind of process ID */
+const byte *
+get_session_marker( size_t *rlen )
+{
+    static byte marker[SIZEOF_UNSIGNED_LONG*2];
+    static int initialized;
+
+    if ( !initialized ) {
+        volatile ulong aa, bb; /* we really want the uninitialized value */
+        ulong a, b;
+
+        initialized = 1;
+        /* also this marker is guessable it is not easy to use this 
+         * for a faked control packet because an attacker does not
+         * have enough control about the time the verification does 
+         * take place.  Of course, we can add just more random but 
+         * than we need the random generator even for verification
+         * tasks - which does not make sense. */
+        a = aa ^ (ulong)getpid();
+        b = bb ^ (ulong)time(NULL);
+        memcpy( marker, &a, SIZEOF_UNSIGNED_LONG );
+        memcpy( marker+SIZEOF_UNSIGNED_LONG, &b, SIZEOF_UNSIGNED_LONG );
+    }
+    *rlen = sizeof(marker);
+    return marker;
+}
 
 /****************
  * Wrapper around the libgcrypt function with addional checks on
@@ -362,122 +287,405 @@ int
 openpgp_cipher_test_algo( int algo )
 {
     if( algo < 0 || algo > 110 )
-	return GCRYERR_INV_CIPHER_ALGO;
-    return gcry_cipher_test_algo(algo);
+        return G10ERR_CIPHER_ALGO;
+    return check_cipher_algo(algo);
 }
 
 int
 openpgp_pk_test_algo( int algo, unsigned int usage_flags )
 {
-    size_t n = usage_flags;
-
     if( algo < 0 || algo > 110 )
-	return GCRYERR_INV_PK_ALGO;
-    return gcry_pk_algo_info( algo, GCRYCTL_TEST_ALGO, NULL, &n );
+	return G10ERR_PUBKEY_ALGO;
+    return check_pubkey_algo2( algo, usage_flags );
 }
 
 int 
 openpgp_pk_algo_usage ( int algo )
 {
-    int usage = 0; 
+    int use = 0; 
     
-    /* some are hardwired */
+    /* they are hardwired in gpg 1.0 */
     switch ( algo ) {    
-      case GCRY_PK_RSA:
-          usage = GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR;
+      case PUBKEY_ALGO_RSA:
+          use = PUBKEY_USAGE_SIG | PUBKEY_USAGE_ENC;
           break;
-      case GCRY_PK_RSA_E:
-          usage = GCRY_PK_USAGE_ENCR;
+      case PUBKEY_ALGO_RSA_E:
+          use = PUBKEY_USAGE_ENC;
           break;
-      case GCRY_PK_RSA_S:
-          usage = GCRY_PK_USAGE_SIGN;
+      case PUBKEY_ALGO_RSA_S:
+          use = PUBKEY_USAGE_SIG;
           break;
-      case GCRY_PK_ELG_E:
-          usage = GCRY_PK_USAGE_ENCR;
+      case PUBKEY_ALGO_ELGAMAL_E:
+          use = PUBKEY_USAGE_ENC;
           break;
-      case GCRY_PK_DSA:  
-          usage = GCRY_PK_USAGE_SIGN;
+      case PUBKEY_ALGO_DSA:  
+          use = PUBKEY_USAGE_SIG;
           break;
-      case GCRY_PK_ELG:
-          usage = GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR;
+      case PUBKEY_ALGO_ELGAMAL:
+          use = PUBKEY_USAGE_SIG | PUBKEY_USAGE_ENC;
           break;
       default:
-          usage = gcry_pk_algo_info ( algo, GCRYCTL_GET_ALGO_USAGE,
-                                      NULL, NULL);
+          break;
     }
-    return usage;
-
+    return use;
 }
 
-
-
 int
 openpgp_md_test_algo( int algo )
 {
     if( algo < 0 || algo > 110 )
-	return GCRYERR_INV_MD_ALGO;
-    return gcry_md_test_algo(algo);
+        return G10ERR_DIGEST_ALGO;
+    return check_digest_algo(algo);
 }
 
-
 int
-pubkey_get_npkey( int algo )
+check_permissions(const char *path,int extension,int checkonly)
 {
-    int n = gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NPKEY, NULL, 0 );
-    return n > 0? n : 0;
+#if defined(HAVE_STAT) && !defined(HAVE_DOSISH_SYSTEM)
+  char *tmppath;
+  struct stat statbuf;
+  int ret=1;
+  int isdir=0;
+
+  if(opt.no_perm_warn)
+    return 0;
+
+  if(extension && path[0]!=DIRSEP_C)
+    {
+      if(strchr(path,DIRSEP_C))
+	tmppath=make_filename(path,NULL);
+      else
+	tmppath=make_filename(GNUPG_LIBDIR,path,NULL);
+    }
+  else
+    tmppath=m_strdup(path);
+
+  /* It's okay if the file doesn't exist */
+  if(stat(tmppath,&statbuf)!=0)
+    {
+      ret=0;
+      goto end;
+    }
+
+  isdir=S_ISDIR(statbuf.st_mode);
+
+  /* We may have to revisit this if we start piping keyrings to gpg
+     over a named pipe or keyserver character device :) */
+  if(!isdir && !S_ISREG(statbuf.st_mode))
+    {
+      ret=0;
+      goto end;
+    }
+
+  /* Per-user files must be owned by the user.  Extensions must be
+     owned by the user or root. */
+  if((!extension && statbuf.st_uid != getuid()) ||
+     (extension && statbuf.st_uid!=0 && statbuf.st_uid!=getuid()))
+    {
+      if(!checkonly)
+	log_info(_("Warning: unsafe ownership on %s \"%s\"\n"),
+		 isdir?"directory":extension?"extension":"file",path);
+      goto end;
+    }
+
+  /* This works for both directories and files - basically, we don't
+     care what the owner permissions are, so long as the group and
+     other permissions are 0 for per-user files, and non-writable for
+     extensions. */
+  if((extension && (statbuf.st_mode & (S_IWGRP|S_IWOTH)) !=0) ||
+     (!extension && (statbuf.st_mode & (S_IRWXG|S_IRWXO)) != 0))
+    {
+      char *dir;
+
+      /* However, if the directory the directory/file is in is owned
+         by the user and is 700, then this is not a problem.
+         Theoretically, we could walk this test up to the root
+         directory /, but for the sake of sanity, I'm stopping at one
+         level down. */
+
+      dir=make_dirname(tmppath);
+      if(stat(dir,&statbuf)==0 && statbuf.st_uid==getuid() &&
+	 S_ISDIR(statbuf.st_mode) && (statbuf.st_mode & (S_IRWXG|S_IRWXO))==0)
+	{
+	  m_free(dir);
+	  ret=0;
+	  goto end;
+	}
+
+      m_free(dir);
+
+      if(!checkonly)
+	log_info(_("Warning: unsafe permissions on %s \"%s\"\n"),
+		 isdir?"directory":extension?"extension":"file",path);
+      goto end;
+    }
+
+  ret=0;
+
+ end:
+  m_free(tmppath);
+
+  return ret;
+
+#endif /* HAVE_STAT && !HAVE_DOSISH_SYSTEM */
+
+  return 0;
 }
 
-int
-pubkey_get_nskey( int algo )
+/* Special warning for the IDEA cipher */
+void
+idea_cipher_warn(int show)
 {
-    int n = gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NSKEY, NULL, 0 );
-    return n > 0? n : 0;
+  static int warned=0;
+
+  if(!warned || show)
+    {
+      log_info(_("the IDEA cipher plugin is not present\n"));
+      log_info(_("please see http://www.gnupg.org/why-not-idea.html "
+		 "for more information\n"));
+      warned=1;
+    }
 }
 
-int
-pubkey_get_nsig( int algo )
+/* Expand %-strings.  Returns a string which must be m_freed.  Returns
+   NULL if the string cannot be expanded (too large). */
+char *
+pct_expando(const char *string,struct expando_args *args)
 {
-    int n = gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NSIGN, NULL, 0 );
-    return n > 0? n : 0;
+  const char *ch=string;
+  int idx=0,maxlen=0,done=0;
+  u32 pk_keyid[2]={0,0},sk_keyid[2]={0,0};
+  char *ret=NULL;
+
+  if(args->pk)
+    keyid_from_pk(args->pk,pk_keyid);
+
+  if(args->sk)
+    keyid_from_sk(args->sk,sk_keyid);
+
+  if(!args->pk && args->sk)
+    keyid_from_sk(args->sk,pk_keyid);
+
+  while(*ch!='\0')
+    {
+      char *str=NULL;
+
+      if(!done)
+	{
+	  /* 8192 is way bigger than we'll need here */
+	  if(maxlen>=8192)
+	    goto fail;
+
+	  maxlen+=1024;
+	  ret=m_realloc(ret,maxlen);
+	}
+
+      done=0;
+
+      if(*ch=='%')
+	{
+	  switch(*(ch+1))
+	    {
+	    case 's': /* short key id */
+	      if(idx+8<maxlen)
+		{
+		  sprintf(&ret[idx],"%08lX",(ulong)sk_keyid[1]);
+		  idx+=8;
+		  done=1;
+		}
+	      break;
+
+	    case 'S': /* long key id */
+	      if(idx+16<maxlen)
+		{
+		  sprintf(&ret[idx],"%08lX%08lX",
+			  (ulong)sk_keyid[0],(ulong)sk_keyid[1]);
+		  idx+=16;
+		  done=1;
+		}
+	      break;
+
+	    case 'k': /* short key id */
+	      if(idx+8<maxlen)
+		{
+		  sprintf(&ret[idx],"%08lX",(ulong)pk_keyid[1]);
+		  idx+=8;
+		  done=1;
+		}
+	      break;
+
+	    case 'K': /* long key id */
+	      if(idx+16<maxlen)
+		{
+		  sprintf(&ret[idx],"%08lX%08lX",
+			  (ulong)pk_keyid[0],(ulong)pk_keyid[1]);
+		  idx+=16;
+		  done=1;
+		}
+	      break;
+
+	    case 'f': /* fingerprint */
+	      {
+		byte array[MAX_FINGERPRINT_LEN];
+		size_t len;
+		int i;
+
+		if(args->pk)
+		  fingerprint_from_pk(args->pk,array,&len);
+		else
+		  memset(array,0,MAX_FINGERPRINT_LEN);
+
+		if(idx+(len*2)<maxlen)
+		  {
+		    for(i=0;i<len;i++)
+		      {
+			sprintf(&ret[idx],"%02X",array[i]);
+			idx+=2;
+		      }
+		    done=1;
+		  }
+	      }
+	      break;
+
+	    case 't': /* e.g. "jpg" */
+	      str=image_type_to_string(args->imagetype,0);
+	      /* fall through */
+
+	    case 'T': /* e.g. "image/jpeg" */
+	      if(str==NULL)
+		str=image_type_to_string(args->imagetype,2);
+
+	      if(idx+strlen(str)<maxlen)
+		{
+		  strcpy(&ret[idx],str);
+		  idx+=strlen(str);
+		  done=1;
+		}
+	      break;
+
+	    case '%':
+	      if(idx+1<maxlen)
+		{
+		  ret[idx++]='%';
+		  ret[idx]='\0';
+		  done=1;
+		}
+	      break;
+
+	      /* Any unknown %-keys (like %i, %o, %I, and %O) are
+		 passed through for later expansion.  Note this also
+		 handles the case where the last character in the
+		 string is a '%' - the terminating \0 will end up here
+		 and properly terminate the string. */
+	    default:
+	      if(idx+2<maxlen)
+		{
+		  ret[idx++]='%';
+		  ret[idx++]=*(ch+1);
+		  ret[idx]='\0';
+		  done=1;
+		}
+	      break;
+	      }
+
+	  if(done)
+	    ch++;
+	}
+      else
+	{
+	  if(idx+1<maxlen)
+	    {
+	      ret[idx++]=*ch;
+	      ret[idx]='\0';
+	      done=1;
+	    }
+	}
+
+      if(done)
+	ch++;
+    }
+
+  return ret;
+
+ fail:
+  m_free(ret);
+  return NULL;
 }
 
 int
-pubkey_get_nenc( int algo )
+hextobyte( const char *s )
 {
-    int n = gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NENCR, NULL, 0 );
-    return n > 0? n : 0;
+    int c;
+
+    if( *s >= '0' && *s <= '9' )
+	c = 16 * (*s - '0');
+    else if( *s >= 'A' && *s <= 'F' )
+	c = 16 * (10 + *s - 'A');
+    else if( *s >= 'a' && *s <= 'f' )
+	c = 16 * (10 + *s - 'a');
+    else
+	return -1;
+    s++;
+    if( *s >= '0' && *s <= '9' )
+	c += *s - '0';
+    else if( *s >= 'A' && *s <= 'F' )
+	c += 10 + *s - 'A';
+    else if( *s >= 'a' && *s <= 'f' )
+	c += 10 + *s - 'a';
+    else
+	return -1;
+    return c;
 }
 
-
-unsigned int
-pubkey_nbits( int algo, MPI *key )
+void
+deprecated_warning(const char *configname,unsigned int configlineno,
+		   const char *option,const char *repl1,const char *repl2)
 {
-    int rc, nbits;
-    GCRY_SEXP sexp;
+  if(configname)
+    {
+      if(strncmp("--",option,2)==0)
+	option+=2;
 
-    if( algo == GCRY_PK_DSA ) {
-	rc = gcry_sexp_build ( &sexp, NULL,
-			      "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
-				  key[0], key[1], key[2], key[3] );
-    }
-    else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
-	rc = gcry_sexp_build ( &sexp, NULL,
-			      "(public-key(elg(p%m)(g%m)(y%m)))",
-				  key[0], key[1], key[2] );
-    }
-    else if( algo == GCRY_PK_RSA ) {
-	rc = gcry_sexp_build ( &sexp, NULL,
-			      "(public-key(rsa(n%m)(e%m)))",
-				  key[0], key[1] );
+      if(strncmp("--",repl1,2)==0)
+	repl1+=2;
+
+      log_info(_("%s:%d: deprecated option \"%s\"\n"),
+	       configname,configlineno,option);
     }
-    else
-	return 0;
+  else
+    log_info(_("WARNING: \"%s\" is a deprecated option\n"),option);
+
+  log_info(_("please use \"%s%s\" instead\n"),repl1,repl2);
+}
+
+const char *
+compress_algo_to_string(int algo)
+{
+  const char *s="?";
 
-    if ( rc )
-	BUG ();
+  switch(algo)
+    {
+    case 0:
+      s="Uncompressed";
+      break;
 
-    nbits = gcry_pk_get_nbits( sexp );
-    gcry_sexp_release( sexp );
-    return nbits;
+    case 1:
+      s="ZIP";
+      break;
+
+    case 2:
+      s="ZLIB";
+      break;
+    }
+
+  return s;
 }
 
+int
+check_compress_algo(int algo)
+{
+  if(algo>=0 && algo<=2)
+    return 0;
+
+  return G10ERR_COMPR_ALGO;
+}
diff --git a/g10/mkdtemp.c b/g10/mkdtemp.c
new file mode 100644
index 000000000..0323486a3
--- /dev/null
+++ b/g10/mkdtemp.c
@@ -0,0 +1,98 @@
+/* mkdtemp.c - libc replacement function
+ * Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* This is a replacement function for mkdtemp in case the platform
+   we're building on (like mine!) doesn't have it. */
+
+#include <config.h>
+#include <string.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include "types.h"
+#include "cipher.h"
+
+#ifdef MKDIR_TAKES_ONE_ARG
+# undef mkdir
+# define mkdir(a,b) mkdir(a)
+#endif
+
+char *mkdtemp(char *template)
+{
+  int attempts,idx,count=0;
+  byte *ch;
+
+  idx=strlen(template);
+
+  /* Walk backwards to count all the Xes */
+  while(idx>0 && template[idx-1]=='X')
+    {
+      count++;
+      idx--;
+    }
+
+  if(count==0)
+    {
+      errno=EINVAL;
+      return NULL;
+    }
+
+  ch=&template[idx];
+
+  /* Try 4 times to make the temp directory */
+  for(attempts=0;attempts<4;attempts++)
+    {
+      int remaining=count;
+      char *marker=ch;
+      byte *randombits;
+
+      idx=0;
+
+      /* Using really random bits is probably overkill here.  The
+	 worst thing that can happen with a directory name collision
+	 is that the function will return an error. */
+
+      randombits=get_random_bits(4*remaining,0,0);
+
+      while(remaining>1)
+	{
+	  sprintf(marker,"%02X",randombits[idx++]);
+	  marker+=2;
+	  remaining-=2;
+	}
+
+      /* Any leftover Xes?  get_random_bits rounds up to full bytes,
+         so this is safe. */
+      if(remaining>0)
+	sprintf(marker,"%X",randombits[idx]&0xF);
+
+      m_free(randombits);
+
+      if(mkdir(template,0700)==0)
+	break;
+    }
+
+  if(attempts==4)
+    return NULL; /* keeps the errno from mkdir, whatever it is */
+
+  return template;
+}
diff --git a/g10/openfile.c b/g10/openfile.c
index 340cfd6fa..1bc4cf04c 100644
--- a/g10/openfile.c
+++ b/g10/openfile.c
@@ -1,5 +1,5 @@
 /* openfile.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -29,7 +29,7 @@
 #include <fcntl.h>
 #include <unistd.h>
 #include "util.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "ttyio.h"
 #include "options.h"
 #include "main.h"
@@ -39,11 +39,11 @@
 #ifdef USE_ONLY_8DOT3
   #define SKELEXT ".skl"
 #else
-  #define SKELEXT ".skel"
+  #define SKELEXT EXTSEP_S "skel"
 #endif
 
-#ifdef HAVE_DRIVE_LETTERS
-  #define CMP_FILENAME(a,b) stricmp( (a), (b) )
+#if defined (HAVE_DRIVE_LETTERS) || defined (__riscos__)
+  #define CMP_FILENAME(a,b) ascii_strcasecmp( (a), (b) )
 #else
   #define CMP_FILENAME(a,b) strcmp( (a), (b) )
 #endif
@@ -99,24 +99,23 @@ make_outfile_name( const char *iname )
     size_t n;
 
     if( (!iname || (*iname=='-' && !iname[1]) ))
-	return gcry_xstrdup("-");
+	return m_strdup("-");
 
     n = strlen(iname);
-    if( n > 4 && (    !CMP_FILENAME(iname+n-4,".gpg")
-		   || !CMP_FILENAME(iname+n-4,".pgp")
-		   || !CMP_FILENAME(iname+n-4,".sig")
-		   || !CMP_FILENAME(iname+n-4,".asc") ) ) {
-	char *buf = gcry_xstrdup( iname );
+    if( n > 4 && (    !CMP_FILENAME(iname+n-4, EXTSEP_S "gpg")
+		   || !CMP_FILENAME(iname+n-4, EXTSEP_S "pgp")
+		   || !CMP_FILENAME(iname+n-4, EXTSEP_S "sig")
+		   || !CMP_FILENAME(iname+n-4, EXTSEP_S "asc") ) ) {
+	char *buf = m_strdup( iname );
 	buf[n-4] = 0;
 	return buf;
     }
-    else if( n > 5 && !CMP_FILENAME(iname+n-5,".sign") ) {
-	char *buf = gcry_xstrdup( iname );
+    else if( n > 5 && !CMP_FILENAME(iname+n-5, EXTSEP_S "sign") ) {
+	char *buf = m_strdup( iname );
 	buf[n-5] = 0;
 	return buf;
     }
 
-
     log_info(_("%s: unknown suffix\n"), iname );
     return NULL;
 }
@@ -143,19 +142,21 @@ ask_outfile_name( const char *name, size_t namelen )
 
     n = strlen(s) + namelen + 10;
     defname = name && namelen? make_printable_string( name, namelen, 0): NULL;
-    prompt = gcry_xmalloc(n);
+    prompt = m_alloc(n);
     if( defname )
 	sprintf(prompt, "%s [%s]: ", s, defname );
     else
 	sprintf(prompt, "%s: ", s );
     fname = cpr_get("openfile.askoutname", prompt );
     cpr_kill_prompt();
-    gcry_free(prompt);
+    m_free(prompt);
     if( !*fname ) {
-	gcry_free( fname ); fname = NULL;
+	m_free( fname ); fname = NULL;
 	fname = defname; defname = NULL;
     }
-    gcry_free(defname);
+    m_free(defname);
+    if (fname)
+        trim_spaces (fname);
     return fname;
 }
 
@@ -177,7 +178,7 @@ open_outfile( const char *iname, int mode, IOBUF *a )
     if( (!iname || (*iname=='-' && !iname[1])) && !opt.outfile ) {
 	if( !(*a = iobuf_create(NULL)) ) {
 	    log_error(_("%s: can't open: %s\n"), "[stdout]", strerror(errno) );
-	    rc = GPGERR_CREATE_FILE;
+	    rc = G10ERR_CREATE_FILE;
 	}
 	else if( opt.verbose )
 	    log_info(_("writing to stdout\n"));
@@ -203,7 +204,7 @@ open_outfile( const char *iname, int mode, IOBUF *a )
 	    const char *newsfx = mode==1 ? ".asc" :
 				 mode==2 ? ".sig" : ".gpg";
 
-	    buf = gcry_xmalloc(strlen(iname)+4+1);
+	    buf = m_alloc(strlen(iname)+4+1);
 	    strcpy(buf,iname);
 	    dot = strchr(buf, '.' );
 	    if( dot && dot > buf && dot[1] && strlen(dot) <= 4
@@ -215,24 +216,34 @@ open_outfile( const char *iname, int mode, IOBUF *a )
 	    else
 		strcat( buf, newsfx );
 	  #else
-	    buf = gcry_xmalloc(strlen(iname)+4+1);
-	    strcpy(stpcpy(buf,iname), mode==1 ? ".asc" :
-				      mode==2 ? ".sig" : ".gpg");
+	    buf = m_alloc(strlen(iname)+4+1);
+	    strcpy(stpcpy(buf,iname), mode==1 ? EXTSEP_S "asc" :
+				      mode==2 ? EXTSEP_S "sig" : EXTSEP_S "gpg");
 	  #endif
 	    name = buf;
 	}
 
-	if( overwrite_filep( name ) ) {
+        rc = 0;
+	while( !overwrite_filep (name) ) {
+            char *tmp = ask_outfile_name (NULL, 0);
+            if ( !tmp || !*tmp ) {
+                m_free (tmp);
+                rc = G10ERR_FILE_EXISTS;
+                break;
+            }
+            m_free (buf);
+            name = buf = tmp;
+        }
+
+	if( !rc ) {
 	    if( !(*a = iobuf_create( name )) ) {
 		log_error(_("%s: can't create: %s\n"), name, strerror(errno) );
-		rc = GPGERR_CREATE_FILE;
+		rc = G10ERR_CREATE_FILE;
 	    }
 	    else if( opt.verbose )
 		log_info(_("writing to `%s'\n"), name );
 	}
-	else
-	    rc = GPGERR_FILE_EXISTS;
-	gcry_free(buf);
+	m_free(buf);
     }
     return rc;
 }
@@ -251,16 +262,16 @@ open_sigfile( const char *iname )
 
     if( iname && !(*iname == '-' && !iname[1]) ) {
 	len = strlen(iname);
-	if( len > 4 && ( !strcmp(iname + len - 4, ".sig")
-                        || ( len > 5 && !strcmp(iname + len - 5, ".sign") )
-			|| !strcmp(iname + len - 4, ".asc")) ) {
+	if( len > 4 && ( !strcmp(iname + len - 4, EXTSEP_S "sig")
+                        || ( len > 5 && !strcmp(iname + len - 5, EXTSEP_S "sign") )
+                        || !strcmp(iname + len - 4, EXTSEP_S "asc")) ) {
 	    char *buf;
-	    buf = gcry_xstrdup(iname);
-	    buf[len-4] = 0 ;
+	    buf = m_strdup(iname);
+	    buf[len-(buf[len-1]=='n'?5:4)] = 0 ;
 	    a = iobuf_open( buf );
-	    if( opt.verbose )
+	    if( a && opt.verbose )
 		log_info(_("assuming signed data in `%s'\n"), buf );
-	    gcry_free(buf);
+	    m_free(buf);
 	}
     }
     return a;
@@ -282,20 +293,20 @@ copy_options_file( const char *destdir )
     if( opt.dry_run )
 	return;
 
-    fname = gcry_xmalloc( strlen(datadir) + strlen(destdir) + 15 );
-    strcpy(stpcpy(fname, datadir), "/options" SKELEXT );
+    fname = m_alloc( strlen(datadir) + strlen(destdir) + 15 );
+    strcpy(stpcpy(fname, datadir), DIRSEP_S "options" SKELEXT );
     src = fopen( fname, "r" );
     if( !src ) {
 	log_error(_("%s: can't open: %s\n"), fname, strerror(errno) );
-	gcry_free(fname);
+	m_free(fname);
 	return;
     }
-    strcpy(stpcpy(fname, destdir), "/options" );
+    strcpy(stpcpy(fname, destdir), DIRSEP_S "options" );
     dst = fopen( fname, "w" );
     if( !dst ) {
 	log_error(_("%s: can't create: %s\n"), fname, strerror(errno) );
 	fclose( src );
-	gcry_free(fname);
+	m_free(fname);
 	return;
     }
 
@@ -310,7 +321,7 @@ copy_options_file( const char *destdir )
     fclose( dst );
     fclose( src );
     log_info(_("%s: new options file created\n"), fname );
-    gcry_free(fname);
+    m_free(fname);
 }
 
 
@@ -325,12 +336,12 @@ try_make_homedir( const char *fname )
      * To cope with HOME, we do compare only the suffix if we see that
      * the default homedir does start with a tilde.
      */
-    if( opt.dry_run )
+    if( opt.dry_run || opt.no_homedir_creation )
 	return;
 
     if ( ( *defhome == '~'
            && ( strlen(fname) >= strlen (defhome+1)
-                && !strcmp(fname+strlen(defhome+1)-strlen(defhome+1),
+                && !strcmp(fname+strlen(fname)-strlen(defhome+1),
                            defhome+1 ) ))
          || ( *defhome != '~'
               && !compare_filenames( fname, defhome ) )
@@ -343,9 +354,6 @@ try_make_homedir( const char *fname )
 	copy_options_file( fname );
 	log_info(_("you have to start GnuPG again, "
 		   "so it can read the new options file\n") );
-	gpg_exit(1);
+	g10_exit(1);
     }
 }
-
-
-
diff --git a/g10/options.h b/g10/options.h
index b7ef09fe7..74cebe575 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -1,5 +1,5 @@
 /* options.h
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -17,52 +17,82 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
-#ifndef GPG_OPTIONS_H
-#define GPG_OPTIONS_H
+#ifndef G10_OPTIONS_H
+#define G10_OPTIONS_H
 
 #include <types.h>
+#include "main.h"
+#include "packet.h"
 
 #undef ENABLE_COMMENT_PACKETS  /* don't create comment packets */
 
+#ifndef EXTERN_UNLESS_MAIN_MODULE
+/* Norcraft can't cope with common symbols */
+ #if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
+  #define EXTERN_UNLESS_MAIN_MODULE extern
+ #else
+  #define EXTERN_UNLESS_MAIN_MODULE 
+ #endif
+#endif
 
+EXTERN_UNLESS_MAIN_MODULE
 struct {
     int verbose;
     int quiet;
-    unsigned int debug;
+    unsigned debug;
     int armor;
     int compress;
     char *outfile;
     int dry_run;
     int list_only;
     int textmode;
+    int expert;
+    int ask_sig_expire;
+    int ask_cert_expire;
     int batch;	    /* run in batch mode */
     int answer_yes; /* answer yes on most questions */
     int answer_no;  /* answer no on most questions */
     int check_sigs; /* check key signatures */
     int with_colons;
     int with_key_data;
+    int with_fingerprint; /* opt --with-fingerprint active */
     int fingerprint; /* list fingerprints */
     int list_sigs;   /* list signatures */
     int no_armor;
-    int list_packets; /* list-packets mode */
+    int list_packets; /* list-packets mode: 1=normal, 2=invoked by command*/
     int def_cipher_algo;
     int force_v3_sigs;
+    int force_v4_certs;
     int force_mdc;
+    int disable_mdc;
     int def_digest_algo;
+    int cert_digest_algo;
     int def_compress_algo;
     const char *def_secret_key;
     char *def_recipient;
     int def_recipient_self;
-    int no_comment;
+    int def_cert_check_level;
+    int sk_comments;
     int no_version;
     int marginals_needed;
     int completes_needed;
     int max_cert_depth;
     const char *homedir;
+
+    char *display;      /* 5 options to be passed to the gpg-agent */
+    char *ttyname;     
+    char *ttytype;
+    char *lc_ctype;
+    char *lc_messages;
+
     int skip_verify;
     int compress_keys;
     int compress_sigs;
     int always_trust;
+    int pgp2;
+    int pgp6;
+    int pgp7; /* if we get any more of these, it's time to look at a
+		 special emulate_pgp variable... */
     int rfc1991;
     int rfc2440;
     int pgp2_workarounds;
@@ -71,33 +101,77 @@ struct {
     const char *set_filename;
     const char *comment_string;
     int throw_keyid;
+    int show_photos;
+    const char *photo_viewer;
     int s2k_mode;
     int s2k_digest_algo;
     int s2k_cipher_algo;
+    int simple_sk_checksum; /* create the deprecated rfc2440 secret
+                               key protection*/
     int not_dash_escaped;
     int escape_from;
     int lock_once;
-    const char *keyserver_name;
+    char *keyserver_scheme;
+    char *keyserver_host;
+    char *keyserver_port;
+    struct
+    {
+      int verbose;
+      int include_revoked;
+      int include_disabled;
+      int include_subkeys;
+      int honor_http_proxy;
+      int broken_http_proxy;
+      int use_temp_files;
+      int keep_temp_files;
+      int fake_v3_keyids;
+      int auto_key_retrieve;
+      STRLIST other;
+    } keyserver_options;
+    int exec_disable;
+    char *def_preference_list;
+    prefitem_t *personal_cipher_prefs,
+               *personal_digest_prefs,
+               *personal_compress_prefs;
+    int no_perm_warn;
+    char *temp_dir;
     int no_encrypt_to;
     int interactive;
-    STRLIST notation_data;
-    const char *set_policy_url;
+    STRLIST sig_notation_data;
+    STRLIST cert_notation_data;
+    int show_notation;
+    STRLIST sig_policy_url;
+    STRLIST cert_policy_url;
+    int show_policy_url;
     int use_embedded_filename;
     int allow_non_selfsigned_uid;
     int allow_freeform_uid;
     int no_literal;
     ulong set_filesize;
-    int honor_http_proxy;
     int fast_list_mode;
+    int fixed_list_mode;
     int ignore_time_conflict;
+    int ignore_valid_from;
+    int ignore_crc_error;
     int command_fd;
-    int auto_key_retrieve;
+    const char *override_session_key;
+    int show_session_key;
     int use_agent;
+    const char *gpg_agent_info;
     int merge_only;
     int try_all_secrets;
+    int no_expensive_trust_checks;
+    int no_sig_cache;
+    int no_sig_create_check;
+    int no_auto_check_trustdb;
+    int preserve_permissions;
+    int no_homedir_creation;
+    int show_keyring;
+    struct groupitem *grouplist;
 } opt;
 
 
+#define EMUBUG_GPGCHKSUM  1
 #define EMUBUG_3DESS2K	  2
 #define EMUBUG_MDENCODE   4
 
@@ -112,14 +186,15 @@ struct {
 #define DBG_MEMSTAT_VALUE 128	/* show memory statistics */
 #define DBG_TRUST_VALUE   256	/* debug the trustdb */
 #define DBG_HASHING_VALUE 512	/* debug hashing operations */
+#define DBG_EXTPROG_VALUE 1024  /* debug external program calls */
 
 
 #define DBG_PACKET (opt.debug & DBG_PACKET_VALUE)
 #define DBG_FILTER (opt.debug & DBG_FILTER_VALUE)
-#define DBG_MEMORY (opt.debug & DBG_MEMORY_VALUE)
 #define DBG_CACHE  (opt.debug & DBG_CACHE_VALUE)
 #define DBG_TRUST  (opt.debug & DBG_TRUST_VALUE)
-#define DBG_CIPHER (opt.debug & DBG_CIPHER_VALUE)
 #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE)
+#define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE)
+
 
-#endif /*GPG_OPTIONS_H*/
+#endif /*G10_OPTIONS_H*/
diff --git a/g10/options.skel b/g10/options.skel
index 646e0152b..93bcfcd57 100644
--- a/g10/options.skel
+++ b/g10/options.skel
@@ -2,6 +2,15 @@ These first three lines are not copied to the options file in
 the users home directory.
 $Id$
 # Options for GnuPG
+# Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+# 
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+# 
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 #
 # Unless you you specify which option file to use (with the
 # commandline option "--options filename"), GnuPG uses the
@@ -22,6 +31,7 @@ $Id$
 
 #default-key 621CC013
 
+
 # If you do not pass a recipient to gpg, it will ask for one.
 # Using this option you can encrypt to a default key.  key validation
 # will not be done in this case.
@@ -30,31 +40,32 @@ $Id$
 #default-recipient some-user-id
 #default-recipient-self
 
-
-# The next option is enabled because this one is needed for interoperation
-# with PGP 5 users.  To enable full OpenPGP compliance you have to remove
-# this option.
-
-force-v3-sigs
+# By default GnuPG creates version 3 signatures for data files.  This
+# is not OpenPGP compliant but PGP 6 requires them.  To disable it,
+# you may use this option or --openpgp.
+#no-force-v3-sigs
 
 # Because some mailers change lines starting with "From " to ">From "
 # it is good to handle such lines in a special way when creating
-# cleartext signatures; all other PGP versions it this way too.
-# To enable full OpenPGP compliance you have to remove this option.
-
-escape-from-lines
-
-# If you do not use the Latin-1 (ISO-8859-1) charset, you should
-# tell GnuPG which is the native character set.  Please check
-# the man page for supported character sets.
-#charset koi8-r
-
-
-# You may define aliases like this:
-#   alias mynames  -u 0x12345678 -u 0x456789ab -z 9
-# everytime you use --mynames, it will be expanded to the options
-# in the above defintion.  The name of the alias may not be abbreviated.
-# NOTE: This is not yet implemented
+# cleartext signatures; all other PGP versions do it this way too.
+# To enable full OpenPGP compliance you may want to use this option.
+#no-escape-from-lines
+
+# If you do not use the Latin-1 (ISO-8859-1) charset, you should tell
+# GnuPG which is the native character set.  Please check the man page
+# for supported character sets.  This character set is only used for
+# Meta data and not for the actual message which does not undergo any
+# translation.  Note that future version of GnuPG will change to UTF-8
+# as default character set.
+#charset utf-8
+
+# Group names may be defined like this:
+#   group mynames paige 0x12345678 joe patti
+#
+# Any time "mynames" is a receipient (-r or --recipient), it will be
+# expanded to the names "paige", "joe", and "patti", and the key ID
+# "0x12345678".  Note there is only one level of expansion - you
+# cannot make an group that points to another group.
 
 # lock the file only once for the lifetime of a process.
 # if you do not define this, the lock will be obtained and released
@@ -70,17 +81,122 @@ lock-once
 #load-extension rndunix
 #load-extension rndegd
 
+# GnuPG can send and receive keys to and from a keyserver.  These
+# servers can be HKP, email, or LDAP (if GnuPG is built with LDAP
+# support).
+#
+# Example HKP keyserver:
+#      x-hkp://keyserver.cryptnet.net
+#
+# Example email keyserver:
+#      mailto:[email protected]
+#
+# Example LDAP keyserver:
+#      ldap://pgp.surfnet.nl:11370
+#
+# Regular URL syntax applies, and you can set an alternate port
+# through the usual method:
+#      x-hkp://keyserver.example.net:22742
+#
+# If you have problems connecting to a HKP server through a buggy http
+# proxy, you can use keyserver option broken-http-proxy (see below),
+# but first you should make sure that you have read the man page
+# regarding proxies (keyserver option honor-http-proxy)
+#
+# Most users just set the name and type of their preferred keyserver.
+# Most servers do synchronize with each other and DNS round-robin may
+# give you a quasi-random server each time.
 
-# GnuPG can import a key from a HKP keyerver if one is missing
-# for sercain operations. Is you set this option to a keyserver
-# you will be asked in such a case whether GnuPG should try to
-# import the key from that server (server do syncronize with each
-# others and DNS Round-Robin may give you a random server each time).
-# Use "host -l pgp.net | grep www" to figure out a keyserver.
-#keyserver wwwkeys.eu.pgp.net
+#keyserver x-hkp://keyserver.cryptnet.net
+#keyserver mailto:[email protected]
+#keyserver ldap://pgp.surfnet.nl:11370
 
-# The environment variable http_proxy is only used when the
-# this option is set.
+# Options for keyserver functions
+#
+# include-disabled = when searching, include keys marked as "disabled"
+#                    on the keyserver (not all keyservers support this).
+#
+# include-revoked = when searching, include keys marked as "revoked"
+#                   on the keyserver.
+#
+# verbose = show more information as the keys are fetched.
+#           Can be used more than once to increase the amount
+#           of information shown.
+#
+# use-temp-files = use temporary files instead of a pipe to talk to the
+#                  keyserver.  Some platforms (Win32 for one) always
+#                  have this on.
+#
+# keep-temp-files = do not delete temporary files after using them
+#                   (really only useful for debugging)
+#
+# honor-http-proxy = if the keyserver uses HTTP, honor the http_proxy
+#                    environment variable
+#
+# broken-http-proxy = try to work around a buggy HTTP proxy
+#
+# auto-key-retrieve = automatically fetch keys as needed from the
+#                     keyserver when verifying signatures or when importing
+#                     keys that have been revoked by a revocation key that
+#                     is not present on the keyring.
+
+#keyserver-options auto-key-retrieve include-disabled include-revoked
 
-honor-http-proxy
+# Uncomment this line to display photo user IDs in key listings
+#show-photos
 
+# Use this program to display photo user IDs
+#
+# %i is expanded to a temporary file that contains the photo.
+# %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
+# %k is expanded to the key ID of the key.
+# %K is expanded to the long OpenPGP key ID of the key.
+# %t is expanded to the extension of the image (e.g. "jpg").
+# %T is expanded to the MIME type of the image (e.g. "image/jpeg").
+# %f is expanded to the fingerprint of the key.
+# %% is %, of course.
+#
+# If %i or %I are not present, then the photo is supplied to the
+# viewer on standard input.  If your platform supports it, standard
+# input is the best way to do this as it avoids the time and effort in
+# generating and then cleaning up a secure temp file.
+#
+# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"
+#
+# Some other viewers:
+# photo-viewer "qiv %i"
+# photo-viewer "ee %i"
+# photo-viewer "display -title 'KeyID 0x%k'"
+#
+# This one saves a copy of the photo ID in your home directory:
+# photo-viewer "cat > ~/photoid-for-key-%k.%t"
+#
+# Use your MIME handler to view photos:
+# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG"
+#
+# Use the Win32 registry to pick a viewer for you:
+#    On Win95/98/Me (also the default on Win32):
+# photo-viewer "start /w"
+#    On NT/2k/XP:
+# photo-viewer "cmd /c start /w"
+
+
+# Passphrase agent
+#
+# We support the old experimental passphrase agent protocol as well
+# as the new Assuan based one (currently available in the "newpg" package
+# at ftp.gnupg.org/gcrypt/alpha/aegypten/).  To make use of the agent, you have
+# to run an agent as daemon and use the option
+#
+# use-agent
+# 
+# which tries to use the agent but will fallback to the regular mode
+# if there is a problem connecting to the agent.  The normal way to
+# locate the agent is by looking at the environment variable
+# GPG_AGENT_INFO which should have been set during gpg-agent startup.
+# In certain situations the use of this variable is not possible, thus
+# the option
+# 
+# --gpg-agent-info=<path>:<pid>:1
+#
+# may be used to override it.
diff --git a/g10/packet.h b/g10/packet.h
index 2f7f16f8c..023680b9e 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -1,5 +1,5 @@
-/* packet.h - packet read/write stuff
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+/* packet.h - packet definitions
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -18,22 +18,15 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
-#ifndef GPG_PACKET_H
-#define GPG_PACKET_H
+#ifndef G10_PACKET_H
+#define G10_PACKET_H
 
 #include "types.h"
 #include "iobuf.h"
+#include "mpi.h"
+#include "cipher.h"
 #include "filter.h"
-
-#ifndef DID_MPI_TYPEDEF
-  typedef struct gcry_mpi *MPI;
-  #define DID_MPI_TYPEDEF
-#endif
-
-#define GNUPG_MAX_NPKEY  4
-#define GNUPG_MAX_NSKEY  6
-#define GNUPG_MAX_NSIG	 2
-#define GNUPG_MAX_NENC	 2
+#include "global.h"
 
 #define DEBUG_PARSE_PACKET 1
 
@@ -54,14 +47,34 @@ typedef enum {
 	PKT_USER_ID	  =13, /* user id packet */
 	PKT_PUBLIC_SUBKEY =14, /* public subkey (OpenPGP) */
 	PKT_OLD_COMMENT   =16, /* comment packet from an OpenPGP draft */
-	PKT_PHOTO_ID	  =17, /* PGP's photo ID */
+	PKT_ATTRIBUTE     =17, /* PGP's attribute packet */
 	PKT_ENCRYPTED_MDC =18, /* integrity protected encrypted data */
 	PKT_MDC 	  =19, /* manipulaion detection code packet */
 	PKT_COMMENT	  =61, /* new comment packet (private) */
+        PKT_GPG_CONTROL   =63  /* internal control packet */
 } pkttype_t;
 
 typedef struct packet_struct PACKET;
 
+/* PKT_GPG_CONTROL types */
+typedef enum {
+    CTRLPKT_CLEARSIGN_START = 1,
+    CTRLPKT_PIPEMODE = 2,
+    CTRLPKT_PLAINTEXT_MARK =3
+} ctrlpkttype_t;
+
+typedef enum {
+    PREFTYPE_NONE = 0,
+    PREFTYPE_SYM = 1,
+    PREFTYPE_HASH = 2,
+    PREFTYPE_ZIP = 3
+} preftype_t;
+
+typedef struct {
+    byte type; 
+    byte value;
+} prefitem_t;
+
 typedef struct {
     int  mode;
     byte hash_algo;
@@ -82,7 +95,7 @@ typedef struct {
     byte    version;
     byte    pubkey_algo;    /* algorithm used for public key scheme */
     byte    throw_keyid;
-    MPI     data[GNUPG_MAX_NENC];
+    MPI     data[PUBKEY_MAX_NENC];
 } PKT_pubkey_enc;
 
 
@@ -96,25 +109,74 @@ typedef struct {
 
 
 typedef struct {
+    size_t size;  /* allocated */
+    size_t len;   /* used */
+    byte data[1];
+} subpktarea_t;
+
+struct revocation_key {
+  byte class;
+  byte algid;
+  byte fpr[MAX_FINGERPRINT_LEN];
+};
+
+typedef struct {
     ulong   local_id;	    /* internal use, valid if > 0 */
     struct {
 	unsigned checked:1; /* signature has been checked */
 	unsigned valid:1;   /* signature is good (if checked is set) */
 	unsigned unknown_critical:1;
+        unsigned exportable:1;
+        unsigned revocable:1;
+        unsigned policy_url:1; /* Policy URL is present */
+        unsigned notation:1; /* At least one notation is present */
+        unsigned expired:1;
     } flags;
     u32     keyid[2];	    /* 64 bit keyid */
     u32     timestamp;	    /* signature made */
+    u32     expiredate;     /* expires at this date or 0 if not at all */
     byte    version;
     byte    sig_class;	    /* sig classification, append for MD calculation*/
     byte    pubkey_algo;    /* algorithm used for public key scheme */
-			    /* (GCRY_PK_xxx) */
-    byte digest_algo;	    /* algorithm used for digest (DIGEST_ALGO_xxxx) */
-    byte *hashed_data;	    /* all subpackets with hashed  data (v4 only) */
-    byte *unhashed_data;    /* ditto for unhashed data */
+			    /* (PUBKEY_ALGO_xxx) */
+    byte    digest_algo;    /* algorithm used for digest (DIGEST_ALGO_xxxx) */
+    struct revocation_key **revkey;
+    int numrevkeys;
+    subpktarea_t *hashed;    /* all subpackets with hashed  data (v4 only) */
+    subpktarea_t *unhashed;  /* ditto for unhashed data */
     byte digest_start[2];   /* first 2 bytes of the digest */
-    MPI  data[GNUPG_MAX_NSIG];
+    MPI  data[PUBKEY_MAX_NSIG];
 } PKT_signature;
 
+#define ATTRIB_IMAGE 1
+
+/* This is the cooked form of attributes */
+struct user_attribute {
+  byte type;
+  const byte *data;
+  unsigned long len;
+};
+
+typedef struct {
+    int ref;              /* reference counter */
+    int len;		  /* length of the name */
+    struct user_attribute *attribs;
+    int numattribs;
+    byte *attrib_data;    /* if this is not NULL, the packet is an attribute */
+    unsigned long attrib_len;
+    int help_key_usage;
+    u32 help_key_expire;
+    int is_primary;
+    int is_revoked;
+    int is_expired;
+    u32 expiredate;       /* expires at this date or 0 if not at all */
+    prefitem_t *prefs;    /* list of preferences (may be NULL)*/
+    int mdc_feature;
+    u32 created;          /* according to the self-signature */
+    byte selfsigversion;
+    char name[1];
+} PKT_user_id;
+
 
 /****************
  * Note about the pkey/skey elements:  We assume that the secret keys
@@ -125,31 +187,38 @@ typedef struct {
 typedef struct {
     u32     timestamp;	    /* key made */
     u32     expiredate;     /* expires at this date or 0 if not at all */
+    u32     max_expiredate; /* must not expire past this date */
     byte    hdrbytes;	    /* number of header bytes */
     byte    version;
+    byte    selfsigversion; /* highest version of all of the self-sigs */
     byte    pubkey_algo;    /* algorithm used for public key scheme */
-    byte    pubkey_usage;   /* the actual allowed usage as set by getkey() */
-    u32     created;        /* according to the self-signature */
+    byte    pubkey_usage;   /* for now only used to pass it to getkey() */
     byte    req_usage;      /* hack to pass a request to getkey() */
     byte    req_algo;       /* Ditto */
     u32     has_expired;    /* set to the expiration date if expired */ 
     int     is_revoked;     /* key has been revoked */
     int     is_valid;       /* key (especially subkey) is valid */
+    int     dont_cache;     /* do not cache this */
     ulong   local_id;	    /* internal use, valid if > 0 */
     u32     main_keyid[2];  /* keyid of the primary key */
     u32     keyid[2];	    /* calculated by keyid_from_pk() */
+    prefitem_t *prefs;      /* list of preferences (may be NULL) */
+    int     mdc_feature;    /* mdc feature set */
     byte    *namehash;	    /* if != NULL: found by this name */
-    MPI     pkey[GNUPG_MAX_NPKEY];
+    PKT_user_id *user_id;   /* if != NULL: found by that uid */
+    struct revocation_key *revkey;
+    int     numrevkeys;
+    MPI     pkey[PUBKEY_MAX_NPKEY];
 } PKT_public_key;
 
 typedef struct {
     u32     timestamp;	    /* key made */
     u32     expiredate;     /* expires at this date or 0 if not at all */
+    u32     max_expiredate; /* must not expire past this date */
     byte    hdrbytes;	    /* number of header bytes */
     byte    version;
     byte    pubkey_algo;    /* algorithm used for public key scheme */
     byte    pubkey_usage;
-    u32     created;        /* according to the self-signature */
     byte    req_usage;
     byte    req_algo;
     u32     has_expired;    /* set to the expiration date if expired */ 
@@ -164,11 +233,12 @@ typedef struct {
 			/* and should never be passed to a mpi_xxx() */
     struct {
 	byte algo;  /* cipher used to protect the secret information*/
+        byte sha1chk;  /* SHA1 is used instead of a 16 bit checksum */ 
 	STRING2KEY s2k;
 	byte ivlen;  /* used length of the iv */
 	byte iv[16]; /* initialization vector for CFB mode */
     } protect;
-    MPI skey[GNUPG_MAX_NSKEY];
+    MPI skey[PUBKEY_MAX_NSKEY];
     u16 csum;		/* checksum */
 } PKT_secret_key;
 
@@ -179,19 +249,6 @@ typedef struct {
 } PKT_comment;
 
 typedef struct {
-    ulong stored_at;	  /* the stream offset where it was stored
-			   * by build-packet */
-    int  len;		  /* length of the name */
-    char *photo;	  /* if this is not NULL, the packet is a photo ID */
-    int photolen;	  /* and the length of the photo */
-    int help_key_usage;
-    u32 help_key_expire;
-    int is_primary;
-    u32 created;          /* according to the self-signature */
-    char name[1];
-} PKT_user_id;
-
-typedef struct {
     u32  len;		  /* reserved */
     byte  new_ctb;
     byte  algorithm;
@@ -200,6 +257,7 @@ typedef struct {
 
 typedef struct {
     u32  len;		  /* length of encrypted data */
+    int  extralen;        /* this is (blocksize+2) */
     byte new_ctb;	  /* uses a new CTB */
     byte mdc_method;	  /* > 0: integrity protected encrypted data packet */
     IOBUF buf;		  /* IOBUF reference */
@@ -211,18 +269,25 @@ typedef struct {
 
 typedef struct {
     unsigned int trustval;
+    unsigned int sigcache;
 } PKT_ring_trust;
 
 typedef struct {
     u32  len;		  /* length of encrypted data */
     IOBUF buf;		  /* IOBUF reference */
     byte new_ctb;
+    byte is_partial;      /* partial length encoded */
     int mode;
     u32 timestamp;
     int  namelen;
     char name[1];
 } PKT_plaintext;
 
+typedef struct {
+    int  control;
+    size_t datalen;
+    char data[1];
+} PKT_gpg_control;
 
 /* combine all packets into a union */
 struct packet_struct {
@@ -242,6 +307,7 @@ struct packet_struct {
 	PKT_mdc 	*mdc;		/* PKT_MDC */
 	PKT_ring_trust	*ring_trust;	/* PKT_RING_TRUST */
 	PKT_plaintext	*plaintext;	/* PKT_PLAINTEXT */
+        PKT_gpg_control *gpg_control;   /* PKT_GPG_CONTROL */
     } pkt;
 };
 
@@ -276,7 +342,7 @@ typedef enum {
     SIGSUBPKT_SIGNERS_UID  =28, /* signer's user id */
     SIGSUBPKT_REVOC_REASON =29, /* reason for revocation */
     SIGSUBPKT_FEATURES     =30, /* feature flags */
-    SIGSUBPKT_PRIV_ADD_SIG =101,/* signatur is also valid for this uid */
+    SIGSUBPKT_PRIV_VERIFY_CACHE =101, /* cache verification result (obsolete)*/
 
     SIGSUBPKT_FLAG_CRITICAL=128
 } sigsubpkttype_t;
@@ -293,39 +359,62 @@ int list_packets( IOBUF a );
 int set_packet_list_mode( int mode );
 
 #if DEBUG_PARSE_PACKET
-int dbg_search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos, const char* file, int lineno  );
-int dbg_parse_packet( IOBUF inp, PACKET *ret_pkt, ulong *pos,
+int dbg_search_packet( IOBUF inp, PACKET *pkt, off_t *retpos, int with_uid,
+                       const char* file, int lineno  );
+int dbg_parse_packet( IOBUF inp, PACKET *ret_pkt,
                       const char* file, int lineno );
-int dbg_copy_all_packets( IOBUF inp, IOBUF out, const char* file, int lineno  );
-int dbg_copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff, const char* file, int lineno  );
-int dbg_skip_some_packets( IOBUF inp, unsigned n, const char* file, int lineno	);
-#define search_packet( a,b,c,d )   dbg_search_packet( (a), (b), (c), (d), __FILE__, __LINE__ )
-#define parse_packet( a, b, c )	   dbg_parse_packet( (a), (b), (c), __FILE__, __LINE__ )
-#define copy_all_packets( a,b )    dbg_copy_all_packets((a),(b), __FILE__, __LINE__ )
-#define copy_some_packets( a,b,c ) dbg_copy_some_packets((a),(b),(c), __FILE__, __LINE__ )
-#define skip_some_packets( a,b )   dbg_skip_some_packets((a),(b), __FILE__, __LINE__ )
+int dbg_copy_all_packets( IOBUF inp, IOBUF out,
+                          const char* file, int lineno  );
+int dbg_copy_some_packets( IOBUF inp, IOBUF out, off_t stopoff,
+                           const char* file, int lineno  );
+int dbg_skip_some_packets( IOBUF inp, unsigned n,
+                           const char* file, int lineno	);
+#define search_packet( a,b,c,d )   \
+             dbg_search_packet( (a), (b), (c), (d), __FILE__, __LINE__ )
+#define parse_packet( a, b )  \
+	     dbg_parse_packet( (a), (b), __FILE__, __LINE__ )
+#define copy_all_packets( a,b )  \
+             dbg_copy_all_packets((a),(b), __FILE__, __LINE__ )
+#define copy_some_packets( a,b,c ) \
+             dbg_copy_some_packets((a),(b),(c), __FILE__, __LINE__ )
+#define skip_some_packets( a,b ) \
+             dbg_skip_some_packets((a),(b), __FILE__, __LINE__ )
 #else
-int search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos );
-int parse_packet( IOBUF inp, PACKET *ret_pkt, ulong *retpos);
+int search_packet( IOBUF inp, PACKET *pkt, off_t *retpos, int with_uid );
+int parse_packet( IOBUF inp, PACKET *ret_pkt);
 int copy_all_packets( IOBUF inp, IOBUF out );
-int copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff );
+int copy_some_packets( IOBUF inp, IOBUF out, off_t stopoff );
 int skip_some_packets( IOBUF inp, unsigned n );
 #endif
 
-const byte *enum_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype,
-					      size_t *ret_n, int *start );
-const byte *parse_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype,
-				       size_t *ret_n );
-const byte *parse_sig_subpkt2( PKT_signature *sig,
-			       sigsubpkttype_t reqtype, size_t *ret_n );
+const byte *enum_sig_subpkt ( const subpktarea_t *subpkts,
+                              sigsubpkttype_t reqtype,
+                              size_t *ret_n, int *start, int *critical );
+const byte *parse_sig_subpkt ( const subpktarea_t *buffer,
+                               sigsubpkttype_t reqtype,
+                               size_t *ret_n );
+const byte *parse_sig_subpkt2 ( PKT_signature *sig,
+                                sigsubpkttype_t reqtype,
+                                size_t *ret_n );
+int parse_one_sig_subpkt( const byte *buffer, size_t n, int type );
+void parse_revkeys(PKT_signature *sig);
+int parse_attribute_subpkts(PKT_user_id *uid);
+void make_attribute_uidname(PKT_user_id *uid);
+PACKET *create_gpg_control ( ctrlpkttype_t type,
+                             const byte *data,
+                             size_t datalen );
 
 /*-- build-packet.c --*/
 int build_packet( IOBUF inp, PACKET *pkt );
 u32 calc_packet_length( PACKET *pkt );
-void hash_public_key( GCRY_MD_HD md, PKT_public_key *pk );
+void hash_public_key( MD_HANDLE md, PKT_public_key *pk );
 void build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type,
 			const byte *buffer, size_t buflen );
 void build_sig_subpkt_from_sig( PKT_signature *sig );
+int  delete_sig_subpkt(subpktarea_t *buffer, sigsubpkttype_t type );
+void build_attribute_subpkt(PKT_user_id *uid,byte type,
+			    const void *buf,int buflen,
+			    const void *header,int headerlen);
 
 /*-- free-packet.c --*/
 void free_symkey_enc( PKT_symkey_enc *enc );
@@ -336,18 +425,16 @@ void release_public_key_parts( PKT_public_key *pk );
 void free_public_key( PKT_public_key *key );
 void release_secret_key_parts( PKT_secret_key *sk );
 void free_secret_key( PKT_secret_key *sk );
+void free_attributes(PKT_user_id *uid);
 void free_user_id( PKT_user_id *uid );
 void free_comment( PKT_comment *rem );
 void free_packet( PACKET *pkt );
+prefitem_t *copy_prefs (const prefitem_t *prefs);
 PKT_public_key *copy_public_key( PKT_public_key *d, PKT_public_key *s );
-PKT_public_key *copy_public_key_new_namehash( PKT_public_key *d,
-					      PKT_public_key *s,
-					      const byte *namehash );
-void copy_public_parts_to_secret_key( PKT_public_key *pk,
-                                      PKT_secret_key *sk );
+void copy_public_parts_to_secret_key( PKT_public_key *pk, PKT_secret_key *sk );
 PKT_secret_key *copy_secret_key( PKT_secret_key *d, PKT_secret_key *s );
 PKT_signature *copy_signature( PKT_signature *d, PKT_signature *s );
-PKT_user_id *copy_user_id( PKT_user_id *d, PKT_user_id *s );
+PKT_user_id *scopy_user_id (PKT_user_id *sd );
 int cmp_public_keys( PKT_public_key *a, PKT_public_key *b );
 int cmp_secret_keys( PKT_secret_key *a, PKT_secret_key *b );
 int cmp_signatures( PKT_signature *a, PKT_signature *b );
@@ -356,7 +443,9 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b );
 
 
 /*-- sig-check.c --*/
-int signature_check( PKT_signature *sig, GCRY_MD_HD digest );
+int signature_check( PKT_signature *sig, MD_HANDLE digest );
+int signature_check2( PKT_signature *sig, MD_HANDLE digest,
+		      u32 *r_expiredate, int *r_expired );
 
 /*-- seckey-cert.c --*/
 int is_secret_key_protected( PKT_secret_key *sk );
@@ -365,6 +454,7 @@ int protect_secret_key( PKT_secret_key *sk, DEK *dek );
 
 /*-- pubkey-enc.c --*/
 int get_session_key( PKT_pubkey_enc *k, DEK *dek );
+int get_override_session_key( DEK *dek, const char *string );
 
 /*-- compress.c --*/
 int handle_compressed( void *ctx, PKT_compressed *cd,
@@ -376,7 +466,7 @@ int decrypt_data( void *ctx, PKT_encrypted *ed, DEK *dek );
 /*-- plaintext.c --*/
 int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 					int nooutput, int clearsig );
-int ask_for_detached_datafile( GCRY_MD_HD md, GCRY_MD_HD md2,
+int ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
 			       const char *inname, int textmode );
 
 /*-- comment.c --*/
@@ -385,12 +475,19 @@ int write_comment( IOBUF out, const char *s );
 /*-- sign.c --*/
 int make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
 			PKT_user_id *uid, PKT_public_key *subpk,
-			PKT_secret_key *sk,
-			int sigclass, int digest_algo,
+			PKT_secret_key *sk, int sigclass, int digest_algo,
+			int sigversion, u32 timestamp, u32 duration,
 			int (*mksubpkt)(PKT_signature *, void *),
 			void *opaque  );
+int update_keysig_packet( PKT_signature **ret_sig,
+                      PKT_signature *orig_sig,
+                      PKT_public_key *pk,
+                      PKT_user_id *uid, 
+                      PKT_secret_key *sk,
+                      int (*mksubpkt)(PKT_signature *, void *),
+                      void *opaque   );
 
 /*-- keygen.c --*/
 PKT_user_id *generate_user_id(void);
 
-#endif /*GPG_PACKET_H*/
+#endif /*G10_PACKET_H*/
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 691be6662..d57659b6b 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -1,5 +1,5 @@
 /* parse-packet.c  - read packets
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -24,11 +24,14 @@
 #include <string.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "packet.h"
 #include "iobuf.h"
+#include "mpi.h"
 #include "util.h"
+#include "cipher.h"
+#include "memory.h"
 #include "filter.h"
+#include "photoid.h"
 #include "options.h"
 #include "main.h"
 #include "i18n.h"
@@ -36,8 +39,8 @@
 static int mpi_print_mode = 0;
 static int list_mode = 0;
 
-static int  parse( IOBUF inp, PACKET *pkt, int reqtype,
-		   ulong *retpos, int *skip, IOBUF out, int do_skip
+static int  parse( IOBUF inp, PACKET *pkt, int onlykeypkts,
+                  off_t *retpos, int *skip, IOBUF out, int do_skip
 	    #ifdef DEBUG_PARSE_PACKET
 		   ,const char *dbg_w, const char *dbg_f, int dbg_l
 	    #endif
@@ -59,7 +62,7 @@ static int  parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 				      byte *hdr, int hdrlen, PACKET *packet );
 static int  parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen,
 							   PACKET *packet );
-static int  parse_photo_id( IOBUF inp, int pkttype, unsigned long pktlen,
+static int  parse_attribute( IOBUF inp, int pkttype, unsigned long pktlen,
 							   PACKET *packet );
 static int  parse_comment( IOBUF inp, int pkttype, unsigned long pktlen,
 							   PACKET *packet );
@@ -73,6 +76,8 @@ static int  parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
 					       PACKET *packet, int new_ctb);
 static int  parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
 					       PACKET *packet, int new_ctb);
+static int  parse_gpg_control( IOBUF inp, int pkttype, unsigned long pktlen,
+                               PACKET *packet );
 
 static unsigned short
 read_16(IOBUF inp)
@@ -100,7 +105,7 @@ set_packet_list_mode( int mode )
 {
     int old = list_mode;
     list_mode = mode;
-    mpi_print_mode = (opt.debug & DBG_MPI_VALUE);
+    mpi_print_mode = DBG_MPI;
     return old;
 }
 
@@ -127,53 +132,51 @@ unknown_pubkey_warning( int algo )
  */
 #ifdef DEBUG_PARSE_PACKET
 int
-dbg_parse_packet( IOBUF inp, PACKET *pkt, ulong *retpos,
-                  const char *dbg_f, int dbg_l )
+dbg_parse_packet( IOBUF inp, PACKET *pkt, const char *dbg_f, int dbg_l )
 {
     int skip, rc;
 
     do {
-	rc = parse( inp, pkt, 0, retpos,
-                    &skip, NULL, 0, "parse", dbg_f, dbg_l );
+	rc = parse( inp, pkt, 0, NULL, &skip, NULL, 0, "parse", dbg_f, dbg_l );
     } while( skip );
     return rc;
 }
 #else
 int
-parse_packet( IOBUF inp, PACKET *pkt, ulong *retpos )
+parse_packet( IOBUF inp, PACKET *pkt )
 {
     int skip, rc;
 
     do {
-	rc = parse( inp, pkt, 0, retpos, &skip, NULL, 0 );
+	rc = parse( inp, pkt, 0, NULL, &skip, NULL, 0 );
     } while( skip );
     return rc;
 }
 #endif
 
 /****************
- * Like parse packet, but only return packets of the given type.
+ * Like parse packet, but only return secret or public (sub)key packets.
  */
 #ifdef DEBUG_PARSE_PACKET
 int
-dbg_search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos,
+dbg_search_packet( IOBUF inp, PACKET *pkt, off_t *retpos, int with_uid,
 		   const char *dbg_f, int dbg_l )
 {
     int skip, rc;
 
     do {
-	rc = parse( inp, pkt, pkttype, retpos, &skip, NULL, 0, "search", dbg_f, dbg_l );
+	rc = parse( inp, pkt, with_uid?2:1, retpos, &skip, NULL, 0, "search", dbg_f, dbg_l );
     } while( skip );
     return rc;
 }
 #else
 int
-search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos )
+search_packet( IOBUF inp, PACKET *pkt, off_t *retpos, int with_uid )
 {
     int skip, rc;
 
     do {
-	rc = parse( inp, pkt, pkttype, retpos, &skip, NULL, 0 );
+	rc = parse( inp, pkt, with_uid?2:1, retpos, &skip, NULL, 0 );
     } while( skip );
     return rc;
 }
@@ -213,7 +216,7 @@ copy_all_packets( IOBUF inp, IOBUF out )
  */
 #ifdef DEBUG_PARSE_PACKET
 int
-dbg_copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff,
+dbg_copy_some_packets( IOBUF inp, IOBUF out, off_t stopoff,
 		   const char *dbg_f, int dbg_l )
 {
     PACKET pkt;
@@ -228,7 +231,7 @@ dbg_copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff,
 }
 #else
 int
-copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff )
+copy_some_packets( IOBUF inp, IOBUF out, off_t stopoff )
 {
     PACKET pkt;
     int skip, rc=0;
@@ -275,14 +278,14 @@ skip_some_packets( IOBUF inp, unsigned n )
 
 
 /****************
- * Parse packet. Set the variable skip points to to 1 if the packet
- * should be skipped; this is the case if either there is a
- * requested packet type and the parsed packet doesn't match or the
+ * Parse packet. Set the variable skip points to 1 if the packet
+ * should be skipped; this is the case if either ONLYKEYPKTS is set
+ * and the parsed packet isn't one or the
  * packet-type is 0, indicating deleted stuff.
  * if OUT is not NULL, a special copymode is used.
  */
 static int
-parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
+parse( IOBUF inp, PACKET *pkt, int onlykeypkts, off_t *retpos,
        int *skip, IOBUF out, int do_skip
 #ifdef DEBUG_PARSE_PACKET
        ,const char *dbg_w, const char *dbg_f, int dbg_l
@@ -294,6 +297,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
     byte hdr[8];
     int hdrlen;
     int new_ctb = 0;
+    int with_uid = (onlykeypkts == 2);
 
     *skip = 0;
     assert( !pkt->pkt.generic );
@@ -307,9 +311,8 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
     hdrlen=0;
     hdr[hdrlen++] = ctb;
     if( !(ctb & 0x80) ) {
-	log_error("%s: invalid packet (ctb=%02x) near %lu\n",
-			    iobuf_where(inp), ctb, iobuf_tell(inp) );
-	rc = GPGERR_INVALID_PACKET;
+        log_error("%s: invalid packet (ctb=%02x)\n", iobuf_where(inp), ctb );
+	rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     pktlen = 0;
@@ -318,7 +321,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
 	pkttype =  ctb & 0x3f;
 	if( (c = iobuf_get(inp)) == -1 ) {
 	    log_error("%s: 1st length byte missing\n", iobuf_where(inp) );
-	    rc = GPGERR_INVALID_PACKET;
+	    rc = G10ERR_INVALID_PACKET;
 	    goto leave;
 	}
 	hdr[hdrlen++] = c;
@@ -328,7 +331,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
 	    pktlen = (c - 192) * 256;
 	    if( (c = iobuf_get(inp)) == -1 ) {
 		log_error("%s: 2nd length byte missing\n", iobuf_where(inp) );
-		rc = GPGERR_INVALID_PACKET;
+		rc = G10ERR_INVALID_PACKET;
 		goto leave;
 	    }
 	    hdr[hdrlen++] = c;
@@ -340,7 +343,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
 	    pktlen |= (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 8;
 	    if( (c = iobuf_get(inp)) == -1 ) {
 		log_error("%s: 4 byte length invalid\n", iobuf_where(inp) );
-		rc = GPGERR_INVALID_PACKET;
+		rc = G10ERR_INVALID_PACKET;
 		goto leave;
 	    }
 	    pktlen |= (hdr[hdrlen++] = c );
@@ -366,15 +369,30 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
 	}
     }
 
+    if (pktlen == 0xffffffff) {
+        /* with a some probability this is caused by a problem in the
+         * the uncompressing layer - in some error cases it just loops
+         * and spits out 0xff bytes. */
+        log_error ("%s: garbled packet detected\n", iobuf_where(inp) );
+	g10_exit (2);
+    }
+
     if( out && pkttype	) {
 	if( iobuf_write( out, hdr, hdrlen ) == -1 )
-	    rc = GPGERR_WRITE_FILE;
+	    rc = G10ERR_WRITE_FILE;
 	else
 	    rc = copy_packet(inp, out, pkttype, pktlen );
 	goto leave;
     }
 
-    if( do_skip || !pkttype || (reqtype && pkttype != reqtype) ) {
+    if (with_uid && pkttype == PKT_USER_ID)
+        ;
+    else if( do_skip 
+        || !pkttype
+        || (onlykeypkts && pkttype != PKT_PUBLIC_SUBKEY
+                        && pkttype != PKT_PUBLIC_KEY
+                        && pkttype != PKT_SECRET_SUBKEY
+                        && pkttype != PKT_SECRET_KEY  ) ) {
 	skip_rest(inp, pktlen);
 	*skip = 1;
 	rc = 0;
@@ -392,16 +410,16 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
       #endif
     }
     pkt->pkttype = pkttype;
-    rc = GPGERR_UNKNOWN_PACKET; /* default error */
+    rc = G10ERR_UNKNOWN_PACKET; /* default error */
     switch( pkttype ) {
       case PKT_PUBLIC_KEY:
       case PKT_PUBLIC_SUBKEY:
-	pkt->pkt.public_key = gcry_xcalloc( 1,sizeof *pkt->pkt.public_key );
+	pkt->pkt.public_key = m_alloc_clear(sizeof *pkt->pkt.public_key );
 	rc = parse_key(inp, pkttype, pktlen, hdr, hdrlen, pkt );
 	break;
       case PKT_SECRET_KEY:
       case PKT_SECRET_SUBKEY:
-	pkt->pkt.secret_key = gcry_xcalloc( 1,sizeof *pkt->pkt.secret_key );
+	pkt->pkt.secret_key = m_alloc_clear(sizeof *pkt->pkt.secret_key );
 	rc = parse_key(inp, pkttype, pktlen, hdr, hdrlen, pkt );
 	break;
       case PKT_SYMKEY_ENC:
@@ -411,19 +429,19 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
 	rc = parse_pubkeyenc(inp, pkttype, pktlen, pkt );
 	break;
       case PKT_SIGNATURE:
-	pkt->pkt.signature = gcry_xcalloc( 1,sizeof *pkt->pkt.signature );
+	pkt->pkt.signature = m_alloc_clear(sizeof *pkt->pkt.signature );
 	rc = parse_signature(inp, pkttype, pktlen, pkt->pkt.signature );
 	break;
       case PKT_ONEPASS_SIG:
-	pkt->pkt.onepass_sig = gcry_xcalloc( 1,sizeof *pkt->pkt.onepass_sig );
+	pkt->pkt.onepass_sig = m_alloc_clear(sizeof *pkt->pkt.onepass_sig );
 	rc = parse_onepass_sig(inp, pkttype, pktlen, pkt->pkt.onepass_sig );
 	break;
       case PKT_USER_ID:
 	rc = parse_user_id(inp, pkttype, pktlen, pkt );
 	break;
-      case PKT_PHOTO_ID:
-	pkt->pkttype = pkttype = PKT_USER_ID;  /* must fix it */
-	rc = parse_photo_id(inp, pkttype, pktlen, pkt);
+      case PKT_ATTRIBUTE:
+	pkt->pkttype = pkttype = PKT_USER_ID;  /* we store it in the userID */
+	rc = parse_attribute(inp, pkttype, pktlen, pkt);
 	break;
       case PKT_OLD_COMMENT:
       case PKT_COMMENT:
@@ -446,6 +464,9 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
       case PKT_MDC:
 	rc = parse_mdc(inp, pkttype, pktlen, pkt, new_ctb );
 	break;
+      case PKT_GPG_CONTROL:
+        rc = parse_gpg_control(inp, pkttype, pktlen, pkt );
+        break;
       default:
 	skip_packet(inp, pkttype, pktlen);
 	break;
@@ -453,7 +474,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
 
   leave:
     if( !rc && iobuf_error(inp) )
-	rc = GPGERR_INV_KEYRING;
+	rc = G10ERR_INV_KEYRING;
     return rc;
 }
 
@@ -483,23 +504,23 @@ copy_packet( IOBUF inp, IOBUF out, int pkttype, unsigned long pktlen )
     if( iobuf_in_block_mode(inp) ) {
 	while( (n = iobuf_read( inp, buf, 100 )) != -1 )
 	    if( iobuf_write(out, buf, n ) )
-		return GPGERR_WRITE_FILE; /* write error */
+		return G10ERR_WRITE_FILE; /* write error */
     }
     else if( !pktlen && pkttype == PKT_COMPRESSED ) {
 	log_debug("copy_packet: compressed!\n");
 	/* compressed packet, copy till EOF */
 	while( (n = iobuf_read( inp, buf, 100 )) != -1 )
 	    if( iobuf_write(out, buf, n ) )
-		return GPGERR_WRITE_FILE; /* write error */
+		return G10ERR_WRITE_FILE; /* write error */
     }
     else {
 	for( ; pktlen; pktlen -= n ) {
 	    n = pktlen > 100 ? 100 : pktlen;
 	    n = iobuf_read( inp, buf, n );
 	    if( n == -1 )
-		return GPGERR_READ_FILE;
+		return G10ERR_READ_FILE;
 	    if( iobuf_write(out, buf, n ) )
-		return GPGERR_WRITE_FILE; /* write error */
+		return G10ERR_WRITE_FILE; /* write error */
 	}
     }
     return 0;
@@ -559,7 +580,7 @@ read_rest( IOBUF inp, size_t pktlen )
 	p = NULL;
     }
     else {
-	p = gcry_xmalloc( pktlen );
+	p = m_alloc( pktlen );
 	for(i=0; pktlen; pktlen--, i++ )
 	    p[i] = iobuf_get(inp);
     }
@@ -572,19 +593,23 @@ static int
 parse_symkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 {
     PKT_symkey_enc *k;
+    int rc = 0;
     int i, version, s2kmode, cipher_algo, hash_algo, seskeylen, minlen;
 
     if( pktlen < 4 ) {
 	log_error("packet(%d) too short\n", pkttype);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     version = iobuf_get_noeof(inp); pktlen--;
     if( version != 4 ) {
 	log_error("packet(%d) with unknown version %d\n", pkttype, version);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     if( pktlen > 200 ) { /* (we encode the seskeylen in a byte) */
 	log_error("packet(%d) too large\n", pkttype);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     cipher_algo = iobuf_get_noeof(inp); pktlen--;
@@ -606,10 +631,11 @@ parse_symkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
     }
     if( minlen > pktlen ) {
 	log_error("packet with S2K %d too short\n", s2kmode );
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     seskeylen = pktlen - minlen;
-    k = packet->pkt.symkey_enc = gcry_xcalloc( 1, sizeof *packet->pkt.symkey_enc
+    k = packet->pkt.symkey_enc = m_alloc_clear( sizeof *packet->pkt.symkey_enc
 						+ seskeylen - 1 );
     k->version = version;
     k->cipher_algo = cipher_algo;
@@ -642,24 +668,27 @@ parse_symkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 
   leave:
     skip_rest(inp, pktlen);
-    return 0;
+    return rc;
 }
 
 static int
 parse_pubkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 {
-    unsigned n;
+    unsigned int n;
+    int rc = 0;
     int i, ndata;
     PKT_pubkey_enc *k;
 
-    k = packet->pkt.pubkey_enc = gcry_xcalloc( 1,sizeof *packet->pkt.pubkey_enc);
+    k = packet->pkt.pubkey_enc = m_alloc_clear(sizeof *packet->pkt.pubkey_enc);
     if( pktlen < 12 ) {
 	log_error("packet(%d) too short\n", pkttype);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     k->version = iobuf_get_noeof(inp); pktlen--;
     if( k->version != 2 && k->version != 3 ) {
 	log_error("packet(%d) with unknown version %d\n", pkttype, k->version);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     k->keyid[0] = read_32(inp); pktlen -= 4;
@@ -686,12 +715,14 @@ parse_pubkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 		mpi_print(stdout, k->data[i], mpi_print_mode );
 		putchar('\n');
 	    }
+            if (!k->data[i])
+                rc = G10ERR_INVALID_PACKET;
 	}
     }
 
   leave:
     skip_rest(inp, pktlen);
-    return 0;
+    return rc;
 }
 
 
@@ -713,6 +744,7 @@ dump_sig_subpkt( int hashed, int type, int critical,
                type, (unsigned)length );
     }
     
+   
     printf("\t%s%ssubpkt %d len %u (", /*)*/
 	      critical ? "critical ":"",
 	      hashed ? "hashed ":"", type, (unsigned)length );
@@ -737,13 +769,20 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	    printf("%sexportable", *buffer? "":"not ");
 	break;
       case SIGSUBPKT_TRUST:
-	p = "trust signature";
+	if(length!=2)
+	  p="[invalid trust signature]";
+	else
+	  printf("trust signature of level %d, amount %d",buffer[0],buffer[1]);
 	break;
       case SIGSUBPKT_REGEXP:
-	p = "regular expression";
+	if(!length)
+	  p="[invalid regexp]";
+	else
+	  printf("regular expression: \"%s\"",buffer);
 	break;
       case SIGSUBPKT_REVOCABLE:
-	p = "revocable";
+	if( length )
+	    printf("%srevocable", *buffer? "":"not ");
 	break;
       case SIGSUBPKT_KEY_EXPIRE:
 	if( length >= 4 )
@@ -806,7 +845,9 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	    printf(" %d", buffer[i] );
 	break;
       case SIGSUBPKT_KS_FLAGS:
-	p = "key server preferences";
+	fputs("key server preferences:",stdout);
+	for(i=0;i<length;i++)
+	  printf(" %02X", buffer[i]);
 	break;
       case SIGSUBPKT_PREF_KS:
 	p = "preferred key server";
@@ -822,12 +863,12 @@ dump_sig_subpkt( int hashed, int type, int critical,
         fputs ( "key flags:", stdout );
         for( i=0; i < length; i++ )
             printf(" %02X", buffer[i] );
-        break;
+	break;
       case SIGSUBPKT_SIGNERS_UID:
 	p = "signer's user ID";
 	break;
       case SIGSUBPKT_REVOC_REASON:
-	if( length ) {
+        if( length ) {
 	    printf("revocation reason 0x%02x (", *buffer );
 	    print_string( stdout, buffer+1, length-1, ')' );
 	    p = ")";
@@ -846,10 +887,10 @@ dump_sig_subpkt( int hashed, int type, int critical,
       case SIGSUBPKT_FEATURES:
         fputs ( "features:", stdout );
         for( i=0; i < length; i++ )
-            printf(" %02X", buffer[i] );
-        break;
-      case SIGSUBPKT_PRIV_ADD_SIG:  /* gnupg private - to be removed */
-	p = "signs additional user ID";
+            printf(" %02x", buffer[i] );
+	break;
+      case SIGSUBPKT_PRIV_VERIFY_CACHE:
+	p = "obsolete verification cache";
 	break;
       default: p = "?"; break;
     }
@@ -863,10 +904,14 @@ dump_sig_subpkt( int hashed, int type, int critical,
  *	    -2 unsupported type
  *	    -3 subpacket too short
  */
-static int
+int
 parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
 {
     switch( type ) {
+      case SIGSUBPKT_REV_KEY:
+	if(n < 22)
+	  break;
+	return 0;
       case SIGSUBPKT_SIG_CREATED:
       case SIGSUBPKT_SIG_EXPIRE:
       case SIGSUBPKT_KEY_EXPIRE:
@@ -874,12 +919,19 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
 	    break;
 	return 0;
       case SIGSUBPKT_KEY_FLAGS:
-          return 0;  
+      case SIGSUBPKT_KS_FLAGS:
+      case SIGSUBPKT_PREF_SYM:
+      case SIGSUBPKT_PREF_HASH:
+      case SIGSUBPKT_PREF_COMPR:
+      case SIGSUBPKT_POLICY:
+      case SIGSUBPKT_FEATURES:
+	return 0;
       case SIGSUBPKT_EXPORTABLE:
+      case SIGSUBPKT_REVOCABLE:
 	if( !n )
 	    break;
 	return 0;
-      case SIGSUBPKT_ISSUER:/* issuer key ID */
+      case SIGSUBPKT_ISSUER: /* issuer key ID */
 	if( n < 8 )
 	    break;
 	return 0;
@@ -891,23 +943,23 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
 	if( !n	)
 	    break;
 	return 0;
-      case SIGSUBPKT_PREF_SYM:
-      case SIGSUBPKT_PREF_HASH:
-      case SIGSUBPKT_PREF_COMPR:
-      case SIGSUBPKT_FEATURES:
-      case SIGSUBPKT_POLICY:
-	return 0;
       case SIGSUBPKT_PRIMARY_UID:
           if ( n != 1 )
               break;
           return 0;   
-      case SIGSUBPKT_PRIV_ADD_SIG:
-	/* because we use private data, we check the GNUPG marker */
-	if( n < 24 )
+      case SIGSUBPKT_PRIV_VERIFY_CACHE:
+        /* We used this in gpg 1.0.5 and 1.0.6 to cache signature
+         * verification results - it is no longer used.
+         * "GPG" 0x00 <mode> <stat>
+         * where mode == 1: valid data, stat == 0: invalid signature
+         * stat == 1: valid signature 
+	 * (because we use private data, we check our marker) */
+	if( n < 6 )
 	    break;
-	if( buffer[0] != 'G' || buffer[1] != 'P' || buffer[2] != 'G' )
+	if( buffer[0] != 'G' || buffer[1] != 'P'
+            || buffer[2] != 'G' || buffer[3] )
 	    return -2;
-	return 3;
+	return 4;
       default: return -1;
     }
     return -3;
@@ -927,15 +979,18 @@ can_handle_critical( const byte *buffer, size_t n, int type )
       case SIGSUBPKT_SIG_EXPIRE:
       case SIGSUBPKT_KEY_EXPIRE:
       case SIGSUBPKT_EXPORTABLE:
+      case SIGSUBPKT_REVOCABLE:
+      case SIGSUBPKT_REV_KEY:
       case SIGSUBPKT_ISSUER:/* issuer key ID */
       case SIGSUBPKT_PREF_SYM:
       case SIGSUBPKT_PREF_HASH:
       case SIGSUBPKT_PREF_COMPR:
-      case SIGSUBPKT_FEATURES:
       case SIGSUBPKT_KEY_FLAGS:
+      case SIGSUBPKT_PRIMARY_UID:
+      case SIGSUBPKT_FEATURES:
+      case SIGSUBPKT_POLICY: /* Is it enough to show the policy? */
 	return 1;
 
-      case SIGSUBPKT_POLICY: /* Is it enough to show the policy? */
       default:
 	return 0;
     }
@@ -943,37 +998,40 @@ can_handle_critical( const byte *buffer, size_t n, int type )
 
 
 const byte *
-enum_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype,
-		 size_t *ret_n, int *start )
+enum_sig_subpkt( const subpktarea_t *pktbuf, sigsubpkttype_t reqtype,
+		 size_t *ret_n, int *start, int *critical )
 {
+    const byte *buffer;
     int buflen;
     int type;
-    int critical;
+    int critical_dummy;
     int offset;
     size_t n;
     int seq = 0;
     int reqseq = start? *start: 0;
 
-    if( !buffer || reqseq == -1 ) {
+    if(!critical)
+      critical=&critical_dummy;
+
+    if( !pktbuf || reqseq == -1 ) {
 	/* return some value different from NULL to indicate that
-	 * there is no crtitical bit we do not understand.  The caller
+	 * there is no critical bit we do not understand.  The caller
 	 * will never use the value.  Yes I know, it is an ugly hack */
-	return reqtype == SIGSUBPKT_TEST_CRITICAL? (const byte*)&buffer : NULL;
+	return reqtype == SIGSUBPKT_TEST_CRITICAL? (const byte*)&pktbuf : NULL;
     }
-    buflen = (*buffer << 8) | buffer[1];
-    buffer += 2;
+    buffer = pktbuf->data;
+    buflen = pktbuf->len;
     while( buflen ) {
 	n = *buffer++; buflen--;
-	if( n == 255 ) {
+	if( n == 255 ) { /* 4 byte length header */
 	    if( buflen < 4 )
 		goto too_short;
 	    n = (buffer[0] << 24) | (buffer[1] << 16)
-				  | (buffer[2] << 8) | buffer[3];
+                | (buffer[2] << 8) | buffer[3];
 	    buffer += 4;
 	    buflen -= 4;
-
 	}
-	else if( n >= 192 ) {
+	else if( n >= 192 ) { /* 2 byte special encoded length header */
 	    if( buflen < 2 )
 		goto too_short;
 	    n = (( n - 192 ) << 8) + *buffer + 192;
@@ -985,14 +1043,14 @@ enum_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype,
 	type = *buffer;
 	if( type & 0x80 ) {
 	    type &= 0x7f;
-	    critical = 1;
+	    *critical = 1;
 	}
 	else
-	    critical = 0;
+	    *critical = 0;
 	if( !(++seq > reqseq) )
 	    ;
 	else if( reqtype == SIGSUBPKT_TEST_CRITICAL ) {
-	    if( critical ) {
+	    if( *critical ) {
 		if( n-1 > buflen+1 )
 		    goto too_short;
 		if( !can_handle_critical(buffer+1, n-1, type ) ) {
@@ -1006,7 +1064,7 @@ enum_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype,
 	}
 	else if( reqtype < 0 ) /* list packets */
 	    dump_sig_subpkt( reqtype == SIGSUBPKT_LIST_HASHED,
-				    type, critical, buffer, buflen, n );
+				    type, *critical, buffer, buflen, n );
 	else if( type == reqtype ) { /* found */
 	    buffer++;
 	    n--;
@@ -1048,23 +1106,49 @@ enum_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype,
 
 
 const byte *
-parse_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype, size_t *ret_n )
+parse_sig_subpkt (const subpktarea_t *buffer, sigsubpkttype_t reqtype,
+                  size_t *ret_n)
 {
-    return enum_sig_subpkt( buffer, reqtype, ret_n, NULL );
+    return enum_sig_subpkt( buffer, reqtype, ret_n, NULL, NULL );
 }
 
 const byte *
-parse_sig_subpkt2( PKT_signature *sig, sigsubpkttype_t reqtype, size_t *ret_n )
+parse_sig_subpkt2 (PKT_signature *sig, sigsubpkttype_t reqtype,
+                   size_t *ret_n )
 {
     const byte *p;
 
-    p = parse_sig_subpkt( sig->hashed_data, reqtype, ret_n );
+    p = parse_sig_subpkt (sig->hashed, reqtype, ret_n );
     if( !p )
-	p = parse_sig_subpkt( sig->unhashed_data, reqtype, ret_n );
+	p = parse_sig_subpkt (sig->unhashed, reqtype, ret_n );
     return p;
 }
 
-
+/* Find all revocation keys. Look in hashed area only. */
+void parse_revkeys(PKT_signature *sig)
+{
+  struct revocation_key *revkey;
+  int seq=0;
+  size_t len;
+
+  if(sig->sig_class!=0x1F)
+    return;
+
+  while((revkey=
+	 (struct revocation_key *)enum_sig_subpkt(sig->hashed,
+						  SIGSUBPKT_REV_KEY,
+						  &len,&seq,NULL)))
+    {
+      if(len==sizeof(struct revocation_key) &&
+	 (revkey->class&0x80)) /* 0x80 bit must be set */
+	{
+	  sig->revkey=m_realloc(sig->revkey,
+			  sizeof(struct revocation_key *)*(sig->numrevkeys+1));
+	  sig->revkey[sig->numrevkeys]=revkey;
+	  sig->numrevkeys++;
+	}
+    }
+}
 
 static int
 parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
@@ -1085,6 +1169,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 	is_v4=1;
     else if( sig->version != 2 && sig->version != 3 ) {
 	log_error("packet(%d) with unknown version %d\n", pkttype, sig->version);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
 
@@ -1099,19 +1184,22 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
     }
     sig->pubkey_algo = iobuf_get_noeof(inp); pktlen--;
     sig->digest_algo = iobuf_get_noeof(inp); pktlen--;
+    sig->flags.exportable=1;
+    sig->flags.revocable=1;
     if( is_v4 ) { /* read subpackets */
 	n = read_16(inp); pktlen -= 2; /* length of hashed data */
 	if( n > 10000 ) {
 	    log_error("signature packet: hashed data too long\n");
-	    rc = GPGERR_INVALID_PACKET;
+	    rc = G10ERR_INVALID_PACKET;
 	    goto leave;
 	}
 	if( n ) {
-	    sig->hashed_data = gcry_xmalloc( n + 2 );
-	    sig->hashed_data[0] = n >> 8;
-	    sig->hashed_data[1] = n;
-	    if( iobuf_read(inp, sig->hashed_data+2, n ) != n ) {
-		log_error("premature eof while reading hashed signature data\n");
+	    sig->hashed = m_alloc (sizeof (*sig->hashed) + n - 1 );
+            sig->hashed->size = n;
+	    sig->hashed->len = n;
+	    if( iobuf_read (inp, sig->hashed->data, n ) != n ) {
+		log_error ("premature eof while reading "
+                           "hashed signature data\n");
 		rc = -1;
 		goto leave;
 	    }
@@ -1120,15 +1208,19 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 	n = read_16(inp); pktlen -= 2; /* length of unhashed data */
 	if( n > 10000 ) {
 	    log_error("signature packet: unhashed data too long\n");
-	    rc = GPGERR_INVALID_PACKET;
+	    rc = G10ERR_INVALID_PACKET;
 	    goto leave;
 	}
 	if( n ) {
-	    sig->unhashed_data = gcry_xmalloc( n + 2 );
-	    sig->unhashed_data[0] = n >> 8;
-	    sig->unhashed_data[1] = n;
-	    if( iobuf_read(inp, sig->unhashed_data+2, n ) != n ) {
-		log_error("premature eof while reading unhashed signature data\n");
+            /* we add 8 extra bytes so that we have space for the signature
+             * status cache.  Well we are wastin this if there is a cache
+             * packet already, but in the other case it avoids an realloc */
+	    sig->unhashed = m_alloc (sizeof(*sig->unhashed) + n + 8 - 1 );
+            sig->unhashed->size = n + 8;
+	    sig->unhashed->len = n;
+	    if( iobuf_read(inp, sig->unhashed->data, n ) != n ) {
+		log_error("premature eof while reading "
+                          "unhashed signature data\n");
 		rc = -1;
 		goto leave;
 	    }
@@ -1138,7 +1230,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 
     if( pktlen < 5 ) { /* sanity check */
 	log_error("packet(%d) too short\n", pkttype);
-	rc = GPGERR_INVALID_PACKET;
+	rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
 
@@ -1150,14 +1242,14 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 
 	/* set sig->flags.unknown_critical if there is a
 	 * critical bit set for packets which we do not understand */
-	if( !parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_TEST_CRITICAL, NULL)
-	   || !parse_sig_subpkt( sig->unhashed_data, SIGSUBPKT_TEST_CRITICAL,
+	if( !parse_sig_subpkt (sig->hashed, SIGSUBPKT_TEST_CRITICAL, NULL)
+	   || !parse_sig_subpkt (sig->unhashed, SIGSUBPKT_TEST_CRITICAL,
 									NULL) )
 	{
 	    sig->flags.unknown_critical = 1;
 	}
 
-	p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_SIG_CREATED, NULL );
+	p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_CREATED, NULL );
 	if( !p )
 	    log_error("signature packet without timestamp\n");
 	else
@@ -1169,6 +1261,37 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 	    sig->keyid[0] = buffer_to_u32(p);
 	    sig->keyid[1] = buffer_to_u32(p+4);
 	}
+
+	p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_SIG_EXPIRE,NULL);
+	if(p)
+	  sig->expiredate=sig->timestamp+buffer_to_u32(p);
+	if(sig->expiredate && sig->expiredate<=make_timestamp())
+ 	    sig->flags.expired=1;
+
+	p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_POLICY,NULL);
+	if(p)
+	  sig->flags.policy_url=1;
+
+	p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,NULL);
+	if(p)
+	  sig->flags.notation=1;
+
+	p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_REVOCABLE,NULL);
+	if(p && *p==0)
+	  sig->flags.revocable=0;
+
+	/* We accept the exportable subpacket from either the hashed
+	   or unhashed areas as older versions of gpg put it in the
+	   unhashed area.  In theory, anyway, we should never see this
+	   packet off of a local keyring. */
+
+	p=parse_sig_subpkt2(sig,SIGSUBPKT_EXPORTABLE,NULL);
+	if(p && *p==0)
+	  sig->flags.exportable=0;
+
+	/* Find all revocation keys. */
+	if(sig->sig_class==0x1F)
+	  parse_revkeys(sig);
     }
 
     if( list_mode ) {
@@ -1181,8 +1304,8 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 		sig->digest_algo,
 		sig->digest_start[0], sig->digest_start[1] );
 	if( is_v4 ) {
-	    parse_sig_subpkt( sig->hashed_data,  SIGSUBPKT_LIST_HASHED, NULL );
-	    parse_sig_subpkt( sig->unhashed_data,SIGSUBPKT_LIST_UNHASHED, NULL);
+	    parse_sig_subpkt (sig->hashed,   SIGSUBPKT_LIST_HASHED, NULL );
+	    parse_sig_subpkt (sig->unhashed, SIGSUBPKT_LIST_UNHASHED, NULL);
 	}
     }
 
@@ -1206,6 +1329,8 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 		mpi_print(stdout, sig->data[i], mpi_print_mode );
 		putchar('\n');
 	    }
+            if (!sig->data[i])
+                rc = G10ERR_INVALID_PACKET;
 	}
     }
 
@@ -1220,14 +1345,17 @@ parse_onepass_sig( IOBUF inp, int pkttype, unsigned long pktlen,
 					     PKT_onepass_sig *ops )
 {
     int version;
+    int rc = 0;
 
     if( pktlen < 13 ) {
 	log_error("packet(%d) too short\n", pkttype);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     version = iobuf_get_noeof(inp); pktlen--;
     if( version != 3 ) {
 	log_error("onepass_sig with unknown version %d\n", version);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     ops->sig_class = iobuf_get_noeof(inp); pktlen--;
@@ -1246,7 +1374,7 @@ parse_onepass_sig( IOBUF inp, int pkttype, unsigned long pktlen,
 
   leave:
     skip_rest(inp, pktlen);
-    return 0;
+    return rc;
 }
 
 
@@ -1258,14 +1386,14 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 {
     int i, version, algorithm;
     unsigned n;
-    unsigned long timestamp, expiredate;
+    unsigned long timestamp, expiredate, max_expiredate;
     int npkey, nskey;
     int is_v4=0;
     int rc=0;
 
     version = iobuf_get_noeof(inp); pktlen--;
     if( pkttype == PKT_PUBLIC_SUBKEY && version == '#' ) {
-	/* early versions of gpg use old PGP comments packets;
+	/* early versions of G10 use old PGP comments packets;
 	 * luckily all those comments are started by a hash */
 	if( list_mode ) {
 	    printf(":rfc1991 comment packet: \"" );
@@ -1286,17 +1414,21 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	is_v4=1;
     else if( version != 2 && version != 3 ) {
 	log_error("packet(%d) with unknown version %d\n", pkttype, version);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
 
     if( pktlen < 11 ) {
 	log_error("packet(%d) too short\n", pkttype);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
 
     timestamp = read_32(inp); pktlen -= 4;
-    if( is_v4 )
+    if( is_v4 ) {
 	expiredate = 0; /* have to get it from the selfsignature */
+	max_expiredate = 0;
+    }
     else {
 	unsigned short ndays;
 	ndays = read_16(inp); pktlen -= 2;
@@ -1304,6 +1436,8 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	    expiredate = timestamp + ndays * 86400L;
 	else
 	    expiredate = 0;
+
+	max_expiredate=expiredate;
     }
     algorithm = iobuf_get_noeof(inp); pktlen--;
     if( list_mode )
@@ -1320,23 +1454,25 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 
 	sk->timestamp = timestamp;
 	sk->expiredate = expiredate;
+	sk->max_expiredate = max_expiredate;
 	sk->hdrbytes = hdrlen;
 	sk->version = version;
 	sk->is_primary = pkttype == PKT_SECRET_KEY;
 	sk->pubkey_algo = algorithm;
 	sk->req_usage = 0; 
-        sk->pubkey_usage = 0; /* will be set by getkey functions */
+	sk->pubkey_usage = 0; /* not yet used */
     }
     else {
 	PKT_public_key *pk = pkt->pkt.public_key;
 
 	pk->timestamp = timestamp;
 	pk->expiredate = expiredate;
+	pk->max_expiredate = max_expiredate;
 	pk->hdrbytes	= hdrlen;
 	pk->version	= version;
 	pk->pubkey_algo = algorithm;
-        pk->req_usage = 0;
-	pk->pubkey_usage = 0; /* will be set bey getkey functions */
+	pk->req_usage = 0; 
+	pk->pubkey_usage = 0; /* not yet used */
         pk->is_revoked = 0;
 	pk->keyid[0] = 0;
 	pk->keyid[1] = 0;
@@ -1355,8 +1491,8 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	byte temp[16];
 
 	if( !npkey ) {
-	    sk->skey[0] = gcry_mpi_set_opaque( NULL,
-					     read_rest(inp, pktlen), pktlen*8 );
+	    sk->skey[0] = mpi_set_opaque( NULL,
+					  read_rest(inp, pktlen), pktlen );
 	    pktlen = 0;
 	    goto leave;
 	}
@@ -1368,16 +1504,22 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 		mpi_print(stdout, sk->skey[i], mpi_print_mode  );
 		putchar('\n');
 	    }
+            if (!sk->skey[i])
+                rc = G10ERR_INVALID_PACKET;
 	}
+        if (rc) /* one of the MPIs were bad */
+            goto leave;
 	sk->protect.algo = iobuf_get_noeof(inp); pktlen--;
+        sk->protect.sha1chk = 0;
 	if( sk->protect.algo ) {
 	    sk->is_protected = 1;
 	    sk->protect.s2k.count = 0;
-	    if( sk->protect.algo == 255 ) {
+	    if( sk->protect.algo == 254 || sk->protect.algo == 255 ) {
 		if( pktlen < 3 ) {
-		    rc = GPGERR_INVALID_PACKET;
+		    rc = G10ERR_INVALID_PACKET;
 		    goto leave;
 		}
+                sk->protect.sha1chk = (sk->protect.algo == 254);
 		sk->protect.algo = iobuf_get_noeof(inp); pktlen--;
 		sk->protect.s2k.mode  = iobuf_get_noeof(inp); pktlen--;
 		sk->protect.s2k.hash_algo = iobuf_get_noeof(inp); pktlen--;
@@ -1389,7 +1531,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 			if( list_mode )
 			    printf(  "\tunknown S2K %d\n",
 						sk->protect.s2k.mode );
-			rc = GPGERR_INVALID_PACKET;
+			rc = G10ERR_INVALID_PACKET;
 			goto leave;
 		    }
 		    /* here we know that it is a gnu extension
@@ -1421,13 +1563,15 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 			printf(  "\tunknown %sS2K %d\n",
 				 sk->protect.s2k.mode < 1000? "":"GNU ",
 						   sk->protect.s2k.mode );
-		    rc = GPGERR_INVALID_PACKET;
+		    rc = G10ERR_INVALID_PACKET;
 		    goto leave;
 		}
 
 		if( list_mode ) {
-		    printf(", algo: %d, hash: %d",
+		    printf(", algo: %d,%s hash: %d",
 				     sk->protect.algo,
+                                     sk->protect.sha1chk?" SHA1 protection,"
+                                                        :" simple checksum,",
 				     sk->protect.s2k.hash_algo );
 		    if( sk->protect.s2k.mode == 1
 			|| sk->protect.s2k.mode == 3 ) {
@@ -1440,7 +1584,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 
 		if( sk->protect.s2k.mode == 3 ) {
 		    if( pktlen < 1 ) {
-			rc = GPGERR_INVALID_PACKET;
+			rc = G10ERR_INVALID_PACKET;
 			goto leave;
 		    }
 		    sk->protect.s2k.count = iobuf_get(inp);
@@ -1452,7 +1596,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	    }
 	    else { /* old version; no S2K, so we set mode to 0, hash MD5 */
 		sk->protect.s2k.mode = 0;
-		sk->protect.s2k.hash_algo = GCRY_MD_MD5;
+		sk->protect.s2k.hash_algo = DIGEST_ALGO_MD5;
 		if( list_mode )
 		    printf(  "\tprotect algo: %d  (hash algo: %d)\n",
 			 sk->protect.algo, sk->protect.s2k.hash_algo );
@@ -1477,7 +1621,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 		sk->protect.ivlen = 0;
 
 	    if( pktlen < sk->protect.ivlen ) {
-		rc = GPGERR_INVALID_PACKET;
+		rc = G10ERR_INVALID_PACKET;
 		goto leave;
 	    }
 	    for(i=0; i < sk->protect.ivlen && pktlen; i++, pktlen-- )
@@ -1498,26 +1642,25 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	 * So we put the key into secure memory when we unprotect it. */
 	if( sk->protect.s2k.mode == 1001 ) {
 	    /* better set some dummy stuff here */
-	    sk->skey[npkey] = mpi_set_opaque(NULL, gcry_xstrdup("dummydata"), 10);
+	    sk->skey[npkey] = mpi_set_opaque(NULL, m_strdup("dummydata"), 10);
 	    pktlen = 0;
 	}
 	else if( is_v4 && sk->is_protected ) {
 	    /* ugly; the length is encrypted too, so we read all
 	     * stuff up to the end of the packet into the first
 	     * skey element */
-	    sk->skey[npkey] = gcry_mpi_set_opaque(NULL,
-					     read_rest(inp, pktlen), pktlen*8 );
+	    sk->skey[npkey] = mpi_set_opaque(NULL,
+					     read_rest(inp, pktlen), pktlen );
 	    pktlen = 0;
 	    if( list_mode ) {
 		printf("\tencrypted stuff follows\n");
 	    }
 	}
-	else { /* unencrypted v4 or v3 method (where length is not encrypted) */
+	else { /* v3 method: the mpi length is not encrypted */
 	    for(i=npkey; i < nskey; i++ ) {
-		n = pktlen;
-		sk->skey[i] = sk->is_protected ? mpi_read_opaque(inp, &n )
-					       : mpi_read( inp, &n, 1 );
-		pktlen -=n;
+		n = pktlen; sk->skey[i] = mpi_read(inp, &n, 0 ); pktlen -=n;
+		if( sk->is_protected && sk->skey[i] )
+		    mpi_set_protect_flag(sk->skey[i]);
 		if( list_mode ) {
 		    printf(  "\tskey[%d]: ", i);
 		    if( sk->is_protected )
@@ -1527,7 +1670,11 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 			putchar('\n');
 		    }
 		}
+                if (!sk->skey[i])
+                    rc = G10ERR_INVALID_PACKET;
 	    }
+            if (rc)
+                goto leave;
 
 	    sk->csum = read_16(inp); pktlen -= 2;
 	    if( list_mode ) {
@@ -1539,8 +1686,8 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	PKT_public_key *pk = pkt->pkt.public_key;
 
 	if( !npkey ) {
-	    pk->pkey[0] = gcry_mpi_set_opaque( NULL,
-					     read_rest(inp, pktlen), pktlen*8 );
+	    pk->pkey[0] = mpi_set_opaque( NULL,
+					  read_rest(inp, pktlen), pktlen );
 	    pktlen = 0;
 	    goto leave;
 	}
@@ -1552,7 +1699,11 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 		mpi_print(stdout, pk->pkey[i], mpi_print_mode  );
 		putchar('\n');
 	    }
+            if (!pk->pkey[i])
+                rc = G10ERR_INVALID_PACKET;
 	}
+        if (rc)
+            goto leave;
     }
 
   leave:
@@ -1560,16 +1711,95 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
     return rc;
 }
 
+/* Attribute subpackets have the same format as v4 signature
+   subpackets.  This is not part of OpenPGP, but is done in several
+   versions of PGP nevertheless. */
+int
+parse_attribute_subpkts(PKT_user_id *uid)
+{
+  size_t n;
+  int count=0;
+  struct user_attribute *attribs=NULL;
+  const byte *buffer=uid->attrib_data;
+  int buflen=uid->attrib_len;
+  byte type;
+
+  m_free(uid->attribs);
+
+  while(buflen)
+    {
+      n = *buffer++; buflen--;
+      if( n == 255 ) { /* 4 byte length header */
+	if( buflen < 4 )
+	  goto too_short;
+	n = (buffer[0] << 24) | (buffer[1] << 16)
+	  | (buffer[2] << 8) | buffer[3];
+	buffer += 4;
+	buflen -= 4;
+      }
+      else if( n >= 192 ) { /* 2 byte special encoded length header */
+	if( buflen < 2 )
+	  goto too_short;
+	n = (( n - 192 ) << 8) + *buffer + 192;
+	buffer++;
+	buflen--;
+      }
+      if( buflen < n )
+	goto too_short;
+
+      attribs=m_realloc(attribs,(count+1)*sizeof(struct user_attribute));
+      memset(&attribs[count],0,sizeof(struct user_attribute));
+
+      type=*buffer;
+      buffer++;
+      buflen--;
+      n--;
+
+      attribs[count].type=type;
+      attribs[count].data=buffer;
+      attribs[count].len=n;
+      buffer+=n;
+      buflen-=n;
+      count++;
+    }
+
+  uid->attribs=attribs;
+  uid->numattribs=count;
+  return count;
+
+ too_short:
+  log_error("buffer shorter than attribute subpacket\n");
+  uid->attribs=attribs;
+  uid->numattribs=count;
+  return count;
+}
+
+static void setup_user_id(PACKET *packet)
+{
+  packet->pkt.user_id->ref = 1;
+  packet->pkt.user_id->attribs = NULL;
+  packet->pkt.user_id->attrib_data = NULL;
+  packet->pkt.user_id->attrib_len = 0;
+  packet->pkt.user_id->is_primary = 0;
+  packet->pkt.user_id->is_revoked = 0;
+  packet->pkt.user_id->is_expired = 0;
+  packet->pkt.user_id->expiredate = 0;
+  packet->pkt.user_id->created = 0;
+  packet->pkt.user_id->help_key_usage = 0;
+  packet->pkt.user_id->help_key_expire = 0;
+  packet->pkt.user_id->prefs = NULL;
+}
 
 static int
 parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 {
     byte *p;
 
-    packet->pkt.user_id = gcry_xmalloc(sizeof *packet->pkt.user_id  + pktlen);
+    packet->pkt.user_id = m_alloc(sizeof *packet->pkt.user_id  + pktlen);
     packet->pkt.user_id->len = pktlen;
-    packet->pkt.user_id->photo = NULL;
-    packet->pkt.user_id->photolen = 0;
+
+    setup_user_id(packet);
+
     p = packet->pkt.user_id->name;
     for( ; pktlen; pktlen--, p++ )
 	*p = iobuf_get_noeof(inp);
@@ -1578,7 +1808,7 @@ parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
     if( list_mode ) {
 	int n = packet->pkt.user_id->len;
 	printf(":user ID packet: \"");
-	/* fixme: Hey why don't we replace this wioth print_string?? */
+	/* fixme: Hey why don't we replace this with print_string?? */
 	for(p=packet->pkt.user_id->name; n; p++, n-- ) {
 	    if( *p >= ' ' && *p <= 'z' )
 		putchar(*p);
@@ -1590,28 +1820,60 @@ parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
     return 0;
 }
 
+void
+make_attribute_uidname(PKT_user_id *uid)
+{
+  if(uid->numattribs<=0)
+    sprintf(uid->name,"[bad attribute packet of size %lu]",uid->attrib_len);
+  else if(uid->numattribs>1)
+    sprintf(uid->name,"[%d attributes of size %lu]",
+	    uid->numattribs,uid->attrib_len);
+  else
+    {
+      /* Only one attribute, so list it as the "user id" */
+
+      if(uid->attribs->type==ATTRIB_IMAGE)
+	{
+	  u32 len;
+	  byte type;
+
+	  if(parse_image_header(uid->attribs,&type,&len))
+	    sprintf(uid->name,"[%s image of size %lu]",
+		    image_type_to_string(type,1),(ulong)len);
+	  else
+	    sprintf(uid->name,"[invalid image]");
+	}
+      else
+	sprintf(uid->name,"[unknown attribute of size %lu]",uid->attribs->len);
+    }
+
+  uid->len = strlen(uid->name);
+}
 
-/****************
- * PGP generates a packet of type 17. We assume this is a photo ID and
- * simply store it here as a comment packet.
- */
 static int
-parse_photo_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
+parse_attribute( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 {
     byte *p;
 
-    packet->pkt.user_id = gcry_xmalloc(sizeof *packet->pkt.user_id  + 30);
-    sprintf( packet->pkt.user_id->name, "[image of size %lu]", pktlen );
-    packet->pkt.user_id->len = strlen(packet->pkt.user_id->name);
+    packet->pkt.user_id = m_alloc(sizeof *packet->pkt.user_id + 70);
+
+    setup_user_id(packet);
 
-    packet->pkt.user_id->photo = gcry_xmalloc(sizeof *packet->pkt.user_id + pktlen);
-    packet->pkt.user_id->photolen = pktlen;
-    p = packet->pkt.user_id->photo;
+    packet->pkt.user_id->attrib_data = m_alloc(pktlen);
+    packet->pkt.user_id->attrib_len = pktlen;
+    p = packet->pkt.user_id->attrib_data;
     for( ; pktlen; pktlen--, p++ )
 	*p = iobuf_get_noeof(inp);
 
+    /* Now parse out the individual attribute subpackets.  This is
+       somewhat pointless since there is only one currently defined
+       attribute type (jpeg), but it is correct by the spec. */
+    parse_attribute_subpkts(packet->pkt.user_id);
+
+    make_attribute_uidname(packet->pkt.user_id);
+
     if( list_mode ) {
-	printf(":photo_id packet: %s\n", packet->pkt.user_id->name );
+	printf(":attribute packet: %s\n", packet->pkt.user_id->name );
     }
     return 0;
 }
@@ -1622,7 +1884,7 @@ parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 {
     byte *p;
 
-    packet->pkt.comment = gcry_xmalloc(sizeof *packet->pkt.comment + pktlen - 1);
+    packet->pkt.comment = m_alloc(sizeof *packet->pkt.comment + pktlen - 1);
     packet->pkt.comment->len = pktlen;
     p = packet->pkt.comment->data;
     for( ; pktlen; pktlen--, p++ )
@@ -1647,13 +1909,34 @@ parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 static void
 parse_trust( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *pkt )
 {
-    int c;
-
-    c = iobuf_get_noeof(inp);
-    pkt->pkt.ring_trust = gcry_xmalloc( sizeof *pkt->pkt.ring_trust );
-    pkt->pkt.ring_trust->trustval = c;
-    if( list_mode )
-	printf(":trust packet: flag=%02x\n", c );
+  int c;
+
+  if (pktlen)
+    {
+      c = iobuf_get_noeof(inp);
+      pktlen--;
+      pkt->pkt.ring_trust = m_alloc( sizeof *pkt->pkt.ring_trust );
+      pkt->pkt.ring_trust->trustval = c;
+      pkt->pkt.ring_trust->sigcache = 0;
+      if (!c && pktlen==1)
+        {
+          c = iobuf_get_noeof (inp);
+          pktlen--;
+          /* we require that bit 7 of the sigcache is 0 (easier eof handling)*/
+          if ( !(c & 0x80) )
+            pkt->pkt.ring_trust->sigcache = c;
+        }
+      if( list_mode )
+	printf(":trust packet: flag=%02x sigcache=%02x\n",
+               pkt->pkt.ring_trust->trustval,
+               pkt->pkt.ring_trust->sigcache);
+    }
+  else
+    {
+      if( list_mode )
+	printf(":trust packet: empty\n");
+    }
+  skip_rest (inp, pktlen);
 }
 
 
@@ -1661,21 +1944,29 @@ static int
 parse_plaintext( IOBUF inp, int pkttype, unsigned long pktlen,
 					PACKET *pkt, int new_ctb )
 {
-    int mode, namelen;
+    int rc = 0;
+    int mode, namelen, partial=0;
     PKT_plaintext *pt;
     byte *p;
     int c, i;
 
     if( pktlen && pktlen < 6 ) {
 	log_error("packet(%d) too short (%lu)\n", pkttype, (ulong)pktlen);
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
+    /* A packet length of zero indicates partial body length.  A zero
+       data length isn't a zero length packet due to the header (mode,
+       name, etc), so this is accurate. */
+    if(pktlen==0)
+      partial=1;
     mode = iobuf_get_noeof(inp); if( pktlen ) pktlen--;
     namelen = iobuf_get_noeof(inp); if( pktlen ) pktlen--;
-    pt = pkt->pkt.plaintext = gcry_xmalloc(sizeof *pkt->pkt.plaintext + namelen -1);
+    pt = pkt->pkt.plaintext = m_alloc(sizeof *pkt->pkt.plaintext + namelen -1);
     pt->new_ctb = new_ctb;
     pt->mode = mode;
     pt->namelen = namelen;
+    pt->is_partial = partial;
     if( pktlen ) {
 	for( i=0; pktlen > 4 && i < namelen; pktlen--, i++ )
 	    pt->name[i] = iobuf_get_noeof(inp);
@@ -1707,7 +1998,7 @@ parse_plaintext( IOBUF inp, int pkttype, unsigned long pktlen,
     }
 
   leave:
-    return 0;
+    return rc;
 }
 
 
@@ -1721,7 +2012,7 @@ parse_compressed( IOBUF inp, int pkttype, unsigned long pktlen,
      * (this should be the last object in a file or
      *	the compress algorithm should know the length)
      */
-    zd = pkt->pkt.compressed =	gcry_xmalloc(sizeof *pkt->pkt.compressed );
+    zd = pkt->pkt.compressed =	m_alloc(sizeof *pkt->pkt.compressed );
     zd->len = 0; /* not yet used */
     zd->algorithm = iobuf_get_noeof(inp);
     zd->new_ctb = new_ctb;
@@ -1736,10 +2027,18 @@ static int
 parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
 				       PACKET *pkt, int new_ctb )
 {
+    int rc = 0;
     PKT_encrypted *ed;
+    unsigned long orig_pktlen = pktlen;
 
-    ed = pkt->pkt.encrypted =  gcry_xmalloc(sizeof *pkt->pkt.encrypted );
+    ed = pkt->pkt.encrypted =  m_alloc(sizeof *pkt->pkt.encrypted );
     ed->len = pktlen;
+    /* we don't know the extralen which is (cipher_blocksize+2)
+       because the algorithm ist not specified in this packet.
+       However, it is only important to know this for somesanity
+       checks on the pkacet length - it doesn't matter that we can't
+       do it */
+    ed->extralen = 0;
     ed->buf = NULL;
     ed->new_ctb = new_ctb;
     ed->mdc_method = 0;
@@ -1747,22 +2046,27 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
 	/* fixme: add some pktlen sanity checks */
 	int version;
 
-	version = iobuf_get_noeof(inp); pktlen--;
+	version = iobuf_get_noeof(inp); 
+        if (orig_pktlen)
+            pktlen--;
 	if( version != 1 ) {
 	    log_error("encrypted_mdc packet with unknown version %d\n",
 								version);
+            /*skip_rest(inp, pktlen); should we really do this? */
+            rc = G10ERR_INVALID_PACKET;
 	    goto leave;
 	}
-	ed->mdc_method = GCRY_MD_SHA1;
+	ed->mdc_method = DIGEST_ALGO_SHA1;
     }
-    if( pktlen && pktlen < 10 ) { /* actually this is blocksize+2 */
+    if( orig_pktlen && pktlen < 10 ) { /* actually this is blocksize+2 */
 	log_error("packet(%d) too short\n", pkttype);
+        rc = G10ERR_INVALID_PACKET;
 	skip_rest(inp, pktlen);
 	goto leave;
     }
     if( list_mode ) {
-	if( pktlen )
-	    printf(":encrypted data packet:\n\tlength: %lu\n", pktlen);
+	if( orig_pktlen )
+	    printf(":encrypted data packet:\n\tlength: %lu\n", orig_pktlen);
 	else
 	    printf(":encrypted data packet:\n\tlength: unknown\n");
 	if( ed->mdc_method )
@@ -1773,7 +2077,7 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
     pktlen = 0;
 
   leave:
-    return 0;
+    return rc;
 }
 
 
@@ -1781,14 +2085,16 @@ static int
 parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
 				   PACKET *pkt, int new_ctb )
 {
+    int rc = 0;
     PKT_mdc *mdc;
     byte *p;
 
-    mdc = pkt->pkt.mdc=  gcry_xmalloc(sizeof *pkt->pkt.mdc );
+    mdc = pkt->pkt.mdc=  m_alloc(sizeof *pkt->pkt.mdc );
     if( list_mode )
 	printf(":mdc packet: length=%lu\n", pktlen);
     if( !new_ctb || pktlen != 20 ) {
 	log_error("mdc_packet with invalid encoding\n");
+        rc = G10ERR_INVALID_PACKET;
 	goto leave;
     }
     p = mdc->hash;
@@ -1796,6 +2102,90 @@ parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
 	*p = iobuf_get_noeof(inp);
 
   leave:
+    return rc;
+}
+
+
+/*
+ * This packet is internally generated by PGG (by armor.c) to
+ * transfer some information to the lower layer.  To make sure that
+ * this packet is really a GPG faked one and not one comming from outside,
+ * we first check that tehre is a unique tag in it.
+ * The format of such a control packet is:
+ *   n byte  session marker
+ *   1 byte  control type CTRLPKT_xxxxx
+ *   m byte  control data
+ */
+
+static int
+parse_gpg_control( IOBUF inp,
+                   int pkttype, unsigned long pktlen, PACKET *packet )
+{
+    byte *p;
+    const byte *sesmark;
+    size_t sesmarklen;
+    int i;
+
+    if ( list_mode )
+        printf(":packet 63: length %lu ",  pktlen);
+
+    sesmark = get_session_marker ( &sesmarklen );
+    if ( pktlen < sesmarklen+1 ) /* 1 is for the control bytes */
+        goto skipit;
+    for( i=0; i < sesmarklen; i++, pktlen-- ) {
+	if ( sesmark[i] != iobuf_get_noeof(inp) )
+            goto skipit;
+    }
+    if ( list_mode )
+        puts ("- gpg control packet");
+
+    packet->pkt.gpg_control = m_alloc(sizeof *packet->pkt.gpg_control
+                                      + pktlen - 1);
+    packet->pkt.gpg_control->control = iobuf_get_noeof(inp); pktlen--;
+    packet->pkt.gpg_control->datalen = pktlen;
+    p = packet->pkt.gpg_control->data;
+    for( ; pktlen; pktlen--, p++ )
+	*p = iobuf_get_noeof(inp);
+
     return 0;
+
+ skipit:
+    if ( list_mode ) {
+        int c;
+
+        i=0;
+        printf("- private (rest length %lu)\n",  pktlen);
+        if( iobuf_in_block_mode(inp) ) {
+            while( (c=iobuf_get(inp)) != -1 )
+                dump_hex_line(c, &i);
+        }
+        else {
+            for( ; pktlen; pktlen-- )
+                dump_hex_line(iobuf_get(inp), &i);
+        }
+        putchar('\n');
+    }
+    skip_rest(inp,pktlen);
+    return G10ERR_INVALID_PACKET;
 }
 
+/* create a gpg control packet to be used internally as a placeholder */
+PACKET *
+create_gpg_control( ctrlpkttype_t type, const byte *data, size_t datalen )
+{
+    PACKET *packet;
+    byte *p;
+
+    packet = m_alloc( sizeof *packet );
+    init_packet(packet);
+    packet->pkttype = PKT_GPG_CONTROL;
+    packet->pkt.gpg_control = m_alloc(sizeof *packet->pkt.gpg_control
+                                      + datalen - 1);
+    packet->pkt.gpg_control->control = type;
+    packet->pkt.gpg_control->datalen = datalen;
+    p = packet->pkt.gpg_control->data;
+    for( ; datalen; datalen--, p++ )
+	*p = *data++;
+
+    return packet;
+}
diff --git a/g10/passphrase.c b/g10/passphrase.c
index 6b06df72e..c8ebad620 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -1,5 +1,5 @@
 /* passphrase.c -  Get a passphrase
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -19,26 +19,60 @@
  */
 
 #include <config.h>
+#include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <stddef.h>
 #include <string.h>
 #include <unistd.h>
 #include <assert.h>
+#if !defined(HAVE_DOSISH_SYSTEM) && !defined(__riscos__)
 #include <sys/socket.h>
 #include <sys/un.h>
-#include <unistd.h>
+#endif
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+# include <windows.h>
+#endif
 #include <errno.h>
+#ifdef HAVE_LOCALE_H
+#include <locale.h>
+#endif
 
-#include <gcrypt.h>
 #include "util.h"
+#include "memory.h"
 #include "options.h"
 #include "ttyio.h"
+#include "cipher.h"
 #include "keydb.h"
 #include "main.h"
 #include "i18n.h"
 #include "status.h"
-#include "gpga-prot.h"
+
+
+enum gpga_protocol_codes {
+    /* Request codes */
+    GPGA_PROT_GET_VERSION     = 1,
+    GPGA_PROT_GET_PASSPHRASE  = 2,
+    GPGA_PROT_CLEAR_PASSPHRASE= 3,
+    GPGA_PROT_SHUTDOWN        = 4,
+    GPGA_PROT_FLUSH           = 5,
+
+    /* Reply codes */
+    GPGA_PROT_REPLY_BASE     = 0x10000,
+    GPGA_PROT_OKAY           = 0x10001,
+    GPGA_PROT_GOT_PASSPHRASE = 0x10002,
+
+    /* Error codes */
+    GPGA_PROT_ERROR_BASE     = 0x20000,
+    GPGA_PROT_PROTOCOL_ERROR = 0x20001,
+    GPGA_PROT_INVALID_REQUEST= 0x20002,
+    GPGA_PROT_CANCELED       = 0x20003,    
+    GPGA_PROT_NO_PASSPHRASE  = 0x20004,    
+    GPGA_PROT_BAD_PASSPHRASE = 0x20005,
+    GPGA_PROT_INVALID_DATA   = 0x20006,
+    GPGA_PROT_NOT_IMPLEMENTED= 0x20007,
+    GPGA_PROT_UI_PROBLEM     = 0x20008
+};
+
 
 #define buftou32( p )  ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \
 		       (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3)))
@@ -49,11 +83,25 @@
 			    ((byte*)p)[3] = (byte)((a) 	    );	\
 			} while(0)
 
+#define digitp(p)   (*(p) >= '0' && *(p) <= '9')
+#define hexdigitp(a) (digitp (a)                     \
+                      || (*(a) >= 'A' && *(a) <= 'F')  \
+                      || (*(a) >= 'a' && *(a) <= 'f'))
+#define xtoi_1(p)   (*(p) <= '9'? (*(p)- '0'): \
+                     *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
+#define xtoi_2(p)   ((xtoi_1(p) * 16) + xtoi_1((p)+1))
+
+
 
 static char *fd_passwd = NULL;
 static char *next_pw = NULL;
 static char *last_pw = NULL;
 
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+static int read_fd = 0;
+static int write_fd = 0;
+#endif
+
 static void hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create );
 
 int
@@ -71,10 +119,10 @@ have_static_passphrase()
 void
 set_next_passphrase( const char *s )
 {
-    gcry_free(next_pw);
+    m_free(next_pw);
     next_pw = NULL;
     if( s ) {
-	next_pw = gcry_xmalloc_secure( strlen(s)+1 );
+	next_pw = m_alloc_secure( strlen(s)+1 );
 	strcpy(next_pw, s );
     }
 }
@@ -101,7 +149,6 @@ read_passphrase_from_fd( int fd )
 
     if ( opt.use_agent ) 
         return;  /* not used here */
-        
 
     if( !opt.batch )
 	tty_printf("Reading passphrase from file descriptor %d ...", fd );
@@ -109,7 +156,7 @@ read_passphrase_from_fd( int fd )
 	if( i >= len-1 ) {
 	    char *pw2 = pw;
 	    len += 100;
-	    pw = gcry_xmalloc_secure( len );
+	    pw = m_alloc_secure( len );
 	    if( pw2 )
 		memcpy(pw, pw2, i );
 	    else
@@ -122,16 +169,33 @@ read_passphrase_from_fd( int fd )
     if( !opt.batch )
 	tty_printf("\b\b\b   \n" );
 
-    gcry_free( fd_passwd );
+    m_free( fd_passwd );
     fd_passwd = pw;
 }
 
-
 static int
 writen ( int fd, const void *buf, size_t nbytes )
 {
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+    DWORD nwritten, nleft = nbytes;
+    
+    while (nleft > 0) {
+    	if ( !WriteFile( (HANDLE)write_fd, buf, nleft, &nwritten, NULL) ) {
+    		log_error("write failed: ec=%d\n", (int)GetLastError());
+    		return -1;
+    	}
+    	/*log_info("** WriteFile fd=%d nytes=%d nwritten=%d\n",
+    		 write_fd, nbytes, (int)nwritten);*/
+    	Sleep(100);
+    	
+    	nleft -= nwritten;
+    	buf = (const BYTE *)buf + nwritten;
+    }
+#elif defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
+    /* not implemented */
+#else
     size_t nleft = nbytes;
-    ssize_t nwritten;
+    int nwritten;
 
     while( nleft > 0 ) {
         nwritten = write( fd, buf, nleft );
@@ -139,13 +203,15 @@ writen ( int fd, const void *buf, size_t nbytes )
             if ( errno == EINTR )
                 nwritten = 0;
             else {
-                log_error ( "writen() failed: %s\n", strerror (errno) );
+                log_error ( "write() failed: %s\n", strerror (errno) );
                 return -1;
             }
         }
         nleft -= nwritten;
         buf = (const char*)buf + nwritten;
     }
+#endif
+    
     return 0;
 }
 
@@ -153,6 +219,29 @@ writen ( int fd, const void *buf, size_t nbytes )
 static int
 readn ( int fd, void *buf, size_t buflen, size_t *ret_nread )
 {
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+    DWORD nread, nleft = buflen;
+    
+    while (nleft > 0) {
+    	if ( !ReadFile( (HANDLE)read_fd, buf, nleft, &nread, NULL) ) {
+            log_error("read() error: ec=%d\n", (int)GetLastError());
+            return -1;
+    	}
+    	if (!nread || GetLastError() == ERROR_BROKEN_PIPE)
+            break;
+    	/*log_info("** ReadFile fd=%d buflen=%d nread=%d\n",
+          read_fd, buflen, (int)nread);*/
+    	Sleep(100);
+    	
+    	nleft -= nread;
+    	buf = (BYTE *)buf + nread;
+    }    	
+    if (ret_nread)
+    	*ret_nread = buflen - nleft;
+
+#elif defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
+    /* not implemented */
+#else
     size_t nleft = buflen;
     int nread;
     char *p;
@@ -175,9 +264,161 @@ readn ( int fd, void *buf, size_t buflen, size_t *ret_nread )
     }
     if( ret_nread )
         *ret_nread = buflen - nleft;
+#endif
+    
     return 0;
 }
 
+/* read an entire line */
+static int
+readline (int fd, char *buf, size_t buflen)
+{
+  size_t nleft = buflen;
+  char *p;
+  int nread = 0;
+
+  while (nleft > 0)
+    {
+      int n = read (fd, buf, nleft);
+      if (n < 0)
+        {
+          if (errno == EINTR)
+            continue;
+          return -1; /* read error */
+        }
+      else if (!n)
+        {
+          return -1; /* incomplete line */
+        }
+      p = buf;
+      nleft -= n;
+      buf += n;
+      nread += n;
+      
+      for (; n && *p != '\n'; n--, p++)
+        ;
+      if (n)
+        {
+          break; /* at least one full line available - that's enough.
+                    This function is just a temporary hack until we use
+                    the assuna lib in gpg.  So it is okay to forget
+                    about pending bytes */
+        }
+    }
+
+  return nread; 
+}
+
+
+
+#if !defined (__riscos__)
+
+#if !defined (__MINGW32__) && !defined (__CYGWIN32__)
+/* For the new Assuan protocol we may have to send options */
+static int
+agent_send_option (int fd, const char *name, const char *value)
+{
+  char buf[200];
+  int nread;
+  char *line;
+  int i; 
+  
+  line = m_alloc (7 + strlen (name) + 1 + strlen (value) + 2);
+  strcpy (stpcpy (stpcpy (stpcpy (
+                     stpcpy (line, "OPTION "), name), "="), value), "\n");
+  i = writen (fd, line, strlen (line));
+  m_free (line);
+  if (i)
+    return -1;
+  
+  /* get response */
+  nread = readline (fd, buf, DIM(buf)-1);
+  if (nread < 3)
+    return -1;
+  
+  if (buf[0] == 'O' && buf[1] == 'K' && (buf[2] == ' ' || buf[2] == '\n')) 
+    return 0; /* okay */
+
+  return -1;
+}
+
+static int 
+agent_send_all_options (int fd)
+{
+  char *dft_display = NULL;
+  char *dft_ttyname = NULL;
+  char *dft_ttytype = NULL;
+  char *old_lc = NULL;
+  char *dft_lc = NULL;
+  int rc = 0;
+
+  dft_display = getenv ("DISPLAY");
+  if (opt.display || dft_display)
+    {
+      if (agent_send_option (fd, "display",
+                             opt.display ? opt.display : dft_display))
+        return -1;
+    }
+
+  if (!opt.ttyname && ttyname (1))
+    dft_ttyname = ttyname (1);
+  if (opt.ttyname || dft_ttyname)
+    {
+      if (agent_send_option (fd, "ttyname",
+                             opt.ttyname ? opt.ttyname : dft_ttyname))
+        return -1;
+    }
+
+  dft_ttytype = getenv ("TERM");
+  if (opt.ttytype || (dft_ttyname && dft_ttytype))
+    {
+      if (agent_send_option (fd, "ttytype",
+                             opt.ttyname ? opt.ttytype : dft_ttytype))
+        return -1;
+    }
+
+#if defined(HAVE_SETLOCALE) && defined(LC_CTYPE)
+  old_lc = setlocale (LC_CTYPE, NULL);
+  if (old_lc)
+    old_lc = m_strdup (old_lc);
+  dft_lc = setlocale (LC_CTYPE, "");
+#endif
+  if (opt.lc_ctype || (dft_ttyname && dft_lc))
+    {
+      rc = agent_send_option (fd, "lc-ctype",
+                              opt.lc_ctype ? opt.lc_ctype : dft_lc);
+    }
+#if defined(HAVE_SETLOCALE) && defined(LC_CTYPE)
+  if (old_lc)
+    {
+      setlocale (LC_CTYPE, old_lc);
+      m_free (old_lc);
+    }
+#endif
+  if (rc)
+    return rc;
+
+#if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES)
+  old_lc = setlocale (LC_MESSAGES, NULL);
+  if (old_lc)
+    old_lc = m_strdup (old_lc);
+  dft_lc = setlocale (LC_MESSAGES, "");
+#endif
+  if (opt.lc_messages || (dft_ttyname && dft_lc))
+    {
+      rc = agent_send_option (fd, "lc-messages",
+                              opt.lc_messages ? opt.lc_messages : dft_lc);
+    }
+#if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES)
+  if (old_lc)
+    {
+      setlocale (LC_MESSAGES, old_lc);
+      m_free (old_lc);
+    }
+#endif
+  return rc;
+}
+#endif /*!__MINGW32__ && !__CYGWIN32__*/
 
 
 /*
@@ -186,33 +427,101 @@ readn ( int fd, void *buf, size_t buflen, size_t *ret_nread )
  */
 
 static int
-agent_open ()
+agent_open (int *ret_prot)
 {
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+    int fd;
+    char *infostr, *p;
+    HANDLE h;
+    char pidstr[128];
+
+    *ret_prot = 0;
+    if ( !(infostr = read_w32_registry_string(NULL, "Software\\GNU\\GnuPG",
+                                              "agentPID")) 
+         || *infostr == '0') {
+    	log_error( _("gpg-agent is not available in this session\n"));
+    	return -1;
+    }
+    free(infostr);
+    
+    sprintf(pidstr, "%u", (unsigned int)GetCurrentProcessId());
+    if (write_w32_registry_string(NULL, "Software\\GNU\\GnuPG",
+                                  "agentCID", pidstr)) {
+        log_error( _("can't set client pid for the agent\n") );
+        return -1;
+    }
+    h = OpenEvent(EVENT_ALL_ACCESS, FALSE, "gpg_agent");
+    SetEvent(h);
+    Sleep(50); /* some time for the server */ 
+    if ( !(p = read_w32_registry_string(NULL, "Software\\GNU\\GnuPG",
+                                        "agentReadFD")) ) {
+    	log_error( _("can't get server read FD for the agent\n") );
+    	return -1;
+    }
+    read_fd = atol(p);
+    free(p);    
+    if ( !(p = read_w32_registry_string(NULL, "Software\\GNU\\GnuPG",
+                                        "agentWriteFD")) ) {
+    	log_error ( _("can't get server write FD for the agent\n") );
+    	return -1;
+    }
+    write_fd = atol(p);
+    free(p);
+    fd = 0;
+
+    if ( writen ( fd, "GPGA\0\0\0\x01", 8 ) ) {
+        fd = -1;
+    }
+#else /* Posix */
+
     int fd;
     char *infostr, *p;
     struct sockaddr_un client_addr;
     size_t len;
+    int prot;
+
+    if (opt.gpg_agent_info)
+      infostr = m_strdup (opt.gpg_agent_info);
+    else
+      {
+        infostr = getenv ( "GPG_AGENT_INFO" );
+        if ( !infostr ) {
+          log_error (_("gpg-agent is not available in this session\n"));
+          opt.use_agent = 0;
+          return -1;
+        }
+        infostr = m_strdup ( infostr );
+      }
 
-    infostr = getenv ( "GPG_AGENT_INFO" );
-    if ( !infostr ) {
-        log_error (_("gpg-agent is not available in this session\n"));
-        return -1;
-    }
-    infostr = gcry_xstrdup ( infostr );
     if ( !(p = strchr ( infostr, ':')) || p == infostr
          || (p-infostr)+1 >= sizeof client_addr.sun_path ) {
-        log_error (_("malformed GPG_AGENT_INFO environment variable\n"));
-        gcry_free (infostr );
+        log_error( _("malformed GPG_AGENT_INFO environment variable\n"));
+        m_free (infostr );
+        opt.use_agent = 0;
         return -1;
     }
-    *p = 0;
-        
+    *p++ = 0;
+    /* See whether this is the new gpg-agent using the Assuna protocl.
+       This agent identifies itself by have an info string with a
+       version number in the 3rd field. */
+    while (*p && *p != ':')
+      p++;
+    prot = *p? atoi (p+1) : 0;
+    if ( prot < 0 || prot > 1) {
+        log_error (_("gpg-agent protocol version %d is not supported\n"),prot);
+        m_free (infostr );
+        opt.use_agent = 0;
+        return -1;
+    }
+    *ret_prot = prot;
+       
     if( (fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1 ) {
         log_error ("can't create socket: %s\n", strerror(errno) );
-        gcry_free (infostr );
+        m_free (infostr );
+        opt.use_agent = 0;
         return -1;
     }
-
+    
     memset( &client_addr, 0, sizeof client_addr );
     client_addr.sun_family = AF_UNIX;
     strcpy( client_addr.sun_path, infostr );
@@ -222,24 +531,57 @@ agent_open ()
     if( connect( fd, (struct sockaddr*)&client_addr, len ) == -1 ) {
         log_error ( _("can't connect to `%s': %s\n"), 
                     infostr, strerror (errno) );
-        gcry_free (infostr );
+        m_free (infostr );
         close (fd );
+        opt.use_agent = 0;
         return -1;
     }
-    gcry_free (infostr);
+    m_free (infostr);
 
-    if ( writen ( fd, "GPGA\0\0\0\x01", 8 ) ) {
+    if (!prot) {
+        if ( writen ( fd, "GPGA\0\0\0\x01", 8 ) ) {
+          close (fd);
+          fd = -1;
+        }
+    }
+    else { /* assuan based gpg-agent */
+      char line[200];
+      int nread;
+
+      nread = readline (fd, line, DIM(line));
+      if (nread < 3 || !(line[0] == 'O' && line[1] == 'K'
+                         && (line[2] == '\n' || line[2] == ' ')) ) {
+        log_error ( _("communication problem with gpg-agent\n"));
+        close (fd );
+        opt.use_agent = 0;
+        return -1;
+      }
+
+      if (agent_send_all_options (fd)) {
+        log_error (_("problem with the agent - disabling agent use\n"));
         close (fd);
-        fd = -1;
+        opt.use_agent = 0;
+        return -1;
+      }
+        
     }
+#endif
+
     return fd;
 }
 
+
 static void
 agent_close ( int fd )
 {
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+    HANDLE h = OpenEvent(EVENT_ALL_ACCESS, FALSE, "gpg_agent");
+    ResetEvent(h);
+#else
     close (fd);
+#endif
 }
+#endif /* !__riscos__ */
 
 
 
@@ -250,210 +592,345 @@ agent_close ( int fd )
  *      2:  Ditto, but change the text to "repeat entry"
  */
 static char *
-agent_get_passphrase ( u32 *keyid, int mode )
+agent_get_passphrase ( u32 *keyid, int mode, const char *tryagain_text )
 {
-    size_t n;
-    char *atext;
-    char buf[50];
-    int fd = -1;
-    int nread;
-    u32 reply;
-    char *pw = NULL;
-    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-    byte fpr[MAX_FINGERPRINT_LEN];
+#if defined(__riscos__)
+  return NULL;
+#else
+  size_t n;
+  char *atext;
+  char buf[50];
+  int fd = -1;
+  int nread;
+  u32 reply;
+  char *pw = NULL;
+  PKT_public_key *pk = m_alloc_clear( sizeof *pk );
+  byte fpr[MAX_FINGERPRINT_LEN];
+  int prot;
 
 #if MAX_FINGERPRINT_LEN < 20
-  #error agent needs a 20 byte fingerprint
+#error agent needs a 20 byte fingerprint
 #endif
 
-    memset (fpr, 0, MAX_FINGERPRINT_LEN );
-    if( keyid && get_pubkey( pk, keyid ) )
-        pk = NULL; /* oops: no key for some reason */
-
-    if ( !mode && pk ) { 
-        char *uid;
-        size_t uidlen;
-        const char *algo_name = gcry_pk_algo_name( pk->pubkey_algo );
-        const char *timestr;
-        char *maink;
-        const char *fmtstr;
-     
-        if ( !algo_name )
-            algo_name = "?";
-   
-        fmtstr = _(" (main key ID %08lX)");
-        maink = gcry_xmalloc ( strlen (fmtstr) + 20 );
-        if( keyid[2] && keyid[3] && keyid[0] != keyid[2] 
-            && keyid[1] != keyid[3] )
-            sprintf( maink, fmtstr, (ulong)keyid[3] );
-        else
-            *maink = 0;
-
-        uid = get_user_id( keyid, &uidlen ); 
-        timestr = strtimestamp (pk->timestamp);
-        fmtstr = _("You need a passphrase to unlock the"
-                   " secret key for user:\n"
-                   "\"%.*s\"\n"
-                   "%u-bit %s key, ID %08lX, created %s%s\n" );
-        atext = gcry_xmalloc ( 100 + strlen (fmtstr)  
-                               + uidlen + 15 + strlen(algo_name) + 8
-                               + strlen (timestr) + strlen (maink) );
-        sprintf (atext, fmtstr,
-                 uidlen, uid,
-                 nbits_from_pk (pk), algo_name, (ulong)keyid[1], timestr,
-                 maink  );
-        gcry_free (uid);
-        gcry_free (maink);
-
-        { 
-            size_t dummy;
-            fingerprint_from_pk( pk, fpr, &dummy );
-        }
-        
+  memset (fpr, 0, MAX_FINGERPRINT_LEN );
+  if( keyid && get_pubkey( pk, keyid ) )
+    pk = NULL; /* oops: no key for some reason */
+  
+  if ( !mode && pk )
+    { 
+      char *uid;
+      size_t uidlen;
+      const char *algo_name = pubkey_algo_to_string ( pk->pubkey_algo );
+      const char *timestr;
+      char *maink;
+      const char *fmtstr;
+      
+      if ( !algo_name )
+        algo_name = "?";
+      
+      fmtstr = _(" (main key ID %08lX)");
+      maink = m_alloc ( strlen (fmtstr) + 20 );
+      if( keyid[2] && keyid[3] && keyid[0] != keyid[2] 
+          && keyid[1] != keyid[3] )
+        sprintf( maink, fmtstr, (ulong)keyid[3] );
+      else
+        *maink = 0;
+      
+      uid = get_user_id( keyid, &uidlen ); 
+      timestr = strtimestamp (pk->timestamp);
+      fmtstr = _("You need a passphrase to unlock the"
+                 " secret key for user:\n"
+                 "\"%.*s\"\n"
+                 "%u-bit %s key, ID %08lX, created %s%s\n" );
+      atext = m_alloc ( 100 + strlen (fmtstr)  
+                        + uidlen + 15 + strlen(algo_name) + 8
+                        + strlen (timestr) + strlen (maink) );
+      sprintf (atext, fmtstr,
+               uidlen, uid,
+               nbits_from_pk (pk), algo_name, (ulong)keyid[1], timestr,
+               maink  );
+      m_free (uid);
+      m_free (maink);
+      
+      { 
+        size_t dummy;
+        fingerprint_from_pk( pk, fpr, &dummy );
+      }
+      
     }
-    else if (mode == 1 ) 
-        atext = gcry_xstrdup ( _("Enter passphrase\n") );
-    else 
-        atext = gcry_xstrdup ( _("Repeat passphrase\n") );
-
-        
-        
-    if ( (fd = agent_open ()) == -1 ) 
+  else if (mode == 1 ) 
+    atext = m_strdup ( _("Enter passphrase\n") );
+  else 
+    atext = m_strdup ( _("Repeat passphrase\n") );
+                
+  if ( (fd = agent_open (&prot)) == -1 ) 
+    goto failure;
+
+  if (!prot)
+    { /* old style protocol */
+      n = 4 + 20 + strlen (atext);
+      u32tobuf (buf, n );
+      u32tobuf (buf+4, GPGA_PROT_GET_PASSPHRASE );
+      memcpy (buf+8, fpr, 20 );
+      if ( writen ( fd, buf, 28 ) || writen ( fd, atext, strlen (atext) ) ) 
         goto failure;
-
-
-    n = 4 + 20 + strlen (atext);
-    u32tobuf (buf, n );
-    u32tobuf (buf+4, GPGA_PROT_GET_PASSPHRASE );
-    memcpy (buf+8, fpr, 20 );
-    if ( writen ( fd, buf, 28 ) || writen ( fd, atext, strlen (atext) ) ) 
-        goto failure;
-    gcry_free (atext); atext = NULL;
-
-    /* get response */
-    if ( readn ( fd, buf, 12, &nread ) ) 
+      m_free (atext); atext = NULL;
+      
+      /* get response */
+      if ( readn ( fd, buf, 12, &nread ) ) 
         goto failure;
-
-    if ( nread < 8 ) {
-        log_error ( _("response from agent too short\n") );
-        goto failure;
-    }
-    n = buftou32 ( buf );
-    reply = buftou32 ( buf + 4 );
-    if ( reply == GPGA_PROT_GOT_PASSPHRASE ) {
-        size_t pwlen;
-        size_t nn;
-
-        if ( nread < 12 || n < 8 ) {
-            log_error ( _("response from agent too short\n") );
-            goto failure;
+      
+      if ( nread < 8 ) 
+        {
+          log_error ( "response from agent too short\n" );
+          goto failure;
         }
-        pwlen = buftou32 ( buf + 8 );
-        nread -= 12;
-        n -= 8;
-        if ( pwlen > n || n > 1000 ) {
-            log_error (_("passphrase too long\n"));
-            /* or protocol error */
-            goto failure;
-        }
-        /* we read the whole block in one chunk to give no hints
-         * on how long the passhrase actually is - this wastes some bytes
-         * but because we already have this padding we should not loosen
-         * the by issuing 2 read calls */
-        pw = gcry_xmalloc_secure ( n+1 );
-        if ( readn ( fd, pw, n, &nn ) )
+      n = buftou32 ( buf );
+      reply = buftou32 ( buf + 4 );
+      if ( reply == GPGA_PROT_GOT_PASSPHRASE ) 
+        {
+          size_t pwlen;
+          size_t nn;
+          
+          if ( nread < 12 || n < 8 ) 
+            {
+              log_error ( "response from agent too short\n" );
+              goto failure;
+            }
+          pwlen = buftou32 ( buf + 8 );
+          nread -= 12;
+          n -= 8;
+          if ( pwlen > n || n > 1000 ) 
+            {
+              log_error (_("passphrase too long\n"));
+              /* or protocol error */
+              goto failure;
+            }
+          /* we read the whole block in one chunk to give no hints
+           * on how long the passhrase actually is - this wastes some bytes
+           * but because we already have this padding we should not loosen
+           * this by issuing 2 read calls */
+          pw = m_alloc_secure ( n+1 );
+          if ( readn ( fd, pw, n, &nn ) )
             goto failure;
-        if ( n != nn ) {
-            log_error (_("invalid response from agent\n"));
-            goto failure;           
+          if ( n != nn ) 
+            {
+              log_error (_("invalid response from agent\n"));
+              goto failure;           
+            }
+          pw[pwlen] = 0; /* make a C String */
+          agent_close (fd);
+          free_public_key( pk );
+          return pw;
         }
-        pw[pwlen] = 0; /* make a C String */
-        agent_close (fd);
-        free_public_key( pk );
-        return pw;
-    }
-    else if ( reply == GPGA_PROT_CANCELED ) {
+      else if ( reply == GPGA_PROT_CANCELED ) 
         log_info ( _("cancelled by user\n") );
-    }
-    else {
+      else 
         log_error ( _("problem with the agent: agent returns 0x%lx\n"),
-                      (ulong)reply );
+                    (ulong)reply );
     }
+  else
+    { /* The new Assuan protocol */
+      char *line, *p;
+      int i; 
+
+      if (!tryagain_text)
+        tryagain_text = "X";
+
+      /* We allocate 2 time the needed space for atext so that there
+         is nenough space for escaping */
+      line = m_alloc (15 + 46 
+                      +  3*strlen (tryagain_text) + 3*strlen (atext) + 2);
+      strcpy (line, "GET_PASSPHRASE ");
+      p = line+15;
+      if (!mode)
+        {
+          for (i=0; i < 20; i++, p +=2 )
+            sprintf (p, "%02X", fpr[i]);
+        }
+      else
+        *p++ = 'X'; /* no caching */
+      *p++ = ' ';
+      for (i=0; tryagain_text[i]; i++)
+        {
+          if (tryagain_text[i] < ' ' || tryagain_text[i] == '+')
+            {
+              sprintf (p, "%%%02X", tryagain_text[i]);
+              p += 3;
+            }
+          else if (tryagain_text[i] == ' ')
+            *p++ = '+';
+          else
+            *p++ = tryagain_text[i];
+        }
+      *p++ = ' ';
+      *p++ = 'X'; /* Use the standard prompt */
+      *p++ = ' ';
+      /* copy description */
+      for (i=0; atext[i]; i++)
+        {
+          if (atext[i] < ' ' || atext[i] == '+')
+            {
+              sprintf (p, "%%%02X", atext[i]);
+              p += 3;
+            }
+          else if (atext[i] == ' ')
+            *p++ = '+';
+          else
+            *p++ = atext[i];
+        }
+      *p++ = '\n';
+      i = writen (fd, line, p - line);
+      m_free (line);
+      if (i)
+        goto failure;
+      m_free (atext); atext = NULL;
+      
+      /* get response */
+      pw = m_alloc_secure (500);
+      nread = readline (fd, pw, 499);
+      if (nread < 3)
+        goto failure;
+      
+      if (pw[0] == 'O' && pw[1] == 'K' && pw[2] == ' ') 
+        { /* we got a passphrase - convert it back from hex */
+          size_t pwlen = 0;
+
+          for (i=3; i < nread && hexdigitp (pw+i); i+=2)
+            pw[pwlen++] = xtoi_2 (pw+i);
+          pw[pwlen] = 0; /* make a C String */
+          agent_close (fd);
+          free_public_key( pk );
+          return pw;
+        }
+      else if (nread > 7 && !memcmp (pw, "ERR 111", 7)
+               && (pw[7] == ' ' || pw[7] == '\n') ) 
+        log_info (_("cancelled by user\n") );
+      else 
+        {
+          log_error (_("problem with the agent - disabling agent use\n"));
+          opt.use_agent = 0;
+        }
+    }
+      
         
-        
-  failure:
-    gcry_free (atext);
-    if ( fd != -1 )
-        agent_close (fd);
-    gcry_free (pw );
-    free_public_key( pk );
-
-    return NULL;
+ failure:
+  m_free (atext);
+  if ( fd != -1 )
+    agent_close (fd);
+  m_free (pw );
+  free_public_key( pk );
+  
+  return NULL;
+#endif /* Posix or W32 */
 }
 
-
 /*
- * Reste the cached passphrase
+ * Clear the cached passphrase
  */
 void
 passphrase_clear_cache ( u32 *keyid, int algo )
 {
-    size_t n;
-    char buf[50];
-    int fd = -1;
-    int nread;
-    u32 reply;
-    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-    byte fpr[MAX_FINGERPRINT_LEN];
-    
+#if defined(__riscos__)
+  return ;
+#else
+  size_t n;
+  char buf[200];
+  int fd = -1;
+  size_t nread;
+  u32 reply;
+  PKT_public_key *pk;
+  byte fpr[MAX_FINGERPRINT_LEN];
+  int prot;
+  
 #if MAX_FINGERPRINT_LEN < 20
 #error agent needs a 20 byte fingerprint
 #endif
     
-    memset (fpr, 0, MAX_FINGERPRINT_LEN );
-    if( !keyid || get_pubkey( pk, keyid ) ) {
-        log_debug ("oops, no key in passphrase_clear_cache\n");
-        goto failure; /* oops: no key for some reason */
-    }
-    
+  if (!opt.use_agent)
+    return;
+  
+  pk = m_alloc_clear ( sizeof *pk );
+  memset (fpr, 0, MAX_FINGERPRINT_LEN );
+  if( !keyid || get_pubkey( pk, keyid ) )
     {
-        size_t dummy;
-        fingerprint_from_pk( pk, fpr, &dummy );
+      log_debug ("oops, no key in passphrase_clear_cache\n");
+      goto failure; /* oops: no key for some reason */
     }
+  
+  {
+    size_t dummy;
+    fingerprint_from_pk( pk, fpr, &dummy );
+  }
     
-    if ( (fd = agent_open ()) == -1 ) 
+  if ( (fd = agent_open (&prot)) == -1 ) 
+    goto failure;
+
+  if (!prot)
+    {
+      n = 4 + 20;
+      u32tobuf (buf, n );
+      u32tobuf (buf+4, GPGA_PROT_CLEAR_PASSPHRASE );
+      memcpy (buf+8, fpr, 20 );
+      if ( writen ( fd, buf, 28 ) )  
         goto failure;
-    
-    n = 4 + 20;
-    u32tobuf (buf, n );
-    u32tobuf (buf+4, GPGA_PROT_CLEAR_PASSPHRASE );
-    memcpy (buf+8, fpr, 20 );
-    if ( writen ( fd, buf, 28 ) )  
+      
+      /* get response */
+      if ( readn ( fd, buf, 8, &nread ) ) 
         goto failure;
-    
-    /* get response */
-    if ( readn ( fd, buf, 8, &nread ) ) 
-        goto failure;
-    
-    if ( nread < 8 ) {
-        log_error ( _("response from agent too short\n") );
+      
+      if ( nread < 8 ) {
+        log_error ( "response from agent too short\n" );
         goto failure;
+      }
+      
+      reply = buftou32 ( buf + 4 );
+      if ( reply != GPGA_PROT_OKAY && reply != GPGA_PROT_NO_PASSPHRASE )
+        {
+          log_error ( _("problem with the agent: agent returns 0x%lx\n"),
+                      (ulong)reply );
+        }
     }
-    
-    reply = buftou32 ( buf + 4 );
-    if ( reply != GPGA_PROT_OKAY && reply != GPGA_PROT_NO_PASSPHRASE ) {
-        log_error ( _("problem with the agent: agent returns 0x%lx\n"),
-                    (ulong)reply );
+  else 
+    { /* The assuan protocol */
+      char *line, *p;
+      int i; 
+
+      line = m_alloc (17 + 40 + 2);
+      strcpy (line, "CLEAR_PASSPHRASE ");
+      p = line+17;
+      for (i=0; i < 20; i++, p +=2 )
+        sprintf (p, "%02X", fpr[i]);
+      *p++ = '\n';
+      i = writen (fd, line, p - line);
+      m_free (line);
+      if (i)
+        goto failure;
+      
+      /* get response */
+      nread = readline (fd, buf, DIM(buf)-1);
+      if (nread < 3)
+        goto failure;
+      
+      if (buf[0] == 'O' && buf[1] == 'K' && (buf[2] == ' ' || buf[2] == '\n')) 
+        ;
+      else 
+        {
+          log_error (_("problem with the agent - disabling agent use\n"));
+          opt.use_agent = 0;
+        }
     }
         
-        
-  failure:
-    if ( fd != -1 )
-        agent_close (fd);
-    free_public_key( pk );
+ failure:
+  if (fd != -1)
+    agent_close (fd);
+  free_public_key( pk );
+#endif /* Posix or W32 */
 }
 
 
+
+
 /****************
  * Get a passphrase for the secret key with KEYID, display TEXT
  * if the user needs to enter the passphrase.
@@ -467,31 +944,49 @@ passphrase_clear_cache ( u32 *keyid, int algo )
  */
 DEK *
 passphrase_to_dek( u32 *keyid, int pubkey_algo,
-		   int cipher_algo, STRING2KEY *s2k, int mode )
+		   int cipher_algo, STRING2KEY *s2k, int mode,
+                   const char *tryagain_text)
 {
     char *pw = NULL;
     DEK *dek;
     STRING2KEY help_s2k;
 
     if( !s2k ) {
+        /* This is used for the old rfc1991 mode 
+         * Note: This must match the code in encode.c with opt.rfc1991 set */
+        int algo = opt.def_digest_algo ? opt.def_digest_algo
+                                       : opt.s2k_digest_algo;
+
 	s2k = &help_s2k;
 	s2k->mode = 0;
-	/* this should be MD5 if cipher is IDEA, but because we do
-	 * not have IDEA, we use the default one, the user
-	 * can select it from the commandline
-	 */
-	s2k->hash_algo = opt.def_digest_algo?opt.def_digest_algo
-					    :DEFAULT_DIGEST_ALGO;
+	s2k->hash_algo = algo;
     }
 
     if( !next_pw && is_status_enabled() ) {
 	char buf[50];
+
 	if( keyid ) {
-	    sprintf( buf, "%08lX%08lX", (ulong)keyid[0], (ulong)keyid[1] );
-	    if( keyid[2] && keyid[3] && keyid[0] != keyid[2]
-				     && keyid[1] != keyid[3] )
-		sprintf( buf+strlen(buf), " %08lX%08lX %d 0",
-			   (ulong)keyid[2], (ulong)keyid[3], pubkey_algo );
+            u32 used_kid[2];
+            char *us;
+
+	    if( keyid[2] && keyid[3] ) {
+                used_kid[0] = keyid[2];
+                used_kid[1] = keyid[3];
+            }
+            else {
+                used_kid[0] = keyid[0];
+                used_kid[1] = keyid[1];
+            }
+
+            us = get_long_user_id_string( keyid );
+            write_status_text( STATUS_USERID_HINT, us );
+            m_free(us);
+
+	    sprintf( buf, "%08lX%08lX %08lX%08lX %d 0",
+                     (ulong)keyid[0], (ulong)keyid[1],
+                     (ulong)used_kid[0], (ulong)used_kid[1],
+                     pubkey_algo );
+                     
 	    write_status_text( STATUS_NEED_PASSPHRASE, buf );
 	}
 	else {
@@ -501,7 +996,7 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
     }
 
     if( keyid && !opt.batch && !next_pw ) {
-	PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
+	PKT_public_key *pk = m_alloc_clear( sizeof *pk );
 	size_t n;
 	char *p;
 
@@ -509,11 +1004,11 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
 		     "user: \"") );
 	p = get_user_id( keyid, &n );
 	tty_print_utf8_string( p, n );
-	gcry_free(p);
+	m_free(p);
 	tty_printf("\"\n");
 
 	if( !get_pubkey( pk, keyid ) ) {
-	    const char *s = gcry_pk_algo_name( pk->pubkey_algo );
+	    const char *s = pubkey_algo_to_string( pk->pubkey_algo );
 	    tty_printf( _("%u-bit %s key, ID %08lX, created %s"),
 		       nbits_from_pk( pk ), s?s:"?", (ulong)keyid[1],
 		       strtimestamp(pk->timestamp) );
@@ -527,33 +1022,46 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
 	free_public_key( pk );
     }
 
+ agent_died:
     if( next_pw ) {
 	pw = next_pw;
 	next_pw = NULL;
     }
     else if ( opt.use_agent ) {
-	pw = agent_get_passphrase ( keyid, mode == 2? 1: 0 );
-        if ( !pw )
-            pw = gcry_xstrdup ("");
+	pw = agent_get_passphrase ( keyid, mode == 2? 1: 0, tryagain_text );
+        if (!pw)
+          {
+            if (!opt.use_agent)
+              goto agent_died;
+            pw = m_strdup ("");
+          }
         if( *pw && mode == 2 ) {
-	    char *pw2 = agent_get_passphrase ( keyid, 2 );
-            if ( !pw2 )
-                pw2 = gcry_xstrdup ("");
+	    char *pw2 = agent_get_passphrase ( keyid, 2, NULL );
+            if (!pw2)
+              {
+                if (!opt.use_agent)
+                  {
+                    m_free (pw);
+                    pw = NULL;
+                    goto agent_died;
+                  }
+                pw2 = m_strdup ("");
+              }
 	    if( strcmp(pw, pw2) ) {
-		gcry_free(pw2);
-		gcry_free(pw);
+		m_free(pw2);
+		m_free(pw);
 		return NULL;
 	    }
-	    gcry_free(pw2);
+	    m_free(pw2);
 	}
     }
     else if( fd_passwd ) {
-	pw = gcry_xmalloc_secure( strlen(fd_passwd)+1 );
+	pw = m_alloc_secure( strlen(fd_passwd)+1 );
 	strcpy( pw, fd_passwd );
     }
     else if( opt.batch ) {
 	log_error(_("can't query password in batchmode\n"));
-	pw = gcry_xstrdup( "" ); /* return an empty passphrase */
+	pw = m_strdup( "" ); /* return an empty passphrase */
     }
     else {
 	pw = cpr_get_hidden("passphrase.enter", _("Enter passphrase: ") );
@@ -563,24 +1071,24 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
 				       _("Repeat passphrase: ") );
 	    tty_kill_prompt();
 	    if( strcmp(pw, pw2) ) {
-		gcry_free(pw2);
-		gcry_free(pw);
+		m_free(pw2);
+		m_free(pw);
 		return NULL;
 	    }
-	    gcry_free(pw2);
+	    m_free(pw2);
 	}
     }
 
     if( !pw || !*pw )
 	write_status( STATUS_MISSING_PASSPHRASE );
 
-    dek = gcry_xmalloc_secure( sizeof *dek );
+    dek = m_alloc_secure_clear ( sizeof *dek );
     dek->algo = cipher_algo;
     if( !*pw && mode == 2 )
 	dek->keylen = 0;
     else
 	hash_passphrase( dek, pw, s2k, mode==2 );
-    gcry_free(last_pw);
+    m_free(last_pw);
     last_pw = pw;
     return dek;
 }
@@ -594,24 +1102,28 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
 static void
 hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
 {
-    GCRY_MD_HD md;
+    MD_HANDLE md;
     int pass, i;
     int used = 0;
     int pwlen = strlen(pw);
 
     assert( s2k->hash_algo );
-    dek->keylen = gcry_cipher_get_algo_keylen( dek->algo );
+    dek->keylen = cipher_get_keylen( dek->algo ) / 8;
     if( !(dek->keylen > 0 && dek->keylen <= DIM(dek->key)) )
 	BUG();
 
-    if( !(md = gcry_md_open( s2k->hash_algo, GCRY_MD_FLAG_SECURE )) )
-	BUG();
-
+    md = md_open( s2k->hash_algo, 1);
     for(pass=0; used < dek->keylen ; pass++ ) {
 	if( pass ) {
-	    gcry_md_reset(md);
+	    if( (opt.emulate_bugs & EMUBUG_3DESS2K)) {
+		int tmp = md->finalized;
+		md_reset( md );
+		md->finalized = tmp;
+	    }
+	    else
+		md_reset(md);
 	    for(i=0; i < pass; i++ ) /* preset the hash context */
-		gcry_md_putc(md, 0 );
+		md_putc(md, 0 );
 	}
 
 	if( s2k->mode == 1 || s2k->mode == 3 ) {
@@ -619,7 +1131,7 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
 	    ulong count = len2;
 
 	    if( create && !pass ) {
-		gcry_randomize(s2k->salt, 8, GCRY_STRONG_RANDOM );
+		randomize_buffer(s2k->salt, 8, 1);
 		if( s2k->mode == 3 )
 		    s2k->count = 96; /* 65536 iterations */
 	    }
@@ -631,27 +1143,27 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
 	    }
 	    /* a little bit complicated because we need a ulong for count */
 	    while( count > len2 ) { /* maybe iterated+salted */
-		gcry_md_write( md, s2k->salt, 8 );
-		gcry_md_write( md, pw, pwlen );
+		md_write( md, s2k->salt, 8 );
+		md_write( md, pw, pwlen );
 		count -= len2;
 	    }
 	    if( count < 8 )
-		gcry_md_write( md, s2k->salt, count );
+		md_write( md, s2k->salt, count );
 	    else {
-		gcry_md_write( md, s2k->salt, 8 );
+		md_write( md, s2k->salt, 8 );
 		count -= 8;
-		gcry_md_write( md, pw, count );
+                md_write( md, pw, count );
 	    }
 	}
 	else
-	    gcry_md_write( md, pw, pwlen );
-	gcry_md_final( md );
-	i = gcry_md_get_algo_dlen( s2k->hash_algo );
+	    md_write( md, pw, pwlen );
+	md_final( md );
+	i = md_digest_length( s2k->hash_algo );
 	if( i > dek->keylen - used )
 	    i = dek->keylen - used;
-	memcpy( dek->key+used, gcry_md_read(md, s2k->hash_algo), i );
+	memcpy( dek->key+used, md_read(md, s2k->hash_algo), i );
 	used += i;
     }
-    gcry_md_close(md);
+    md_close(md);
 }
 
diff --git a/g10/photoid.c b/g10/photoid.c
new file mode 100644
index 000000000..66240ecc2
--- /dev/null
+++ b/g10/photoid.c
@@ -0,0 +1,320 @@
+/* photoid.c - photo ID handling code
+ * Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+#ifdef HAVE_DOSISH_SYSTEM
+#include <windows.h>
+#endif
+#include "packet.h"
+#include "status.h"
+#include "exec.h"
+#include "keydb.h"
+#include "util.h"
+#include "i18n.h"
+#include "iobuf.h"
+#include "memory.h"
+#include "options.h"
+#include "main.h"
+#include "photoid.h"
+
+/* Generate a new photo id packet, or return NULL if canceled */
+PKT_user_id *generate_photo_id(PKT_public_key *pk)
+{
+  PKT_user_id *uid;
+  int error=1,i;
+  unsigned int len;
+  char *filename=NULL;
+  byte *photo=NULL;
+  byte header[16];
+  IOBUF file;
+
+  header[0]=0x10; /* little side of photo header length */
+  header[1]=0;    /* big side of photo header length */
+  header[2]=1;    /* 1 == version of photo header */
+  header[3]=1;    /* 1 == JPEG */
+
+  for(i=4;i<16;i++) /* The reserved bytes */
+    header[i]=0;
+
+  uid=m_alloc_clear(sizeof(*uid)+50);
+
+  printf(_("\nPick an image to use for your photo ID.  "
+	   "The image must be a JPEG file.\n"
+	   "Remember that the image is stored within your public key.  "
+	   "If you use a\n"
+	   "very large picture, your key will become very large as well!\n"
+	   "Keeping the image close to 240x288 is a good size to use.\n"));
+
+  while(photo==NULL)
+    {
+      printf("\n");
+
+      m_free(filename);
+
+      filename=cpr_get("photoid.jpeg.add",
+		       _("Enter JPEG filename for photo ID: "));
+
+      if(strlen(filename)==0)
+	goto scram;
+
+      file=iobuf_open(filename);
+      if(!file)
+	{
+	  log_error(_("Unable to open photo \"%s\": %s\n"),
+		    filename,strerror(errno));
+	  continue;
+	}
+
+      len=iobuf_get_filelength(file);
+      if(len>6144)
+	{
+	  printf("This JPEG is really large (%d bytes) !\n",len);
+	  if(!cpr_get_answer_is_yes("photoid.jpeg.size",
+			    _("Are you sure you want to use it (y/N)? ")))
+	  {
+	    iobuf_close(file);
+	    continue;
+	  }
+	}
+
+      photo=m_alloc(len);
+      iobuf_read(file,photo,len);
+      iobuf_close(file);
+
+      /* Is it a JPEG? */
+      if(photo[0]!=0xFF || photo[1]!=0xD8 ||
+	 photo[6]!='J' || photo[7]!='F' || photo[8]!='I' || photo[9]!='F')
+	{
+	  log_error(_("\"%s\" is not a JPEG file\n"),filename);
+	  m_free(photo);
+	  photo=NULL;
+	  continue;
+	}
+
+      /* Build the packet */
+      build_attribute_subpkt(uid,1,photo,len,header,16);
+      parse_attribute_subpkts(uid);
+      make_attribute_uidname(uid);
+
+      /* Showing the photo is not safe when noninteractive since the
+         "user" may not be able to dismiss a viewer window! */
+      if(opt.command_fd==-1)
+	{
+	  show_photos(uid->attribs,uid->numattribs,pk,NULL);
+	  switch(cpr_get_answer_yes_no_quit("photoid.jpeg.okay",
+					 _("Is this photo correct (y/N/q)? ")))
+	    {
+	    case -1:
+	      goto scram;
+	    case 0:
+	      free_attributes(uid);
+	      m_free(photo);
+	      photo=NULL;
+	      continue;
+	    }
+	}
+    }
+
+  error=0;
+  uid->ref=1;
+
+ scram:
+  m_free(filename);
+  m_free(photo);
+
+  if(error)
+    {
+      free_attributes(uid);
+      m_free(uid);
+      return NULL;
+    }
+
+  return uid;
+}
+
+/* Returns 0 for error, 1 for valid */
+int parse_image_header(const struct user_attribute *attr,byte *type,u32 *len)
+{
+  int headerlen;
+
+  if(attr->len<3)
+    return 0;
+
+  /* For historical reasons (i.e. "oops!"), the header length is
+     little endian. */
+  headerlen=(attr->data[1]<<8) | attr->data[0];
+
+  if(headerlen>attr->len)
+    return 0;
+
+  if(type && attr->len>=4)
+    {
+      if(attr->data[2]==1) /* header version 1 */
+	*type=attr->data[3];
+      else
+	*type=0;
+    }
+
+  *len=attr->len-headerlen;
+
+  if(*len==0)
+    return 0;
+
+  return 1;
+}
+
+/* style==0 for extension, 1 for name, 2 for MIME type.  Remember that
+   the "name" style string could be used in a user ID name field, so
+   make sure it is not too big (see
+   parse-packet.c:parse_attribute). */
+char *image_type_to_string(byte type,int style)
+{
+  char *string;
+
+  switch(type)
+    {
+    case 1: /* jpeg */
+      if(style==0)
+	string="jpg";
+      else if(style==1)
+	string="jpeg";
+      else
+	string="image/jpeg";
+      break;
+
+    default:
+      if(style==0)
+	string="bin";
+      else if(style==1)
+	string="unknown";
+      else
+	string="image/x-unknown";
+      break;
+    }
+
+  return string;
+}
+
+static const char *get_default_photo_command(void)
+{
+#if defined(HAVE_DOSISH_SYSTEM)
+  OSVERSIONINFO osvi;
+
+  memset(&osvi,0,sizeof(osvi));
+  osvi.dwOSVersionInfoSize=sizeof(osvi);
+  GetVersionEx(&osvi);
+
+  if(osvi.dwPlatformId==VER_PLATFORM_WIN32_WINDOWS)
+    return "start /w %i";
+  else
+    return "cmd /c start /w %i";
+#elif defined(__APPLE__)
+  /* OS X.  This really needs more than just __APPLE__. */
+  return "open %I";
+#elif defined(__riscos__)
+  return "Filer_Run %I";
+#else
+  return "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin";
+#endif
+}
+
+void show_photos(const struct user_attribute *attrs,
+		 int count,PKT_public_key *pk,PKT_secret_key *sk)
+{
+  int i;
+  struct expando_args args;
+  u32 len;
+  u32 kid[2]={0,0};
+
+  memset(&args,0,sizeof(args));
+  args.pk=pk;
+  args.sk=sk;
+
+  if(pk)
+    keyid_from_pk(pk,kid);
+  else if(sk)
+    keyid_from_sk(sk,kid);
+
+  for(i=0;i<count;i++)
+    if(attrs[i].type==ATTRIB_IMAGE &&
+       parse_image_header(&attrs[i],&args.imagetype,&len))
+      {
+	char *command,*name;
+	struct exec_info *spawn;
+	int offset=attrs[i].len-len;
+
+	if(!opt.photo_viewer)
+	  opt.photo_viewer=get_default_photo_command();
+
+	/* make command grow */
+	command=pct_expando(opt.photo_viewer,&args);
+	if(!command)
+	  goto fail;
+
+	name=m_alloc(16+strlen(EXTSEP_S)+
+		     strlen(image_type_to_string(args.imagetype,0))+1);
+
+	/* Make the filename.  Notice we are not using the image
+           encoding type for more than cosmetics.  Most external image
+           viewers can handle a multitude of types, and even if one
+           cannot understand a partcular type, we have no way to know
+           which.  The spec permits this, by the way. -dms */
+
+#ifdef USE_ONLY_8DOT3
+	sprintf(name,"%08lX" EXTSEP_S "%s",(ulong)kid[1],
+		image_type_to_string(args.imagetype,0));
+#else
+	sprintf(name,"%08lX%08lX" EXTSEP_S "%s",(ulong)kid[0],(ulong)kid[1],
+		image_type_to_string(args.imagetype,0));
+#endif
+
+	if(exec_write(&spawn,NULL,command,name,1,1)!=0)
+	  {
+	    m_free(name);
+	    goto fail;
+	  }
+
+#ifdef __riscos__
+        riscos_set_filetype(spawn->tempfile_in,
+                            image_type_to_string(args.imagetype,2));
+#endif
+
+	m_free(name);
+
+	fwrite(&attrs[i].data[offset],attrs[i].len-offset,1,spawn->tochild);
+
+	if(exec_read(spawn)!=0)
+	  {
+	    exec_finish(spawn);
+	    goto fail;
+	  }
+
+	if(exec_finish(spawn)!=0)
+	  goto fail;
+      }
+
+  return;
+
+ fail:
+  log_error("unable to display photo ID!\n");
+}
diff --git a/g10/photoid.h b/g10/photoid.h
new file mode 100644
index 000000000..45d104f8c
--- /dev/null
+++ b/g10/photoid.h
@@ -0,0 +1,14 @@
+/* Photo ID functions */
+
+#ifndef _PHOTOID_H_
+#define _PHOTOID_H_
+
+#include "packet.h"
+
+PKT_user_id *generate_photo_id(PKT_public_key *pk);
+int parse_image_header(const struct user_attribute *attr,byte *type,u32 *len);
+char *image_type_to_string(byte type,int style);
+void show_photos(const struct user_attribute *attrs,
+		 int count,PKT_public_key *pk,PKT_secret_key *sk);
+
+#endif /* !_PHOTOID_H_ */
diff --git a/g10/pipemode.c b/g10/pipemode.c
new file mode 100644
index 000000000..f3351277e
--- /dev/null
+++ b/g10/pipemode.c
@@ -0,0 +1,317 @@
+/* pipemode.c - pipemode handler
+ * Copyright (C) 1998, 1990, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include "options.h"
+#include "packet.h"
+#include "errors.h"
+#include "iobuf.h"
+#include "keydb.h"
+#include "memory.h"
+#include "util.h"
+#include "main.h"
+#include "status.h"
+#include "filter.h"
+
+
+#define CONTROL_PACKET_SPACE 30 
+#define FAKED_LITERAL_PACKET_SPACE (9+2+2)
+
+
+enum pipemode_state_e {
+    STX_init = 0,
+    STX_wait_operation,
+    STX_begin,
+    STX_text,
+    STX_detached_signature,
+    STX_detached_signature_wait_text,
+    STX_signed_data,
+    STX_wait_init
+};
+
+struct pipemode_context_s {
+    enum pipemode_state_e state;
+    int operation;
+    int stop;
+    int block_mode;
+    UnarmorPump unarmor_ctx;
+};
+
+
+static size_t
+make_control ( byte *buf, int code, int operation )
+{
+    const byte *sesmark;
+    size_t sesmarklen, n=0;;
+
+    sesmark = get_session_marker( &sesmarklen );
+    if ( sesmarklen > 20 )
+        BUG();
+
+    buf[n++] = 0xff; /* new format, type 63, 1 length byte */
+    n++;   /* length will fixed below */
+    memcpy(buf+n, sesmark, sesmarklen ); n+= sesmarklen;
+    buf[n++] = CTRLPKT_PIPEMODE;    
+    buf[n++] = code;
+    buf[n++] = operation;
+    buf[1] = n-2;
+    return n;
+}
+
+
+
+static int
+pipemode_filter( void *opaque, int control,
+	         IOBUF a, byte *buf, size_t *ret_len)
+{ 
+    size_t size = *ret_len;
+    struct pipemode_context_s *stx = opaque;
+    int rc=0;
+    size_t n = 0;
+    int esc = 0;
+
+    if( control == IOBUFCTRL_UNDERFLOW ) {
+        *ret_len = 0;
+        /* reserve some space for one control packet */
+        if ( size <= CONTROL_PACKET_SPACE+FAKED_LITERAL_PACKET_SPACE )
+            BUG();
+        size -= CONTROL_PACKET_SPACE+FAKED_LITERAL_PACKET_SPACE;
+
+        if ( stx->block_mode ) {
+            /* reserve 2 bytes for the block length */
+            buf[n++] = 0;
+            buf[n++] = 0;
+        }
+            
+
+        while ( n < size ) {
+            /* FIXME: we have to make sure that we have a large enough
+             * buffer for a control packet even after we already read 
+             * something. The easest way to do this is probably by ungetting
+             * the control sequence and returning the buffer we have
+             * already assembled */
+            int c = iobuf_get (a);
+            if (c == -1) {
+                if ( stx->state != STX_init ) {
+                    log_error ("EOF encountered at wrong state\n");
+                    stx->stop = 1;
+                    return -1;
+                }
+                break;
+            }
+            if ( esc ) {
+                switch (c) {
+                  case '@':  
+                    if ( stx->state == STX_text ) {
+                        buf[n++] = c;
+                        break;
+                    }
+                    else if ( stx->state == STX_detached_signature ) {
+                        esc = 0;
+                        goto do_unarmor; /* not a very elegant solution */
+                    }
+                    else if ( stx->state == STX_detached_signature_wait_text) {
+                        esc = 0;
+                        break; /* just ignore it in this state */
+                    }
+                    log_error ("@@ not allowed in current state\n");
+                    return -1;
+                  case '<': /* begin of stream part */
+                    if ( stx->state != STX_init ) {
+                        log_error ("nested begin of stream\n");
+                        stx->stop = 1;
+                        return -1;
+                    }
+                    stx->state = STX_wait_operation;
+                    stx->block_mode = 0;
+                    unarmor_pump_release (stx->unarmor_ctx);
+                    stx->unarmor_ctx = NULL;
+                    break;
+                   case '>': /* end of stream part */
+                     if ( stx->state != STX_wait_init ) {
+                        log_error ("invalid state for @>\n");
+                        stx->stop = 1;
+                        return -1;
+                    }
+                    stx->state = STX_init;
+                    break;
+                  case 'V': /* operation = verify */
+                  case 'E': /* operation = encrypt */
+                  case 'S': /* operation = sign */
+                  case 'B': /* operation = detach sign */
+                  case 'C': /* operation = clearsign */
+                  case 'D': /* operation = decrypt */
+                    if ( stx->state != STX_wait_operation ) {
+                        log_error ("invalid state for operation code\n");
+                        stx->stop = 1;
+                        return -1;
+                    }
+                    stx->operation = c;
+                    if ( stx->operation == 'B') {
+                        stx->state = STX_detached_signature;
+                        if ( !opt.no_armor )
+                            stx->unarmor_ctx = unarmor_pump_new ();
+                    }
+                    else
+                        stx->state = STX_begin;
+                    n += make_control ( buf+n, 1, stx->operation );
+                    /* must leave after a control packet */
+                    goto leave;
+
+                  case 't': /* plaintext text follows */
+                    if ( stx->state == STX_detached_signature_wait_text ) 
+                        stx->state = STX_detached_signature;
+                    if ( stx->state == STX_detached_signature ) {
+                        if ( stx->operation != 'B' ) {
+                            log_error ("invalid operation for this state\n");
+                            stx->stop = 1;
+                            return -1;
+                        }
+                        stx->state = STX_signed_data;
+                        n += make_control ( buf+n, 2, 'B' );
+                        /* and now we fake a literal data packet much the same
+                         * as in armor.c */
+                        buf[n++] = 0xaf; /* old packet format, type 11,
+                                            var length */
+                        buf[n++] = 0;	 /* set the length header */
+                        buf[n++] = 6;
+                        buf[n++] = 'b';  /* we ignore it anyway */
+                        buf[n++] = 0;	 /* namelength */
+                        memset(buf+n, 0, 4); /* timestamp */
+                        n += 4;
+                        /* and return now so that we are sure to have
+                         * more space in the bufer for the next control
+                         * packet */
+                        stx->block_mode = 1;
+                        goto leave2;
+                    }
+                    else {
+                        log_error ("invalid state for @t\n");
+                        stx->stop = 1;
+                        return -1;
+                    }
+                    break;
+
+                  case '.': /* ready */
+                    if ( stx->state == STX_signed_data ) { 
+                        if (stx->block_mode) {
+                            buf[0] = (n-2) >> 8;
+                            buf[1] = (n-2);
+                            if ( buf[0] || buf[1] ) {
+                                /* end of blocks marker */
+                                buf[n++] = 0;
+                                buf[n++] = 0;
+                            }
+                            stx->block_mode = 0;
+                        }
+                        n += make_control ( buf+n, 3, 'B' );
+                    }
+                    else {
+                        log_error ("invalid state for @.\n");
+                        stx->stop = 1;
+                        return -1;
+                    }
+                    stx->state = STX_wait_init;
+                    goto leave;
+
+                 default:      
+                    log_error ("invalid escape sequence 0x%02x in stream\n",
+                               c);
+                    stx->stop = 1;
+                    return -1;
+                }
+                esc = 0;
+            }
+            else if (c == '@') 
+                esc = 1;
+            else if (stx->unarmor_ctx) {
+          do_unarmor: /* used to handle a @@ */
+                c = unarmor_pump (stx->unarmor_ctx, c);
+                if ( !(c & ~255) )
+                    buf[n++] = c;
+                else if ( c < 0 ) {
+                    /* end of armor or error - we don't care becuase
+                      the armor can be modified anyway.  The unarmored
+                      stuff should stand for itself. */ 
+                    unarmor_pump_release (stx->unarmor_ctx);
+                    stx->unarmor_ctx = NULL;
+                    stx->state = STX_detached_signature_wait_text;
+                }
+            }
+            else if (stx->state == STX_detached_signature_wait_text)
+                ; /* just wait */
+            else
+                buf[n++] = c; 
+        }
+
+      leave:      
+        if ( !n ) {
+            stx->stop = 1;
+            rc = -1; /* eof */
+        }
+        if ( stx->block_mode ) {
+            /* fixup the block length */
+            buf[0] = (n-2) >> 8;
+            buf[1] = (n-2);
+        }
+      leave2:
+        /*log_hexdump ("pipemode:", buf, n );*/
+	*ret_len = n;
+    }
+    else if( control == IOBUFCTRL_DESC )
+	*(char**)buf = "pipemode_filter";
+    return rc;
+}
+
+
+
+void
+run_in_pipemode(void)
+{
+    IOBUF fp;
+    armor_filter_context_t afx;
+    struct pipemode_context_s stx;
+    int rc;
+
+    memset( &afx, 0, sizeof afx);
+    memset( &stx, 0, sizeof stx);
+
+    fp = iobuf_open("-");
+    iobuf_push_filter (fp, pipemode_filter, &stx );
+
+    do {
+        write_status (STATUS_BEGIN_STREAM);
+        rc = proc_packets( NULL, fp );
+        write_status (STATUS_END_STREAM);
+    } while ( !stx.stop );
+  
+}
+
+
+
+
+
+
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 1170c4088..671b56879 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -1,5 +1,5 @@
 /* pkclist.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,77 +25,21 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "options.h"
 #include "packet.h"
 #include "errors.h"
 #include "keydb.h"
+#include "memory.h"
 #include "util.h"
+#include "main.h"
 #include "trustdb.h"
 #include "ttyio.h"
 #include "status.h"
 #include "i18n.h"
-#include "main.h"
 
 
 #define CONTROL_D ('D' - 'A' + 1)
 
-/* fixme: we have nearly the same code in keyedit.c */
-static void
-print_fpr( PKT_public_key *pk )
-{
-    byte array[MAX_FINGERPRINT_LEN], *p;
-    size_t i, n;
-
-    fingerprint_from_pk( pk, array, &n );
-    p = array;
-    /* Translators: this shoud fit into 24 bytes to that the fingerprint
-     * data is properly aligned with the user ID */
-    tty_printf(_("             Fingerprint:"));
-    if( n == 20 ) {
-	for(i=0; i < n ; i++, i++, p += 2 ) {
-	    if( i == 10 )
-		tty_printf(" ");
-	    tty_printf(" %02X%02X", *p, p[1] );
-	}
-    }
-    else {
-	for(i=0; i < n ; i++, p++ ) {
-	    if( i && !(i%8) )
-		tty_printf(" ");
-	    tty_printf(" %02X", *p );
-	}
-    }
-    tty_printf("\n");
-}
-
-static void
-fpr_info( PKT_public_key *pk )
-{
-    byte array[MAX_FINGERPRINT_LEN], *p;
-    size_t i, n;
-    FILE *fp = log_stream();
-
-    fingerprint_from_pk( pk, array, &n );
-    p = array;
-    log_info(_("Fingerprint:"));
-    if( n == 20 ) {
-	for(i=0; i < n ; i++, i++, p += 2 ) {
-	    if( i == 10 )
-		putc(' ', fp);
-	    fprintf(fp, " %02X%02X", *p, p[1] );
-	}
-    }
-    else {
-	for(i=0; i < n ; i++, p++ ) {
-	    if( i && !(i%8) )
-		putc(' ', fp);
-	    fprintf(fp, " %02X", *p );
-	}
-    }
-    putc('\n', fp );
-}
-
 
 /****************
  * Show the revocation reason as it is stored with the given signature
@@ -108,15 +52,15 @@ do_show_revocation_reason( PKT_signature *sig )
     int seq = 0;
     const char *text;
 
-    while( (p = enum_sig_subpkt( sig->hashed_data, SIGSUBPKT_REVOC_REASON,
-				 &n, &seq )) ) {
+    while( (p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_REVOC_REASON,
+				 &n, &seq, NULL )) ) {
 	if( !n )
 	    continue; /* invalid - just skip it */
 
 	if( *p == 0 )
 	    text = _("No reason specified");
 	else if( *p == 0x01 )
-	    text = _("Key is superseeded");
+	    text = _("Key is superseded");
 	else if( *p == 0x02 )
 	    text = _("Key has been compromised");
 	else if( *p == 0x03 )
@@ -126,7 +70,7 @@ do_show_revocation_reason( PKT_signature *sig )
 	else
 	    text = NULL;
 
-	log_info( _("Reason for revocation: ") );
+	log_info( _("reason for revocation: ") );
 	if( text )
 	    fputs( text, log_stream() );
 	else
@@ -143,7 +87,7 @@ do_show_revocation_reason( PKT_signature *sig )
 	    if( n ) {
 		pp = memchr( p, '\n', n );
 		nn = pp? pp - p : n;
-		log_info( _("Revocation comment: ") );
+		log_info( _("revocation comment: ") );
 		print_string( log_stream(), p, nn, 0 );
 		putc( '\n', log_stream() );
 		p += nn; n -= nn;
@@ -152,18 +96,20 @@ do_show_revocation_reason( PKT_signature *sig )
     }
 }
 
+/* Mode 0: try and find the revocation based on the pk (i.e. check
+   subkeys, etc.)  Mode 1: use only the revocation on the main pk */
 
-static void
-show_revocation_reason( PKT_public_key *pk )
+void
+show_revocation_reason( PKT_public_key *pk, int mode )
 {
     /* Hmmm, this is not so easy becuase we have to duplicate the code
      * used in the trustbd to calculate the keyflags.  We need to find
-     * a clean way to check revocation certificates on keys and signatures.
-     * And there should be no duplicate code.  Because we enter this function
-     * only when the trustdb toldus, taht we have a revoked key, we could
-     * simplylook for a revocation cert and display this one, when there is
-     * only one. Let's try to do this until we have a better solution.
-     */
+     * a clean way to check revocation certificates on keys and
+     * signatures.  And there should be no duplicate code.  Because we
+     * enter this function only when the trustdb told us that we have
+     * a revoked key, we could simply look for a revocation cert and
+     * display this one, when there is only one. Let's try to do this
+     * until we have a better solution.  */
     KBNODE node, keyblock = NULL;
     byte fingerprint[MAX_FINGERPRINT_LEN];
     size_t fingerlen;
@@ -178,9 +124,10 @@ show_revocation_reason( PKT_public_key *pk )
     }
 
     for( node=keyblock; node; node = node->next ) {
-	if( ( node->pkt->pkttype == PKT_PUBLIC_KEY
+        if( (mode && node->pkt->pkttype == PKT_PUBLIC_KEY) ||
+	  ( ( node->pkt->pkttype == PKT_PUBLIC_KEY
 	      || node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
-	    && !cmp_public_keys( node->pkt->pkt.public_key, pk ) )
+	    && !cmp_public_keys( node->pkt->pkt.public_key, pk ) ) )
 	    break;
     }
     if( !node ) {
@@ -197,16 +144,23 @@ show_revocation_reason( PKT_public_key *pk )
 		|| node->pkt->pkt.signature->sig_class == 0x28 ) ) {
 		/* FIXME: we should check the signature here */
 		do_show_revocation_reason ( node->pkt->pkt.signature );
+		break;
 	}
     }
 
+    /* We didn't find it, so check if the whole key is revoked */
+    if(!node && !mode)
+      show_revocation_reason(pk,1);
+
     release_kbnode( keyblock );
 }
 
 
 static void
-show_paths( ulong lid, int only_first )
+show_paths (const PKT_public_key *pk, int only_first )
 {
+    log_debug("not yet implemented\n");
+#if 0    
     void *context = NULL;
     unsigned otrust, validity;
     int last_level, level;
@@ -224,16 +178,17 @@ show_paths( ulong lid, int only_first )
 	last_level = level;
 
 	rc = keyid_from_lid( lid, keyid );
+
 	if( rc ) {
 	    log_error("ooops: can't get keyid for lid %lu\n", lid);
 	    return;
 	}
 
-	pk = gcry_xcalloc( 1, sizeof *pk );
+	pk = m_alloc_clear( sizeof *pk );
 	rc = get_pubkey( pk, keyid );
 	if( rc ) {
 	    log_error("key %08lX: public key not found: %s\n",
-				    (ulong)keyid[1], gpg_errstr(rc) );
+				    (ulong)keyid[1], g10_errstr(rc) );
 	    return;
 	}
 
@@ -257,11 +212,12 @@ show_paths( ulong lid, int only_first )
 
 	p = get_user_id( keyid, &n );
 	tty_print_utf8_string( p, n ),
-	gcry_free(p);
+	m_free(p);
 	tty_printf("\"\n");
 	free_public_key( pk );
     }
     enum_cert_paths( &context, NULL, NULL, NULL ); /* release context */
+#endif
     tty_printf("\n");
 }
 
@@ -269,207 +225,192 @@ show_paths( ulong lid, int only_first )
 
 
 /****************
- * Returns true if an ownertrust has changed.
+ * mode: 0 = standard
+ *       1 = Without key info and additional menu option 'm'
+ *           this does also add an option to set the key to ultimately trusted.
+ * Returns: 
+ *      -2 = nothing changed - caller should show some additional info
+ *      -1 = quit operation
+ *       0 = nothing changed
+ *       1 = new ownertrust now in new_trust
  */
 static int
-do_edit_ownertrust( ulong lid, int mode, unsigned *new_trust, int defer_help )
+do_edit_ownertrust (PKT_public_key *pk, int mode,
+                    unsigned *new_trust, int defer_help )
 {
-    char *p;
-    int rc;
-    size_t n;
-    u32 keyid[2];
-    PKT_public_key *pk ;
-    int changed=0;
-    int quit=0;
-    int show=0;
-    int did_help=defer_help;
-
-    rc = keyid_from_lid( lid, keyid );
-    if( rc ) {
-	log_error("ooops: can't get keyid for lid %lu\n", lid);
-	return 0;
-    }
-
-    pk = gcry_xcalloc( 1, sizeof *pk );
-    rc = get_pubkey( pk, keyid );
-    if( rc ) {
-	log_error("key %08lX: public key not found: %s\n",
-				(ulong)keyid[1], gpg_errstr(rc) );
-	return 0;
-    }
-
-
-    for(;;) {
-	/* a string with valid answers */
-	const char *ans = _("sSmMqQ");
-
-	if( !did_help ) {
-	    if( !mode ) {
-		tty_printf(_("No trust value assigned to %lu:\n"
-			   "%4u%c/%08lX %s \""), lid,
-			  nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
-			  (ulong)keyid[1], datestr_from_pk( pk ) );
-		p = get_user_id( keyid, &n );
-		tty_print_utf8_string( p, n ),
-		gcry_free(p);
-		tty_printf("\"\n");
-		print_fpr( pk );
-		tty_printf("\n");
-	    }
-	    tty_printf(_(
-"Please decide how far you trust this user to correctly\n"
-"verify other users' keys (by looking at passports,\n"
-"checking fingerprints from different sources...)?\n\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n") );
-	    if( mode )
-		tty_printf(_(" m = back to the main menu\n"));
-	    else
-		tty_printf(_(" q = quit\n"));
-	    tty_printf("\n");
-	    did_help = 1;
-	}
-	if( strlen(ans) != 6 )
-	    BUG();
-	p = cpr_get("edit_ownertrust.value",_("Your decision? "));
-	trim_spaces(p);
-	cpr_kill_prompt();
-	if( !*p )
-	    did_help = 0;
-	else if( *p && p[1] )
-	    ;
-	else if( !p[1] && (*p >= '1' && *p <= '4') ) {
-	    unsigned trust;
-	    switch( *p ) {
-	      case '1': trust = TRUST_UNDEFINED; break;
-	      case '2': trust = TRUST_NEVER    ; break;
-	      case '3': trust = TRUST_MARGINAL ; break;
-	      case '4': trust = TRUST_FULLY    ; break;
-	      default: BUG();
-	    }
-	    *new_trust = trust;
-	    changed = 1;
-	    break;
-	}
-	else if( *p == ans[0] || *p == ans[1] ) {
-	    tty_printf(_(
-		"Certificates leading to an ultimately trusted key:\n"));
-	    show = 1;
-	    break;
-	}
-	else if( mode && (*p == ans[2] || *p == ans[3] || *p == CONTROL_D ) ) {
-	    break ; /* back to the menu */
-	}
-	else if( !mode && (*p == ans[4] || *p == ans[5] ) ) {
-	    quit = 1;
-	    break ; /* back to the menu */
-	}
-	gcry_free(p); p = NULL;
-    }
-    gcry_free(p);
-    gcry_free(pk);
-    return show? -2: quit? -1 : changed;
+  char *p;
+  size_t n;
+  u32 keyid[2];
+  int changed=0;
+  int quit=0;
+  int show=0;
+  int did_help=defer_help;
+
+  keyid_from_pk (pk, keyid);
+  for(;;) {
+    /* a string with valid answers */
+    const char *ans = _("iImMqQsS");
+
+    if( !did_help ) 
+      {
+        if( !mode ) 
+          {
+            tty_printf(_("No trust value assigned to:\n"
+                         "%4u%c/%08lX %s \""),
+                       nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
+                       (ulong)keyid[1], datestr_from_pk( pk ) );
+            p = get_user_id( keyid, &n );
+            tty_print_utf8_string( p, n ),
+              m_free(p);
+            tty_printf("\"\n");
+            print_fingerprint (pk, NULL, 2);
+            tty_printf("\n");
+          }
+        tty_printf (_(
+                     "Please decide how far you trust this user to correctly\n"
+                     "verify other users' keys (by looking at passports,\n"
+                     "checking fingerprints from different sources...)?\n\n"));
+        tty_printf (_(" %d = Don't know\n"), 1);
+        tty_printf (_(" %d = I do NOT trust\n"), 2);
+        tty_printf (_(" %d = I trust marginally\n"), 3);
+        tty_printf (_(" %d = I trust fully\n"), 4);
+        if (mode)
+          tty_printf (_(" %d = I trust ultimately\n"), 5);
+        tty_printf (_(" i = please show me more information\n") );
+        if( mode )
+          tty_printf(_(" m = back to the main menu\n"));
+        else
+	  {
+	    tty_printf(_(" s = skip this key\n"));
+	    tty_printf(_(" q = quit\n"));
+	  }
+        tty_printf("\n");
+        did_help = 1;
+      }
+    if( strlen(ans) != 8 )
+      BUG();
+    p = cpr_get("edit_ownertrust.value",_("Your decision? "));
+    trim_spaces(p);
+    cpr_kill_prompt();
+    if( !*p )
+      did_help = 0;
+    else if( *p && p[1] )
+      ;
+    else if( !p[1] && (*p >= '1' && *p <= (mode?'5':'4')) ) 
+      {
+        unsigned int trust;
+        switch( *p )
+          {
+          case '1': trust = TRUST_UNDEFINED; break;
+          case '2': trust = TRUST_NEVER    ; break;
+          case '3': trust = TRUST_MARGINAL ; break;
+          case '4': trust = TRUST_FULLY    ; break;
+          case '5': trust = TRUST_ULTIMATE ; break;
+          default: BUG();
+          }
+        if (trust == TRUST_ULTIMATE
+            && !cpr_get_answer_is_yes ("edit_ownertrust.set_ultimate.okay",
+                                       _("Do you really want to set this key"
+                                         " to ultimate trust? ")))
+          ; /* no */
+        else
+          {
+            *new_trust = trust;
+            changed = 1;
+            break;
+          }
+      }
+    else if( *p == ans[0] || *p == ans[1] ) 
+      {
+        tty_printf(_("Certificates leading to an ultimately trusted key:\n"));
+        show = 1;
+        break;
+      }
+    else if( mode && (*p == ans[2] || *p == ans[3] || *p == CONTROL_D ) ) 
+      {
+        break ; /* back to the menu */
+      }
+    else if( !mode && (*p == ans[6] || *p == ans[7] ) )
+      {
+	break; /* skip */
+      }
+    else if( !mode && (*p == ans[4] || *p == ans[5] ) )
+      {
+        quit = 1;
+        break ; /* back to the menu */
+      }
+    m_free(p); p = NULL;
+  }
+  m_free(p);
+  return show? -2: quit? -1 : changed;
 }
 
-
+/* 
+ * Display a menu to change the ownertrust of the key PK (which should
+ * be a primary key).  
+ * For mode values see do_edit_ownertrust ()
+ */
 int
-edit_ownertrust( ulong lid, int mode )
+edit_ownertrust (PKT_public_key *pk, int mode )
 {
-    unsigned int trust;
-    int no_help = 0;
-
-    for(;;) {
-	switch( do_edit_ownertrust( lid, mode, &trust, no_help ) ) {
-	  case -1:
-	    return 0;
-	  case -2:
-	    show_paths( lid, 1	);
-	    no_help = 1;
-	    break;
-	  case 1:
-	    trust &= ~TRUST_FLAG_DISABLED;
-	    trust |= get_ownertrust( lid ) & TRUST_FLAG_DISABLED;
-	    if( !update_ownertrust( lid, trust ) )
-		return 1;
-	    return 0;
-	  default:
-	    return 0;
-	}
+  unsigned int trust;
+  int no_help = 0;
+
+  for(;;)
+    {
+      switch ( do_edit_ownertrust (pk, mode, &trust, no_help ) )
+        {
+        case -1: /* quit */
+          return -1;
+        case -2: /* show info */
+          show_paths(pk, 1);
+          no_help = 1;
+          break;
+        case 1: /* trust value set */
+          trust &= ~TRUST_FLAG_DISABLED;
+          trust |= get_ownertrust (pk) & TRUST_FLAG_DISABLED;
+          update_ownertrust (pk, trust );
+          return 1;
+        default:
+          return 0;
+        }
     }
 }
 
-static int
-add_ownertrust_cb( ulong lid )
-{
-    unsigned trust;
-    int rc = do_edit_ownertrust( lid, 0, &trust, 0 );
-
-    if( rc == 1 )
-	return trust & TRUST_MASK;
-    return rc > 0? 0 : rc;
-}
-
-/****************
- * Try to add some more owner trusts (interactive)
- * This function presents all the signator in a certificate
- * chain who have no ownertrust value assigned.
- * Returns: -1 if no ownertrust were added.
- */
-static int
-add_ownertrust( PKT_public_key *pk, int *quit, unsigned *trustlevel )
-{
-    int rc;
-    unsigned flags = 0;
-
-    *quit = 0;
-    *trustlevel = 0;
-    tty_printf(
-_("Could not find a valid trust path to the key.  Let's see whether we\n"
-  "can assign some missing owner trust values.\n\n"));
-
-    rc = check_trust( pk, trustlevel, NULL, add_ownertrust_cb, &flags );
-
-    if( !(flags & 1) )
-	tty_printf(_("No path leading to one of our keys found.\n\n") );
-    else if( !(flags & 2) )
-	tty_printf(_("No certificates with undefined trust found.\n\n") );
-    else if( !(flags & 4) )
-	tty_printf(_("No trust values changed.\n\n") );
-
-    return (flags & 4)? 0:-1;
-}
 
 /****************
  * Check whether we can trust this pk which has a trustlevel of TRUSTLEVEL
- * Returns: true if we trust. Might change the trustlevel
+ * Returns: true if we trust.
  */
 static int
-do_we_trust( PKT_public_key *pk, int *trustlevel )
+do_we_trust( PKT_public_key *pk, unsigned int *trustlevel )
 {
-    int rc;
-    int did_add = 0;
-    int trustmask = 0;
-
-  retry:
+    unsigned int trustmask = 0;
+
+    /* FIXME: get_pubkey_byname already checks the validity and won't
+     * return keys which are either expired or revoked - so these
+     * question here won't get triggered.  We have to find a solution
+     * for this.  It might make sense to have a function in getkey.c
+     * which does only the basic checks and returns even revoked and
+     * expired keys.  This fnction could then also returhn a list of
+     * keys if the speicified name is ambiguous
+     */
     if( (*trustlevel & TRUST_FLAG_REVOKED) ) {
 	log_info(_("key %08lX: key has been revoked!\n"),
 					(ulong)keyid_from_pk( pk, NULL) );
-	show_revocation_reason( pk );
+	show_revocation_reason( pk, 0 );
 	if( opt.batch )
-	    return 0;
+          return 0; /* no */
 
 	if( !cpr_get_answer_is_yes("revoked_key.override",
 				    _("Use this key anyway? ")) )
-	    return 0;
+          return 0; /* no */
 	trustmask |= TRUST_FLAG_REVOKED;
     }
-    else if( (*trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
+    if( (*trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
 	log_info(_("key %08lX: subkey has been revoked!\n"),
 					(ulong)keyid_from_pk( pk, NULL) );
-	show_revocation_reason( pk );
+	show_revocation_reason( pk, 0 );
 	if( opt.batch )
 	    return 0;
 
@@ -483,52 +424,25 @@ do_we_trust( PKT_public_key *pk, int *trustlevel )
     if( opt.always_trust) {
 	if( opt.verbose )
 	    log_info("No trust check due to --always-trust option\n");
-	/* The problem with this, is that EXPIRE can't be checked as
-	 * this needs to insert a ne key into the trustdb first and
-	 * we don't want that */
 	return 1;
     }
 
-
     switch( (*trustlevel & TRUST_MASK) ) {
-      case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
-	rc = insert_trust_record_by_pk( pk );
-	if( rc ) {
-	    log_error("failed to insert it into the trustdb: %s\n",
-						      gpg_errstr(rc) );
-	    return 0; /* no */
-	}
-	rc = check_trust( pk, trustlevel, NULL, NULL, NULL );
-	*trustlevel &= ~trustmask;
-	if( rc )
-	    log_fatal("trust check after insert failed: %s\n",
-						      gpg_errstr(rc) );
-	if( *trustlevel == TRUST_UNKNOWN || *trustlevel == TRUST_EXPIRED ) {
-	    log_debug("do_we_trust: oops at %d\n", __LINE__ );
-	    return 0;
-	}
-	return do_we_trust( pk, trustlevel );
-
       case TRUST_EXPIRED:
 	log_info(_("%08lX: key has expired\n"),
 				    (ulong)keyid_from_pk( pk, NULL) );
 	return 0; /* no */
 
+      default:
+         log_error ("invalid trustlevel %u returned from validation layer\n",
+                    *trustlevel);
+         /* fall thru */
+      case TRUST_UNKNOWN: 
       case TRUST_UNDEFINED:
-	if( opt.batch || opt.answer_no )
-	    log_info(_("%08lX: no info to calculate a trust probability\n"),
-					(ulong)keyid_from_pk( pk, NULL) );
-	else {
-	    int quit;
-
-	    rc = add_ownertrust( pk, &quit, trustlevel );
-	    *trustlevel &= ~trustmask;
-	    if( !rc && !did_add && !quit ) {
-		did_add = 1;
-		goto retry;
-	    }
-	}
-	return 0;
+        log_info(_("%08lX: There is no indication that this key "
+                   "really belongs to the owner\n"),
+                 (ulong)keyid_from_pk( pk, NULL) );
+	return 0; /* no */
 
       case TRUST_NEVER:
 	log_info(_("%08lX: We do NOT trust this key\n"),
@@ -550,8 +464,6 @@ do_we_trust( PKT_public_key *pk, int *trustlevel )
 	if( opt.verbose )
 	    log_info(_("This key belongs to us\n"));
 	return 1; /* yes */
-
-      default: BUG();
     }
 
     return 1; /* yes */
@@ -564,7 +476,7 @@ do_we_trust( PKT_public_key *pk, int *trustlevel )
  * key anyway.
  */
 static int
-do_we_trust_pre( PKT_public_key *pk, int trustlevel )
+do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
 {
     int rc;
 
@@ -574,7 +486,8 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel )
 	return 0;
     if( (trustlevel & TRUST_FLAG_SUB_REVOKED) && !rc )
 	return 0;
-    else if( !opt.batch && !rc ) {
+
+    if( !opt.batch && !rc ) {
 	char *p;
 	u32 keyid[2];
 	size_t n;
@@ -585,9 +498,9 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel )
 		  (ulong)keyid[1], datestr_from_pk( pk ) );
 	p = get_user_id( keyid, &n );
 	tty_print_utf8_string( p, n ),
-	gcry_free(p);
+	m_free(p);
 	tty_printf("\"\n");
-	print_fpr( pk );
+        print_fingerprint (pk, NULL, 2);
 	tty_printf("\n");
 
 	tty_printf(_(
@@ -599,7 +512,7 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel )
 				  _("Use this key anyway? "))  )
 	    rc = 1;
 
-	/* Hmmm: Should we set a flag to tell the user the user about
+	/* Hmmm: Should we set a flag to tell the user about
 	 *	 his decision the next time he encrypts for this recipient?
 	 */
     }
@@ -620,121 +533,102 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel )
 int
 check_signatures_trust( PKT_signature *sig )
 {
-    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-    int trustlevel;
-    int did_add = 0;
-    int rc=0;
-
-
-    if( opt.always_trust ) {
-	if( !opt.quiet )
-	    log_info(_("WARNING: Using untrusted key!\n"));
-	return 0;
+  PKT_public_key *pk = m_alloc_clear( sizeof *pk );
+  unsigned int trustlevel;
+  int rc=0;
+
+  if ( opt.always_trust)
+    {
+      if( !opt.quiet )
+        log_info(_("WARNING: Using untrusted key!\n"));
+      if (opt.with_fingerprint)
+        print_fingerprint (pk, NULL, 1);
+      goto leave;
     }
 
-
-    rc = get_pubkey( pk, sig->keyid );
-    if( rc ) { /* this should not happen */
-	log_error("Ooops; the key vanished  - can't check the trust\n");
-	rc = GPGERR_NO_PUBKEY;
-	goto leave;
+  rc = get_pubkey( pk, sig->keyid );
+  if (rc) 
+    { /* this should not happen */
+      log_error("Ooops; the key vanished  - can't check the trust\n");
+      rc = G10ERR_NO_PUBKEY;
+      goto leave;
     }
 
-    rc = check_trust( pk, &trustlevel, NULL, NULL, NULL );
-    if( rc ) {
-	log_error("check trust failed: %s\n", gpg_errstr(rc));
-	goto leave;
-    }
+  trustlevel = get_validity (pk, NULL);
 
-  retry:
-    if( (trustlevel & TRUST_FLAG_REVOKED) ) {
-	write_status( STATUS_KEYREVOKED );
-	log_info(_("WARNING: This key has been revoked by its owner!\n"));
-	log_info(_("         This could mean that the signature is forgery.\n"));
-	show_revocation_reason( pk );
+  if ( (trustlevel & TRUST_FLAG_REVOKED) ) 
+    {
+      write_status( STATUS_KEYREVOKED );
+      log_info(_("WARNING: This key has been revoked by its owner!\n"));
+      log_info(_("         This could mean that the signature is forgery.\n"));
+      show_revocation_reason( pk, 0 );
     }
-    else if( (trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
-	write_status( STATUS_KEYREVOKED );
-	log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
-	show_revocation_reason( pk );
+  else if ((trustlevel & TRUST_FLAG_SUB_REVOKED) ) 
+    {
+      write_status( STATUS_KEYREVOKED );
+      log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
+      show_revocation_reason( pk, 0 );
     }
-
-
-    switch( (trustlevel & TRUST_MASK) ) {
-      case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
-	rc = insert_trust_record_by_pk( pk );
-	if( rc ) {
-	    log_error("failed to insert it into the trustdb: %s\n",
-						      gpg_errstr(rc) );
-	    goto leave;
-	}
-	rc = check_trust( pk, &trustlevel, NULL, NULL, NULL );
-	if( rc )
-	    log_fatal("trust check after insert failed: %s\n",
-						      gpg_errstr(rc) );
-	if( trustlevel == TRUST_UNKNOWN || trustlevel == TRUST_EXPIRED )
-	    BUG();
-	goto retry;
-
-      case TRUST_EXPIRED:
-	log_info(_("Note: This key has expired!\n"));
-	fpr_info( pk );
-	break;
-
-      case TRUST_UNDEFINED:
-	if( did_add || opt.batch || opt.answer_no ) {
-	    write_status( STATUS_TRUST_UNDEFINED );
-	    log_info(_(
-	    "WARNING: This key is not certified with a trusted signature!\n"));
-	    log_info(_(
-	    "         There is no indication that the "
-				    "signature belongs to the owner.\n" ));
-	    fpr_info( pk );
-	}
-	else {
-	    int quit;
-	    rc = add_ownertrust( pk, &quit, &trustlevel );
-	    if( rc || quit ) {
-		did_add = 1;
-		rc = 0;
-	    }
-	    goto retry;
-	}
-	break;
-
-      case TRUST_NEVER:
-	write_status( STATUS_TRUST_NEVER );
-	log_info(_("WARNING: We do NOT trust this key!\n"));
-	log_info(_("         The signature is probably a FORGERY.\n"));
-	rc = GPGERR_BAD_SIGN;
-	break;
-
-      case TRUST_MARGINAL:
-	write_status( STATUS_TRUST_MARGINAL );
-	log_info(_(
-	 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
-		));
-	log_info(_(
-	 "         It is not certain that the signature belongs to the owner.\n"
-		 ));
-	fpr_info( pk );
-	break;
-
-      case TRUST_FULLY:
-	write_status( STATUS_TRUST_FULLY );
-	break;
-
-      case TRUST_ULTIMATE:
-	write_status( STATUS_TRUST_ULTIMATE );
-	break;
-
-      default: BUG();
+  
+  if ((trustlevel & TRUST_FLAG_DISABLED))
+    log_info (_("Note: This key has been disabled.\n"));
+
+  switch ( (trustlevel & TRUST_MASK) ) 
+    {
+    case TRUST_EXPIRED:
+      log_info(_("Note: This key has expired!\n"));
+      print_fingerprint (pk, NULL, 1);
+      break;
+        
+    default:
+      log_error ("invalid trustlevel %u returned from validation layer\n",
+                 trustlevel);
+      /* fall thru */
+    case TRUST_UNKNOWN: 
+    case TRUST_UNDEFINED:
+      write_status( STATUS_TRUST_UNDEFINED );
+      log_info(_("WARNING: This key is not certified with"
+                 " a trusted signature!\n"));
+      log_info(_("         There is no indication that the "
+                 "signature belongs to the owner.\n" ));
+      print_fingerprint (pk, NULL, 1);
+      break;
+
+    case TRUST_NEVER:
+      /* currently we won't get that status */
+      write_status( STATUS_TRUST_NEVER );
+      log_info(_("WARNING: We do NOT trust this key!\n"));
+      log_info(_("         The signature is probably a FORGERY.\n"));
+      if (opt.with_fingerprint)
+        print_fingerprint (pk, NULL, 1);
+      rc = G10ERR_BAD_SIGN;
+      break;
+
+    case TRUST_MARGINAL:
+      write_status( STATUS_TRUST_MARGINAL );
+      log_info(_("WARNING: This key is not certified with"
+                 " sufficiently trusted signatures!\n"));
+      log_info(_("         It is not certain that the"
+                 " signature belongs to the owner.\n" ));
+      print_fingerprint (pk, NULL, 1);
+      break;
+
+    case TRUST_FULLY:
+      write_status( STATUS_TRUST_FULLY );
+      if (opt.with_fingerprint)
+        print_fingerprint (pk, NULL, 1);
+      break;
+
+    case TRUST_ULTIMATE:
+      write_status( STATUS_TRUST_ULTIMATE );
+      if (opt.with_fingerprint)
+        print_fingerprint (pk, NULL, 1);
+      break;
     }
 
-
-  leave:
-    free_public_key( pk );
-    return rc;
+ leave:
+  free_public_key( pk );
+  return rc;
 }
 
 
@@ -746,7 +640,7 @@ release_pk_list( PK_LIST pk_list )
     for( ; pk_list; pk_list = pk_rover ) {
 	pk_rover = pk_list->next;
 	free_public_key( pk_list->pk );
-	gcry_free( pk_list );
+	m_free( pk_list );
     }
 }
 
@@ -775,11 +669,11 @@ default_recipient(void)
     int i;
 
     if( opt.def_recipient )
-	return gcry_xstrdup( opt.def_recipient );
+	return m_strdup( opt.def_recipient );
     if( !opt.def_recipient_self )
 	return NULL;
-    sk = gcry_xcalloc( 1, sizeof *sk );
-    i = get_seckey_byname( NULL, sk, NULL, 0, NULL );
+    sk = m_alloc_clear( sizeof *sk );
+    i = get_seckey_byname( sk, NULL, 0 );
     if( i ) {
 	free_secret_key( sk );
 	return NULL;
@@ -787,7 +681,7 @@ default_recipient(void)
     n = MAX_FINGERPRINT_LEN;
     fingerprint_from_sk( sk, fpr, &n );
     free_secret_key( sk );
-    p = gcry_xmalloc( 2*n+3 );
+    p = m_alloc( 2*n+3 );
     *p++ = '0';
     *p++ = 'x';
     for(i=0; i < n; i++ )
@@ -796,31 +690,82 @@ default_recipient(void)
     return p;
 }
 
+static int
+expand_id(const char *id,STRLIST *into,unsigned int flags)
+{
+  struct groupitem *groups;
+  int count=0;
+
+  for(groups=opt.grouplist;groups;groups=groups->next)
+    {
+      /* need strcasecmp() here, as this should be localized */
+      if(strcasecmp(groups->name,id)==0)
+	{
+	  STRLIST each,sl;
+
+	  /* this maintains the current utf8-ness */
+	  for(each=groups->values;each;each=each->next)
+	    {
+	      sl=add_to_strlist(into,each->d);
+	      sl->flags=flags;
+	      count++;
+	    }
+
+	  break;
+	}
+    }
+
+  return count;
+}
+
+/* For simplicity, and to avoid potential loops, we only expand once -
+   you can't make an alias that points to an alias. */
+static STRLIST
+expand_group(STRLIST input)
+{
+  STRLIST sl,output=NULL,rover;
+
+  for(rover=input;rover;rover=rover->next)
+    if(expand_id(rover->d,&output,rover->flags)==0)
+      {
+	/* Didn't find any groups, so use the existing string */
+	sl=add_to_strlist(&output,rover->d);
+	sl->flags=rover->flags;
+      }
+
+  return output;
+}
 
 int
-build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
+build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
 {
     PK_LIST pk_list = NULL;
     PKT_public_key *pk=NULL;
     int rc=0;
     int any_recipients=0;
-    STRLIST rov;
+    STRLIST rov,remusr;
     char *def_rec = NULL;
 
+    if(opt.grouplist)
+      remusr=expand_group(rcpts);
+    else
+      remusr=rcpts;
+
     /* check whether there are any recipients in the list and build the
      * list of the encrypt-to ones (we always trust them) */
     for( rov = remusr; rov; rov = rov->next ) {
 	if( !(rov->flags & 1) )
 	    any_recipients = 1;
-	else if( (use & GCRY_PK_USAGE_ENCR) && !opt.no_encrypt_to ) {
-	    pk = gcry_xcalloc( 1, sizeof *pk );
+	else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) {
+	    pk = m_alloc_clear( sizeof *pk );
 	    pk->req_usage = use;
-	    if( (rc = get_pubkey_byname( NULL, pk, rov->d, NULL )) ) {
+	    if( (rc = get_pubkey_byname( pk, rov->d, NULL, NULL )) ) {
 		free_public_key( pk ); pk = NULL;
-		log_error(_("%s: skipped: %s\n"), rov->d, gpg_errstr(rc) );
-	    }
-	    else if( !(rc=openpgp_pk_test_algo(pk->pubkey_algo,
-                                               pk->pubkey_usage)) ) {
+		log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
+                write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
+                                              rov->d, strlen (rov->d), -1);
+            }
+	    else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
 		/* Skip the actual key if the key is already present
 		 * in the list */
 		if (key_present_in_pk_list(pk_list, pk) == 0) {
@@ -830,7 +775,7 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
 		}
 		else {
 		    PK_LIST r;
-		    r = gcry_xmalloc( sizeof *r );
+		    r = m_alloc( sizeof *r );
 		    r->pk = pk; pk = NULL;
 		    r->next = pk_list;
 		    r->mark = 0;
@@ -839,44 +784,53 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
 	    }
 	    else {
 		free_public_key( pk ); pk = NULL;
-		log_error(_("%s: skipped: %s\n"), rov->d, gpg_errstr(rc) );
+		log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
+                write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
+                                              rov->d, strlen (rov->d), -1);
 	    }
 	}
     }
 
     if( !any_recipients && !opt.batch ) { /* ask */
-	char *answer=NULL;
 	int have_def_rec;
+	char *answer=NULL;
+	STRLIST backlog=NULL;
 
 	def_rec = default_recipient();
 	have_def_rec = !!def_rec;
 	if( !have_def_rec )
 	    tty_printf(_(
-		"You did not specify a user ID. (you may use \"-r\")\n\n"));
+		"You did not specify a user ID. (you may use \"-r\")\n"));
 	for(;;) {
 	    rc = 0;
-	    gcry_free(answer);
+	    m_free(answer);
 	    if( have_def_rec ) {
 		answer = def_rec;
 		def_rec = NULL;
 	    }
+	    else if(backlog) {
+	      answer=pop_strlist(&backlog);
+	    }
 	    else {
 		answer = cpr_get_utf8("pklist.user_id.enter",
-				       _("Enter the user ID: "));
+			 _("\nEnter the user ID.  End with an empty line: "));
 		trim_spaces(answer);
 		cpr_kill_prompt();
 	    }
-	    if( !*answer )
+	    if( !answer || !*answer ) {
+	        m_free(answer);
 		break;
+	    }
+	    if(expand_id(answer,&backlog,0))
+	      continue;
 	    if( pk )
 		free_public_key( pk );
-	    pk = gcry_xcalloc( 1, sizeof *pk );
+	    pk = m_alloc_clear( sizeof *pk );
 	    pk->req_usage = use;
-	    rc = get_pubkey_byname( NULL, pk, answer, NULL );
+	    rc = get_pubkey_byname( pk, answer, NULL, NULL );
 	    if( rc )
 		tty_printf(_("No such user ID.\n"));
-	    else if( !(rc=openpgp_pk_test_algo(pk->pubkey_algo,
-                                               pk->pubkey_usage)) ) {
+	    else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
 		if( have_def_rec ) {
 		    if (key_present_in_pk_list(pk_list, pk) == 0) {
 			free_public_key(pk); pk = NULL;
@@ -884,25 +838,20 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
 				   "already set as default recipient\n") );
 		    }
 		    else {
-			PK_LIST r = gcry_xmalloc( sizeof *r );
+			PK_LIST r = m_alloc( sizeof *r );
 			r->pk = pk; pk = NULL;
 			r->next = pk_list;
 			r->mark = 0;
 			pk_list = r;
 		    }
 		    any_recipients = 1;
-		    break;
+		    continue;
 		}
 		else {
 		    int trustlevel;
 
-		    rc = check_trust( pk, &trustlevel, pk->namehash,
-						       NULL, NULL );
-		    if( rc ) {
-			log_error("error checking pk of `%s': %s\n",
-						     answer, gpg_errstr(rc) );
-		    }
-		    else if( (trustlevel & TRUST_FLAG_DISABLED) ) {
+		    trustlevel = get_validity (pk, NULL);
+		    if( (trustlevel & TRUST_FLAG_DISABLED) ) {
 			tty_printf(_("Public key is disabled.\n") );
 		    }
 		    else if( do_we_trust_pre( pk, trustlevel ) ) {
@@ -910,52 +859,71 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
 			 * in the list */
 			if (key_present_in_pk_list(pk_list, pk) == 0) {
 			    free_public_key(pk); pk = NULL;
-			    log_info(_("skipped: public key "
-				       "already set with --encrypt-to\n") );
+			    log_info(_("skipped: public key already set\n") );
 			}
 			else {
 			    PK_LIST r;
-
-			    r = gcry_xmalloc( sizeof *r );
+			    char *p;
+			    size_t n;
+			    u32 keyid[2];
+
+			    keyid_from_pk( pk, keyid);
+			    tty_printf("Added %4u%c/%08lX %s \"",
+				       nbits_from_pk( pk ),
+				       pubkey_letter( pk->pubkey_algo ),
+				       (ulong)keyid[1],
+				       datestr_from_pk( pk ) );
+			    p = get_user_id( keyid, &n );
+			    tty_print_utf8_string( p, n );
+			    m_free(p);
+			    tty_printf("\"\n");
+
+			    r = m_alloc( sizeof *r );
 			    r->pk = pk; pk = NULL;
 			    r->next = pk_list;
 			    r->mark = 0;
 			    pk_list = r;
 			}
 			any_recipients = 1;
-			break;
+			continue;
 		    }
 		}
 	    }
-	    gcry_free(def_rec); def_rec = NULL;
+	    m_free(def_rec); def_rec = NULL;
 	    have_def_rec = 0;
 	}
-	gcry_free(answer);
 	if( pk ) {
 	    free_public_key( pk );
 	    pk = NULL;
 	}
     }
     else if( !any_recipients && (def_rec = default_recipient()) ) {
-	pk = gcry_xcalloc( 1, sizeof *pk );
+	pk = m_alloc_clear( sizeof *pk );
 	pk->req_usage = use;
-	rc = get_pubkey_byname( NULL, pk, def_rec, NULL );
+	rc = get_pubkey_byname( pk, def_rec, NULL, NULL );
 	if( rc )
 	    log_error(_("unknown default recipient `%s'\n"), def_rec );
-	else if( !(rc=openpgp_pk_test_algo(pk->pubkey_algo,
-                                           pk->pubkey_usage)) ) {
-	    PK_LIST r = gcry_xmalloc( sizeof *r );
+	else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
+	  /* Mark any_recipients here since the default recipient
+             would have been used if it wasn't already there.  It
+             doesn't really matter if we got this key from the default
+             recipient or an encrypt-to. */
+	  any_recipients = 1;
+	  if (key_present_in_pk_list(pk_list, pk) == 0)
+	    log_info(_("skipped: public key already set as default recipient\n"));
+	  else {
+	    PK_LIST r = m_alloc( sizeof *r );
 	    r->pk = pk; pk = NULL;
 	    r->next = pk_list;
 	    r->mark = 0;
 	    pk_list = r;
-	    any_recipients = 1;
+	  }
 	}
 	if( pk ) {
 	    free_public_key( pk );
 	    pk = NULL;
 	}
-	gcry_free(def_rec); def_rec = NULL;
+	m_free(def_rec); def_rec = NULL;
     }
     else {
 	any_recipients = 0;
@@ -963,26 +931,27 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
 	    if( (remusr->flags & 1) )
 		continue; /* encrypt-to keys are already handled */
 
-	    pk = gcry_xcalloc( 1, sizeof *pk );
+	    pk = m_alloc_clear( sizeof *pk );
 	    pk->req_usage = use;
-	    if( (rc = get_pubkey_byname( NULL, pk, remusr->d, NULL )) ) {
+	    if( (rc = get_pubkey_byname( pk, remusr->d, NULL, NULL )) ) {
 		free_public_key( pk ); pk = NULL;
-		log_error(_("%s: skipped: %s\n"), remusr->d, gpg_errstr(rc) );
+		log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
+                write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
+                                              remusr->d, strlen (remusr->d),
+                                              -1);
 	    }
-	    else if( !(rc=openpgp_pk_test_algo(pk->pubkey_algo,
-                                               pk->pubkey_usage)) ) {
+	    else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
 		int trustlevel;
 
-		rc = check_trust( pk, &trustlevel, pk->namehash, NULL, NULL );
-		if( rc ) {
-		    free_public_key( pk ); pk = NULL;
-		    log_error(_("%s: error checking key: %s\n"),
-						      remusr->d, gpg_errstr(rc) );
-		}
-		else if( (trustlevel & TRUST_FLAG_DISABLED) ) {
+		trustlevel = get_validity (pk, pk->namehash);
+		if( (trustlevel & TRUST_FLAG_DISABLED) ) {
 		    free_public_key(pk); pk = NULL;
 		    log_info(_("%s: skipped: public key is disabled\n"),
 								    remusr->d);
+                    write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
+                                                  remusr->d,
+                                                  strlen (remusr->d),
+                                                  -1);
 		}
 		else if( do_we_trust_pre( pk, trustlevel ) ) {
 		    /* note: do_we_trust may have changed the trustlevel */
@@ -1000,7 +969,7 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
 		    }
 		    else {
 			PK_LIST r;
-			r = gcry_xmalloc( sizeof *r );
+			r = m_alloc( sizeof *r );
 			r->pk = pk; pk = NULL;
 			r->next = pk_list;
 			r->mark = 0;
@@ -1009,55 +978,103 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
 		}
 		else { /* we don't trust this pk */
 		    free_public_key( pk ); pk = NULL;
+                    write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
+                                                  remusr->d,
+                                                  strlen (remusr->d),
+                                                  -1);
 		}
 	    }
 	    else {
 		free_public_key( pk ); pk = NULL;
-		log_error(_("%s: skipped: %s\n"), remusr->d, gpg_errstr(rc) );
+                write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
+                                              remusr->d,
+                                              strlen (remusr->d),
+                                              -1);
+		log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
 	    }
 	}
     }
 
     if( !rc && !any_recipients ) {
 	log_error(_("no valid addressees\n"));
-	rc = GPGERR_NO_USER_ID;
+        write_status_text (STATUS_NO_RECP, "0");
+	rc = G10ERR_NO_USER_ID;
     }
 
     if( rc )
 	release_pk_list( pk_list );
     else
 	*ret_pk_list = pk_list;
+    if(opt.grouplist)
+      free_strlist(remusr);
     return rc;
 }
 
 
+/* In pgp6 mode, disallow all ciphers except IDEA (1), 3DES (2), and
+   CAST5 (3), all hashes except MD5 (1), SHA1 (2), and RIPEMD160 (3),
+   and all compressions except none (0) and ZIP (1).  pgp7 mode
+   expands the cipher list to include AES128 (7), AES192 (8), AES256
+   (9), and TWOFISH (10).  For a true PGP key all of this is unneeded
+   as they are the only items present in the preferences subpacket,
+   but checking here covers the weird case of encrypting to a key that
+   had preferences from a different implementation which was then used
+   with PGP.  I am not completely comfortable with this as the right
+   thing to do, as it slightly alters the list of what the user is
+   supposedly requesting.  It is not against the RFC however, as the
+   preference chosen will never be one that the user didn't specify
+   somewhere ("The implementation may use any mechanism to pick an
+   algorithm in the intersection"), and PGP has no mechanism to fix
+   such a broken preference list, so I'm including it. -dms */
 
 static int
-algo_available( int preftype, int algo )
+algo_available( int preftype, int algo, void *hint )
 {
     if( preftype == PREFTYPE_SYM ) {
-	return algo && !openpgp_cipher_test_algo( algo );
+        if( opt.pgp6 && ( algo != 1 && algo != 2 && algo != 3) )
+	  return 0;
+
+        if( opt.pgp7 && (algo != 1 && algo != 2 && algo != 3 &&
+			 algo != 7 && algo != 8 && algo != 9 && algo != 10) )
+	  return 0;
+
+	return algo && !check_cipher_algo( algo );
     }
     else if( preftype == PREFTYPE_HASH ) {
-	return algo && !openpgp_md_test_algo( algo );
+        int bits=0;
+
+	if(hint)
+	  bits=*(int *)hint;
+
+	if(bits && (bits != md_digest_length(algo)))
+	  return 0;
+
+        if( (opt.pgp6 || opt.pgp7 ) && ( algo != 1 && algo != 2 && algo != 3) )
+	  return 0;
+
+	return algo && !check_digest_algo( algo );
     }
-    else if( preftype == PREFTYPE_COMPR ) {
-	return !algo || algo == 1 || algo == 2;
+    else if( preftype == PREFTYPE_ZIP ) {
+        if ( ( opt.pgp6 || opt.pgp7 ) && ( algo !=0 && algo != 1) )
+	  return 0;
+
+	return !check_compress_algo( algo );
     }
     else
 	return 0;
 }
 
+
+
 /****************
  * Return -1 if we could not find an algorithm.
  */
 int
-select_algo_from_prefs( PK_LIST pk_list, int preftype )
+select_algo_from_prefs(PK_LIST pk_list, int preftype, int request, void *hint)
 {
     PK_LIST pkr;
     u32 bits[8];
-    byte *pref = NULL;
-    size_t npref;
+    const prefitem_t *prefs;
     int i, j;
     int compr_hack=0;
     int any;
@@ -1070,43 +1087,65 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype )
 	u32 mask[8];
 
 	memset( mask, 0, 8 * sizeof *mask );
-	if( !pkr->pk->local_id ) { /* try to set the local id */
-	    query_trust_info( pkr->pk, NULL );
-	    if( !pkr->pk->local_id ) {
-		log_debug("select_algo_from_prefs: can't get LID\n");
-		continue;
-	    }
+	if( preftype == PREFTYPE_SYM ) {
+	  if( opt.pgp2 &&
+	      pkr->pk->version < 4 &&
+	      pkr->pk->selfsigversion < 4 )
+	    mask[0] |= (1<<1); /* IDEA is implicitly there for v3 keys
+				  with v3 selfsigs (rfc2440:12.1) if
+				  --pgp2 mode is on.  This doesn't
+				  mean it's actually available, of
+				  course. */
+	  else
+	    mask[0] |= (1<<2); /* 3DES is implicitly there for everyone else */
 	}
-	if( preftype == PREFTYPE_SYM )
-	    mask[0] |= (1<<2); /* 3DES is implicitly there */
-	gcry_free(pref);
-	pref = get_pref_data( pkr->pk->local_id, pkr->pk->namehash, &npref);
+	else if( preftype == PREFTYPE_HASH ) {
+	  /* While I am including this code for completeness, note
+	     that currently --pgp2 mode locks the hash at MD5, so this
+	     function will never even be called.  Even if the hash
+	     wasn't locked at MD5, we don't support sign+encrypt in
+	     --pgp2 mode, and that's the only time PREFTYPE_HASH is
+	     used anyway. -dms */
+	  if( opt.pgp2 &&
+	      pkr->pk->version < 4 &&
+	      pkr->pk->selfsigversion < 4 )
+	    mask[0] |= (1<<1); /* MD5 is there for v3 keys with v3
+				  selfsigs when --pgp2 is on. */
+	  else
+	    mask[0] |= (1<<2); /* SHA1 is there for everyone else */
+	}
+	else if( preftype == PREFTYPE_ZIP )
+	  mask[0] |= (1<<0); /* Uncompressed is implicit */
+
+        if (pkr->pk->user_id) /* selected by user ID */
+            prefs = pkr->pk->user_id->prefs;
+        else
+            prefs = pkr->pk->prefs;
+
 	any = 0;
-	if( pref ) {
-	   #if 0
-	    log_hexdump("raw: ", pref, npref );
-	   #endif
-	    for(i=0; i+1 < npref; i+=2 ) {
-		if( pref[i] == preftype ) {
-		    mask[pref[i+1]/32] |= 1 << (pref[i+1]%32);
+	if( prefs ) {
+	    for (i=0; prefs[i].type; i++ ) {
+		if( prefs[i].type == preftype ) {
+		    mask[prefs[i].value/32] |= 1 << (prefs[i].value%32);
 		    any = 1;
 		}
 	    }
 	}
-	if( (!pref || !any) && preftype == PREFTYPE_COMPR ) {
+
+	if( (!prefs || !any) && preftype == PREFTYPE_ZIP ) {
 	    mask[0] |= 3; /* asume no_compression and old pgp */
 	    compr_hack = 1;
 	}
 
       #if 0
-	log_debug("mask=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
+	log_debug("pref mask=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
 	       (ulong)mask[7], (ulong)mask[6], (ulong)mask[5], (ulong)mask[4],
 	     (ulong)mask[3], (ulong)mask[2], (ulong)mask[1], (ulong)mask[0]);
       #endif
 	for(i=0; i < 8; i++ )
 	    bits[i] &= mask[i];
       #if 0
-	log_debug("bits=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
+	log_debug("pref bits=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
 	       (ulong)bits[7], (ulong)bits[6], (ulong)bits[5], (ulong)bits[4],
 	     (ulong)bits[3], (ulong)bits[2], (ulong)bits[1], (ulong)bits[0]);
       #endif
@@ -1119,28 +1158,42 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype )
      */
     i = -1;
     any = 0;
-    if( pref ) {
-	for(j=0; j+1 < npref; j+=2 ) {
-	    if( pref[j] == preftype ) {
-		if( (bits[pref[j+1]/32] & (1<<(pref[j+1]%32))) ) {
-		    if( algo_available( preftype, pref[j+1] ) ) {
+
+    /* If we have personal prefs set, use them instead of the last key */
+    if(preftype==PREFTYPE_SYM && opt.personal_cipher_prefs)
+      prefs=opt.personal_cipher_prefs;
+    else if(preftype==PREFTYPE_HASH && opt.personal_digest_prefs)
+      prefs=opt.personal_digest_prefs;
+    else if(preftype==PREFTYPE_ZIP && opt.personal_compress_prefs)
+      prefs=opt.personal_compress_prefs;
+
+    if( prefs ) {
+	for(j=0; prefs[j].type; j++ ) {
+	    if( prefs[j].type == preftype ) {
+                if( (bits[prefs[j].value/32] & (1<<(prefs[j].value%32))) ) {
+		    if( algo_available( preftype, prefs[j].value, hint ) ) {
 			any = 1;
-			i = pref[j+1];
+			i = prefs[j].value;
 			break;
 		    }
 		}
 	    }
 	}
     }
-    if( !pref || !any ) {
+    if( !prefs || !any ) {
 	for(j=0; j < 256; j++ )
 	    if( (bits[j/32] & (1<<(j%32))) ) {
-		if( algo_available( preftype, j ) ) {
+		if( algo_available( preftype, j, hint ) ) {
 		    i = j;
 		    break;
 		}
 	    }
     }
+
+    /* Can we use the requested algorithm? */
+    if(request>-1 && request==i)
+      return i;
+
   #if 0
     log_debug("prefs of type %d: selected %d\n", preftype, i );
   #endif
@@ -1152,8 +1205,53 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype )
 	    i = 1;  /* yep; we can use compression algo 1 */
     }
 
-    gcry_free(pref);
+    /* "If you are building an authentication system, the recipient
+       may specify a preferred signing algorithm. However, the signer
+       would be foolish to use a weak algorithm simply because the
+       recipient requests it." RFC2440:13.  If we settle on MD5, and
+       SHA1 is also available, use SHA1 instead.  Of course, if the
+       user intentinally chose MD5 (by putting it in their personal
+       prefs), then we should do what they say. */
+
+    if(preftype==PREFTYPE_HASH &&
+       i==DIGEST_ALGO_MD5 && (bits[0] & (1<<DIGEST_ALGO_SHA1)))
+      {
+	i=DIGEST_ALGO_SHA1;
+
+	if(opt.personal_digest_prefs)
+	  for(j=0; prefs[j].type; j++ )
+	    if(opt.personal_digest_prefs[j].type==PREFTYPE_HASH &&
+	       opt.personal_digest_prefs[j].value==DIGEST_ALGO_MD5)
+	      {
+		i=DIGEST_ALGO_MD5;
+		break;
+	      }
+      }
+
     return i;
 }
 
+/*
+ * Select the MDC flag from the pk_list.  We can only use MDC if all recipients
+ * support this feature 
+ */
+int
+select_mdc_from_pklist (PK_LIST pk_list)
+{
+    PK_LIST pkr;
 
+    if( !pk_list )
+	return 0;
+
+    for (pkr = pk_list; pkr; pkr = pkr->next) {
+        int mdc;
+
+        if (pkr->pk->user_id) /* selected by user ID */
+            mdc = pkr->pk->user_id->mdc_feature;
+        else
+            mdc = pkr->pk->mdc_feature;
+        if (!mdc)
+            return 0; /* at least one recipient does not support it */
+    }
+    return 1; /* can be used */
+}
diff --git a/g10/plaintext.c b/g10/plaintext.c
index 555dd1636..b12fb0f11 100644
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@@ -1,5 +1,5 @@
-/* plaintext.c -  process an plaintext packet
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+/* plaintext.c -  process plaintext packets
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -29,7 +29,7 @@
 #endif
 
 #include "util.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "options.h"
 #include "packet.h"
 #include "ttyio.h"
@@ -60,7 +60,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
     if( nooutput )
 	;
     else if( opt.outfile ) {
-	fname = gcry_xmalloc( strlen( opt.outfile ) + 1);
+	fname = m_alloc( strlen( opt.outfile ) + 1);
 	strcpy(fname, opt.outfile );
     }
     else if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) ) {
@@ -72,7 +72,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 	if( !fname )
 	    fname = ask_outfile_name( pt->name, pt->namelen );
 	if( !fname ) {
-	    rc = GPGERR_CREATE_FILE;
+	    rc = G10ERR_CREATE_FILE;
 	    goto leave;
 	}
     }
@@ -89,31 +89,44 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 	setmode ( fileno(fp) , O_BINARY );
       #endif
     }
-    else if( !overwrite_filep( fname ) ) {
-	rc = GPGERR_CREATE_FILE;
-	goto leave;
+    else {
+	while( !overwrite_filep (fname) ) {
+            char *tmp = ask_outfile_name (NULL, 0);
+            if ( !tmp || !*tmp ) {
+                m_free (tmp);
+                rc = G10ERR_CREATE_FILE;
+                goto leave;
+            }
+            m_free (fname);
+            fname = tmp;
+        }
     }
 
     if( fp || nooutput )
 	;
     else if( !(fp = fopen(fname,"wb")) ) {
-	log_error("Error creating `%s': %s\n", fname, strerror(errno) );
-	rc = GPGERR_CREATE_FILE;
+	log_error(_("error creating `%s': %s\n"), fname, strerror(errno) );
+	rc = G10ERR_CREATE_FILE;
+#ifdef __riscos__
+        if (errno == 106)
+            log_info("perhaps the output file has the same name as the input file?\n");
+#endif /* __riscos__ */
 	goto leave;
     }
 
-    if( pt->len ) {
+    if( !pt->is_partial ) {
+        /* we have an actual length (which might be zero). */
 	assert( !clearsig );
 	if( convert ) { /* text mode */
 	    for( ; pt->len; pt->len-- ) {
 		if( (c = iobuf_get(pt->buf)) == -1 ) {
 		    log_error("Problem reading source (%u bytes remaining)\n",
 			      (unsigned)pt->len);
-		    rc = GPGERR_READ_FILE;
+		    rc = G10ERR_READ_FILE;
 		    goto leave;
 		}
 		if( mfx->md )
-		    gcry_md_putc(mfx->md, c );
+		    md_putc(mfx->md, c );
 	      #ifndef HAVE_DOSISH_SYSTEM
 		if( c == '\r' )  /* convert to native line ending */
 		    continue;	 /* fixme: this hack might be too simple */
@@ -122,45 +135,45 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 		    if( putc( c, fp ) == EOF ) {
 			log_error("Error writing to `%s': %s\n",
 				  fname, strerror(errno) );
-			rc = GPGERR_WRITE_FILE;
+			rc = G10ERR_WRITE_FILE;
 			goto leave;
 		    }
 		}
 	    }
 	}
 	else { /* binary mode */
-	    byte *buffer = gcry_xmalloc( 32768 );
+	    byte *buffer = m_alloc( 32768 );
 	    while( pt->len ) {
 		int len = pt->len > 32768 ? 32768 : pt->len;
 		len = iobuf_read( pt->buf, buffer, len );
 		if( len == -1 ) {
 		    log_error("Problem reading source (%u bytes remaining)\n",
 			      (unsigned)pt->len);
-		    rc = GPGERR_READ_FILE;
-		    gcry_free( buffer );
+		    rc = G10ERR_READ_FILE;
+		    m_free( buffer );
 		    goto leave;
 		}
 		if( mfx->md )
-		    gcry_md_write( mfx->md, buffer, len );
+		    md_write( mfx->md, buffer, len );
 		if( fp ) {
 		    if( fwrite( buffer, 1, len, fp ) != len ) {
 			log_error("Error writing to `%s': %s\n",
 				  fname, strerror(errno) );
-			rc = GPGERR_WRITE_FILE;
-			gcry_free( buffer );
+			rc = G10ERR_WRITE_FILE;
+			m_free( buffer );
 			goto leave;
 		    }
 		}
 		pt->len -= len;
 	    }
-	    gcry_free( buffer );
+	    m_free( buffer );
 	}
     }
     else if( !clearsig ) {
 	if( convert ) { /* text mode */
 	    while( (c = iobuf_get(pt->buf)) != -1 ) {
 		if( mfx->md )
-		    gcry_md_putc(mfx->md, c );
+		    md_putc(mfx->md, c );
 	      #ifndef HAVE_DOSISH_SYSTEM
 		if( convert && c == '\r' )
 		    continue; /* fixme: this hack might be too simple */
@@ -169,14 +182,14 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 		    if( putc( c, fp ) == EOF ) {
 			log_error("Error writing to `%s': %s\n",
 				  fname, strerror(errno) );
-			rc = GPGERR_WRITE_FILE;
+			rc = G10ERR_WRITE_FILE;
 			goto leave;
 		    }
 		}
 	    }
 	}
 	else { /* binary mode */
-	    byte *buffer = gcry_xmalloc( 32768 );
+	    byte *buffer = m_alloc( 32768 );
 	    int eof;
 	    for( eof=0; !eof; ) {
 		/* Why do we check for len < 32768:
@@ -191,18 +204,18 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 		if( len < 32768 )
 		    eof = 1;
 		if( mfx->md )
-		    gcry_md_write( mfx->md, buffer, len );
+		    md_write( mfx->md, buffer, len );
 		if( fp ) {
 		    if( fwrite( buffer, 1, len, fp ) != len ) {
 			log_error("Error writing to `%s': %s\n",
 				  fname, strerror(errno) );
-			rc = GPGERR_WRITE_FILE;
-			gcry_free( buffer );
+			rc = G10ERR_WRITE_FILE;
+			m_free( buffer );
 			goto leave;
 		    }
 		}
 	    }
-	    gcry_free( buffer );
+	    m_free( buffer );
 	}
 	pt->buf = NULL;
     }
@@ -214,15 +227,15 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 		if( putc( c, fp ) == EOF ) {
 		    log_error("Error writing to `%s': %s\n",
 						fname, strerror(errno) );
-		    rc = GPGERR_WRITE_FILE;
+		    rc = G10ERR_WRITE_FILE;
 		    goto leave;
 		}
 	    }
 	    if( !mfx->md )
 		continue;
 	    if( state == 2 ) {
-		gcry_md_putc(mfx->md, '\r' );
-		gcry_md_putc(mfx->md, '\n' );
+		md_putc(mfx->md, '\r' );
+		md_putc(mfx->md, '\n' );
 		state = 0;
 	    }
 	    if( !state ) {
@@ -231,18 +244,18 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 		else if( c == '\n'  )
 		    state = 2;
 		else
-		    gcry_md_putc(mfx->md, c );
+		    md_putc(mfx->md, c );
 	    }
 	    else if( state == 1 ) {
 		if( c == '\n'  )
 		    state = 2;
 		else {
-		    gcry_md_putc(mfx->md, '\r' );
+		    md_putc(mfx->md, '\r' );
 		    if( c == '\r'  )
 			state = 1;
 		    else {
 			state = 0;
-			gcry_md_putc(mfx->md, c );
+			md_putc(mfx->md, c );
 		    }
 		}
 	    }
@@ -253,7 +266,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
     if( fp && fp != stdout && fclose(fp) ) {
 	log_error("Error closing `%s': %s\n", fname, strerror(errno) );
 	fp = NULL;
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
 	goto leave;
     }
     fp = NULL;
@@ -261,12 +274,12 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
   leave:
     if( fp && fp != stdout )
 	fclose(fp);
-    gcry_free(fname);
+    m_free(fname);
     return rc;
 }
 
 static void
-do_hash( GCRY_MD_HD md, GCRY_MD_HD md2, IOBUF fp, int textmode )
+do_hash( MD_HANDLE md, MD_HANDLE md2, IOBUF fp, int textmode )
 {
     text_filter_context_t tfx;
     int c;
@@ -280,27 +293,27 @@ do_hash( GCRY_MD_HD md, GCRY_MD_HD md2, IOBUF fp, int textmode )
 	int lc = -1;
 	while( (c = iobuf_get(fp)) != -1 ) {
 	    if( c == '\n' && lc == '\r' )
-		gcry_md_putc(md2, c);
+		md_putc(md2, c);
 	    else if( c == '\n' ) {
-		gcry_md_putc(md2, '\r');
-		gcry_md_putc(md2, c);
+		md_putc(md2, '\r');
+		md_putc(md2, c);
 	    }
 	    else if( c != '\n' && lc == '\r' ) {
-		gcry_md_putc(md2, '\n');
-		gcry_md_putc(md2, c);
+		md_putc(md2, '\n');
+		md_putc(md2, c);
 	    }
 	    else
-		gcry_md_putc(md2, c);
+		md_putc(md2, c);
 
 	    if( md )
-		gcry_md_putc(md, c );
+		md_putc(md, c );
 	    lc = c;
 	}
     }
     else {
 	while( (c = iobuf_get(fp)) != -1 ) {
 	    if( md )
-		gcry_md_putc(md, c );
+		md_putc(md, c );
 	}
     }
 }
@@ -311,7 +324,7 @@ do_hash( GCRY_MD_HD md, GCRY_MD_HD md2, IOBUF fp, int textmode )
  * INFILE is the name of the input file.
  */
 int
-ask_for_detached_datafile( GCRY_MD_HD md, GCRY_MD_HD md2,
+ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
 			   const char *inname, int textmode )
 {
     char *answer = NULL;
@@ -323,12 +336,12 @@ ask_for_detached_datafile( GCRY_MD_HD md, GCRY_MD_HD md2,
 	int any=0;
 	tty_printf(_("Detached signature.\n"));
 	do {
-	    gcry_free(answer);
+	    m_free(answer);
 	    answer = cpr_get("detached_signature.filename",
 			   _("Please enter name of data file: "));
 	    cpr_kill_prompt();
 	    if( any && !*answer ) {
-		rc = GPGERR_READ_FILE;
+		rc = G10ERR_READ_FILE;
 		goto leave;
 	    }
 	    fp = iobuf_open(answer);
@@ -338,7 +351,7 @@ ask_for_detached_datafile( GCRY_MD_HD md, GCRY_MD_HD md2,
 	    }
 	    else if( !fp ) {
 		log_error("can't open `%s': %s\n", answer, strerror(errno) );
-		rc = GPGERR_READ_FILE;
+		rc = G10ERR_READ_FILE;
 		goto leave;
 	    }
 	} while( !fp );
@@ -355,7 +368,7 @@ ask_for_detached_datafile( GCRY_MD_HD md, GCRY_MD_HD md2,
 
 
   leave:
-    gcry_free(answer);
+    m_free(answer);
     return rc;
 }
 
@@ -366,11 +379,11 @@ ask_for_detached_datafile( GCRY_MD_HD md, GCRY_MD_HD md2,
  * If FILES is NULL, hash stdin.
  */
 int
-hash_datafiles( GCRY_MD_HD md, GCRY_MD_HD md2, STRLIST files,
+hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files,
 		const char *sigfilename, int textmode )
 {
     IOBUF fp;
-    STRLIST sl=NULL;
+    STRLIST sl;
 
     if( !files ) {
 	/* check whether we can open the signed material */
@@ -380,28 +393,26 @@ hash_datafiles( GCRY_MD_HD md, GCRY_MD_HD md2, STRLIST files,
 	    iobuf_close(fp);
 	    return 0;
 	}
-	/* no we can't (no sigfile) - read signed stuff from stdin */
-	add_to_strlist( &sl, "-");
+        log_error (_("no signed data\n"));
+        return G10ERR_OPEN_FILE;
     }
-    else
-	sl = files;
 
-    for( ; sl; sl = sl->next ) {
+
+    for (sl=files; sl; sl = sl->next ) {
 	fp = iobuf_open( sl->d );
 	if( !fp ) {
 	    log_error(_("can't open signed data `%s'\n"),
 						print_fname_stdin(sl->d));
-	    if( !files )
-		free_strlist(sl);
-	    return GPGERR_OPEN_FILE;
+	    return G10ERR_OPEN_FILE;
 	}
 	do_hash( md, md2, fp, textmode );
 	iobuf_close(fp);
     }
 
-    if( !files )
-	free_strlist(sl);
     return 0;
 }
 
 
+
+
+
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 646aca017..2c8771c27 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -1,5 +1,5 @@
 /* pubkey-enc.c -  public key encoded packet handling
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,12 +23,13 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-
-#include <gcrypt.h>
 #include "util.h"
+#include "memory.h"
 #include "packet.h"
+#include "mpi.h"
 #include "keydb.h"
 #include "trustdb.h"
+#include "cipher.h"
 #include "status.h"
 #include "options.h"
 #include "main.h"
@@ -38,66 +39,31 @@ static int get_it( PKT_pubkey_enc *k,
 		   DEK *dek, PKT_secret_key *sk, u32 *keyid );
 
 
-/****************
- * Emulate our old PK interface here - sometime in the future we might
- * change the internal design to directly fit to libgcrypt.
- */
+/* check that the given algo is mentioned in one of the valid user IDs */
 static int
-pk_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
+is_algo_in_prefs ( KBNODE keyblock, preftype_t type, int algo )
 {
-    GCRY_SEXP s_skey, s_data, s_plain;
-    int rc;
-
-    *result = NULL;
-    /* make a sexp from skey */
-    if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
-	rc = gcry_sexp_build ( &s_skey, NULL,
-			      "(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
-				  skey[0], skey[1], skey[2], skey[3] );
-    }
-    else if( algo == GCRY_PK_RSA ) {
-	rc = gcry_sexp_build ( &s_skey, NULL,
-		    "(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
-		     skey[0], skey[1], skey[2], skey[3], skey[4], skey[5] );
-    }
-    else
-	return GPGERR_PUBKEY_ALGO;
-
-    if ( rc )
-	BUG ();
-
-    /* put data into a S-Exp s_data */
-    if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
-	rc = gcry_sexp_build ( &s_data, NULL,
-			       "(enc-val(elg(a%m)(b%m)))", data[0], data[1] );
+    KBNODE k;
+
+    for (k=keyblock; k; k=k->next) {
+        if (k->pkt->pkttype == PKT_USER_ID) {
+            PKT_user_id *uid = k->pkt->pkt.user_id;
+            prefitem_t *prefs = uid->prefs;
+            
+            if (uid->created && prefs &&
+		!uid->is_revoked && !uid->is_expired ) {
+                for (; prefs->type; prefs++ )
+                    if (prefs->type == type && prefs->value == algo)
+                        return 1;
+            }
+        }
     }
-    else if( algo == GCRY_PK_RSA ) {
-	rc = gcry_sexp_build ( &s_data, NULL,
-			       "(enc-val(rsa(a%m)))", data[0] );
-    }
-    else
-	BUG();
-
-    if ( rc )
-	BUG ();
-
-    rc = gcry_pk_decrypt( &s_plain, s_data, s_skey );
-    gcry_sexp_release( s_skey );
-    gcry_sexp_release( s_data);
-    if( rc )
-	return rc;
-
-    *result = gcry_sexp_nth_mpi( s_plain, 0, 0 );
-    gcry_sexp_release( s_plain );
-    if( !*result )
-	return -1; /* oops */
-
     return 0;
 }
 
 
 /****************
- * Get the session key from a pubkey enc paket and return
+ * Get the session key from a pubkey enc packet and return
  * it in DEK, which should have been allocated in secure memory.
  */
 int
@@ -106,12 +72,12 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
     PKT_secret_key *sk = NULL;
     int rc;
 
-    rc = openpgp_pk_test_algo( k->pubkey_algo, 0 );
+    rc = check_pubkey_algo2 (k->pubkey_algo, PUBKEY_USAGE_ENC);
     if( rc )
 	goto leave;
 
     if( (k->keyid[0] || k->keyid[1]) && !opt.try_all_secrets ) {
-	sk = gcry_xcalloc( 1, sizeof *sk );
+	sk = m_alloc_clear( sizeof *sk );
 	sk->pubkey_algo = k->pubkey_algo; /* we want a pubkey with this algo*/
 	if( !(rc = get_seckey( sk, k->keyid )) )
 	    rc = get_it( k, dek, sk, k->keyid );
@@ -123,17 +89,17 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
 	for(;;) {
 	    if( sk )
 		free_secret_key( sk );
-	    sk = gcry_xcalloc( 1, sizeof *sk );
+	    sk = m_alloc_clear( sizeof *sk );
 	    rc=enum_secret_keys( &enum_context, sk, 1);
 	    if( rc ) {
-		rc = GPGERR_NO_SECKEY;
+		rc = G10ERR_NO_SECKEY;
 		break;
 	    }
 	    if( sk->pubkey_algo != k->pubkey_algo )
 		continue;
 	    keyid_from_sk( sk, keyid );
-	    log_info(_("anonymous receiver; trying secret key %08lX ...\n"),
-				     (ulong)keyid[1] );
+	    log_info(_("anonymous recipient; trying secret key %08lX ...\n"),
+                     (ulong)keyid[1] );
 	    rc = check_secret_key( sk, 1 ); /* ask only once */
 	    if( !rc )
 		rc = get_it( k, dek, sk, keyid );
@@ -153,22 +119,19 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
 
 
 static int
-get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
+get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
 {
     int rc;
     MPI plain_dek  = NULL;
     byte *frame = NULL;
-    unsigned int n;
-    size_t nframe;
+    unsigned n, nframe;
     u16 csum, csum2;
 
-    rc = pk_decrypt(sk->pubkey_algo, &plain_dek, k->data, sk->skey );
+    rc = pubkey_decrypt(sk->pubkey_algo, &plain_dek, enc->data, sk->skey );
     if( rc )
 	goto leave;
-    if( gcry_mpi_aprint( GCRYMPI_FMT_USG, &frame, &nframe, plain_dek ) )
-	BUG();
-
-    mpi_release( plain_dek ); plain_dek = NULL;
+    frame = mpi_get_buffer( plain_dek, &nframe, NULL );
+    mpi_free( plain_dek ); plain_dek = NULL;
 
     /* Now get the DEK (data encryption key) from the frame
      *
@@ -180,8 +143,7 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
      *
      *	   0  2  RND(n bytes)  0  A  DEK(k bytes)  CSUM(2 bytes)
      *
-     * (mpi_get_buffer already removed the leading zero - still true
-     *	for gcry_mpi_aprint(0 which is used now?)
+     * (mpi_get_buffer already removed the leading zero).
      *
      * RND are non-zero randow bytes.
      * A   is the cipher algorithm
@@ -192,35 +154,37 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
 	log_hexdump("DEK frame:", frame, nframe );
     n=0;
     if( n + 7 > nframe )
-	{ rc = GPGERR_WRONG_SECKEY; goto leave; }
+	{ rc = G10ERR_WRONG_SECKEY; goto leave; }
     if( frame[n] == 1 && frame[nframe-1] == 2 ) {
 	log_info(_("old encoding of the DEK is not supported\n"));
-	rc = GPGERR_CIPHER_ALGO;
+	rc = G10ERR_CIPHER_ALGO;
 	goto leave;
     }
     if( frame[n] != 2 )  /* somethink is wrong */
-	{ rc = GPGERR_WRONG_SECKEY; goto leave; }
+	{ rc = G10ERR_WRONG_SECKEY; goto leave; }
     for(n++; n < nframe && frame[n]; n++ ) /* skip the random bytes */
 	;
     n++; /* and the zero byte */
     if( n + 4 > nframe )
-	{ rc = GPGERR_WRONG_SECKEY; goto leave; }
+	{ rc = G10ERR_WRONG_SECKEY; goto leave; }
 
     dek->keylen = nframe - (n+1) - 2;
     dek->algo = frame[n++];
-    if( dek->algo ==  GCRY_CIPHER_IDEA )
+    if( dek->algo ==  CIPHER_ALGO_IDEA )
 	write_status(STATUS_RSA_OR_IDEA);
-    rc = openpgp_cipher_test_algo( dek->algo );
+    rc = check_cipher_algo( dek->algo );
     if( rc ) {
-	if( !opt.quiet && rc == GPGERR_CIPHER_ALGO ) {
-	    log_info(_("cipher algorithm %d is unknown or disabled\n"),
-							    dek->algo);
+	if( !opt.quiet && rc == G10ERR_CIPHER_ALGO ) {
+	    log_info(_("cipher algorithm %d%s is unknown or disabled\n"),
+                     dek->algo, dek->algo == CIPHER_ALGO_IDEA? " (IDEA)":"");
+	    if(dek->algo==CIPHER_ALGO_IDEA)
+	      idea_cipher_warn(0);
 	}
 	dek->algo = 0;
 	goto leave;
     }
-    if( dek->keylen != gcry_cipher_get_algo_keylen( dek->algo ) ) {
-	rc = GPGERR_WRONG_SECKEY;
+    if( (dek->keylen*8) != cipher_get_keylen( dek->algo ) ) {
+	rc = G10ERR_WRONG_SECKEY;
 	goto leave;
     }
 
@@ -231,53 +195,102 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
     for( csum2=0, n=0; n < dek->keylen; n++ )
 	csum2 += dek->key[n];
     if( csum != csum2 ) {
-	rc = GPGERR_WRONG_SECKEY;
+	rc = G10ERR_WRONG_SECKEY;
 	goto leave;
     }
     if( DBG_CIPHER )
 	log_hexdump("DEK is:", dek->key, dek->keylen );
     /* check that the algo is in the preferences and whether it has expired */
     {
-	PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-	if( (rc = get_pubkey( pk, keyid )) )
-	    log_error("public key problem: %s\n", gpg_errstr(rc) );
-	else if( !pk->local_id && query_trust_record(pk) )
-	    log_error("can't check algorithm against preferences\n");
-	else if( dek->algo != GCRY_CIPHER_3DES
-	    && !is_algo_in_prefs( pk->local_id, PREFTYPE_SYM, dek->algo ) ) {
+	PKT_public_key *pk = NULL;
+        KBNODE pkb = get_pubkeyblock (keyid);
+
+	if( !pkb ) {
+            rc = -1;
+	    log_error("oops: public key not found for preference check\n");
+        }
+	else if( pkb->pkt->pkt.public_key->selfsigversion > 3
+            && dek->algo != CIPHER_ALGO_3DES
+	    && !is_algo_in_prefs( pkb, PREFTYPE_SYM, dek->algo ) ) {
 	    /* Don't print a note while we are not on verbose mode,
 	     * the cipher is blowfish and the preferences have twofish
 	     * listed */
-	    if( opt.verbose || dek->algo != GCRY_CIPHER_BLOWFISH
-		|| !is_algo_in_prefs( pk->local_id, PREFTYPE_SYM,
-						    GCRY_CIPHER_TWOFISH ) )
+	    if( opt.verbose || dek->algo != CIPHER_ALGO_BLOWFISH
+		|| !is_algo_in_prefs( pkb, PREFTYPE_SYM, CIPHER_ALGO_TWOFISH))
 		log_info(_(
 		    "NOTE: cipher algorithm %d not found in preferences\n"),
 								 dek->algo );
 	}
 
-
-	if( !rc && pk->expiredate && pk->expiredate <= make_timestamp() ) {
-	    log_info(_("NOTE: secret key %08lX expired at %s\n"),
-			   (ulong)keyid[1], asctimestamp( pk->expiredate) );
-	}
-
-	/* FIXME: check wheter the key has been revoked and display
-	 * the revocation reason.  Actually the user should know this himself,
-	 * but the sender might not know already and therefor the user
-	 * should get a notice that an revoked key has been used to decode
-	 * the message.  The user can than watch out for snakes send by
-	 * one of those Eves outside his paradise :-)
-	 */
-	free_public_key( pk );
+        if (!rc) {
+            KBNODE k;
+            
+            for (k=pkb; k; k = k->next) {
+                if (k->pkt->pkttype == PKT_PUBLIC_KEY 
+                    || k->pkt->pkttype == PKT_PUBLIC_SUBKEY){
+                    u32 aki[2];
+        	    keyid_from_pk(k->pkt->pkt.public_key, aki);
+
+                    if (aki[0]==keyid[0] && aki[1]==keyid[1]) {
+                        pk = k->pkt->pkt.public_key;
+                        break;
+                    }
+                }
+            }
+            if (!pk)
+                BUG ();
+            if ( pk->expiredate && pk->expiredate <= make_timestamp() ) {
+                log_info(_("NOTE: secret key %08lX expired at %s\n"),
+                         (ulong)keyid[1], asctimestamp( pk->expiredate) );
+            }
+        }
+
+        if ( pk->is_revoked ) {
+            log_info( _("NOTE: key has been revoked") );
+            putc( '\n', log_stream() );
+            show_revocation_reason( pk, 1 );
+        }
+
+	release_kbnode (pkb);
 	rc = 0;
     }
 
 
   leave:
-    mpi_release(plain_dek);
-    gcry_free(frame);
+    mpi_free(plain_dek);
+    m_free(frame);
     return rc;
 }
 
 
+/****************
+ * Get the session key from the given string.
+ * String is supposed to be formatted as this:
+ *  <algo-id>:<even-number-of-hex-digits>
+ */
+int
+get_override_session_key( DEK *dek, const char *string )
+{
+    const char *s;
+    int i;
+
+    if ( !string )
+	return G10ERR_BAD_KEY;
+    dek->algo = atoi(string);
+    if ( dek->algo < 1 )
+	return G10ERR_BAD_KEY;
+    if ( !(s = strchr ( string, ':' )) )
+	return G10ERR_BAD_KEY;
+    s++;
+    for(i=0; i < DIM(dek->key) && *s; i++, s +=2 ) {
+	int c = hextobyte ( s );
+	if (c == -1)
+	    return G10ERR_BAD_KEY;
+	dek->key[i] = c;
+    }
+    if ( *s )
+	return G10ERR_BAD_KEY;
+    dek->keylen = i;
+    return 0;
+}
+
diff --git a/g10/revoke.c b/g10/revoke.c
index e988e5e62..ca67d80e5 100644
--- a/g10/revoke.c
+++ b/g10/revoke.c
@@ -1,5 +1,5 @@
 /* revoke.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -30,7 +30,7 @@
 #include "packet.h"
 #include "errors.h"
 #include "keydb.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "ttyio.h"
@@ -52,25 +52,274 @@ revocation_reason_build_cb( PKT_signature *sig, void *opaque )
     byte *buffer;
     size_t buflen = 1;
 
+    if(!reason)
+      return 0;
+
     if( reason->desc ) {
 	ud = native_to_utf8( reason->desc );
 	buflen += strlen(ud);
     }
-    buffer = gcry_xmalloc( buflen );
+    buffer = m_alloc( buflen );
     *buffer = reason->code;
     if( ud ) {
 	memcpy(buffer+1, ud, strlen(ud) );
-	gcry_free( ud );
+	m_free( ud );
     }
 
     build_sig_subpkt( sig, SIGSUBPKT_REVOC_REASON, buffer, buflen );
-    gcry_free( buffer );
+    m_free( buffer );
     return 0;
 }
 
 
 
 /****************
+ * Generate a revocation certificate for UNAME via a designated revoker
+ */
+int
+gen_desig_revoke( const char *uname )
+{
+    int rc = 0;
+    armor_filter_context_t afx;
+    PACKET pkt;
+    PKT_public_key *pk = NULL;
+    PKT_secret_key *sk = NULL;
+    PKT_signature *sig = NULL;
+    IOBUF out = NULL;
+    struct revocation_reason_info *reason = NULL;
+    KEYDB_HANDLE kdbhd;
+    KEYDB_SEARCH_DESC desc;
+    KBNODE keyblock=NULL,node;
+    u32 keyid[2];
+    int i,any=0;
+
+    if( opt.batch ) {
+	log_error(_("sorry, can't do this in batch mode\n"));
+	return G10ERR_GENERAL;
+    }
+
+    memset( &afx, 0, sizeof afx);
+
+    kdbhd = keydb_new (0);
+    classify_user_id (uname, &desc);
+    rc = desc.mode? keydb_search (kdbhd, &desc, 1) : G10ERR_INV_USER_ID;
+    if (rc) {
+	log_error (_("key `%s' not found: %s\n"),uname, g10_errstr (rc));
+	goto leave;
+    }
+
+    rc = keydb_get_keyblock (kdbhd, &keyblock );
+    if( rc ) {
+	log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
+	goto leave;
+    }
+
+    /* To parse the revkeys */
+    merge_keys_and_selfsig(keyblock);
+
+    /* get the key from the keyblock */
+    node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
+    if( !node ) 
+      BUG ();
+
+    pk=node->pkt->pkt.public_key;
+
+    keyid_from_pk(pk,keyid);
+
+    /* Are we a designated revoker for this key? */
+
+    if(!pk->revkey && pk->numrevkeys)
+      BUG();
+
+    for(i=0;i<pk->numrevkeys;i++)
+      {
+	if(sk)
+	  free_secret_key(sk);
+
+	sk=m_alloc_clear(sizeof(*sk));
+
+	rc=get_seckey_byfprint(sk,pk->revkey[i].fpr,MAX_FINGERPRINT_LEN);
+
+	/* We have the revocation key */
+	if(!rc)
+	  {
+	    size_t n;
+	    char *p;
+	    u32 sk_keyid[2];
+	    PKT_user_id *uid=NULL;
+	    PKT_signature *selfsig=NULL;
+
+	    any=1;
+	    keyid_from_sk(sk,sk_keyid);
+
+	    tty_printf("\npub  %4u%c/%08lX %s   ",
+		       nbits_from_pk( pk ),
+		       pubkey_letter( pk->pubkey_algo ),
+		       (ulong)keyid[1], datestr_from_pk(pk) );
+
+	    p = get_user_id( keyid, &n );
+	    tty_print_utf8_string( p, n );
+	    m_free(p);
+	    tty_printf("\n\n");
+
+	    tty_printf(_("To be revoked by:\n"));
+
+	    tty_printf("\nsec  %4u%c/%08lX %s   ",
+		       nbits_from_sk( sk ),
+		       pubkey_letter( sk->pubkey_algo ),
+		       (ulong)sk_keyid[1], datestr_from_sk(sk) );
+
+	    p = get_user_id( sk_keyid, &n );
+	    tty_print_utf8_string( p, n );
+	    m_free(p);
+	    tty_printf("\n\n");
+
+	    if( !cpr_get_answer_is_yes("gen_desig_revoke.okay",
+		       _("Create a revocation certificate for this key? ")) )
+	      continue;
+
+	    /* get the reason for the revocation (this is always v4) */
+	    reason = ask_revocation_reason( 1, 0, 1 );
+	    if( !reason )
+	      continue;
+
+	    rc = check_secret_key( sk, 0 );
+	    if( rc )
+	      continue;
+
+	    if( !opt.armor )
+	      tty_printf(_("ASCII armored output forced.\n"));
+
+	    if( (rc = open_outfile( NULL, 0, &out )) )
+	      goto leave;
+
+	    afx.what = 1;
+	    afx.hdrlines = "Comment: A revocation certificate should follow\n";
+	    iobuf_push_filter( out, armor_filter, &afx );
+
+	    /* create it */
+	    rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x20, 0,
+				     0, 0, 0,
+				     revocation_reason_build_cb, reason );
+	    if( rc ) {
+	      log_error(_("make_keysig_packet failed: %s\n"), g10_errstr(rc));
+	      goto leave;
+	    }
+
+	    /* Spit out a minimal pk as well, since otherwise there is
+               no way to know which key to attach this revocation
+               to. */
+
+	    node=find_kbnode(keyblock,PKT_PUBLIC_KEY);
+	    if(!node)
+	      {
+		rc=G10ERR_GENERAL;
+		log_error(_("key %08lX incomplete\n"),(ulong)keyid[1]);
+		goto leave;
+	      }
+
+	    pkt = *node->pkt;
+	    rc=build_packet(out,&pkt);
+	    if( rc ) {
+	      log_error(_("build_packet failed: %s\n"), g10_errstr(rc) );
+	      goto leave;
+	    }
+
+	    init_packet( &pkt );
+	    pkt.pkttype = PKT_SIGNATURE;
+	    pkt.pkt.signature = sig;
+
+	    rc = build_packet( out, &pkt );
+	    if( rc ) {
+	      log_error(_("build_packet failed: %s\n"), g10_errstr(rc) );
+	      goto leave;
+	    }
+
+	    while(!selfsig)
+	      {
+		KBNODE signode;
+
+		node=find_next_kbnode(node,PKT_USER_ID);
+		if(!node)
+		  {
+		    /* We're out of user IDs - none were
+                       self-signed. */
+		    if(uid)
+		      break;
+		    else
+		      {
+			rc=G10ERR_GENERAL;
+			log_error(_("key %08lX incomplete\n"),(ulong)keyid[1]);
+			goto leave;
+		      }
+		  }
+
+		if(node->pkt->pkt.user_id->attrib_data)
+		  continue;
+
+		uid=node->pkt->pkt.user_id;
+		signode=node;
+
+		while((signode=find_next_kbnode(signode,PKT_SIGNATURE)))
+		  {
+		    if(keyid[0]==signode->pkt->pkt.signature->keyid[0] &&
+		       keyid[1]==signode->pkt->pkt.signature->keyid[1] &&
+		       IS_UID_SIG(signode->pkt->pkt.signature))
+		      {
+			selfsig=signode->pkt->pkt.signature;
+			break;
+		      }
+		  }
+	      }
+
+	    pkt.pkttype = PKT_USER_ID;
+	    pkt.pkt.user_id = uid;
+
+	    rc = build_packet( out, &pkt );
+	    if( rc ) {
+	      log_error(_("build_packet failed: %s\n"), g10_errstr(rc) );
+	      goto leave;
+	    }
+
+	    if(selfsig)
+	      {
+		pkt.pkttype = PKT_SIGNATURE;
+		pkt.pkt.signature = selfsig;
+
+		rc = build_packet( out, &pkt );
+		if( rc ) {
+		  log_error(_("build_packet failed: %s\n"), g10_errstr(rc) );
+		  goto leave;
+		}
+	      }
+
+	    /* and issue a usage notice */
+	    tty_printf(_("Revocation certificate created.\n"));
+	    break;
+	  }
+      }
+
+    if(!any)
+      log_error(_("no revocation keys found for `%s'\n"),uname);
+
+  leave:
+    if( pk )
+	free_public_key( pk );
+    if( sk )
+	free_secret_key( sk );
+    if( sig )
+	free_seckey_enc( sig );
+
+    if( rc )
+	iobuf_cancel(out);
+    else
+	iobuf_close(out);
+    release_revocation_reason_info( reason );
+    return rc;
+}
+
+
+/****************
  * Generate a revocation certificate for UNAME
  */
 int
@@ -78,7 +327,6 @@ gen_revoke( const char *uname )
 {
     int rc = 0;
     armor_filter_context_t afx;
-    compress_filter_context_t zfx;
     PACKET pkt;
     PKT_secret_key *sk; /* used as pointer into a kbnode */
     PKT_public_key *pk = NULL;
@@ -87,34 +335,40 @@ gen_revoke( const char *uname )
     IOBUF out = NULL;
     KBNODE keyblock = NULL;
     KBNODE node;
+    KEYDB_HANDLE kdbhd;
     struct revocation_reason_info *reason = NULL;
+    KEYDB_SEARCH_DESC desc;
 
     if( opt.batch ) {
 	log_error(_("sorry, can't do this in batch mode\n"));
-	return GPGERR_GENERAL;
+	return G10ERR_GENERAL;
     }
 
-
     memset( &afx, 0, sizeof afx);
-    memset( &zfx, 0, sizeof zfx);
     init_packet( &pkt );
 
+    /* search the userid: 
+     * We don't want the whole getkey stuff here but the entire keyblock
+     */
+    kdbhd = keydb_new (1);
+    classify_user_id (uname, &desc);
+    rc = desc.mode? keydb_search (kdbhd, &desc, 1) : G10ERR_INV_USER_ID;
+    if (rc) {
+	log_error (_("secret key `%s' not found: %s\n"),
+                   uname, g10_errstr (rc));
+	goto leave;
+    }
 
-    /* search the userid */
-    rc = find_secret_keyblock_byname( &keyblock, uname );
+    rc = keydb_get_keyblock (kdbhd, &keyblock );
     if( rc ) {
-	log_error(_("secret key for user `%s' not found: %s\n"),
-                  uname, gpg_errstr(rc) );
+	log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
 	goto leave;
     }
 
     /* get the keyid from the keyblock */
     node = find_kbnode( keyblock, PKT_SECRET_KEY );
-    if( !node ) { /* maybe better to use log_bug ? */
-	log_error(_("Oops; secret key not found anymore!\n"));
-	rc = GPGERR_GENERAL;
-	goto leave;
-    }
+    if( !node ) 
+	BUG ();
 
     /* fixme: should make a function out of this stuff,
      * it's used all over the source */
@@ -123,23 +377,25 @@ gen_revoke( const char *uname )
     tty_printf("\nsec  %4u%c/%08lX %s   ",
 	      nbits_from_sk( sk ),
 	      pubkey_letter( sk->pubkey_algo ),
-	      sk_keyid[1], datestr_from_sk(sk) );
+	      (ulong)sk_keyid[1], datestr_from_sk(sk) );
     {
 	size_t n;
 	char *p = get_user_id( sk_keyid, &n );
 	tty_print_utf8_string( p, n );
-	gcry_free(p);
+	m_free(p);
 	tty_printf("\n");
     }
-    pk = gcry_xcalloc( 1, sizeof *pk );
+    pk = m_alloc_clear( sizeof *pk );
+
+    /* FIXME: We should get the public key direct from the secret one */
     rc = get_pubkey( pk, sk_keyid );
     if( rc ) {
-	log_error(_("no corresponding public key: %s\n"), gpg_errstr(rc) );
+	log_error(_("no corresponding public key: %s\n"), g10_errstr(rc) );
 	goto leave;
     }
     if( cmp_public_secret_key( pk, sk ) ) {
 	log_error(_("public key does not match secret key!\n") );
-	rc = GPGERR_GENERAL;
+	rc = G10ERR_GENERAL;
 	goto leave;
     }
 
@@ -150,17 +406,19 @@ gen_revoke( const char *uname )
 	goto leave;
     }
 
-    /* get the reason for the revocation */
-    reason = ask_revocation_reason( 1, 0, 1 );
-    if( !reason ) { /* user decided to cancel */
+    if(sk->version>=4 || opt.force_v4_certs) {
+      /* get the reason for the revocation */
+      reason = ask_revocation_reason( 1, 0, 1 );
+      if( !reason ) { /* user decided to cancel */
 	rc = 0;
 	goto leave;
+      }
     }
 
     switch( is_secret_key_protected( sk ) ) {
       case -1:
 	log_error(_("unknown protection algorithm\n"));
-	rc = GPGERR_PUBKEY_ALGO;
+	rc = G10ERR_PUBKEY_ALGO;
 	break;
       case 0:
 	tty_printf(_("NOTE: This key is not protected!\n"));
@@ -185,10 +443,10 @@ gen_revoke( const char *uname )
 
     /* create it */
     rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x20, 0,
-						  revocation_reason_build_cb,
-						  reason );
+			     opt.force_v4_certs?4:0, 0, 0,
+			     revocation_reason_build_cb, reason );
     if( rc ) {
-	log_error(_("make_keysig_packet failed: %s\n"), gpg_errstr(rc));
+	log_error(_("make_keysig_packet failed: %s\n"), g10_errstr(rc));
 	goto leave;
     }
     init_packet( &pkt );
@@ -197,7 +455,7 @@ gen_revoke( const char *uname )
 
     rc = build_packet( out, &pkt );
     if( rc ) {
-	log_error(_("build_packet failed: %s\n"), gpg_errstr(rc) );
+	log_error(_("build_packet failed: %s\n"), g10_errstr(rc) );
 	goto leave;
     }
 
@@ -217,6 +475,7 @@ gen_revoke( const char *uname )
     if( sig )
 	free_seckey_enc( sig );
     release_kbnode( keyblock );
+    keydb_release (kdbhd);
     if( rc )
 	iobuf_cancel(out);
     else
@@ -230,20 +489,22 @@ gen_revoke( const char *uname )
 struct revocation_reason_info *
 ask_revocation_reason( int key_rev, int cert_rev, int hint )
 {
-    int code;
+    int code=-1;
     char *description = NULL;
     struct revocation_reason_info *reason;
+    const char *text_0 = _("No reason specified");
     const char *text_1 = _("Key has been compromised");
     const char *text_2 = _("Key is superseded");
     const char *text_3 = _("Key is no longer used");
-    const char *text_4 = _("User ID is non longer valid");
+    const char *text_4 = _("User ID is no longer valid");
     const char *code_text = NULL;
 
     do {
-	gcry_free(description);
+	m_free(description);
 	description = NULL;
 
 	tty_printf(_("Please select the reason for the revocation:\n"));
+	tty_printf(    "  0 = %s\n", text_0 );
 	if( key_rev )
 	    tty_printf("  1 = %s\n", text_1 );
 	if( key_rev )
@@ -252,29 +513,31 @@ ask_revocation_reason( int key_rev, int cert_rev, int hint )
 	    tty_printf("  3 = %s\n", text_3 );
 	if( cert_rev )
 	    tty_printf("  4 = %s\n", text_4 );
-	tty_printf(    "  0 = %s\n", _("Cancel") );
+	tty_printf(    "  Q = %s\n", _("Cancel") );
 	if( hint )
 	    tty_printf(_("(Probably you want to select %d here)\n"), hint );
 
-	for(code = 0; !code;) {
+	while(code==-1) {
 	    int n;
 	    char *answer = cpr_get("ask_revocation_reason.code",
 						_("Your decision? "));
 	    trim_spaces( answer );
 	    cpr_kill_prompt();
-	    if( *answer == 'q' || *answer == 'Q' )
-		n = 0;
-	    else if( !isdigit( *answer ) )
-		n = -1;
-	    else if( hint && !*answer )
+	    if( *answer == 'q' || *answer == 'Q')
+	      return NULL; /* cancel */
+	    if( hint && !*answer )
 		n = hint;
+	    else if(!isdigit( *answer ) )
+ 	        n = -1;
 	    else
 		n = atoi(answer);
-	    gcry_free(answer);
-	    if( !n )
-		return NULL; /* cancel */
+	    m_free(answer);
+	    if( n == 0 ) {
+	        code = 0x00; /* no particular reason */
+		code_text = text_0;
+	    }
 	    else if( key_rev && n == 1 ) {
-		code = 0x02; /* key has  been compromised */
+		code = 0x02; /* key has been compromised */
 		code_text = text_1;
 	    }
 	    else if( key_rev && n == 2 ) {
@@ -286,7 +549,7 @@ ask_revocation_reason( int key_rev, int cert_rev, int hint )
 		code_text = text_3;
 	    }
 	    else if( cert_rev && n == 4 ) {
-		code = 0x20; /* uid is non longer valid */
+		code = 0x20; /* uid is no longer valid */
 		code_text = text_4;
 	    }
 	    else
@@ -300,25 +563,25 @@ ask_revocation_reason( int key_rev, int cert_rev, int hint )
 	    trim_trailing_ws( answer, strlen(answer) );
 	    cpr_kill_prompt();
 	    if( !*answer ) {
-		gcry_free(answer);
+		m_free(answer);
 		break;
 	    }
 
 	    {
 		char *p = make_printable_string( answer, strlen(answer), 0 );
-		gcry_free(answer);
+		m_free(answer);
 		answer = p;
 	    }
 
 	    if( !description )
-		description = gcry_xstrdup(answer);
+		description = m_strdup(answer);
 	    else {
-		char *p = gcry_xmalloc( strlen(description) + strlen(answer) + 2 );
+		char *p = m_alloc( strlen(description) + strlen(answer) + 2 );
 		strcpy(stpcpy(stpcpy( p, description),"\n"),answer);
-		gcry_free(description);
+		m_free(description);
 		description = p;
 	    }
-	    gcry_free(answer);
+	    m_free(answer);
 	}
 
 	tty_printf(_("Reason for revocation: %s\n"), code_text );
@@ -330,7 +593,7 @@ ask_revocation_reason( int key_rev, int cert_rev, int hint )
     } while( !cpr_get_answer_is_yes("ask_revocation_reason.okay",
 					    _("Is this okay? "))  );
 
-    reason = gcry_xmalloc( sizeof *reason );
+    reason = m_alloc( sizeof *reason );
     reason->code = code;
     reason->desc = description;
     return reason;
@@ -340,8 +603,7 @@ void
 release_revocation_reason_info( struct revocation_reason_info *reason )
 {
     if( reason ) {
-	gcry_free( reason->desc );
-	gcry_free( reason );
+	m_free( reason->desc );
+	m_free( reason );
     }
 }
-
diff --git a/g10/ringedit.c b/g10/ringedit.c
deleted file mode 100644
index 6d5b3e0e4..000000000
--- a/g10/ringedit.c
+++ /dev/null
@@ -1,1360 +0,0 @@
-/* ringedit.c -  Function for key ring editing
- *	Copyright (C) 1998, 2000 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-
-/****************
- * This module supplies function for:
- *
- *  - Search for a key block (pubkey and all other stuff) and return a
- *    handle for it.
- *
- *  - Lock/Unlock a key block
- *
- *  - Read a key block into a tree
- *
- *  - Update a key block
- *
- *  - Insert a new key block
- *
- *  - Delete a key block
- *
- */
-
-
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <unistd.h> /* for truncate */
-#include <assert.h>
-
-#include <gcrypt.h>
-#include "util.h"
-#include "packet.h"
-#include "iobuf.h"
-#include "keydb.h"
-#include "host2net.h"
-#include "options.h"
-#include "main.h"
-#include "i18n.h"
-#include "kbx.h"
-
-
-
-
-struct resource_table_struct {
-    int used;
-    int secret; /* this is a secret keyring */
-    char *fname;
-    IOBUF iobuf;
-    enum resource_type rt;
-    DOTLOCK lockhd;
-    int    is_locked;
-};
-typedef struct resource_table_struct RESTBL;
-
-
-struct keyblock_pos_struct {
-    int   resno;     /* resource number */
-    enum resource_type rt;
-    ulong offset;    /* position information */
-    unsigned count;  /* length of the keyblock in packets */
-    IOBUF  fp;	     /* used by enum_keyblocks */
-    int secret;      /* working on a secret keyring */
-    PACKET *pkt;     /* ditto */
-    int valid;
-    ulong save_offset;
-};
-
-
-
-
-#define MAX_RESOURCES 10
-static RESTBL resource_table[MAX_RESOURCES];
-static int default_public_resource;
-static int default_secret_resource;
-
-static int keyring_enum( KBPOS kbpos, KBNODE *ret_root, int skipsigs );
-static int keyring_copy( KBPOS kbpos, int mode, KBNODE root );
-
-static int do_kbxf_enum( KBPOS kbpos, KBNODE *ret_root, int skipsigs );
-static int do_kbxf_copy( KBPOS kbpos, int mode, KBNODE root );
-
-
-static RESTBL *
-check_pos( KBPOS kbpos )
-{
-    if( kbpos->resno < 0 || kbpos->resno >= MAX_RESOURCES )
-	return NULL;
-    if( !resource_table[kbpos->resno].used )
-	return NULL;
-    return resource_table + kbpos->resno;
-}
-
-
-/****************
- * Hmmm, how to avoid deadlock? They should not happen if everyone
- * locks the key resources in the same order; but who knows.
- * A solution is to use only one lock file in the gnupg homedir but
- * what will happen with key resources which normally don't belong
- * to the gpg homedir?
- */
-static void
-lock_rentry( RESTBL *rentry )
-{
-    if( !rentry->lockhd ) {
-	rentry->lockhd = create_dotlock( rentry->fname );
-	if( !rentry->lockhd )
-	    log_fatal("can't allocate lock for `%s'\n", rentry->fname );
-	rentry->is_locked = 0;
-    }
-    if( !rentry->is_locked ) {
-	if( make_dotlock( rentry->lockhd, -1 ) )
-	    log_fatal("can't lock `%s'\n", rentry->fname );
-	rentry->is_locked = 1;
-    }
-}
-
-static void
-unlock_rentry( RESTBL *rentry )
-{
-    if( opt.lock_once )
-	return;
-    if( !release_dotlock( rentry->lockhd ) )
-	rentry->is_locked = 0;
-}
-
-
-/****************************************************************
- ****************** public functions ****************************
- ****************************************************************/
-
-/****************
- * Get the name of the keyrings, start with a sequence number pointing to a 0.
- */
-const char *
-enum_keyblock_resources( int *sequence, int secret )
-{
-    int i = *sequence;
-    const char *name = NULL;
-
-    for(; i < MAX_RESOURCES; i++ )
-	if( resource_table[i].used && !resource_table[i].secret == !secret ) {
-	    if( resource_table[i].fname ) {
-		name = resource_table[i].fname;
-		break;
-	    }
-	}
-    *sequence = ++i;
-    return name;
-}
-
-
-/****************
- * Register a resource (which currently may only be a keyring file).
- * The first keyring which is added by this function is
- * created if it does not exist.
- * Note: this function may be called before secure memory is
- * available.
- */
-int
-add_keyblock_resource( const char *url, int force, int secret )
-{
-    static int any_secret, any_public;
-    const char *resname = url;
-    IOBUF iobuf = NULL;
-    int i;
-    char *filename = NULL;
-    int rc = 0;
-    enum resource_type rt = rt_UNKNOWN;
-
-
-    /* Do we have an URL?
-     *	gnupg-kbxf:filename  := this is a KBX file resource
-     *	gnupg-ring:filename  := this is a plain keyring
-     *	filename := See what is is, but create as plain keyring.
-     */
-    if( strlen( resname ) > 11 ) {
-	if( !strncmp( resname, "gnupg-ring:", 11 ) ) {
-	    rt = rt_RING;
-	    resname += 11;
-	}
-	else if( !strncmp( resname, "gnupg-kbxf:", 11 ) ) {
-	    rt = rt_KBXF;
-	    resname += 11;
-	}
-      #ifndef HAVE_DRIVE_LETTERS
-	else if( strchr( resname, ':' ) ) {
-	    log_error("%s: invalid URL\n", url );
-	    rc = GPGERR_GENERAL;
-	    goto leave;
-	}
-      #endif
-    }
-
-    if( *resname != '/' ) { /* do tilde expansion etc */
-	if( strchr(resname, '/') )
-	    filename = make_filename(resname, NULL);
-	else
-	    filename = make_filename(opt.homedir, resname, NULL);
-    }
-    else
-	filename = gcry_xstrdup( resname );
-
-    if( !force )
-	force = secret? !any_secret : !any_public;
-
-    for(i=0; i < MAX_RESOURCES; i++ )
-	if( !resource_table[i].used )
-	    break;
-    if( i == MAX_RESOURCES ) {
-	rc = GPGERR_RESOURCE_LIMIT;
-	goto leave;
-    }
-
-    /* see whether we can determine the filetype */
-    if( rt == rt_UNKNOWN ) {
-	FILE *fp = fopen( filename, "rb" );
-
-	if( fp ) {
-	    u32 magic;
-
-	    if( fread( &magic, 4, 1, fp) == 1 ) {
-                char buf[8];
-
-                rt = rt_RING;
-                if( fread( buf, 8, 1, fp) == 1 ) {
-                    if( !memcmp( buf+4, "KBXf", 4 )
-                        && buf[0] == 1 && buf[1] == 1 ) {
-                        rt = rt_KBXF;
-                    }
-                }
-			    }
-	    else /* maybe empty: assume ring */
-		rt = rt_RING;
-	    fclose( fp );
-	}
-	else /* no file yet: create ring */
-	    rt = rt_RING;
-    }
-
-    switch( rt ) {
-      case rt_UNKNOWN:
-	log_error("%s: unknown resource type\n", url );
-	rc = GPGERR_GENERAL;
-	goto leave;
-
-      case rt_RING:
-      case rt_KBXF:
-	iobuf = iobuf_open( filename );
-	if( !iobuf && !force ) {
-	    rc = GPGERR_OPEN_FILE;
-	    goto leave;
-	}
-
-	if( !iobuf ) {
-	    char *last_slash_in_filename;
-
-	    last_slash_in_filename = strrchr(filename, '/');
-	    *last_slash_in_filename = 0;
-
-	    if( access(filename, F_OK) ) {
-		/* on the first time we try to create the default homedir and
-		 * in this case the process will be terminated, so that on the
-		 * next invocation it can read the options file in on startup
-		 */
-		try_make_homedir( filename );
-		rc = GPGERR_OPEN_FILE;
-		goto leave;
-	    }
-
-	    *last_slash_in_filename = '/';
-
-	    iobuf = iobuf_create( filename );
-	    if( !iobuf ) {
-		log_error(_("%s: can't create keyring: %s\n"),
-					    filename, strerror(errno));
-		rc = GPGERR_OPEN_FILE;
-		goto leave;
-	    }
-	    else {
-	      #ifndef HAVE_DOSISH_SYSTEM
-		if( secret ) {
-		    if( chmod( filename, S_IRUSR | S_IWUSR ) ) {
-			log_error("%s: chmod failed: %s\n",
-						filename, strerror(errno) );
-			rc = GPGERR_WRITE_FILE;
-			goto leave;
-		    }
-		}
-	      #endif
-		if( !opt.quiet )
-		    log_info(_("%s: keyring created\n"), filename );
-	    }
-	}
-      #if HAVE_DOSISH_SYSTEM || 1
-	iobuf_close( iobuf );
-	iobuf = NULL;
-	/* must close it again */
-      #endif
-	break;
-
-
-      default:
-	log_error("%s: unsupported resource type\n", url );
-	rc = GPGERR_GENERAL;
-	goto leave;
-    }
-
-  #ifndef HAVE_DOSISH_SYSTEM
-  #if 0 /* fixme: check directory permissions and print a warning */
-    if( secret ) {
-    }
-  #endif
-  #endif
-
-    /* fixme: avoid duplicate resources */
-    resource_table[i].used = 1;
-    resource_table[i].secret = !!secret;
-    resource_table[i].fname = gcry_xstrdup(filename);
-    resource_table[i].iobuf = iobuf;
-    resource_table[i].rt    = rt;
-    if( secret )
-	default_secret_resource = i;
-    else
-	default_public_resource = i;
-
-  leave:
-    if( rc )
-	log_error("keyblock resource `%s': %s\n", filename, gpg_errstr(rc) );
-    else if( secret )
-	any_secret = 1;
-    else
-	any_public = 1;
-    gcry_free( filename );
-    return rc;
-}
-
-/****************
- * Return the resource name of the keyblock associated with KBPOS.
- */
-const char *
-keyblock_resource_name( KBPOS kbpos )
-{
-    RESTBL *rentry;
-
-    if( !(rentry = check_pos( kbpos )) || !rentry->fname )
-	log_bug("no name for keyblock resource %d\n", kbpos->resno );
-    return rentry->fname;
-}
-
-
-/****************
- * Get a keyblock handle KBPOS from a filename. This can be used
- * to get a handle for insert_keyblock for a new keyblock.
- * Using a filename of NULL returns the default resource
- */
-int
-get_keyblock_handle( const char *filename, int secret, KBPOS kbpos )
-{
-    int i = 0;
-
-    if( !filename )
-	i = secret? default_secret_resource : default_public_resource;
-
-    for(; i < MAX_RESOURCES; i++ ) {
-	if( resource_table[i].used && !resource_table[i].secret == !secret ) {
-	    /* fixme: dos needs case insensitive file compare */
-	    if( !filename || !strcmp( resource_table[i].fname, filename ) ) {
-		memset( kbpos, 0, sizeof *kbpos );
-		kbpos->resno = i;
-		kbpos->rt = resource_table[i].rt;
-		return 0;
-	    }
-	}
-    }
-    return -1; /* not found */
-}
-
-
-/****************
- * Return the filename of the firstkeyblock resource which is intended
- * for write access. This will either be the default resource or in
- * case this is not writable one of the others.  If no writable is found,
- * the default filename in the homedirectory will be returned.
- * Caller must free, will never return NULL.
- */
-char *
-get_writable_keyblock_file( int secret )
-{
-    int i = secret? default_secret_resource : default_public_resource;
-
-    if( resource_table[i].used && !resource_table[i].secret == !secret ) {
-	if( !access( resource_table[i].fname, R_OK|W_OK ) ) {
-	    return gcry_xstrdup( resource_table[i].fname );
-	}
-    }
-    for(i=0; i < MAX_RESOURCES; i++ ) {
-	if( resource_table[i].used && !resource_table[i].secret == !secret ) {
-	    if( !access( resource_table[i].fname, R_OK|W_OK ) ) {
-		return gcry_xstrdup( resource_table[i].fname );
-	    }
-	}
-    }
-    /* Assume the home dir is always writable */
-    return  make_filename(opt.homedir, secret? "secring.gpg"
-					     : "pubring.gpg", NULL );
-}
-
-
-void
-ringedit_copy_kbpos ( KBPOS d, KBPOS s )
-{
-    *d = *s;
-}
-
-
-/****************
- * Lock the keyblock; wait until it's available
- * This function may change the internal data in kbpos, in cases
- * when the keyblock to be locked has been modified.
- * fixme: remove this function and add an option to search()?
- */
-static int
-lock_keyblock( KBPOS kbpos )
-{
-    if( !check_pos(kbpos) )
-	return GPGERR_GENERAL;
-    return 0;
-}
-
-/****************
- * Release a lock on a keyblock
- */
-static void
-unlock_keyblock( KBPOS kbpos )
-{
-    if( !check_pos(kbpos) )
-	BUG();
-}
-
-
-static int
-enum_keyrings_open_helper( KBPOS kbpos, int where )
-{
-    int i = where;
-    RESTBL *rentry;
-
-    for(; i < MAX_RESOURCES; i++ )
-        if( resource_table[i].used
-            && !resource_table[i].secret == !kbpos->secret )
-            break;
-    if( i == MAX_RESOURCES ) 
-        return -1; /* no resources */
-    kbpos->resno = i;
-    rentry = check_pos( kbpos );
-    kbpos->rt = resource_table[i].rt;
-    kbpos->valid = 0;
-    switch( kbpos->rt ) {
-      case rt_RING:
-      case rt_KBXF:
-        kbpos->fp = iobuf_open( rentry->fname );
-        if ( !kbpos->fp ) {
-            log_error("can't open `%s'\n", rentry->fname );
-            return GPGERR_OPEN_FILE;
-        }
-        break;
-    
-       default: BUG();
-    }
-    kbpos->pkt = NULL;
-    return 0;
-}
-
-
-/****************
- * This set of functions is used to scan over all keyrings.
- * The mode in enum_keyblocks_next() is used liek this:
- * Mode is: 1 = read
- *	    11 = read but skip signature and comment packets.
- */
-int
-enum_keyblocks_begin( KBPOS *rkbpos, int use_secret )
-{
-    int rc, i;
-    KBPOS kbpos;
-    
-    *rkbpos = NULL;
-
-    kbpos = gcry_xcalloc( 1, sizeof *kbpos );
-    kbpos->fp = NULL;
-    kbpos->rt = rt_UNKNOWN;
-    if( !use_secret ) {
-        kbpos->secret = 0;
-        i = 0;
-    }
-    else {
-        kbpos->secret = 1;
-        i = 0;
-    }
-    
-    rc = enum_keyrings_open_helper( kbpos, i );
-    if ( rc ) {
-        gcry_free( kbpos );
-        return rc;
-    }
-    /* return the handle */
-    *rkbpos = kbpos;
-    return 0;
-}
-
-void
-enum_keyblocks_end( KBPOS kbpos )
-{
-    if ( !kbpos )
-        return;
-    switch( kbpos->rt ) {
-     case rt_RING:
-     case rt_KBXF:
-       if( kbpos->fp ) {
-           iobuf_close( kbpos->fp );
-           kbpos->fp = NULL;
-       }
-       break;
-     case rt_UNKNOWN:
-       /* this happens when we have no keyring at all */
-       gcry_free( kbpos );
-       return;
-
-     default:
-       BUG();
-    }
-    /* release pending packet */
-    free_packet( kbpos->pkt );
-    gcry_free( kbpos->pkt );
-    gcry_free( kbpos );
-}
-
-int
-enum_keyblocks_next( KBPOS kbpos, int mode, KBNODE *ret_root )
-{
-    int cont, rc = 0;
-    RESTBL *rentry;
-
-    if( mode != 1 && mode != 11 ) 
-        return GPGERR_INV_ARG;
-
-    do {
-        cont = 0;
-        switch( kbpos->rt ) {
-          case rt_RING:
-            if( !kbpos->fp )
-                return GPGERR_GENERAL;
-            rc = keyring_enum( kbpos, ret_root, mode == 11 );
-            break;
-          case rt_KBXF:
-            if( !kbpos->fp )
-                return GPGERR_GENERAL;
-            rc = do_kbxf_enum( kbpos, ret_root, mode == 11 );
-            break;
-          default: BUG();
-        }
-
-        if( rc == -1 ) {
-            RESTBL *rentry;
-            int i;
-
-            assert( !kbpos->pkt );
-            rentry = check_pos( kbpos );
-            assert(rentry);
-            i = kbpos->resno+1;
-            /* first close */
-            if( kbpos->fp ) {
-                iobuf_close( kbpos->fp );
-                kbpos->fp = NULL;
-            }
-            free_packet( kbpos->pkt );
-            gcry_free( kbpos->pkt );
-            kbpos->pkt = NULL;
-            /* and then open the next one */
-            rc = enum_keyrings_open_helper( kbpos, i );
-            if ( !rc ) 
-                cont = 1;
-            /* hmm, that is not really correct: if we got an error kbpos
-             * might be not well anymore */
-        }
-    } while(cont);
-
-    return rc;
-}
-
-
-
-
-/****************
- * Insert the keyblock described by ROOT into the keyring described
- * by KBPOS.  This actually appends the data to the keyfile.
- */
-int
-insert_keyblock( KBNODE root )
-{
-    int rc;
-#if 0
-    if( !check_pos(kbpos) )
-	return GPGERR_GENERAL;
-
-    switch( kbpos->rt ) {
-      case rt_RING:
-	rc = keyring_copy( kbpos, 1, root );
-	break;
-      case rt_KBXF:
-	rc = do_kbxf_copy( kbpos, 1, root );
-	break;
-      default: BUG();
-    }
-#endif
-    return rc;
-}
-
-/****************
- * Delete the keyblock described by KBPOS.
- * The current code simply changes the keyblock in the keyring
- * to packet of type 0 with the correct length.  To help detect errors,
- * zero bytes are written.
- */
-int
-delete_keyblock( KBNODE keyblock )
-{
-    int rc;
-  #if 0
-    if( !check_pos(kbpos) )
-	return GPGERR_GENERAL;
-
-    switch( kbpos->rt ) {
-      case rt_RING:
-	rc = keyring_copy( kbpos, 2, NULL );
-	break;
-      case rt_KBXF:
-	rc = do_kbxf_copy( kbpos, 2, NULL );
-	break;
-      default: BUG();
-    }
-  #endif
-    return rc;
-}
-
-
-/****************
- * Update the keyblock in the ring (or whatever resource) one in ROOT.
- */
-int
-update_keyblock( KBNODE root )
-{
-    int rc;
-    struct keyblock_pos_struct kbpos;
-    
-    /* We need to get the file position of original keyblock first */
-    if ( root->pkt->pkttype == PKT_PUBLIC_KEY )
-        rc = find_kblocation_bypk( &kbpos, root->pkt->pkt.public_key );
-    else if ( root->pkt->pkttype == PKT_SECRET_KEY )
-        rc = find_kblocation_bysk( &kbpos, root->pkt->pkt.secret_key );
-    else
-        BUG();
-
-    if ( rc )
-        return rc;
-
-    if( !check_pos(&kbpos) )
-	return GPGERR_GENERAL;
-
-    switch( kbpos.rt ) {
-      case rt_RING:
-	rc = keyring_copy( &kbpos, 3, root );
-	break;
-      case rt_KBXF:
-	rc = do_kbxf_copy( &kbpos, 3, root );
-	break;
-      default: BUG();
-    }
-
-    return rc;
-}
-
-
-
-/****************************************************************
- ********** Functions which operates on regular keyrings ********
- ****************************************************************/
-
-static int
-keyring_enum( KBPOS kbpos, KBNODE *ret_root, int skipsigs )
-{
-    PACKET *pkt;
-    int rc;
-    RESTBL *rentry;
-    KBNODE root = NULL;
-    ulong offset, first_offset=0;
-
-    if( !(rentry=check_pos(kbpos)) )
-	return GPGERR_GENERAL;
-
-    if( kbpos->pkt ) {
-	root = new_kbnode( kbpos->pkt );
-        first_offset = kbpos->save_offset;
-	kbpos->pkt = NULL;
-    }
-    kbpos->valid = 0;
-
-    pkt = gcry_xmalloc( sizeof *pkt );
-    init_packet(pkt);
-    while( (rc=parse_packet(kbpos->fp, pkt, &offset )) != -1 ) {
-	if( rc ) {  /* ignore errors */
-	    if( rc != GPGERR_UNKNOWN_PACKET ) {
-		log_error("keyring_enum: read error: %s\n", gpg_errstr(rc) );
-		rc = GPGERR_INV_KEYRING;
-		goto ready;
-	    }
-	    free_packet( pkt );
-	    init_packet( pkt );
-	    continue;
-	}
-	/* make a linked list of all packets */
-	switch( pkt->pkttype ) {
-	  case PKT_COMPRESSED:
-	    log_error("skipped compressed packet in keyring\n" );
-	    free_packet(pkt);
-	    init_packet(pkt);
-	    break;
-
-	  case PKT_PUBLIC_KEY:
-	  case PKT_SECRET_KEY:
-	    if( root ) { /* save this packet */
-		kbpos->pkt = pkt;
-                kbpos->save_offset = offset;
-		pkt = NULL;
-		goto ready;
-	    }
-	    root = new_kbnode( pkt );
-            first_offset = offset;
-	    pkt = gcry_xmalloc( sizeof *pkt );
-	    init_packet(pkt);
-	    break;
-
-	  default:
-	    /* skip pakets at the beginning of a keyring, until we find
-	     * a start packet; issue a warning if it is not a comment */
-	    if( !root && pkt->pkttype != PKT_COMMENT
-		      && pkt->pkttype != PKT_OLD_COMMENT ) {
-		break;
-	    }
-	    if( !root || (skipsigs && ( pkt->pkttype == PKT_SIGNATURE
-				      ||pkt->pkttype == PKT_COMMENT
-				      ||pkt->pkttype == PKT_OLD_COMMENT )) ) {
-		init_packet(pkt);
-		break;
-	    }
-	    add_kbnode( root, new_kbnode( pkt ) );
-	    pkt = gcry_xmalloc( sizeof *pkt );
-	    init_packet(pkt);
-	    break;
-	}
-    }
-  ready:
-    if( rc == -1 && root )
-	rc = 0;
-
-    if( rc )
-	release_kbnode( root );
-    else {
-        if ( root ) {
-            kbpos->offset = first_offset;
-            kbpos->valid = 1;
-        }
-	*ret_root = root;
-    }
-    free_packet( pkt );
-    gcry_free( pkt );
-
-    return rc;
-}
-
-
-/****************
- * Perform insert/delete/update operation.
- * mode 1 = insert
- *	2 = delete
- *	3 = update
- */
-static int
-keyring_copy( KBPOS kbpos, int mode, KBNODE root )
-{
-    RESTBL *rentry;
-    IOBUF fp, newfp;
-    int rc=0;
-    char *bakfname = NULL;
-    char *tmpfname = NULL;
-#warning We need to lock the keyring while we are editing it.
-    /* rethink this whole module */
-
-    if( !(rentry = check_pos( kbpos )) )
-	return GPGERR_GENERAL;
-
-    if( opt.dry_run )
-	return 0;
-
-    lock_rentry( rentry );
-
-    /* open the source file */
-    if( kbpos->fp ) {
-	/* BUG(); not allowed with such a handle */
-        log_debug("keyring_copy: closing fp %p\n", kbpos->fp );
-        iobuf_close (kbpos->fp);
-        kbpos->fp = NULL;
-        kbpos->valid = 0;
-    }
-    fp = iobuf_open( rentry->fname );
-    if( mode == 1 && !fp && errno == ENOENT ) { /* no file yet */
-	KBNODE kbctx, node;
-
-	/* insert: create a new file */
-	newfp = iobuf_create( rentry->fname );
-	if( !newfp ) {
-	    log_error(_("%s: can't create: %s\n"), rentry->fname, strerror(errno));
-	    unlock_rentry( rentry );
-	    return GPGERR_OPEN_FILE;
-	}
-	else if( !opt.quiet )
-	    log_info(_("%s: keyring created\n"), rentry->fname );
-
-	kbctx=NULL;
-	while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
-	    if( (rc = build_packet( newfp, node->pkt )) ) {
-		log_error("build_packet(%d) failed: %s\n",
-			    node->pkt->pkttype, gpg_errstr(rc) );
-		iobuf_cancel(newfp);
-		unlock_rentry( rentry );
-		return GPGERR_WRITE_FILE;
-	    }
-	}
-	if( iobuf_close(newfp) ) {
-	    log_error("%s: close failed: %s\n", rentry->fname, strerror(errno));
-	    unlock_rentry( rentry );
-	    return GPGERR_CLOSE_FILE;
-	}
-	if( chmod( rentry->fname, S_IRUSR | S_IWUSR ) ) {
-	    log_error("%s: chmod failed: %s\n",
-				    rentry->fname, strerror(errno) );
-	    unlock_rentry( rentry );
-	    return GPGERR_WRITE_FILE;
-	}
-	return 0;
-    }
-    if( !fp ) {
-	log_error("%s: can't open: %s\n", rentry->fname, strerror(errno) );
-	rc = GPGERR_OPEN_FILE;
-	goto leave;
-    }
-
-    /* create the new file */
-  #ifdef USE_ONLY_8DOT3
-    /* Here is another Windoze bug?:
-     * you cant rename("pubring.gpg.tmp", "pubring.gpg");
-     * but	rename("pubring.gpg.tmp", "pubring.aaa");
-     * works.  So we replace .gpg by .bak or .tmp
-     */
-    if( strlen(rentry->fname) > 4
-	&& !strcmp(rentry->fname+strlen(rentry->fname)-4, ".gpg") ) {
-	bakfname = gcry_xmalloc( strlen( rentry->fname ) + 1 );
-	strcpy(bakfname,rentry->fname);
-	strcpy(bakfname+strlen(rentry->fname)-4, ".bak");
-	tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 1 );
-	strcpy(tmpfname,rentry->fname);
-	strcpy(tmpfname+strlen(rentry->fname)-4, ".tmp");
-    }
-    else { /* file does not end with gpg; hmmm */
-	bakfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
-	strcpy(stpcpy(bakfname,rentry->fname),".bak");
-	tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
-	strcpy(stpcpy(tmpfname,rentry->fname),".tmp");
-    }
-  #else
-    bakfname = gcry_xmalloc( strlen( rentry->fname ) + 2 );
-    strcpy(stpcpy(bakfname,rentry->fname),"~");
-    tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
-    strcpy(stpcpy(tmpfname,rentry->fname),".tmp");
-  #endif
-    newfp = iobuf_create( tmpfname );
-    if( !newfp ) {
-	log_error("%s: can't create: %s\n", tmpfname, strerror(errno) );
-	iobuf_close(fp);
-	rc = GPGERR_OPEN_FILE;
-	goto leave;
-    }
-
-    if( mode == 1 ) { /* insert */
-	/* copy everything to the new file */
-	rc = copy_all_packets( fp, newfp );
-	if( rc != -1 ) {
-	    log_error("%s: copy to %s failed: %s\n",
-		      rentry->fname, tmpfname, gpg_errstr(rc) );
-	    iobuf_close(fp);
-	    iobuf_cancel(newfp);
-	    goto leave;
-	}
-	rc = 0;
-    }
-
-    if( mode == 2 || mode == 3 ) { /* delete or update */
-	/* copy first part to the new file */
-	rc = copy_some_packets( fp, newfp, kbpos->offset );
-	if( rc ) { /* should never get EOF here */
-	    log_error("%s: copy to %s failed: %s\n",
-		      rentry->fname, tmpfname, gpg_errstr(rc) );
-	    iobuf_close(fp);
-	    iobuf_cancel(newfp);
-	    goto leave;
-	}
-	/* skip this keyblock */
-	assert( kbpos->count );
-	rc = skip_some_packets( fp, kbpos->count );
-	if( rc ) {
-	    log_error("%s: skipping %u packets failed: %s\n",
-			    rentry->fname, kbpos->count, gpg_errstr(rc));
-	    iobuf_close(fp);
-	    iobuf_cancel(newfp);
-	    goto leave;
-	}
-    }
-
-    if( mode == 1 || mode == 3 ) { /* insert or update */
-	KBNODE kbctx, node;
-
-	/* append the new data */
-	kbctx=NULL;
-	while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
-	    if( (rc = build_packet( newfp, node->pkt )) ) {
-		log_error("build_packet(%d) failed: %s\n",
-			    node->pkt->pkttype, gpg_errstr(rc) );
-		iobuf_close(fp);
-		iobuf_cancel(newfp);
-		rc = GPGERR_WRITE_FILE;
-		goto leave;
-	    }
-	}
-	kbpos->valid = 0;
-    }
-
-    if( mode == 2 || mode == 3 ) { /* delete or update */
-	/* copy the rest */
-	rc = copy_all_packets( fp, newfp );
-	if( rc != -1 ) {
-	    log_error("%s: copy to %s failed: %s\n",
-		      rentry->fname, tmpfname, gpg_errstr(rc) );
-	    iobuf_close(fp);
-	    iobuf_cancel(newfp);
-	    goto leave;
-	}
-	rc = 0;
-    }
-
-    /* close both files */
-    if( iobuf_close(fp) ) {
-	log_error("%s: close failed: %s\n", rentry->fname, strerror(errno) );
-	rc = GPGERR_CLOSE_FILE;
-	goto leave;
-    }
-    if( iobuf_close(newfp) ) {
-	log_error("%s: close failed: %s\n", tmpfname, strerror(errno) );
-	rc = GPGERR_CLOSE_FILE;
-	goto leave;
-    }
-    /* if the new file is a secring, restrict the permissions */
-  #ifndef HAVE_DOSISH_SYSTEM
-    if( rentry->secret ) {
-	if( chmod( tmpfname, S_IRUSR | S_IWUSR ) ) {
-	    log_error("%s: chmod failed: %s\n",
-				    tmpfname, strerror(errno) );
-	    rc = GPGERR_WRITE_FILE;
-	    goto leave;
-	}
-    }
-  #endif
-
-    /* rename and make backup file */
-    if( !rentry->secret ) {  /* but not for secret keyrings */
-      #ifdef HAVE_DOSISH_SYSTEM
-	remove( bakfname );
-      #endif
-	if( rename( rentry->fname, bakfname ) ) {
-	    log_error("%s: rename to %s failed: %s\n",
-				    rentry->fname, bakfname, strerror(errno) );
-	    rc = GPGERR_RENAME_FILE;
-	    goto leave;
-	}
-    }
-  #ifdef HAVE_DOSISH_SYSTEM
-    remove( rentry->fname );
-  #endif
-    if( rename( tmpfname, rentry->fname ) ) {
-	log_error("%s: rename to %s failed: %s\n",
-			    tmpfname, rentry->fname,strerror(errno) );
-	rc = GPGERR_RENAME_FILE;
-	if( rentry->secret ) {
-	    log_info(_(
-		"WARNING: 2 files with confidential information exists.\n"));
-	    log_info(_("%s is the unchanged one\n"), rentry->fname );
-	    log_info(_("%s is the new one\n"), tmpfname );
-	    log_info(_("Please fix this possible security flaw\n"));
-	}
-	goto leave;
-    }
-
-  leave:
-    unlock_rentry( rentry );
-    gcry_free(bakfname);
-    gcry_free(tmpfname);
-    return rc;
-}
-
-
-/****************************************************************
- ********** Functions which operate on KBX files ****************
- ****************************************************************/
-
-static int
-do_kbxf_enum( KBPOS kbpos, KBNODE *ret_root, int skipsigs )
-{
-    PACKET *pkt;
-    int rc;
-    RESTBL *rentry;
-    KBNODE root = NULL;
-
-    if( !(rentry=check_pos(kbpos)) )
-	return GPGERR_GENERAL;
-
-    if( kbpos->pkt ) {
-	root = new_kbnode( kbpos->pkt );
-	kbpos->pkt = NULL;
-    }
-
-    pkt = gcry_xmalloc( sizeof *pkt );
-    init_packet(pkt);
-    while( (rc=parse_packet(kbpos->fp, pkt, NULL)) != -1 ) {
-	if( rc ) {  /* ignore errors */
-	    if( rc != GPGERR_UNKNOWN_PACKET ) {
-		log_error("do_kbxf_enum: read error: %s\n", gpg_errstr(rc) );
-		rc = GPGERR_INV_KEYRING;
-		goto ready;
-	    }
-	    free_packet( pkt );
-	    init_packet( pkt );
-	    continue;
-	}
-	/* make a linked list of all packets */
-	switch( pkt->pkttype ) {
-	  case PKT_COMPRESSED:
-	    log_error("skipped compressed packet in keyring\n" );
-	    free_packet(pkt);
-	    init_packet(pkt);
-	    break;
-
-	  case PKT_PUBLIC_KEY:
-	  case PKT_SECRET_KEY:
-	    if( root ) { /* store this packet */
-		kbpos->pkt = pkt;
-		pkt = NULL;
-		goto ready;
-	    }
-	    root = new_kbnode( pkt );
-	    pkt = gcry_xmalloc( sizeof *pkt );
-	    init_packet(pkt);
-	    break;
-
-	  default:
-	    /* skip pakets at the beginning of a keyring, until we find
-	     * a start packet; issue a warning if it is not a comment */
-	    if( !root && pkt->pkttype != PKT_COMMENT
-		      && pkt->pkttype != PKT_OLD_COMMENT ) {
-		break;
-	    }
-	    if( !root || (skipsigs && ( pkt->pkttype == PKT_SIGNATURE
-				      ||pkt->pkttype == PKT_COMMENT
-				      ||pkt->pkttype == PKT_OLD_COMMENT )) ) {
-		init_packet(pkt);
-		break;
-	    }
-	    add_kbnode( root, new_kbnode( pkt ) );
-	    pkt = gcry_xmalloc( sizeof *pkt );
-	    init_packet(pkt);
-	    break;
-	}
-    }
-  ready:
-    if( rc == -1 && root )
-	rc = 0;
-
-    if( rc )
-	release_kbnode( root );
-    else
-	*ret_root = root;
-    free_packet( pkt );
-    gcry_free( pkt );
-
-    return rc;
-}
-
-
-/****************
- * Perform insert/delete/update operation.
- * mode 1 = insert
- *	2 = delete
- *	3 = update
- */
-static int
-do_kbxf_copy( KBPOS kbpos, int mode, KBNODE root )
-{
-    RESTBL *rentry;
-    IOBUF fp, newfp;
-    int rc=0;
-    char *bakfname = NULL;
-    char *tmpfname = NULL;
-
-    if( !(rentry = check_pos( kbpos )) )
-	return GPGERR_GENERAL;
-    if( kbpos->fp )
-	BUG(); /* not allowed with such a handle */
-
-    if( opt.dry_run )
-	return 0;
-
-    lock_rentry( rentry );
-
-    /* open the source file */
-    fp = iobuf_open( rentry->fname );
-    if( mode == 1 && !fp && errno == ENOENT ) { /* no file yet */
-	KBNODE kbctx, node;
-
-	/* insert: create a new file */
-	newfp = iobuf_create( rentry->fname );
-	if( !newfp ) {
-	    log_error(_("%s: can't create: %s\n"), rentry->fname, strerror(errno));
-	    unlock_rentry( rentry );
-	    return GPGERR_OPEN_FILE;
-	}
-	else if( !opt.quiet )
-	    log_info(_("%s: keyring created\n"), rentry->fname );
-
-	kbctx=NULL;
-	while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
-	    if( (rc = build_packet( newfp, node->pkt )) ) {
-		log_error("build_packet(%d) failed: %s\n",
-			    node->pkt->pkttype, gpg_errstr(rc) );
-		iobuf_cancel(newfp);
-		unlock_rentry( rentry );
-		return GPGERR_WRITE_FILE;
-	    }
-	}
-	if( iobuf_close(newfp) ) {
-	    log_error("%s: close failed: %s\n", rentry->fname, strerror(errno));
-	    unlock_rentry( rentry );
-	    return GPGERR_CLOSE_FILE;
-	}
-	if( chmod( rentry->fname, S_IRUSR | S_IWUSR ) ) {
-	    log_error("%s: chmod failed: %s\n",
-				    rentry->fname, strerror(errno) );
-	    unlock_rentry( rentry );
-	    return GPGERR_WRITE_FILE;
-	}
-	return 0;
-    }
-    if( !fp ) {
-	log_error("%s: can't open: %s\n", rentry->fname, strerror(errno) );
-	rc = GPGERR_OPEN_FILE;
-	goto leave;
-    }
-
-    /* create the new file */
-  #ifdef USE_ONLY_8DOT3
-    /* Here is another Windoze bug?:
-     * you cant rename("pubring.gpg.tmp", "pubring.gpg");
-     * but	rename("pubring.gpg.tmp", "pubring.aaa");
-     * works.  So we replace .gpg by .bak or .tmp
-     */
-    if( strlen(rentry->fname) > 4
-	&& !strcmp(rentry->fname+strlen(rentry->fname)-4, ".gpg") ) {
-	bakfname = gcry_xmalloc( strlen( rentry->fname ) + 1 );
-	strcpy(bakfname,rentry->fname);
-	strcpy(bakfname+strlen(rentry->fname)-4, ".bak");
-	tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 1 );
-	strcpy(tmpfname,rentry->fname);
-	strcpy(tmpfname+strlen(rentry->fname)-4, ".tmp");
-    }
-    else { /* file does not end with gpg; hmmm */
-	bakfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
-	strcpy(stpcpy(bakfname,rentry->fname),".bak");
-	tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
-	strcpy(stpcpy(tmpfname,rentry->fname),".tmp");
-    }
-  #else
-    bakfname = gcry_xmalloc( strlen( rentry->fname ) + 2 );
-    strcpy(stpcpy(bakfname,rentry->fname),"~");
-    tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
-    strcpy(stpcpy(tmpfname,rentry->fname),".tmp");
-  #endif
-    newfp = iobuf_create( tmpfname );
-    if( !newfp ) {
-	log_error("%s: can't create: %s\n", tmpfname, strerror(errno) );
-	iobuf_close(fp);
-	rc = GPGERR_OPEN_FILE;
-	goto leave;
-    }
-
-    if( mode == 1 ) { /* insert */
-	/* copy everything to the new file */
-	rc = copy_all_packets( fp, newfp );
-	if( rc != -1 ) {
-	    log_error("%s: copy to %s failed: %s\n",
-		      rentry->fname, tmpfname, gpg_errstr(rc) );
-	    iobuf_close(fp);
-	    iobuf_cancel(newfp);
-	    goto leave;
-	}
-	rc = 0;
-    }
-
-    if( mode == 2 || mode == 3 ) { /* delete or update */
-	/* copy first part to the new file */
-	rc = copy_some_packets( fp, newfp, kbpos->offset );
-	if( rc ) { /* should never get EOF here */
-	    log_error("%s: copy to %s failed: %s\n",
-		      rentry->fname, tmpfname, gpg_errstr(rc) );
-	    iobuf_close(fp);
-	    iobuf_cancel(newfp);
-	    goto leave;
-	}
-	/* skip this keyblock */
-	assert( kbpos->count );
-	rc = skip_some_packets( fp, kbpos->count );
-	if( rc ) {
-	    log_error("%s: skipping %u packets failed: %s\n",
-			    rentry->fname, kbpos->count, gpg_errstr(rc));
-	    iobuf_close(fp);
-	    iobuf_cancel(newfp);
-	    goto leave;
-	}
-    }
-
-    if( mode == 1 || mode == 3 ) { /* insert or update */
-	KBNODE kbctx, node;
-
-	/* append the new data */
-	kbctx=NULL;
-	while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
-	    if( (rc = build_packet( newfp, node->pkt )) ) {
-		log_error("build_packet(%d) failed: %s\n",
-			    node->pkt->pkttype, gpg_errstr(rc) );
-		iobuf_close(fp);
-		iobuf_cancel(newfp);
-		rc = GPGERR_WRITE_FILE;
-		goto leave;
-	    }
-	}
-	kbpos->valid = 0;
-    }
-
-    if( mode == 2 || mode == 3 ) { /* delete or update */
-	/* copy the rest */
-	rc = copy_all_packets( fp, newfp );
-	if( rc != -1 ) {
-	    log_error("%s: copy to %s failed: %s\n",
-		      rentry->fname, tmpfname, gpg_errstr(rc) );
-	    iobuf_close(fp);
-	    iobuf_cancel(newfp);
-	    goto leave;
-	}
-	rc = 0;
-    }
-
-    /* close both files */
-    if( iobuf_close(fp) ) {
-	log_error("%s: close failed: %s\n", rentry->fname, strerror(errno) );
-	rc = GPGERR_CLOSE_FILE;
-	goto leave;
-    }
-    if( iobuf_close(newfp) ) {
-	log_error("%s: close failed: %s\n", tmpfname, strerror(errno) );
-	rc = GPGERR_CLOSE_FILE;
-	goto leave;
-    }
-    /* if the new file is a secring, restrict the permissions */
-  #ifndef HAVE_DOSISH_SYSTEM
-    if( rentry->secret ) {
-	if( chmod( tmpfname, S_IRUSR | S_IWUSR ) ) {
-	    log_error("%s: chmod failed: %s\n",
-				    tmpfname, strerror(errno) );
-	    rc = GPGERR_WRITE_FILE;
-	    goto leave;
-	}
-    }
-  #endif
-
-    /* rename and make backup file */
-    if( !rentry->secret ) {  /* but not for secret keyrings */
-      #ifdef HAVE_DOSISH_SYSTEM
-	remove( bakfname );
-      #endif
-	if( rename( rentry->fname, bakfname ) ) {
-	    log_error("%s: rename to %s failed: %s\n",
-				    rentry->fname, bakfname, strerror(errno) );
-	    rc = GPGERR_RENAME_FILE;
-	    goto leave;
-	}
-    }
-  #ifdef HAVE_DOSISH_SYSTEM
-    remove( rentry->fname );
-  #endif
-    if( rename( tmpfname, rentry->fname ) ) {
-	log_error("%s: rename to %s failed: %s\n",
-			    tmpfname, rentry->fname,strerror(errno) );
-	rc = GPGERR_RENAME_FILE;
-	if( rentry->secret ) {
-	    log_info(_(
-		"WARNING: 2 files with confidential information exists.\n"));
-	    log_info(_("%s is the unchanged one\n"), rentry->fname );
-	    log_info(_("%s is the new one\n"), tmpfname );
-	    log_info(_("Please fix this possible security flaw\n"));
-	}
-	goto leave;
-    }
-
-  leave:
-    unlock_rentry( rentry );
-    gcry_free(bakfname);
-    gcry_free(tmpfname);
-    return rc;
-}
-
-
-
-
diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c
index 2adb9ef4c..01f4c7b2f 100644
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@@ -1,5 +1,5 @@
 /* seckey-cert.c -  secret key certificate packet handling
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,58 +23,22 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-
-#include <gcrypt.h>
 #include "util.h"
+#include "memory.h"
 #include "packet.h"
+#include "mpi.h"
 #include "keydb.h"
+#include "cipher.h"
 #include "main.h"
 #include "options.h"
 #include "i18n.h"
 #include "status.h"
 
 
-/****************
- * Emulate our old PK interface here - sometime in the future we might
- * change the internal design to directly fit to libgcrypt.
- */
-static int
-pk_check_secret_key( int algo, MPI *skey )
-{
-    GCRY_SEXP s_skey;
-    int rc;
-
-    /* make a sexp from skey */
-    if( algo == GCRY_PK_DSA ) {
-	rc = gcry_sexp_build ( &s_skey, NULL,
-			      "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))",
-				  skey[0], skey[1], skey[2], skey[3], skey[4] );
-    }
-    else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
-	rc = gcry_sexp_build ( &s_skey, NULL,
-			      "(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
-				  skey[0], skey[1], skey[2], skey[3] );
-    }
-    else if( algo == GCRY_PK_RSA ) {
-	rc = gcry_sexp_build ( &s_skey, NULL,
-		     "(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
-		       skey[0], skey[1], skey[2], skey[3], skey[4], skey[5] );
-    }
-    else
-	return GPGERR_PUBKEY_ALGO;
-
-    if ( rc )
-	BUG ();
-
-    rc = gcry_pk_testkey( s_skey );
-    gcry_sexp_release( s_skey );
-    return rc;
-}
-
-
 static int
-do_check( PKT_secret_key *sk )
+do_check( PKT_secret_key *sk, const char *tryagain_text )
 {
+    byte *buffer;
     u16 csum=0;
     int i, res;
     unsigned nbytes;
@@ -82,19 +46,20 @@ do_check( PKT_secret_key *sk )
     if( sk->is_protected ) { /* remove the protection */
 	DEK *dek = NULL;
 	u32 keyid[4]; /* 4! because we need two of them */
-	GCRY_CIPHER_HD cipher_hd=NULL;
+	CIPHER_HANDLE cipher_hd=NULL;
 	PKT_secret_key *save_sk;
 
 	if( sk->protect.s2k.mode == 1001 ) {
 	    log_info(_("secret key parts are not available\n"));
-	    return GPGERR_GENERAL;
+	    return G10ERR_GENERAL;
 	}
-	if( sk->protect.algo == GCRY_CIPHER_NONE )
+	if( sk->protect.algo == CIPHER_ALGO_NONE )
 	    BUG();
-	if( openpgp_cipher_test_algo( sk->protect.algo ) ) {
-	    log_info(_("protection algorithm %d is not supported\n"),
-			sk->protect.algo );
-	    return GPGERR_CIPHER_ALGO;
+	if( check_cipher_algo( sk->protect.algo ) ) {
+	    log_info(_("protection algorithm %d%s is not supported\n"),
+			sk->protect.algo,sk->protect.algo==1?" (IDEA)":"" );
+	    idea_cipher_warn(0);
+	    return G10ERR_CIPHER_ALGO;
 	}
 	keyid_from_sk( sk, keyid );
 	keyid[2] = keyid[3] = 0;
@@ -103,110 +68,115 @@ do_check( PKT_secret_key *sk )
             keyid[3] = sk->main_keyid[1];
 	}
 	dek = passphrase_to_dek( keyid, sk->pubkey_algo, sk->protect.algo,
-				 &sk->protect.s2k, 0 );
-	/* Hmmm: Do we use sync mode here even for Twofish? */
-	if( !(cipher_hd = gcry_cipher_open( sk->protect.algo,
-				      GCRY_CIPHER_MODE_CFB,
-				      GCRY_CIPHER_SECURE
-				      | (sk->protect.algo >= 100 ?
-					   0 : GCRY_CIPHER_ENABLE_SYNC) ) )
-				    ) {
-	    BUG();
-	}
-
-	if( gcry_cipher_setkey( cipher_hd, dek->key, dek->keylen ) )
-	    log_fatal("set key failed: %s\n", gcry_strerror(-1) );
-	gcry_free(dek);
+				 &sk->protect.s2k, 0, tryagain_text );
+	cipher_hd = cipher_open( sk->protect.algo,
+				 CIPHER_MODE_AUTO_CFB, 1);
+	cipher_setkey( cipher_hd, dek->key, dek->keylen );
+	m_free(dek);
 	save_sk = copy_secret_key( NULL, sk );
-	if( gcry_cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen ))
-	    log_fatal("set IV failed: %s\n", gcry_strerror(-1) );
+	cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
 	csum = 0;
 	if( sk->version >= 4 ) {
-	    size_t ndata;
-	    unsigned int ndatabits;
+	    int ndata;
 	    byte *p, *data;
             u16 csumc = 0;
 
 	    i = pubkey_get_npkey(sk->pubkey_algo);
-	    assert( gcry_mpi_get_flag( sk->skey[i], GCRYMPI_FLAG_OPAQUE ) );
-	    p = gcry_mpi_get_opaque( sk->skey[i], &ndatabits );
-	    ndata = (ndatabits+7)/8;
+	    assert( mpi_is_opaque( sk->skey[i] ) );
+	    p = mpi_get_opaque( sk->skey[i], &ndata );
             if ( ndata > 1 )
                 csumc = p[ndata-2] << 8 | p[ndata-1];
-	    data = gcry_xmalloc_secure( ndata );
-	    gcry_cipher_decrypt( cipher_hd, data, ndata, p, ndata );
-	    mpi_release( sk->skey[i] ); sk->skey[i] = NULL ;
+	    data = m_alloc_secure( ndata );
+	    cipher_decrypt( cipher_hd, data, p, ndata );
+	    mpi_free( sk->skey[i] ); sk->skey[i] = NULL ;
 	    p = data;
-	    if( ndata < 2 ) {
-		log_error("not enough bytes for checksum\n");
-		sk->csum = 0;
-		csum = 1;
-	    }
-	    else {
-		csum = checksum( data, ndata-2);
-		sk->csum = data[ndata-2] << 8 | data[ndata-1];
-                if ( sk->csum != csum ) {
-                    /* This is a PGP 7.0.0 workaround */
-                    sk->csum = csumc; /* take the encrypted one */
+            if (sk->protect.sha1chk) {
+                /* This is the new SHA1 checksum method to detect
+                   tampering with the key as used by the Klima/Rosa
+                   attack */
+                sk->csum = 0;
+                csum = 1;
+                if( ndata < 20 ) 
+                    log_error("not enough bytes for SHA-1 checksum\n");
+                else {
+                    MD_HANDLE h = md_open (DIGEST_ALGO_SHA1, 1);
+                    if (!h)
+                        BUG(); /* algo not available */
+                    md_write (h, data, ndata - 20);
+                    md_final (h);
+                    if (!memcmp (md_read (h, DIGEST_ALGO_SHA1),
+                                 data + ndata - 20, 20) ) {
+                        /* digest does match.  We have to keep the old
+                           style checksum in sk->csum, so that the
+                           test used for unprotected keys does work.
+                           This test gets used when we are adding new
+                           keys. */
+                        sk->csum = csum = checksum (data, ndata-20);
+                    }
+                    md_close (h);
                 }
-	    }
-	    /* must check it here otherwise the mpi_read_xx would fail
-	     * because the length may have an arbitrary value */
-	    if( sk->csum == csum ) {
-		for( ; i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
-		    nbytes = ndata;
-		    assert( gcry_is_secure( p ) );
-		    res = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_PGP,
-							     p, &nbytes);
-		    if( res )
-			log_bug("gcry_mpi_scan failed in do_check: rc=%d\n", res);
-
-		    ndata -= nbytes;
-		    p += nbytes;
-		}
-	    }
-	    gcry_free(data);
+            }
+            else {
+                if( ndata < 2 ) {
+                    log_error("not enough bytes for checksum\n");
+                    sk->csum = 0;
+                    csum = 1;
+                }
+                else {
+                    csum = checksum( data, ndata-2);
+                    sk->csum = data[ndata-2] << 8 | data[ndata-1];
+                    if ( sk->csum != csum ) {
+                        /* This is a PGP 7.0.0 workaround */
+                        sk->csum = csumc; /* take the encrypted one */
+                    }
+                }
+            }
+                
+            /* must check it here otherwise the mpi_read_xx would fail
+               because the length may have an arbitrary value */
+            if( sk->csum == csum ) {
+                for( ; i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
+                    nbytes = ndata;
+                    sk->skey[i] = mpi_read_from_buffer(p, &nbytes, 1 );
+                    ndata -= nbytes;
+                    p += nbytes;
+                }
+                /* Note: at this point ndata should be 2 for a simple
+                   checksum or 20 for the sha1 digest */
+            }
+	    m_free(data);
 	}
 	else {
 	    for(i=pubkey_get_npkey(sk->pubkey_algo);
 		    i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
-		size_t ndata;
-		unsigned int ndatabits;
-		byte *p, *data;
-
-		assert( gcry_mpi_get_flag( sk->skey[i], GCRYMPI_FLAG_OPAQUE ) );
-		p = gcry_mpi_get_opaque( sk->skey[i], &ndatabits );
-		ndata = (ndatabits+7)/8;
-		data = gcry_xmalloc_secure( ndata );
-		gcry_cipher_sync( cipher_hd );
-		gcry_cipher_decrypt( cipher_hd, data, ndata, p, ndata );
-		mpi_release( sk->skey[i] ); sk->skey[i] = NULL ;
-
-		res = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_USG,
-				     data, &ndata );
-		if( res )
-		    log_bug("gcry_mpi_scan failed in do_check: rc=%d\n", res);
-
+		buffer = mpi_get_secure_buffer( sk->skey[i], &nbytes, NULL );
+		cipher_sync( cipher_hd );
+		assert( mpi_is_protected(sk->skey[i]) );
+		cipher_decrypt( cipher_hd, buffer, buffer, nbytes );
+		mpi_set_buffer( sk->skey[i], buffer, nbytes, 0 );
+		mpi_clear_protect_flag( sk->skey[i] );
 		csum += checksum_mpi( sk->skey[i] );
-		gcry_free( data );
+		m_free( buffer );
+	    }
+	    if( opt.emulate_bugs & EMUBUG_GPGCHKSUM ) {
+	       csum = sk->csum;
 	    }
 	}
-	gcry_cipher_close( cipher_hd );
+	cipher_close( cipher_hd );
 	/* now let's see whether we have used the right passphrase */
 	if( csum != sk->csum ) {
 	    copy_secret_key( sk, save_sk );
             passphrase_clear_cache ( keyid, sk->pubkey_algo );
 	    free_secret_key( save_sk );
-	    return GPGERR_BAD_PASS;
+	    return G10ERR_BAD_PASS;
 	}
-	/* the checksum may be correct in some cases,
-	 * so we also check the key itself */
-	res = pk_check_secret_key( sk->pubkey_algo, sk->skey );
+	/* the checksum may fail, so we also check the key itself */
+	res = pubkey_check_secret_key( sk->pubkey_algo, sk->skey );
 	if( res ) {
 	    copy_secret_key( sk, save_sk );
             passphrase_clear_cache ( keyid, sk->pubkey_algo );
 	    free_secret_key( save_sk );
-	    return GPGERR_BAD_PASS;
+	    return G10ERR_BAD_PASS;
 	}
 	free_secret_key( save_sk );
 	sk->is_protected = 0;
@@ -215,11 +185,10 @@ do_check( PKT_secret_key *sk )
 	csum = 0;
 	for(i=pubkey_get_npkey(sk->pubkey_algo);
 		i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
-	    assert( !gcry_mpi_get_flag( sk->skey[i], GCRYMPI_FLAG_OPAQUE ) );
 	    csum += checksum_mpi( sk->skey[i] );
 	}
 	if( csum != sk->csum )
-	    return GPGERR_CHECKSUM;
+	    return G10ERR_CHECKSUM;
     }
 
     return 0;
@@ -234,17 +203,20 @@ do_check( PKT_secret_key *sk )
 int
 check_secret_key( PKT_secret_key *sk, int n )
 {
-    int rc = GPGERR_BAD_PASS;
+    int rc = G10ERR_BAD_PASS;
     int i;
 
     if( n < 1 )
-	n = opt.batch? 1 : 3; /* use the default value */
-
-    for(i=0; i < n && rc == GPGERR_BAD_PASS; i++ ) {
-	if( i )
-	    log_info(_("Invalid passphrase; please try again ...\n"));
-	rc = do_check( sk );
-	if( rc == GPGERR_BAD_PASS && is_status_enabled() ) {
+	n = (opt.batch && !opt.use_agent)? 1 : 3; /* use the default value */
+
+    for(i=0; i < n && rc == G10ERR_BAD_PASS; i++ ) {
+        const char *tryagain = NULL;
+	if (i) {
+            tryagain = _("Invalid passphrase; please try again");
+            log_info (_("%s ...\n"), tryagain);
+        }
+	rc = do_check( sk, tryagain );
+	if( rc == G10ERR_BAD_PASS && is_status_enabled() ) {
 	    u32 kid[2];
 	    char buf[50];
 
@@ -289,114 +261,103 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
 	return 0;
 
     if( !sk->is_protected ) { /* okay, apply the protection */
-	GCRY_CIPHER_HD cipher_hd=NULL;
+	CIPHER_HANDLE cipher_hd=NULL;
 
-	if( openpgp_cipher_test_algo( sk->protect.algo ) )
-	    rc = GPGERR_CIPHER_ALGO; /* unsupport protection algorithm */
+	if( check_cipher_algo( sk->protect.algo ) )
+	    rc = G10ERR_CIPHER_ALGO; /* unsupport protection algorithm */
 	else {
 	    print_cipher_algo_note( sk->protect.algo );
-	    if( !(cipher_hd = gcry_cipher_open( sk->protect.algo,
-					  GCRY_CIPHER_MODE_CFB,
-					  GCRY_CIPHER_SECURE
-					  | (sk->protect.algo >= 100 ?
-					      0 : GCRY_CIPHER_ENABLE_SYNC) ))
-					 ) {
-		BUG();
-	    }
-	    rc = gcry_cipher_setkey( cipher_hd, dek->key, dek->keylen );
-	    if( rc == GCRYERR_WEAK_KEY ) {
+	    cipher_hd = cipher_open( sk->protect.algo,
+				     CIPHER_MODE_AUTO_CFB, 1 );
+	    if( cipher_setkey( cipher_hd, dek->key, dek->keylen ) )
 		log_info(_("WARNING: Weak key detected"
 			   " - please change passphrase again.\n"));
-		rc = 0;
-	    }
-	    else if( rc )
-		BUG();
-
-	    /* set the IV length */
-	    {	int blocksize = gcry_cipher_get_algo_blklen( sk->protect.algo );
-		if( blocksize != 8 && blocksize != 16 )
-		    log_fatal("unsupported blocksize %d\n", blocksize );
-		sk->protect.ivlen = blocksize;
-		assert( sk->protect.ivlen <= DIM(sk->protect.iv) );
-	    }
-	    gcry_randomize(sk->protect.iv, sk->protect.ivlen,
-							 GCRY_STRONG_RANDOM);
-	    gcry_cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
-
-	    /* FIXME: replace set/get buffer */
+	    sk->protect.ivlen = cipher_get_blocksize( sk->protect.algo );
+	    assert( sk->protect.ivlen <= DIM(sk->protect.iv) );
+	    if( sk->protect.ivlen != 8 && sk->protect.ivlen != 16 )
+		BUG(); /* yes, we are very careful */
+	    randomize_buffer(sk->protect.iv, sk->protect.ivlen, 1);
+	    cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
 	    if( sk->version >= 4 ) {
-		byte *bufarr[GNUPG_MAX_NSKEY];
-		unsigned narr[GNUPG_MAX_NSKEY];
-		unsigned nbits[GNUPG_MAX_NSKEY];
+                byte *bufarr[PUBKEY_MAX_NSKEY];
+		unsigned narr[PUBKEY_MAX_NSKEY];
+		unsigned nbits[PUBKEY_MAX_NSKEY];
 		int ndata=0;
 		byte *p, *data;
 
 		for(j=0, i = pubkey_get_npkey(sk->pubkey_algo);
 			i < pubkey_get_nskey(sk->pubkey_algo); i++, j++ ) {
-		    assert( !gcry_mpi_get_flag( sk->skey[i], GCRYMPI_FLAG_OPAQUE ) );
-
-		    if( gcry_mpi_aprint( GCRYMPI_FMT_USG, (void**)bufarr+j,
-							  narr+j, sk->skey[i]))
-			BUG();
-
-		    nbits[j]  = gcry_mpi_get_nbits( sk->skey[i] );
+		    assert( !mpi_is_opaque( sk->skey[i] ) );
+		    bufarr[j] = mpi_get_buffer( sk->skey[i], &narr[j], NULL );
+		    nbits[j]  = mpi_get_nbits( sk->skey[i] );
 		    ndata += narr[j] + 2;
 		}
-		for( ; j < GNUPG_MAX_NSKEY; j++ )
+		for( ; j < PUBKEY_MAX_NSKEY; j++ )
 		    bufarr[j] = NULL;
-		ndata += 2; /* for checksum */
+		ndata += opt.simple_sk_checksum? 2 : 20; /* for checksum */
 
-		data = gcry_xmalloc_secure( ndata );
+		data = m_alloc_secure( ndata );
 		p = data;
-		for(j=0; j < GNUPG_MAX_NSKEY && bufarr[j]; j++ ) {
+		for(j=0; j < PUBKEY_MAX_NSKEY && bufarr[j]; j++ ) {
 		    p[0] = nbits[j] >> 8 ;
 		    p[1] = nbits[j];
 		    p += 2;
 		    memcpy(p, bufarr[j], narr[j] );
 		    p += narr[j];
-		    gcry_free(bufarr[j]);
+		    m_free(bufarr[j]);
 		}
-		csum = checksum( data, ndata-2);
-		sk->csum = csum;
-		*p++ =	csum >> 8;
-		*p++ =	csum;
-		assert( p == data+ndata );
-		gcry_cipher_encrypt( cipher_hd, data, ndata, NULL, 0 );
+                
+                if (opt.simple_sk_checksum) {
+                    log_info (_("generating the deprecated 16-bit checksum"
+                              " for secret key protection\n")); 
+                    csum = checksum( data, ndata-2);
+                    sk->csum = csum;
+                    *p++ =	csum >> 8;
+                    *p++ =	csum;
+                    sk->protect.sha1chk = 0;
+                }
+                else {
+                    MD_HANDLE h = md_open (DIGEST_ALGO_SHA1, 1);
+                    if (!h)
+                        BUG(); /* algo not available */
+                    md_write (h, data, ndata - 20);
+                    md_final (h);
+                    memcpy (p, md_read (h, DIGEST_ALGO_SHA1), 20);
+                    p += 20;
+                    md_close (h);
+                    sk->csum = csum = 0;
+                    sk->protect.sha1chk = 1;
+                }
+                assert( p == data+ndata );
+
+		cipher_encrypt( cipher_hd, data, data, ndata );
 		for(i = pubkey_get_npkey(sk->pubkey_algo);
 			i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
-		    mpi_release( sk->skey[i] );
+		    mpi_free( sk->skey[i] );
 		    sk->skey[i] = NULL;
 		}
 		i = pubkey_get_npkey(sk->pubkey_algo);
-		sk->skey[i] = gcry_mpi_set_opaque(NULL, data, ndata*8 );
+		sk->skey[i] = mpi_set_opaque(NULL, data, ndata );
 	    }
 	    else {
 		/* NOTE: we always recalculate the checksum because there
 		 * are some test releases which calculated it wrong */
-	        /* FIXME: Replace this code -- Hmmm: why */
 		csum = 0;
 		for(i=pubkey_get_npkey(sk->pubkey_algo);
 			i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
-		    csum += checksum_mpi( sk->skey[i] );
-
-		    if( gcry_mpi_aprint( GCRYMPI_FMT_USG,
-					 &buffer, &nbytes, sk->skey[i] ) )
-			BUG();
-
-		    gcry_cipher_sync( cipher_hd );
-		    assert( !gcry_mpi_get_flag( sk->skey[i], GCRYMPI_FLAG_OPAQUE ) );
-		    gcry_cipher_encrypt( cipher_hd, buffer, nbytes, NULL, 0 );
-		    gcry_mpi_release( sk->skey[i] );
-		    if( gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_USG,
-				       buffer,&nbytes ) )
-			BUG();
-
-		    gcry_free( buffer );
+		    csum += checksum_mpi_counted_nbits( sk->skey[i] );
+		    buffer = mpi_get_buffer( sk->skey[i], &nbytes, NULL );
+		    cipher_sync( cipher_hd );
+		    assert( !mpi_is_protected(sk->skey[i]) );
+		    cipher_encrypt( cipher_hd, buffer, buffer, nbytes );
+		    mpi_set_buffer( sk->skey[i], buffer, nbytes, 0 );
+		    mpi_set_protect_flag( sk->skey[i] );
+		    m_free( buffer );
 		}
 		sk->csum = csum;
 	    }
 	    sk->is_protected = 1;
-	    gcry_cipher_close( cipher_hd );
+	    cipher_close( cipher_hd );
 	}
     }
     return rc;
diff --git a/g10/seskey.c b/g10/seskey.c
index aa2a1511c..fc912eeb5 100644
--- a/g10/seskey.c
+++ b/g10/seskey.c
@@ -1,5 +1,5 @@
 /* seskey.c -  make sesssion keys etc.
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,9 +23,9 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-
-#include <gcrypt.h>
 #include "util.h"
+#include "cipher.h"
+#include "mpi.h"
 #include "main.h"
 #include "i18n.h"
 
@@ -36,31 +36,22 @@
 void
 make_session_key( DEK *dek )
 {
-    GCRY_CIPHER_HD chd;
+    CIPHER_HANDLE chd;
     int i, rc;
 
-    dek->keylen = gcry_cipher_get_algo_keylen( dek->algo );
-
-    if( !(chd = gcry_cipher_open( dek->algo, GCRY_CIPHER_MODE_CFB,
-				       GCRY_CIPHER_SECURE
-				       | (dek->algo >= 100 ?
-					   0 : GCRY_CIPHER_ENABLE_SYNC) ))
-			  ) {
-	BUG();
-    }
+    dek->keylen = cipher_get_keylen( dek->algo ) / 8;
 
-    gcry_randomize( dek->key, dek->keylen, GCRY_STRONG_RANDOM );
+    chd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
+    randomize_buffer( dek->key, dek->keylen, 1 );
     for(i=0; i < 16; i++ ) {
-	rc = gcry_cipher_setkey( chd, dek->key, dek->keylen );
+	rc = cipher_setkey( chd, dek->key, dek->keylen );
 	if( !rc ) {
-	    gcry_cipher_close( chd );
+	    cipher_close( chd );
 	    return;
 	}
-	if( rc != GCRYERR_WEAK_KEY )
-	    BUG();
 	log_info(_("weak key created - retrying\n") );
 	/* Renew the session key until we get a non-weak key. */
-	gcry_randomize( dek->key, dek->keylen, GCRY_STRONG_RANDOM );
+	randomize_buffer( dek->key, dek->keylen, 1 );
     }
     log_fatal(_(
 	    "cannot avoid weak key for symmetric cipher; tried %d times!\n"),
@@ -108,13 +99,13 @@ encode_session_key( DEK *dek, unsigned nbits )
     for( p = dek->key, i=0; i < dek->keylen; i++ )
 	csum += *p++;
 
-    frame = gcry_xmalloc_secure( nframe );
+    frame = m_alloc_secure( nframe );
     n = 0;
     frame[n++] = 0;
     frame[n++] = 2;
     i = nframe - 6 - dek->keylen;
     assert( i > 0 );
-    p = gcry_random_bytes_secure( i, GCRY_STRONG_RANDOM );
+    p = get_random_bits( i*8, 1, 1 );
     /* replace zero bytes by new values */
     for(;;) {
 	int j, k;
@@ -127,14 +118,14 @@ encode_session_key( DEK *dek, unsigned nbits )
 	if( !k )
 	    break; /* okay: no zero bytes */
 	k += k/128; /* better get some more */
-	pp = gcry_random_bytes_secure( k, GCRY_STRONG_RANDOM);
+	pp = get_random_bits( k*8, 1, 1);
 	for(j=0; j < i && k ; j++ )
 	    if( !p[j] )
 		p[j] = pp[--k];
-	gcry_free(pp);
+	m_free(pp);
     }
     memcpy( frame+n, p, i );
-    gcry_free(p);
+    m_free(p);
     n += i;
     frame[n++] = 0;
     frame[n++] = dek->algo;
@@ -142,16 +133,15 @@ encode_session_key( DEK *dek, unsigned nbits )
     frame[n++] = csum >>8;
     frame[n++] = csum;
     assert( n == nframe );
-    if( gcry_mpi_scan( &a, GCRYMPI_FMT_USG, frame, &nframe ) )
-	BUG();
-    gcry_free(frame);
-
+    a = mpi_alloc_secure( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
+    mpi_set_buffer( a, frame, nframe, 0 );
+    m_free(frame);
     return a;
 }
 
 
 static MPI
-do_encode_md( GCRY_MD_HD md, int algo, size_t len, unsigned nbits,
+do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
 	      const byte *asn, size_t asnlen, int v3compathack )
 {
     int nframe = (nbits+7) / 8;
@@ -165,12 +155,11 @@ do_encode_md( GCRY_MD_HD md, int algo, size_t len, unsigned nbits,
 
     /* We encode the MD in this way:
      *
-     *	   0  1 PAD(n bytes)   0  ASN(asnlen bytes)  MD(len bytes)
+     *	   0  A PAD(n bytes)   0  ASN(asnlen bytes)  MD(len bytes)
      *
      * PAD consists of FF bytes.
      */
-    frame = gcry_md_is_secure(md)? gcry_xmalloc_secure( nframe )
-				 : gcry_xmalloc( nframe );
+    frame = md_is_secure(md)? m_alloc_secure( nframe ) : m_alloc( nframe );
     n = 0;
     frame[n++] = 0;
     frame[n++] = v3compathack? algo : 1; /* block type */
@@ -179,11 +168,13 @@ do_encode_md( GCRY_MD_HD md, int algo, size_t len, unsigned nbits,
     memset( frame+n, 0xff, i ); n += i;
     frame[n++] = 0;
     memcpy( frame+n, asn, asnlen ); n += asnlen;
-    memcpy( frame+n, gcry_md_read(md, algo), len ); n += len;
+    memcpy( frame+n, md_read(md, algo), len ); n += len;
     assert( n == nframe );
-    if( gcry_mpi_scan( &a, GCRYMPI_FMT_USG, frame, &nframe ) )
-	BUG();
-    gcry_free(frame);
+    a = md_is_secure(md)?
+	 mpi_alloc_secure( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB )
+	 : mpi_alloc( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
+    mpi_set_buffer( a, frame, nframe, 0 );
+    m_free(frame);
     return a;
 }
 
@@ -192,36 +183,35 @@ do_encode_md( GCRY_MD_HD md, int algo, size_t len, unsigned nbits,
  * Encode a message digest into an MPI.
  * v3compathack is used to work around a bug in old GnuPG versions
  * which did put the algo identifier inseatd of the block type 1 into
- * the encoded value.  setting this vare force the old behaviour.
+ * the encoded value.  Setting this flag forces the old behaviour.
  */
 MPI
-encode_md_value( int pubkey_algo, GCRY_MD_HD md, int hash_algo,
+encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo,
 		 unsigned nbits, int v3compathack )
 {
-    int algo = hash_algo? hash_algo : gcry_md_get_algo(md);
+    int algo = hash_algo? hash_algo : md_get_algo(md);
+    const byte *asn;
+    size_t asnlen, mdlen;
     MPI frame;
 
-    if( pubkey_algo == GCRY_PK_DSA ) {
-	size_t n = gcry_md_get_algo_dlen(hash_algo);
-	if( gcry_mpi_scan( &frame, GCRYMPI_FMT_USG,
-				   gcry_md_read(md, hash_algo), &n ) )
-	    BUG();
+    if( pubkey_algo == PUBKEY_ALGO_DSA ) {
+        mdlen = md_digest_length (hash_algo);
+        if (mdlen != 20) {
+            log_error (_("DSA requires the use of a 160 bit hash algorithm\n"));
+            return NULL;
+        }
+
+	frame = md_is_secure(md)? mpi_alloc_secure((md_digest_length(hash_algo)
+				 +BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB )
+				: mpi_alloc((md_digest_length(hash_algo)
+				 +BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
+	mpi_set_buffer( frame, md_read(md, hash_algo),
+			       md_digest_length(hash_algo), 0 );
     }
     else {
-	byte *asn;
-	size_t asnlen;
-
-	if( gcry_md_algo_info( algo, GCRYCTL_GET_ASNOID, NULL, &asnlen ) )
-	    log_fatal("can't get OID of algo %d: %s\n",
-					    algo, gcry_strerror(-1));
-	asn = gcry_xmalloc( asnlen );
-	if( gcry_md_algo_info( algo, GCRYCTL_GET_ASNOID, asn, &asnlen ) )
-	    BUG();
-	frame = do_encode_md( md, algo, gcry_md_get_algo_dlen( algo ),
-					 nbits, asn, asnlen, v3compathack );
-	gcry_free( asn );
+       asn = md_asn_oid( algo, &asnlen, &mdlen );
+       frame = do_encode_md( md, algo, mdlen, nbits, asn, asnlen, v3compathack);
     }
     return frame;
 }
 
-
diff --git a/g10/sig-check.c b/g10/sig-check.c
index a3946a1e0..c9c19aad4 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -1,5 +1,5 @@
 /* sig-check.c -  Check a signature
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,11 +23,12 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-
-#include <gcrypt.h>
 #include "util.h"
 #include "packet.h"
+#include "memory.h"
+#include "mpi.h"
 #include "keydb.h"
+#include "cipher.h"
 #include "main.h"
 #include "status.h"
 #include "i18n.h"
@@ -35,108 +36,35 @@
 
 struct cmp_help_context_s {
     PKT_signature *sig;
-    GCRY_MD_HD md;
+    MD_HANDLE md;
 };
 
-
-static int do_signature_check( PKT_signature *sig, GCRY_MD_HD digest,
-					 u32 *r_expiredate, int *r_expired );
 static int do_check( PKT_public_key *pk, PKT_signature *sig,
-					 GCRY_MD_HD digest, int *r_expired );
-
-
-
-/****************
- * Emulate our old PK interface here - sometime in the future we might
- * change the internal design to directly fit to libgcrypt.
- */
-static int
-pk_verify( int algo, MPI hash, MPI *data, MPI *pkey,
-	   int (*cmp)(void *, MPI), void *opaque )
-{
-    GCRY_SEXP s_sig, s_hash, s_pkey;
-    int rc;
-
-    /* forget about cmp and opaque - we never used it */
-
-    /* make a sexp from pkey */
-    if( algo == GCRY_PK_DSA ) {
-	rc = gcry_sexp_build ( &s_pkey, NULL,
-			      "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
-				  pkey[0], pkey[1], pkey[2], pkey[3] );
-    }
-    else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
-	rc = gcry_sexp_build ( &s_pkey, NULL,
-			      "(public-key(elg(p%m)(g%m)(y%m)))",
-				  pkey[0], pkey[1], pkey[2] );
-    }
-    else if( algo == GCRY_PK_RSA ) {
-	rc = gcry_sexp_build ( &s_pkey, NULL,
-			      "(public-key(rsa(n%m)(e%m)))",
-				  pkey[0], pkey[1] );
-    }
-    else
-	return GPGERR_PUBKEY_ALGO;
-
-    if ( rc )
-	BUG ();
-
-    /* put hash into a S-Exp s_hash */
-    if ( gcry_sexp_build( &s_hash, NULL, "%m", hash ) )
-	BUG ();
-
-    /* put data into a S-Exp s_sig */
-    if( algo == GCRY_PK_DSA ) {
-	rc = gcry_sexp_build ( &s_sig, NULL,
-			      "(sig-val(dsa(r%m)(s%m)))", data[0], data[1] );
-    }
-    else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
-	rc = gcry_sexp_build ( &s_sig, NULL,
-			      "(sig-val(elg(r%m)(s%m)))", data[0], data[1] );
-    }
-    else if( algo == GCRY_PK_RSA ) {
-	rc = gcry_sexp_build ( &s_sig, NULL,
-			      "(sig-val(rsa(s%m)))", data[0] );
-    }
-    else
-	BUG();
-
-    if ( rc )
-	BUG ();
-
-
-    rc = gcry_pk_verify( s_sig, s_hash, s_pkey );
-    gcry_sexp_release( s_sig );
-    gcry_sexp_release( s_hash );
-    gcry_sexp_release( s_pkey );
-    return rc;
-}
-
-
+					 MD_HANDLE digest, int *r_expired );
 
 /****************
  * Check the signature which is contained in SIG.
- * The GCRY_MD_HD should be currently open, so that this function
+ * The MD_HANDLE should be currently open, so that this function
  * is able to append some data, before finalizing the digest.
  */
 int
-signature_check( PKT_signature *sig, GCRY_MD_HD digest )
+signature_check( PKT_signature *sig, MD_HANDLE digest )
 {
     u32 dummy;
     int dum2;
-    return do_signature_check( sig, digest, &dummy, &dum2 );
+    return signature_check2( sig, digest, &dummy, &dum2 );
 }
 
-static int
-do_signature_check( PKT_signature *sig, GCRY_MD_HD digest,
-					u32 *r_expiredate, int *r_expired )
+int
+signature_check2( PKT_signature *sig, MD_HANDLE digest,
+		  u32 *r_expiredate, int *r_expired )
 {
-    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
+    PKT_public_key *pk = m_alloc_clear( sizeof *pk );
     int rc=0;
 
     *r_expiredate = 0;
     if( get_pubkey( pk, sig->keyid ) )
-	rc = GPGERR_NO_PUBKEY;
+	rc = G10ERR_NO_PUBKEY;
     else {
 	*r_expiredate = pk->expiredate;
 	rc = do_check( pk, sig, digest, r_expired );
@@ -150,40 +78,38 @@ do_signature_check( PKT_signature *sig, GCRY_MD_HD digest,
 	 * this sig-id we could have also used the hash of the document
 	 * and the timestamp, but the drawback of this is, that it is
 	 * not possible to sign more than one identical document within
-	 * one second.	Some remote bacth processing applications might
+	 * one second.	Some remote batch processing applications might
 	 * like this feature here */
-	GCRY_MD_HD md;
+	MD_HANDLE md;
 	u32 a = sig->timestamp;
 	int i, nsig = pubkey_get_nsig( sig->pubkey_algo );
 	byte *p, *buffer;
 
-	if( !(md = gcry_md_open( GCRY_MD_RMD160, 0)) )
-	    BUG();
-	gcry_md_putc( digest, sig->pubkey_algo );
-	gcry_md_putc( digest, sig->digest_algo );
-	gcry_md_putc( digest, (a >> 24) & 0xff );
-	gcry_md_putc( digest, (a >> 16) & 0xff );
-	gcry_md_putc( digest, (a >>  8) & 0xff );
-	gcry_md_putc( digest,  a	& 0xff );
+	md = md_open( DIGEST_ALGO_RMD160, 0);
+	md_putc( digest, sig->pubkey_algo );
+	md_putc( digest, sig->digest_algo );
+	md_putc( digest, (a >> 24) & 0xff );
+	md_putc( digest, (a >> 16) & 0xff );
+	md_putc( digest, (a >>	8) & 0xff );
+	md_putc( digest,  a	   & 0xff );
 	for(i=0; i < nsig; i++ ) {
-	    size_t n = gcry_mpi_get_nbits( sig->data[i]);
-
-	    gcry_md_putc( md, n>>8);
-	    gcry_md_putc( md, n );
-	    if( gcry_mpi_aprint( GCRYMPI_FMT_USG, &p, &n, sig->data[i] ) )
-		BUG();
-	    gcry_md_write( md, p, n );
-	    gcry_free(p);
+	    unsigned n = mpi_get_nbits( sig->data[i]);
+
+	    md_putc( md, n>>8);
+	    md_putc( md, n );
+	    p = mpi_get_buffer( sig->data[i], &n, NULL );
+	    md_write( md, p, n );
+	    m_free(p);
 	}
-	gcry_md_final( md );
-	p = make_radix64_string( gcry_md_read( md, 0 ), 20 );
-	buffer = gcry_xmalloc( strlen(p) + 60 );
+	md_final( md );
+	p = make_radix64_string( md_read( md, 0 ), 20 );
+	buffer = m_alloc( strlen(p) + 60 );
 	sprintf( buffer, "%s %s %lu",
 		 p, strtimestamp( sig->timestamp ), (ulong)sig->timestamp );
 	write_status_text( STATUS_SIG_ID, buffer );
-	gcry_free(buffer);
-	gcry_free(p);
-	gcry_md_close(md);
+	m_free(buffer);
+	m_free(p);
+	md_close(md);
     }
 
     return rc;
@@ -203,7 +129,7 @@ cmp_help( void *opaque, MPI result )
     size_t mdlen, asnlen;
     struct cmp_help_context_s *ctx = opaque;
     PKT_signature *sig = ctx->sig;
-    GCRY_MD_HD digest = ctx->md;
+    MD_HANDLE digest = ctx->md;
 
     old_enc = 0;
     for(i=j=0; (c=mpi_getbyte(result, i)) != -1; i++ ) {
@@ -226,7 +152,7 @@ cmp_help( void *opaque, MPI result )
     }
     if( old_enc ) {
 	log_error("old encoding scheme is not supported\n");
-	return GPGERR_GENERAL;
+	return G10ERR_GENERAL;
     }
 
     if( (rc=check_digest_algo(sig->digest_algo)) )
@@ -238,25 +164,25 @@ cmp_help( void *opaque, MPI result )
 	if( asn[j] != c )
 	    break;
     if( j != -1 || mpi_getbyte(result, i) )
-	return GPGERR_BAD_PUBKEY;  /* ASN is wrong */
+	return G10ERR_BAD_PUBKEY;  /* ASN is wrong */
     for(i++; (c=mpi_getbyte(result, i)) != -1; i++ )
 	if( c != 0xff  )
 	    break;
     i++;
     if( c != sig->digest_algo || mpi_getbyte(result, i) ) {
 	/* Padding or leading bytes in signature is wrong */
-	return GPGERR_BAD_PUBKEY;
+	return G10ERR_BAD_PUBKEY;
     }
     if( mpi_getbyte(result, mdlen-1) != sig->digest_start[0]
 	|| mpi_getbyte(result, mdlen-2) != sig->digest_start[1] ) {
 	/* Wrong key used to check the signature */
-	return GPGERR_BAD_PUBKEY;
+	return G10ERR_BAD_PUBKEY;
     }
 
     dp = md_read( digest, sig->digest_algo );
     for(i=mdlen-1; i >= 0; i--, dp++ ) {
 	if( mpi_getbyte( result, i ) != *dp )
-	    return GPGERR_BAD_SIGN;
+	    return G10ERR_BAD_SIGN;
     }
     return 0;
   #else
@@ -266,7 +192,7 @@ cmp_help( void *opaque, MPI result )
 
 
 static int
-do_check( PKT_public_key *pk, PKT_signature *sig, GCRY_MD_HD digest,
+do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest,
 						    int *r_expired )
 {
     MPI result = NULL;
@@ -275,10 +201,10 @@ do_check( PKT_public_key *pk, PKT_signature *sig, GCRY_MD_HD digest,
     u32 cur_time;
 
     *r_expired = 0;
-    if( pk->version == 4 && pk->pubkey_algo == GCRY_PK_ELG_E ) {
+    if( pk->version == 4 && pk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
 	log_info(_("this is a PGP generated "
-		   "ElGamal key which is NOT secure for signatures!\n"));
-	return GPGERR_PUBKEY_ALGO;
+		  "ElGamal key which is NOT secure for signatures!\n"));
+	return G10ERR_PUBKEY_ALGO;
     }
 
     if( pk->timestamp > sig->timestamp ) {
@@ -288,7 +214,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, GCRY_MD_HD digest,
 		  : _("public key is %lu seconds newer than the signature\n"),
 		       d );
 	if( !opt.ignore_time_conflict )
-	    return GPGERR_TIME_CONFLICT; /* pubkey newer than signature */
+	    return G10ERR_TIME_CONFLICT; /* pubkey newer than signature */
     }
 
     cur_time = make_timestamp();
@@ -299,44 +225,55 @@ do_check( PKT_public_key *pk, PKT_signature *sig, GCRY_MD_HD digest,
 		       : _("key has been created %lu seconds "
 			   "in future (time warp or clock problem)\n"), d );
 	if( !opt.ignore_time_conflict )
-	    return GPGERR_TIME_CONFLICT;
+	    return G10ERR_TIME_CONFLICT;
     }
 
     if( pk->expiredate && pk->expiredate < cur_time ) {
-	log_info(_("NOTE: signature key expired %s\n"),
-					asctimestamp( pk->expiredate ) );
+        char buf[11];
+        if (opt.verbose) {
+	    u32 tmp_kid[2];
+
+	    keyid_from_pk( pk, tmp_kid );
+            log_info(_("NOTE: signature key %08lX expired %s\n"),
+                     (ulong)tmp_kid[1], asctimestamp( pk->expiredate ) );
+        }
+	/* SIGEXPIRED is deprecated.  Use KEYEXPIRED. */
+	sprintf(buf,"%lu",(ulong)pk->expiredate);
+	write_status_text(STATUS_KEYEXPIRED,buf);
 	write_status(STATUS_SIGEXPIRED);
 	*r_expired = 1;
     }
 
 
-    if( (rc=openpgp_md_test_algo(sig->digest_algo)) )
+    if( (rc=check_digest_algo(sig->digest_algo)) )
 	return rc;
-    if( (rc=openpgp_pk_test_algo(sig->pubkey_algo, 0)) )
+    if( (rc=check_pubkey_algo(sig->pubkey_algo)) )
 	return rc;
 
     /* make sure the digest algo is enabled (in case of a detached signature)*/
-    gcry_md_enable( digest, sig->digest_algo );
+    md_enable( digest, sig->digest_algo );
 
     /* complete the digest */
     if( sig->version >= 4 )
-	gcry_md_putc( digest, sig->version );
-    gcry_md_putc( digest, sig->sig_class );
+	md_putc( digest, sig->version );
+    md_putc( digest, sig->sig_class );
     if( sig->version < 4 ) {
 	u32 a = sig->timestamp;
-	gcry_md_putc( digest, (a >> 24) & 0xff );
-	gcry_md_putc( digest, (a >> 16) & 0xff );
-	gcry_md_putc( digest, (a >>  8) & 0xff );
-	gcry_md_putc( digest,  a	& 0xff );
+	md_putc( digest, (a >> 24) & 0xff );
+	md_putc( digest, (a >> 16) & 0xff );
+	md_putc( digest, (a >>	8) & 0xff );
+	md_putc( digest,  a	   & 0xff );
     }
     else {
 	byte buf[6];
 	size_t n;
-	gcry_md_putc( digest, sig->pubkey_algo );
-	gcry_md_putc( digest, sig->digest_algo );
-	if( sig->hashed_data ) {
-	    n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
-	    gcry_md_write( digest, sig->hashed_data, n+2 );
+	md_putc( digest, sig->pubkey_algo );
+	md_putc( digest, sig->digest_algo );
+	if( sig->hashed ) {
+	    n = sig->hashed->len;
+            md_putc (digest, (n >> 8) );
+            md_putc (digest,  n       );
+	    md_write (digest, sig->hashed->data, n);
 	    n += 6;
 	}
 	else
@@ -348,57 +285,61 @@ do_check( PKT_public_key *pk, PKT_signature *sig, GCRY_MD_HD digest,
 	buf[3] = n >> 16;
 	buf[4] = n >>  8;
 	buf[5] = n;
-	gcry_md_write( digest, buf, 6 );
+	md_write( digest, buf, 6 );
     }
-    gcry_md_final( digest );
+    md_final( digest );
 
     result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo,
-			      gcry_mpi_get_nbits(pk->pkey[0]), 0);
+			      mpi_get_nbits(pk->pkey[0]), 0 );
+    if (!result)
+        return G10ERR_GENERAL;
     ctx.sig = sig;
     ctx.md = digest;
-    rc = pk_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
+    rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
 			cmp_help, &ctx );
-    mpi_release( result );
+    mpi_free( result );
     if( (opt.emulate_bugs & EMUBUG_MDENCODE)
-	&& rc == GPGERR_BAD_SIGN && is_ELGAMAL(pk->pubkey_algo) ) {
+	&& rc == G10ERR_BAD_SIGN && is_ELGAMAL(pk->pubkey_algo) ) {
 	/* In this case we try again because old GnuPG versions didn't encode
 	 * the hash right. There is no problem with DSA however  */
 	result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo,
-				  gcry_mpi_get_nbits(pk->pkey[0]), (sig->version < 5) );
-	ctx.sig = sig;
-	ctx.md = digest;
-	rc = pk_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
-			cmp_help, &ctx );
+			      mpi_get_nbits(pk->pkey[0]), (sig->version < 5) );
+        if (!result)
+            rc = G10ERR_GENERAL;
+        else {
+            ctx.sig = sig;
+            ctx.md = digest;
+            rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
+                                cmp_help, &ctx );
+        }
     }
 
     if( !rc && sig->flags.unknown_critical ) {
 	log_info(_("assuming bad signature due to an unknown critical bit\n"));
-	rc = GPGERR_BAD_SIGN;
+	rc = G10ERR_BAD_SIGN;
     }
-    sig->flags.checked = 1;
-    sig->flags.valid = !rc;
 
     return rc;
 }
 
 
 static void
-hash_uid_node( KBNODE unode, GCRY_MD_HD md, PKT_signature *sig )
+hash_uid_node( KBNODE unode, MD_HANDLE md, PKT_signature *sig )
 {
     PKT_user_id *uid = unode->pkt->pkt.user_id;
 
     assert( unode->pkt->pkttype == PKT_USER_ID );
-    if( uid->photo ) {
+    if( uid->attrib_data ) {
 	if( sig->version >=4 ) {
 	    byte buf[5];
-	    buf[0] = 0xd1;		   /* packet of type 17 */
-	    buf[1] = uid->photolen >> 24;  /* always use 4 length bytes */
-	    buf[2] = uid->photolen >> 16;
-	    buf[3] = uid->photolen >>  8;
-	    buf[4] = uid->photolen;
-	    gcry_md_write( md, buf, 5 );
+	    buf[0] = 0xd1;		     /* packet of type 17 */
+	    buf[1] = uid->attrib_len >> 24;  /* always use 4 length bytes */
+	    buf[2] = uid->attrib_len >> 16;
+	    buf[3] = uid->attrib_len >>  8;
+	    buf[4] = uid->attrib_len;
+	    md_write( md, buf, 5 );
 	}
-	gcry_md_write( md, uid->photo, uid->photolen );
+	md_write( md, uid->attrib_data, uid->attrib_len );
     }
     else {
 	if( sig->version >=4 ) {
@@ -408,9 +349,26 @@ hash_uid_node( KBNODE unode, GCRY_MD_HD md, PKT_signature *sig )
 	    buf[2] = uid->len >> 16;
 	    buf[3] = uid->len >>  8;
 	    buf[4] = uid->len;
-	    gcry_md_write( md, buf, 5 );
+	    md_write( md, buf, 5 );
 	}
-	gcry_md_write( md, uid->name, uid->len );
+	md_write( md, uid->name, uid->len );
+    }
+}
+
+static void
+cache_sig_result ( PKT_signature *sig, int result )
+{
+    if ( !result ) {
+        sig->flags.checked = 1;
+        sig->flags.valid = 1;
+    }
+    else if ( result == G10ERR_BAD_SIGN ) {
+        sig->flags.checked = 1;
+        sig->flags.valid = 0;
+    }
+    else {
+        sig->flags.checked = 0;
+        sig->flags.valid = 0;
     }
 }
 
@@ -431,7 +389,7 @@ int
 check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig,
 				       u32 *r_expiredate, int *r_expired )
 {
-    GCRY_MD_HD md;
+    MD_HANDLE md;
     PKT_public_key *pk;
     PKT_signature *sig;
     int algo;
@@ -448,47 +406,49 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig,
     sig = node->pkt->pkt.signature;
     algo = sig->digest_algo;
 
-  #if 0
-    if( sig->flags.checked ) {
-	log_debug("check_key_signature: already checked: %s\n",
-		      sig->flags.valid? "good":"bad" );
-        if ( sig->flags.valid )
-            return 0; /* shortcut already checked signatures */
-        /* FIXME: We should also do this with bad signatures but here we
-         * have to distinguish between several reasons; e.g. for a missing
-         * public key. the key may now be available.
-         * For now we simply don't shortcut bad signatures
-         */
+    /* check whether we have cached the result of a previous signature check.*/
+    if ( !opt.no_sig_cache ) {
+        if (sig->flags.checked) { /*cached status available*/
+	    if( is_selfsig ) {	
+		u32 keyid[2];	
+
+		keyid_from_pk( pk, keyid );
+		if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
+		    *is_selfsig = 1;
+	    }
+            return sig->flags.valid? 0 : G10ERR_BAD_SIGN;
+        }
     }
-  #endif
 
-    if( (rc=openpgp_md_test_algo(algo)) )
+    if( (rc=check_digest_algo(algo)) )
 	return rc;
 
-    if( sig->sig_class == 0x20 ) {
-	if( !(md = gcry_md_open( algo, 0 )) )
-	    BUG();
+    if( sig->sig_class == 0x20 ) { /* key revocation */
+	md = md_open( algo, 0 );
 	hash_public_key( md, pk );
 	rc = do_check( pk, sig, md, r_expired );
-	gcry_md_close(md);
+        cache_sig_result ( sig, rc );
+	md_close(md);
     }
     else if( sig->sig_class == 0x28 ) { /* subkey revocation */
 	KBNODE snode = find_prev_kbnode( root, node, PKT_PUBLIC_SUBKEY );
 
 	if( snode ) {
-	    if( !(md = gcry_md_open( algo, 0 )) )
-		BUG();
+	    md = md_open( algo, 0 );
 	    hash_public_key( md, pk );
 	    hash_public_key( md, snode->pkt->pkt.public_key );
 	    rc = do_check( pk, sig, md, r_expired );
-	    gcry_md_close(md);
+            cache_sig_result ( sig, rc );
+	    md_close(md);
 	}
 	else {
-	    log_error("no subkey for subkey revocation packet\n");
-	    rc = GPGERR_SIG_CLASS;
+            if (!opt.quiet)
+                log_info ("key %08lX: no subkey for subkey revocation packet\n",
+                          (ulong)keyid_from_pk (pk, NULL));
+	    rc = G10ERR_SIG_CLASS;
 	}
     }
-    else if( sig->sig_class == 0x18 ) {
+    else if( sig->sig_class == 0x18 ) { /* key binding */
 	KBNODE snode = find_prev_kbnode( root, node, PKT_PUBLIC_SUBKEY );
 
 	if( snode ) {
@@ -499,27 +459,35 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig,
 		if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
 		    *is_selfsig = 1;
 	    }
-	    if( !(md = gcry_md_open( algo, 0 )) )
-		BUG();
+	    md = md_open( algo, 0 );
 	    hash_public_key( md, pk );
 	    hash_public_key( md, snode->pkt->pkt.public_key );
 	    rc = do_check( pk, sig, md, r_expired );
-	    gcry_md_close(md);
+            cache_sig_result ( sig, rc );
+	    md_close(md);
 	}
 	else {
-	    log_error("no subkey for key signature packet\n");
-	    rc = GPGERR_SIG_CLASS;
+            if (!opt.quiet)
+                log_info ("key %08lX: no subkey for subkey binding packet\n",
+                          (ulong)keyid_from_pk (pk, NULL));
+	    rc = G10ERR_SIG_CLASS;
 	}
     }
-    else {
+    else if( sig->sig_class == 0x1f ) { /* direct key signature */
+	md = md_open( algo, 0 );
+	hash_public_key( md, pk );
+	rc = do_check( pk, sig, md, r_expired );
+        cache_sig_result ( sig, rc );
+	md_close(md);
+    }
+    else { /* all other classes */
 	KBNODE unode = find_prev_kbnode( root, node, PKT_USER_ID );
 
 	if( unode ) {
 	    u32 keyid[2];
 
 	    keyid_from_pk( pk, keyid );
-	    if( !(md = gcry_md_open( algo, 0 )) )
-		BUG();
+	    md = md_open( algo, 0 );
 	    hash_public_key( md, pk );
 	    hash_uid_node( unode, md, sig );
 	    if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
@@ -528,13 +496,17 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig,
 		rc = do_check( pk, sig, md, r_expired );
 	    }
 	    else {
-		rc = do_signature_check( sig, md, r_expiredate, r_expired );
+		rc = signature_check2( sig, md, r_expiredate, r_expired );
 	    }
-	    gcry_md_close(md);
+            cache_sig_result ( sig, rc );
+	    md_close(md);
 	}
 	else {
-	    log_error("no user ID for key signature packet\n");
-	    rc = GPGERR_SIG_CLASS;
+            if (!opt.quiet)
+                log_info ("key %08lX: no user ID for key signature packet "
+                          "of class %02x\n",
+                          (ulong)keyid_from_pk (pk, NULL), sig->sig_class );
+	    rc = G10ERR_SIG_CLASS;
 	}
     }
 
diff --git a/g10/sign.c b/g10/sign.c
index bdc5b8afe..6a8ce2991 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1,5 +1,5 @@
 /* sign.c - sign data
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -24,13 +24,14 @@
 #include <string.h>
 #include <errno.h>
 #include <assert.h>
+#include <unistd.h> /* need sleep() */
 
-#include <gcrypt.h>
 #include "options.h"
 #include "packet.h"
 #include "errors.h"
 #include "iobuf.h"
 #include "keydb.h"
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "filter.h"
@@ -40,125 +41,212 @@
 #include "i18n.h"
 
 
-#define ENABLE_BETTER_PGP2_COMPAT 1
-
 #ifdef HAVE_DOSISH_SYSTEM
   #define LF "\r\n"
+  void __stdcall Sleep(ulong);
+  #define sleep(a)  Sleep((a)*1000)
 #else
   #define LF "\n"
 #endif
 
+static int recipient_digest_algo=0;
+
 /****************
- * Emulate our old PK interface here - sometime in the future we might
- * change the internal design to directly fit to libgcrypt.
+ * Create a notation.  It is assumed that the stings in STRLIST
+ * are already checked to contain only printable data and have a valid
+ * NAME=VALUE format.
  */
-static int
-pk_sign( int algo, MPI *data, MPI hash, MPI *skey )
+static void
+mk_notation_and_policy( PKT_signature *sig,
+			PKT_public_key *pk, PKT_secret_key *sk )
 {
-    GCRY_SEXP s_sig, s_hash, s_skey, list;
-    int rc;
+    const char *string;
+    char *s=NULL;
+    byte *buf;
+    unsigned n1, n2;
+    STRLIST nd=NULL,pu=NULL;
+    struct expando_args args;
 
-    /* make a sexp from skey */
-    if( algo == GCRY_PK_DSA ) {
-	rc = gcry_sexp_build ( &s_skey, NULL,
-			      "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))",
-				  skey[0], skey[1], skey[2], skey[3], skey[4] );
-    }
-    else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
-	rc = gcry_sexp_build ( &s_skey, NULL,
-			      "(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
-				  skey[0], skey[1], skey[2], skey[3] );
-    }
-    else
-	return GPGERR_PUBKEY_ALGO;
+    memset(&args,0,sizeof(args));
+    args.pk=pk;
+    args.sk=sk;
 
-    if ( rc )
-	BUG ();
+    /* notation data */
+    if(IS_SIG(sig) && opt.sig_notation_data)
+      {
+	if(sig->version<4)
+	  log_info("can't put notation data into v3 signatures\n");
+	else
+	  nd=opt.sig_notation_data;
+      }
+    else if( IS_CERT(sig) && opt.cert_notation_data )
+      {
+	if(sig->version<4)
+	  log_info("can't put notation data into v3 key signatures\n");
+	else
+	  nd=opt.cert_notation_data;
+      }
+
+    for( ; nd; nd = nd->next ) {
+        char *expanded;
+
+        string = nd->d;
+	s = strchr( string, '=' );
+	if( !s )
+	  BUG(); /* we have already parsed this */
+	n1 = s - string;
+	s++;
+
+	expanded=pct_expando(s,&args);
+	if(!expanded)
+	  {
+	    log_error(_("WARNING: unable to %%-expand notation "
+			"(too large).  Using unexpanded.\n"));
+	    expanded=m_strdup(s);
+	  }
+
+	n2 = strlen(expanded);
+	buf = m_alloc( 8 + n1 + n2 );
+	buf[0] = 0x80; /* human readable */
+	buf[1] = buf[2] = buf[3] = 0;
+	buf[4] = n1 >> 8;
+	buf[5] = n1;
+	buf[6] = n2 >> 8;
+	buf[7] = n2;
+	memcpy(buf+8, string, n1 );
+	memcpy(buf+8+n1, expanded, n2 );
+	build_sig_subpkt( sig, SIGSUBPKT_NOTATION
+			  | ((nd->flags & 1)? SIGSUBPKT_FLAG_CRITICAL:0),
+			  buf, 8+n1+n2 );
+	m_free(expanded);
+	m_free(buf);
+    }
 
-    /* put hash into a S-Exp s_hash */
-    if ( gcry_sexp_build( &s_hash, NULL, "%m", hash ) )
-	BUG ();
+    if(opt.show_notation)
+      show_notation(sig,0);
 
-    rc = gcry_pk_sign( &s_sig, s_hash, s_skey );
-    gcry_sexp_release( s_hash );
-    gcry_sexp_release( s_skey );
+    /* set policy URL */
+    if( IS_SIG(sig) && opt.sig_policy_url )
+      {
+	if(sig->version<4)
+	  log_info("can't put a policy URL into v3 signatures\n");
+	else
+	  pu=opt.sig_policy_url;
+      }
+    else if( IS_CERT(sig) && opt.cert_policy_url )
+      {
+	if(sig->version<4)
+	  log_info("can't put a policy URL into v3 key signatures\n");
+	else
+	  pu=opt.cert_policy_url;
+      }
+
+    for(;pu;pu=pu->next)
+      {
+        string = pu->d;
+
+	s=pct_expando(string,&args);
+	if(!s)
+	  {
+	    log_error(_("WARNING: unable to %%-expand policy url "
+			"(too large).  Using unexpanded.\n"));
+	    s=m_strdup(string);
+	  }
+
+	build_sig_subpkt(sig,SIGSUBPKT_POLICY|
+			 ((pu->flags & 1)?SIGSUBPKT_FLAG_CRITICAL:0),
+			 s,strlen(s));
+
+	m_free(s);
+      }
+
+    if(opt.show_policy_url)
+      show_policy_url(sig,0);
+}
 
-    if( rc )
-	;
-    else {
-	list = gcry_sexp_find_token( s_sig, "r" , 0 );
-	assert( list );
-	data[0] = gcry_sexp_nth_mpi( list, 1, 0 );
-	assert( data[0] );
-	gcry_sexp_release (list);
 
-	list = gcry_sexp_find_token( s_sig, "s" , 0 );
-	assert( list );
-	data[1] = gcry_sexp_nth_mpi( list, 1, 0 );
-	assert( data[1] );
-	gcry_sexp_release (list);
+/*
+ * Helper to hash a user ID packet.  
+ */
+static void
+hash_uid (MD_HANDLE md, int sigversion, const PKT_user_id *uid)
+{
+    if ( sigversion >= 4 ) {
+        byte buf[5];
+
+	if(uid->attrib_data) {
+	  buf[0] = 0xd1;	           /* indicates an attribute packet */
+	  buf[1] = uid->attrib_len >> 24;  /* always use 4 length bytes */
+	  buf[2] = uid->attrib_len >> 16;
+	  buf[3] = uid->attrib_len >>  8;
+	  buf[4] = uid->attrib_len;
+	}
+	else {
+	  buf[0] = 0xb4;	    /* indicates a userid packet */
+	  buf[1] = uid->len >> 24;  /* always use 4 length bytes */
+	  buf[2] = uid->len >> 16;
+	  buf[3] = uid->len >>  8;
+	  buf[4] = uid->len;
+	}
+        md_write( md, buf, 5 );
     }
 
-
-    gcry_sexp_release( s_sig );
-    return rc;
+    if(uid->attrib_data)
+      md_write (md, uid->attrib_data, uid->attrib_len );
+    else
+      md_write (md, uid->name, uid->len );
 }
 
-/****************
- * Create a notation.  It is assumed that the stings in STRLIST
- * are already checked to contain only printable data and have a valid
- * NAME=VALUE format.
+
+/*
+ * Helper to hash some parts from the signature
  */
 static void
-mk_notation_and_policy( PKT_signature *sig )
+hash_sigversion_to_magic (MD_HANDLE md, const PKT_signature *sig)
 {
-    const char *string, *s;
-    byte *buf;
-    unsigned n1, n2;
-
-    /* notation data */
-    if( opt.notation_data && sig->version < 4 )
-	log_info("can't put notation data into v3 signatures\n");
-    else if( opt.notation_data ) {
-	STRLIST nd = opt.notation_data;
-
-	for( ; nd; nd = nd->next )  {
-	    string = nd->d;
-	    s = strchr( string, '=' );
-	    if( !s )
-		BUG(); /* we have already parsed this */
-	    n1 = s - string;
-	    s++;
-	    n2 = strlen(s);
-	    buf = gcry_xmalloc( 8 + n1 + n2 );
-	    buf[0] = 0x80; /* human readable */
-	    buf[1] = buf[2] = buf[3] = 0;
-	    buf[4] = n1 >> 8;
-	    buf[5] = n1;
-	    buf[6] = n2 >> 8;
-	    buf[7] = n2;
-	    memcpy(buf+8, string, n1 );
-	    memcpy(buf+8+n1, s, n2 );
-	    build_sig_subpkt( sig, SIGSUBPKT_NOTATION
-			      | ((nd->flags & 1)? SIGSUBPKT_FLAG_CRITICAL:0),
-			      buf, 8+n1+n2 );
-	}
+    if (sig->version >= 4) 
+        md_putc (md, sig->version);
+    md_putc (md, sig->sig_class);
+    if (sig->version < 4) {
+        u32 a = sig->timestamp;
+        md_putc (md, (a >> 24) & 0xff );
+        md_putc (md, (a >> 16) & 0xff );
+        md_putc (md, (a >>  8) & 0xff );
+        md_putc (md,  a	       & 0xff );
     }
-
-    /* set policy URL */
-    if( (s=opt.set_policy_url) ) {
-	if( *s == '!' )
-	    build_sig_subpkt( sig, SIGSUBPKT_POLICY | SIGSUBPKT_FLAG_CRITICAL,
-			      s+1, strlen(s+1) );
-	else
-	    build_sig_subpkt( sig, SIGSUBPKT_POLICY, s, strlen(s) );
+    else {
+        byte buf[6];
+        size_t n;
+        
+        md_putc (md, sig->pubkey_algo);
+        md_putc (md, sig->digest_algo);
+        if (sig->hashed) {
+            n = sig->hashed->len;
+            md_putc (md, (n >> 8) );
+            md_putc (md,  n       );
+            md_write (md, sig->hashed->data, n );
+            n += 6;
+        }
+        else {
+            md_putc (md, 0);  /* always hash the length of the subpacket*/
+            md_putc (md, 0);
+            n = 6;
+        }
+        /* add some magic */
+        buf[0] = sig->version;
+        buf[1] = 0xff;
+        buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
+        buf[3] = n >> 16;
+        buf[4] = n >>  8;
+        buf[5] = n;
+        md_write (md, buf, 6);
     }
 }
 
 
 static int
 do_sign( PKT_secret_key *sk, PKT_signature *sig,
-	 GCRY_MD_HD md, int digest_algo )
+	 MD_HANDLE md, int digest_algo )
 {
     MPI frame;
     byte *dp;
@@ -171,32 +259,59 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
 		       : _("key has been created %lu seconds "
 			   "in future (time warp or clock problem)\n"), d );
 	if( !opt.ignore_time_conflict )
-	    return GPGERR_TIME_CONFLICT;
+	    return G10ERR_TIME_CONFLICT;
     }
 
 
     print_pubkey_algo_note(sk->pubkey_algo);
 
     if( !digest_algo )
-	digest_algo = gcry_md_get_algo(md);
+	digest_algo = md_get_algo(md);
 
     print_digest_algo_note( digest_algo );
-    dp = gcry_md_read( md, digest_algo );
+    dp = md_read( md, digest_algo );
     sig->digest_algo = digest_algo;
     sig->digest_start[0] = dp[0];
     sig->digest_start[1] = dp[1];
     frame = encode_md_value( sk->pubkey_algo, md,
-			     digest_algo, gcry_mpi_get_nbits(sk->skey[0]), 0 );
-    rc = pk_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
-    mpi_release(frame);
+			     digest_algo, mpi_get_nbits(sk->skey[0]), 0 );
+    if (!frame)
+        return G10ERR_GENERAL;
+    rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
+    mpi_free(frame);
+    if (!rc && !opt.no_sig_create_check) {
+        /* check that the signature verification worked and nothing is
+         * fooling us e.g. by a bug in the signature create
+         * code or by deliberately introduced faults. */
+        PKT_public_key *pk = m_alloc_clear (sizeof *pk);
+
+        if( get_pubkey( pk, sig->keyid ) )
+            rc = G10ERR_NO_PUBKEY;
+        else {
+            frame = encode_md_value (pk->pubkey_algo, md,
+                                     sig->digest_algo,
+                                     mpi_get_nbits(pk->pkey[0]), 0);
+            if (!frame)
+                rc = G10ERR_GENERAL;
+            else
+                rc = pubkey_verify (pk->pubkey_algo, frame,
+                                    sig->data, pk->pkey,
+                                    NULL, NULL );
+            mpi_free (frame);
+        }
+        if (rc)
+            log_error (_("checking created signature failed: %s\n"),
+                         g10_errstr (rc));
+        free_public_key (pk);
+    }
     if( rc )
-	log_error(_("signing failed: %s\n"), gpg_errstr(rc) );
+	log_error(_("signing failed: %s\n"), g10_errstr(rc) );
     else {
 	if( opt.verbose ) {
 	    char *ustr = get_user_id_string( sig->keyid );
 	    log_info(_("%s signature from: %s\n"),
-		      gcry_pk_algo_name(sk->pubkey_algo), ustr );
-	    gcry_free(ustr);
+		      pubkey_algo_to_string(sk->pubkey_algo), ustr );
+	    m_free(ustr);
 	}
     }
     return rc;
@@ -205,16 +320,12 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
 
 
 int
-complete_sig( PKT_signature *sig, PKT_secret_key *sk, GCRY_MD_HD md )
+complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md )
 {
     int rc=0;
 
     if( !(rc=check_secret_key( sk, 0 )) )
 	rc = do_sign( sk, sig, md, 0 );
-
-    /* fixme: should we check whether the signature is okay?
-     * maybe by using an option */
-
     return rc;
 }
 
@@ -223,10 +334,12 @@ hash_for(int pubkey_algo, int packet_version )
 {
     if( opt.def_digest_algo )
 	return opt.def_digest_algo;
-    if( pubkey_algo == GCRY_PK_DSA )
-	return GCRY_MD_SHA1;
-    if( pubkey_algo == GCRY_PK_RSA && packet_version < 4 )
-	return GCRY_MD_MD5;
+    if( recipient_digest_algo )
+        return recipient_digest_algo;
+    if( pubkey_algo == PUBKEY_ALGO_DSA )
+	return DIGEST_ALGO_SHA1;
+    if( pubkey_algo == PUBKEY_ALGO_RSA && packet_version < 4 )
+	return DIGEST_ALGO_MD5;
     return DEFAULT_DIGEST_ALGO;
 }
 
@@ -239,7 +352,7 @@ only_old_style( SK_LIST sk_list )
     /* if there are only old style capable key we use the old sytle */
     for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
 	PKT_secret_key *sk = sk_rover->sk;
-	if( sk->pubkey_algo == GCRY_PK_RSA && sk->version < 4 )
+	if( sk->pubkey_algo == PUBKEY_ALGO_RSA && sk->version < 4 )
 	    old_style = 1;
 	else
 	    return 0;
@@ -267,94 +380,210 @@ print_status_sig_created ( PKT_secret_key *sk, PKT_signature *sig, int what )
     write_status_text( STATUS_SIG_CREATED, buf );
 }
 
+
+/*
+ * Loop over the secret certificates in SK_LIST and build the one pass
+ * signature packets.  OpenPGP says that the data should be bracket by
+ * the onepass-sig and signature-packet; so we build these onepass
+ * packet here in reverse order 
+ */
 static int
-write_one_signature( IOBUF out, PKT_secret_key *sk, int old_style,
-                     const char *outfile,
-                     GCRY_MD_HD datamd,
-                     int sig_class,
-                     int status_char )
+write_onepass_sig_packets (SK_LIST sk_list, IOBUF out, int sigclass )
 {
-    PKT_signature *sig;
-    GCRY_MD_HD md;
-    int rc;
+    int skcount;
+    SK_LIST sk_rover;
 
-    /* build the signature packet */
-    /* fixme: this code is partly duplicated in make_keysig_packet */
-    sig = gcry_xcalloc( 1, sizeof *sig );
-    sig->version = old_style || opt.force_v3_sigs ? 3 : sk->version;
-    keyid_from_sk( sk, sig->keyid );
-    sig->digest_algo = hash_for(sk->pubkey_algo, sk->version);
-    sig->pubkey_algo = sk->pubkey_algo;
-    sig->timestamp = make_timestamp();
-    sig->sig_class = sig_class;
+    for (skcount=0, sk_rover=sk_list; sk_rover; sk_rover = sk_rover->next)
+        skcount++;
 
-    md = gcry_md_copy( datamd );
-    if( !md )
-        BUG();
-    if( sig->version >= 4 ) {
-        build_sig_subpkt_from_sig( sig );
-        gcry_md_putc( md, sig->version );
-    }
-    
-    mk_notation_and_policy( sig );
-    
-    gcry_md_putc( md, sig->sig_class );
-    if( sig->version < 4 ) {
-        u32 a = sig->timestamp;
-        gcry_md_putc( md, (a >> 24) & 0xff );
-        gcry_md_putc( md, (a >> 16) & 0xff );
-        gcry_md_putc( md, (a >>  8) & 0xff );
-        gcry_md_putc( md,  a	& 0xff );
-    }
-    else {
-        byte buf[6];
-        size_t n;
+    for (; skcount; skcount--) {
+        PKT_secret_key *sk;
+        PKT_onepass_sig *ops;
+        PACKET pkt;
+        int i, rc;
         
-        gcry_md_putc( md, sig->pubkey_algo );
-        gcry_md_putc( md, sig->digest_algo );
-        if( sig->hashed_data ) {
-            n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
-            gcry_md_write( md, sig->hashed_data, n+2 );
-            n += 6;
+        for (i=0, sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
+            if (++i == skcount)
+                break;
         }
-        else {
-            gcry_md_putc( md, 0 );/* always hash the length of the subpacket*/
-            gcry_md_putc( md, 0 );
-            n = 6;
+
+        sk = sk_rover->sk;
+        ops = m_alloc_clear (sizeof *ops);
+        ops->sig_class = sigclass;
+        ops->digest_algo = hash_for (sk->pubkey_algo, sk->version);
+        ops->pubkey_algo = sk->pubkey_algo;
+        keyid_from_sk (sk, ops->keyid);
+        ops->last = (skcount == 1);
+        
+        init_packet(&pkt);
+        pkt.pkttype = PKT_ONEPASS_SIG;
+        pkt.pkt.onepass_sig = ops;
+        rc = build_packet (out, &pkt);
+        free_packet (&pkt);
+        if (rc) {
+            log_error ("build onepass_sig packet failed: %s\n",
+                       g10_errstr(rc));
+            return rc;
         }
-        /* add some magic */
-        buf[0] = sig->version;
-        buf[1] = 0xff;
-        buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
-        buf[3] = n >> 16;
-        buf[4] = n >>  8;
-        buf[5] = n;
-        gcry_md_write( md, buf, 6 );
     }
-    gcry_md_final( md );
 
-    rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo, sk->version) );
-    gcry_md_close( md );
-    /* Hmmm: Do we release sig in case of rc != 0? */
-    
-    if( !rc ) { /* and write it */
-        PACKET pkt;
+    return 0;
+}
 
-        init_packet(&pkt);
-        pkt.pkttype = PKT_SIGNATURE;
-        pkt.pkt.signature = sig;
-        rc = build_packet( out, &pkt );
-        if( !rc && is_status_enabled() ) {
-            print_status_sig_created ( sk, sig, status_char );       
+/*
+ * Helper to write the plaintext (literal data) packet
+ */
+static int
+write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
+{
+    PKT_plaintext *pt = NULL;
+    u32 filesize;
+    int rc = 0;
+
+    if (!opt.no_literal) {
+        if (fname || opt.set_filename) {
+            char *s = make_basename (opt.set_filename? opt.set_filename
+                                                     : fname);
+            pt = m_alloc (sizeof *pt + strlen(s) - 1);
+            pt->namelen = strlen (s);
+            memcpy (pt->name, s, pt->namelen);
+            m_free (s);
+        }
+        else { /* no filename */
+            pt = m_alloc (sizeof *pt - 1);
+            pt->namelen = 0;
         }
-        free_packet( &pkt );
-        if( rc )
-            log_error("build signature packet failed: %s\n", gpg_errstr(rc) );
     }
 
+    /* try to calculate the length of the data */
+    if (fname) {
+        if( !(filesize = iobuf_get_filelength(inp)) )
+            log_info (_("WARNING: `%s' is an empty file\n"), fname);
+
+        /* we can't yet encode the length of very large files,
+         * so we switch to partial length encoding in this case */
+        if (filesize >= IOBUF_FILELENGTH_LIMIT)
+            filesize = 0;
+
+        /* because the text_filter modifies the length of the
+         * data, it is not possible to know the used length
+         * without a double read of the file - to avoid that
+         * we simple use partial length packets.
+         */
+        if ( ptmode == 't' )
+            filesize = 0;
+    }
+    else {
+        filesize = opt.set_filesize? opt.set_filesize : 0; /* stdin */
+    }
+
+    if (!opt.no_literal) {
+        PACKET pkt;
+
+        pt->timestamp = make_timestamp ();
+        pt->mode = ptmode;
+        pt->len = filesize;
+        pt->new_ctb = !pt->len && !opt.rfc1991;
+        pt->buf = inp;
+        init_packet(&pkt);
+        pkt.pkttype = PKT_PLAINTEXT;
+        pkt.pkt.plaintext = pt;
+        /*cfx.datalen = filesize? calc_packet_length( &pkt ) : 0;*/
+        if( (rc = build_packet (out, &pkt)) )
+            log_error ("build_packet(PLAINTEXT) failed: %s\n",
+                       g10_errstr(rc) );
+        pt->buf = NULL;
+    }
+    else {
+        byte copy_buffer[4096];
+        int  bytes_copied;
+
+        while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1)
+            if (iobuf_write(out, copy_buffer, bytes_copied) == -1) {
+                rc = G10ERR_WRITE_FILE;
+                log_error ("copying input to output failed: %s\n",
+                           g10_errstr(rc));
+                break;
+            }
+        memset(copy_buffer, 0, 4096); /* burn buffer */
+    }
+    /* fixme: it seems that we never freed pt/pkt */
+    
     return rc;
 }
 
+/*
+ * Write the signatures from the SK_LIST to OUT. HASH must be a non-finalized
+ * hash which will not be changes here.
+ */
+static int
+write_signature_packets (SK_LIST sk_list, IOBUF out, MD_HANDLE hash,
+                         int sigclass, u32 timestamp, u32 duration,
+			 int status_letter)
+{
+    SK_LIST sk_rover;
+
+    /* loop over the secret certificates */
+    for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) {
+	PKT_secret_key *sk;
+	PKT_signature *sig;
+	MD_HANDLE md;
+        int rc;
+
+	sk = sk_rover->sk;
+
+	/* build the signature packet */
+	sig = m_alloc_clear (sizeof *sig);
+	if(opt.force_v3_sigs || opt.rfc1991)
+	  sig->version=3;
+	else if(duration || opt.sig_policy_url || opt.sig_notation_data)
+	  sig->version=4;
+	else
+	  sig->version=sk->version;
+	keyid_from_sk (sk, sig->keyid);
+	sig->digest_algo = hash_for (sk->pubkey_algo, sk->version);
+	sig->pubkey_algo = sk->pubkey_algo;
+	if(timestamp)
+	  sig->timestamp = timestamp;
+	else
+	  sig->timestamp = make_timestamp();
+	if(duration)
+	  sig->expiredate = sig->timestamp+duration;
+	sig->sig_class = sigclass;
+
+	md = md_copy (hash);
+
+	if (sig->version >= 4)
+	    build_sig_subpkt_from_sig (sig);
+	mk_notation_and_policy (sig, NULL, sk);
+
+        hash_sigversion_to_magic (md, sig);
+	md_final (md);
+
+	rc = do_sign( sk, sig, md, hash_for (sig->pubkey_algo, sk->version) );
+	md_close (md);
+
+	if( !rc ) { /* and write it */
+            PACKET pkt;
+
+	    init_packet(&pkt);
+	    pkt.pkttype = PKT_SIGNATURE;
+	    pkt.pkt.signature = sig;
+	    rc = build_packet (out, &pkt);
+	    if (!rc && is_status_enabled()) {
+		print_status_sig_created ( sk, sig, status_letter);
+	    }
+	    free_packet (&pkt);
+	    if (rc)
+		log_error ("build signature packet failed: %s\n",
+                           g10_errstr(rc) );
+	}
+	if( rc )
+	    return rc;;
+    }
+
+    return 0;
+}
 
 /****************
  * Sign the files whose names are in FILENAME.
@@ -362,7 +591,7 @@ write_one_signature( IOBUF out, PKT_secret_key *sk, int old_style,
  * make a detached signature.  If FILENAMES->d is NULL read from stdin
  * and ignore the detached mode.  Sign the file with all secret keys
  * which can be taken from LOCUSR, if this is NULL, use the default one
- * If ENCRYPT is true, use REMUSER (or ask if it is NULL) to encrypt the
+ * If ENCRYPTFLAG is true, use REMUSER (or ask if it is NULL) to encrypt the
  * signed data for these users.
  * If OUTFILE is not NULL; this file is used for output and the function
  * does not ask for overwrite permission; output is then always
@@ -370,7 +599,7 @@ write_one_signature( IOBUF out, PKT_secret_key *sk, int old_style,
  */
 int
 sign_file( STRLIST filenames, int detached, STRLIST locusr,
-	   int encrypt, STRLIST remusr, const char *outfile )
+	   int encryptflag, STRLIST remusr, const char *outfile )
 {
     const char *fname;
     armor_filter_context_t afx;
@@ -380,16 +609,12 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
     encrypt_filter_context_t efx;
     IOBUF inp = NULL, out = NULL;
     PACKET pkt;
-    PKT_plaintext *pt = NULL;
-    u32 filesize;
     int rc = 0;
     PK_LIST pk_list = NULL;
     SK_LIST sk_list = NULL;
     SK_LIST sk_rover = NULL;
     int multifile = 0;
-    int old_style = opt.rfc1991;
-    int compr_algo = -1; /* unknown */
-
+    u32 timestamp=0,duration=0;
 
     memset( &afx, 0, sizeof afx);
     memset( &zfx, 0, sizeof zfx);
@@ -405,20 +630,25 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
     else
 	fname = NULL;
 
-    if( fname && filenames->next && (!detached || encrypt) )
+    if( fname && filenames->next && (!detached || encryptflag) )
 	log_bug("multiple files can only be detached signed");
 
-    if( (rc=build_sk_list( locusr, &sk_list, 1, GCRY_PK_USAGE_SIGN )) )
+    if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !opt.rfc1991)
+      duration=ask_expire_interval(1);
+
+    if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
 	goto leave;
-    if( !old_style )
-	old_style = only_old_style( sk_list );
 
-    if( encrypt ) {
-	if( (rc=build_pk_list( remusr, &pk_list, GCRY_PK_USAGE_ENCR )) )
-	    goto leave;
-	if( !old_style )
-	    compr_algo = select_algo_from_prefs( pk_list, PREFTYPE_COMPR );
-    }
+    if(opt.pgp2 && !only_old_style(sk_list))
+      {
+	log_info(_("you can only detach-sign with PGP 2.x style keys "
+		   "while in --pgp2 mode\n"));
+	log_info(_("this message may not be usable by PGP 2.x\n"));
+	opt.pgp2=0;
+      }
+
+    if(encryptflag && (rc=build_pk_list( remusr, &pk_list, PUBKEY_USAGE_ENC )))
+      goto leave;
 
     /* prepare iobufs */
     if( multifile )  /* have list of filenames */
@@ -426,14 +656,14 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
     else if( !(inp = iobuf_open(fname)) ) {
 	log_error("can't open %s: %s\n", fname? fname: "[stdin]",
 					strerror(errno) );
-	rc = GPGERR_OPEN_FILE;
+	rc = G10ERR_OPEN_FILE;
 	goto leave;
     }
 
     if( outfile ) {
 	if( !(out = iobuf_create( outfile )) ) {
 	    log_error(_("can't create %s: %s\n"), outfile, strerror(errno) );
-	    rc = GPGERR_CREATE_FILE;
+	    rc = G10ERR_CREATE_FILE;
 	    goto leave;
 	}
 	else if( opt.verbose )
@@ -445,92 +675,108 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
     /* prepare to calculate the MD over the input */
     if( opt.textmode && !outfile )
 	iobuf_push_filter( inp, text_filter, &tfx );
-    if( !(mfx.md = gcry_md_open(0, 0)))
-	BUG();
+    mfx.md = md_open(0, 0);
+
+   /* If we're encrypting and signing, it is reasonable to pick the
+       hash algorithm to use out of the recepient key prefs. */
+    if(pk_list)
+      {
+	if(opt.def_digest_algo)
+	  {
+	    if(!opt.expert &&
+	       select_algo_from_prefs(pk_list,PREFTYPE_HASH,
+				      opt.def_digest_algo,
+				      NULL)!=opt.def_digest_algo)
+	  log_info(_("forcing digest algorithm %s (%d) "
+		     "violates recipient preferences\n"),
+		   digest_algo_to_string(opt.def_digest_algo),
+		   opt.def_digest_algo);
+	  }
+	else
+	  {
+	    int hashlen=0,algo;
+
+	    /* Of course, if the recipient asks for something
+	       unreasonable (like a non-160-bit hash for DSA, for
+	       example), then don't do it.  Check all sk's - if any
+	       are DSA, then the hash must be 160-bit.  In the future
+	       this can be more complex with different hashes for each
+	       sk, but so long as there is only one signing algorithm
+	       with hash restrictions, this is ok. -dms */
+
+	    for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
+	      if(sk_rover->sk->pubkey_algo==PUBKEY_ALGO_DSA)
+		hashlen=20;
+
+	    if((algo=
+		select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,&hashlen))>0)
+	      recipient_digest_algo=algo;
+	  }
+      }
 
     for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
 	PKT_secret_key *sk = sk_rover->sk;
-	gcry_md_enable(mfx.md, hash_for(sk->pubkey_algo, sk->version ));
+	md_enable(mfx.md, hash_for(sk->pubkey_algo, sk->version ));
     }
 
     if( !multifile )
 	iobuf_push_filter( inp, md_filter, &mfx );
 
-    if( detached && !encrypt && !opt.rfc1991 )
+    if( detached && !encryptflag && !opt.rfc1991 )
 	afx.what = 2;
 
     if( opt.armor && !outfile  )
 	iobuf_push_filter( out, armor_filter, &afx );
-  #ifdef ENABLE_COMMENT_PACKETS
-    else {
-	write_comment( out, "#created by GNUPG v" VERSION " ("
-					    PRINTABLE_OS_NAME ")");
-	if( opt.comment_string )
-	    write_comment( out, opt.comment_string );
-    }
-  #endif
-    if( encrypt ) {
+
+    if( encryptflag ) {
 	efx.pk_list = pk_list;
 	/* fixme: set efx.cfx.datalen if known */
 	iobuf_push_filter( out, encrypt_filter, &efx );
     }
 
-    /* Select a compress algorithm */
-    if( opt.compress && !outfile && ( !detached || opt.compress_sigs) ) {
-	if( !compr_algo )
-	    ; /* don't use compression */
-	else {
-	    if( old_style
-		|| compr_algo == 1
-		|| (compr_algo == -1 && !encrypt) )
-		zfx.algo = 1; /* use the non optional algorithm */
+    if( opt.compress && !outfile && ( !detached || opt.compress_sigs) )
+      {
+        int compr_algo=opt.def_compress_algo;
+
+	/* If not forced by user */
+	if(compr_algo==-1)
+	  {
+	    /* If we're not encrypting, then select_algo_from_prefs
+	       will fail and we'll end up with the default.  If we are
+	       encrypting, select_algo_from_prefs cannot fail since
+	       there is an assumed preference for uncompressed data.
+	       Still, if it did fail, we'll also end up with the
+	       default. */
+ 
+	    if((compr_algo=
+		select_algo_from_prefs(pk_list,PREFTYPE_ZIP,-1,NULL))==-1)
+	      compr_algo=DEFAULT_COMPRESS_ALGO;
+	  }
+ 	else if(!opt.expert &&
+ 		select_algo_from_prefs(pk_list,PREFTYPE_ZIP,
+ 				       compr_algo,NULL)!=compr_algo)
+ 	  log_info(_("forcing compression algorithm %s (%d) "
+ 		     "violates recipient preferences\n"),
+ 		   compress_algo_to_string(compr_algo),compr_algo);
+
+	/* algo 0 means no compression */
+	if( compr_algo )
+	  {
+	    zfx.algo = compr_algo;
 	    iobuf_push_filter( out, compress_filter, &zfx );
-	}
-    }
-
-    /* Build one-pass signature packets when needed */
-    if( !detached && !old_style ) {
-	int skcount=0;
-	/* loop over the secret certificates and build headers
-	 * The specs now say that the data should be bracket by
-	 * the onepass-sig and signature-packet; so we must build it
-	 * here in reverse order */
-	for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
-	    skcount++;
-	for( ; skcount; skcount-- ) {
-	    PKT_secret_key *sk;
-	    PKT_onepass_sig *ops;
-	    int i = 0;
-
-	    for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
-		if( ++i == skcount )
-		    break;
-
-	    sk = sk_rover->sk;
-	    ops = gcry_xcalloc( 1, sizeof *ops );
-	    ops->sig_class = opt.textmode && !outfile ? 0x01 : 0x00;
-	    ops->digest_algo = hash_for(sk->pubkey_algo, sk->version);
-	    ops->pubkey_algo = sk->pubkey_algo;
-	    keyid_from_sk( sk, ops->keyid );
-	    ops->last = skcount == 1;
-
-	    init_packet(&pkt);
-	    pkt.pkttype = PKT_ONEPASS_SIG;
-	    pkt.pkt.onepass_sig = ops;
-	    rc = build_packet( out, &pkt );
-	    free_packet( &pkt );
-	    if( rc ) {
-		log_error("build onepass_sig packet failed: %s\n",
-							gpg_errstr(rc));
-		goto leave;
-	    }
-	}
+	  }
+      }
+
+    /* Write the one-pass signature packets if needed */
+    if (!detached && !opt.rfc1991) {
+        rc = write_onepass_sig_packets (sk_list, out,
+                                        opt.textmode && !outfile ? 0x01:0x00);
+        if (rc)
+            goto leave;
     }
 
     /* setup the inner packet */
     if( detached ) {
-        /* this is pretty much the same for old and new PGP.  So no
-         * need to cope with different packet ordering */
 	if( multifile ) {
 	    STRLIST sl;
 
@@ -542,7 +788,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
 		if( !(inp = iobuf_open(sl->d)) ) {
 		    log_error(_("can't open %s: %s\n"),
 					    sl->d, strerror(errno) );
-		    rc = GPGERR_OPEN_FILE;
+		    rc = G10ERR_OPEN_FILE;
 		    goto leave;
 		}
 		if( opt.verbose )
@@ -562,92 +808,35 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
 	}
     }
     else {
-        /* get the filename to be stored into the literal datapacket */
-	if (!opt.no_literal) {
-	    if( fname || opt.set_filename ) {
-		char *s = make_basename( opt.set_filename ?
-                                         opt.set_filename : fname );
-		pt = gcry_xmalloc( sizeof *pt + strlen(s) - 1 );
-		pt->namelen = strlen(s);
-		memcpy(pt->name, s, pt->namelen );
-		gcry_free(s);
-	    }
-	    else { /* no filename */
-		pt = gcry_xmalloc( sizeof *pt - 1 );
-		pt->namelen = 0;
-	    }
-	}
-
-	if( fname ) {
-	    if( !(filesize = iobuf_get_filelength(inp)) )
-		log_info(_("WARNING: `%s' is an empty file\n"), fname );
-            /* we can't yet encode the length of very large files,
-             * so we switch to partial length encoding in this case */
-            if ( filesize >= IOBUF_FILELENGTH_LIMIT )
-                filesize = 0;
-
-	    /* Because the text_filter modifies the length of the
-	     * data, it is not possible to know the used length
-	     * without a double read of the file - to avoid that
-	     * we simple use partial length packets.
-	     */
-	    if( opt.textmode && !outfile )
-		filesize = 0;
-	}
-	else
-	    filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
-
-	if (!opt.no_literal) {
-	    pt->timestamp = make_timestamp();
-	    pt->mode = opt.textmode && !outfile ? 't':'b';
-	    pt->len = filesize;
-	    pt->new_ctb = !pt->len && !opt.rfc1991;
-	    pt->buf = inp;
-	    pkt.pkttype = PKT_PLAINTEXT;
-	    pkt.pkt.plaintext = pt;
-	    /*cfx.datalen = filesize? calc_packet_length( &pkt ) : 0;*/
-	    if( (rc = build_packet( out, &pkt )) )
-		log_error("build_packet(PLAINTEXT) failed: %s\n",
-                          gpg_errstr(rc) );
-	    pt->buf = NULL;
-	}
-	else {
-	    byte copy_buffer[4096];
-	    int  bytes_copied;
-	    while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1)
-		if (iobuf_write(out, copy_buffer, bytes_copied) == -1) {
-		    rc = GPGERR_WRITE_FILE;
-		    log_error("copying input to output failed: %s\n",
-                              gpg_errstr(rc));
-		    break;
-		}
-	    memset(copy_buffer, 0, 4096); /* burn buffer */
-	}
+        rc = write_plaintext_packet (out, inp, fname,
+                                     opt.textmode && !outfile ? 't':'b');
     }
 
     /* catch errors from above */
     if (rc)
 	goto leave;
 
-    /* write all the signature packets */
-    for( sk_rover = sk_list; sk_rover && !rc ; sk_rover = sk_rover->next ) {
-        rc = write_one_signature( out, sk_rover->sk,
-                                  old_style, outfile, mfx.md,
+    /* write the signatures */
+    rc = write_signature_packets (sk_list, out, mfx.md,
                                   opt.textmode && !outfile? 0x01 : 0x00,
-                                  detached ? 'D':'S' );
-    }
+				  timestamp, duration, detached ? 'D':'S');
+    if( rc )
+        goto leave;
 
 
   leave:
     if( rc )
 	iobuf_cancel(out);
-    else
+    else {
 	iobuf_close(out);
+        if (encryptflag)
+            write_status( STATUS_END_ENCRYPTION );
+    }
     iobuf_close(inp);
-    gcry_md_close( mfx.md );
+    md_close( mfx.md );
     release_sk_list( sk_list );
     release_pk_list( pk_list );
-    /* FIXME: Did we release the efx.cfx.dek ? */
+    recipient_digest_algo=0;
     return rc;
 }
 
@@ -660,7 +849,7 @@ int
 clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
 {
     armor_filter_context_t afx;
-    GCRY_MD_HD textmd = NULL;
+    MD_HANDLE textmd = NULL;
     IOBUF inp = NULL, out = NULL;
     PACKET pkt;
     int rc = 0;
@@ -668,27 +857,40 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
     SK_LIST sk_rover = NULL;
     int old_style = opt.rfc1991;
     int only_md5 = 0;
+    u32 timestamp=0,duration=0;
 
     memset( &afx, 0, sizeof afx);
     init_packet( &pkt );
 
-    if( (rc=build_sk_list( locusr, &sk_list, 1, GCRY_PK_USAGE_SIGN )) )
+    if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !opt.rfc1991)
+      duration=ask_expire_interval(1);
+
+    if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
 	goto leave;
-    if( !old_style )
+
+    if( !old_style && !duration )
 	old_style = only_old_style( sk_list );
 
+    if(!old_style && opt.pgp2)
+      {
+	log_info(_("you can only clearsign with PGP 2.x style keys "
+		   "while in --pgp2 mode\n"));
+	log_info(_("this message may not be usable by PGP 2.x\n"));
+	opt.pgp2=0;
+      }
+
     /* prepare iobufs */
     if( !(inp = iobuf_open(fname)) ) {
 	log_error("can't open %s: %s\n", fname? fname: "[stdin]",
 					strerror(errno) );
-	rc = GPGERR_OPEN_FILE;
+	rc = G10ERR_OPEN_FILE;
 	goto leave;
     }
 
     if( outfile ) {
 	if( !(out = iobuf_create( outfile )) ) {
 	    log_error(_("can't create %s: %s\n"), outfile, strerror(errno) );
-	    rc = GPGERR_CREATE_FILE;
+	    rc = G10ERR_CREATE_FILE;
 	    goto leave;
 	}
 	else if( opt.verbose )
@@ -701,7 +903,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
 
     for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
 	PKT_secret_key *sk = sk_rover->sk;
-	if( hash_for(sk->pubkey_algo, sk->version) == GCRY_MD_MD5 )
+	if( hash_for(sk->pubkey_algo, sk->version) == DIGEST_ALGO_MD5 )
 	    only_md5 = 1;
 	else {
 	    only_md5 = 0;
@@ -709,9 +911,8 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
 	}
     }
 
-    if( old_style && only_md5 )
-	iobuf_writestr(out, "\n" );
-    else {
+    if( !(old_style && only_md5) ) {
+	const char *s;
 	int any = 0;
 	byte hashs_seen[256];
 
@@ -722,33 +923,32 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
 	    int i = hash_for(sk->pubkey_algo, sk->version);
 
 	    if( !hashs_seen[ i & 0xff ] ) {
-		if( !openpgp_md_test_algo( i ) ) {
+		s = digest_algo_to_string( i );
+		if( s ) {
 		    hashs_seen[ i & 0xff ] = 1;
 		    if( any )
 			iobuf_put(out, ',' );
-		    iobuf_writestr(out, gcry_md_algo_name( i ) );
+		    iobuf_writestr(out, s );
 		    any = 1;
 		}
 	    }
 	}
 	assert(any);
-	iobuf_writestr(out, "\n" );
-	if( opt.not_dash_escaped )
-	    iobuf_writestr( out,
-		"NotDashEscaped: You need GnuPG to verify this message\n" );
-	iobuf_writestr(out, "\n" );
+	iobuf_writestr(out, LF );
     }
 
+    if( opt.not_dash_escaped )
+      iobuf_writestr( out,
+		  "NotDashEscaped: You need GnuPG to verify this message" LF );
+    iobuf_writestr(out, LF );
 
-    textmd = gcry_md_open(0, 0);
-    if( !textmd )
-	BUG();
+    textmd = md_open(0, 0);
     for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
 	PKT_secret_key *sk = sk_rover->sk;
-	gcry_md_enable(textmd, hash_for(sk->pubkey_algo, sk->version));
+	md_enable(textmd, hash_for(sk->pubkey_algo, sk->version));
     }
     if ( DBG_HASHING )
-	gcry_md_start_debug( textmd, "clearsign" );
+	md_start_debug( textmd, "clearsign" );
     copy_clearsig_text( out, inp, textmd,
 			!opt.not_dash_escaped, opt.escape_from, old_style );
     /* fixme: check for read errors */
@@ -757,13 +957,11 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
     afx.what = 2;
     iobuf_push_filter( out, armor_filter, &afx );
 
-    /* write all the signature packets */
-    for( sk_rover = sk_list; sk_rover && !rc ; sk_rover = sk_rover->next ) {
-        rc = write_one_signature( out, sk_rover->sk,
-                                  old_style, outfile, textmd,
-                                  0x01,
-                                  'C' );
-    }
+    /* write the signatures */
+    rc = write_signature_packets (sk_list, out, textmd, 0x01,
+				  timestamp, duration, 'C');
+    if( rc )
+        goto leave;
 
   leave:
     if( rc )
@@ -771,68 +969,249 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
     else
 	iobuf_close(out);
     iobuf_close(inp);
-    gcry_md_close( textmd );
+    md_close( textmd );
     release_sk_list( sk_list );
     return rc;
 }
 
+/*
+ * Sign and conventionally encrypt the given file.
+ * FIXME: Far too much code is duplicated - revamp the whole file.
+ */
+int
+sign_symencrypt_file (const char *fname, STRLIST locusr)
+{
+    armor_filter_context_t afx;
+    compress_filter_context_t zfx;
+    md_filter_context_t mfx;
+    text_filter_context_t tfx;
+    cipher_filter_context_t cfx;
+    IOBUF inp = NULL, out = NULL;
+    PACKET pkt;
+    STRING2KEY *s2k = NULL;
+    int rc = 0;
+    SK_LIST sk_list = NULL;
+    SK_LIST sk_rover = NULL;
+    int algo;
+    u32 timestamp=0,duration=0;
+
+    memset( &afx, 0, sizeof afx);
+    memset( &zfx, 0, sizeof zfx);
+    memset( &mfx, 0, sizeof mfx);
+    memset( &tfx, 0, sizeof tfx);
+    memset( &cfx, 0, sizeof cfx);
+    init_packet( &pkt );
+
+    if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !opt.rfc1991)
+      duration=ask_expire_interval(1);
+
+    rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG);
+    if (rc) 
+	goto leave;
+
+    /* prepare iobufs */
+    inp = iobuf_open(fname);
+    if( !inp ) {
+	log_error("can't open %s: %s\n", fname? fname: "[stdin]",
+					strerror(errno) );
+	rc = G10ERR_OPEN_FILE;
+	goto leave;
+    }
+
+    /* prepare key */
+    s2k = m_alloc_clear( sizeof *s2k );
+    s2k->mode = opt.rfc1991? 0:opt.s2k_mode;
+    s2k->hash_algo = opt.def_digest_algo ? opt.def_digest_algo
+	                                 : opt.s2k_digest_algo;
+
+    algo = opt.def_cipher_algo ? opt.def_cipher_algo : opt.s2k_cipher_algo;
+    if (!opt.quiet || !opt.batch)
+        log_info (_("%s encryption will be used\n"),
+		    cipher_algo_to_string(algo) );
+    cfx.dek = passphrase_to_dek( NULL, 0, algo, s2k, 2, NULL );
+
+    if (!cfx.dek || !cfx.dek->keylen) {
+        rc = G10ERR_PASSPHRASE;
+        log_error(_("error creating passphrase: %s\n"), g10_errstr(rc) );
+        goto leave;
+    }
+
+    /* now create the outfile */
+    rc = open_outfile (fname, opt.armor? 1:0, &out);
+    if (rc)
+	goto leave;
+
+    /* prepare to calculate the MD over the input */
+    if (opt.textmode)
+	iobuf_push_filter (inp, text_filter, &tfx);
+    mfx.md = md_open(0, 0);
+
+    for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) {
+	PKT_secret_key *sk = sk_rover->sk;
+	md_enable (mfx.md, hash_for (sk->pubkey_algo, sk->version ));
+    }
+
+    iobuf_push_filter (inp, md_filter, &mfx);
+
+    /* Push armor output filter */
+    if (opt.armor)
+	iobuf_push_filter (out, armor_filter, &afx);
+
+    /* Write the symmetric key packet */
+    /*(current filters: armor)*/
+    if (!opt.rfc1991) {
+	PKT_symkey_enc *enc = m_alloc_clear( sizeof *enc );
+	enc->version = 4;
+	enc->cipher_algo = cfx.dek->algo;
+	enc->s2k = *s2k;
+	pkt.pkttype = PKT_SYMKEY_ENC;
+	pkt.pkt.symkey_enc = enc;
+	if( (rc = build_packet( out, &pkt )) )
+	    log_error("build symkey packet failed: %s\n", g10_errstr(rc) );
+	m_free(enc);
+    }
+
+    /* Push the encryption filter */
+    iobuf_push_filter( out, cipher_filter, &cfx );
+
+    /* Push the Zip filter */
+    if (opt.compress)
+      {
+	int compr_algo=opt.def_compress_algo;
+
+	/* Default */
+        if(compr_algo==-1)
+	  compr_algo=DEFAULT_COMPRESS_ALGO;
+
+	if (compr_algo)
+	  {
+	    zfx.algo = compr_algo;
+	    iobuf_push_filter( out, compress_filter, &zfx );
+	  }
+      }
+
+    /* Write the one-pass signature packets */
+    /*(current filters: zip - encrypt - armor)*/
+    if (!opt.rfc1991) {
+        rc = write_onepass_sig_packets (sk_list, out,
+                                        opt.textmode? 0x01:0x00);
+        if (rc)
+            goto leave;
+    }
+
+    /* Pipe data through all filters; i.e. write the signed stuff */
+    /*(current filters: zip - encrypt - armor)*/
+    rc = write_plaintext_packet (out, inp, fname, opt.textmode ? 't':'b');
+    if (rc)
+	goto leave;
+    
+    /* Write the signatures */
+    /*(current filters: zip - encrypt - armor)*/
+    rc = write_signature_packets (sk_list, out, mfx.md,
+				  opt.textmode? 0x01 : 0x00,
+				  timestamp, duration, 'S');
+    if( rc )
+        goto leave;
+
+
+  leave:
+    if( rc )
+	iobuf_cancel(out);
+    else {
+	iobuf_close(out);
+        write_status( STATUS_END_ENCRYPTION );
+    }
+    iobuf_close(inp);
+    release_sk_list( sk_list );
+    md_close( mfx.md );
+    m_free(cfx.dek);
+    m_free(s2k);
+    return rc;
+}
+
 
 /****************
- * Create a signature packet for the given public key certificate
- * and the user id and return it in ret_sig. User signature class SIGCLASS
- * user-id is not used (and may be NULL if sigclass is 0x20)
- * If digest_algo is 0 the function selects an appropriate one.
- */
+ * Create a signature packet for the given public key certificate and
+ * the user id and return it in ret_sig. User signature class SIGCLASS
+ * user-id is not used (and may be NULL if sigclass is 0x20) If
+ * DIGEST_ALGO is 0 the function selects an appropriate one.
+ * SIGVERSION gives the minimal required signature packet version;
+ * this is needed so that special properties like local sign are not
+ * applied (actually: dropped) when a v3 key is used.  TIMESTAMP is
+ * the timestamp to use for the signature. 0 means "now" */
 int
 make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
 		    PKT_user_id *uid, PKT_public_key *subpk,
 		    PKT_secret_key *sk,
 		    int sigclass, int digest_algo,
+                    int sigversion, u32 timestamp, u32 duration,
 		    int (*mksubpkt)(PKT_signature *, void *), void *opaque
 		   )
 {
     PKT_signature *sig;
     int rc=0;
-    GCRY_MD_HD md;
+    MD_HANDLE md;
 
-    assert( (sigclass >= 0x10 && sigclass <= 0x13)
+    assert( (sigclass >= 0x10 && sigclass <= 0x13) || sigclass == 0x1F
 	    || sigclass == 0x20 || sigclass == 0x18
 	    || sigclass == 0x30 || sigclass == 0x28 );
-    if( !digest_algo ) {
-	switch( sk->pubkey_algo ) {
-	  case GCRY_PK_DSA: digest_algo = GCRY_MD_SHA1; break;
-	  case GCRY_PK_RSA_S:
-	  case GCRY_PK_RSA: digest_algo = GCRY_MD_MD5; break;
-	  default:		digest_algo = GCRY_MD_RMD160; break;
-	}
-    }
-    if( !(md = gcry_md_open( digest_algo, 0 )))
-	BUG();
+
+    if (opt.force_v4_certs)
+        sigversion = 4;
+
+    if (sigversion < sk->version)
+        sigversion = sk->version;
+
+    /* If you are making a signature on a v4 key using your v3 key, it
+       doesn't make sense to generate a v3 sig.  After all, no v3-only
+       PGP implementation could understand the v4 key in the first
+       place. */
+    if (sigversion < pk->version)
+        sigversion = pk->version;
+
+    if( !digest_algo )
+      {
+	/* Basically, this means use SHA1 always unless it's a v3 RSA
+	   key making a v3 cert (use MD5), or the user specified
+	   something (use whatever they said).  They still must use a
+	   160-bit hash with DSA, or the signature will fail.  Note
+	   that this still allows the caller of make_keysig_packet to
+	   override the user setting if it must. */
+
+	if(opt.cert_digest_algo)
+	  digest_algo=opt.cert_digest_algo;
+	else if((sk->pubkey_algo==PUBKEY_ALGO_RSA ||
+		 sk->pubkey_algo==PUBKEY_ALGO_RSA_S) &&
+		pk->version<4 && sigversion < 4)
+	  digest_algo = DIGEST_ALGO_MD5;
+	else
+	  digest_algo = DIGEST_ALGO_SHA1;
+      }
+
+    md = md_open( digest_algo, 0 );
 
     /* hash the public key certificate and the user id */
     hash_public_key( md, pk );
     if( sigclass == 0x18 || sigclass == 0x28 ) { /* subkey binding/revocation*/
 	hash_public_key( md, subpk );
     }
-    else if( sigclass != 0x20 ) {
-	if( sk->version >=4 ) {
-	    byte buf[5];
-	    buf[0] = 0xb4;	      /* indicates a userid packet */
-	    buf[1] = uid->len >> 24;  /* always use 4 length bytes */
-	    buf[2] = uid->len >> 16;
-	    buf[3] = uid->len >>  8;
-	    buf[4] = uid->len;
-	    gcry_md_write( md, buf, 5 );
-	}
-	gcry_md_write( md, uid->name, uid->len );
+    else if( sigclass != 0x1F && sigclass != 0x20 ) {
+        hash_uid (md, sigversion, uid);
     }
     /* and make the signature packet */
-    sig = gcry_xcalloc( 1, sizeof *sig );
-    sig->version = sk->version;
+    sig = m_alloc_clear( sizeof *sig );
+    sig->version = sigversion;
+    sig->flags.exportable=1;
+    sig->flags.revocable=1;
     keyid_from_sk( sk, sig->keyid );
     sig->pubkey_algo = sk->pubkey_algo;
     sig->digest_algo = digest_algo;
-    sig->timestamp = make_timestamp();
+    if(timestamp)
+      sig->timestamp=timestamp;
+    else
+      sig->timestamp=make_timestamp();
+    if(duration)
+      sig->expiredate=sig->timestamp+duration;
     sig->sig_class = sigclass;
     if( sig->version >= 4 )
 	build_sig_subpkt_from_sig( sig );
@@ -841,49 +1220,14 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
 	rc = (*mksubpkt)( sig, opaque );
 
     if( !rc ) {
-	mk_notation_and_policy( sig );
-	if( sig->version >= 4 )
-	    gcry_md_putc( md, sig->version );
-	gcry_md_putc( md, sig->sig_class );
-	if( sig->version < 4 ) {
-	    u32 a = sig->timestamp;
-	    gcry_md_putc( md, (a >> 24) & 0xff );
-	    gcry_md_putc( md, (a >> 16) & 0xff );
-	    gcry_md_putc( md, (a >>  8) & 0xff );
-	    gcry_md_putc( md,  a	& 0xff );
-	}
-	else {
-	    byte buf[6];
-	    size_t n;
-
-	    gcry_md_putc( md, sig->pubkey_algo );
-	    gcry_md_putc( md, sig->digest_algo );
-	    if( sig->hashed_data ) {
-		n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
-		gcry_md_write( md, sig->hashed_data, n+2 );
-		n += 6;
-	    }
-	    else {
-		gcry_md_putc( md, 0 );	/* always hash the length of the subpacket*/
-		gcry_md_putc( md, 0 );
-		n = 6;
-	    }
-	    /* add some magic */
-	    buf[0] = sig->version;
-	    buf[1] = 0xff;
-	    buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
-	    buf[3] = n >> 16;
-	    buf[4] = n >>  8;
-	    buf[5] = n;
-	    gcry_md_write( md, buf, 6 );
-
-	}
-	gcry_md_final(md);
+	mk_notation_and_policy( sig, pk, sk );
+        hash_sigversion_to_magic (md, sig);
+	md_final(md);
 
 	rc = complete_sig( sig, sk, md );
     }
 
-    gcry_md_close( md );
+    md_close( md );
     if( rc )
 	free_seckey_enc( sig );
     else
@@ -892,3 +1236,63 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
 }
 
 
+
+/****************
+ * Create a new signature packet based on an existing one.
+ * Only user ID signatures are supported for now.
+ * TODO: Merge this with make_keysig_packet.
+ */
+int
+update_keysig_packet( PKT_signature **ret_sig,
+                      PKT_signature *orig_sig,
+                      PKT_public_key *pk,
+                      PKT_user_id *uid, 
+                      PKT_secret_key *sk,
+                      int (*mksubpkt)(PKT_signature *, void *),
+                      void *opaque
+		   )
+{
+    PKT_signature *sig;
+    int rc=0;
+    MD_HANDLE md;
+
+    if (!orig_sig || !pk || !uid || !sk)
+        return G10ERR_GENERAL;
+    if (orig_sig->sig_class < 0x10 || orig_sig->sig_class > 0x13 )
+        return G10ERR_GENERAL;
+
+    md = md_open( orig_sig->digest_algo, 0 );
+
+    /* hash the public key certificate and the user id */
+    hash_public_key( md, pk );
+    hash_uid (md, orig_sig->version, uid);
+
+    /* create a new signature packet */
+    sig = copy_signature (NULL, orig_sig);
+    if ( sig->version >= 4 && mksubpkt)
+	rc = (*mksubpkt)(sig, opaque);
+
+    /* we increase the timestamp by one second so that a future import
+       of this key will replace the existing one.  We also make sure that
+       we don't create a timestamp in the future */
+    sig->timestamp++; 
+    while (sig->timestamp >= make_timestamp())
+        sleep (1);
+    /* put the updated timestamp back into the data */
+    if( sig->version >= 4 )
+	build_sig_subpkt_from_sig( sig );
+
+    if (!rc) {
+        hash_sigversion_to_magic (md, sig);
+	md_final(md);
+
+	rc = complete_sig( sig, sk, md );
+    }
+
+    md_close (md);
+    if( rc )
+	free_seckey_enc (sig);
+    else
+	*ret_sig = sig;
+    return rc;
+}
diff --git a/g10/signal.c b/g10/signal.c
index f61b0a8f8..0517ba648 100644
--- a/g10/signal.c
+++ b/g10/signal.c
@@ -1,5 +1,5 @@
 /* signal.c - signal handling
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -27,9 +27,9 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "options.h"
 #include "errors.h"
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "ttyio.h"
@@ -38,6 +38,36 @@
 static volatile int caught_fatal_sig = 0;
 static volatile int caught_sigusr1 = 0;
 
+static void
+init_one_signal (int sig, RETSIGTYPE (*handler)(int), int check_ign )
+{
+ #ifndef HAVE_DOSISH_SYSTEM
+  #ifdef HAVE_SIGACTION
+    struct sigaction oact, nact;
+
+    if (check_ign) {
+        /* we don't want to change an IGN handler */
+        sigaction (sig, NULL, &oact );
+        if (oact.sa_handler == SIG_IGN )
+            return;
+    }
+
+    nact.sa_handler = handler;
+    sigemptyset (&nact.sa_mask);
+    nact.sa_flags = 0;
+    sigaction ( sig, &nact, NULL);
+  #else 
+    RETSIGTYPE (*ohandler)(int);
+
+    ohandler = signal (sig, handler);
+    if (check_ign && ohandler == SIG_IGN) {
+        /* Change it back if it was already set to IGN */
+        signal (sig, SIG_IGN);
+    }
+  #endif
+ #endif /*!HAVE_DOSISH_SYSTEM*/
+}
+
 static const char *
 get_signal_name( int signum )
 {
@@ -58,23 +88,20 @@ got_fatal_signal( int sig )
 	raise( sig );
     caught_fatal_sig = 1;
 
-    gcry_control( GCRYCTL_TERM_SECMEM );
+    secmem_term();
     /* better don't transtale these messages */
     write(2, "\n", 1 );
     s = log_get_name(); if( s ) write(2, s, strlen(s) );
     write(2, ": ", 2 );
     s = get_signal_name(sig); write(2, s, strlen(s) );
-    write(2, " caught ... exiting\n", 21 );
-
-  #ifndef HAVE_DOSISH_SYSTEM
-    {	/* reset action to default action and raise signal again */
-	struct sigaction nact;
-	nact.sa_handler = SIG_DFL;
-	sigemptyset( &nact.sa_mask );
-	nact.sa_flags = 0;
-	sigaction( sig, &nact, NULL);
-    }
-  #endif
+    write(2, " caught ... exiting\n", 20 );
+
+    /* reset action to default action and raise signal again */
+    init_one_signal (sig, SIG_DFL, 0);
+    remove_lockfiles ();
+#ifdef __riscos__
+    close_fds ();
+#endif /* __riscos__ */
     raise( sig );
 }
 
@@ -85,37 +112,18 @@ got_usr_signal( int sig )
     caught_sigusr1 = 1;
 }
 
-#ifndef HAVE_DOSISH_SYSTEM
-static void
-do_sigaction( int sig, struct sigaction *nact )
-{
-    struct sigaction oact;
-
-    sigaction( sig, NULL, &oact );
-    if( oact.sa_handler != SIG_IGN )
-	sigaction( sig, nact, NULL);
-}
-#endif
 
 void
 init_signals()
 {
   #ifndef HAVE_DOSISH_SYSTEM
-    struct sigaction nact;
-
-    nact.sa_handler = got_fatal_signal;
-    sigemptyset( &nact.sa_mask );
-    nact.sa_flags = 0;
-
-    do_sigaction( SIGINT, &nact );
-    do_sigaction( SIGHUP, &nact );
-    do_sigaction( SIGTERM, &nact );
-    do_sigaction( SIGQUIT, &nact );
-    do_sigaction( SIGSEGV, &nact );
-    nact.sa_handler = got_usr_signal;
-    sigaction( SIGUSR1, &nact, NULL );
-    nact.sa_handler = SIG_IGN;
-    sigaction( SIGPIPE, &nact, NULL );
+    init_one_signal (SIGINT, got_fatal_signal, 1 );
+    init_one_signal (SIGHUP, got_fatal_signal, 1 );
+    init_one_signal (SIGTERM, got_fatal_signal, 1 );
+    init_one_signal (SIGQUIT, got_fatal_signal, 1 );
+    init_one_signal (SIGSEGV, got_fatal_signal, 1 );
+    init_one_signal (SIGUSR1, got_usr_signal, 0 );
+    init_one_signal (SIGPIPE, SIG_IGN, 0 );
   #endif
 }
 
@@ -124,6 +132,7 @@ void
 pause_on_sigusr( int which )
 {
   #ifndef HAVE_DOSISH_SYSTEM
+   #ifdef HAVE_SIGPROCMASK
     sigset_t mask, oldmask;
 
     assert( which == 1 );
@@ -135,6 +144,14 @@ pause_on_sigusr( int which )
 	sigsuspend( &oldmask );
     caught_sigusr1 = 0;
     sigprocmask( SIG_UNBLOCK, &mask, NULL );
+   #else 
+     assert (which == 1);
+     sighold (SIGUSR1);
+     while (!caught_sigusr1)
+         sigpause(SIGUSR1);
+     caught_sigusr1 = 0;
+     sigrelse(SIGUSR1); ????
+   #endif /*!HAVE_SIGPROCMASK*/
   #endif
 }
 
@@ -142,12 +159,13 @@ pause_on_sigusr( int which )
 static void
 do_block( int block )
 {
-  #ifndef HAVE_DOSISH_SYSTEM
+ #ifndef HAVE_DOSISH_SYSTEM
     static int is_blocked;
+  #ifdef HAVE_SIGPROCMASK
     static sigset_t oldmask;
 
     if( block ) {
-	sigset_t newmask;
+        sigset_t newmask;
 
 	if( is_blocked )
 	    log_bug("signals are already blocked\n");
@@ -161,7 +179,28 @@ do_block( int block )
 	sigprocmask( SIG_SETMASK, &oldmask, NULL );
 	is_blocked = 0;
     }
-  #endif /*HAVE_DOSISH_SYSTEM*/
+  #else /*!HAVE_SIGPROCMASK*/
+    static void (*disposition[MAXSIG])();
+    int sig;
+
+    if( block ) {
+	if( is_blocked )
+	    log_bug("signals are already blocked\n");
+        for (sig=1; sig < MAXSIG; sig++) {
+            disposition[sig] = sigset (sig, SIG_HOLD);
+        }
+	is_blocked = 1;
+    }
+    else {
+	if( !is_blocked )
+	    log_bug("signals are not blocked\n");
+        for (sig=1; sig < MAXSIG; sig++) {
+            sigset (sig, disposition[sig]);
+        }
+	is_blocked = 0;
+    }
+  #endif /*!HAVE_SIGPROCMASK*/
+ #endif /*HAVE_DOSISH_SYSTEM*/
 }
 
 
@@ -176,4 +215,3 @@ unblock_all_signals()
 {
     do_block(0);
 }
-
diff --git a/g10/skclist.c b/g10/skclist.c
index bc325cd58..1f7a3919a 100644
--- a/g10/skclist.c
+++ b/g10/skclist.c
@@ -1,5 +1,5 @@
 /* skclist.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,14 +25,14 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "options.h"
 #include "packet.h"
 #include "errors.h"
 #include "keydb.h"
+#include "memory.h"
 #include "util.h"
 #include "i18n.h"
-#include "main.h"
+#include "cipher.h"
 
 
 void
@@ -43,14 +43,66 @@ release_sk_list( SK_LIST sk_list )
     for( ; sk_list; sk_list = sk_rover ) {
 	sk_rover = sk_list->next;
 	free_secret_key( sk_list->sk );
-	gcry_free( sk_list );
+	m_free( sk_list );
     }
 }
 
 
+/* Check that we are only using keys which don't have
+ * the string "(insecure!)" or "not secure" or "do not use"
+ * in one of the user ids
+ */
+static int
+is_insecure( PKT_secret_key *sk )
+{
+    u32 keyid[2];
+    KBNODE node = NULL, u;
+    int insecure = 0;
+
+    keyid_from_sk( sk, keyid );
+    node = get_pubkeyblock( keyid );
+    for ( u = node; u; u = u->next ) {
+        if ( u->pkt->pkttype == PKT_USER_ID ) {
+            PKT_user_id *id = u->pkt->pkt.user_id;
+            if ( id->attrib_data )
+                continue; /* skip attribute packets */
+            if ( strstr( id->name, "(insecure!)" )
+                 || strstr( id->name, "not secure" )
+                 || strstr( id->name, "do not use" ) ) {
+                insecure = 1;
+                break;
+            }
+        }
+    }
+    release_kbnode( node );
+    
+    return insecure;
+}
+
+static int
+key_present_in_sk_list(SK_LIST sk_list, PKT_secret_key *sk)
+{
+    for (; sk_list; sk_list = sk_list->next) {
+	if ( !cmp_secret_keys(sk_list->sk, sk) )
+	    return 0;
+    }
+    return -1;
+}
+
+static int
+is_duplicated_entry (STRLIST list, STRLIST item)
+{
+    for(; list && list != item; list = list->next) {
+        if ( !strcmp (list->d, item->d) )
+            return 1;
+    }
+    return 0;
+}
+
+
 int
-build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
-               unsigned int use )
+build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
+               int unlock, unsigned int use )
 {
     SK_LIST sk_list = NULL;
     int rc;
@@ -58,24 +110,28 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
     if( !locusr ) { /* use the default one */
 	PKT_secret_key *sk;
 
-	sk = gcry_xcalloc( 1, sizeof *sk );
+	sk = m_alloc_clear( sizeof *sk );
 	sk->req_usage = use;
-	if( (rc = get_seckey_byname( NULL, sk, NULL, unlock, NULL )) ) {
+	if( (rc = get_seckey_byname( sk, NULL, unlock )) ) {
 	    free_secret_key( sk ); sk = NULL;
-	    log_error("no default secret key: %s\n", gpg_errstr(rc) );
+	    log_error("no default secret key: %s\n", g10_errstr(rc) );
 	}
-	else if( !(rc=openpgp_pk_test_algo(sk->pubkey_algo,
-                                           sk->pubkey_usage)) ) {
+	else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, use)) ) {
 	    SK_LIST r;
-            
-	    if( sk->version == 4 && (sk->pubkey_usage & GCRY_PK_USAGE_SIGN )
-		&& sk->pubkey_algo == GCRY_PK_ELG_E ) {
+
+	    if( sk->version == 4 && (use & PUBKEY_USAGE_SIG)
+		&& sk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
 		log_info("this is a PGP generated "
 		    "ElGamal key which is NOT secure for signatures!\n");
 		free_secret_key( sk ); sk = NULL;
 	    }
+	    else if( random_is_faked() && !is_insecure( sk ) ) {
+		log_info(_("key is not flagged as insecure - "
+			   "can't use it with the faked RNG!\n"));
+		free_secret_key( sk ); sk = NULL;
+	    }
 	    else {
-		r = gcry_xmalloc( sizeof *r );
+		r = m_alloc( sizeof *r );
 		r->sk = sk; sk = NULL;
 		r->next = sk_list;
 		r->mark = 0;
@@ -84,31 +140,54 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
 	}
 	else {
 	    free_secret_key( sk ); sk = NULL;
-	    log_error("invalid default secret key: %s\n", gpg_errstr(rc) );
+	    log_error("invalid default secret key: %s\n", g10_errstr(rc) );
 	}
     }
     else {
+        STRLIST locusr_orig = locusr;
 	for(; locusr; locusr = locusr->next ) {
 	    PKT_secret_key *sk;
-
-	    sk = gcry_xcalloc( 1, sizeof *sk );
+            
+            rc = 0;
+            /* Do an early check agains duplicated entries.  However this
+             * won't catch all duplicates because the user IDs may be
+             * specified in different ways.
+             */
+            if ( is_duplicated_entry ( locusr_orig, locusr ) ) {
+		log_error(_("skipped `%s': duplicated\n"), locusr->d );
+                continue;
+            }
+	    sk = m_alloc_clear( sizeof *sk );
 	    sk->req_usage = use;
-	    if( (rc = get_seckey_byname( NULL, sk, locusr->d, unlock, NULL))) {
+	    if( (rc = get_seckey_byname( sk, locusr->d, 0 )) ) {
 		free_secret_key( sk ); sk = NULL;
-		log_error(_("skipped `%s': %s\n"), locusr->d, gpg_errstr(rc) );
+		log_error(_("skipped `%s': %s\n"), locusr->d, g10_errstr(rc) );
 	    }
-	    else if( !(rc=openpgp_pk_test_algo(sk->pubkey_algo,
-                                               sk->pubkey_usage)) ) {
+            else if ( key_present_in_sk_list(sk_list, sk) == 0) {
+                free_secret_key(sk); sk = NULL;
+                log_info(_("skipped: secret key already present\n"));
+            }
+            else if ( unlock && (rc = check_secret_key( sk, 0 )) ) {
+		free_secret_key( sk ); sk = NULL;
+		log_error(_("skipped `%s': %s\n"), locusr->d, g10_errstr(rc) );
+            }
+	    else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, use)) ) {
 		SK_LIST r;
-		if( sk->version == 4 && (sk->pubkey_usage & GCRY_PK_USAGE_SIGN)
-		    && sk->pubkey_algo == GCRY_PK_ELG_E ) {
+
+		if( sk->version == 4 && (use & PUBKEY_USAGE_SIG)
+		    && sk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
 		    log_info(_("skipped `%s': this is a PGP generated "
 			"ElGamal key which is not secure for signatures!\n"),
 			locusr->d );
 		    free_secret_key( sk ); sk = NULL;
 		}
+		else if( random_is_faked() && !is_insecure( sk ) ) {
+		    log_info(_("key is not flagged as insecure - "
+			       "can't use it with the faked RNG!\n"));
+		    free_secret_key( sk ); sk = NULL;
+		}
 		else {
-		    r = gcry_xmalloc( sizeof *r );
+		    r = m_alloc( sizeof *r );
 		    r->sk = sk; sk = NULL;
 		    r->next = sk_list;
 		    r->mark = 0;
@@ -117,7 +196,7 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
 	    }
 	    else {
 		free_secret_key( sk ); sk = NULL;
-		log_error("skipped `%s': %s\n", locusr->d, gpg_errstr(rc) );
+		log_error("skipped `%s': %s\n", locusr->d, g10_errstr(rc) );
 	    }
 	}
     }
@@ -125,7 +204,7 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
 
     if( !rc && !sk_list ) {
 	log_error("no valid signators\n");
-	rc = GPGERR_NO_USER_ID;
+	rc = G10ERR_NO_USER_ID;
     }
 
     if( rc )
diff --git a/g10/status.c b/g10/status.c
index d336ae3b0..e0b126b78 100644
--- a/g10/status.c
+++ b/g10/status.c
@@ -1,5 +1,5 @@
 /* status.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -24,11 +24,13 @@
 #include <string.h>
 #include <errno.h>
 #include <unistd.h>
+#include <signal.h>
 #ifdef USE_SHM_COPROCESSING
   #ifdef USE_CAPABILITIES
     #include <sys/capability.h>
   #endif
   #ifdef HAVE_SYS_IPC_H
+    #include <sys/types.h>
     #include <sys/ipc.h>
   #endif
   #ifdef HAVE_SYS_SHM_H
@@ -38,16 +40,20 @@
     #include <sys/mman.h>
   #endif
 #endif
-
-#include <gcrypt.h>
 #include "util.h"
 #include "status.h"
 #include "ttyio.h"
 #include "options.h"
 #include "main.h"
 #include "i18n.h"
+#include "cipher.h" /* for progress functions */
+
+#define CONTROL_D ('D' - 'A' + 1)
+
+
+
+static FILE *statusfp;
 
-static int fd = -1;
 #ifdef USE_SHM_COPROCESSING
   static int shm_id = -1;
   static volatile char *shm_area;
@@ -68,26 +74,118 @@ progress_cb ( void *ctx, int c )
     write_status_text ( STATUS_PROGRESS, buf );
 }
 
+static const char *
+get_status_string ( int no ) 
+{
+    const char *s;
+
+    switch( no ) {
+      case STATUS_ENTER  : s = "ENTER"; break;
+      case STATUS_LEAVE  : s = "LEAVE"; break;
+      case STATUS_ABORT  : s = "ABORT"; break;
+      case STATUS_GOODSIG: s = "GOODSIG"; break;
+      case STATUS_KEYEXPIRED: s = "KEYEXPIRED"; break;
+      case STATUS_KEYREVOKED: s = "KEYREVOKED"; break;
+      case STATUS_BADSIG : s = "BADSIG"; break;
+      case STATUS_ERRSIG : s = "ERRSIG"; break;
+      case STATUS_BADARMOR : s = "BADARMOR"; break;
+      case STATUS_RSA_OR_IDEA : s= "RSA_OR_IDEA"; break;
+      case STATUS_TRUST_UNDEFINED: s = "TRUST_UNDEFINED"; break;
+      case STATUS_TRUST_NEVER	 : s = "TRUST_NEVER"; break;
+      case STATUS_TRUST_MARGINAL : s = "TRUST_MARGINAL"; break;
+      case STATUS_TRUST_FULLY	 : s = "TRUST_FULLY"; break;
+      case STATUS_TRUST_ULTIMATE : s = "TRUST_ULTIMATE"; break;
+      case STATUS_GET_BOOL	 : s = "GET_BOOL"; break;
+      case STATUS_GET_LINE	 : s = "GET_LINE"; break;
+      case STATUS_GET_HIDDEN	 : s = "GET_HIDDEN"; break;
+      case STATUS_GOT_IT	 : s = "GOT_IT"; break;
+      case STATUS_SHM_INFO	 : s = "SHM_INFO"; break;
+      case STATUS_SHM_GET	 : s = "SHM_GET"; break;
+      case STATUS_SHM_GET_BOOL	 : s = "SHM_GET_BOOL"; break;
+      case STATUS_SHM_GET_HIDDEN : s = "SHM_GET_HIDDEN"; break;
+      case STATUS_NEED_PASSPHRASE: s = "NEED_PASSPHRASE"; break;
+      case STATUS_VALIDSIG	 : s = "VALIDSIG"; break;
+      case STATUS_SIG_ID	 : s = "SIG_ID"; break;
+      case STATUS_ENC_TO	 : s = "ENC_TO"; break;
+      case STATUS_NODATA	 : s = "NODATA"; break;
+      case STATUS_BAD_PASSPHRASE : s = "BAD_PASSPHRASE"; break;
+      case STATUS_NO_PUBKEY	 : s = "NO_PUBKEY"; break;
+      case STATUS_NO_SECKEY	 : s = "NO_SECKEY"; break;
+      case STATUS_NEED_PASSPHRASE_SYM: s = "NEED_PASSPHRASE_SYM"; break;
+      case STATUS_DECRYPTION_FAILED: s = "DECRYPTION_FAILED"; break;
+      case STATUS_DECRYPTION_OKAY: s = "DECRYPTION_OKAY"; break;
+      case STATUS_MISSING_PASSPHRASE: s = "MISSING_PASSPHRASE"; break;
+      case STATUS_GOOD_PASSPHRASE : s = "GOOD_PASSPHRASE"; break;
+      case STATUS_GOODMDC	 : s = "GOODMDC"; break;
+      case STATUS_BADMDC	 : s = "BADMDC"; break;
+      case STATUS_ERRMDC	 : s = "ERRMDC"; break;
+      case STATUS_IMPORTED	 : s = "IMPORTED"; break;
+      case STATUS_IMPORT_RES	 : s = "IMPORT_RES"; break;
+      case STATUS_FILE_START	 : s = "FILE_START"; break;
+      case STATUS_FILE_DONE	 : s = "FILE_DONE"; break;
+      case STATUS_FILE_ERROR	 : s = "FILE_ERROR"; break;
+      case STATUS_BEGIN_DECRYPTION:s = "BEGIN_DECRYPTION"; break;
+      case STATUS_END_DECRYPTION : s = "END_DECRYPTION"; break;
+      case STATUS_BEGIN_ENCRYPTION:s = "BEGIN_ENCRYPTION"; break;
+      case STATUS_END_ENCRYPTION : s = "END_ENCRYPTION"; break;
+      case STATUS_DELETE_PROBLEM : s = "DELETE_PROBLEM"; break;
+      case STATUS_PROGRESS	 : s = "PROGRESS"; break;
+      case STATUS_SIG_CREATED	 : s = "SIG_CREATED"; break;
+      case STATUS_SESSION_KEY	 : s = "SESSION_KEY"; break;
+      case STATUS_NOTATION_NAME  : s = "NOTATION_NAME" ; break;
+      case STATUS_NOTATION_DATA  : s = "NOTATION_DATA" ; break;
+      case STATUS_POLICY_URL     : s = "POLICY_URL" ; break;
+      case STATUS_BEGIN_STREAM   : s = "BEGIN_STREAM"; break;
+      case STATUS_END_STREAM     : s = "END_STREAM"; break;
+      case STATUS_KEY_CREATED    : s = "KEY_CREATED"; break;
+      case STATUS_USERID_HINT    : s = "USERID_HINT"; break;
+      case STATUS_UNEXPECTED     : s = "UNEXPECTED"; break;
+      case STATUS_INV_RECP       : s = "INV_RECP"; break;
+      case STATUS_NO_RECP        : s = "NO_RECP"; break;
+      case STATUS_ALREADY_SIGNED : s = "ALREADY_SIGNED"; break;
+      case STATUS_SIGEXPIRED     : s = "SIGEXPIRED deprecated-use-keyexpired-instead"; break;
+      case STATUS_EXPSIG         : s = "EXPSIG"; break;
+      case STATUS_EXPKEYSIG      : s = "EXPKEYSIG"; break;
+      case STATUS_ATTRIBUTE      : s = "ATTRIBUTE"; break;
+      default: s = "?"; break;
+    }
+    return s;
+}
 
 void
-set_status_fd ( int newfd )
+set_status_fd ( int fd )
 {
-    fd = newfd;
-    if ( fd != -1 ) {
-	#warning fixme - progress functions
-        /* Has to be fixed in libgcrypt */
-      #if 0
-	register_primegen_progress ( progress_cb, "primegen" );
-	register_pk_dsa_progress ( progress_cb, "pk_dsa" );
-	register_pk_elg_progress ( progress_cb, "pk_elg" );
-      #endif
+    static int last_fd = -1;
+
+    if ( fd != -1 && last_fd == fd )
+        return;
+
+    if ( statusfp && statusfp != stdout && statusfp != stderr )
+        fclose (statusfp);
+    statusfp = NULL;
+    if ( fd == -1 ) 
+        return;
+
+    if( fd == 1 )
+	statusfp = stdout;
+    else if( fd == 2 )
+	statusfp = stderr;
+    else
+	statusfp = fdopen( fd, "w" );
+    if( !statusfp ) {
+	log_fatal("can't open fd %d for status output: %s\n",
+                  fd, strerror(errno));
     }
+    last_fd = fd;
+    register_primegen_progress ( progress_cb, "primegen" );
+    register_pk_dsa_progress ( progress_cb, "pk_dsa" );
+    register_pk_elg_progress ( progress_cb, "pk_elg" );
 }
 
 int
 is_status_enabled()
 {
-    return fd != -1;
+    return !!statusfp;
 }
 
 void
@@ -99,77 +197,97 @@ write_status ( int no )
 void
 write_status_text ( int no, const char *text)
 {
-    const char *s;
-
-    if( fd == -1 )
+    if( !statusfp )
 	return;  /* not enabled */
 
-    switch( no ) {
-      case STATUS_ENTER  : s = "ENTER\n"; break;
-      case STATUS_LEAVE  : s = "LEAVE\n"; break;
-      case STATUS_ABORT  : s = "ABORT\n"; break;
-      case STATUS_GOODSIG: s = "GOODSIG\n"; break;
-      case STATUS_SIGEXPIRED: s = "SIGEXPIRED\n"; break;
-      case STATUS_KEYREVOKED: s = "KEYREVOKED\n"; break;
-      case STATUS_BADSIG : s = "BADSIG\n"; break;
-      case STATUS_ERRSIG : s = "ERRSIG\n"; break;
-      case STATUS_BADARMOR : s = "BADARMOR\n"; break;
-      case STATUS_RSA_OR_IDEA : s= "RSA_OR_IDEA\n"; break;
-      case STATUS_TRUST_UNDEFINED: s = "TRUST_UNDEFINED\n"; break;
-      case STATUS_TRUST_NEVER	 : s = "TRUST_NEVER\n"; break;
-      case STATUS_TRUST_MARGINAL : s = "TRUST_MARGINAL\n"; break;
-      case STATUS_TRUST_FULLY	 : s = "TRUST_FULLY\n"; break;
-      case STATUS_TRUST_ULTIMATE : s = "TRUST_ULTIMATE\n"; break;
-      case STATUS_GET_BOOL	 : s = "GET_BOOL\n"; break;
-      case STATUS_GET_LINE	 : s = "GET_LINE\n"; break;
-      case STATUS_GET_HIDDEN	 : s = "GET_HIDDEN\n"; break;
-      case STATUS_GOT_IT	 : s = "GOT_IT\n"; break;
-      case STATUS_SHM_INFO	 : s = "SHM_INFO\n"; break;
-      case STATUS_SHM_GET	 : s = "SHM_GET\n"; break;
-      case STATUS_SHM_GET_BOOL	 : s = "SHM_GET_BOOL\n"; break;
-      case STATUS_SHM_GET_HIDDEN : s = "SHM_GET_HIDDEN\n"; break;
-      case STATUS_NEED_PASSPHRASE: s = "NEED_PASSPHRASE\n"; break;
-      case STATUS_VALIDSIG	 : s = "VALIDSIG\n"; break;
-      case STATUS_SIG_ID	 : s = "SIG_ID\n"; break;
-      case STATUS_ENC_TO	 : s = "ENC_TO\n"; break;
-      case STATUS_NODATA	 : s = "NODATA\n"; break;
-      case STATUS_BAD_PASSPHRASE : s = "BAD_PASSPHRASE\n"; break;
-      case STATUS_NO_PUBKEY	 : s = "NO_PUBKEY\n"; break;
-      case STATUS_NO_SECKEY	 : s = "NO_SECKEY\n"; break;
-      case STATUS_NEED_PASSPHRASE_SYM: s = "NEED_PASSPHRASE_SYM\n"; break;
-      case STATUS_DECRYPTION_FAILED: s = "DECRYPTION_FAILED\n"; break;
-      case STATUS_DECRYPTION_OKAY: s = "DECRYPTION_OKAY\n"; break;
-      case STATUS_MISSING_PASSPHRASE: s = "MISSING_PASSPHRASE\n"; break;
-      case STATUS_GOOD_PASSPHRASE : s = "GOOD_PASSPHRASE\n"; break;
-      case STATUS_GOODMDC	 : s = "GOODMDC\n"; break;
-      case STATUS_BADMDC	 : s = "BADMDC\n"; break;
-      case STATUS_ERRMDC	 : s = "ERRMDC\n"; break;
-      case STATUS_IMPORTED	 : s = "IMPORTED\n"; break;
-      case STATUS_IMPORT_RES	 : s = "IMPORT_RES\n"; break;
-      case STATUS_FILE_START	 : s = "FILE_START\n"; break;
-      case STATUS_FILE_DONE	 : s = "FILE_DONE\n"; break;
-      case STATUS_FILE_ERROR	 : s = "FILE_ERROR\n"; break;
-      case STATUS_BEGIN_DECRYPTION:s = "BEGIN_DECRYPTION\n"; break;
-      case STATUS_END_DECRYPTION : s = "END_DECRYPTION\n"; break;
-      case STATUS_BEGIN_ENCRYPTION:s = "BEGIN_ENCRYPTION\n"; break;
-      case STATUS_END_ENCRYPTION : s = "END_ENCRYPTION\n"; break;
-      case STATUS_DELETE_PROBLEM : s = "DELETE_PROBLEM\n"; break;
-      case STATUS_PROGRESS	 : s = "PROGRESS\n"; break;
-      case STATUS_SIG_CREATED	 : s = "SIG_CREATED\n"; break;
-      default: s = "?\n"; break;
+    fputs ( "[GNUPG:] ", statusfp );
+    fputs ( get_status_string (no), statusfp );
+    if( text ) {
+        putc ( ' ', statusfp );
+        for (; *text; text++) {
+            if (*text == '\n')
+                fputs ( "\\n", statusfp );
+            else if (*text == '\r')
+                fputs ( "\\r", statusfp );
+            else 
+                putc ( *(const byte *)text,  statusfp );
+        }
     }
+    putc ('\n',statusfp);
+    fflush (statusfp);
+}
 
-    write( fd, "[GNUPG:] ", 9 );
-    if( text ) {
-	write( fd, s, strlen(s)-1 );
-	write( fd, " ", 1 );
-	write( fd, text, strlen(text) );
-	write( fd, "\n", 1 );
+
+/*
+ * Write a status line with a buffer using %XX escapes.  If WRAP is >
+ * 0 wrap the line after this length.  If STRING is not NULL it will
+ * be prepended to the buffer, no escaping is done for string.
+ * A wrap of -1 forces spaces not to be encoded as %20.
+ */
+void
+write_status_text_and_buffer ( int no, const char *string,
+                               const char *buffer, size_t len, int wrap )
+{
+    const char *s, *text;
+    int esc, first;
+    int lower_limit = ' ';
+    size_t n, count, dowrap;
+
+    if( !statusfp )
+	return;  /* not enabled */
+    
+    if (wrap == -1) {
+        lower_limit--;
+        wrap = 0;
     }
-    else
-	write( fd, s, strlen(s) );
+
+    text = get_status_string (no);
+    count = dowrap = first = 1;
+    do {
+        if (dowrap) {
+            fprintf (statusfp, "[GNUPG:] %s ", text );
+            count = dowrap = 0;
+            if (first && string) {
+                fputs (string, statusfp);
+                count += strlen (string);
+            }
+            first = 0;
+        }
+        for (esc=0, s=buffer, n=len; n && !esc; s++, n-- ) {
+            if ( *s == '%' || *(const byte*)s <= lower_limit 
+                           || *(const byte*)s == 127 ) 
+                esc = 1;
+            if ( wrap && ++count > wrap ) {
+                dowrap=1;
+                break;
+            }
+        }
+        if (esc) {
+            s--; n++;
+        }
+        if (s != buffer) 
+            fwrite (buffer, s-buffer, 1, statusfp );
+        if ( esc ) {
+            fprintf (statusfp, "%%%02X", *(const byte*)s );
+            s++; n--;
+        }
+        buffer = s;
+        len = n;
+        if ( dowrap && len )
+            putc ( '\n', statusfp );
+    } while ( len );
+
+    putc ('\n',statusfp);
+    fflush (statusfp);
 }
 
+void
+write_status_buffer ( int no, const char *buffer, size_t len, int wrap )
+{
+    write_status_text_and_buffer (no, NULL, buffer, len, wrap);
+}
+
+
 
 #ifdef USE_SHM_COPROCESSING
 
@@ -333,7 +451,7 @@ do_shm_get( const char *keyword, int hidden, int bool )
     if( bool )
 	return p[0]? "" : NULL;
 
-    string = hidden? gcry_xmalloc_secure( n+1 ) : gcry_xmalloc( n+1 );
+    string = hidden? m_alloc_secure( n+1 ) : m_alloc( n+1 );
     memcpy(string, p, n );
     string[n] = 0; /* make sure it is a string */
     if( hidden ) /* invalidate the memory */
@@ -344,6 +462,32 @@ do_shm_get( const char *keyword, int hidden, int bool )
 
 #endif /* USE_SHM_COPROCESSING */
 
+static int
+myread(int fd, void *buf, size_t count)
+{
+    int rc;
+    do {
+        rc = read( fd, buf, count );
+    } while ( rc == -1 && errno == EINTR );
+    if ( !rc && count ) {
+        static int eof_emmited=0;
+        if ( eof_emmited < 3 ) {
+            *(char*)buf = CONTROL_D;
+            rc = 1;
+            eof_emmited++;
+        }
+        else { /* Ctrl-D not caught - do something reasonable */
+          #ifdef HAVE_DOSISH_SYSTEM
+            raise (SIGINT);  /* nothing to hangup under DOS */
+          #else
+            raise (SIGHUP); /* no more input data */
+          #endif
+        }
+    }    
+    return rc;
+}
+
+
 
 /****************
  * Request a string from the client over the command-fd
@@ -362,15 +506,21 @@ do_get_from_fd( const char *keyword, int hidden, int bool )
 	if( i >= len-1 ) {
 	    char *save = string;
 	    len += 100;
-	    string = hidden? gcry_xmalloc_secure ( len ) : gcry_malloc ( len );
+	    string = hidden? m_alloc_secure ( len ) : m_alloc ( len );
 	    if( save )
 		memcpy(string, save, i );
 	    else
 		i=0;
 	}
 	/* Hmmm: why not use our read_line function here */
-	if( read( opt.command_fd, string+i, 1) != 1 || string[i] == '\n' )
-	    break;
+	if( myread( opt.command_fd, string+i, 1) != 1 || string[i] == '\n'  )
+            break;
+        else if ( string[i] == CONTROL_D ) {
+            /* found ETX - cancel the line and return a sole ETX */
+            string[0] = CONTROL_D;
+            i=1;
+            break;
+        }
     }
     string[i] = 0;
 
@@ -397,6 +547,23 @@ cpr_enabled()
 }
 
 char *
+cpr_get_no_help( const char *keyword, const char *prompt )
+{
+    char *p;
+
+    if( opt.command_fd != -1 )
+	return do_get_from_fd ( keyword, 0, 0 );
+  #ifdef USE_SHM_COPROCESSING
+    if( opt.shm_coprocess )
+	return do_shm_get( keyword, 0, 0 );
+  #endif
+    for(;;) {
+	p = tty_get( prompt );
+        return p;
+    }
+}
+
+char *
 cpr_get( const char *keyword, const char *prompt )
 {
     char *p;
@@ -410,7 +577,7 @@ cpr_get( const char *keyword, const char *prompt )
     for(;;) {
 	p = tty_get( prompt );
 	if( *p=='?' && !p[1] && !(keyword && !*keyword)) {
-	    gcry_free(p);
+	    m_free(p);
 	    display_online_help( keyword );
 	}
 	else
@@ -418,6 +585,7 @@ cpr_get( const char *keyword, const char *prompt )
     }
 }
 
+
 char *
 cpr_get_utf8( const char *keyword, const char *prompt )
 {
@@ -425,7 +593,7 @@ cpr_get_utf8( const char *keyword, const char *prompt )
     p = cpr_get( keyword, prompt );
     if( p ) {
 	char *utf8 = native_to_utf8( p );
-	gcry_free( p );
+	m_free( p );
 	p = utf8;
     }
     return p;
@@ -445,7 +613,7 @@ cpr_get_hidden( const char *keyword, const char *prompt )
     for(;;) {
 	p = tty_get_hidden( prompt );
 	if( *p == '?' && !p[1] ) {
-	    gcry_free(p);
+	    m_free(p);
 	    display_online_help( keyword );
 	}
 	else
@@ -482,13 +650,13 @@ cpr_get_answer_is_yes( const char *keyword, const char *prompt )
 	p = tty_get( prompt );
 	trim_spaces(p); /* it is okay to do this here */
 	if( *p == '?' && !p[1] ) {
-	    gcry_free(p);
+	    m_free(p);
 	    display_online_help( keyword );
 	}
 	else {
 	    tty_kill_prompt();
 	    yes = answer_is_yes(p);
-	    gcry_free(p);
+	    m_free(p);
 	    return yes;
 	}
     }
@@ -510,13 +678,13 @@ cpr_get_answer_yes_no_quit( const char *keyword, const char *prompt )
 	p = tty_get( prompt );
 	trim_spaces(p); /* it is okay to do this here */
 	if( *p == '?' && !p[1] ) {
-	    gcry_free(p);
+	    m_free(p);
 	    display_online_help( keyword );
 	}
 	else {
 	    tty_kill_prompt();
 	    yes = answer_is_yes_no_quit(p);
-	    gcry_free(p);
+	    m_free(p);
 	    return yes;
 	}
     }
diff --git a/g10/status.h b/g10/status.h
index f9cce5b6b..86e232719 100644
--- a/g10/status.h
+++ b/g10/status.h
@@ -1,5 +1,5 @@
 /* status.h
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -17,8 +17,8 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
-#ifndef GPG_STATUS_H
-#define GPG_STATUS_H
+#ifndef G10_STATUS_H
+#define G10_STATUS_H
 
 
 #define STATUS_ENTER	 1
@@ -33,7 +33,7 @@
 #define STATUS_BADARMOR  7
 
 #define STATUS_RSA_OR_IDEA 8
-#define STATUS_SIGEXPIRED  9
+#define STATUS_KEYEXPIRED  9
 #define STATUS_KEYREVOKED  10
 
 #define STATUS_TRUST_UNDEFINED 11
@@ -81,12 +81,32 @@
 #define STATUS_GOT_IT		49
 #define STATUS_PROGRESS 	50
 #define STATUS_SIG_CREATED	51
+#define STATUS_SESSION_KEY	52
+#define STATUS_NOTATION_NAME    53
+#define STATUS_NOTATION_DATA    54
+#define STATUS_POLICY_URL       55
+#define STATUS_BEGIN_STREAM     56
+#define STATUS_END_STREAM       57
+#define STATUS_KEY_CREATED      58
+#define STATUS_USERID_HINT      59
+#define STATUS_UNEXPECTED       60
+#define STATUS_INV_RECP         61
+#define STATUS_NO_RECP          62
+#define STATUS_ALREADY_SIGNED   63
+#define STATUS_SIGEXPIRED       64
+#define STATUS_EXPSIG           65
+#define STATUS_EXPKEYSIG        66
+#define STATUS_ATTRIBUTE        67
 
 /*-- status.c --*/
 void set_status_fd ( int fd );
 int  is_status_enabled ( void );
 void write_status ( int no );
 void write_status_text ( int no, const char *text );
+void write_status_buffer ( int no,
+                           const char *buffer, size_t len, int wrap );
+void write_status_text_and_buffer ( int no, const char *text,
+                                    const char *buffer, size_t len, int wrap );
 
 #ifdef USE_SHM_COPROCESSING
   void init_shm_coprocessing ( ulong requested_shm_size, int lock_mem );
@@ -94,6 +114,7 @@ void write_status_text ( int no, const char *text );
 
 int cpr_enabled(void);
 char *cpr_get( const char *keyword, const char *prompt );
+char *cpr_get_no_help( const char *keyword, const char *prompt );
 char *cpr_get_utf8( const char *keyword, const char *prompt );
 char *cpr_get_hidden( const char *keyword, const char *prompt );
 void cpr_kill_prompt(void);
@@ -101,4 +122,4 @@ int  cpr_get_answer_is_yes( const char *keyword, const char *prompt );
 int  cpr_get_answer_yes_no_quit( const char *keyword, const char *prompt );
 
 
-#endif /*GPG_STATUS_H*/
+#endif /*G10_STATUS_H*/
diff --git a/g10/tdbdump.c b/g10/tdbdump.c
index 6729d4e56..cd46f1f5a 100644
--- a/g10/tdbdump.c
+++ b/g10/tdbdump.c
@@ -1,5 +1,5 @@
 /* tdbdump.c
- *	Copyright (C) 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -33,7 +33,7 @@
 #include "errors.h"
 #include "iobuf.h"
 #include "keydb.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
 #include "trustdb.h"
 #include "options.h"
@@ -46,22 +46,7 @@
 #define HEXTOBIN(x) ( (x) >= '0' && (x) <= '9' ? ((x)-'0') : \
 		      (x) >= 'A' && (x) <= 'F' ? ((x)-'A'+10) : ((x)-'a'+10))
 
-/****************
- * Read a record but die if it does not exist
- * fixme: duplicate: remove it
- */
-#if 0
-static void
-read_record( ulong recno, TRUSTREC *rec, int rectype )
-{
-    int rc = tdbio_read_record( recno, rec, rectype );
-    if( !rc )
-	return;
-    log_error(_("trust record %lu, req type %d: read failed: %s\n"),
-				    recno, rectype,  gpg_errstr(rc) );
-    tdbio_invalid();
-}
-#endif
+
 /****************
  * Wirte a record but die on error
  */
@@ -72,263 +57,13 @@ write_record( TRUSTREC *rec )
     if( !rc )
 	return;
     log_error(_("trust record %lu, type %d: write failed: %s\n"),
-			    rec->recnum, rec->rectype, gpg_errstr(rc) );
+			    rec->recnum, rec->rectype, g10_errstr(rc) );
     tdbio_invalid();
 }
 
 
 /****************
- * sync the db
- */
-static void
-do_sync(void)
-{
-    int rc = tdbio_sync();
-    if( !rc )
-	return;
-    log_error(_("trustdb: sync failed: %s\n"), gpg_errstr(rc) );
-    gpg_exit(2);
-}
-
-#if 0
-static int
-print_sigflags( FILE *fp, unsigned flags )
-{
-    if( flags & SIGF_CHECKED ) {
-	fprintf(fp,"%c%c%c",
-	   (flags & SIGF_VALID)   ? 'V':'-',
-	   (flags & SIGF_EXPIRED) ? 'E':'-',
-	   (flags & SIGF_REVOKED) ? 'R':'-');
-    }
-    else if( flags & SIGF_NOPUBKEY)
-	fputs("?--", fp);
-    else
-	fputs("---", fp);
-    return 3;
-}
-#endif
-
-
-/****************
- * Walk through the signatures of a public key.
- * The caller must provide a context structure, with all fields set
- * to zero, but the local_id field set to the requested key;
- * This function does not change this field.  On return the context
- * is filled with the local-id of the signature and the signature flag.
- * No fields should be changed (clearing all fields and setting
- * pubkeyid is okay to continue with an other pubkey)
- * Returns: 0 - okay, -1 for eof (no more sigs) or any other errorcode
- * FIXME: Do we really need this large and complicated function?
- */
-#if 0
-static int
-walk_sigrecs( SIGREC_CONTEXT *c )
-{
-    TRUSTREC *r;
-    ulong rnum;
-
-    if( c->ctl.eof )
-	return -1;
-    r = &c->ctl.rec;
-    if( !c->ctl.init_done ) {
-	c->ctl.init_done = 1;
-	read_record( c->lid, r, 0 );
-	if( r->rectype != RECTYPE_DIR ) {
-	    c->ctl.eof = 1;
-	    return -1;	/* return eof */
-	}
-	c->ctl.nextuid = r->r.dir.uidlist;
-	/* force a read */
-	c->ctl.index = SIGS_PER_RECORD;
-	r->r.sig.next = 0;
-    }
-
-    /* need a loop to skip over deleted sigs */
-    do {
-	if( c->ctl.index >= SIGS_PER_RECORD ) { /* read the record */
-	    rnum = r->r.sig.next;
-	    if( !rnum && c->ctl.nextuid ) { /* read next uid record */
-		read_record( c->ctl.nextuid, r, RECTYPE_UID );
-		c->ctl.nextuid = r->r.uid.next;
-		rnum = r->r.uid.siglist;
-	    }
-	    if( !rnum ) {
-		c->ctl.eof = 1;
-		return -1;  /* return eof */
-	    }
-	    read_record( rnum, r, RECTYPE_SIG );
-	    if( r->r.sig.lid != c->lid ) {
-		log_error(_("chained sigrec %lu has a wrong owner\n"), rnum );
-		c->ctl.eof = 1;
-		tdbio_invalid();
-	    }
-	    c->ctl.index = 0;
-	}
-    } while( !r->r.sig.sig[c->ctl.index++].lid );
-
-    c->sig_lid = r->r.sig.sig[c->ctl.index-1].lid;
-    c->sig_flag = r->r.sig.sig[c->ctl.index-1].flag;
-    return 0;
-}
-#endif
-
-#if 0
-static int
-do_list_sigs( ulong root, ulong pk_lid, int depth,
-	      LOCAL_ID_TABLE lids, unsigned *lineno )
-{
-    SIGREC_CONTEXT sx;
-    int rc;
-    u32 keyid[2];
-
-    memset( &sx, 0, sizeof sx );
-    sx.lid = pk_lid;
-    for(;;) {
-	rc = walk_sigrecs( &sx ); /* should we replace it and use */
-	if( rc )
-	    break;
-	rc = keyid_from_lid( sx.sig_lid, keyid );
-	if( rc ) {
-	    printf("%6u: %*s????????.%lu:", *lineno, depth*4, "", sx.sig_lid );
-	    print_sigflags( stdout, sx.sig_flag );
-	    putchar('\n');
-	    ++*lineno;
-	}
-	else {
-	    printf("%6u: %*s%08lX.%lu:", *lineno, depth*4, "",
-			      (ulong)keyid[1], sx.sig_lid );
-	    print_sigflags( stdout, sx.sig_flag );
-	    putchar(' ');
-	    /* check whether we already checked this pk_lid */
-	    if( !qry_lid_table_flag( ultikey_table, sx.sig_lid, NULL ) ) {
-		print_user_id("[ultimately trusted]", keyid);
-		++*lineno;
-	    }
-	    else if( sx.sig_lid == pk_lid ) {
-		printf("[self-signature]\n");
-		++*lineno;
-	    }
-	    else if( sx.sig_lid == root ) {
-		printf("[closed]\n");
-		++*lineno;
-	    }
-	    else if( ins_lid_table_item( lids, sx.sig_lid, *lineno ) ) {
-		unsigned refline;
-		qry_lid_table_flag( lids, sx.sig_lid, &refline );
-		printf("[see line %u]\n", refline);
-		++*lineno;
-	    }
-	    else if( depth+1 >= MAX_LIST_SIGS_DEPTH  ) {
-		print_user_id( "[too deeply nested]", keyid );
-		++*lineno;
-	    }
-	    else {
-		print_user_id( "", keyid );
-		++*lineno;
-		rc = do_list_sigs( root, sx.sig_lid, depth+1, lids, lineno );
-		if( rc )
-		    break;
-	    }
-	}
-    }
-    return rc==-1? 0 : rc;
-}
-#endif
-/****************
- * List all signatures of a public key
- */
-static int
-list_sigs( ulong pubkey_id )
-{
-    int rc=0;
-  #if 0
-    u32 keyid[2];
-    LOCAL_ID_TABLE lids;
-    unsigned lineno = 1;
-
-    rc = keyid_from_lid( pubkey_id, keyid );
-    if( rc )
-	return rc;
-    printf("Signatures of %08lX.%lu ", (ulong)keyid[1], pubkey_id );
-    print_user_id("", keyid);
-    printf("----------------------\n");
-
-    lids = new_lid_table();
-    rc = do_list_sigs( pubkey_id, pubkey_id, 0, lids, &lineno );
-    putchar('\n');
-    release_lid_table(lids);
-  #endif
-    return rc;
-}
-
-/****************
- * List all records of a public key
- */
-static int
-list_records( ulong lid )
-{
-    int rc;
-    TRUSTREC dr, ur, rec;
-    ulong recno;
-
-    rc = tdbio_read_record( lid, &dr, RECTYPE_DIR );
-    if( rc ) {
-	log_error(_("lid %lu: read dir record failed: %s\n"),
-						lid, gpg_errstr(rc));
-	return rc;
-    }
-    tdbio_dump_record( &dr, stdout );
-
-    for( recno=dr.r.dir.keylist; recno; recno = rec.r.key.next ) {
-	rc = tdbio_read_record( recno, &rec, 0 );
-	if( rc ) {
-	    log_error(_("lid %lu: read key record failed: %s\n"),
-						lid, gpg_errstr(rc));
-	    return rc;
-	}
-	tdbio_dump_record( &rec, stdout );
-    }
-
-    for( recno=dr.r.dir.uidlist; recno; recno = ur.r.uid.next ) {
-	rc = tdbio_read_record( recno, &ur, RECTYPE_UID );
-	if( rc ) {
-	    log_error(_("lid %lu: read uid record failed: %s\n"),
-						lid, gpg_errstr(rc));
-	    return rc;
-	}
-	tdbio_dump_record( &ur, stdout );
-	/* preference records */
-	for(recno=ur.r.uid.prefrec; recno; recno = rec.r.pref.next ) {
-	    rc = tdbio_read_record( recno, &rec, RECTYPE_PREF );
-	    if( rc ) {
-		log_error(_("lid %lu: read pref record failed: %s\n"),
-						    lid, gpg_errstr(rc));
-		return rc;
-	    }
-	    tdbio_dump_record( &rec, stdout );
-	}
-	/* sig records */
-	for(recno=ur.r.uid.siglist; recno; recno = rec.r.sig.next ) {
-	    rc = tdbio_read_record( recno, &rec, RECTYPE_SIG );
-	    if( rc ) {
-		log_error(_("lid %lu: read sig record failed: %s\n"),
-						    lid, gpg_errstr(rc));
-		return rc;
-	    }
-	    tdbio_dump_record( &rec, stdout );
-	}
-    }
-
-    /* add cache record dump here */
-
-
-
-    return rc;
-}
-
-
-/****************
- * Dump the complte trustdb or only the entries of one key.
+ * Dump the entire trustdb or only the entries of one key.
  */
 void
 list_trustdb( const char *username )
@@ -336,38 +71,8 @@ list_trustdb( const char *username )
     TRUSTREC rec;
 
     init_trustdb();
-
-    if( username && *username == '#' ) {
-	int rc;
-	ulong lid = atoi(username+1);
-
-	if( (rc = list_records( lid)) )
-	    log_error(_("user '%s' read problem: %s\n"),
-					    username, gpg_errstr(rc));
-	else if( (rc = list_sigs( lid )) )
-	    log_error(_("user '%s' list problem: %s\n"),
-					    username, gpg_errstr(rc));
-    }
-    else if( username ) {
-	PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-	int rc;
-
-	if( (rc = get_pubkey_byname( NULL, pk, username, NULL )) )
-	    log_error(_("user '%s' not found: %s\n"), username, gpg_errstr(rc) );
-	else if( (rc=tdbio_search_dir_bypk( pk, &rec )) && rc != -1 )
-	    log_error(_("problem finding '%s' in trustdb: %s\n"),
-						username, gpg_errstr(rc));
-	else if( rc == -1 )
-	    log_error(_("user '%s' not in trustdb\n"), username);
-	else if( (rc = list_records( pk->local_id)) )
-	    log_error(_("user '%s' read problem: %s\n"),
-						username, gpg_errstr(rc));
-	else if( (rc = list_sigs( pk->local_id )) )
-	    log_error(_("user '%s' list problem: %s\n"),
-						username, gpg_errstr(rc));
-	free_public_key( pk );
-    }
-    else {
+    /* for now we ignore the user ID */
+    if (1) {
 	ulong recnum;
 	int i;
 
@@ -391,33 +96,22 @@ void
 export_ownertrust()
 {
     TRUSTREC rec;
-    TRUSTREC rec2;
     ulong recnum;
     int i;
     byte *p;
-    int rc;
 
     init_trustdb();
     printf(_("# List of assigned trustvalues, created %s\n"
 	     "# (Use \"gpg --import-ownertrust\" to restore them)\n"),
 	   asctimestamp( make_timestamp() ) );
     for(recnum=0; !tdbio_read_record( recnum, &rec, 0); recnum++ ) {
-	if( rec.rectype == RECTYPE_DIR ) {
-	    if( !rec.r.dir.keylist ) {
-		log_error(_("directory record w/o primary key\n"));
-		continue;
-	    }
-	    if( !rec.r.dir.ownertrust )
+	if( rec.rectype == RECTYPE_TRUST ) {
+	    if( !rec.r.trust.ownertrust )
 		continue;
-	    rc = tdbio_read_record( rec.r.dir.keylist, &rec2, RECTYPE_KEY);
-	    if( rc ) {
-		log_error(_("error reading key record: %s\n"), gpg_errstr(rc));
-		continue;
-	    }
-	    p = rec2.r.key.fingerprint;
-	    for(i=0; i < rec2.r.key.fingerprint_len; i++, p++ )
+	    p = rec.r.trust.fingerprint;
+	    for(i=0; i < 20; i++, p++ )
 		printf("%02X", *p );
-	    printf(":%u:\n", (unsigned)rec.r.dir.ownertrust );
+	    printf(":%u:\n", (unsigned int)rec.r.trust.ownertrust );
 	}
     }
 }
@@ -431,7 +125,10 @@ import_ownertrust( const char *fname )
     char line[256];
     char *p;
     size_t n, fprlen;
-    unsigned otrust;
+    unsigned int otrust;
+    byte fpr[20];
+    int any = 0;
+    int rc;
 
     init_trustdb();
     if( !fname || (*fname == '-' && !fname[1]) ) {
@@ -446,7 +143,6 @@ import_ownertrust( const char *fname )
 
     while( fgets( line, DIM(line)-1, fp ) ) {
 	TRUSTREC rec;
-	int rc;
 
 	if( !*line || *line == '#' )
 	    continue;
@@ -475,51 +171,52 @@ import_ownertrust( const char *fname )
 	if( !otrust )
 	    continue; /* no otrust defined - no need to update or insert */
 	/* convert the ascii fingerprint to binary */
-	for(p=line, fprlen=0; *p != ':'; p += 2 )
-	    line[fprlen++] = HEXTOBIN(p[0]) * 16 + HEXTOBIN(p[1]);
-	line[fprlen] = 0;
-
-      repeat:
-	rc = tdbio_search_dir_byfpr( line, fprlen, 0, &rec );
+	for(p=line, fprlen=0; fprlen < 20 && *p != ':'; p += 2 )
+	    fpr[fprlen++] = HEXTOBIN(p[0]) * 16 + HEXTOBIN(p[1]);
+	while (fprlen < 20)
+	    fpr[fprlen++] = 0;
+        
+	rc = tdbio_search_trust_byfpr (fpr, &rec);
 	if( !rc ) { /* found: update */
-	    if( rec.r.dir.ownertrust )
-		log_info("LID %lu: changing trust from %u to %u\n",
-			  rec.r.dir.lid, rec.r.dir.ownertrust, otrust );
-	    else
-		log_info("LID %lu: setting trust to %u\n",
-				   rec.r.dir.lid, otrust );
-	    rec.r.dir.ownertrust = otrust;
-	    write_record( &rec );
+	    if (rec.r.trust.ownertrust != otrust)
+              {
+                if( rec.r.trust.ownertrust )
+                  log_info("changing ownertrust from %u to %u\n",
+                           rec.r.trust.ownertrust, otrust );
+                else
+                  log_info("setting ownertrust to %u\n", otrust );
+                rec.r.trust.ownertrust = otrust;
+                write_record (&rec );
+                any = 1;
+              }
 	}
-	else if( rc == -1 ) { /* not found; get the key from the ring */
-	    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-
-	    log_info_f(fname, _("key not in trustdb, searching ring.\n"));
-	    rc = get_pubkey_byfprint( pk, line, fprlen );
-	    if( rc )
-		log_info_f(fname, _("key not in ring: %s\n"), gpg_errstr(rc));
-	    else {
-		rc = query_trust_record( pk );	/* only as assertion */
-		if( rc != -1 )
-		    log_error_f(fname, _("Oops: key is now in trustdb???\n"));
-		else {
-		    rc = insert_trust_record_by_pk( pk );
-		    if( !rc )
-			goto repeat; /* update the ownertrust */
-		    log_error_f(fname, _("insert trust record failed: %s\n"),
-							   gpg_errstr(rc) );
-		}
-	    }
+	else if( rc == -1 ) { /* not found: insert */
+            log_info("inserting ownertrust of %u\n", otrust );
+            memset (&rec, 0, sizeof rec);
+            rec.recnum = tdbio_new_recnum ();
+            rec.rectype = RECTYPE_TRUST;
+            memcpy (rec.r.trust.fingerprint, fpr, 20);
+            rec.r.trust.ownertrust = otrust;
+            write_record (&rec );
+            any = 1;
 	}
 	else /* error */
-	    log_error_f(fname, _("error finding dir record: %s\n"),
-						    gpg_errstr(rc));
+	    log_error_f(fname, _("error finding trust record: %s\n"),
+						    g10_errstr(rc));
     }
     if( ferror(fp) )
 	log_error_f(fname, _("read error: %s\n"), strerror(errno) );
     if( !is_stdin )
 	fclose(fp);
-    do_sync();
-    sync_trustdb();
+    
+    if (any)
+      {
+        revalidation_mark ();
+        rc = tdbio_sync ();
+        if (rc)
+          log_error (_("trustdb: sync failed: %s\n"), g10_errstr(rc) );
+      }
+    
 }
 
+
diff --git a/g10/tdbio.c b/g10/tdbio.c
index 669f66ffc..537e4c0d4 100644
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@@ -1,5 +1,5 @@
 /* tdbio.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -31,7 +31,7 @@
 
 #include "errors.h"
 #include "iobuf.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
 #include "options.h"
 #include "main.h"
@@ -39,6 +39,9 @@
 #include "trustdb.h"
 #include "tdbio.h"
 
+#if defined(HAVE_DOSISH_SYSTEM) && !defined(__CYGWIN32__)
+#define ftruncate chsize
+#endif
 
 /****************
  * Yes, this is a very simple implementation. We should really
@@ -83,6 +86,8 @@ static int  db_fd = -1;
 static int in_transaction;
 
 static void open_db(void);
+static void migrate_from_v2 (void);
+
 
 
 /*************************************
@@ -115,13 +120,13 @@ write_cache_item( CACHE_CTRL r )
     if( lseek( db_fd, r->recno * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
 	log_error(_("trustdb rec %lu: lseek failed: %s\n"),
 					    r->recno, strerror(errno) );
-	return GPGERR_WRITE_FILE;
+	return G10ERR_WRITE_FILE;
     }
     n = write( db_fd, r->data, TRUST_RECORD_LEN);
     if( n != TRUST_RECORD_LEN ) {
 	log_error(_("trustdb rec %lu: write failed (n=%d): %s\n"),
 					    r->recno, n, strerror(errno) );
-	return GPGERR_WRITE_FILE;
+	return G10ERR_WRITE_FILE;
     }
     r->flags.dirty = 0;
     return 0;
@@ -175,7 +180,7 @@ put_record_into_cache( ulong recno, const char *data )
     }
     /* see whether we reached the limit */
     if( cache_entries < MAX_CACHE_ENTRIES_SOFT ) { /* no */
-	r = gcry_xmalloc( sizeof *r );
+	r = m_alloc( sizeof *r );
 	r->flags.used = 1;
 	r->recno = recno;
 	memcpy( r->data, data, TRUST_RECORD_LEN );
@@ -218,7 +223,7 @@ put_record_into_cache( ulong recno, const char *data )
 	if( cache_entries < MAX_CACHE_ENTRIES_HARD ) { /* no */
 	    if( opt.debug && !(cache_entries % 100) )
 		log_debug("increasing tdbio cache size\n");
-	    r = gcry_xmalloc( sizeof *r );
+	    r = m_alloc( sizeof *r );
 	    r->flags.used = 1;
 	    r->recno = recno;
 	    memcpy( r->data, data, TRUST_RECORD_LEN );
@@ -230,7 +235,7 @@ put_record_into_cache( ulong recno, const char *data )
 	    return 0;
 	}
 	log_info(_("trustdb transaction too large\n"));
-	return GPGERR_RESOURCE_LIMIT;
+	return G10ERR_RESOURCE_LIMIT;
     }
     if( dirty_count ) {
 	int n = dirty_count / 5; /* discard some dirty entries */
@@ -406,6 +411,28 @@ cleanup(void)
     }
 }
 
+static int
+create_version_record (void)
+{
+  TRUSTREC rec;
+  int rc;
+  
+  memset( &rec, 0, sizeof rec );
+  rec.r.ver.version = 3;
+  rec.r.ver.created = make_timestamp();
+  rec.r.ver.marginals =  opt.marginals_needed;
+  rec.r.ver.completes =  opt.completes_needed;
+  rec.r.ver.cert_depth = opt.max_cert_depth;
+  rec.rectype = RECTYPE_VER;
+  rec.recnum = 0;
+  rc = tdbio_write_record( &rec );
+  if( !rc )
+    tdbio_sync();
+  return rc;
+}
+
+
+
 int
 tdbio_set_dbname( const char *new_dbname, int create )
 {
@@ -416,20 +443,23 @@ tdbio_set_dbname( const char *new_dbname, int create )
 	atexit( cleanup );
 	initialized = 1;
     }
-    fname = new_dbname? gcry_xstrdup( new_dbname )
-		      : make_filename(opt.homedir, "trustdb.gpg", NULL );
+    fname = new_dbname? m_strdup( new_dbname )
+		      : make_filename(opt.homedir,
+		                      "trustdb" EXTSEP_S "gpg", NULL );
+
+    check_permissions(fname,0,0);
 
     if( access( fname, R_OK ) ) {
 	if( errno != ENOENT ) {
 	    log_error( _("%s: can't access: %s\n"), fname, strerror(errno) );
-	    gcry_free(fname);
-	    return GPGERR_TRUSTDB;
+	    m_free(fname);
+	    return G10ERR_TRUSTDB;
 	}
 	if( create ) {
 	    FILE *fp;
 	    TRUSTREC rec;
 	    int rc;
-	    char *p = strrchr( fname, '/' );
+	    char *p = strrchr( fname, DIRSEP_C );
 
 	    assert(p);
 	    *p = 0;
@@ -437,14 +467,22 @@ tdbio_set_dbname( const char *new_dbname, int create )
 		try_make_homedir( fname );
 		log_fatal( _("%s: directory does not exist!\n"), fname );
 	    }
-	    *p = '/';
+	    *p = DIRSEP_C;
 
+	    m_free(db_name);
+	    db_name = fname;
+#ifdef __riscos__
+	    if( !lockhandle )
+		lockhandle = create_dotlock( db_name );
+	    if( !lockhandle )
+		log_fatal( _("%s: can't create lock\n"), db_name );
+            if( make_dotlock( lockhandle, -1 ) )
+                log_fatal( _("%s: can't make lock\n"), db_name );
+#endif /* __riscos__ */
 	    fp =fopen( fname, "wb" );
 	    if( !fp )
 		log_fatal( _("%s: can't create: %s\n"), fname, strerror(errno) );
 	    fclose(fp);
-	    gcry_free(db_name);
-	    db_name = fname;
 	  #ifdef HAVE_DOSISH_SYSTEM
 	    db_fd = open( db_name, O_RDWR | O_BINARY );
 	  #else
@@ -453,25 +491,17 @@ tdbio_set_dbname( const char *new_dbname, int create )
 	    if( db_fd == -1 )
 		log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
 
+#ifndef __riscos__
 	    if( !lockhandle )
 		lockhandle = create_dotlock( db_name );
 	    if( !lockhandle )
 		log_fatal( _("%s: can't create lock\n"), db_name );
+#endif /* !__riscos__ */
 
-	    memset( &rec, 0, sizeof rec );
-	    rec.r.ver.version = 2;
-	    rec.r.ver.created = make_timestamp();
-	    rec.r.ver.marginals =  opt.marginals_needed;
-	    rec.r.ver.completes =  opt.completes_needed;
-	    rec.r.ver.cert_depth = opt.max_cert_depth;
-	    rec.rectype = RECTYPE_VER;
-	    rec.recnum = 0;
-	    rc = tdbio_write_record( &rec );
-	    if( !rc )
-		tdbio_sync();
+            rc = create_version_record ();
 	    if( rc )
 		log_fatal( _("%s: failed to create version record: %s"),
-						   fname, gpg_errstr(rc));
+						   fname, g10_errstr(rc));
 	    /* and read again to check that we are okay */
 	    if( tdbio_read_record( 0, &rec, RECTYPE_VER ) )
 		log_fatal( _("%s: invalid trustdb created\n"), db_name );
@@ -482,7 +512,7 @@ tdbio_set_dbname( const char *new_dbname, int create )
 	    return 0;
 	}
     }
-    gcry_free(db_name);
+    m_free(db_name);
     db_name = fname;
     return 0;
 }
@@ -499,27 +529,45 @@ tdbio_get_dbname()
 static void
 open_db()
 {
-    TRUSTREC rec;
-    assert( db_fd == -1 );
-
-    if( !lockhandle )
-	lockhandle = create_dotlock( db_name );
-    if( !lockhandle )
-	log_fatal( _("%s: can't create lock\n"), db_name );
-  #ifdef HAVE_DOSISH_SYSTEM
-    db_fd = open( db_name, O_RDWR | O_BINARY );
-  #else
-    db_fd = open( db_name, O_RDWR );
-  #endif
-    if( db_fd == -1 )
-	log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
-    if( tdbio_read_record( 0, &rec, RECTYPE_VER ) )
-	log_fatal( _("%s: invalid trustdb\n"), db_name );
+  byte buf[10];
+  int n;
+  TRUSTREC rec;
+
+  assert( db_fd == -1 );
+
+  if (!lockhandle )
+    lockhandle = create_dotlock( db_name );
+  if (!lockhandle )
+    log_fatal( _("%s: can't create lock\n"), db_name );
+#ifdef __riscos__
+  if (make_dotlock( lockhandle, -1 ) )
+    log_fatal( _("%s: can't make lock\n"), db_name );
+#endif /* __riscos__ */
+#ifdef HAVE_DOSISH_SYSTEM
+  db_fd = open (db_name, O_RDWR | O_BINARY );
+#else
+  db_fd = open (db_name, O_RDWR );
+#endif
+  if ( db_fd == -1 )
+    log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
+
+  /* check whether we need to do a version migration */
+  do
+    n = read (db_fd, buf, 5);
+  while (n==-1 && errno == EINTR);
+  if (n == 5 && !memcmp (buf, "\x01gpg\x02", 5))
+    {
+      migrate_from_v2 ();
+    }
+  
+  /* read the version record */
+  if (tdbio_read_record (0, &rec, RECTYPE_VER ) )
+    log_fatal( _("%s: invalid trustdb\n"), db_name );
 }
 
 
 /****************
- * Make a hashtable: type 0 = key hash, 1 = sdir hash
+ * Make a hashtable: type 0 = trust hash
  */
 static void
 create_hashtable( TRUSTREC *vr, int type )
@@ -536,9 +584,8 @@ create_hashtable( TRUSTREC *vr, int type )
     assert(recnum); /* this is will never be the first record */
 
     if( !type )
-	vr->r.ver.keyhashtbl = recnum;
-    else
-	vr->r.ver.sdirhashtbl = recnum;
+	vr->r.ver.trusthashtbl = recnum;
+
     /* Now write the records */
     n = (256+ITEMS_PER_HTBL_RECORD-1) / ITEMS_PER_HTBL_RECORD;
     for(i=0; i < n; i++, recnum++ ) {
@@ -548,7 +595,7 @@ create_hashtable( TRUSTREC *vr, int type )
 	 rc = tdbio_write_record( &rec );
 	 if( rc )
 	     log_fatal( _("%s: failed to create hashtable: %s\n"),
-					db_name, gpg_errstr(rc));
+					db_name, g10_errstr(rc));
     }
     /* update the version record */
     rc = tdbio_write_record( vr );
@@ -556,7 +603,7 @@ create_hashtable( TRUSTREC *vr, int type )
 	rc = tdbio_sync();
     if( rc )
 	log_fatal( _("%s: error updating version record: %s\n"),
-						  db_name, gpg_errstr(rc));
+						  db_name, g10_errstr(rc));
 }
 
 
@@ -572,7 +619,7 @@ tdbio_db_matches_options()
 	rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
 	if( rc )
 	    log_fatal( _("%s: error reading version record: %s\n"),
-						    db_name, gpg_errstr(rc) );
+						    db_name, g10_errstr(rc) );
 
 	if( !vr.r.ver.marginals && !vr.r.ver.completes
 				&& !vr.r.ver.cert_depth )
@@ -585,7 +632,7 @@ tdbio_db_matches_options()
 		rc = tdbio_sync();
 	    if( rc )
 		log_error( _("%s: error writing version record: %s\n"),
-						db_name, gpg_errstr(rc) );
+						db_name, g10_errstr(rc) );
 	}
 
 	yes_no = vr.r.ver.marginals == opt.marginals_needed
@@ -597,105 +644,70 @@ tdbio_db_matches_options()
 
 
 /****************
- * Return the modifiy stamp.
- * if modify_down is true, the modify_down stamp will be
- * returned, otherwise the modify_up stamp.
+ * Return the nextstamp value.
  */
 ulong
-tdbio_read_modify_stamp( int modify_down )
+tdbio_read_nextcheck ()
 {
     TRUSTREC vr;
     int rc;
-    ulong mod;
 
     rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
     if( rc )
 	log_fatal( _("%s: error reading version record: %s\n"),
-						    db_name, gpg_errstr(rc) );
-
-    mod = modify_down? vr.r.ver.mod_down : vr.r.ver.mod_up;
-
-    /* Always return at least 1 to make comparison easier;
-     * this is still far back in history (before Led Zeppelin III :-) */
-    return mod ? mod : 1;
+						    db_name, g10_errstr(rc) );
+    return vr.r.ver.nextcheck;
 }
 
-void
-tdbio_write_modify_stamp( int up, int down )
+/* Return true when the stamp was actually changed. */
+int
+tdbio_write_nextcheck (ulong stamp)
 {
     TRUSTREC vr;
     int rc;
-    ulong stamp;
-
-    if( !(up || down) )
-	return;
 
     rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
     if( rc )
 	log_fatal( _("%s: error reading version record: %s\n"),
-				       db_name, gpg_errstr(rc) );
+				       db_name, g10_errstr(rc) );
 
-    stamp = make_timestamp();
-    if( down )
-	vr.r.ver.mod_down = stamp;
-    if( up )
-	vr.r.ver.mod_up = stamp;
+    if (vr.r.ver.nextcheck == stamp)
+      return 0;
 
+    vr.r.ver.nextcheck = stamp;
     rc = tdbio_write_record( &vr );
     if( rc )
 	log_fatal( _("%s: error writing version record: %s\n"),
-				       db_name, gpg_errstr(rc) );
+				       db_name, g10_errstr(rc) );
+    return 1;
 }
 
 
+
 /****************
- * Return the record number of the keyhash tbl or create a new one.
+ * Return the record number of the trusthash tbl or create a new one.
  */
 static ulong
-get_keyhashrec(void)
+get_trusthashrec(void)
 {
-    static ulong keyhashtbl; /* record number of the key hashtable */
+    static ulong trusthashtbl; /* record number of the trust hashtable */
 
-    if( !keyhashtbl ) {
+    if( !trusthashtbl ) {
 	TRUSTREC vr;
 	int rc;
 
 	rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
 	if( rc )
 	    log_fatal( _("%s: error reading version record: %s\n"),
-					    db_name, gpg_errstr(rc) );
-	if( !vr.r.ver.keyhashtbl )
+					    db_name, g10_errstr(rc) );
+	if( !vr.r.ver.trusthashtbl )
 	    create_hashtable( &vr, 0 );
 
-	keyhashtbl = vr.r.ver.keyhashtbl;
+	trusthashtbl = vr.r.ver.trusthashtbl;
     }
-    return keyhashtbl;
+    return trusthashtbl;
 }
 
-/****************
- * Return the record number of the shadow direcory hash table
- * or create a new one.
- */
-static ulong
-get_sdirhashrec(void)
-{
-    static ulong sdirhashtbl; /* record number of the hashtable */
-
-    if( !sdirhashtbl ) {
-	TRUSTREC vr;
-	int rc;
-
-	rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
-	if( rc )
-	    log_fatal( _("%s: error reading version record: %s\n"),
-						    db_name, gpg_errstr(rc) );
-	if( !vr.r.ver.sdirhashtbl )
-	    create_hashtable( &vr, 1 );
-
-	sdirhashtbl = vr.r.ver.sdirhashtbl;
-    }
-    return sdirhashtbl;
-}
 
 
 /****************
@@ -719,7 +731,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
     rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
     if( rc ) {
 	log_error( db_name, "upd_hashtable: read failed: %s\n",
-							gpg_errstr(rc) );
+							g10_errstr(rc) );
 	return rc;
     }
 
@@ -729,7 +741,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 	rc = tdbio_write_record( &rec );
 	if( rc ) {
 	    log_error( db_name, "upd_hashtable: write htbl failed: %s\n",
-							    gpg_errstr(rc) );
+							    g10_errstr(rc) );
 	    return rc;
 	}
     }
@@ -738,7 +750,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 	rc = tdbio_read_record( item, &rec, 0 );
 	if( rc ) {
 	    log_error( "upd_hashtable: read item failed: %s\n",
-							    gpg_errstr(rc) );
+							    g10_errstr(rc) );
 	    return rc;
 	}
 
@@ -747,7 +759,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 	    level++;
 	    if( level >= keylen ) {
 		log_error( "hashtable has invalid indirections.\n");
-		return GPGERR_TRUSTDB;
+		return G10ERR_TRUSTDB;
 	    }
 	    goto next_level;
 	}
@@ -763,8 +775,8 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 		    rc = tdbio_read_record( rec.r.hlst.next,
 						       &rec, RECTYPE_HLST);
 		    if( rc ) {
-			log_error( "scan keyhashtbl read hlst failed: %s\n",
-							     gpg_errstr(rc) );
+			log_error( "upd_hashtable: read hlst failed: %s\n",
+							     g10_errstr(rc) );
 			return rc;
 		    }
 		}
@@ -779,7 +791,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 			rc = tdbio_write_record( &rec );
 			if( rc )
 			    log_error( "upd_hashtable: write hlst failed: %s\n",
-							      gpg_errstr(rc) );
+							      g10_errstr(rc) );
 			return rc; /* done */
 		    }
 		}
@@ -788,7 +800,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 						      &rec, RECTYPE_HLST );
 		    if( rc ) {
 			log_error( "upd_hashtable: read hlst failed: %s\n",
-							     gpg_errstr(rc) );
+							     g10_errstr(rc) );
 			return rc;
 		    }
 		}
@@ -797,7 +809,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 		    rc = tdbio_write_record( &rec );
 		    if( rc ) {
 			log_error( "upd_hashtable: write hlst failed: %s\n",
-							  gpg_errstr(rc) );
+							  g10_errstr(rc) );
 			return rc;
 		    }
 		    memset( &rec, 0, sizeof rec );
@@ -807,14 +819,12 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 		    rc = tdbio_write_record( &rec );
 		    if( rc )
 			log_error( "upd_hashtable: write ext hlst failed: %s\n",
-							  gpg_errstr(rc) );
+							  g10_errstr(rc) );
 		    return rc; /* done */
 		}
 	    } /* end loop over hlst slots */
 	}
-	else if( rec.rectype == RECTYPE_KEY
-		 || rec.rectype == RECTYPE_DIR
-		 || rec.rectype == RECTYPE_SDIR ) { /* insert a list record */
+	else if( rec.rectype == RECTYPE_TRUST ) { /* insert a list record */
 	    if( rec.recnum == newrecnum ) {
 		return 0;
 	    }
@@ -827,7 +837,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 	    rc = tdbio_write_record( &rec );
 	    if( rc ) {
 		log_error( "upd_hashtable: write new hlst failed: %s\n",
-						  gpg_errstr(rc) );
+						  g10_errstr(rc) );
 		return rc;
 	    }
 	    /* update the hashtable record */
@@ -835,14 +845,14 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 	    rc = tdbio_write_record( &lastrec );
 	    if( rc )
 		log_error( "upd_hashtable: update htbl failed: %s\n",
-							     gpg_errstr(rc) );
+							     g10_errstr(rc) );
 	    return rc; /* ready */
 	}
 	else {
 	    log_error( "hashtbl %lu: %lu/%d points to an invalid record %lu\n",
 		       table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
 	    list_trustdb(NULL);
-	    return GPGERR_TRUSTDB;
+	    return G10ERR_TRUSTDB;
 	}
     }
 
@@ -870,7 +880,7 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum )
     rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
     if( rc ) {
 	log_error( db_name, "drop_from_hashtable: read failed: %s\n",
-							gpg_errstr(rc) );
+							g10_errstr(rc) );
 	return rc;
     }
 
@@ -883,14 +893,14 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum )
 	rc = tdbio_write_record( &rec );
 	if( rc )
 	    log_error( db_name, "drop_from_hashtable: write htbl failed: %s\n",
-							    gpg_errstr(rc) );
+							    g10_errstr(rc) );
 	return rc;
     }
 
     rc = tdbio_read_record( item, &rec, 0 );
     if( rc ) {
 	log_error( "drop_from_hashtable: read item failed: %s\n",
-							gpg_errstr(rc) );
+							g10_errstr(rc) );
 	return rc;
     }
 
@@ -899,7 +909,7 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum )
 	level++;
 	if( level >= keylen ) {
 	    log_error( "hashtable has invalid indirections.\n");
-	    return GPGERR_TRUSTDB;
+	    return G10ERR_TRUSTDB;
 	}
 	goto next_level;
     }
@@ -912,7 +922,7 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum )
 		    rc = tdbio_write_record( &rec );
 		    if( rc )
 			log_error( db_name, "drop_from_hashtable: write htbl failed: %s\n",
-									gpg_errstr(rc) );
+									g10_errstr(rc) );
 		    return rc;
 		}
 	    }
@@ -920,8 +930,8 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum )
 		rc = tdbio_read_record( rec.r.hlst.next,
 						   &rec, RECTYPE_HLST);
 		if( rc ) {
-		    log_error( "scan keyhashtbl read hlst failed: %s\n",
-							 gpg_errstr(rc) );
+		    log_error( "drop_from_hashtable: read hlst failed: %s\n",
+							 g10_errstr(rc) );
 		    return rc;
 		}
 	    }
@@ -932,7 +942,7 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum )
 
     log_error( "hashtbl %lu: %lu/%d points to wrong record %lu\n",
 		    table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
-    return GPGERR_TRUSTDB;
+    return G10ERR_TRUSTDB;
 }
 
 
@@ -958,7 +968,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
     hashrec += msb / ITEMS_PER_HTBL_RECORD;
     rc = tdbio_read_record( hashrec, rec, RECTYPE_HTBL );
     if( rc ) {
-	log_error( db_name, "lookup_hashtable failed: %s\n", gpg_errstr(rc) );
+	log_error( db_name, "lookup_hashtable failed: %s\n", g10_errstr(rc) );
 	return rc;
     }
 
@@ -968,7 +978,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
 
     rc = tdbio_read_record( item, rec, 0 );
     if( rc ) {
-	log_error( db_name, "hashtable read failed: %s\n", gpg_errstr(rc) );
+	log_error( db_name, "hashtable read failed: %s\n", g10_errstr(rc) );
 	return rc;
     }
     if( rec->rectype == RECTYPE_HTBL ) {
@@ -976,7 +986,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
 	level++;
 	if( level >= keylen ) {
 	    log_error( db_name, "hashtable has invalid indirections\n");
-	    return GPGERR_TRUSTDB;
+	    return G10ERR_TRUSTDB;
 	}
 	goto next_level;
     }
@@ -991,7 +1001,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
 		    rc = tdbio_read_record( rec->r.hlst.rnum[i], &tmp, 0 );
 		    if( rc ) {
 			log_error( "lookup_hashtable: read item failed: %s\n",
-							      gpg_errstr(rc) );
+							      g10_errstr(rc) );
 			return rc;
 		    }
 		    if( (*cmpfnc)( cmpdata, &tmp ) ) {
@@ -1004,7 +1014,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
 		rc = tdbio_read_record( rec->r.hlst.next, rec, RECTYPE_HLST );
 		if( rc ) {
 		    log_error( "lookup_hashtable: read hlst failed: %s\n",
-							 gpg_errstr(rc) );
+							 g10_errstr(rc) );
 		    return rc;
 		}
 	    }
@@ -1021,57 +1031,16 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
 }
 
 
-
-
 /****************
- * Update the key hashtbl or create the table if it does not exist
+ * Update the trust hashtbl or create the table if it does not exist
  */
 static int
-update_keyhashtbl( TRUSTREC *kr )
+update_trusthashtbl( TRUSTREC *tr )
 {
-    return upd_hashtable( get_keyhashrec(),
-			  kr->r.key.fingerprint,
-			  kr->r.key.fingerprint_len, kr->recnum );
+    return upd_hashtable( get_trusthashrec(),
+			  tr->r.trust.fingerprint, 20, tr->recnum );
 }
 
-/****************
- * Update the shadow dir hashtbl or create the table if it does not exist
- */
-static int
-update_sdirhashtbl( TRUSTREC *sr )
-{
-    byte key[8];
-
-    u32tobuf( key   , sr->r.sdir.keyid[0] );
-    u32tobuf( key+4 , sr->r.sdir.keyid[1] );
-    return upd_hashtable( get_sdirhashrec(), key, 8, sr->recnum );
-}
-
-/****************
- * Drop the records from the key-hashtbl
- */
-static int
-drop_from_keyhashtbl( TRUSTREC *kr )
-{
-    return drop_from_hashtable( get_keyhashrec(),
-				kr->r.key.fingerprint,
-				kr->r.key.fingerprint_len, kr->recnum );
-}
-
-/****************
- * Drop record drom the shadow dir hashtbl
- */
-static int
-drop_from_sdirhashtbl( TRUSTREC *sr )
-{
-    byte key[8];
-
-    u32tobuf( key   , sr->r.sdir.keyid[0] );
-    u32tobuf( key+4 , sr->r.sdir.keyid[1] );
-    return drop_from_hashtable( get_sdirhashrec(), key, 8, sr->recnum );
-}
-
-
 
 
 void
@@ -1079,7 +1048,6 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp  )
 {
     int i;
     ulong rnum = rec->recnum;
-    byte *p;
 
     fprintf(fp, "rec %5lu, ", rnum );
 
@@ -1087,116 +1055,18 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp  )
       case 0: fprintf(fp, "blank\n");
 	break;
       case RECTYPE_VER: fprintf(fp,
-	    "version, kd=%lu, sd=%lu, free=%lu, m/c/d=%d/%d/%d down=%s",
-	    rec->r.ver.keyhashtbl, rec->r.ver.sdirhashtbl,
+	    "version, td=%lu, f=%lu, m/c/d=%d/%d/%d nc=%lu (%s)\n",
+                                   rec->r.ver.trusthashtbl,
 				   rec->r.ver.firstfree,
 				   rec->r.ver.marginals,
 				   rec->r.ver.completes,
 				   rec->r.ver.cert_depth,
-				   strtimestamp(rec->r.ver.mod_down) );
-	    fprintf(fp, ", up=%s\n", strtimestamp(rec->r.ver.mod_up) );
+                                   rec->r.ver.nextcheck,
+				   strtimestamp(rec->r.ver.nextcheck)
+                                 );
 	break;
       case RECTYPE_FREE: fprintf(fp, "free, next=%lu\n", rec->r.free.next );
 	break;
-      case RECTYPE_DIR:
-	fprintf(fp, "dir %lu, keys=%lu, uids=%lu, t=%02x",
-		    rec->r.dir.lid,
-		    rec->r.dir.keylist,
-		    rec->r.dir.uidlist,
-		    rec->r.dir.ownertrust );
-	if( rec->r.dir.valcheck )
-	    fprintf( fp, ", v=%02x/%s", rec->r.dir.validity,
-					strtimestamp(rec->r.dir.valcheck) );
-	if( rec->r.dir.checkat )
-	    fprintf( fp, ", a=%s", strtimestamp(rec->r.dir.checkat) );
-	if( rec->r.dir.dirflags & DIRF_CHECKED ) {
-	    if( rec->r.dir.dirflags & DIRF_VALID )
-		fputs(", valid", fp );
-	    if( rec->r.dir.dirflags & DIRF_EXPIRED )
-		fputs(", expired", fp );
-	    if( rec->r.dir.dirflags & DIRF_REVOKED )
-		fputs(", revoked", fp );
-	    if( rec->r.dir.dirflags & DIRF_NEWKEYS )
-		fputs(", newkeys", fp );
-	}
-	putc('\n', fp);
-	break;
-      case RECTYPE_KEY:
-	fprintf(fp, "key %lu, n=%lu a=%d ",
-		   rec->r.key.lid,
-		   rec->r.key.next,
-		   rec->r.key.pubkey_algo );
-	for(i=0; i < rec->r.key.fingerprint_len; i++ )
-	    fprintf(fp, "%02X", rec->r.key.fingerprint[i] );
-	if( rec->r.key.keyflags & KEYF_CHECKED ) {
-	    if( rec->r.key.keyflags & KEYF_VALID )
-		fputs(", valid", fp );
-	    if( rec->r.key.keyflags & KEYF_EXPIRED )
-		fputs(", expired", fp );
-	    if( rec->r.key.keyflags & KEYF_REVOKED )
-		fputs(", revoked", fp );
-	}
-	putc('\n', fp);
-	break;
-      case RECTYPE_UID:
-	fprintf(fp, "uid %lu, next=%lu, pref=%lu, sig=%lu, hash=%02X%02X",
-		    rec->r.uid.lid,
-		    rec->r.uid.next,
-		    rec->r.uid.prefrec,
-		    rec->r.uid.siglist,
-		    rec->r.uid.namehash[18], rec->r.uid.namehash[19]);
-	fprintf( fp, ", v=%02x", rec->r.uid.validity );
-	if( rec->r.uid.uidflags & UIDF_CHECKED ) {
-	    if( rec->r.uid.uidflags & UIDF_VALID )
-		fputs(", valid", fp );
-	    if( rec->r.uid.uidflags & UIDF_REVOKED )
-		fputs(", revoked", fp );
-	}
-	putc('\n', fp);
-	break;
-      case RECTYPE_PREF:
-	fprintf(fp, "pref %lu, next=%lu,",
-		    rec->r.pref.lid, rec->r.pref.next);
-	for(i=0,p=rec->r.pref.data; i < ITEMS_PER_PREF_RECORD; i+=2,p+=2 ) {
-	    if( *p )
-		fprintf(fp, " %c%d", *p == PREFTYPE_SYM    ? 'S' :
-				     *p == PREFTYPE_HASH   ? 'H' :
-				     *p == PREFTYPE_COMPR  ? 'Z' : '?', p[1]);
-	}
-	putc('\n', fp);
-	break;
-      case RECTYPE_SIG:
-	fprintf(fp, "sig %lu, next=%lu,",
-			 rec->r.sig.lid, rec->r.sig.next );
-	for(i=0; i < SIGS_PER_RECORD; i++ ) {
-	    if( rec->r.sig.sig[i].lid ) {
-		fprintf(fp, " %lu:", rec->r.sig.sig[i].lid );
-		if( rec->r.sig.sig[i].flag & SIGF_CHECKED ) {
-		    fprintf(fp,"%c%c%c",
-		       (rec->r.sig.sig[i].flag & SIGF_VALID)   ? 'V':
-		       (rec->r.sig.sig[i].flag & SIGF_IGNORED) ? 'I':'-',
-		       (rec->r.sig.sig[i].flag & SIGF_EXPIRED) ? 'E':'-',
-		       (rec->r.sig.sig[i].flag & SIGF_REVOKED) ? 'R':'-');
-		}
-		else if( rec->r.sig.sig[i].flag & SIGF_NOPUBKEY)
-		    fputs("?--", fp);
-		else
-		    fputs("---", fp);
-	    }
-	}
-	putc('\n', fp);
-	break;
-      case RECTYPE_SDIR:
-	fprintf(fp, "sdir %lu, keyid=%08lX%08lX, algo=%d, hint=%lu\n",
-		    rec->r.sdir.lid,
-		    (ulong)rec->r.sdir.keyid[0],
-		    (ulong)rec->r.sdir.keyid[1],
-		    rec->r.sdir.pubkey_algo,
-		    (ulong)rec->r.sdir.hintlist );
-	break;
-      case RECTYPE_CACH:
-	fprintf(fp, "cach\n");
-	break;
       case RECTYPE_HTBL:
 	fprintf(fp, "htbl,");
 	for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ )
@@ -1209,6 +1079,20 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp  )
 	    fprintf(fp, " %lu", rec->r.hlst.rnum[i] );
 	putc('\n', fp);
 	break;
+      case RECTYPE_TRUST:
+	fprintf(fp, "trust ");
+	for(i=0; i < 20; i++ )
+	    fprintf(fp, "%02X", rec->r.trust.fingerprint[i] );
+        fprintf (fp, ", ot=%d, d=%d, vl=%lu\n", rec->r.trust.ownertrust,
+                 rec->r.trust.depth, rec->r.trust.validlist);
+	break;
+      case RECTYPE_VALID:
+	fprintf(fp, "valid ");
+	for(i=0; i < 20; i++ )
+	    fprintf(fp, "%02X", rec->r.valid.namehash[i] );
+        fprintf (fp, ", v=%d, next=%lu\n", rec->r.valid.validity,
+                 rec->r.valid.next);
+	break;
       default:
 	fprintf(fp, "unknown type %d\n", rec->rectype );
 	break;
@@ -1233,7 +1117,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
     if( !buf ) {
 	if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
 	    log_error(_("trustdb: lseek failed: %s\n"), strerror(errno) );
-	    return GPGERR_READ_FILE;
+	    return G10ERR_READ_FILE;
 	}
 	n = read( db_fd, readbuf, TRUST_RECORD_LEN);
 	if( !n ) {
@@ -1242,7 +1126,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
 	else if( n != TRUST_RECORD_LEN ) {
 	    log_error(_("trustdb: read failed (n=%d): %s\n"), n,
 							strerror(errno) );
-	    return GPGERR_READ_FILE;
+	    return G10ERR_READ_FILE;
 	}
 	buf = readbuf;
     }
@@ -1253,7 +1137,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
     if( expected && rec->rectype != expected ) {
 	log_error("%lu: read expected rec type %d, got %d\n",
 		    recnum, expected, rec->rectype );
-	return GPGERR_TRUSTDB;
+	return G10ERR_TRUSTDB;
     }
     p++;    /* skip reserved byte */
     switch( rec->rectype ) {
@@ -1262,123 +1146,35 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
       case RECTYPE_VER: /* version record */
 	if( memcmp(buf+1, "gpg", 3 ) ) {
 	    log_error( _("%s: not a trustdb file\n"), db_name );
-	    rc = GPGERR_TRUSTDB;
+	    rc = G10ERR_TRUSTDB;
 	}
-	p += 2; /* skip "pgp" */
+	p += 2; /* skip "gpg" */
 	rec->r.ver.version  = *p++;
 	rec->r.ver.marginals = *p++;
 	rec->r.ver.completes = *p++;
 	rec->r.ver.cert_depth = *p++;
 	p += 4; /* lock flags */
 	rec->r.ver.created  = buftoulong(p); p += 4;
-	rec->r.ver.mod_down = buftoulong(p); p += 4;
-	rec->r.ver.mod_up   = buftoulong(p); p += 4;
-	rec->r.ver.keyhashtbl=buftoulong(p); p += 4;
+	rec->r.ver.nextcheck = buftoulong(p); p += 4;
+	p += 4;
+	p += 4;
 	rec->r.ver.firstfree =buftoulong(p); p += 4;
-	rec->r.ver.sdirhashtbl =buftoulong(p); p += 4;
+	p += 4;
+	rec->r.ver.trusthashtbl =buftoulong(p); p += 4;
 	if( recnum ) {
 	    log_error( _("%s: version record with recnum %lu\n"), db_name,
 							     (ulong)recnum );
-	    rc = GPGERR_TRUSTDB;
+	    rc = G10ERR_TRUSTDB;
 	}
-	else if( rec->r.ver.version != 2 ) {
+	else if( rec->r.ver.version != 3 ) {
 	    log_error( _("%s: invalid file version %d\n"), db_name,
 							rec->r.ver.version );
-	    rc = GPGERR_TRUSTDB;
+	    rc = G10ERR_TRUSTDB;
 	}
 	break;
       case RECTYPE_FREE:
 	rec->r.free.next  = buftoulong(p); p += 4;
 	break;
-      case RECTYPE_DIR:   /*directory record */
-	rec->r.dir.lid	    = buftoulong(p); p += 4;
-	rec->r.dir.keylist  = buftoulong(p); p += 4;
-	rec->r.dir.uidlist  = buftoulong(p); p += 4;
-	rec->r.dir.cacherec = buftoulong(p); p += 4;
-	rec->r.dir.ownertrust = *p++;
-	rec->r.dir.dirflags   = *p++;
-	rec->r.dir.validity   = *p++;
-	rec->r.dir.valcheck   = buftoulong(p); p += 4;
-	rec->r.dir.checkat    = buftoulong(p); p += 4;
-	switch( rec->r.dir.validity ) {
-	  case 0:
-	  case TRUST_UNDEFINED:
-	  case TRUST_NEVER:
-	  case TRUST_MARGINAL:
-	  case TRUST_FULLY:
-	  case TRUST_ULTIMATE:
-	    break;
-	  default:
-	    log_info("lid %lu: invalid validity value - cleared\n", recnum);
-	}
-	if( rec->r.dir.lid != recnum ) {
-	    log_error( "%s: dir LID != recnum (%lu,%lu)\n",
-			      db_name, rec->r.dir.lid, (ulong)recnum );
-	    rc = GPGERR_TRUSTDB;
-	}
-	break;
-      case RECTYPE_KEY:   /* public key record */
-	rec->r.key.lid	    = buftoulong(p); p += 4;
-	rec->r.key.next     = buftoulong(p); p += 4;
-	p += 7;
-	rec->r.key.keyflags = *p++;
-	rec->r.key.pubkey_algo = *p++;
-	rec->r.key.fingerprint_len = *p++;
-	if( rec->r.key.fingerprint_len < 1 || rec->r.key.fingerprint_len > 20 )
-	    rec->r.key.fingerprint_len = 20;
-	memcpy( rec->r.key.fingerprint, p, 20);
-	break;
-      case RECTYPE_UID:   /* user id record */
-	rec->r.uid.lid	    = buftoulong(p); p += 4;
-	rec->r.uid.next     = buftoulong(p); p += 4;
-	rec->r.uid.prefrec  = buftoulong(p); p += 4;
-	rec->r.uid.siglist  = buftoulong(p); p += 4;
-	rec->r.uid.uidflags = *p++;
-	rec->r.uid.validity   = *p++;
-	switch( rec->r.uid.validity ) {
-	  case 0:
-	  case TRUST_UNDEFINED:
-	  case TRUST_NEVER:
-	  case TRUST_MARGINAL:
-	  case TRUST_FULLY:
-	  case TRUST_ULTIMATE:
-	    break;
-	  default:
-	    log_info("lid %lu: invalid validity value - cleared\n", recnum);
-	}
-	memcpy( rec->r.uid.namehash, p, 20);
-	break;
-      case RECTYPE_PREF:  /* preference record */
-	rec->r.pref.lid     = buftoulong(p); p += 4;
-	rec->r.pref.next    = buftoulong(p); p += 4;
-	memcpy( rec->r.pref.data, p, 30 );
-	break;
-      case RECTYPE_SIG:
-	rec->r.sig.lid	   = buftoulong(p); p += 4;
-	rec->r.sig.next    = buftoulong(p); p += 4;
-	for(i=0; i < SIGS_PER_RECORD; i++ ) {
-	    rec->r.sig.sig[i].lid  = buftoulong(p); p += 4;
-	    rec->r.sig.sig[i].flag = *p++;
-	}
-	break;
-      case RECTYPE_SDIR:   /* shadow directory record */
-	rec->r.sdir.lid     = buftoulong(p); p += 4;
-	rec->r.sdir.keyid[0]= buftou32(p); p += 4;
-	rec->r.sdir.keyid[1]= buftou32(p); p += 4;
-	rec->r.sdir.pubkey_algo = *p++;
-	p += 3;
-	rec->r.sdir.hintlist = buftoulong(p);
-	if( rec->r.sdir.lid != recnum ) {
-	    log_error( "%s: sdir LID != recnum (%lu,%lu)\n",
-			       db_name, rec->r.sdir.lid, (ulong)recnum );
-	    rc = GPGERR_TRUSTDB;
-	}
-	break;
-      case RECTYPE_CACH:   /* cache record */
-	rec->r.cache.lid    = buftoulong(p); p += 4;
-	memcpy(rec->r.cache.blockhash, p, 20); p += 20;
-	rec->r.cache.trustlevel = *p++;
-	break;
       case RECTYPE_HTBL:
 	for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
 	    rec->r.htbl.item[i] = buftoulong(p); p += 4;
@@ -1390,10 +1186,22 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
 	    rec->r.hlst.rnum[i] = buftoulong(p); p += 4;
 	}
 	break;
+      case RECTYPE_TRUST:
+	memcpy( rec->r.trust.fingerprint, p, 20); p+=20;
+        rec->r.trust.ownertrust = *p++;
+        rec->r.trust.depth = *p++;
+        p += 2;
+	rec->r.trust.validlist  = buftoulong(p); p += 4;
+	break;
+      case RECTYPE_VALID:
+	memcpy( rec->r.valid.namehash, p, 20); p+=20;
+        rec->r.valid.validity = *p++;
+	rec->r.valid.next = buftoulong(p); p += 4;
+	break;
       default:
 	log_error( "%s: invalid record type %d at recnum %lu\n",
 				   db_name, rec->rectype, (ulong)recnum );
-	rc = GPGERR_TRUSTDB;
+	rc = G10ERR_TRUSTDB;
 	break;
     }
 
@@ -1430,79 +1238,18 @@ tdbio_write_record( TRUSTREC *rec )
 	*p++ = rec->r.ver.cert_depth;
 	p += 4; /* skip lock flags */
 	ulongtobuf(p, rec->r.ver.created); p += 4;
-	ulongtobuf(p, rec->r.ver.mod_down); p += 4;
-	ulongtobuf(p, rec->r.ver.mod_up); p += 4;
-	ulongtobuf(p, rec->r.ver.keyhashtbl); p += 4;
+	ulongtobuf(p, rec->r.ver.nextcheck); p += 4;
+	p += 4;
+	p += 4;
 	ulongtobuf(p, rec->r.ver.firstfree ); p += 4;
-	ulongtobuf(p, rec->r.ver.sdirhashtbl ); p += 4;
+	p += 4;
+	ulongtobuf(p, rec->r.ver.trusthashtbl ); p += 4;
 	break;
 
       case RECTYPE_FREE:
 	ulongtobuf(p, rec->r.free.next); p += 4;
 	break;
 
-      case RECTYPE_DIR:   /*directory record */
-	ulongtobuf(p, rec->r.dir.lid); p += 4;
-	ulongtobuf(p, rec->r.dir.keylist); p += 4;
-	ulongtobuf(p, rec->r.dir.uidlist); p += 4;
-	ulongtobuf(p, rec->r.dir.cacherec); p += 4;
-	*p++ = rec->r.dir.ownertrust;
-	*p++ = rec->r.dir.dirflags;
-	*p++ = rec->r.dir.validity;
-	ulongtobuf(p, rec->r.dir.valcheck); p += 4;
-	ulongtobuf(p, rec->r.dir.checkat); p += 4;
-	assert( rec->r.dir.lid == recnum );
-	break;
-
-      case RECTYPE_KEY:
-	ulongtobuf(p, rec->r.key.lid); p += 4;
-	ulongtobuf(p, rec->r.key.next); p += 4;
-	p += 7;
-	*p++ = rec->r.key.keyflags;
-	*p++ = rec->r.key.pubkey_algo;
-	*p++ = rec->r.key.fingerprint_len;
-	memcpy( p, rec->r.key.fingerprint, 20); p += 20;
-	break;
-
-      case RECTYPE_UID:   /* user id record */
-	ulongtobuf(p, rec->r.uid.lid); p += 4;
-	ulongtobuf(p, rec->r.uid.next); p += 4;
-	ulongtobuf(p, rec->r.uid.prefrec); p += 4;
-	ulongtobuf(p, rec->r.uid.siglist); p += 4;
-	*p++ = rec->r.uid.uidflags;
-	*p++ = rec->r.uid.validity;
-	memcpy( p, rec->r.uid.namehash, 20 ); p += 20;
-	break;
-
-      case RECTYPE_PREF:
-	ulongtobuf(p, rec->r.pref.lid); p += 4;
-	ulongtobuf(p, rec->r.pref.next); p += 4;
-	memcpy( p, rec->r.pref.data, 30 );
-	break;
-
-      case RECTYPE_SIG:
-	ulongtobuf(p, rec->r.sig.lid); p += 4;
-	ulongtobuf(p, rec->r.sig.next); p += 4;
-	for(i=0; i < SIGS_PER_RECORD; i++ ) {
-	    ulongtobuf(p, rec->r.sig.sig[i].lid); p += 4;
-	    *p++ = rec->r.sig.sig[i].flag;
-	}
-	break;
-
-      case RECTYPE_SDIR:
-	ulongtobuf( p, rec->r.sdir.lid); p += 4;
-	u32tobuf( p, rec->r.sdir.keyid[0] ); p += 4;
-	u32tobuf( p, rec->r.sdir.keyid[1] ); p += 4;
-	*p++ = rec->r.sdir.pubkey_algo;
-	p += 3;
-	ulongtobuf( p, rec->r.sdir.hintlist );
-	break;
-
-      case RECTYPE_CACH:
-	ulongtobuf(p, rec->r.cache.lid); p += 4;
-	memcpy(p, rec->r.cache.blockhash, 20); p += 20;
-	*p++ = rec->r.cache.trustlevel;
-	break;
 
       case RECTYPE_HTBL:
 	for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
@@ -1517,6 +1264,20 @@ tdbio_write_record( TRUSTREC *rec )
 	}
 	break;
 
+      case RECTYPE_TRUST:
+	memcpy( p, rec->r.trust.fingerprint, 20); p += 20;
+	*p++ = rec->r.trust.ownertrust;
+	*p++ = rec->r.trust.depth;
+        p += 2;
+	ulongtobuf( p, rec->r.trust.validlist); p += 4;
+	break;
+
+      case RECTYPE_VALID:
+	memcpy( p, rec->r.valid.namehash, 20); p += 20;
+	*p++ = rec->r.valid.validity;
+	ulongtobuf( p, rec->r.valid.next); p += 4;
+	break;
+
       default:
 	BUG();
     }
@@ -1524,10 +1285,8 @@ tdbio_write_record( TRUSTREC *rec )
     rc = put_record_into_cache( recnum, buf );
     if( rc )
 	;
-    else if( rec->rectype == RECTYPE_KEY )
-	rc = update_keyhashtbl( rec );
-    else if( rec->rectype == RECTYPE_SDIR )
-	rc = update_sdirhashtbl( rec );
+    else if( rec->rectype == RECTYPE_TRUST )
+	rc = update_trusthashtbl( rec );
 
     return rc;
 }
@@ -1542,10 +1301,10 @@ tdbio_delete_record( ulong recnum )
     rc = tdbio_read_record( recnum, &rec, 0 );
     if( rc )
 	;
-    else if( rec.rectype == RECTYPE_KEY )
-	rc = drop_from_keyhashtbl( &rec );
-    else if( rec.rectype == RECTYPE_SDIR )
-	rc = drop_from_sdirhashtbl( &rec );
+    else if( rec.rectype == RECTYPE_TRUST ) {
+         rc = drop_from_hashtable( get_trusthashrec(),
+				   rec.r.trust.fingerprint, 20, rec.recnum );
+    }
 
     if( rc )
 	return rc;
@@ -1554,7 +1313,7 @@ tdbio_delete_record( ulong recnum )
     rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
     if( rc )
 	log_fatal( _("%s: error reading version record: %s\n"),
-				       db_name, gpg_errstr(rc) );
+				       db_name, g10_errstr(rc) );
 
     rec.recnum = recnum;
     rec.rectype = RECTYPE_FREE;
@@ -1581,13 +1340,13 @@ tdbio_new_recnum()
     rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
     if( rc )
 	log_fatal( _("%s: error reading version record: %s\n"),
-					     db_name, gpg_errstr(rc) );
+					     db_name, g10_errstr(rc) );
     if( vr.r.ver.firstfree ) {
 	recnum = vr.r.ver.firstfree;
 	rc = tdbio_read_record( recnum, &rec, RECTYPE_FREE );
 	if( rc ) {
 	    log_error( _("%s: error reading free record: %s\n"),
-						  db_name,  gpg_errstr(rc) );
+						  db_name,  g10_errstr(rc) );
 	    return rc;
 	}
 	/* update dir record */
@@ -1595,7 +1354,7 @@ tdbio_new_recnum()
 	rc = tdbio_write_record( &vr );
 	if( rc ) {
 	    log_error( _("%s: error writing dir record: %s\n"),
-						     db_name, gpg_errstr(rc) );
+						     db_name, g10_errstr(rc) );
 	    return rc;
 	}
 	/*zero out the new record */
@@ -1605,7 +1364,7 @@ tdbio_new_recnum()
 	rc = tdbio_write_record( &rec );
 	if( rc )
 	    log_fatal(_("%s: failed to zero a record: %s\n"),
-				       db_name, gpg_errstr(rc));
+				       db_name, g10_errstr(rc));
     }
     else { /* not found, append a new record */
 	offset = lseek( db_fd, 0, SEEK_END );
@@ -1622,131 +1381,193 @@ tdbio_new_recnum()
 	if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
 	    log_error(_("trustdb rec %lu: lseek failed: %s\n"),
 						recnum, strerror(errno) );
-	    rc = GPGERR_WRITE_FILE;
+	    rc = G10ERR_WRITE_FILE;
 	}
 	else {
 	    int n = write( db_fd, &rec, TRUST_RECORD_LEN);
 	    if( n != TRUST_RECORD_LEN ) {
 		log_error(_("trustdb rec %lu: write failed (n=%d): %s\n"),
 						 recnum, n, strerror(errno) );
-		rc = GPGERR_WRITE_FILE;
+		rc = G10ERR_WRITE_FILE;
 	    }
 	}
 
 	if( rc )
 	    log_fatal(_("%s: failed to append a record: %s\n"),
-				    db_name,	gpg_errstr(rc));
+				    db_name,	g10_errstr(rc));
     }
     return recnum ;
 }
 
 
 
-/****************
- * Search the trustdb for a key which matches PK and return the dir record
- * The local_id of PK is set to the correct value
- */
-int
-tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec )
-{
-    byte fingerprint[MAX_FINGERPRINT_LEN];
-    size_t fingerlen;
-    u32 keyid[2];
-    int rc;
-
-    keyid_from_pk( pk, keyid );
-    fingerprint_from_pk( pk, fingerprint, &fingerlen );
-    rc = tdbio_search_dir_byfpr( fingerprint, fingerlen,
-				 pk->pubkey_algo, rec );
-
-    if( !rc ) {
-	if( pk->local_id && pk->local_id != rec->recnum )
-	    log_error("%s: found record, but LID from memory does "
-		       "not match recnum (%lu,%lu)\n",
-			    db_name,  pk->local_id, rec->recnum );
-	pk->local_id = rec->recnum;
-    }
-    return rc;
-}
-
-
 static int
-cmp_krec_fpr( void *dataptr, const TRUSTREC *rec )
+cmp_trec_fpr ( void *fpr, const TRUSTREC *rec )
 {
-    const struct cmp_krec_fpr_struct *d = dataptr;
-
-    return rec->rectype == RECTYPE_KEY
-	   && ( !d->pubkey_algo || rec->r.key.pubkey_algo == d->pubkey_algo )
-	   && rec->r.key.fingerprint_len == d->fprlen
-	   && !memcmp( rec->r.key.fingerprint, d->fpr, d->fprlen );
+    return rec->rectype == RECTYPE_TRUST
+	   && !memcmp( rec->r.trust.fingerprint, fpr, 20);
 }
 
+
 int
-tdbio_search_dir_byfpr( const byte *fingerprint, size_t fingerlen,
-			int pubkey_algo, TRUSTREC *rec )
+tdbio_search_trust_byfpr( const byte *fingerprint, TRUSTREC *rec )
 {
-    struct cmp_krec_fpr_struct cmpdata;
-    ulong recnum;
     int rc;
 
-    assert( fingerlen == 20 || fingerlen == 16 );
-
-    /* locate the key using the hash table */
-    cmpdata.pubkey_algo = pubkey_algo;
-    cmpdata.fpr = fingerprint;
-    cmpdata.fprlen = fingerlen;
-    rc = lookup_hashtable( get_keyhashrec(), fingerprint, fingerlen,
-			   cmp_krec_fpr, &cmpdata, rec );
-    if( !rc ) {
-	recnum = rec->r.key.lid;
-	/* Now read the dir record */
-	rc = tdbio_read_record( recnum, rec, RECTYPE_DIR);
-	if( rc )
-	    log_error("%s: can't read dirrec %lu: %s\n",
-				     db_name, recnum, gpg_errstr(rc) );
-    }
+    /* locate the trust record using the hash table */
+    rc = lookup_hashtable( get_trusthashrec(), fingerprint, 20,
+			   cmp_trec_fpr, (void*)fingerprint, rec );
     return rc;
 }
 
-
-
-static int
-cmp_sdir( void *dataptr, const TRUSTREC *rec )
+int
+tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec)
 {
-    const struct cmp_xdir_struct *d = dataptr;
+    byte fingerprint[MAX_FINGERPRINT_LEN];
+    size_t fingerlen;
 
-    return rec->rectype == RECTYPE_SDIR
-	   && ( !d->pubkey_algo || rec->r.sdir.pubkey_algo == d->pubkey_algo )
-	   && rec->r.sdir.keyid[0] == d->keyid[0]
-	   && rec->r.sdir.keyid[1] == d->keyid[1];
+    fingerprint_from_pk( pk, fingerprint, &fingerlen );
+    for (; fingerlen < 20; fingerlen++ )
+      fingerprint[fingerlen] = 0;
+    return tdbio_search_trust_byfpr (fingerprint, rec);
 }
 
 
-int
-tdbio_search_sdir( u32 *keyid, int pubkey_algo, TRUSTREC *rec )
-{
-    struct cmp_xdir_struct cmpdata;
-    int rc;
-    byte key[8];
-
-    /* locate the shadow dir record using the hash table */
-    u32tobuf( key   , keyid[0] );
-    u32tobuf( key+4 , keyid[1] );
-    cmpdata.pubkey_algo = pubkey_algo;
-    cmpdata.keyid[0] = keyid[0];
-    cmpdata.keyid[1] = keyid[1];
-    rc = lookup_hashtable( get_sdirhashrec(), key, 8,
-			   cmp_sdir, &cmpdata, rec );
-    return rc;
-}
-
 
 void
 tdbio_invalid(void)
 {
     log_error(_(
 	"the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n") );
-    gpg_exit(2);
+    g10_exit(2);
+}
+
+/*
+ * Migrate the trustdb as just up to gpg 1.0.6 (trustdb version 2)
+ * to the 2.1 version as used with 1.0.6b - This is pretty trivial as needs
+ * only to scan the tdb and insert new the new trust records.  The old ones are
+ * obsolte from now on
+ */
+static void
+migrate_from_v2 ()
+{
+  TRUSTREC rec;
+  int i, n;
+  struct {
+    ulong keyrecno;
+    byte  ot;
+    byte okay;
+    byte  fpr[20];
+  } *ottable;
+  int ottable_size, ottable_used;
+  byte oldbuf[40];
+  ulong recno;
+  int rc, count;
+
+  ottable_size = 5;
+  ottable = m_alloc (ottable_size * sizeof *ottable);
+  ottable_used = 0;
+
+  /* We have some restrictions here.  We can't use the version record
+   * and we can't use any of the old hashtables because we dropped the
+   * code.  So we first collect all ownertrusts and then use a second
+   * pass fo find the associated keys.  We have to do this all without using 
+   * the regular record read functions.
+   */
+
+  /* get all the ownertrusts */
+  if (lseek (db_fd, 0, SEEK_SET ) == -1 ) 
+      log_fatal ("migrate_from_v2: lseek failed: %s\n", strerror (errno));
+  for (recno=0;;recno++)
+    {
+      do
+        n = read (db_fd, oldbuf, 40);
+      while (n==-1 && errno == EINTR);
+      if (!n)
+        break; /* eof */
+      if (n != 40)
+        log_fatal ("migrate_vfrom_v2: read error or short read\n");
+
+      if (*oldbuf != 2)
+        continue;
+      
+      /* v2 dir record */
+      if (ottable_used == ottable_size)
+        {
+          ottable_size += 1000;
+          ottable = m_realloc (ottable, ottable_size * sizeof *ottable);
+        }
+      ottable[ottable_used].keyrecno = buftoulong (oldbuf+6);
+      ottable[ottable_used].ot = oldbuf[18];
+      ottable[ottable_used].okay = 0;
+      memset (ottable[ottable_used].fpr,0, 20);
+      if (ottable[ottable_used].keyrecno && ottable[ottable_used].ot)
+        ottable_used++;
+    }
+  log_info ("found %d ownertrust records\n", ottable_used);
+
+  /* Read again and find the fingerprints */
+  if (lseek (db_fd, 0, SEEK_SET ) == -1 ) 
+      log_fatal ("migrate_from_v2: lseek failed: %s\n", strerror (errno));
+  for (recno=0;;recno++)
+    {
+      do
+        n = read (db_fd, oldbuf, 40);
+      while (n==-1 && errno == EINTR);
+      if (!n)
+        break; /* eof */
+      if (n != 40)
+        log_fatal ("migrate_from_v2: read error or short read\n");
+
+      if (*oldbuf != 3) 
+        continue;
+
+      /* v2 key record */
+      for (i=0; i < ottable_used; i++)
+        {
+          if (ottable[i].keyrecno == recno)
+            {
+              memcpy (ottable[i].fpr, oldbuf+20, 20);
+              ottable[i].okay = 1;
+              break;
+            }
+        }
+    }
+
+  /* got everything - create the v3 trustdb */
+  if (ftruncate (db_fd, 0))
+    log_fatal ("can't truncate `%s': %s\n", db_name, strerror (errno) );
+  if (create_version_record ())
+    log_fatal ("failed to recreate version record of `%s'\n", db_name);
+
+  /* access the hash table, so it is store just after the version record, 
+   * this is not needed put a dump is more pretty */
+  get_trusthashrec ();
+
+  /* And insert the old ownertrust values */
+  count = 0;
+  for (i=0; i < ottable_used; i++)
+    {
+      if (!ottable[i].okay)
+        continue;
+      
+      memset (&rec, 0, sizeof rec);
+      rec.recnum = tdbio_new_recnum ();
+      rec.rectype = RECTYPE_TRUST;
+      memcpy(rec.r.trust.fingerprint, ottable[i].fpr, 20);
+      rec.r.trust.ownertrust = ottable[i].ot;
+      if (tdbio_write_record (&rec))
+        log_fatal ("failed to write trust record of `%s'\n", db_name);
+      count++;
+    }
+
+  revalidation_mark ();
+  rc = tdbio_sync ();
+  if (rc)
+    log_fatal ("failed to sync `%s'\n", db_name);
+  log_info ("migrated %d version 2 ownertrusts\n", count);
+  m_free (ottable);
 }
 
 
+
diff --git a/g10/tdbio.h b/g10/tdbio.h
index a2e5404f6..f2c6bec1b 100644
--- a/g10/tdbio.h
+++ b/g10/tdbio.h
@@ -1,5 +1,5 @@
 /* tdbio.h - Trust database I/O functions
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -18,8 +18,8 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
-#ifndef GPG_TDBIO_H
-#define GPG_TDBIO_H
+#ifndef G10_TDBIO_H
+#define G10_TDBIO_H
 
 #include "host2net.h"
 
@@ -35,41 +35,13 @@
 
 
 #define RECTYPE_VER  1
-#define RECTYPE_DIR  2
-#define RECTYPE_KEY  3
-#define RECTYPE_UID  4
-#define RECTYPE_PREF 5
-#define RECTYPE_SIG  6
-#define RECTYPE_SDIR 8
-#define RECTYPE_CACH 9
 #define RECTYPE_HTBL 10
 #define RECTYPE_HLST 11
+#define RECTYPE_TRUST 12
+#define RECTYPE_VALID 13
 #define RECTYPE_FREE 254
 
 
-#define DIRF_CHECKED  1 /* has been checked - bits 1,2,3 are valid */
-#define DIRF_VALID    2 /* This key is valid:  There is at least */
-			/* one uid with a selfsignature or an revocation */
-#define DIRF_EXPIRED  4 /* the complete key has expired */
-#define DIRF_REVOKED  8 /* the complete key has been revoked */
-#define DIRF_NEWKEYS 128 /* new keys are available: we can check the sigs */
-
-#define KEYF_CHECKED  1 /* This key has been checked */
-#define KEYF_VALID    2 /* This is a valid (sub)key */
-#define KEYF_EXPIRED  4 /* this key is expired */
-#define KEYF_REVOKED  8 /* this key has been revoked */
-
-#define UIDF_CHECKED  1  /* user id has been checked - other bits are valid */
-#define UIDF_VALID    2  /* this is a valid user id */
-#define UIDF_REVOKED  8  /* this user id has been revoked */
-
-#define SIGF_CHECKED  1 /* signature has been checked - bits 0..6 are valid */
-#define SIGF_VALID    2 /* the signature is valid */
-#define SIGF_EXPIRED  4 /* the key of this signature has expired */
-#define SIGF_REVOKED  8 /* this signature has been revoked */
-#define SIGF_IGNORED  64  /* this signature is ignored by the system */
-#define SIGF_NOPUBKEY 128 /* there is no pubkey for this sig */
-
 struct trust_record {
     int  rectype;
     int  mark;
@@ -78,73 +50,21 @@ struct trust_record {
     ulong recnum;
     union {
 	struct {	     /* version record: */
-	    byte version;    /* should be 2 */
+	    byte version;    /* should be 3 */
 	    byte  marginals;
 	    byte  completes;
 	    byte  cert_depth;
 	    ulong created;   /* timestamp of trustdb creation  */
-	    ulong mod_down;  /* timestamp of last modification downward */
-	    ulong mod_up;    /* timestamp of last modification upward */
-	    ulong keyhashtbl;
+	    ulong nextcheck; /* timestamp of next scheduled check */
+	    ulong reserved;  
+	    ulong reserved2;
 	    ulong firstfree;
-	    ulong sdirhashtbl;
+	    ulong reserved3;
+            ulong trusthashtbl;
 	} ver;
 	struct {	    /* free record */
 	    ulong next;
 	} free;
-	struct {	    /* directory record */
-	    ulong lid;
-	    ulong keylist;  /* List of keys (the first is the primary key)*/
-	    ulong uidlist;  /* list of uid records */
-	    ulong cacherec; /* the cache record */
-	    byte ownertrust;
-	    byte dirflags;
-	    byte validity;   /* calculated trustlevel over all uids */
-	    ulong valcheck;  /* timestamp of last validation check */
-	    ulong checkat;   /* Check key when this time has been reached*/
-	} dir;
-	struct {	    /* primary public key record */
-	    ulong lid;
-	    ulong next;    /* next key */
-	    byte keyflags;
-	    byte pubkey_algo;
-	    byte fingerprint_len;
-	    byte fingerprint[20];
-	} key;
-	struct {	    /* user id reord */
-	    ulong lid;	    /* point back to the directory record */
-	    ulong next;    /* points to next user id record */
-	    ulong prefrec;   /* recno of preference record */
-	    ulong siglist;   /* list of valid signatures (w/o self-sig)*/
-	    byte uidflags;
-	    byte validity;  /* calculated trustlevel of this uid */
-	    byte namehash[20]; /* ripemd hash of the username */
-	} uid;
-	struct {	    /* preference record */
-	    ulong lid;	    /* point back to the directory record */
-			    /* or 0 for a global pref record */
-	    ulong next;    /* points to next pref record */
-	    byte  data[ITEMS_PER_PREF_RECORD];
-	} pref;
-	struct {	    /* signature record */
-	    ulong lid;
-	    ulong next;   /* recnno of next record or NULL for last one */
-	    struct {
-		ulong lid;	 /* of pubkey record of signator (0=unused) */
-		byte flag;	 /* SIGF_xxxxx */
-	    } sig[SIGS_PER_RECORD];
-	} sig;
-	struct {
-	    ulong lid;
-	    u32  keyid[2];
-	    byte pubkey_algo;
-	    u32  hintlist;
-	} sdir;
-	struct {	    /* cache record */
-	    ulong lid;
-	    byte blockhash[20];
-	    byte trustlevel;   /* calculated trustlevel */
-	} cache;
 	struct {
 	    ulong item[ITEMS_PER_HTBL_RECORD];
 	} htbl;
@@ -152,25 +72,21 @@ struct trust_record {
 	    ulong next;
 	    ulong rnum[ITEMS_PER_HLST_RECORD]; /* of another record */
 	} hlst;
+      struct {
+        byte fingerprint[20];
+        byte ownertrust;
+        byte depth;
+        ulong validlist;
+      } trust;
+      struct {
+        byte namehash[20];
+        ulong next;  
+        byte validity;
+      } valid;
     } r;
 };
 typedef struct trust_record TRUSTREC;
 
-typedef struct {
-    ulong     lid;	   /* localid */
-    ulong     sigrec;
-    ulong     sig_lid;	   /* returned signatures LID */
-    unsigned  sig_flag;    /* returned signature record flag */
-    struct {		   /* internal data */
-	int init_done;
-	int eof;
-	TRUSTREC rec;
-	ulong nextuid;
-	int index;
-    } ctl;
-} SIGREC_CONTEXT;
-
-
 /*-- tdbio.c --*/
 int tdbio_set_dbname( const char *new_dbname, int create );
 const char *tdbio_get_dbname(void);
@@ -178,8 +94,8 @@ void tdbio_dump_record( TRUSTREC *rec, FILE *fp );
 int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
 int tdbio_write_record( TRUSTREC *rec );
 int tdbio_db_matches_options(void);
-ulong tdbio_read_modify_stamp( int modify_down );
-void tdbio_write_modify_stamp( int up, int down );
+ulong tdbio_read_nextcheck (void);
+int tdbio_write_nextcheck (ulong stamp);
 int tdbio_is_dirty(void);
 int tdbio_sync(void);
 int tdbio_begin_transaction(void);
@@ -187,12 +103,9 @@ int tdbio_end_transaction(void);
 int tdbio_cancel_transaction(void);
 int tdbio_delete_record( ulong recnum );
 ulong tdbio_new_recnum(void);
-int tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec );
-int tdbio_search_dir_byfpr( const byte *fingerprint, size_t fingerlen,
-					int pubkey_algo, TRUSTREC *rec );
-int tdbio_search_dir(  u32 *keyid, int pubkey_algo, TRUSTREC *rec );
-int tdbio_search_sdir( u32 *keyid, int pubkey_algo, TRUSTREC *rec );
+int tdbio_search_trust_byfpr(const byte *fingerprint, TRUSTREC *rec );
+int tdbio_search_trust_bypk(PKT_public_key *pk, TRUSTREC *rec );
 
 void tdbio_invalid(void);
 
-#endif /*GPG_TDBIO_H*/
+#endif /*G10_TDBIO_H*/
diff --git a/g10/textfilter.c b/g10/textfilter.c
index a360ffccb..ded030d79 100644
--- a/g10/textfilter.c
+++ b/g10/textfilter.c
@@ -1,5 +1,5 @@
 /* textfilter.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -25,9 +25,9 @@
 #include <errno.h>
 #include <assert.h>
 
-#include <gcrypt.h>
 #include "errors.h"
 #include "iobuf.h"
+#include "memory.h"
 #include "util.h"
 #include "filter.h"
 #include "i18n.h"
@@ -133,7 +133,7 @@ text_filter( void *opaque, int control,
 	if( tfx->truncated )
 	    log_error(_("can't handle text lines longer than %d characters\n"),
 			MAX_LINELEN );
-	gcry_free( tfx->buffer );
+	m_free( tfx->buffer );
 	tfx->buffer = NULL;
     }
     else if( control == IOBUFCTRL_DESC )
@@ -147,7 +147,7 @@ text_filter( void *opaque, int control,
  * md is updated as required by rfc2440
  */
 int
-copy_clearsig_text( IOBUF out, IOBUF inp, GCRY_MD_HD md,
+copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
 		    int escape_dash, int escape_from, int pgp2mode )
 {
     unsigned maxlen;
@@ -175,15 +175,15 @@ copy_clearsig_text( IOBUF out, IOBUF inp, GCRY_MD_HD md,
 	/* update the message digest */
 	if( escape_dash ) {
 	    if( pending_lf ) {
-		gcry_md_putc( md, '\r' );
-		gcry_md_putc( md, '\n' );
+		md_putc( md, '\r' );
+		md_putc( md, '\n' );
 	    }
-	    gcry_md_write( md, buffer,
+	    md_write( md, buffer,
 		     len_without_trailing_chars( buffer, n,
 						 pgp2mode? " \r\n":" \t\r\n"));
 	}
 	else
-	    gcry_md_write( md, buffer, n );
+	    md_write( md, buffer, n );
 	pending_lf = buffer[n-1] == '\n';
 
 	/* write the output */
@@ -224,7 +224,7 @@ copy_clearsig_text( IOBUF out, IOBUF inp, GCRY_MD_HD md,
     if( !pending_lf ) { /* make sure that the file ends with a LF */
 	iobuf_writestr( out, LF );
 	if( !escape_dash )
-	    gcry_md_putc( md, '\n' );
+	    md_putc( md, '\n' );
     }
 
     if( truncated )
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 1fd2383c0..85b7dbcb9 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1,5 +1,5 @@
 /* trustdb.c
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -22,599 +22,353 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <errno.h>
-#include <ctype.h>
 #include <assert.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
 
 #include "errors.h"
 #include "iobuf.h"
 #include "keydb.h"
-#include <gcrypt.h>
+#include "memory.h"
 #include "util.h"
-#include "trustdb.h"
 #include "options.h"
 #include "packet.h"
 #include "main.h"
 #include "i18n.h"
 #include "tdbio.h"
-#include "ttyio.h"
-
-#if MAX_FINGERPRINT_LEN > 20
-  #error Must change structure of trustdb
-#endif
-
-struct keyid_list {
-    struct keyid_list *next;
-    u32 keyid[2];
-};
+#include "trustdb.h"
 
-struct local_id_item {
-    struct local_id_item *next;
-    ulong lid;
-    unsigned flag;
-};
 
-struct local_id_table {
-    struct local_id_table *next; /* only used to keep a list of unused tables */
-    struct local_id_item *items[16];
+/*
+ * A structure to store key identification as well as some stuff needed
+ * for validation 
+ */
+struct key_item {
+  struct key_item *next;
+  unsigned int ownertrust;
+  u32 kid[2];
 };
 
 
-typedef struct local_id_table *LOCAL_ID_TABLE;
-
-
-struct enum_cert_paths_ctx {
-   int init;
-   int idx;
-};
-
+typedef struct key_item **KeyHashTable; /* see new_key_hash_table() */
 
-struct recno_list_struct {
-    struct recno_list_struct *next;
-    ulong recno;
-    int type;
-};
-typedef struct recno_list_struct *RECNO_LIST;
-
-
-
-typedef struct trust_node *TN;
-struct trust_node {
-    TN	  back;  /* parent */
-    TN	  list;  /* list of other node (should all be of the same type)*/
-    TN	  next;  /* used to build the list */
-    int   is_uid; /* set if this is an uid node */
-    ulong lid;	 /* key or uid recordnumber */
-    union {
-	struct {
-	    int ownertrust;
-	    int validity;
-	    /* helper */
-	    int buckstop;
-	} k;
-	struct {
-	    int marginal_count;
-	    int fully_count;
-	    int validity;
-	} u;
-    } n;
+/*
+ * Structure to keep track of keys, this is used as an array wherre
+ * the item right after the last one has a keyblock set to NULL. 
+ * Maybe we can drop this thing and replace it by key_item
+ */
+struct key_array {
+  KBNODE keyblock;
 };
 
 
-static TN used_tns;
-static int alloced_tns;
-static int max_alloced_tns;
-
-static struct keyid_list *trusted_key_list;
-
-static LOCAL_ID_TABLE new_lid_table(void);
-static int ins_lid_table_item( LOCAL_ID_TABLE tbl, ulong lid, unsigned flag );
-static int qry_lid_table_flag( LOCAL_ID_TABLE tbl, ulong lid, unsigned *flag );
-
-
-static int propagate_validity( TN root, TN node,
-			       int (*add_fnc)(ulong), unsigned *retflgs );
-
-static void print_user_id( FILE *fp, const char *text, u32 *keyid );
-static int do_check( TRUSTREC *drec, unsigned *trustlevel,
-		     const char *nhash, int (*add_fnc)(ulong),
-						unsigned *retflgs);
-static int get_dir_record( PKT_public_key *pk, TRUSTREC *rec );
-static int do_update_trust_record( KBNODE keyblock, TRUSTREC *drec,
-				   int sigs_only, int *modified );
-static int check_trust_record( TRUSTREC *drec, int sigs_only );
-static void mark_fresh_keys(void);
-
-/* a table used to keep track of ultimately trusted keys
- * which are the ones from our secrings and the trusted keys */
-static LOCAL_ID_TABLE ultikey_table;
-
-
-/* a table to keep track of newly importted keys.  This one is
- * create by the insert_trust_record function and from time to time
- * used to verify key signature which have been done with these new keys */
-static LOCAL_ID_TABLE fresh_imported_keys;
-static int fresh_imported_keys_count;
-#define FRESH_KEY_CHECK_THRESHOLD 200
-
-/* list of unused lid items and tables */
-static LOCAL_ID_TABLE unused_lid_tables;
-static struct local_id_item *unused_lid_items;
-
+/* control information for the trust DB */
 static struct {
     int init;
     int level;
     char *dbname;
 } trustdb_args;
 
-
-/**********************************************
- ***********  record read write  **************
- **********************************************/
-
-
-/****************
- * Read a record but die if it does not exist
- */
-static void
-read_record( ulong recno, TRUSTREC *rec, int rectype )
-{
-    int rc = tdbio_read_record( recno, rec, rectype );
-    if( !rc )
-	return;
-    log_error(_("trust record %lu, req type %d: read failed: %s\n"),
-				    recno, rectype,  gpg_errstr(rc) );
-    tdbio_invalid();
-}
+/* some globals */
+static struct key_item *user_utk_list; /* temp. used to store --trusted-keys */
+static struct key_item *utk_list;      /* all ultimately trusted keys */
 
+static int pending_check_trustdb;
 
-/****************
- * Wirte a record but die on error
- */
-static void
-write_record( TRUSTREC *rec )
-{
-    int rc = tdbio_write_record( rec );
-    if( !rc )
-	return;
-    log_error(_("trust record %lu, type %d: write failed: %s\n"),
-			    rec->recnum, rec->rectype, gpg_errstr(rc) );
-    tdbio_invalid();
-}
-
-/****************
- * Delete a record but die on error
- */
-static void
-delete_record( ulong recno )
-{
-    int rc = tdbio_delete_record( recno );
-    if( !rc )
-	return;
-    log_error(_("trust record %lu: delete failed: %s\n"),
-					      recno, gpg_errstr(rc) );
-    tdbio_invalid();
-}
-
-/****************
- * sync the db
- */
-static void
-do_sync(void)
-{
-    int rc = tdbio_sync();
-    if( !rc )
-	return;
-    log_error(_("trustdb: sync failed: %s\n"), gpg_errstr(rc) );
-    gpg_exit(2);
-}
-
+static int validate_keys (int interactive);
 
 
 /**********************************************
- *****************  helpers  ******************
+ ************* some helpers *******************
  **********************************************/
 
-
-static LOCAL_ID_TABLE
-new_lid_table(void)
+static struct key_item *
+new_key_item (void)
 {
-    LOCAL_ID_TABLE a;
-
-    a = unused_lid_tables;
-    if( a ) {
-	unused_lid_tables = a->next;
-	memset( a, 0, sizeof *a );
-    }
-    else
-	a = gcry_xcalloc( 1, sizeof *a );
-    return a;
+  struct key_item *k;
+  
+  k = m_alloc_clear (sizeof *k);
+  return k;
 }
 
-#if 0
 static void
-release_lid_table( LOCAL_ID_TABLE tbl )
+release_key_items (struct key_item *k)
 {
-    struct local_id_item *a, *a2;
-    int i;
-
-    for(i=0; i < 16; i++ ) {
-	for(a=tbl->items[i]; a; a = a2 ) {
-	    a2 = a->next;
-	    a->next = unused_lid_items;
-	    unused_lid_items = a;
-	}
-    }
-    tbl->next = unused_lid_tables;
-    unused_lid_tables = tbl;
-}
-#endif
-
+  struct key_item *k2;
 
-/****************
- * Remove all items from a LID table
- */
-static void
-clear_lid_table( LOCAL_ID_TABLE tbl )
-{
-    struct local_id_item *a, *a2;
-    int i;
-
-    for(i=0; i < 16; i++ ) {
-	for(a=tbl->items[i]; a; a = a2 ) {
-	    a2 = a->next;
-	    a->next = unused_lid_items;
-	    unused_lid_items = a;
-	}
-	tbl->items[i] = NULL;
+  for (; k; k = k2)
+    {
+      k2 = k->next;
+      m_free (k);
     }
 }
 
-
-/****************
- * Add a new item to the table or return 1 if we already have this item
+/*
+ * For fast keylook up we need a hash table.  Each byte of a KeyIDs
+ * should be distributed equally over the 256 possible values (except
+ * for v3 keyIDs but we consider them as not important here). So we
+ * can just use 10 bits to index a table of 1024 key items. 
+ * Possible optimization: Don not use key_items but other hash_table when the
+ * duplicates lists gets too large. 
  */
-static int
-ins_lid_table_item( LOCAL_ID_TABLE tbl, ulong lid, unsigned flag )
+static KeyHashTable 
+new_key_hash_table (void)
 {
-    struct local_id_item *a;
-
-    for( a = tbl->items[lid & 0x0f]; a; a = a->next )
-	if( a->lid == lid )
-	    return 1;
-    a = unused_lid_items;
-    if( a )
-	unused_lid_items = a->next;
-    else
-	a = gcry_xmalloc( sizeof *a );
-    a->lid = lid;
-    a->flag = flag;
-    a->next = tbl->items[lid & 0x0f];
-    tbl->items[lid & 0x0f] = a;
-    return 0;
+  struct key_item **tbl;
+
+  tbl = m_alloc_clear (1024 * sizeof *tbl);
+  return tbl;
 }
 
-static int
-qry_lid_table_flag( LOCAL_ID_TABLE tbl, ulong lid, unsigned *flag )
+static void
+release_key_hash_table (KeyHashTable tbl)
 {
-    struct local_id_item *a;
+  int i;
 
-    for( a = tbl->items[lid & 0x0f]; a; a = a->next )
-	if( a->lid == lid ) {
-	    if( flag )
-		*flag = a->flag;
-	    return 0;
-	}
-    return -1;
+  if (!tbl)
+    return;
+  for (i=0; i < 1024; i++)
+    release_key_items (tbl[i]);
+  m_free (tbl);
 }
 
-
-static TN
-new_tn(void)
+/* 
+ * Returns: True if the keyID is in the given hash table
+ */
+static int
+test_key_hash_table (KeyHashTable tbl, u32 *kid)
 {
-    TN t;
+  struct key_item *k;
 
-    if( used_tns ) {
-	t = used_tns;
-	used_tns = t->next;
-	memset( t, 0, sizeof *t );
-    }
-    else
-	t = gcry_xcalloc( 1, sizeof *t );
-    if( ++alloced_tns > max_alloced_tns )
-	max_alloced_tns = alloced_tns;
-    return t;
+  for (k = tbl[(kid[1] & 0x03ff)]; k; k = k->next)
+    if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
+      return 1;
+  return 0;
 }
 
-
+/*
+ * Add a new key to the hash table.  The key is identified by its key ID.
+ */
 static void
-release_tn( TN t )
+add_key_hash_table (KeyHashTable tbl, u32 *kid)
 {
-    if( t ) {
-	t->next = used_tns;
-	used_tns = t;
-	alloced_tns--;
-    }
-}
+  struct key_item *k, *kk;
 
+  for (k = tbl[(kid[1] & 0x03ff)]; k; k = k->next)
+    if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
+      return; /* already in table */
+  
+  kk = new_key_item ();
+  kk->kid[0] = kid[0];
+  kk->kid[1] = kid[1];
+  kk->next = tbl[(kid[1] & 0x03ff)];
+  tbl[(kid[1] & 0x03ff)] = kk;
+}
 
+/*
+ * Release a key_array
+ */
 static void
-release_tn_tree( TN kr )
+release_key_array ( struct key_array *keys )
 {
-    TN	kr2;
+    struct key_array *k;
 
-    for( ; kr; kr = kr2 ) {
-	release_tn_tree( kr->list );
-	kr2 = kr->next;
-	release_tn( kr );
+    if (keys) {
+        for (k=keys; k->keyblock; k++)
+            release_kbnode (k->keyblock);
+        m_free (keys);
     }
 }
 
+
+/*********************************************
+ **********  Initialization  *****************
+ *********************************************/
 
 
-
-/**********************************************
- ****** access by LID and other helpers *******
- **********************************************/
 
-/****************
- * Return the keyid from the primary key identified by LID.
+/*
+ * Used to register extra ultimately trusted keys - this has to be done
+ * before initializing the validation module.
+ * FIXME: Should be replaced by a function to add those keys to the trustdb.
  */
-int
-keyid_from_lid( ulong lid, u32 *keyid )
+void
+register_trusted_key( const char *string )
 {
-    TRUSTREC rec;
-    int rc;
-
-    init_trustdb();
-    keyid[0] = keyid[1] = 0;
-    rc = tdbio_read_record( lid, &rec, 0 );
-    if( rc ) {
-	log_error(_("error reading dir record for LID %lu: %s\n"),
-						    lid, gpg_errstr(rc));
-	return GPGERR_TRUSTDB;
-    }
-    if( rec.rectype == RECTYPE_SDIR )
-	return 0;
-    if( rec.rectype != RECTYPE_DIR ) {
-	log_error(_("lid %lu: expected dir record, got type %d\n"),
-						    lid, rec.rectype );
-	return GPGERR_TRUSTDB;
-    }
-    if( !rec.r.dir.keylist ) {
-	log_error(_("no primary key for LID %lu\n"), lid );
-	return GPGERR_TRUSTDB;
-    }
-    rc = tdbio_read_record( rec.r.dir.keylist, &rec, RECTYPE_KEY );
-    if( rc ) {
-	log_error(_("error reading primary key for LID %lu: %s\n"),
-						    lid, gpg_errstr(rc));
-	return GPGERR_TRUSTDB;
-    }
-    keyid_from_fingerprint( rec.r.key.fingerprint, rec.r.key.fingerprint_len,
-			    keyid );
-
-    return 0;
-}
+  KEYDB_SEARCH_DESC desc;
+  struct key_item *k;
 
+  if (classify_user_id (string, &desc) != KEYDB_SEARCH_MODE_LONG_KID ) {
+    log_error(_("`%s' is not a valid long keyID\n"), string );
+    return;
+  }
 
-ulong
-lid_from_keyblock( KBNODE keyblock )
-{
-    KBNODE node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
-    PKT_public_key *pk;
-    if( !node )
-	BUG();
-    pk = node->pkt->pkt.public_key;
-    if( !pk->local_id ) {
-	TRUSTREC rec;
-	init_trustdb();
-
-	get_dir_record( pk, &rec );
-    }
-    return pk->local_id;
+  k = new_key_item ();
+  k->kid[0] = desc.u.kid[0];
+  k->kid[1] = desc.u.kid[1];
+  k->next = user_utk_list;
+  user_utk_list = k;
 }
 
-
+/*
+ * Helper to add a key to the global list of ultimately trusted keys.
+ * Retruns: true = inserted, false = already in in list.
+ */
 static int
-get_dir_record( PKT_public_key *pk, TRUSTREC *rec )
+add_utk (u32 *kid)
 {
-    int rc=0;
+  struct key_item *k;
 
-    if( pk->local_id ) {
-	read_record( pk->local_id, rec, RECTYPE_DIR );
-    }
-    else { /* no local_id: scan the trustdb */
-	if( (rc=tdbio_search_dir_bypk( pk, rec )) && rc != -1 )
-	    log_error(_("get_dir_record: search_record failed: %s\n"),
-							    gpg_errstr(rc));
+  for (k = utk_list; k; k = k->next) 
+    {
+      if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
+        {
+          return 0;
+        }
     }
-    return rc;
-}
 
-static ulong
-lid_from_keyid_no_sdir( u32 *keyid )
-{
-    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-    TRUSTREC rec;
-    ulong lid = 0;
-    int rc;
-
-    rc = get_pubkey( pk, keyid );
-    if( !rc ) {
-	if( pk->local_id )
-	    lid = pk->local_id;
-	else {
-	    rc = tdbio_search_dir_bypk( pk, &rec );
-	    if( !rc )
-		lid = rec.recnum;
-	}
-    }
-    free_public_key( pk );
-    return lid;
+  k = new_key_item ();
+  k->kid[0] = kid[0];
+  k->kid[1] = kid[1];
+  k->ownertrust = TRUST_ULTIMATE;
+  k->next = utk_list;
+  utk_list = k;
+  if( opt.verbose > 1 )
+    log_info(_("key %08lX: accepted as trusted key\n"), (ulong)kid[1]);
+  return 1;
 }
 
 
-
-/***********************************************
- *************	Initialization	****************
- ***********************************************/
-
-void
-register_trusted_key( const char *string )
+/****************
+ * Verify that all our secret keys are usable and put them into the utk_list.
+ */
+static void
+verify_own_keys(void)
 {
-    u32 keyid[2];
-    struct keyid_list *r;
+  TRUSTREC rec;
+  ulong recnum;
+  int rc;
+  struct key_item *k;
+  int hint_shown = 0;
+
+  if (utk_list)
+    return;
 
-    if( classify_user_id( string, keyid, NULL, NULL, NULL ) != 11 ) {
-        log_error(_("'%s' is not a valid long keyID\n"), string );
-        return;
+  /* scan the trustdb to find all ultimately trusted keys */
+  for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ ) 
+    {
+      if ( rec.rectype == RECTYPE_TRUST 
+           && (rec.r.trust.ownertrust & TRUST_MASK) == TRUST_ULTIMATE)
+        {
+            byte *fpr = rec.r.trust.fingerprint;
+            int fprlen;
+            u32 kid[2];
+            
+            /* Problem: We do only use fingerprints in the trustdb but
+             * we need the keyID here to indetify the key; we can only
+             * use that ugly hack to distinguish between 16 and 20
+             * butes fpr - it does not work always so we better change
+             * the whole validation code to only work with
+             * fingerprints */
+            fprlen = (!fpr[16] && !fpr[17] && !fpr[18] && !fpr[19])? 16:20;
+            keyid_from_fingerprint (fpr, fprlen, kid);
+            if (!add_utk (kid))
+                log_info(_("key %08lX occurs more than once in the trustdb\n"),
+                            (ulong)kid[1]);
+        }
+    }
+  
+  /* the --trusted-key option is again deprecated; however we automagically
+   * add those keys to the trustdb */
+  for (k = user_utk_list; k; k = k->next) 
+    {
+      if ( add_utk (k->kid) ) 
+        { /* not yet in trustDB as ultimately trusted */
+          PKT_public_key pk;
+
+          memset (&pk, 0, sizeof pk);
+          rc = get_pubkey (&pk, k->kid);
+          if (rc) {
+            log_info(_("key %08lX: no public key for trusted key - skipped\n"),
+                     (ulong)k->kid[1] );
+          }
+          else {
+            update_ownertrust (&pk,
+                               ((get_ownertrust (&pk) & ~TRUST_MASK)
+                                | TRUST_ULTIMATE ));
+            release_public_key_parts (&pk);
+          }
+          if (!hint_shown)
+            {
+              log_info ("the --trusted-key option is now obsolete; "
+                        "use the --edit command instead.\n");
+              log_info ("given keys will be marked as trusted\n");
+              hint_shown = 1;
+            }
+          log_info ("key %08lX marked as ultimately trusted\n",
+                    (ulong)k->kid[1]);
+        }
     }
 
-    for( r = trusted_key_list; r; r = r->next )
-        if( r->keyid[0] == keyid[0] && r->keyid[1] == keyid[1] )
-            return;
-    r = gcry_xmalloc( sizeof *r );
-    r->keyid[0] = keyid[0];
-    r->keyid[1] = keyid[1];
-    r->next = trusted_key_list;
-    trusted_key_list = r;
-}
 
+  /* release the helper table table */
+  release_key_items (user_utk_list);
+  user_utk_list = NULL;
+  return;
+}
 
+
+/*********************************************
+ *********** TrustDB stuff *******************
+ *********************************************/
 
+/*
+ * Read a record but die if it does not exist
+ */
 static void
-add_ultimate_key( PKT_public_key *pk, u32 *keyid )
+read_record (ulong recno, TRUSTREC *rec, int rectype )
 {
-    int rc;
-
-    /* first make sure that the pubkey is in the trustdb */
-    rc = query_trust_record( pk );
-    if( rc == -1 && opt.dry_run )
-	return;
-    if( rc == -1 ) { /* put it into the trustdb */
-        rc = insert_trust_record_by_pk( pk );
-        if( rc ) {
-            log_error(_("key %08lX: can't put it into the trustdb\n"),
-                      (ulong)keyid[1] );
-            return;
-        }
+  int rc = tdbio_read_record (recno, rec, rectype);
+  if (rc)
+    {
+      log_error(_("trust record %lu, req type %d: read failed: %s\n"),
+                recno, rec->rectype, g10_errstr(rc) );
+      tdbio_invalid();
     }
-    else if( rc ) {
-        log_error(_("key %08lX: query record failed\n"), (ulong)keyid[1] );
-        return;
+  if (rectype != rec->rectype)
+    {
+      log_error(_("trust record %lu is not of requested type %d\n"),
+                rec->recnum, rectype);
+      tdbio_invalid();
     }
-
-    if( DBG_TRUST )
-        log_debug("key %08lX.%lu: stored into ultikey_table\n",
-                  (ulong)keyid[1], pk->local_id );
-
-    if( ins_lid_table_item( ultikey_table, pk->local_id, 0 ) )
-        log_error(_("key %08lX: already in trusted key table\n"),
-                  (ulong)keyid[1]);
-    else if( opt.verbose > 1 )
-        log_info(_("key %08lX: accepted as trusted key.\n"),
-                 (ulong)keyid[1]);
-
 }
 
-/****************
- * Verify that all our public keys are in the trustdb.
+/*
+ * Write a record and die on error
  */
-static int
-verify_own_keys(void)
+static void
+write_record (TRUSTREC *rec)
 {
-    int rc;
-    void *enum_context = NULL;
-    PKT_secret_key *sk = gcry_xcalloc( 1, sizeof *sk );
-    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-    u32 keyid[2];
-    struct keyid_list *kl;
-
-
-    /* put the trusted keys into the ultikey table */
-    for( kl = trusted_key_list; kl; kl = kl->next ) {
-        keyid[0] = kl->keyid[0];
-        keyid[1] = kl->keyid[1];
-        /* get the public key */
-        memset( pk, 0, sizeof *pk );
-        rc = get_pubkey( pk, keyid );
-        if( rc ) {
-            log_info(_("key %08lX: no public key for trusted key - skipped\n"),
-                                                            (ulong)keyid[1] );
-        }
-        else {
-            add_ultimate_key( pk, keyid );
-            release_public_key_parts( pk );
-        }
+  int rc = tdbio_write_record (rec);
+  if (rc)
+    {
+      log_error(_("trust record %lu, type %d: write failed: %s\n"),
+			    rec->recnum, rec->rectype, g10_errstr(rc) );
+      tdbio_invalid();
     }
-
-    /* And now add all secret keys to the ultikey table */
-    while( !(rc=enum_secret_keys( &enum_context, sk, 0 ) ) ) {
-	int have_pk = 0;
-
-	keyid_from_sk( sk, keyid );
-
-	if( DBG_TRUST )
-	    log_debug("key %08lX: checking secret key\n", (ulong)keyid[1] );
-
-	if( !opt.quiet && is_secret_key_protected( sk ) < 1 )
-	    log_info(_("NOTE: secret key %08lX is NOT protected.\n"),
-							    (ulong)keyid[1] );
-
-        for( kl = trusted_key_list; kl; kl = kl->next ) {
-            if( kl->keyid[0] == keyid[0] && kl->keyid[1] == keyid[1] )
-                goto skip; /* already in trusted key table */
-        }
-
-	/* see whether we can access the public key of this secret key */
-	memset( pk, 0, sizeof *pk );
-	rc = get_pubkey( pk, keyid );
-	if( rc ) {
-	    log_info(_("key %08lX: secret key without public key - skipped\n"),
-							    (ulong)keyid[1] );
-	    goto skip;
-	}
-	have_pk=1;
-
-	if( cmp_public_secret_key( pk, sk ) ) {
-	    log_info(_("key %08lX: secret and public key don't match\n"),
-							    (ulong)keyid[1] );
-	    goto skip;
-	}
-
-	add_ultimate_key( pk, keyid );
-
-      skip:
-	release_secret_key_parts( sk );
-	if( have_pk )
-	    release_public_key_parts( pk );
-    }
-    if( rc != -1 )
-	log_error(_("enumerate secret keys failed: %s\n"), gpg_errstr(rc) );
-    else
-	rc = 0;
-
-    /* release the trusted keyid table */
-    {   struct keyid_list *kl2;
-        for( kl = trusted_key_list; kl; kl = kl2 ) {
-            kl2 = kl->next;
-            gcry_free( kl );
-        }
-        trusted_key_list = NULL;
-    }
-
-    enum_secret_keys( &enum_context, NULL, 0 ); /* free context */
-    free_secret_key( sk );
-    free_public_key( pk );
-    return rc;
 }
 
-
+/*
+ * sync the TrustDb and die on error
+ */
+static void
+do_sync(void)
+{
+    int rc = tdbio_sync ();
+    if(rc)
+      {
+        log_error (_("trustdb: sync failed: %s\n"), g10_errstr(rc) );
+        g10_exit(2);
+      }
+}
 
 
 /****************
@@ -629,2198 +383,1268 @@ setup_trustdb( int level, const char *dbname )
     if( trustdb_args.init )
 	return 0;
     trustdb_args.level = level;
-    trustdb_args.dbname = dbname? gcry_xstrdup(dbname): NULL;
+    trustdb_args.dbname = dbname? m_strdup(dbname): NULL;
     return 0;
 }
 
 void
 init_trustdb()
 {
-    int rc=0;
-    int level = trustdb_args.level;
-    const char* dbname = trustdb_args.dbname;
-
-    if( trustdb_args.init )
-	return;
+  int rc=0;
+  int level = trustdb_args.level;
+  const char* dbname = trustdb_args.dbname;
 
-    trustdb_args.init = 1;
-
-    if( !ultikey_table )
-	ultikey_table = new_lid_table();
-
-    if( !level || level==1 ) {
-	rc = tdbio_set_dbname( dbname, !!level );
-	if( !rc ) {
-	    if( !level )
-		return;
+  if( trustdb_args.init )
+    return;
 
-	    /* verify that our own keys are in the trustDB
-	     * or move them to the trustdb. */
-	    rc = verify_own_keys();
+  trustdb_args.init = 1;
 
-	    /* should we check whether there is no other ultimately trusted
-	     * key in the database? */
-	}
+  if ( !level || level==1)
+    {
+      rc = tdbio_set_dbname( dbname, !!level );
+      if( !rc )
+        {
+          if( !level )
+            return;
+          
+          /* verify that our own keys are in the trustDB
+           * or move them to the trustdb. */
+          verify_own_keys();
+          
+          /* should we check whether there is no other ultimately trusted
+           * key in the database? */
+        }
     }
-    else
-	BUG();
-    if( rc )
-	log_fatal("can't init trustdb: %s\n", gpg_errstr(rc) );
+  else
+    BUG();
+  if( rc )
+    log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
 }
 
 
 
-/****************
- * This function should be called in certain cases to sync the internal state
- * of the trustdb with the file image.	Currently it is needed after
- * a sequence of insert_trust_record() calls.
- */
-void
-sync_trustdb()
-{
-    if( fresh_imported_keys && fresh_imported_keys_count )
-	mark_fresh_keys();
-}
-
-
 
 /***********************************************
  *************	Print helpers	****************
  ***********************************************/
-static void
-print_user_id( FILE *fp, const char *text, u32 *keyid )
-{
-    char *p;
-    size_t n;
-
-    p = get_user_id( keyid, &n );
-    if( fp ) {
-	fprintf( fp, "%s \"", text );
-	print_utf8_string( fp, p, n );
-	putc('\"', fp);
-	putc('\n', fp);
-    }
-    else {
-	tty_printf( "%s \"", text );
-	tty_print_utf8_string( p, n );
-	tty_printf( "\"\n" );
-    }
-    gcry_free(p);
-}
-
-
 
 /****************
  * This function returns a letter for a trustvalue  Trust flags
  * are ignore.
  */
 int
-trust_letter( unsigned value )
+trust_letter (unsigned int value)
 {
-    switch( (value & TRUST_MASK) ) {
-      case TRUST_UNKNOWN:   return '-';
-      case TRUST_EXPIRED:   return 'e';
-      case TRUST_UNDEFINED: return 'q';
-      case TRUST_NEVER:     return 'n';
-      case TRUST_MARGINAL:  return 'm';
-      case TRUST_FULLY:     return 'f';
-      case TRUST_ULTIMATE:  return 'u';
-      default:		    return  0 ;
+  switch( (value & TRUST_MASK) ) 
+    {
+    case TRUST_UNKNOWN:   return '-';
+    case TRUST_EXPIRED:   return 'e';
+    case TRUST_UNDEFINED: return 'q';
+    case TRUST_NEVER:     return 'n';
+    case TRUST_MARGINAL:  return 'm';
+    case TRUST_FULLY:     return 'f';
+    case TRUST_ULTIMATE:  return 'u';
+    default:              return 0;
     }
 }
 
 
-#if 0
-static void
-print_path( int pathlen, TN ME .........., FILE *fp, ulong highlight )
-{
-    int rc, c, i;
-    u32 keyid[2];
-    char *p;
-    size_t n;
-
-    for( i = 0; i < pathlen; i++ )  {
-	if( highlight )
-	    fputs(highlight == path[i].lid? "* ":"  ", fp );
-	rc = keyid_from_lid( path[i].lid, keyid );
-	if( rc )
-	    fprintf(fp, "????????.%lu:", path[i].lid );
-	else
-	    fprintf(fp,"%08lX.%lu:", (ulong)keyid[1], path[i].lid );
-	c = trust_letter(path[i].otrust);
-	if( c )
-	    putc( c, fp );
-	else
-	    fprintf( fp, "%02x", path[i].otrust );
-	putc('/', fp);
-	c = trust_letter(path[i].trust);
-	if( c )
-	    putc( c, fp );
-	else
-	    fprintf( fp, "%02x", path[i].trust );
-	putc(' ', fp);
-	p = get_user_id( keyid, &n );
-	putc(' ', fp);
-	putc('\"', fp);
-	print_utf8_string( fp, p, n > 40? 40:n );
-	putc('\"', fp);
-	gcry_free(p);
-	putc('\n', fp );
-    }
-}
-#endif
-
-
-static void
-print_default_uid( FILE *fp, ulong lid )
-{
-    u32 keyid[2];
-
-    if( !keyid_from_lid( lid, keyid ) )
-	print_user_id( fp, "", keyid );
-}
-
+/****************
+ * Recreate the WoT but do not ask for new ownertrusts.  Special
+ * feature: In batch mode and without a forced yes, this is only done
+ * when a check is due.  This can be used to run the check from a crontab
+ */
+void
+check_trustdb ()
+{
+  init_trustdb();
+  if (opt.batch && !opt.answer_yes)
+    {
+      ulong scheduled;
+
+      scheduled = tdbio_read_nextcheck ();
+      if (!scheduled)
+        {
+          log_info (_("no need for a trustdb check\n"));
+          return;
+        }
 
-static void
-print_uid_from_keyblock( FILE *fp, KBNODE keyblock, ulong urecno )
-{
-    TRUSTREC urec;
-    KBNODE node;
-    byte uhash[20];
-
-    read_record( urecno, &urec, RECTYPE_UID );
-    for( node=keyblock; node; node = node->next ) {
-	if( node->pkt->pkttype == PKT_USER_ID ) {
-	    PKT_user_id *uidpkt = node->pkt->pkt.user_id;
-
-	    if( uidpkt->photo ) {
-		gcry_md_hash_buffer( GCRY_MD_RMD160,  uhash,
-				     uidpkt->photo, uidpkt->photolen );
-	    }
-	    else {
-		gcry_md_hash_buffer( GCRY_MD_RMD160,  uhash,
-				     uidpkt->name, uidpkt->len );
-	    }
-	    if( !memcmp( uhash, urec.r.uid.namehash, 20 ) ) {
-		print_string( fp,  uidpkt->name, uidpkt->len, ':' );
-		return;
-	    }
-	}
+      if (scheduled > make_timestamp ())
+        {
+          log_info (_("next trustdb check due at %s\n"),
+                    strtimestamp (scheduled));
+          return;
+        }
     }
 
-    fputs("[?]", fp );
+  validate_keys (0);
 }
 
 
-
-static void
-dump_tn_tree( FILE *fp, int level, TN tree )
+/*
+ * Recreate the WoT. 
+ */
+void
+update_trustdb()
 {
-    TN kr, ur;
-
-    for( kr=tree; kr; kr = kr->next ) {
-	if( fp ) {
-	    fprintf( fp, "%*s", level*4, "" );
-	    fprintf( fp, "K%lu(ot=%d,val=%d)  ", kr->lid,
-					     kr->n.k.ownertrust,
-					     kr->n.k.validity  );
-	}
-	else {
-	    tty_printf("%*s", level*4, "" );
-	    tty_printf("K%lu(ot=%d,val=%d)  ", kr->lid,
-					     kr->n.k.ownertrust,
-					     kr->n.k.validity  );
-	}
-	print_default_uid( fp, kr->lid );
-	for( ur=kr->list; ur; ur = ur->next ) {
-	    if( fp ) {
-		fprintf(fp, "%*s  ", level*4, "" );
-		fprintf(fp, "U%lu(mc=%d,fc=%d,val=%d)\n", ur->lid,
-						     ur->n.u.marginal_count,
-						     ur->n.u.fully_count,
-						     ur->n.u.validity
-						);
-	    }
-	    else {
-		tty_printf("%*s  ", level*4, "" );
-		tty_printf("U%lu(mc=%d,fc=%d,val=%d)\n", ur->lid,
-						     ur->n.u.marginal_count,
-						     ur->n.u.fully_count,
-						     ur->n.u.validity
-						);
-	    }
-	    dump_tn_tree( fp, level+1, ur->list );
-	}
-    }
+  init_trustdb();
+  validate_keys (1);
 }
 
-/****************
- * Special version of dump_tn_tree, which prints it colon delimited.
- * Format:
- *   level:keyid:type:recno:ot:val:mc:cc:name:
- * With TYPE = U for a user ID
- *	       K for a key
- * The RECNO is either the one of the dir record or the one of the uid record.
- * OT is the the usual trust letter and only availabel on K lines.
- * VAL is the calcualted validity
- * MC is the marginal trust counter and only available on U lines
- * CC is the same for the complete count
- * NAME ist the username and only printed on U lines
- */
-static void
-dump_tn_tree_with_colons( int level, TN tree )
+void
+revalidation_mark (void)
 {
-    TN kr, ur;
-
-    for( kr=tree; kr; kr = kr->next ) {
-	KBNODE kb = NULL;
-	u32 kid[2];
-
-	keyid_from_lid( kr->lid, kid );
-	get_keyblock_bylid( &kb, kr->lid );
-
-	printf( "%d:%08lX%08lX:K:%lu:%c:%c::::\n",
-			level, (ulong)kid[0], (ulong)kid[1], kr->lid,
-			trust_letter( kr->n.k.ownertrust ),
-			trust_letter( kr->n.k.validity ) );
-	for( ur=kr->list; ur; ur = ur->next ) {
-	    printf( "%d:%08lX%08lX:U:%lu::%c:%d:%d:",
-			level, (ulong)kid[0], (ulong)kid[1], ur->lid,
-			trust_letter( kr->n.u.validity ),
-			ur->n.u.marginal_count,
-			ur->n.u.fully_count );
-	    print_uid_from_keyblock( stdout, kb, ur->lid );
-	    putchar(':');
-	    putchar('\n');
-	    dump_tn_tree_with_colons( level+1, ur->list );
-	}
-	release_kbnode( kb );
-    }
+  init_trustdb();
+  /* we simply set the time for the next check to 1 (far back in 1970)
+   * so that a --update-trustdb will be scheduled */
+  if (tdbio_write_nextcheck (1))
+      do_sync ();
+  pending_check_trustdb = 1;
 }
 
-
 
 /***********************************************
- *************	trustdb maintenance  ***********
+ ***********  Ownertrust et al. ****************
  ***********************************************/
 
-/****************
- * Create or update shadow dir record and return the LID of the record
- */
-static ulong
-create_shadow_dir( PKT_signature *sig )
-{
-    TRUSTREC sdir;
-    int rc;
-
-    /* first see whether we already have such a record */
-    rc = tdbio_search_sdir( sig->keyid, sig->pubkey_algo, &sdir );
-    if( rc && rc != -1 ) {
-	log_error("tdbio_search_sdir failed: %s\n", gpg_errstr(rc));
-	tdbio_invalid();
-    }
-    if( rc == -1 ) { /* not found: create */
-	memset( &sdir, 0, sizeof sdir );
-	sdir.recnum = tdbio_new_recnum();
-	sdir.rectype= RECTYPE_SDIR;
-	sdir.r.sdir.lid = sdir.recnum;
-	sdir.r.sdir.keyid[0] = sig->keyid[0];
-	sdir.r.sdir.keyid[1] = sig->keyid[1];
-	sdir.r.sdir.pubkey_algo = sig->pubkey_algo;
-	write_record( &sdir );
-    }
-    return sdir.recnum;
-}
-
-
-static ulong
-find_or_create_lid( PKT_signature *sig )
-{
-    ulong lid;
-
-    lid = lid_from_keyid_no_sdir( sig->keyid );
-    if( !lid )
-	lid = create_shadow_dir( sig );
-    return lid;
+static int 
+read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
+{
+  int rc;
+  
+  init_trustdb();
+  rc = tdbio_search_trust_bypk (pk, rec);
+  if (rc == -1)
+    return -1; /* no record yet */
+  if (rc) 
+    {
+      log_error ("trustdb: searching trust record failed: %s\n",
+                 g10_errstr (rc));
+      return rc; 
+    }
+      
+  if (rec->rectype != RECTYPE_TRUST)
+    {
+      log_error ("trustdb: record %lu is not a trust record\n",
+                 rec->recnum);
+      return G10ERR_TRUSTDB; 
+    }      
+  
+  return 0;
 }
 
 
-
 /****************
- * Check the validity of a key and calculate the keyflags
- * keynode points to
- * a node with a [sub]key.  mainkid has the key ID of the primary key
- * keyblock is the complete keyblock which is needed for signature
- * checking.  LID and PK is only used in verbose mode.
+ * Return the assigned ownertrust value for the given public key.
+ * The key should be the primary key.
  */
-static unsigned int
-check_keybinding( KBNODE keyblock, KBNODE keynode, u32 *mainkid,
-		  ulong lid, PKT_public_key *pk )
+unsigned int 
+get_ownertrust ( PKT_public_key *pk)
 {
-    KBNODE node;
-    int keybind_seen = 0;
-    int revoke_seen = 0;
-    unsigned int keyflags=0;
-    int is_main = (keynode->pkt->pkttype == PKT_PUBLIC_KEY);
-    int rc;
-
-    if( DBG_TRUST )
-	log_debug("check_keybinding: %08lX.%lu\n",
-			    (ulong)mainkid[1], lid );
-
-    if( is_main ) {
-	/* a primary key is always valid (user IDs are handled elsewhere)*/
-	keyflags = KEYF_CHECKED | KEYF_VALID;
-    }
-
-    for( node=keynode->next; node; node = node->next ) {
-	PKT_signature *sig;
-
-	if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
-	    break; /* ready */
-	if( node->pkt->pkttype != PKT_SIGNATURE )
-	    continue; /* don't care about other packets */
-
-	sig = node->pkt->pkt.signature;
-
-	if( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] )
-	    continue; /* we only care about self-signatures */
-
-	if( sig->sig_class == 0x18 && !keybind_seen && !is_main ) {
-	    /* check until we find a valid keybinding */
-	    rc = check_key_signature( keyblock, node, NULL );
-	    if( !rc ) {
-		if( opt.verbose )
-		    log_info(_("key %08lX.%lu: Good subkey binding\n"),
-				     (ulong)keyid_from_pk(pk,NULL), lid );
-		keyflags |= KEYF_CHECKED | KEYF_VALID;
-	    }
-	    else {
-		log_info(_(
-		  "key %08lX.%lu: Invalid subkey binding: %s\n"),
-		    (ulong)keyid_from_pk(pk,NULL), lid, gpg_errstr(rc) );
-		keyflags |= KEYF_CHECKED;
-		keyflags &= ~KEYF_VALID;
-	    }
-	    keybind_seen = 1;
-	}
-	else if( sig->sig_class == 0x20 && !revoke_seen ) {
-	    /* this is a key revocation certificate: check it */
-	    rc = check_key_signature( keyblock, node, NULL );
-	    if( !rc ) {
-		if( opt.verbose )
-		    log_info(_("key %08lX.%lu: Valid key revocation\n"),
-				 (ulong)keyid_from_pk(pk, NULL), lid );
-		keyflags |= KEYF_REVOKED;
-	    }
-	    else {
-		log_info(_(
-		  "key %08lX.%lu: Invalid key revocation: %s\n"),
-		  (ulong)keyid_from_pk(pk,NULL), lid, gpg_errstr(rc) );
-	    }
-	    revoke_seen = 1;
-	}
-	else if( sig->sig_class == 0x28 && !revoke_seen && !is_main ) {
-	    /* this is a subkey revocation certificate: check it */
-	    rc = check_key_signature( keyblock, node, NULL );
-	    if( !rc ) {
-		if( opt.verbose )
-		    log_info(_(
-			"key %08lX.%lu: Valid subkey revocation\n"),
-			 (ulong)keyid_from_pk(pk,NULL), lid );
-		keyflags |= KEYF_REVOKED;
-	    }
-	    else {
-		log_info(_(
-		  "key %08lX.%lu: Invalid subkey binding: %s\n"),
-		  (ulong)keyid_from_pk(pk,NULL), lid, gpg_errstr(rc) );
-	    }
-	    revoke_seen = 1;
-	}
-	/* Hmmm: should we handle direct key signatures here? */
+  TRUSTREC rec;
+  int rc;
+  
+  rc = read_trust_record (pk, &rec);
+  if (rc == -1)
+    return TRUST_UNKNOWN; /* no record yet */
+  if (rc) 
+    {
+      tdbio_invalid ();
+      return rc; /* actually never reached */
     }
-
-    return keyflags;
+  
+  return rec.r.trust.ownertrust;
 }
 
-
-static ulong
-make_key_records( KBNODE keyblock, ulong lid, u32 *keyid, int *mainrev )
+/*
+ * Same as get_ownertrust but return a trust letter instead of an value.
+ */
+int
+get_ownertrust_info (PKT_public_key *pk)
 {
-    TRUSTREC *krecs, **kend, *k, *k2;
-    KBNODE  node;
-    PKT_public_key *pk;
-    byte fpr[MAX_FINGERPRINT_LEN];
-    size_t fprlen;
-    ulong keyrecno;
-
-    *mainrev = 0;
-    krecs = NULL; kend = &krecs;
-    for( node=keyblock; node; node = node->next ) {
-	if( node->pkt->pkttype != PKT_PUBLIC_KEY
-	    && node->pkt->pkttype != PKT_PUBLIC_SUBKEY )
-	    continue;
-	pk = node->pkt->pkt.public_key;
-	fingerprint_from_pk( pk, fpr, &fprlen );
-
-	/* create the key record */
-	k = gcry_xcalloc( 1, sizeof *k );
-	k->rectype = RECTYPE_KEY;
-	k->r.key.lid = lid;
-	k->r.key.pubkey_algo = pk->pubkey_algo;
-	k->r.key.fingerprint_len = fprlen;
-	memcpy(k->r.key.fingerprint, fpr, fprlen );
-	k->recnum = tdbio_new_recnum();
-	*kend = k;
-	kend = &k->next;
-
-	k->r.key.keyflags = check_keybinding( keyblock, node, keyid, lid, pk );
-	if( (k->r.key.keyflags & KEYF_REVOKED)
-	    && node->pkt->pkttype == PKT_PUBLIC_KEY )
-	    *mainrev = 1;
-    }
+    unsigned int otrust;
+    int c;
 
-    keyrecno = krecs? krecs->recnum : 0;
-    /* write the keylist and release the memory */
-    for( k = krecs; k ; k = k2 ) {
-	if( k->next )
-	    k->r.key.next = k->next->recnum;
-	write_record( k );
-	k2 = k->next;
-	gcry_free( k );
-    }
-    return keyrecno;
+    otrust = get_ownertrust (pk);
+    c = trust_letter( (otrust & TRUST_MASK) );
+    if( !c )
+	c = '?';
+    return c;
 }
 
-
-/****************
- * Check the validity of a user ID and calculate the uidflags
- * keynode points to  a node with a user ID.
- * mainkid has the key ID of the primary key, keyblock is the complete
- * keyblock which is needed for signature checking.
- * Returns: The uid flags and the self-signature which is considered to
- * be the most current.
+/*
+ * Set the trust value of the given public key to the new value.
+ * The key should be a primary one.
  */
-static unsigned int
-check_uidsigs( KBNODE keyblock, KBNODE keynode, u32 *mainkid, ulong lid,
-						  PKT_signature **bestsig )
-{
-    KBNODE node;
-    unsigned int uidflags = 0;
-    PKT_signature *sig;
-    PKT_signature *selfsig = NULL; /* the latest valid self signature */
-    int rc;
-
-    if( DBG_TRUST ) {
-	PKT_user_id *uid;
-	log_debug("check_uidsigs: %08lX.%lu \"",
-			    (ulong)mainkid[1], lid );
-	assert(keynode->pkt->pkttype == PKT_USER_ID );
-	uid = keynode->pkt->pkt.user_id;
-	print_string( log_stream(), uid->name, uid->len, '\"' );
-	fputs("\"\n", log_stream());
+void
+update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
+{
+  TRUSTREC rec;
+  int rc;
+  
+  rc = read_trust_record (pk, &rec);
+  if (!rc)
+    {
+      if (DBG_TRUST)
+        log_debug ("update ownertrust from %u to %u\n",
+                   (unsigned int)rec.r.trust.ownertrust, new_trust );
+      if (rec.r.trust.ownertrust != new_trust)
+        {
+          rec.r.trust.ownertrust = new_trust;
+          write_record( &rec );
+          revalidation_mark ();
+          do_sync ();
+        }
     }
+  else if (rc == -1)
+    { /* no record yet - create a new one */
+      size_t dummy;
 
-    /* first we check only the selfsignatures */
-    for( node=keynode->next; node; node = node->next ) {
-	if( node->pkt->pkttype == PKT_USER_ID
-	    || node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
-	    break; /* ready */
-	if( node->pkt->pkttype != PKT_SIGNATURE )
-	    continue; /* don't care about other packets */
-	sig = node->pkt->pkt.signature;
-	if( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] )
-	    continue; /* we only care about self-signatures for now */
-
-	if( (sig->sig_class&~3) == 0x10 ) { /* regular self signature */
-	    rc = check_key_signature( keyblock, node, NULL );
-	    if( !rc ) {
-		if( opt.verbose )
-		    log_info( "uid %08lX.%lu: %s\n",
-		       (ulong)mainkid[1], lid, _("Good self-signature") );
-		uidflags |= UIDF_CHECKED | UIDF_VALID;
-		if( !selfsig )
-		    selfsig = sig; /* use the first valid sig */
-		else if( sig->timestamp > selfsig->timestamp
-			 && sig->sig_class >= selfsig->sig_class )
-		    selfsig = sig; /* but this one is newer */
-	    }
-	    else {
-		log_info( "uid %08lX: %s: %s\n",
-			   (ulong)mainkid[1], _("Invalid self-signature"),
-			   gpg_errstr(rc) );
-		uidflags |= UIDF_CHECKED;
-	    }
-	}
-    }
+      if (DBG_TRUST)
+        log_debug ("insert ownertrust %u\n", new_trust );
 
-    /* and now check for revocations - we must do this after the
-     * self signature check because a self-signature which is newer
-     * than a revocation makes the revocation invalid.
-     * RFC2440 is quiet about tis but I feel this is reasonable for
-     * non-primary-key revocations. */
-    for( node=keynode->next; node; node = node->next ) {
-	if( node->pkt->pkttype == PKT_USER_ID
-	    || node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
-	    break; /* ready */
-	if( node->pkt->pkttype != PKT_SIGNATURE )
-	    continue; /* don't care about other packets */
-	sig = node->pkt->pkt.signature;
-	if( mainkid[0] != sig->keyid[0] || mainkid[1] != sig->keyid[1] )
-	    continue; /* we only care about self-signatures for now */
-
-	if( sig->sig_class == 0x30 ) { /* cert revocation */
-	    rc = check_key_signature( keyblock, node, NULL );
-	    if( !rc && selfsig && selfsig->timestamp > sig->timestamp ) {
-		log_info( "uid %08lX.%lu: %s\n",
-		       (ulong)mainkid[1], lid,
-		       _("Valid user ID revocation skipped "
-			 "due to a newer self signature") );
-	    }
-	    else if( !rc ) {
-		if( opt.verbose )
-		    log_info( "uid %08lX.%lu: %s\n",
-		       (ulong)mainkid[1], lid, _("Valid user ID revocation") );
-		uidflags |= UIDF_CHECKED | UIDF_VALID | UIDF_REVOKED;
-	    }
-	    else {
-		log_info("uid %08lX: %s: %s\n",
-			    (ulong)mainkid[1], _("Invalid user ID revocation"),
-						    gpg_errstr(rc) );
-	    }
-	}
+      memset (&rec, 0, sizeof rec);
+      rec.recnum = tdbio_new_recnum ();
+      rec.rectype = RECTYPE_TRUST;
+      fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
+      rec.r.trust.ownertrust = new_trust;
+      write_record (&rec);
+      revalidation_mark ();
+      do_sync ();
+      rc = 0;
+    }
+  else 
+    {
+      tdbio_invalid ();
     }
-
-    *bestsig = selfsig;
-    return uidflags;
 }
 
-
-static unsigned int
-check_sig_record( KBNODE keyblock, KBNODE signode,
-		  ulong siglid, int sigidx, u32 *keyid, ulong lid,
-		  u32 *r_expiretime, int *mod_down, int *mod_up )
-{
-    PKT_signature *sig = signode->pkt->pkt.signature;
-    unsigned int sigflag = 0;
-    TRUSTREC tmp;
-    int revocation=0, expired=0, rc;
-
-    if( DBG_TRUST )
-	log_debug("check_sig_record: %08lX.%lu %lu[%d]\n",
-			    (ulong)keyid[1], lid, siglid, sigidx );
-    *r_expiretime = 0;
-    if( (sig->sig_class&~3) == 0x10 ) /* regular certification */
-	;
-    else if( sig->sig_class == 0x30 ) /* cert revocation */
-	revocation = 1;
-    else
-	return SIGF_CHECKED | SIGF_IGNORED;
-
-    read_record( siglid, &tmp, 0 );
-    if( tmp.rectype == RECTYPE_DIR ) {
-	/* the public key is in the trustdb: check sig */
-	rc = check_key_signature2( keyblock, signode, NULL,
-					     r_expiretime, &expired );
-	if( !rc ) { /* valid signature */
-	    if( opt.verbose )
-		log_info("sig %08lX.%lu/%lu[%d]/%08lX: %s\n",
-			(ulong)keyid[1], lid, siglid, sigidx,
-						(ulong)sig->keyid[1],
-			revocation? _("Valid certificate revocation")
-				  : _("Good certificate") );
-	    sigflag |= SIGF_CHECKED | SIGF_VALID;
-	    if( expired ) {
-		sigflag |= SIGF_EXPIRED;
-		/* We have to reset the expiretime, so that this signature
-		 * does not get checked over and over due to the reached
-		 * expiretime */
-		*r_expiretime = 0;
-	    }
-	    if( revocation ) {
-		sigflag |= SIGF_REVOKED;
-		*mod_down = 1;
-	    }
-	    else
-		*mod_up = 1;
-	}
-	else if( rc == GPGERR_NO_PUBKEY ) {
-	    /* This may happen if the key is still in the trustdb
-	     * but not available in the keystorage */
-	    sigflag |= SIGF_NOPUBKEY;
-	    *mod_down = 1;
-	    if( revocation )
-		sigflag |= SIGF_REVOKED;
-	}
-	else {
-	    log_info("sig %08lX.%lu/%lu[%d]/%08lX: %s: %s\n",
-			(ulong)keyid[1], lid, siglid, sigidx,
-						(ulong)sig->keyid[1],
-			revocation? _("Invalid certificate revocation")
-				   : _("Invalid certificate"),
-					    gpg_errstr(rc));
-	    sigflag |= SIGF_CHECKED;
-	    if( revocation ) {
-		sigflag |= SIGF_REVOKED;
-		*mod_down = 1;
-	    }
-	}
-    }
-    else if( tmp.rectype == RECTYPE_SDIR ) {
-	/* better check that it is the right one */
-	if(    tmp.r.sdir.keyid[0] == sig->keyid[0]
-	    && tmp.r.sdir.keyid[1] == sig->keyid[1]
-	    && (!tmp.r.sdir.pubkey_algo
-		 || tmp.r.sdir.pubkey_algo == sig->pubkey_algo ))
-	    sigflag |= SIGF_NOPUBKEY;
-	else
-	    log_error(_("sig record %lu[%d] points to wrong record.\n"),
-			 siglid, sigidx );
+/* Clear the ownertrust value.  Return true if a changed actually happend. */
+int
+clear_ownertrust (PKT_public_key *pk)
+{
+  TRUSTREC rec;
+  int rc;
+  
+  rc = read_trust_record (pk, &rec);
+  if (!rc)
+    {
+      if (DBG_TRUST)
+        log_debug ("clearing ownertrust (old value %u)\n",
+                   (unsigned int)rec.r.trust.ownertrust);
+      if (rec.r.trust.ownertrust)
+        {
+          rec.r.trust.ownertrust = 0;
+          write_record( &rec );
+          revalidation_mark ();
+          do_sync ();
+          return 1;
+        }
     }
-    else {
-	log_error(_("sig record %lu[%d] points to wrong record.\n"),
-		    siglid, sigidx );
-	tdbio_invalid();
+  else if (rc != -1)
+    {
+      tdbio_invalid ();
     }
-
-    return sigflag;
+  return 0;
 }
 
-/****************
- * Make the sig records for the given uid record
- * We don't set flags here or even check the signatures; this will
- * happen latter.
+/* 
+ * Note: Caller has to do a sync 
  */
-static ulong
-make_sig_records( KBNODE keyblock, KBNODE uidnode,
-		  ulong lid, u32 *mainkid, u32 *min_expire,
-					int *mod_down, int *mod_up  )
-{
-    TRUSTREC *srecs, **s_end, *s=NULL, *s2;
-    KBNODE  node;
-    PKT_signature *sig;
-    ulong sigrecno, siglid;
-    int i, sigidx = 0;
-    u32 expiretime;
-
-    srecs = NULL; s_end = &srecs;
-    for( node=uidnode->next; node; node = node->next ) {
-	if( node->pkt->pkttype == PKT_USER_ID
-	    || node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
-	    break; /* ready */
-	if( node->pkt->pkttype != PKT_SIGNATURE )
-	    continue; /* don't care about other packets */
-	sig = node->pkt->pkt.signature;
-	if( mainkid[0] == sig->keyid[0] && mainkid[1] == sig->keyid[1] )
-	    continue; /* we don't care about self-signatures here */
-
-	siglid = find_or_create_lid( sig );
-	/* smash dups */
-	/* FIXME: Here we have a problem:
-	 *  We can't distinguish between a certification and a certification
-	 *  revocation without looking at class of the signature - we have
-	 *  to see how we can store the sigclass in the sigrecord..
-	 *  Argg- I hope I can get rid of this ugly trustdb ASAP.
-	 */
-	for( s2 = s; s2 ; s2 = s2->next ) {
-	    for(i=0; i < sigidx; i++ ) {
-		if( s2->r.sig.sig[i].lid == siglid )
-		    goto leaveduptest;
-	    }
-	}
-	for( s2 = srecs; s2 ; s2 = s2->next ) {
-	    for(i=0; i < SIGS_PER_RECORD; i++ ) {
-		if( s2->r.sig.sig[i].lid == siglid )
-		    goto leaveduptest;
-	    }
-	}
-      leaveduptest:
-	if( s2 ) {
-	    log_info( "sig %08lX.%lu: %s\n", (ulong)mainkid[1], lid,
-				    _("duplicated certificate - deleted") );
-	    continue;
-	}
+static void
+update_validity (PKT_public_key *pk, const byte *namehash,
+                 int depth, int validity)
+{
+  TRUSTREC trec, vrec;
+  int rc;
+  ulong recno;
+  
+  rc = read_trust_record (pk, &trec);
+  if (rc && rc != -1)
+    {
+      tdbio_invalid ();
+      return;
+    }
+  if (rc == -1) /* no record yet - create a new one */
+    { 
+      size_t dummy;
+
+      rc = 0;
+      memset (&trec, 0, sizeof trec);
+      trec.recnum = tdbio_new_recnum ();
+      trec.rectype = RECTYPE_TRUST;
+      fingerprint_from_pk (pk, trec.r.trust.fingerprint, &dummy);
+      trec.r.trust.ownertrust = 0;
+      }
+
+  /* locate an existing one */
+  recno = trec.r.trust.validlist;
+  while (recno)
+    {
+      read_record (recno, &vrec, RECTYPE_VALID);
+      if ( !memcmp (vrec.r.valid.namehash, namehash, 20) )
+        break;
+      recno = vrec.r.valid.next;
+    }
+
+  if (!recno) /* insert a new validity record */
+    {
+      memset (&vrec, 0, sizeof vrec);
+      vrec.recnum = tdbio_new_recnum ();
+      vrec.rectype = RECTYPE_VALID;
+      memcpy (vrec.r.valid.namehash, namehash, 20);
+      vrec.r.valid.next = trec.r.trust.validlist;
+    }
+  vrec.r.valid.validity = validity;
+  write_record (&vrec);
+  trec.r.trust.depth = depth;
+  trec.r.trust.validlist = vrec.recnum;
+  write_record (&trec);
+}
+
+
+/* reset validity for all user IDs.  Caller must sync. */
+static int
+clear_validity (PKT_public_key *pk)
+{
+  TRUSTREC trec, vrec;
+  int rc;
+  ulong recno;
+  int any = 0;
+  
+  rc = read_trust_record (pk, &trec);
+  if (rc && rc != -1)
+    {
+      tdbio_invalid ();
+      return 0;
+    }
+  if (rc == -1) /* no record yet - no need to clerar it then ;-) */
+    return 0;
 
-	/* create the sig record */
-	if( !sigidx ) {
-	    s = gcry_xcalloc( 1, sizeof *s );
-	    s->rectype = RECTYPE_SIG;
-	    s->r.sig.lid = lid;
-	}
-	s->r.sig.sig[sigidx].lid = siglid;
-	s->r.sig.sig[sigidx].flag= check_sig_record( keyblock, node,
-						     siglid, sigidx,
-						     mainkid, lid, &expiretime,
-						     mod_down, mod_up );
-
-	sigidx++;
-	if( sigidx == SIGS_PER_RECORD ) {
-	    s->recnum = tdbio_new_recnum();
-	    *s_end = s;
-	    s_end = &s->next;
-	    sigidx = 0;
-	}
-	/* keep track of signers pk expire time */
-	if( expiretime && (!*min_expire || *min_expire > expiretime ) )
-	    *min_expire = expiretime;
-    }
-    if( sigidx ) {
-       s->recnum = tdbio_new_recnum();
-       *s_end = s;
-       s_end = &s->next;
+  /* reset validity for all user IDs */
+  recno = trec.r.trust.validlist;
+  while (recno)
+    {
+      read_record (recno, &vrec, RECTYPE_VALID);
+      if ((vrec.r.valid.validity & TRUST_MASK))
+        {
+          vrec.r.valid.validity &= ~TRUST_MASK;
+          write_record (&vrec);
+          any = 1;
+        }
+      recno = vrec.r.valid.next;
     }
 
-    sigrecno = srecs? srecs->recnum : 0;
-    /* write the keylist and release the memory */
-    for( s = srecs; s ; s = s2 ) {
-	if( s->next )
-	    s->r.sig.next = s->next->recnum;
-	write_record( s );
-	s2 = s->next;
-	gcry_free( s );
-    }
-    return sigrecno;
+  return any;
 }
 
 
+
+/***********************************************
+ *********  Query trustdb values  **************
+ ***********************************************/
 
-/****************
- * Make a preference record (or a list of them) according to the supplied
- * signature.
- * Returns: The record number of the first pref record.
+/*
+ * Return the validity information for PK.  If the namehash is not
+ * NULL, the validity of the corresponsing user ID is returned,
+ * otherwise, a reasonable value for the entire key is returned. 
  */
-static ulong
-make_pref_record( PKT_signature *sig, ulong lid )
-{
-    static struct {
-	sigsubpkttype_t subpkttype;
-	int preftype;
-    } ptable[] = {
-	{ SIGSUBPKT_PREF_SYM,	PREFTYPE_SYM	},
-	{ SIGSUBPKT_PREF_HASH,	PREFTYPE_HASH	},
-	{ SIGSUBPKT_PREF_COMPR, PREFTYPE_COMPR	},
-	{ 0, 0 }
-    };
-    TRUSTREC *precs, **p_end, *p=NULL, *p2;
-    ulong precno;
-    int k, idx=0;
-    const byte *s;
-    size_t n;
-
-  #if (ITEMS_PER_PREF_RECORD % 2) != 0
-    #error ITEMS_PER_PREF_RECORD must have an even value
-  #endif
-
-    precs = NULL; p_end = &precs;
-    for(k=0; ptable[k].subpkttype; k++ ) {
-	s = parse_sig_subpkt2( sig, ptable[k].subpkttype, &n );
-	if( !s )
-	    continue;
-	for( ; n; n--, s++ ) {
-	    if( !idx ) {
-		p = gcry_xcalloc( 1, sizeof *p );
-		p->rectype = RECTYPE_PREF;
-		p->r.pref.lid = lid;
-	    }
-	    p->r.pref.data[idx++] = ptable[k].preftype;
-	    p->r.pref.data[idx++] = *s;
-	    if( idx >= ITEMS_PER_PREF_RECORD ) {
-		p->recnum = tdbio_new_recnum();
-		*p_end = p;
-		p_end = &p->next;
-		idx = 0;
-	    }
-	}
-    }
-    if( idx ) {
-       p->recnum = tdbio_new_recnum();
-       *p_end = p;
-       p_end = &p->next;
-    }
-
-    precno = precs? precs->recnum : 0;
-    /* write the precs and release the memory */
-    for( p = precs; p ; p = p2 ) {
-	if( p->next )
-	    p->r.pref.next = p->next->recnum;
-	write_record( p );
-	p2 = p->next;
-	gcry_free( p );
+unsigned int
+get_validity (PKT_public_key *pk, const byte *namehash)
+{
+  static int did_nextcheck;
+  TRUSTREC trec, vrec;
+  int rc;
+  ulong recno;
+  unsigned int validity;
+  u32 kid[2];
+  PKT_public_key *main_pk;
+  
+  init_trustdb ();
+  if (!did_nextcheck)
+    {
+      ulong scheduled;
+
+      did_nextcheck = 1;
+      scheduled = tdbio_read_nextcheck ();
+      if (scheduled && scheduled <= make_timestamp ())
+        {
+          if (opt.no_auto_check_trustdb) 
+            {
+              pending_check_trustdb = 1;
+              log_info ("please do a --check-trustdb\n");
+            }
+          else
+            {
+              log_info (_("checking the trustdb\n"));
+              validate_keys (0);
+            }
+        }
     }
-    return precno;
-}
-
-
-static ulong
-make_uid_records( KBNODE keyblock, ulong lid, u32 *keyid, u32 *min_expire,
-						 int *mod_down, int *mod_up )
-{
-    TRUSTREC *urecs, **uend, *u, *u2;
-    KBNODE  node;
-    PKT_user_id *uid;
-    byte uidhash[20];
-    ulong uidrecno;
-
-    urecs = NULL; uend = &urecs;
-    for( node=keyblock; node; node = node->next ) {
-	PKT_signature *bestsig;
-
-	if( node->pkt->pkttype != PKT_USER_ID )
-	    continue;
-	uid = node->pkt->pkt.user_id;
-	if( uid->photo ) {
-	    gcry_md_hash_buffer( GCRY_MD_RMD160,  uidhash,
-				 uid->photo, uid->photolen );
-	}
-	else {
-	    gcry_md_hash_buffer( GCRY_MD_RMD160,  uidhash,
-				 uid->name, uid->len );
-	}
 
-	/* create the uid record */
-	u = gcry_xcalloc( 1, sizeof *u );
-	u->rectype = RECTYPE_UID;
-	u->r.uid.lid = lid;
-	memcpy(u->r.uid.namehash, uidhash, 20 );
-	u->recnum = tdbio_new_recnum();
-	*uend = u;
-	uend = &u->next;
-
-	u->r.uid.uidflags = check_uidsigs( keyblock, node, keyid,
-						     lid, &bestsig );
-	if( (u->r.uid.uidflags & UIDF_CHECKED)
-	    && (u->r.uid.uidflags & UIDF_VALID) ) {
-	    u->r.uid.prefrec = bestsig? make_pref_record( bestsig, lid ) : 0;
+  keyid_from_pk (pk, kid);
+  if (pk->main_keyid[0] != kid[0] || pk->main_keyid[1] != kid[1])
+    { /* this is a subkey - get the mainkey */
+      main_pk = m_alloc_clear (sizeof *main_pk);
+      rc = get_pubkey (main_pk, pk->main_keyid);
+      if (rc)
+        {
+          log_error ("error getting main key %08lX of subkey %08lX: %s\n",
+                     (ulong)pk->main_keyid[1], (ulong)kid[1], g10_errstr(rc));
+          validity = TRUST_UNKNOWN; 
+          goto leave;
 	}
-
-	/* the next test is really bad because we should modify
-	 * out modification timestamps only if we really have a change.
-	 * But because we are deleting the uid records first it is somewhat
-	 * difficult to track those changes.  fixme */
-	if(   !( u->r.uid.uidflags & UIDF_VALID )
-	    || ( u->r.uid.uidflags & UIDF_REVOKED ) )
-	    *mod_down=1;
-	else
-	    *mod_up=1;
-
-	/* create the list of signatures */
-	u->r.uid.siglist = make_sig_records( keyblock, node,
-					     lid, keyid, min_expire,
-					     mod_down, mod_up );
-    }
-
-    uidrecno = urecs? urecs->recnum : 0;
-    /* write the uidlist and release the memory */
-    for( u = urecs; u ; u = u2 ) {
-	if( u->next )
-	    u->r.uid.next = u->next->recnum;
-	write_record( u );
-	u2 = u->next;
-	gcry_free( u );
     }
-    return uidrecno;
+  else
+    main_pk = pk;
+
+  rc = read_trust_record (main_pk, &trec);
+  if (rc && rc != -1)
+    {
+      tdbio_invalid ();
+      return 0;
+    }
+  if (rc == -1) /* no record found */
+    {
+      validity = TRUST_UNKNOWN; 
+      goto leave;
+    }
+
+  /* loop over all user IDs */
+  recno = trec.r.trust.validlist;
+  validity = 0;
+  while (recno)
+    {
+      read_record (recno, &vrec, RECTYPE_VALID);
+      if ( validity < (vrec.r.valid.validity & TRUST_MASK) )
+        validity = (vrec.r.valid.validity & TRUST_MASK);
+      if ( namehash && !memcmp (vrec.r.valid.namehash, namehash, 20) )
+        break;
+      recno = vrec.r.valid.next;
+    }
+  
+  if (recno) /* okay, use the user ID associated one */
+    validity = (vrec.r.valid.validity & TRUST_MASK);
+
+  if ( (trec.r.trust.ownertrust & TRUST_FLAG_DISABLED) )
+    validity |= TRUST_FLAG_DISABLED;
+
+ leave:
+  /* set some flags direct from the key */
+  if (main_pk->is_revoked)
+    validity |= TRUST_FLAG_REVOKED;
+  if (main_pk != pk && pk->is_revoked)
+    validity |= TRUST_FLAG_SUB_REVOKED;
+  /* Note: expiration is a trust value and not a flag - don't know why
+   * I initially designed it that way */
+  if (main_pk->has_expired || pk->has_expired)
+    validity = (validity & ~TRUST_MASK) | TRUST_EXPIRED;
+  
+  if (pending_check_trustdb)
+    validity |= TRUST_FLAG_PENDING_CHECK;
+
+  if (main_pk != pk)
+    free_public_key (main_pk);
+  return validity;
 }
 
 
-
-/****************
- * Update all the info from the public keyblock.
- * The key must already exist in the keydb.
- */
 int
-update_trust_record( KBNODE keyblock, int recheck, int *modified )
+get_validity_info (PKT_public_key *pk, const byte *namehash)
 {
-    TRUSTREC drec;
-    int rc;
+    int trustlevel;
+    int c;
 
-    /* NOTE: We don't need recheck anymore, but this might chnage again in
-     * the future */
-    if( opt.dry_run )
-	return 0;
-    if( modified )
-	*modified = 0;
-    init_trustdb();
-    rc = get_dir_record( find_kbnode( keyblock, PKT_PUBLIC_KEY )
-					    ->pkt->pkt.public_key, &drec );
-    if( rc )
-	return rc;
-
-    rc = do_update_trust_record( keyblock, &drec, 0, modified );
-    return rc;
+    trustlevel = get_validity (pk, namehash);
+    if( trustlevel & TRUST_FLAG_DISABLED )
+	return 'd';
+    if( trustlevel & TRUST_FLAG_REVOKED )
+	return 'r';
+    c = trust_letter ( (trustlevel & TRUST_MASK) );
+    if( !c )
+	c = '?';
+    return c;
 }
 
-/****************
- * Same as update_trust_record, but this functions expects the dir record.
- * On exit the dir record will reflect any changes made.
- * With sigs_only set only foreign key signatures are checked.
- */
-static int
-do_update_trust_record( KBNODE keyblock, TRUSTREC *drec,
-			int sigs_only, int *modified )
-{
-    PKT_public_key *primary_pk;
-    TRUSTREC krec, urec, prec, helprec;
-    int i, rc = 0;
-    u32 keyid[2]; /* keyid of primary key */
-    int mod_up = 0;
-    int mod_down = 0;
-    ulong recno, r2;
-    u32 expiretime;
-
-    primary_pk = find_kbnode( keyblock, PKT_PUBLIC_KEY )->pkt->pkt.public_key;
-    if( !primary_pk->local_id )
-	primary_pk->local_id = drec->recnum;
-
-    keyid_from_pk( primary_pk, keyid );
-    if( DBG_TRUST )
-	log_debug("do_update_trust_record: %08lX.%lu\n",
-					(ulong)keyid[1], drec->recnum );
-
-    rc = tdbio_begin_transaction();
-    if( rc )
-	return rc;
-
-    /* delete the old stuff FIXME: implementend sigs_only */
-    for( recno=drec->r.dir.keylist; recno; recno = krec.r.key.next ) {
-	read_record( recno, &krec, RECTYPE_KEY );
-	delete_record( recno );
-    }
-    drec->r.dir.keylist = 0;
-    for( recno=drec->r.dir.uidlist; recno; recno = urec.r.uid.next ) {
-	read_record( recno, &urec, RECTYPE_UID );
-	for(r2=urec.r.uid.prefrec ; r2; r2 = prec.r.pref.next ) {
-	    read_record( r2, &prec, RECTYPE_PREF );
-	    delete_record( r2 );
-	}
-	for(r2=urec.r.uid.siglist ; r2; r2 = helprec.r.sig.next ) {
-	    read_record( r2, &helprec, RECTYPE_SIG );
-	    delete_record( r2 );
-	}
-	delete_record( recno );
-    }
-    drec->r.dir.uidlist = 0;
-
-
-    /* insert new stuff */
-    drec->r.dir.dirflags &= ~DIRF_REVOKED;
-    drec->r.dir.dirflags &= ~DIRF_NEWKEYS;
-    drec->r.dir.keylist = make_key_records( keyblock, drec->recnum, keyid, &i );
-    if( i ) /* primary key has been revoked */
-	drec->r.dir.dirflags |= DIRF_REVOKED;
-    expiretime = 0;
-    drec->r.dir.uidlist = make_uid_records( keyblock, drec->recnum, keyid,
-					    &expiretime, &mod_down, &mod_up );
-    if( rc )
-	rc = tdbio_cancel_transaction();
-    else {
-	if( modified && tdbio_is_dirty() )
-	    *modified = 1;
-	drec->r.dir.dirflags |= DIRF_CHECKED;
-	drec->r.dir.valcheck = 0;
-	drec->r.dir.checkat = expiretime;
-	write_record( drec );
-	tdbio_write_modify_stamp( mod_up, mod_down );
-	rc = tdbio_end_transaction();
-    }
-    return rc;
-}
 
 
 
-/****************
- * Insert a trust record into the TrustDB
- * This function assumes that the record does not yet exist.
- */
-int
-insert_trust_record( KBNODE keyblock )
+void
+list_trust_path( const char *username )
 {
-    TRUSTREC dirrec;
-    TRUSTREC shadow;
-    KBNODE node;
-    int rc = 0;
-    PKT_public_key *pk;
-
-
-    if( opt.dry_run )
-	return 0;
-
-    init_trustdb();
-
-    pk = find_kbnode( keyblock, PKT_PUBLIC_KEY )->pkt->pkt.public_key;
-    if( pk->local_id ) {
-	log_debug("insert_trust_record with pk->local_id=%lu (2)\n",
-							pk->local_id );
-	rc = update_trust_record( keyblock, 1, NULL );
-	return rc;
-    }
-
-    /* We have to look for a shadow dir record which must be reused
-     * as the dir record. */
-    rc = tdbio_search_sdir( pk->keyid, pk->pubkey_algo, &shadow );
-    if( rc && rc != -1 ) {
-	log_error(_("tdbio_search_dir failed: %s\n"), gpg_errstr(rc));
-	tdbio_invalid();
-    }
-    memset( &dirrec, 0, sizeof dirrec );
-    dirrec.rectype = RECTYPE_DIR;
-    if( !rc ) /* we have a shadow dir record - convert to dir record */
-	dirrec.recnum = shadow.recnum;
-    else
-	dirrec.recnum = tdbio_new_recnum();
-    dirrec.r.dir.lid = dirrec.recnum;
-    write_record( &dirrec );
-
-    /* put the LID into the keyblock */
-    pk->local_id = dirrec.r.dir.lid;
-    for( node=keyblock; node; node = node->next ) {
-	if( node->pkt->pkttype == PKT_PUBLIC_KEY
-	    || node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
-	    PKT_public_key *a_pk = node->pkt->pkt.public_key;
-	    a_pk->local_id = dirrec.r.dir.lid;
-	}
-	else if( node->pkt->pkttype == PKT_SIGNATURE ) {
-	    PKT_signature *a_sig = node->pkt->pkt.signature;
-	    a_sig->local_id = dirrec.r.dir.lid;
-	}
-    }
-
-
-    /* mark tdb as modified upwards */
-    tdbio_write_modify_stamp( 1, 0 );
-
-    /* and put all the other stuff into the keydb */
-    rc = do_update_trust_record( keyblock, &dirrec, 0, NULL );
-
-    do_sync();
-
-    /* keep track of new keys */
-    if( !fresh_imported_keys )
-	fresh_imported_keys = new_lid_table();
-    ins_lid_table_item( fresh_imported_keys, pk->local_id, 0 );
-    if( ++fresh_imported_keys_count > FRESH_KEY_CHECK_THRESHOLD )
-	mark_fresh_keys();
-
-    return rc;
 }
 
 
 
 
 /****************
- * Insert a trust record indentified by a PK into the TrustDB
+ * Enumerate all keys, which are needed to build all trust paths for
+ * the given key.  This function does not return the key itself or
+ * the ultimate key (the last point in cerificate chain).  Only
+ * certificate chains which ends up at an ultimately trusted key
+ * are listed.	If ownertrust or validity is not NULL, the corresponding
+ * value for the returned LID is also returned in these variable(s).
+ *
+ *  1) create a void pointer and initialize it to NULL
+ *  2) pass this void pointer by reference to this function.
+ *     Set lid to the key you want to enumerate and pass it by reference.
+ *  3) call this function as long as it does not return -1
+ *     to indicate EOF. LID does contain the next key used to build the web
+ *  4) Always call this function a last time with LID set to NULL,
+ *     so that it can free its context.
+ *
+ * Returns: -1 on EOF or the level of the returned LID
  */
 int
-insert_trust_record_by_pk( PKT_public_key *pk )
-{
-    KBNODE keyblock = NULL;
-    byte fingerprint[MAX_FINGERPRINT_LEN];
-    size_t fingerlen;
-    int rc;
-
-    /* get the keyblock */
-    fingerprint_from_pk( pk, fingerprint, &fingerlen );
-    rc = get_keyblock_byfprint( &keyblock, fingerprint, fingerlen );
-    if( rc ) { /* that should never happen */
-	log_debug( "insert_trust_record_by_pk: keyblock not found: %s\n",
-							  gpg_errstr(rc) );
-    }
-    else {
-	rc = insert_trust_record( keyblock );
-	if( !rc ) /* copy the LID into the PK */
-	    pk->local_id = find_kbnode( keyblock, PKT_PUBLIC_KEY )
-					    ->pkt->pkt.public_key->local_id;
-    }
-
-    release_kbnode( keyblock );
-    return rc;
-}
-
-
-/****************
- * Check one trust record.  This function is called for every
- * directory record which is to be checked.  The supplied
- * dir record is modified according to the performed actions.
- * Currently we only do an update_trust_record.
- */
-static int
-check_trust_record( TRUSTREC *drec, int sigs_only )
+enum_cert_paths( void **context, ulong *lid,
+		 unsigned *ownertrust, unsigned *validity )
 {
-    KBNODE keyblock;
-    int modified, rc;
-
-    rc = get_keyblock_bylid( &keyblock, drec->recnum );
-    if( rc ) {
-	log_debug( "check_trust_record %lu: keyblock not found: %s\n",
-					      drec->recnum, gpg_errstr(rc) );
-	return rc;
-    }
-
-    rc = do_update_trust_record( keyblock, drec, sigs_only, &modified );
-    release_kbnode( keyblock );
-
-    return rc;
+    return -1;
 }
 
 
 /****************
- * Walk over the keyrings and create trustdb records for all keys
- * which are not currently in the trustdb.
- * It is intended to be used after a fast-import operation.
+ * Print the current path
  */
 void
-update_trustdb()
+enum_cert_paths_print( void **context, FILE *fp,
+				       int refresh, ulong selected_lid )
 {
-    KBNODE keyblock = NULL;
-    KBPOS kbpos;
-    int rc;
-
-    if( opt.dry_run )
-	return;
-
-    init_trustdb();
-    rc = enum_keyblocks_begin( &kbpos, 0 );
-    if( !rc ) {
-	ulong count=0, err_count=0, new_count=0;
-
-	while( !(rc = enum_keyblocks_next( kbpos, 1, &keyblock )) ) {
-	    /*int modified;*/
-	    TRUSTREC drec;
-	    PKT_public_key *pk = find_kbnode( keyblock, PKT_PUBLIC_KEY )
-					->pkt->pkt.public_key;
-
-	    rc = get_dir_record( pk, &drec );
-	    if( rc == -1 ) { /* not in trustdb: insert */
-		rc = insert_trust_record( keyblock );
-		if( rc && !pk->local_id ) {
-		    log_error(_("lid ?: insert failed: %s\n"),
-						     gpg_errstr(rc) );
-		    err_count++;
-		}
-		else if( rc ) {
-		    log_error(_("lid %lu: insert failed: %s\n"),
-				       pk->local_id, gpg_errstr(rc) );
-		    err_count++;
-		}
-		else {
-		    if( opt.verbose )
-			log_info(_("lid %lu: inserted\n"), pk->local_id );
-		    new_count++;
-		}
-	    }
-	    else if( rc ) {
-		log_error(_("error reading dir record: %s\n"), gpg_errstr(rc));
-		err_count++;
-	    }
-
-	    release_kbnode( keyblock ); keyblock = NULL;
-	    if( !(++count % 100) )
-		log_info(_("%lu keys so far processed\n"), count);
-	}
-	log_info(_("%lu keys processed\n"), count);
-	if( err_count )
-	    log_info(_("\t%lu keys with errors\n"), err_count);
-	if( new_count )
-	    log_info(_("\t%lu keys inserted\n"), new_count);
-    }
-    if( rc && rc != -1 )
-	log_error(_("enumerate keyblocks failed: %s\n"), gpg_errstr(rc));
-
-    enum_keyblocks_end( kbpos ); 
-    release_kbnode( keyblock );
+    return;
 }
 
 
+
+/****************************************
+ *********** NEW NEW NEW ****************
+ ****************************************/
 
-/****************
- * Do all required checks in the trustdb.  This function walks over all
- * records in the trustdb and does scheduled processing.
- */
-void
-check_trustdb( const char *username )
+static int
+ask_ownertrust (u32 *kid)
 {
-    TRUSTREC rec;
-    ulong recnum;
-    ulong count=0, upd_count=0, err_count=0, skip_count=0, sigonly_count=0;
-    ulong current_time = make_timestamp();
-
-    if( username )
-	log_info("given user IDs ignored in check_trustdb\n");
-
-    init_trustdb();
-
-    for(recnum=0; !tdbio_read_record( recnum, &rec, 0); recnum++ ) {
-	int sigs_only;
-
-	if( rec.rectype != RECTYPE_DIR )
-	    continue; /* we only want the dir records */
-
-	if( count && !(count % 100) && !opt.quiet )
-	    log_info(_("%lu keys so far processed\n"), count);
-	count++;
-	sigs_only = 0;
-
-	if( !(rec.r.dir.dirflags & DIRF_CHECKED) )
-	    ;
-	else if( !rec.r.dir.checkat || rec.r.dir.checkat > current_time ) {
-	    if( !(rec.r.dir.dirflags & DIRF_NEWKEYS) ) {
-		skip_count++;
-		continue;  /* not scheduled for checking */
-	    }
-	    sigs_only = 1; /* new public keys - check them */
-	    sigonly_count++;
-	}
-
-	if( !rec.r.dir.keylist ) {
-	    log_info(_("lid %lu: dir record w/o key - skipped\n"), recnum);
-	    skip_count++;
-	    continue;
-	}
+  PKT_public_key *pk;
+  int rc;
+  int ot;
 
-	check_trust_record( &rec, sigs_only );
+  pk = m_alloc_clear (sizeof *pk);
+  rc = get_pubkey (pk, kid);
+  if (rc)
+    {
+      log_error (_("public key %08lX not found: %s\n"),
+                 (ulong)kid[1], g10_errstr(rc) );
+      return TRUST_UNKNOWN;
     }
-
-    log_info(_("%lu keys processed\n"), count);
-    if( sigonly_count )
-	log_info(_("\t%lu due to new pubkeys\n"), sigonly_count);
-    if( skip_count )
-	log_info(_("\t%lu keys skipped\n"), skip_count);
-    if( err_count )
-	log_info(_("\t%lu keys with errors\n"), err_count);
-    if( upd_count )
-	log_info(_("\t%lu keys updated\n"), upd_count);
+ 
+  ot=edit_ownertrust(pk,0);
+  if(ot>0)
+    ot = get_ownertrust (pk);
+  else if(ot==0)
+    ot = TRUST_UNDEFINED;
+  else
+    ot = -1; /* quit */
+  free_public_key( pk );
+  return ot;
 }
 
 
-
-/***********************************************
- *********  Trust calculation  *****************
- ***********************************************/
-
-/****************
- * Find all certification paths of a given LID.
- * Limit the search to MAX_DEPTH.  stack is a helper variable which
- * should have been allocated with size max_depth, stack[0] should
- * be setup to the key we are investigating, so the minimal depth
- * we should ever see in this function is 1.
- * Returns: a new tree
- * certchain_set must be a valid set or point to NULL; this function
- * may modifiy it.
- *
- * Hmmm: add a fastscan mode which stops at valid validity nodes.
- */
-static TN
-build_cert_tree( ulong lid, int depth, int max_depth, TN helproot )
+static void
+mark_keyblock_seen (KeyHashTable tbl, KBNODE node)
 {
-    TRUSTREC dirrec;
-    TRUSTREC uidrec;
-    ulong uidrno;
-    TN keynode;
-
-    if( depth >= max_depth )
-	return NULL;
-
-    keynode = new_tn();
-    if( !helproot )
-	helproot = keynode;
-    keynode->lid = lid;
-    if( !qry_lid_table_flag( ultikey_table, lid, NULL ) ) {
-	/* this is an ultimately trusted key;
-	 * which means that we have found the end of the chain:
-	 * We do this here prior to reading the dir record
-	 * because we don't really need the info from that record */
-	keynode->n.k.ownertrust = TRUST_ULTIMATE;
-	keynode->n.k.buckstop	= 1;
-	return keynode;
-    }
-    read_record( lid, &dirrec, 0 );
-    if( dirrec.rectype != RECTYPE_DIR ) {
-	if( dirrec.rectype != RECTYPE_SDIR )
-	    log_debug("lid %lu, has rectype %d"
-		      " - skipped\n", lid, dirrec.rectype );
-	gcry_free(keynode);
-	return NULL;
-    }
-
-    if( dirrec.r.dir.checkat && dirrec.r.dir.checkat <= make_timestamp() ) {
-	check_trust_record( &dirrec, 0 );
-    }
-    else if( (dirrec.r.dir.dirflags & DIRF_NEWKEYS) ) {
-	check_trust_record( &dirrec, 1 );
-    }
-
-    keynode->n.k.ownertrust = dirrec.r.dir.ownertrust & TRUST_MASK;
-
-    /* loop over all user ids */
-    for( uidrno = dirrec.r.dir.uidlist; uidrno; uidrno = uidrec.r.uid.next ) {
-	TRUSTREC sigrec;
-	ulong sigrno;
-	TN uidnode = NULL;
-
-	read_record( uidrno, &uidrec, RECTYPE_UID );
-
-	if( !(uidrec.r.uid.uidflags & UIDF_CHECKED) )
-	    continue; /* user id has not been checked */
-	if( !(uidrec.r.uid.uidflags & UIDF_VALID) )
-	    continue; /* user id is not valid */
-	if( (uidrec.r.uid.uidflags & UIDF_REVOKED) )
-	    continue; /* user id has been revoked */
-
-	/* loop over all signature records */
-	for(sigrno=uidrec.r.uid.siglist; sigrno; sigrno = sigrec.r.sig.next ) {
-	    int i;
-	    TN tn;
-
-	    read_record( sigrno, &sigrec, RECTYPE_SIG );
-
-	    for(i=0; i < SIGS_PER_RECORD; i++ ) {
-		if( !sigrec.r.sig.sig[i].lid )
-		    continue; /* skip deleted sigs */
-		if( !(sigrec.r.sig.sig[i].flag & SIGF_CHECKED) )
-		    continue; /* skip unchecked signatures */
-		if( !(sigrec.r.sig.sig[i].flag & SIGF_VALID) )
-		    continue; /* skip invalid signatures */
-		if( (sigrec.r.sig.sig[i].flag & SIGF_EXPIRED) )
-		    continue; /* skip expired signatures */
-		if( (sigrec.r.sig.sig[i].flag & SIGF_REVOKED) )
-		    continue; /* skip revoked signatures */
-		/* check for cycles */
-		for( tn=keynode; tn && tn->lid != sigrec.r.sig.sig[i].lid;
-							  tn = tn->back )
-		    ;
-		if( tn )
-		    continue; /* cycle found */
-
-		tn = build_cert_tree( sigrec.r.sig.sig[i].lid,
-				      depth+1, max_depth, helproot );
-		if( !tn )
-		    continue; /* cert chain too deep or error */
-
-		if( !uidnode ) {
-		    uidnode = new_tn();
-		    uidnode->back = keynode;
-		    uidnode->lid = uidrno;
-		    uidnode->is_uid = 1;
-		    uidnode->next = keynode->list;
-		    keynode->list = uidnode;
-		}
-
-		tn->back = uidnode;
-		tn->next = uidnode->list;
-		uidnode->list = tn;
-		if( tn->n.k.buckstop ) {
-		    /* ultimately trusted key found:
-		     * no need to check more signatures of this uid */
-		    sigrec.r.sig.next = 0;
-		    break;
-		}
-	    }
-	} /* end loop over sig recs */
-    } /* end loop over user ids */
+  for ( ;node; node = node->next )
+    if (node->pkt->pkttype == PKT_PUBLIC_KEY
+        || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+      {
+        u32 aki[2];
 
-    if( !keynode->list ) {
-	release_tn_tree( keynode );
-	keynode = NULL;
-    }
-
-    return keynode;
+        keyid_from_pk (node->pkt->pkt.public_key, aki);
+        add_key_hash_table (tbl, aki);
+      }
 }
 
 
+
 static void
-upd_one_ownertrust( ulong lid, unsigned new_trust, unsigned *retflgs )
-{
-    TRUSTREC rec;
-
-    read_record( lid, &rec, RECTYPE_DIR );
-    if( DBG_TRUST )
-	log_debug("upd_one_ownertrust of %lu from %u to %u\n",
-			   lid, (unsigned)rec.r.dir.ownertrust, new_trust );
-    if( retflgs ) {
-	if( (new_trust & TRUST_MASK) > (rec.r.dir.ownertrust & TRUST_MASK) )
-	    *retflgs |= 16; /* modified up */
-	else
-	    *retflgs |= 32; /* modified down */
+dump_key_array (int depth, struct key_array *keys)
+{
+  struct key_array *kar;
+
+  for (kar=keys; kar->keyblock; kar++)
+    {
+      KBNODE node = kar->keyblock;
+      u32 kid[2];
+
+      keyid_from_pk(node->pkt->pkt.public_key, kid);
+      printf ("%d:%08lX%08lX:K::%c::::\n",
+              depth, (ulong)kid[0], (ulong)kid[1], '?');
+
+      for (; node; node = node->next)
+        {
+          if (node->pkt->pkttype == PKT_USER_ID)
+            {
+              int len = node->pkt->pkt.user_id->len;
+
+              if (len > 30)
+                len = 30;
+              printf ("%d:%08lX%08lX:U:::%c:::",
+                      depth, (ulong)kid[0], (ulong)kid[1],
+                      (node->flag & 4)? 'f':
+                      (node->flag & 2)? 'm':
+                      (node->flag & 1)? 'q':'-');
+              print_string (stdout,  node->pkt->pkt.user_id->name, len, ':');
+              putchar (':');
+              putchar ('\n');
+            }
+        }
     }
+}  
 
-    /* we preserve the disabled state here */
-    if( (rec.r.dir.ownertrust & TRUST_FLAG_DISABLED) )
-	rec.r.dir.ownertrust = new_trust | TRUST_FLAG_DISABLED;
-    else
-	rec.r.dir.ownertrust = new_trust & ~TRUST_FLAG_DISABLED;
-    write_record( &rec );
-}
 
-/****************
- * Update the ownertrust in the complete tree.
- */
 static void
-propagate_ownertrust( TN kr, ulong lid, unsigned trust )
-{
-    TN ur;
-
-    for( ; kr; kr = kr->next ) {
-	if( kr->lid == lid )
-	    kr->n.k.ownertrust = trust;
-	for( ur=kr->list; ur; ur = ur->next )
-	    propagate_ownertrust( ur->list, lid, trust );
+store_validation_status (int depth, KBNODE keyblock)
+{
+  KBNODE node;
+  byte namehash[20];
+  int status;
+  int any = 0;
+
+  for (node=keyblock; node; node = node->next)
+    {
+      if (node->pkt->pkttype == PKT_USER_ID)
+        {
+          PKT_user_id *uid = node->pkt->pkt.user_id;
+
+          if (node->flag & 4)
+            status = TRUST_FULLY;
+          else if (node->flag & 2)
+            status = TRUST_MARGINAL;
+          else if (node->flag & 1)
+            status = TRUST_UNDEFINED;
+          else
+            status = 0;
+          
+          if (status)
+            {
+              if( uid->attrib_data )
+                rmd160_hash_buffer (namehash,uid->attrib_data,uid->attrib_len);
+              else
+                rmd160_hash_buffer (namehash, uid->name, uid->len );
+              
+              update_validity (keyblock->pkt->pkt.public_key,
+                               namehash, depth, status);
+              any = 1;
+            }
+        }
     }
-}
 
-/****************
- * Calculate the validity of all keys in the tree and especially
- * the one of the top key.  If add_fnc is not NULL, it is used to
- * ask for missing ownertrust values (but only if this will help
- * us to increase the validity.
- * add_fnc is expected to take the LID of the key under question
- * and return a ownertrust value or an error:  positive values
- * are assumed to be the new ownertrust value; a 0 does mean no change,
- * a -1 is a request to cancel this validation procedure, a -2 requests
- * a listing of the sub-tree using the tty functions.
- *
- *
- * Returns: 0 = okay
+  if (any)
+    do_sync ();
+}  
+
+/*
+ * check whether the signature sig is in the klist k
  */
-static int
-propagate_validity( TN root, TN node, int (*add_fnc)(ulong), unsigned *retflgs )
+static struct key_item *
+is_in_klist (struct key_item *k, PKT_signature *sig)
 {
-    TN kr, ur;
-    int max_validity = 0;
-
-    assert( !node->is_uid );
-    if( node->n.k.ownertrust == TRUST_ULTIMATE ) {
-	/* this is one of our keys */
-	assert( !node->list ); /* it should be a leaf */
-	node->n.k.validity = TRUST_ULTIMATE;
-	if( retflgs )
-	    *retflgs |= 1;  /* found a path to an ultimately trusted key */
-	return 0;
+  for (; k; k = k->next)
+    {
+      if (k->kid[0] == sig->keyid[0] && k->kid[1] == sig->keyid[1])
+        return k;
     }
-
-    /* loop over all user ids */
-    for( ur=node->list; ur && max_validity <= TRUST_FULLY; ur = ur->next ) {
-	assert( ur->is_uid );
-	/* loop over all signators */
-	for(kr=ur->list; kr && max_validity <= TRUST_FULLY; kr = kr->next ) {
-	    if( propagate_validity( root, kr, add_fnc, retflgs ) )
-		return -1; /* quit */
-	    if( kr->n.k.validity == TRUST_ULTIMATE ) {
-		ur->n.u.fully_count = opt.completes_needed;
-	    }
-	    else if( kr->n.k.validity == TRUST_FULLY ) {
-		if( add_fnc && !kr->n.k.ownertrust ) {
-		    int rc;
-
-		    if( retflgs )
-			*retflgs |= 2; /* found key with undefined ownertrust*/
-		    do {
-			rc = add_fnc( kr->lid );
-			switch( rc ) {
-			  case TRUST_NEVER:
-			  case TRUST_MARGINAL:
-			  case TRUST_FULLY:
-			    propagate_ownertrust( root, kr->lid, rc );
-			    upd_one_ownertrust( kr->lid, rc, retflgs );
-			    if( retflgs )
-				*retflgs |= 4; /* changed */
-			    break;
-			  case -1:
-			    return -1; /* cancel */
-			  case -2:
-			    dump_tn_tree( NULL, 0, kr );
-			    tty_printf("\n");
-			    break;
-			  default:
-			    break;
-			}
-		    } while( rc == -2 );
-		}
-		if( kr->n.k.ownertrust == TRUST_FULLY )
-		    ur->n.u.fully_count++;
-		else if( kr->n.k.ownertrust == TRUST_MARGINAL )
-		    ur->n.u.marginal_count++;
-	    }
-
-	    if( ur->n.u.fully_count >= opt.completes_needed
-		|| ur->n.u.marginal_count >= opt.marginals_needed )
-		ur->n.u.validity = TRUST_FULLY;
-	    else if( ur->n.u.fully_count || ur->n.u.marginal_count )
-		ur->n.u.validity = TRUST_MARGINAL;
-
-	    if( ur->n.u.validity >= max_validity )
-		max_validity = ur->n.u.validity;
-	}
-    }
-
-    node->n.k.validity = max_validity;
-    return 0;
+  return NULL;
 }
 
-
-
-/****************
- * Given the directory record of a key, check whether we can
- * find a path to an ultimately trusted key.  We do this by
- * checking all key signatures up to a some depth.
+/*
+ * Mark the signature of the given UID which are used to certify it.
+ * To do this, we first revmove all signatures which are not valid and
+ * from the remain ones we look for the latest one.  If this is not a
+ * certification revocation signature we mark the signature by setting
+ * node flag bit 8.  Note that flag bits 9 and 10 are used for internal
+ * purposes.  
  */
-static int
-verify_key( int max_depth, TRUSTREC *drec, const char *namehash,
-			    int (*add_fnc)(ulong), unsigned *retflgs )
-{
-    TN tree;
-    int keytrust;
-    int pv_result;
-
-    tree = build_cert_tree( drec->r.dir.lid, 0, opt.max_cert_depth, NULL );
-    if( !tree )
-	return TRUST_UNDEFINED;
-    pv_result = propagate_validity( tree, tree, add_fnc, retflgs );
-    if( namehash && tree->n.k.validity != TRUST_ULTIMATE ) {
-	/* find the matching user id.
-	 * We don't do this here if the key is ultimately trusted; in
-	 * this case there will be no lids for the user IDs and frankly
-	 * it does not make sense to compare by the name if we do
-	 * have the secret key.
-	 * fixme: the way we handle this is too inefficient */
-	TN ur;
-	TRUSTREC rec;
-
-	keytrust = 0;
-	for( ur=tree->list; ur; ur = ur->next ) {
-	    read_record( ur->lid, &rec, RECTYPE_UID );
-	    if( !memcmp( namehash, rec.r.uid.namehash, 20 ) ) {
-		keytrust = ur->n.u.validity;
-		break;
-	    }
-	}
-    }
-    else
-	keytrust = tree->n.k.validity;
-
-    /* update the cached validity values */
-    if( !pv_result
-	&& keytrust >= TRUST_UNDEFINED
-	&& tdbio_db_matches_options()
-	&& ( !drec->r.dir.valcheck || drec->r.dir.validity != keytrust ) ) {
-	TN ur;
-	TRUSTREC rec;
-
-	for( ur=tree->list; ur; ur = ur->next ) {
-	    read_record( ur->lid, &rec, RECTYPE_UID );
-	    if( rec.r.uid.validity != ur->n.u.validity ) {
-		rec.r.uid.validity = ur->n.u.validity;
-		write_record( &rec );
-	    }
-	}
+static void
+mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
+                       u32 *main_kid, struct key_item *klist,
+                       u32 curtime, u32 *next_expire)
+{
+  KBNODE node;
+  PKT_signature *sig;
+  
+  /* first check all signatures */
+  for (node=uidnode->next; node; node = node->next)
+    {
+      node->flag &= ~(1<<8 | 1<<9 | 1<<10);
+      if (node->pkt->pkttype == PKT_USER_ID
+          || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+        break; /* ready */
+      if (node->pkt->pkttype != PKT_SIGNATURE)
+        continue;
+      
+      sig = node->pkt->pkt.signature;
+      if (sig->keyid[0] == main_kid[0] && sig->keyid[1] == main_kid[1])
+        continue; /* ignore self-signatures */
+      if (!IS_UID_SIG(sig) && !IS_UID_REV(sig))
+        continue; /* we only look at these signature classes */
+      if (!is_in_klist (klist, sig))
+        continue;  /* no need to check it then */
+      if (check_key_signature (keyblock, node, NULL))
+        continue; /* ignore invalid signatures */
+      node->flag |= 1<<9;
+    }      
+  /* reset the remaining flags */
+  for (; node; node = node->next)
+      node->flag &= ~(1<<8 | 1<<9 | 1 << 10);
+
+  /* kbnode flag usage: bit 9 is here set for signatures to consider,
+   * bit 10 will be set by the loop to keep track of keyIDs already
+   * processed, bit 8 will be set for the usable signatures */
+
+  /* for each cert figure out the latest valid one */
+  for (node=uidnode->next; node; node = node->next)
+    {
+      KBNODE n, signode;
+      u32 kid[2];
+      u32 sigdate;
+      
+      if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+        break;
+      if ( !(node->flag & (1<<9)) )
+        continue; /* not a node to look at */
+      if ( (node->flag & (1<<10)) )
+        continue; /* signature with a keyID already processed */
+      node->flag |= (1<<10); /* mark this node as processed */
+      sig = node->pkt->pkt.signature;
+      signode = node;
+      sigdate = sig->timestamp;
+      kid[0] = sig->keyid[0]; kid[1] = sig->keyid[1];
+      for (n=uidnode->next; n; n = n->next)
+        {
+          if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+            break;
+          if ( !(n->flag & (1<<9)) )
+            continue;
+          if ( (n->flag & (1<<10)) )
+            continue; /* shortcut already processed signatures */
+          sig = n->pkt->pkt.signature;
+          if (kid[0] != sig->keyid[0] || kid[1] != sig->keyid[1])
+            continue;
+          n->flag |= (1<<10); /* mark this node as processed */
+
+	  /* If signode is nonrevocable and unexpired and n isn't,
+             then take signode (skip).  It doesn't matter which is
+             older: if signode was older then we don't want to take n
+             as signode is nonrevocable.  If n was older then we're
+             automatically fine. */
+	  
+	  if(((IS_UID_SIG(signode->pkt->pkt.signature) &&
+	       !signode->pkt->pkt.signature->flags.revocable &&
+	       (signode->pkt->pkt.signature->expiredate==0 ||
+		signode->pkt->pkt.signature->expiredate>curtime))) &&
+	     (!(IS_UID_SIG(n->pkt->pkt.signature) &&
+		!n->pkt->pkt.signature->flags.revocable &&
+		(n->pkt->pkt.signature->expiredate==0 ||
+		 n->pkt->pkt.signature->expiredate>curtime))))
+	    continue;
 
-	drec->r.dir.validity = tree->n.k.validity;
-	drec->r.dir.valcheck = make_timestamp();
-	write_record( drec );
-	do_sync();
+	  /* If n is nonrevocable and unexpired and signode isn't,
+             then take n.  Again, it doesn't matter which is older: if
+             n was older then we don't want to take signode as n is
+             nonrevocable.  If signode was older then we're
+             automatically fine. */
+	  
+	  if((!(IS_UID_SIG(signode->pkt->pkt.signature) &&
+		!signode->pkt->pkt.signature->flags.revocable &&
+		(signode->pkt->pkt.signature->expiredate==0 ||
+		 signode->pkt->pkt.signature->expiredate>curtime))) &&
+	     ((IS_UID_SIG(n->pkt->pkt.signature) &&
+	       !n->pkt->pkt.signature->flags.revocable &&
+	       (n->pkt->pkt.signature->expiredate==0 ||
+		n->pkt->pkt.signature->expiredate>curtime))))
+            {
+              signode = n;
+              sigdate = sig->timestamp;
+	      continue;
+            }
+
+	  /* At this point, if it's newer, it goes in as the only
+             remaining possibilities are signode and n are both either
+             revocable or expired or both nonrevocable and unexpired.
+             If the timestamps are equal take the later ordered
+             packet, presuming that the key packets are hopefully in
+             their original order. */
+
+          if (sig->timestamp >= sigdate)
+            {
+              signode = n;
+              sigdate = sig->timestamp;
+            }
+        }
+      sig = signode->pkt->pkt.signature;
+      if (IS_UID_SIG (sig))
+        { /* this seems to be a usable one which is not revoked. 
+           * Just need to check whether there is an expiration time,
+           * We do the expired certification after finding a suitable
+           * certification, the assumption is that a signator does not
+           * want that after the expiration of his certificate the
+           * system falls back to an older certification which has a
+           * different expiration time */
+          const byte *p;
+          u32 expire;
+                    
+          p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
+          expire = p? sig->timestamp + buffer_to_u32(p) : 0;
+
+          if (expire==0 || expire > curtime )
+            {
+              signode->flag |= (1<<8); /* yeah, found a good cert */
+              if (expire && expire < *next_expire)
+                *next_expire = expire;
+            }
+        }
     }
-
-    release_tn_tree( tree );
-    return keytrust;
 }
 
 
-/****************
- * we have the pubkey record and all needed informations are in the trustdb
- * but nothing more is known.
+/*
+ * Return true if the key is signed by one of the keys in the given
+ * key ID list.  User IDs with a valid signature are marked by node
+ * flags as follows:
+ *  flag bit 0: There is at least one signature
+ *           1: There is marginal confidence that this is a legitimate uid
+ *           2: There is full confidence that this is a legitimate uid.
+ *           8: Used for internal purposes.
+ *           9: Ditto (in mark_usable_uid_certs())
+ *          10: Ditto (ditto)
+ * This function assumes that all kbnode flags are cleared on entry.
  */
 static int
-do_check( TRUSTREC *dr, unsigned *validity,
-	  const char *namehash, int (*add_fnc)(ulong), unsigned *retflgs )
-{
-    if( !dr->r.dir.keylist ) {
-	log_error(_("Ooops, no keys\n"));
-	return GPGERR_TRUSTDB;
-    }
-    if( !dr->r.dir.uidlist ) {
-	log_error(_("Ooops, no user IDs\n"));
-	return GPGERR_TRUSTDB;
+validate_one_keyblock (KBNODE kb, struct key_item *klist,
+                       u32 curtime, u32 *next_expire)
+{
+  struct key_item *kr;
+  KBNODE node, uidnode=NULL;
+  PKT_public_key *pk = kb->pkt->pkt.public_key;
+  u32 main_kid[2];
+  int issigned=0, any_signed = 0, fully_count =0, marginal_count = 0;
+
+  keyid_from_pk(pk, main_kid);
+  for (node=kb; node; node = node->next)
+    {
+      if (node->pkt->pkttype == PKT_USER_ID)
+        {
+          if (uidnode && issigned)
+            {
+              if (fully_count >= opt.completes_needed
+                  || marginal_count >= opt.marginals_needed )
+                uidnode->flag |= 4; 
+              else if (fully_count || marginal_count)
+                uidnode->flag |= 2;
+              uidnode->flag |= 1;
+              any_signed = 1;
+            }
+          uidnode = node;
+          issigned = 0;
+          fully_count = marginal_count = 0;
+          mark_usable_uid_certs (kb, uidnode, main_kid, klist, 
+                                 curtime, next_expire);
+        }
+      else if (node->pkt->pkttype == PKT_SIGNATURE 
+               && (node->flag & (1<<8)) )
+        {
+          PKT_signature *sig = node->pkt->pkt.signature;
+          
+          kr = is_in_klist (klist, sig);
+          if (kr)
+            {
+              if (kr->ownertrust == TRUST_ULTIMATE)
+                fully_count = opt.completes_needed;
+              else if (kr->ownertrust == TRUST_FULLY)
+                fully_count++;
+              else if (kr->ownertrust == TRUST_MARGINAL)
+                marginal_count++;
+              issigned = 1;
+            }
+        }
     }
 
-    if( retflgs )
-	*retflgs &= ~(16|32);  /* reset the 2 special flags */
-
-    if( (dr->r.dir.ownertrust & TRUST_FLAG_DISABLED) )
-	*validity = 0; /* no need to check further */
-    else if( namehash ) {
-	/* Fixme: use a cache */
-	*validity = verify_key( opt.max_cert_depth, dr, namehash,
-							add_fnc, retflgs );
-    }
-    else if( !add_fnc
-	&& tdbio_db_matches_options()
-	    /* FIXME, TODO: This comparision is WRONG ! */
-	&& dr->r.dir.valcheck
-	    > tdbio_read_modify_stamp( (dr->r.dir.validity < TRUST_FULLY) )
-	&& dr->r.dir.validity )
-	*validity = dr->r.dir.validity;
-    else
-	*validity = verify_key( opt.max_cert_depth, dr, NULL,
-							add_fnc, retflgs );
-
-    if( !(*validity & TRUST_MASK) )
-	*validity = TRUST_UNDEFINED;
-
-    if( (dr->r.dir.ownertrust & TRUST_FLAG_DISABLED) )
-	*validity |= TRUST_FLAG_DISABLED;
-
-    if( dr->r.dir.dirflags & DIRF_REVOKED )
-	*validity |= TRUST_FLAG_REVOKED;
-
-    /* If we have changed some ownertrusts, set the trustdb timestamps
-     * and do a sync */
-    if( retflgs && (*retflgs & (16|32)) ) {
-	tdbio_write_modify_stamp( (*retflgs & 16), (*retflgs & 32) );
-	do_sync();
+  if (uidnode && issigned)
+    {
+      if (fully_count >= opt.completes_needed
+               || marginal_count >= opt.marginals_needed )
+        uidnode->flag |= 4; 
+      else if (fully_count || marginal_count)
+        uidnode->flag |= 2;
+      uidnode->flag |= 1;
+      any_signed = 1;
     }
 
-
-    return 0;
+  return any_signed;
 }
 
 
-
-/***********************************************
- *********  Change trustdb values **************
- ***********************************************/
-
-int
-update_ownertrust( ulong lid, unsigned new_trust )
-{
-    TRUSTREC rec;
-
-    init_trustdb();
-    read_record( lid, &rec, RECTYPE_DIR );
-    if( DBG_TRUST )
-	log_debug("update_ownertrust of %lu from %u to %u\n",
-			   lid, (unsigned)rec.r.dir.ownertrust, new_trust );
-    rec.r.dir.ownertrust = new_trust;
-    write_record( &rec );
-    do_sync();
-    return 0;
-}
-
-
-int
-clear_trust_checked_flag( PKT_public_key *pk )
-{
-    TRUSTREC rec;
-    int rc;
-
-    if( opt.dry_run )
-	return 0;
-
-    init_trustdb();
-    rc = get_dir_record( pk, &rec );
-    if( rc )
-	return rc;
-
-    /* check whether they are already reset */
-    if( !(rec.r.dir.dirflags & DIRF_CHECKED) && !rec.r.dir.valcheck )
-	return 0;
-
-    /* reset the flag */
-    rec.r.dir.dirflags &= ~DIRF_CHECKED;
-    rec.r.dir.valcheck = 0;
-    write_record( &rec );
-    do_sync();
-    return 0;
-}
-
-
-
-
-
-/***********************************************
- *********  Query trustdb values  **************
- ***********************************************/
-
-
-/****************
- * This function simply looks for the key in the trustdb
- * and makes sure that pk->local_id is set to the correct value.
- * Return: 0 = found
- *	   -1 = not found
- *	  other = error
- */
-int
-query_trust_record( PKT_public_key *pk )
+static int
+search_skipfnc (void *opaque, u32 *kid)
 {
-    TRUSTREC rec;
-    init_trustdb();
-    return get_dir_record( pk, &rec );
+  return test_key_hash_table ((KeyHashTable)opaque, kid);
 }
 
 
-/****************
- * Get the trustlevel for this PK.
- * Note: This does not ask any questions
- * Returns: 0 okay of an errorcode
- *
- * It operates this way:
- *  locate the pk in the trustdb
- *	found:
- *	    Do we have a valid cache record for it?
- *		yes: return trustlevel from cache
- *		no:  make a cache record and all the other stuff
- *	not found:
- *	    try to insert the pubkey into the trustdb and check again
- *
- * Problems: How do we get the complete keyblock to check that the
- *	     cache record is actually valid?  Think we need a clever
- *	     cache in getkey.c	to keep track of this stuff. Maybe it
- *	     is not necessary to check this if we use a local pubring. Hmmmm.
+/*
+ * Scan all keys and return a key_array of all suitable keys from
+ * kllist.  The caller has to pass keydb handle so that we don't use
+ * to create our own.  Returns either a key_array or NULL in case of
+ * an error.  No results found are indicated by an empty array.
+ * Caller hast to release the returned array.  
  */
-int
-check_trust( PKT_public_key *pk, unsigned *r_trustlevel,
-	     const byte *namehash, int (*add_fnc)(ulong), unsigned *retflgs )
-{
-    TRUSTREC rec;
-    unsigned trustlevel = TRUST_UNKNOWN;
-    int rc=0;
-    u32 cur_time;
-    u32 keyid[2];
-
-
-    init_trustdb();
-    keyid_from_pk( pk, keyid );
-
-    /* get the pubkey record */
-    if( pk->local_id ) {
-	read_record( pk->local_id, &rec, RECTYPE_DIR );
-    }
-    else { /* no local_id: scan the trustdb */
-	if( (rc=tdbio_search_dir_bypk( pk, &rec )) && rc != -1 ) {
-	    log_error(_("check_trust: search dir record failed: %s\n"),
-							    gpg_errstr(rc));
-	    return rc;
-	}
-	else if( rc == -1 && opt.dry_run )
-	    return GPGERR_GENERAL;
-	else if( rc == -1 ) { /* not found - insert */
-	    rc = insert_trust_record_by_pk( pk );
-	    if( rc ) {
-		log_error(_("key %08lX: insert trust record failed: %s\n"),
-					  (ulong)keyid[1], gpg_errstr(rc));
-		goto leave;
-	    }
-	    log_info(_("key %08lX.%lu: inserted into trustdb\n"),
-					  (ulong)keyid[1], pk->local_id );
-	    /* and re-read the dir record */
-	    read_record( pk->local_id, &rec, RECTYPE_DIR );
-	}
-    }
-    cur_time = make_timestamp();
-    if( pk->timestamp > cur_time ) {
-	log_info(_("key %08lX.%lu: created in future "
-		   "(time warp or clock problem)\n"),
-					  (ulong)keyid[1], pk->local_id );
-	if( !opt.ignore_time_conflict )
-	    return GPGERR_TIME_CONFLICT;
-    }
+static struct key_array *
+validate_key_list (KEYDB_HANDLE hd, KeyHashTable visited,
+                   struct key_item *klist, u32 curtime, u32 *next_expire)
+{
+  KBNODE keyblock = NULL;
+  struct key_array *keys = NULL;
+  size_t nkeys, maxkeys;
+  int rc;
+  KEYDB_SEARCH_DESC desc;
+  
+  maxkeys = 1000;
+  keys = m_alloc ((maxkeys+1) * sizeof *keys);
+  nkeys = 0;
+  
+  rc = keydb_search_reset (hd);
+  if (rc)
+    {
+      log_error ("keydb_search_reset failed: %s\n", g10_errstr(rc));
+      m_free (keys);
+      return NULL;
+    }
+
+  memset (&desc, 0, sizeof desc);
+  desc.mode = KEYDB_SEARCH_MODE_FIRST;
+  desc.skipfnc = search_skipfnc;
+  desc.skipfncvalue = visited;
+  rc = keydb_search (hd, &desc, 1);
+  if (rc == -1)
+    {
+      keys[nkeys].keyblock = NULL;
+      return keys;
+    }
+  if (rc)
+    {
+      log_error ("keydb_search_first failed: %s\n", g10_errstr(rc));
+      m_free (keys);
+      return NULL;
+    }
+  
+  desc.mode = KEYDB_SEARCH_MODE_NEXT; /* change mode */
+  do
+    {
+      PKT_public_key *pk;
+        
+      rc = keydb_get_keyblock (hd, &keyblock);
+      if (rc) 
+        {
+          log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
+          m_free (keys);
+          return NULL;
+        }
+      
+      if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY) 
+        {
+          log_debug ("ooops: invalid pkttype %d encountered\n",
+                     keyblock->pkt->pkttype);
+          dump_kbnode (keyblock);
+          release_kbnode(keyblock);
+          continue;
+        }
 
-    if( !(rec.r.dir.dirflags & DIRF_CHECKED) )
-	check_trust_record( &rec, 0 );
-    else if( rec.r.dir.checkat && rec.r.dir.checkat <= cur_time )
-	check_trust_record( &rec, 0 );
-    else if( (rec.r.dir.dirflags & DIRF_NEWKEYS) )
-	check_trust_record( &rec, 1 );
-
-    if( pk->expiredate && pk->expiredate <= cur_time ) {
-	log_info(_("key %08lX.%lu: expired at %s\n"),
-			(ulong)keyid[1], pk->local_id,
-			     asctimestamp( pk->expiredate) );
-	trustlevel = TRUST_EXPIRED;
-    }
-    else {
-	rc = do_check( &rec, &trustlevel, namehash, add_fnc, retflgs );
-	if( rc ) {
-	    log_error(_("key %08lX.%lu: trust check failed: %s\n"),
-			    (ulong)keyid[1], pk->local_id, gpg_errstr(rc));
-	    return rc;
-	}
-    }
+      /* prepare the keyblock for further processing */
+      merge_keys_and_selfsig (keyblock); 
+      clear_kbnode_flags (keyblock);
+      pk = keyblock->pkt->pkt.public_key;
+      if (pk->has_expired || pk->is_revoked)
+        {
+          /* it does not make sense to look further at those keys */
+          mark_keyblock_seen (visited, keyblock);
+        }
+      else if (validate_one_keyblock (keyblock, klist, curtime, next_expire))
+        {
+          if (pk->expiredate && pk->expiredate >= curtime
+              && pk->expiredate < *next_expire)
+            *next_expire = pk->expiredate;
+
+          if (nkeys == maxkeys) {
+            maxkeys += 1000;
+            keys = m_realloc (keys, (maxkeys+1) * sizeof *keys);
+          }
+          keys[nkeys++].keyblock = keyblock;
+          /* this key is signed - don't check it again */
+          mark_keyblock_seen (visited, keyblock);
+          keyblock = NULL;
+        }
 
-    /* is a subkey has been requested, we have to check its keyflags */
-    if( !rc ) {
-	TRUSTREC krec;
-	byte fpr[MAX_FINGERPRINT_LEN] = {0}; /* to avoid compiler warnings */
-	size_t fprlen = 0;
-	ulong recno;
-	int kcount=0;
-
-	for( recno = rec.r.dir.keylist; recno; recno = krec.r.key.next ) {
-	    read_record( recno, &krec, RECTYPE_KEY );
-	    if( ++kcount == 1 )
-		continue; /* skip the primary key */
-	    if( kcount == 2 ) /* now we need the fingerprint */
-		fingerprint_from_pk( pk, fpr, &fprlen );
-
-	    if( krec.r.key.fingerprint_len == fprlen
-		&& !memcmp( krec.r.key.fingerprint, fpr, fprlen ) ) {
-		/* found the subkey */
-		if( (krec.r.key.keyflags & KEYF_REVOKED) )
-		    trustlevel |= TRUST_FLAG_SUB_REVOKED;
-		/* should we check for keybinding here??? */
-		/* Hmmm: Maybe this whole checking stuff should not go
-		 * into the trustdb, but be done direct from the keyblock.
-		 * Chnage this all when we add an abstarction layer around
-		 * the way certificates are handled by different standards */
-		break;
-	    }
-	}
+      release_kbnode (keyblock);
+      keyblock = NULL;
+    } 
+  while ( !(rc = keydb_search (hd, &desc, 1)) );
+  if (rc && rc != -1) 
+    {
+      log_error ("keydb_search_next failed: %s\n", g10_errstr(rc));
+      m_free (keys);
+      return NULL;
     }
 
-
-  leave:
-    if( DBG_TRUST )
-	log_debug("check_trust() returns trustlevel %04x.\n", trustlevel);
-    *r_trustlevel = trustlevel;
-    return 0;
-}
+  keys[nkeys].keyblock = NULL;
+  return keys;
+} 
 
 
-/****************
- * scan the whole trustdb and mark all signature records whose keys
- * are freshly imported.
- */
 static void
-mark_fresh_keys()
-{
-    TRUSTREC dirrec, rec;
-    ulong recnum, lid;
-    int i;
-
-    memset( &dirrec, 0, sizeof dirrec );
-
-    for(recnum=0; !tdbio_read_record( recnum, &rec, 0); recnum++ ) {
-	if( rec.rectype != RECTYPE_SIG )
-	    continue;
-	/* if we have already have the dir record, we can check it now */
-	if( dirrec.recnum == rec.r.sig.lid
-	    && (dirrec.r.dir.dirflags & DIRF_NEWKEYS) )
-	    continue; /* flag is already set */
-
-	for(i=0; i < SIGS_PER_RECORD; i++ ) {
-	    if( !(lid=rec.r.sig.sig[i].lid) )
-		continue; /* skip deleted sigs */
-	    if( !(rec.r.sig.sig[i].flag & SIGF_CHECKED) )
-		continue; /* skip checked signatures */
-	    if( qry_lid_table_flag( fresh_imported_keys, lid, NULL ) )
-		continue; /* not in the list of new keys */
-	    read_record( rec.r.sig.lid, &dirrec, RECTYPE_DIR );
-	    if( !(dirrec.r.dir.dirflags & DIRF_NEWKEYS) ) {
-		dirrec.r.dir.dirflags |= DIRF_NEWKEYS;
-		write_record( &dirrec );
-	    }
-	    break;
-	}
-    }
-
-    do_sync();
-
-    clear_lid_table( fresh_imported_keys );
-    fresh_imported_keys_count = 0;
-}
-
-
-
-int
-query_trust_info( PKT_public_key *pk, const byte *namehash )
-{
-    unsigned trustlevel;
-    int c;
-
-    init_trustdb();
-    if( check_trust( pk, &trustlevel, namehash, NULL, NULL ) )
-	return '?';
-    if( trustlevel & TRUST_FLAG_DISABLED )
-	return 'd';
-    if( trustlevel & TRUST_FLAG_REVOKED )
-	return 'r';
-    c = trust_letter( (trustlevel & TRUST_MASK) );
-    if( !c )
-	c = '?';
-    return c;
-}
-
-
-
-/****************
- * Return the assigned ownertrust value for the given LID
- */
-unsigned
-get_ownertrust( ulong lid )
-{
-    TRUSTREC rec;
-
-    init_trustdb();
-    read_record( lid, &rec, RECTYPE_DIR );
-    return rec.r.dir.ownertrust;
-}
-
-int
-get_ownertrust_info( ulong lid )
-{
-    unsigned otrust;
-    int c;
-
-    init_trustdb();
-    otrust = get_ownertrust( lid );
-    c = trust_letter( (otrust & TRUST_MASK) );
-    if( !c )
-	c = '?';
-    return c;
-}
-
-
-
-void
-list_trust_path( const char *username )
-{
-    int rc;
-    ulong lid;
-    TRUSTREC rec;
-    TN tree;
-    PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
-
-    init_trustdb();
-    if( (rc = get_pubkey_byname(NULL, pk, username, NULL )) )
-	log_error(_("user '%s' not found: %s\n"), username, gpg_errstr(rc) );
-    else if( (rc=tdbio_search_dir_bypk( pk, &rec )) && rc != -1 )
-	log_error(_("problem finding '%s' in trustdb: %s\n"),
-					    username, gpg_errstr(rc));
-    else if( rc == -1 ) {
-	log_info(_("user '%s' not in trustdb - inserting\n"), username);
-	rc = insert_trust_record_by_pk( pk );
-	if( rc )
-	    log_error(_("failed to put '%s' into trustdb: %s\n"),
-						    username, gpg_errstr(rc));
-	else {
-	    assert( pk->local_id );
-	}
+reset_unconnected_keys (KEYDB_HANDLE hd, KeyHashTable visited)
+{
+  int rc;
+  KBNODE keyblock = NULL;
+  KEYDB_SEARCH_DESC desc;
+  int count = 0, nreset = 0;
+  
+  rc = keydb_search_reset (hd);
+  if (rc)
+    {
+      log_error ("keydb_search_reset failed: %s\n", g10_errstr(rc));
+      return;
+    }
+
+  memset (&desc, 0, sizeof desc);
+  desc.mode = KEYDB_SEARCH_MODE_FIRST;
+  desc.skipfnc = search_skipfnc;
+  desc.skipfncvalue = visited;
+  rc = keydb_search (hd, &desc, 1);
+  if (rc && rc != -1 )
+    log_error ("keydb_search_first failed: %s\n", g10_errstr(rc));
+  else if (!rc)
+    {
+      desc.mode = KEYDB_SEARCH_MODE_NEXT; /* change mode */
+      do
+        {
+          rc = keydb_get_keyblock (hd, &keyblock);
+          if (rc) 
+            {
+              log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
+              break;
+            }
+          count++;
+
+          if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY) /* paranoid assertion*/
+            {
+              nreset += clear_validity (keyblock->pkt->pkt.public_key);
+              release_kbnode (keyblock);
+            } 
+        }
+      while ( !(rc = keydb_search (hd, &desc, 1)) );
+      if (rc && rc != -1) 
+        log_error ("keydb_search_next failed: %s\n", g10_errstr(rc));
     }
-    lid = pk->local_id;
-
-    tree = build_cert_tree( lid, 0, opt.max_cert_depth, NULL );
-    if( tree )
-	propagate_validity( tree, tree, NULL, NULL );
-    if( opt.with_colons )
-	dump_tn_tree_with_colons( 0, tree );
-    else
-	dump_tn_tree( stdout, 0, tree );
-    /*printf("(alloced tns=%d  max=%d)\n", alloced_tns, max_alloced_tns );*/
-    release_tn_tree( tree );
-    /*printf("Ownertrust=%c Validity=%c\n", get_ownertrust_info( lid ),
-					  query_trust_info( pk, NULL ) ); */
-
-    free_public_key( pk );
-
-}
+  if (opt.verbose)
+    log_info ("%d unconnected keys (%d trust records cleared)\n",
+              count, nreset);
+  do_sync ();
+} 
 
 
-
-
-/****************
- * Enumerate all keys, which are needed to build all trust paths for
- * the given key.  This function does not return the key itself or
- * the ultimate key (the last point in cerificate chain).  Only
- * certificate chains which ends up at an ultimately trusted key
- * are listed.	If ownertrust or validity is not NULL, the corresponding
- * value for the returned LID is also returned in these variable(s).
+/*
+ * Run the key validation procedure.
  *
- *  1) create a void pointer and initialize it to NULL
- *  2) pass this void pointer by reference to this function.
- *     Set lid to the key you want to enumerate and pass it by reference.
- *  3) call this function as long as it does not return -1
- *     to indicate EOF. LID does contain the next key used to build the web
- *  4) Always call this function a last time with LID set to NULL,
- *     so that it can free its context.
+ * This works this way:
+ * Step 1: Find all ultimately trusted keys (UTK).
+ *         mark them all as seen and put them into klist.
+ * Step 2: loop max_cert_times
+ * Step 3:   if OWNERTRUST of any key in klist is undefined
+ *             ask user to assign ownertrust
+ * Step 4:   Loop over all keys in the keyDB which are not marked seen 
+ * Step 5:     if key is revoked or expired
+ *                mark key as seen
+ *                continue loop at Step 4
+ * Step 6:     For each user ID of that key signed by a key in klist
+ *                Calculate validity by counting trusted signatures.
+ *                Set validity of user ID
+ * Step 7:     If any signed user ID was found
+ *                mark key as seen
+ *             End Loop
+ * Step 8:   Build a new klist from all fully trusted keys from step 6
+ *           End Loop
+ *         Ready  
  *
- * Returns: -1 on EOF or the level of the returned LID
- */
-int
-enum_cert_paths( void **context, ulong *lid,
-		 unsigned *ownertrust, unsigned *validity )
-{
-    return -1;
-  #if 0
-    struct enum_cert_paths_ctx *ctx;
-    fixme: .....   tsl;
-
-    init_trustdb();
-    if( !lid ) {  /* release the context */
-	if( *context ) {
-	    FIXME: ........tsl2;
-
-	    ctx = *context;
-	    for(tsl = ctx->tsl_head; tsl; tsl = tsl2 ) {
-		tsl2 = tsl->next;
-		gcry_free( tsl );
-	    }
-	    *context = NULL;
-	}
-	return -1;
-    }
-
-    if( !*context ) {
-	FIXME .... *tmppath;
-	TRUSTREC rec;
-
-	if( !*lid )
-	    return -1;
-
-	ctx = gcry_xcalloc( 1, sizeof *ctx );
-	*context = ctx;
-	/* collect the paths */
-      #if 0
-	read_record( *lid, &rec, RECTYPE_DIR );
-	tmppath = gcry_xcalloc( 1, (opt.max_cert_depth+1)* sizeof *tmppath );
-	tsl = NULL;
-	collect_paths( 0, opt.max_cert_depth, 1, &rec, tmppath, &tsl );
-	gcry_free( tmppath );
-	sort_tsl_list( &tsl );
-      #endif
-	/* setup the context */
-	ctx->tsl_head = tsl;
-	ctx->tsl = ctx->tsl_head;
-	ctx->idx = 0;
-    }
-    else
-	ctx = *context;
-
-    while( ctx->tsl && ctx->idx >= ctx->tsl->pathlen )	{
-	ctx->tsl = ctx->tsl->next;
-	ctx->idx = 0;
-    }
-    tsl = ctx->tsl;
-    if( !tsl )
-	return -1; /* eof */
-
-    if( ownertrust )
-	*ownertrust = tsl->path[ctx->idx].otrust;
-    if( validity )
-	*validity = tsl->path[ctx->idx].trust;
-    *lid = tsl->path[ctx->idx].lid;
-    ctx->idx++;
-    return ctx->idx-1;
-  #endif
-}
-
-
-/****************
- * Print the current path
  */
-void
-enum_cert_paths_print( void **context, FILE *fp,
-				       int refresh, ulong selected_lid )
-{
-    return;
-  #if 0
-    struct enum_cert_paths_ctx *ctx;
-    FIXME......... tsl;
-
-    if( !*context )
-	return;
-    init_trustdb();
-    ctx = *context;
-    if( !ctx->tsl )
-	return;
-    tsl = ctx->tsl;
-
-    if( !fp )
-	fp = stderr;
-
-    if( refresh ) { /* update the ownertrust and if possible the validity */
-	int i;
-	int match = tdbio_db_matches_options();
-
-	for( i = 0; i < tsl->pathlen; i++ )  {
-	    TRUSTREC rec;
-
-	    read_record( tsl->path[i].lid, &rec, RECTYPE_DIR );
-	    tsl->path[i].otrust = rec.r.dir.ownertrust;
-	    /* update validity only if we have it in the cache
-	     * calculation is too time consuming */
-	    if( match && rec.r.dir.valcheck && rec.r.dir.validity ) {
-		tsl->path[i].trust = rec.r.dir.validity;
-		if( rec.r.dir.dirflags & DIRF_REVOKED )
-		    tsl->path[i].trust = TRUST_FLAG_REVOKED;
+static int
+validate_keys (int interactive)
+{
+  int rc = 0;
+  int quit=0;
+  struct key_item *klist = NULL;
+  struct key_item *k;
+  struct key_array *keys = NULL;
+  struct key_array *kar;
+  KEYDB_HANDLE kdb = NULL;
+  KBNODE node;
+  int depth;
+  int key_count;
+  int ot_unknown, ot_undefined, ot_never, ot_marginal, ot_full, ot_ultimate;
+  KeyHashTable visited;
+  u32 start_time, next_expire;
+
+  start_time = make_timestamp ();
+  next_expire = 0xffffffff; /* set next expire to the year 2106 */
+  visited = new_key_hash_table ();
+  /* Fixme: Instead of always building a UTK list, we could just build it
+   * here when needed */
+  if (!utk_list)
+    {
+      log_info ("no ultimately trusted keys found\n");
+      goto leave;
+    }
+
+
+  /* mark all UTKs as visited and set validity to ultimate */
+  for (k=utk_list; k; k = k->next)
+    {
+      KBNODE keyblock;
+      PKT_public_key *pk;
+
+      keyblock = get_pubkeyblock (k->kid);
+      if (!keyblock)
+        {
+          log_error (_("public key of ultimately"
+                       " trusted key %08lX not found\n"), (ulong)k->kid[1]);
+          continue;
+        }
+      mark_keyblock_seen (visited, keyblock);
+      pk = keyblock->pkt->pkt.public_key;
+      for (node=keyblock; node; node = node->next)
+        {
+          if (node->pkt->pkttype == PKT_USER_ID)
+            {
+              byte namehash[20];
+              PKT_user_id *uid = node->pkt->pkt.user_id;
+              
+              if( uid->attrib_data )
+                rmd160_hash_buffer (namehash,uid->attrib_data,uid->attrib_len);
+              else
+                rmd160_hash_buffer (namehash, uid->name, uid->len );
+              update_validity (pk, namehash, 0, TRUST_ULTIMATE);
+            }
+        }
+      if ( pk->expiredate && pk->expiredate >= start_time
+           && pk->expiredate < next_expire)
+        next_expire = pk->expiredate;
+      
+      release_kbnode (keyblock);
+      do_sync ();
+    }
+
+
+  klist = utk_list;
+  kdb = keydb_new (0);
+
+  for (depth=0; depth < opt.max_cert_depth; depth++)
+    {
+      /* See whether we should assign ownertrust values to the keys in
+         utk_list.  */
+      ot_unknown = ot_undefined = ot_never = 0;
+      ot_marginal = ot_full = ot_ultimate = 0;
+      for (k=klist; k; k = k->next)
+        {
+          if (interactive && k->ownertrust == TRUST_UNKNOWN)
+              k->ownertrust = ask_ownertrust (k->kid);
+	  if (k->ownertrust == -1)
+	    {
+	      quit=1;
+	      goto leave;
 	    }
-	}
-    }
+	  else if (k->ownertrust == TRUST_UNKNOWN)
+            ot_unknown++;
+          else if (k->ownertrust == TRUST_UNDEFINED)
+            ot_undefined++;
+          else if (k->ownertrust == TRUST_NEVER)
+            ot_never++;
+          else if (k->ownertrust == TRUST_MARGINAL)
+            ot_marginal++;
+          else if (k->ownertrust == TRUST_FULLY)
+            ot_full++;
+          else if (k->ownertrust == TRUST_ULTIMATE)
+            ot_ultimate++;
+        }
 
-    print_path( tsl->pathlen, tsl->path, fp, selected_lid );
-  #endif
-}
+      /* Find all keys which are signed by a key in kdlist */
+      keys = validate_key_list (kdb, visited, klist, start_time, &next_expire);
+      if (!keys) 
+        {
+          log_error ("validate_key_list failed\n");
+          rc = G10ERR_GENERAL;
+          goto leave;
+        }
 
 
-/*
- * Return an allocated buffer with the preference values for
- * the key with LID and the userid which is identified by the
- * HAMEHASH or the first one if namehash is NULL.  ret_n receives
- * the length of the allocated buffer.	Structure of the buffer is
- * a repeated sequences of 2 bytes; where the first byte describes the
- * type of the preference and the second one the value.  The constants
- * PREFTYPE_xxxx should be used to reference a type.
- */
-byte *
-get_pref_data( ulong lid, const byte *namehash, size_t *ret_n )
-{
-    TRUSTREC rec;
-    ulong recno;
-
-    init_trustdb();
-    read_record( lid, &rec, RECTYPE_DIR );
-    for( recno=rec.r.dir.uidlist; recno; recno = rec.r.uid.next ) {
-	read_record( recno, &rec, RECTYPE_UID );
-	if( rec.r.uid.prefrec
-	    && ( !namehash || !memcmp(namehash, rec.r.uid.namehash, 20) ))  {
-	    byte *buf;
-	    /* found the correct one or the first one */
-	    read_record( rec.r.uid.prefrec, &rec, RECTYPE_PREF );
-	    if( rec.r.pref.next )
-		log_info(_("WARNING: can't yet handle long pref records\n"));
-	    buf = gcry_xmalloc( ITEMS_PER_PREF_RECORD );
-	    memcpy( buf, rec.r.pref.data, ITEMS_PER_PREF_RECORD );
-	    *ret_n = ITEMS_PER_PREF_RECORD;
-	    return buf;
-	}
+      for (key_count=0, kar=keys; kar->keyblock; kar++, key_count++)
+        ;
+
+      /* Store the calculated valididation status somewhere */
+      if (opt.verbose > 1)
+        dump_key_array (depth, keys);
+
+      log_info (_("checking at depth %d signed=%d"
+                  " ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"), 
+                depth, key_count, ot_unknown, ot_undefined,
+                ot_never, ot_marginal, ot_full, ot_ultimate ); 
+
+      for (kar=keys; kar->keyblock; kar++)
+          store_validation_status (depth, kar->keyblock);
+
+      /* Build a new kdlist from all fully valid keys in KEYS */
+      if (klist != utk_list)
+        release_key_items (klist);
+      klist = NULL;
+      for (kar=keys; kar->keyblock; kar++)
+        {
+          for (node=kar->keyblock; node; node = node->next)
+            {
+              if (node->pkt->pkttype == PKT_USER_ID && (node->flag & 4))
+                {
+                  k = new_key_item ();
+                  keyid_from_pk (kar->keyblock->pkt->pkt.public_key, k->kid);
+                  k->ownertrust = get_ownertrust (kar->keyblock
+                                                  ->pkt->pkt.public_key);
+                  k->next = klist;
+                  klist = k;
+                  break;
+                }
+            }
+        }
+      release_key_array (keys);
+      keys = NULL;
+      if (!klist)
+        break; /* no need to dive in deeper */
+    }
+
+  reset_unconnected_keys (kdb, visited);
+
+ leave:
+  keydb_release (kdb);
+  release_key_array (keys);
+  release_key_items (klist);
+  release_key_hash_table (visited);
+  if (!rc && !quit) /* mark trustDB as checked */
+    {
+      if (next_expire == 0xffffffff || next_expire < start_time )
+        tdbio_write_nextcheck (0); 
+      else
+        {
+          tdbio_write_nextcheck (next_expire); 
+          log_info (_("next trustdb check due at %s\n"),
+                    strtimestamp (next_expire));
+        }
+      do_sync ();
+      pending_check_trustdb = 0;
     }
-    return NULL;
+  return rc;
 }
 
 
-
-/****************
- * Check whether the algorithm is in one of the pref records
- */
-int
-is_algo_in_prefs( ulong lid, int preftype, int algo )
-{
-    TRUSTREC rec;
-    ulong recno;
-    int i;
-    byte *pref;
-
-    init_trustdb();
-    read_record( lid, &rec, RECTYPE_DIR );
-    for( recno=rec.r.dir.uidlist; recno; recno = rec.r.uid.next ) {
-	read_record( recno, &rec, RECTYPE_UID );
-	if( rec.r.uid.prefrec ) {
-	    read_record( rec.r.uid.prefrec, &rec, RECTYPE_PREF );
-	    if( rec.r.pref.next )
-		log_info(_("WARNING: can't yet handle long pref records\n"));
-	    pref = rec.r.pref.data;
-	    for(i=0; i+1 < ITEMS_PER_PREF_RECORD; i+=2 ) {
-		if( pref[i] == preftype && pref[i+1] == algo )
-		    return 1;
-	    }
-	}
-    }
-    return 0;
-}
-
diff --git a/g10/trustdb.h b/g10/trustdb.h
index 1279edb0f..c94a2daa1 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -1,5 +1,5 @@
 /* trustdb.h - Trust database
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -18,13 +18,13 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
-#ifndef GPG_TRUSTDB_H
-#define GPG_TRUSTDB_H
+#ifndef G10_TRUSTDB_H
+#define G10_TRUSTDB_H
 
 
 /* Trust values must be sorted in ascending order */
 #define TRUST_MASK	 15
-#define TRUST_UNKNOWN	  0  /* o: not yet calculated */
+#define TRUST_UNKNOWN	  0  /* o: not yet calculated/assigned */
 #define TRUST_EXPIRED	  1  /* e: calculation may be invalid */
 #define TRUST_UNDEFINED   2  /* q: not enough information for calculation */
 #define TRUST_NEVER	  3  /* n: never trust this pubkey */
@@ -33,43 +33,37 @@
 #define TRUST_ULTIMATE	  6  /* u: ultimately trusted */
 /* trust values not covered by the mask */
 #define TRUST_FLAG_REVOKED 32 /* r: revoked */
-#define TRUST_FLAG_SUB_REVOKED 64
+#define TRUST_FLAG_SUB_REVOKED 64 /* r: revoked but for subkeys */
 #define TRUST_FLAG_DISABLED 128 /* d: key/uid disabled */
-
-
-#define PREFTYPE_SYM	  1
-#define PREFTYPE_HASH	  2
-#define PREFTYPE_COMPR	  3
-
+#define TRUST_FLAG_PENDING_CHECK 256 /* a check-trustdb is pending */
 
 /*-- trustdb.c --*/
-void list_trust_path( const char *username );
 void register_trusted_key( const char *string );
-void check_trustdb( const char *username );
-void update_trustdb( void );
+void check_trustdb (void);
+void update_trustdb (void);
 int setup_trustdb( int level, const char *dbname );
 void init_trustdb( void );
 void sync_trustdb( void );
-int check_trust( PKT_public_key *pk, unsigned *r_trustlevel,
-		 const byte* nh, int (*add_fnc)(ulong), unsigned *retflgs );
-int query_trust_info( PKT_public_key *pk, const byte *nh );
+
+int trust_letter( unsigned value );
+
+void revalidation_mark (void);
+
+unsigned int get_validity (PKT_public_key *pk, const byte *namehash);
+int get_validity_info (PKT_public_key *pk, const byte *namehash);
+
+void list_trust_path( const char *username );
+
 int enum_cert_paths( void **context, ulong *lid,
 		     unsigned *ownertrust, unsigned *validity );
 void enum_cert_paths_print( void **context, FILE *fp,
 					   int refresh, ulong selected_lid );
-unsigned get_ownertrust( ulong lid );
-int get_ownertrust_info( ulong lid );
-byte *get_pref_data( ulong lid, const byte *namehash, size_t *ret_n );
-int is_algo_in_prefs( ulong lid, int preftype, int algo );
-int keyid_from_lid( ulong lid, u32 *keyid );
-ulong lid_from_keyblock( KBNODE keyblock );
-int query_trust_record( PKT_public_key *pk );
-int clear_trust_checked_flag( PKT_public_key *pk );
-int update_trust_record( KBNODE keyblock, int fast, int *modified );
-int insert_trust_record( KBNODE keyblock );
-int insert_trust_record_by_pk( PKT_public_key *pk );
-int update_ownertrust( ulong lid, unsigned new_trust );
-int trust_letter( unsigned value );
+
+unsigned int get_ownertrust (PKT_public_key *pk);
+int get_ownertrust_info (PKT_public_key *pk);
+void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
+int clear_ownertrust (PKT_public_key *pk);
+
 
 /*-- tdbdump.c --*/
 void list_trustdb(const char *username);
@@ -77,6 +71,6 @@ void export_ownertrust(void);
 void import_ownertrust(const char *fname);
 
 /*-- pkclist.c --*/
-int edit_ownertrust( ulong lid, int mode );
+int edit_ownertrust (PKT_public_key *pk, int mode );
 
-#endif /*GPG_TRUSTDB_H*/
+#endif /*G10_TRUSTDB_H*/
diff --git a/g10/verify.c b/g10/verify.c
index f3f9a36eb..7ab20c140 100644
--- a/g10/verify.c
+++ b/g10/verify.c
@@ -1,5 +1,5 @@
 /* verify.c - verify signed data
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -24,13 +24,14 @@
 #include <string.h>
 #include <errno.h>
 #include <assert.h>
+#include <unistd.h> /* for isatty() */
 
-#include <gcrypt.h>
 #include "options.h"
 #include "packet.h"
 #include "errors.h"
 #include "iobuf.h"
 #include "keydb.h"
+#include "memory.h"
 #include "util.h"
 #include "main.h"
 #include "status.h"
@@ -60,13 +61,38 @@ verify_signatures( int nfiles, char **files )
     STRLIST sl;
 
     memset( &afx, 0, sizeof afx);
+    /* decide whether we should handle a detached or a normal signature,
+     * which is needed so that the code later can hash the correct data and
+     * not have a normal signature act as detached signature and ignoring the
+     * indended signed material from the 2nd file or stdin.
+     * 1. gpg <file        - normal
+     * 2. gpg file         - normal (or detached)
+     * 3. gpg file <file2  - detached
+     * 4. gpg file file2   - detached
+     * The question is how decide between case 2 and 3?  The only way
+     * we can do it is by reading one byte from stdin and the unget
+     * it; the problem here is that we may be reading from the
+     * terminal (which could be detected using isatty() but won't work
+     * when under contol of a pty using program (e.g. expect)) and
+     * might get us in trouble when stdin is used for another purpose
+     * (--passphrase-fd 0).  So we have to break with the behaviour
+     * prior to gpg 1.0.4 by assuming that case 3 is a normal
+     * signature (where file2 is ignored and require for a detached
+     * signature to indicate signed material comes from stdin by using
+     * case 4 with a file2 of "-".
+     *
+     * Actually we don't have to change anything here but can handle
+     * that all quite easily in mainproc.c 
+     */
+     
+
     sigfile = nfiles? *files : NULL;
 
     /* open the signature file */
     fp = iobuf_open(sigfile);
     if( !fp ) {
 	log_error(_("can't open `%s'\n"), print_fname_stdin(sigfile));
-	return GPGERR_OPEN_FILE;
+	return G10ERR_OPEN_FILE;
     }
 
     if( !opt.no_armor && use_armor_filter( fp ) )
@@ -89,13 +115,13 @@ verify_signatures( int nfiles, char **files )
 }
 
 
-static void
+void
 print_file_status( int status, const char *name, int what )
 {
-    char *p = gcry_xmalloc(strlen(name)+10);
+    char *p = m_alloc(strlen(name)+10);
     sprintf(p, "%d %s", what, name );
     write_status_text( status, p );
-    gcry_free(p);
+    m_free(p);
 }
 
 
@@ -111,7 +137,7 @@ verify_one_file( const char *name )
     if( !fp ) {
 	print_file_status( STATUS_FILE_ERROR, name, 1 );
 	log_error(_("can't open `%s'\n"), print_fname_stdin(name));
-	return GPGERR_OPEN_FILE;
+	return G10ERR_OPEN_FILE;
     }
 
     if( !opt.no_armor ) {
@@ -145,7 +171,7 @@ verify_files( int nfiles, char **files )
 	    lno++;
 	    if( !*line || line[strlen(line)-1] != '\n' ) {
 		log_error(_("input line %u too long or missing LF\n"), lno );
-		return GPGERR_GENERAL;
+		return G10ERR_GENERAL;
 	    }
 	    /* This code does not work on MSDOS but how cares there are
 	     * also no script languages available.  We don't strip any
@@ -161,4 +187,3 @@ verify_files( int nfiles, char **files )
     }
     return 0;
 }
-
diff --git a/po/ChangeLog b/po/ChangeLog
index b8ea71480..d7c9a351d 100644
--- a/po/ChangeLog
+++ b/po/ChangeLog
@@ -1,3 +1,295 @@
+2002-04-30  Werner Koch  <[email protected]>
+
+	* ja.po: Updated, also a bit too late for the release.
+
+2002-04-29  Werner Koch  <[email protected]>
+
+	* pl.po: Update.
+	* el.po: Updated, removed one entry due to non-matching printf and
+	one removed one printf specifier.
+
+	Fixed fuzzy entries due to the change of (y/N) to (Y/n) in most files.
+	
+2002-04-25  gettextize  <[email protected]>
+
+	* Makefile.in.in: Upgrade to gettext-0.10.40.
+
+2002-04-22  Werner Koch  <[email protected]>
+
+	* et.po, tr.po, cs.po, it.po, id.po: Updated.
+
+2002-04-19  Werner Koch  <[email protected]>
+
+	* de.po: Fixed fuzzies and added a few translations.
+
+2002-04-18  Werner Koch  <[email protected]>
+
+	* eo.po: Updated.
+
+2002-04-10  Werner Koch  <[email protected]>
+
+	* pl.po: Updated.
+
+2002-04-09  Werner Koch  <[email protected]>
+
+	* pt_BR.po: Updated the info entry 
+
+	* es.po: Fixed a c-format problem; for unknown reasons msgfmt -c
+	can't cope with swapped arguments.
+
+	* de.po: Fuzzy fixes and a few new translations.
+
+	* id.po: Fixed a format string mismatch.
+
+	* eo.po, it.po, ja.po, sv.po: Updated with a somewhat newer
+	version from the TP.
+
+	* es_ES.po: Removed
+	* es.po: and replaced with this updated version from the TP.
+
+	* cs.po: New.  Fixed for format string mismatches.
+
+	* el.po, gl.po: New from TP.
+	
+2002-04-06  Werner Koch  <[email protected]>
+
+	* fr.po: Updated.
+
+2002-04-02  Werner Koch  <[email protected]>
+
+	* de.po, de.glo: Updated.
+
+2002-03-08  Werner Koch  <[email protected]>
+
+	* et.po: Updated.
+
+2002-03-06  Werner Koch  <[email protected]>
+
+	* pt_PT.po: Removed.
+	* pt.po: and replaced by this updated one.  My machine voted 30 to
+	2 for just pt.  So we go with the crowd.  Thanks for Pedro Morais
+	for suggesting this.
+
+2002-03-05  Werner Koch  <[email protected]>
+
+	* tr.po, id.po: Updated.
+
+2002-03-03  gettextize  <[email protected]>
+
+	* Makefile.in.in: Upgrade to gettext-0.10.40.
+
+2002-03-03  gettextize  <[email protected]>
+
+	* Makefile.in.in: Upgrade to gettext-0.10.40.
+
+2001-10-23  gettextize  <[email protected]>
+
+	* Makefile.in.in: Upgrade to gettext-0.10.40.
+
+2001-09-07  Werner Koch  <[email protected]>
+
+	* POTFILES.in: Added new files.
+
+2001-07-26  gettextize  <[email protected]>
+
+	* Makefile.in.in: Upgrade to gettext-0.10.38.
+
+2001-07-05  Werner Koch  <[email protected]>
+
+	* id.po: Updated
+
+2001-05-28  Werner Koch  <[email protected]>
+
+	* ru.po: Removed - too many format string bugs. 
+
+2001-05-27  gettextize  <[email protected]>
+
+	* Makefile.in.in: Upgrade to gettext-0.10.38.
+	* cat-id-tbl.c: Remove file.
+	* stamp-cat-id: Remove file.
+
+2001-05-27  Werner Koch  <[email protected]>
+
+	* tr.po: New copy from the TP Robot. 
+	* da.po, de.po, eo.po, es_ES.po, et.po, id.po, ja.po, nl.po,
+        pt_BR.po, sv.po: Fixes to format string errors by Kurt Garloff.
+	It is not cleare whether they are all correct but at least they
+	won't give segv and minimize the risk of format string exploits.
+	* ru.po: Fixed the header entry.
+
+	Fixed some fuzzy entries in all files.
+	
+2001-05-06  Werner Koch  <[email protected]>
+
+	* id.po: Updated
+
+2001-04-27  Werner Koch  <[email protected]>
+
+	* de.po: Removed an extra "%s".
+
+2001-04-25  Werner Koch  <[email protected]>
+
+	* fr.po: Updated.
+
+2001-04-23  Werner Koch  <[email protected]>
+
+	* eo.po: Updated.
+
+	* it.po: Updated.
+
+2001-04-22  Werner Koch  <[email protected]>
+
+	* pl.po: Updated.
+
+2001-04-17  Werner Koch  <[email protected]>
+
+	* et.po: New.
+
+	* de.po: Updated.
+
+2001-04-16  Werner Koch  <[email protected]>
+
+	* pt_PT.po: Updated.
+
+2001-04-06  Werner Koch  <[email protected]>
+
+	* tr.po: New. 
+
+2001-03-18  Werner Koch  <[email protected]>
+
+	* de.po, de.glo: Updated. 
+
+2001-02-22  Werner Koch  <[email protected]>
+
+	* de.po, de.glo: Updated.
+
+2001-01-23  Werner Koch  <[email protected]>
+
+	* de.po: Removed superfluous \r.
+
+2001-01-14  Werner Koch  <[email protected]>
+
+	* de.po, de.glo: Updated.
+
+2000-12-19  Werner Koch  <[email protected]>
+
+	* pl.po: Updated.
+
+	* ja.po: Justified one message.
+
+2000-10-23  Werner Koch  <[email protected]>
+
+	* ja.po: Updated.
+
+2000-10-19  Werner Koch  <[email protected]>
+
+	Fixed a typo in all files.
+
+2000-10-16  Werner Koch  <[email protected]>
+
+	* de.po, de.glo: Updated.
+
+Thu Sep 14 17:45:11 CEST 2000  Werner Koch  <[email protected]>
+
+        * eo.po: Updated.
+
+Wed Jul 12 13:32:06 CEST 2000  Werner Koch  <wk@>
+
+  * da.po: New from the TP server
+  * eo.po: Updated from the TP server
+  * pl.po: Ditto.
+  * sv.po: Ditto.
+
+  Small English spelling correction in all files.
+
+Wed Jul  5 13:28:45 CEST 2000  Werner Koch  <[email protected]>
+
+  * fr.po: Minor changes by Gael
+
+Wed Jun 14 12:27:09 CEST 2000  Werner Koch  <[email protected]>
+
+  * de.po, de.glo: Updated.
+
+2000-06-07 18:26:58  Werner Koch  ([email protected])
+
+  * fr.po: New version from Ga�l
+
+2000-05-02 10:44:42  Werner Koch  ([email protected])
+
+	* fr.po: New version from the TP Robot.
+
+2000-05-01 14:19:52  Werner Koch  ([email protected])
+
+	* de.po: Updated.
+	* de.glo: Ditto.
+
+2000-03-15 15:37:08  Werner Koch  ([email protected])
+
+	* de.po: Updated.
+
+Wed Feb 23 10:07:57 CET 2000  Werner Koch  <[email protected]>
+
+	* nl.po: New. By Ivo Timmermans.
+
+Wed Feb 16 16:25:09 CET 2000  Werner Koch  <[email protected]>
+
+	* eo.po : New. By Edmund.
+
+Wed Feb 16 14:09:00 CET 2000  Werner Koch  <[email protected]>
+
+	* ja.po: New. By Yosiaki
+
+	* sv.po: New. By Daniel.
+
+Fri Feb 11 17:44:40 CET 2000  Werner Koch  <[email protected]>
+
+	* id.po: Updated.
+
+Thu Jan  6 16:56:18 CET 2000  Werner Koch  <[email protected]>
+
+	* Makefile.in.in: Is not longer maintained as a symlink because we
+	have a patch to work around a bug in non-gnu Make.
+	Fixed by Dave Dykstra.
+
+Thu Dec 16 10:07:58 CET 1999  Werner Koch  <[email protected]>
+
+	* pt_PT.po: Updated.
+	* de.po: Updated.
+	* it.po: Updated.
+
+Thu Dec  9 10:31:05 CET 1999  Werner Koch  <[email protected]>
+
+	* de.po: Updated.
+	* pt_BR.po: Updated.
+
+Fri Nov 12 20:33:19 CET 1999  Werner Koch  <[email protected]>
+
+	* es_ES.po: Fixed 3 \n mismatches.
+
+	* de.po: Updated.
+
+Thu Oct 28 16:08:20 CEST 1999  Werner Koch  <[email protected]>
+
+	* es_ES.po: Updated.
+
+	* pt_BR.po: Updated.
+
+Fri Oct  8 20:32:01 CEST 1999  Werner Koch  <[email protected]>
+
+	* fr.po: Updated for 1.0.0d.
+
+Mon Oct  4 21:23:04 CEST 1999  Werner Koch  <[email protected]>
+
+	* pl.po: New version by Alex.
+
+Thu Sep 23 06:26:28 1999  Werner Koch  ([email protected])
+
+	* fr.po: Updated by Ga�l.
+
+Sat Sep 18 11:49:51 1999  Werner Koch  ([email protected])
+
+	* id.po: New. Done by Tedi Heriyanto.
+
 Wed Sep 15 16:22:17 CEST 1999  Werner Koch  <[email protected]>
 
 	* pt_PT.po: New. Done by Pedro Morais.
@@ -183,3 +475,15 @@ Fri Mar 13 09:43:19 1998  Werner Koch  ([email protected])
 	* it.po: New
 
 
+
+ Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
diff --git a/po/Makefile.in.in b/po/Makefile.in.in
index 746d521d9..28726a21f 100644
--- a/po/Makefile.in.in
+++ b/po/Makefile.in.in
@@ -1,14 +1,18 @@
 # Makefile for program source directory in GNU NLS utilities package.
-# Copyright (C) 1995, 1996, 1997 by Ulrich Drepper <[email protected]>
+# Copyright (C) 1995-1997, 2000, 2001 by Ulrich Drepper <[email protected]>
 #
 # This file file be copied and used freely without restrictions.  It can
-# be used in projects which are not available under the GNU Public License
+# be used in projects which are not available under the GNU General Public License
 # but which still want to provide support for the GNU gettext functionality.
 # Please note that the actual code is *not* freely available.
 
 PACKAGE = @PACKAGE@
 VERSION = @VERSION@
 
+# These two variables depend on the location of this directory.
+subdir = po
+top_builddir = ..
+
 SHELL = /bin/sh
 @SET_MAKE@
 
@@ -18,22 +22,20 @@ VPATH = @srcdir@
 
 prefix = @prefix@
 exec_prefix = @exec_prefix@
-datadir = $(prefix)/@DATADIRNAME@
+datadir = @datadir@
 localedir = $(datadir)/locale
-gnulocaledir = $(prefix)/share/locale
-gettextsrcdir = $(prefix)/share/gettext/po
-subdir = po
+gettextsrcdir = $(datadir)/gettext/po
 
 INSTALL = @INSTALL@
 INSTALL_DATA = @INSTALL_DATA@
-MKINSTALLDIRS = $(top_srcdir)/@MKINSTALLDIRS@
+MKINSTALLDIRS = @MKINSTALLDIRS@
+mkinstalldirs = $(SHELL) `case "$(MKINSTALLDIRS)" in /*) echo "$(MKINSTALLDIRS)" ;; *) echo "$(top_builddir)/$(MKINSTALLDIRS)" ;; esac`
 
 CC = @CC@
-GENCAT = @GENCAT@
-GMSGFMT = PATH=../src:$$PATH @GMSGFMT@
+GMSGFMT = @GMSGFMT@
 MSGFMT = @MSGFMT@
-XGETTEXT = PATH=../src:$$PATH @XGETTEXT@
-MSGMERGE = PATH=../src:$$PATH msgmerge
+XGETTEXT = @XGETTEXT@
+MSGMERGE = msgmerge
 
 DEFS = @DEFS@
 CFLAGS = @CFLAGS@
@@ -43,26 +45,23 @@ INCLUDES = -I.. -I$(top_srcdir)/intl
 
 COMPILE = $(CC) -c $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) $(XCFLAGS)
 
-SOURCES = cat-id-tbl.c
 POFILES = @POFILES@
 GMOFILES = @GMOFILES@
 DISTFILES = ChangeLog Makefile.in.in POTFILES.in $(PACKAGE).pot \
-stamp-cat-id $(POFILES) $(GMOFILES) $(SOURCES)
+$(POFILES) $(GMOFILES)
 
 POTFILES = \
 
 CATALOGS = @CATALOGS@
-CATOBJEXT = @CATOBJEXT@
-INSTOBJEXT = @INSTOBJEXT@
 
 .SUFFIXES:
-.SUFFIXES: .c .o .po .pox .gmo .mo .msg .cat
+.SUFFIXES: .c .o .po .pox .gmo .mo
 
 .c.o:
 	$(COMPILE) $<
 
 .po.pox:
-	$(MAKE) $(srcdir)/$(PACKAGE).pot
+	$(MAKE) $(PACKAGE).pot
 	$(MSGMERGE) $< $(srcdir)/$(PACKAGE).pot -o $*.pox
 
 .po.mo:
@@ -70,19 +69,19 @@ INSTOBJEXT = @INSTOBJEXT@
 
 .po.gmo:
 	file=$(srcdir)/`echo $* | sed 's,.*/,,'`.gmo \
-	  && rm -f $$file && $(GMSGFMT) -o $$file $<
-
-.po.cat:
-	sed -f ../intl/po2msg.sed < $< > $*.msg \
-	  && rm -f $@ && $(GENCAT) $@ $*.msg
+	  && rm -f $$file && $(GMSGFMT) --statistics -o $$file $<
 
 
 all: all-@USE_NLS@
 
-all-yes: $(srcdir)/cat-id-tbl.c $(CATALOGS)
+all-yes: $(CATALOGS)
 all-no:
 
-$(srcdir)/$(PACKAGE).pot: $(POTFILES)
+# Note: Target 'all' must not depend on target '$(srcdir)/$(PACKAGE).pot',
+# otherwise packages like GCC can not be built if only parts of the source
+# have been downloaded.
+
+$(srcdir)/$(PACKAGE).pot: $(POTFILES) $(srcdir)/POTFILES.in
 	$(XGETTEXT) --default-domain=$(PACKAGE) --directory=$(top_srcdir) \
 	  --add-comments --keyword=_ --keyword=N_ \
 	  --files-from=$(srcdir)/POTFILES.in \
@@ -90,78 +89,35 @@ $(srcdir)/$(PACKAGE).pot: $(POTFILES)
 	   || ( rm -f $(srcdir)/$(PACKAGE).pot \
 		&& mv $(PACKAGE).po $(srcdir)/$(PACKAGE).pot )
 
-$(srcdir)/cat-id-tbl.c: $(srcdir)/stamp-cat-id; @:
-$(srcdir)/stamp-cat-id: $(srcdir)/$(PACKAGE).pot
-	rm -f cat-id-tbl.tmp
-	sed -f ../intl/po2tbl.sed $(srcdir)/$(PACKAGE).pot \
-		| sed -e "s/@PACKAGE NAME@/$(PACKAGE)/" > cat-id-tbl.tmp
-	if cmp -s cat-id-tbl.tmp $(srcdir)/cat-id-tbl.c; then \
-	  rm cat-id-tbl.tmp; \
-	else \
-	  echo cat-id-tbl.c changed; \
-	  rm -f $(srcdir)/cat-id-tbl.c; \
-	  mv cat-id-tbl.tmp $(srcdir)/cat-id-tbl.c; \
-	fi
-	cd $(srcdir) && rm -f stamp-cat-id && echo timestamp > stamp-cat-id
-
 
 install: install-exec install-data
 install-exec:
 install-data: install-data-@USE_NLS@
-install-data-no: all
-install-data-yes: all
-	if test -r "$(MKINSTALLDIRS)"; then \
-	  $(MKINSTALLDIRS) $(datadir); \
+	if test "$(PACKAGE)" = "gettext"; then \
+	  $(mkinstalldirs) $(DESTDIR)$(gettextsrcdir); \
+	  $(INSTALL_DATA) $(srcdir)/Makefile.in.in \
+			  $(DESTDIR)$(gettextsrcdir)/Makefile.in.in; \
 	else \
-	  $(SHELL) $(top_srcdir)/mkinstalldirs $(datadir); \
+	  : ; \
 	fi
+install-data-no: all
+install-data-yes: all
+	$(mkinstalldirs) $(DESTDIR)$(datadir)
 	@catalogs='$(CATALOGS)'; \
 	for cat in $$catalogs; do \
 	  cat=`basename $$cat`; \
-	  case "$$cat" in \
-	    *.gmo) destdir=$(gnulocaledir);; \
-	    *)     destdir=$(localedir);; \
-	  esac; \
-	  lang=`echo $$cat | sed 's/\$(CATOBJEXT)$$//'`; \
-	  dir=$$destdir/$$lang/LC_MESSAGES; \
-	  if test -r "$(MKINSTALLDIRS)"; then \
-	    $(MKINSTALLDIRS) $$dir; \
-	  else \
-	    $(SHELL) $(top_srcdir)/mkinstalldirs $$dir; \
-	  fi; \
+	  lang=`echo $$cat | sed 's/\.gmo$$//'`; \
+	  dir=$(localedir)/$$lang/LC_MESSAGES; \
+	  $(mkinstalldirs) $(DESTDIR)$$dir; \
 	  if test -r $$cat; then \
-	    $(INSTALL_DATA) $$cat $$dir/$(PACKAGE)$(INSTOBJEXT); \
-	    echo "installing $$cat as $$dir/$(PACKAGE)$(INSTOBJEXT)"; \
+	    $(INSTALL_DATA) $$cat $(DESTDIR)$$dir/$(PACKAGE).mo; \
+	    echo "installing $$cat as $(DESTDIR)$$dir/$(PACKAGE).mo"; \
 	  else \
-	    $(INSTALL_DATA) $(srcdir)/$$cat $$dir/$(PACKAGE)$(INSTOBJEXT); \
+	    $(INSTALL_DATA) $(srcdir)/$$cat $(DESTDIR)$$dir/$(PACKAGE).mo; \
 	    echo "installing $(srcdir)/$$cat as" \
-		 "$$dir/$(PACKAGE)$(INSTOBJEXT)"; \
-	  fi; \
-	  if test -r $$cat.m; then \
-	    $(INSTALL_DATA) $$cat.m $$dir/$(PACKAGE)$(INSTOBJEXT).m; \
-	    echo "installing $$cat.m as $$dir/$(PACKAGE)$(INSTOBJEXT).m"; \
-	  else \
-	    if test -r $(srcdir)/$$cat.m ; then \
-	      $(INSTALL_DATA) $(srcdir)/$$cat.m \
-		$$dir/$(PACKAGE)$(INSTOBJEXT).m; \
-	      echo "installing $(srcdir)/$$cat as" \
-		   "$$dir/$(PACKAGE)$(INSTOBJEXT).m"; \
-	    else \
-	      true; \
-	    fi; \
+		 "$(DESTDIR)$$dir/$(PACKAGE).mo"; \
 	  fi; \
 	done
-	if test "$(PACKAGE)" = "gettext"; then \
-	  if test -r "$(MKINSTALLDIRS)"; then \
-	    $(MKINSTALLDIRS) $(gettextsrcdir); \
-	  else \
-	    $(SHELL) $(top_srcdir)/mkinstalldirs $(gettextsrcdir); \
-	  fi; \
-	  $(INSTALL_DATA) $(srcdir)/Makefile.in.in \
-			  $(gettextsrcdir)/Makefile.in.in; \
-	else \
-	  : ; \
-	fi
 
 # Define this as empty until I found a useful application.
 installcheck:
@@ -170,77 +126,68 @@ uninstall:
 	catalogs='$(CATALOGS)'; \
 	for cat in $$catalogs; do \
 	  cat=`basename $$cat`; \
-	  lang=`echo $$cat | sed 's/\$(CATOBJEXT)$$//'`; \
-	  rm -f $(localedir)/$$lang/LC_MESSAGES/$(PACKAGE)$(INSTOBJEXT); \
-	  rm -f $(localedir)/$$lang/LC_MESSAGES/$(PACKAGE)$(INSTOBJEXT).m; \
-	  rm -f $(gnulocaledir)/$$lang/LC_MESSAGES/$(PACKAGE)$(INSTOBJEXT); \
-	  rm -f $(gnulocaledir)/$$lang/LC_MESSAGES/$(PACKAGE)$(INSTOBJEXT).m; \
+	  lang=`echo $$cat | sed 's/\.gmo$$//'`; \
+	  rm -f $(DESTDIR)$(localedir)/$$lang/LC_MESSAGES/$(PACKAGE).mo; \
 	done
-	rm -f $(gettextsrcdir)/po-Makefile.in.in
+	if test "$(PACKAGE)" = "gettext"; then \
+	  rm -f $(DESTDIR)$(gettextsrcdir)/Makefile.in.in; \
+	else \
+	  : ; \
+	fi
 
 check: all
 
-cat-id-tbl.o: $(srcdir)/cat-id-tbl.c $(top_srcdir)/intl/libgettext.h
-	$(COMPILE) $(srcdir)/cat-id-tbl.c
-
 dvi info tags TAGS ID:
 
 mostlyclean:
-	rm -f core core.* *.pox $(PACKAGE).po *.old.po cat-id-tbl.tmp
+	rm -f core core.* *.pox $(PACKAGE).po *.new.po
 	rm -fr *.o
 
 clean: mostlyclean
 
 distclean: clean
-	rm -f Makefile Makefile.in POTFILES *.mo *.msg *.cat *.cat.m
+	rm -f Makefile Makefile.in POTFILES *.mo
 
 maintainer-clean: distclean
 	@echo "This command is intended for maintainers to use;"
 	@echo "it deletes files that may require special tools to rebuild."
-	rm -f $(GMOFILES) cat-id-tbl.c stamp-cat-id
-
-distdir = ../$(PACKAGE)-$(VERSION)/$(subdir)
-dist distdir: update-po $(DISTFILES)
+	rm -f $(GMOFILES)
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+dist distdir:
+	$(MAKE) update-po
+	@$(MAKE) dist2
+# This is a separate target because 'update-po' must be executed before.
+dist2: $(DISTFILES)
 	dists="$(DISTFILES)"; \
 	for file in $$dists; do \
-	  ln $(srcdir)/$$file $(distdir) 2> /dev/null \
-	    || cp -p $(srcdir)/$$file $(distdir); \
+	  if test -f $$file; then dir=.; else dir=$(srcdir); fi; \
+	  cp -p $$dir/$$file $(distdir); \
 	done
 
 update-po: Makefile
-	$(MAKE) $(srcdir)/$(PACKAGE).pot
-	PATH=`pwd`/../src:$$PATH; \
+	$(MAKE) $(PACKAGE).pot
+	if test "$(PACKAGE)" = "gettext"; then PATH=`pwd`/../src:$$PATH; fi; \
 	cd $(srcdir); \
-	catalogs='$(CATALOGS)'; \
+	catalogs='$(GMOFILES)'; \
 	for cat in $$catalogs; do \
 	  cat=`basename $$cat`; \
-	  lang=`echo $$cat | sed 's/\$(CATOBJEXT)$$//'`; \
-	  mv $$lang.po $$lang.old.po; \
+	  lang=`echo $$cat | sed 's/\.gmo$$//'`; \
 	  echo "$$lang:"; \
-	  if $(MSGMERGE) $$lang.old.po $(PACKAGE).pot -o $$lang.po; then \
-	    rm -f $$lang.old.po; \
+	  if $(MSGMERGE) $$lang.po $(PACKAGE).pot -o $$lang.new.po; then \
+	    mv -f $$lang.new.po $$lang.po; \
 	  else \
 	    echo "msgmerge for $$cat failed!"; \
-	    rm -f $$lang.po; \
-	    mv $$lang.old.po $$lang.po; \
+	    rm -f $$lang.new.po; \
 	  fi; \
 	done
+	$(MAKE) update-gmo
 
-POTFILES: POTFILES.in
-	( if test 'x$(srcdir)' != 'x.'; then \
-	    posrcprefix='$(top_srcdir)/'; \
-	  else \
-	    posrcprefix="../"; \
-	  fi; \
-	  rm -f $@-t $@ \
-	    && (sed -e '/^#/d' -e '/^[ 	]*$$/d' \
-		    -e "s@.*@	$$posrcprefix& \\\\@" < $(srcdir)/[email protected] \
-		| sed -e '$$s/\\$$//') > $@-t \
-	    && chmod a-w $@-t \
-	    && mv $@-t $@ )
-
-Makefile: Makefile.in.in ../config.status POTFILES
-	cd .. \
+update-gmo: Makefile $(GMOFILES)
+	@:
+
+Makefile: Makefile.in.in $(top_builddir)/config.status POTFILES.in
+	cd $(top_builddir) \
 	  && CONFIG_FILES=$(subdir)/[email protected] CONFIG_HEADERS= \
 	       $(SHELL) ./config.status
 
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 526891ed5..df5c9fec2 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -2,23 +2,19 @@
 # Copyright (c) 1998 by Werner Koch (dd9jn)
 
 # utility
+util/secmem.c
+util/argparse.c
 util/miscutil.c
 util/errors.c
 util/logger.c
 
-# jnlib
-jnlib/argparse.c
-
 # cipher
-#cipher/random.c
-#cipher/rndlinux.c
-
-# gcrypt
-#gcrypt/secmem.c
+cipher/random.c
+cipher/rndlinux.c
 
 # main program
 
-g10/gpg.c
+g10/g10.c
 g10/armor.c
 g10/pkclist.c
 g10/keygen.c
@@ -43,7 +39,6 @@ g10/textfilter.c
 g10/tdbio.c
 g10/trustdb.c
 g10/verify.c
-g10/ringedit.c
 g10/skclist.c
 g10/status.c
 g10/pubkey-enc.c
@@ -52,3 +47,5 @@ g10/encr-data.c
 g10/seskey.c
 g10/delkey.c
 g10/helptext.c
+g10/keydb.c
+g10/keyring.c
diff --git a/po/cs.po b/po/cs.po
new file mode 100644
index 000000000..6cd170f22
--- /dev/null
+++ b/po/cs.po
@@ -0,0 +1,4382 @@
+# GnuPG Czech translation
+# Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+# Magda Proch�zkov� <[email protected]>, Roman Pavlik <[email protected]> 2001, 2002.
+msgid ""
+msgstr ""
+"Project-Id-Version: gnupg-1.0.7\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-20 10:20+0200\n"
+"Last-Translator: Roman Pavlik <[email protected]>\n"
+"Language-Team: Czech <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-2\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "VAROV�N�: Pou��van� pam� nen� bezpe�n�!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "V�ce informac� naleznete na adrese http://www.gnupg.cz/faq.html\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "prov�st operaci nen� mo�n� bez inicializovan� bezpe�n� pam�ti\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(pravd�podobn� jste pro tento �kol pou�ili nespr�vn� program)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
+msgid "yes"
+msgstr "ano"
+
+#: util/miscutil.c:297 util/miscutil.c:334
+msgid "yY"
+msgstr "aAyY"
+
+#: util/miscutil.c:298 util/miscutil.c:332
+msgid "no"
+msgstr "ne"
+
+#: util/miscutil.c:299 util/miscutil.c:335
+msgid "nN"
+msgstr "nN"
+
+#: g10/keyedit.c:815 util/miscutil.c:333
+msgid "quit"
+msgstr "ukon�it"
+
+#: util/miscutil.c:336
+msgid "qQ"
+msgstr "uUqQ"
+
+#: util/errors.c:54
+msgid "general error"
+msgstr "obecn� chyba"
+
+#: util/errors.c:55
+msgid "unknown packet type"
+msgstr "nezn�m� typ paketu"
+
+#: util/errors.c:56
+msgid "unknown version"
+msgstr "nezn�m� verze"
+
+#: util/errors.c:57
+msgid "unknown pubkey algorithm"
+msgstr "nezn�m� algoritmus ve�ejn�ho kl��e"
+
+#: util/errors.c:58
+msgid "unknown digest algorithm"
+msgstr "nezn�m� hashovac� algoritmus"
+
+#: util/errors.c:59
+msgid "bad public key"
+msgstr "�patn� ve�ejn� kl��"
+
+#: util/errors.c:60
+msgid "bad secret key"
+msgstr "�patn� tajn� kl��"
+
+#: util/errors.c:61
+msgid "bad signature"
+msgstr "�patn� podpis"
+
+#: util/errors.c:62
+msgid "checksum error"
+msgstr "chyba kontroln�ho sou�tu"
+
+#: util/errors.c:63
+msgid "bad passphrase"
+msgstr "�patn� heslo"
+
+#: util/errors.c:64
+msgid "public key not found"
+msgstr "ve�ejn� kl�� nenalezen"
+
+#: util/errors.c:65
+msgid "unknown cipher algorithm"
+msgstr "nezn�m� �ifrovac� algoritmus"
+
+#: util/errors.c:66
+msgid "can't open the keyring"
+msgstr "nemohu otev��t soubor kl���"
+
+#: util/errors.c:67
+msgid "invalid packet"
+msgstr "neplatn� paket"
+
+#: util/errors.c:68
+msgid "invalid armor"
+msgstr "neplatn� zp�sob reprezentace v ASCII"
+
+#: util/errors.c:69
+msgid "no such user id"
+msgstr "neexistuje u�ivatel s t�mto id"
+
+#: util/errors.c:70
+msgid "secret key not available"
+msgstr "tajn� kl�� nen� dostupn�"
+
+#: util/errors.c:71
+msgid "wrong secret key used"
+msgstr "je pou�it �patn� tajn� kl��"
+
+#: util/errors.c:72
+msgid "not supported"
+msgstr "nepodporov�no"
+
+#: util/errors.c:73
+msgid "bad key"
+msgstr "�patn� kl��"
+
+#: util/errors.c:74
+msgid "file read error"
+msgstr "chyba p�i �ten� souboru"
+
+#: util/errors.c:75
+msgid "file write error"
+msgstr "chyba p�i z�pisu souboru"
+
+#: util/errors.c:76
+msgid "unknown compress algorithm"
+msgstr "nezn�m� kompresn� algoritmus"
+
+#: util/errors.c:77
+msgid "file open error"
+msgstr "chyba p�i otv�r�n� souboru"
+
+#: util/errors.c:78
+msgid "file create error"
+msgstr "chyba p�i vytv��en� souboru"
+
+#: util/errors.c:79
+msgid "invalid passphrase"
+msgstr "nespr�vn� heslo"
+
+#: util/errors.c:80
+msgid "unimplemented pubkey algorithm"
+msgstr "algoritmus ve�ejn�ho kl��e nen� implementov�n"
+
+#: util/errors.c:81
+msgid "unimplemented cipher algorithm"
+msgstr "�ifrovac� algoritmus nen� implementov�n"
+
+#: util/errors.c:82
+msgid "unknown signature class"
+msgstr "nezn�m� t��da podpisu"
+
+#: util/errors.c:83
+msgid "trust database error"
+msgstr "chyba v datab�zi d�v�ry"
+
+#: util/errors.c:84
+msgid "bad MPI"
+msgstr "�patn� MPI"
+
+#: util/errors.c:85
+msgid "resource limit"
+msgstr "omezen� zdroj�"
+
+#: util/errors.c:86
+msgid "invalid keyring"
+msgstr "neplatn� soubor kl���"
+
+#: util/errors.c:87
+msgid "bad certificate"
+msgstr "�patn� certifik�t"
+
+#: util/errors.c:88
+msgid "malformed user id"
+msgstr "�patn� form�t id u�ivatele"
+
+#: util/errors.c:89
+msgid "file close error"
+msgstr "chyba p�i zav�r�n� souboru"
+
+#: util/errors.c:90
+msgid "file rename error"
+msgstr "chyba p�i p�ejmenov�n� souboru"
+
+#: util/errors.c:91
+msgid "file delete error"
+msgstr "chyba p�i maz�n� souboru"
+
+#: util/errors.c:92
+msgid "unexpected data"
+msgstr "neo�ek�van� data"
+
+#: util/errors.c:93
+msgid "timestamp conflict"
+msgstr "konflikt �asov�ho raz�tka"
+
+#: util/errors.c:94
+msgid "unusable pubkey algorithm"
+msgstr "nepou�iteln� algoritmus s ve�ejn�m kl��em"
+
+#: util/errors.c:95
+msgid "file exists"
+msgstr "soubor existuje"
+
+#: util/errors.c:96
+msgid "weak key"
+msgstr "slab� kl��"
+
+#: util/errors.c:97
+msgid "invalid argument"
+msgstr "neplatn� argument"
+
+#: util/errors.c:98
+msgid "bad URI"
+msgstr "�patn� URI"
+
+#: util/errors.c:99
+msgid "unsupported URI"
+msgstr "toto URI nen� podporov�no"
+
+#: util/errors.c:100
+msgid "network error"
+msgstr "chyba s�t�"
+
+#: util/errors.c:102
+msgid "not encrypted"
+msgstr "neza�ifrov�no"
+
+#: util/errors.c:103
+msgid "not processed"
+msgstr "nezpracov�no"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "nepou�iteln� ve�ejn� kl��"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "nepou�iteln� tajn� kl��"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "chyba serveru kl���"
+
+#: util/logger.c:249
+#, c-format
+msgid "... this is a bug (%s:%d:%s)\n"
+msgstr "... toto je chyba v programu (%s:%d:%s)\n"
+
+#: util/logger.c:255
+#, c-format
+msgid "you found a bug ... (%s:%d)\n"
+msgstr "nalezena chyba v programu ... (%s:%d)\n"
+
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
+#, c-format
+msgid "can't open `%s': %s\n"
+msgstr "nemohu otev��t `%s': %s\n"
+
+#: cipher/random.c:324
+#, c-format
+msgid "can't stat `%s': %s\n"
+msgstr "nemohu pou��t p��kaz stat na `%s': %s\n"
+
+#: cipher/random.c:329
+#, c-format
+msgid "`%s' is not a regular file - ignored\n"
+msgstr "`%s' nen� norm�ln� soubor - ignoruji\n"
+
+#: cipher/random.c:334
+msgid "note: random_seed file is empty\n"
+msgstr "pozn�mka: soubor random_seed je pr�zdn�\n"
+
+#: cipher/random.c:340
+msgid "warning: invalid size of random_seed file - not used\n"
+msgstr "varov�n�: neplatn� velikost random_seed - soubor nepou�it\n"
+
+#: cipher/random.c:348
+#, c-format
+msgid "can't read `%s': %s\n"
+msgstr "nemohu ��st `%s': %s\n"
+
+#: cipher/random.c:386
+msgid "note: random_seed file not updated\n"
+msgstr "pozn�mka: soubor random_seed nen� aktualizov�n\n"
+
+#: cipher/random.c:406
+#, c-format
+msgid "can't create `%s': %s\n"
+msgstr "nemohu vytvo�it `%s': %s\n"
+
+#: cipher/random.c:413
+#, c-format
+msgid "can't write `%s': %s\n"
+msgstr "nemohu zapisovat do `%s': %s\n"
+
+#: cipher/random.c:416
+#, c-format
+msgid "can't close `%s': %s\n"
+msgstr "nemohu zav��t `%s': %s\n"
+
+#: cipher/random.c:662
+msgid "WARNING: using insecure random number generator!!\n"
+msgstr "VAROV�N�: pou�it� gener�tor n�hodn�ch ��sel nen� bezpe�n�!!\n"
+
+#: cipher/random.c:663
+msgid ""
+"The random number generator is only a kludge to let\n"
+"it run - it is in no way a strong RNG!\n"
+"\n"
+"DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
+"\n"
+msgstr ""
+"Gener�tor n�hodn�ch ��sel je pouze atrapa, aby program mohl b�et,\n"
+"v ��dn�m p��pad� nen� kryptograficky bezpe�n�!\n"
+"\n"
+"NEPOU��VEJTE JAK�KOLIV DATA VYTVO�EN� T�MTO PROGRAMEM!!\n"
+"\n"
+
+#: cipher/rndlinux.c:142
+#, c-format
+msgid ""
+"\n"
+"Not enough random bytes available.  Please do some other work to give\n"
+"the OS a chance to collect more entropy! (Need %d more bytes)\n"
+msgstr ""
+"\n"
+"Nedostatek n�hodn�ch bajt�. Pros�m, pracujte s opera�n�m syst�mem, abyste\n"
+"mu umo�nili z�skat v�ce entropie (je pot�eba %d bajt�).\n"
+
+#: g10/g10.c:287
+msgid ""
+"@Commands:\n"
+" "
+msgstr ""
+"@P��kazy:\n"
+" "
+
+#: g10/g10.c:289
+msgid "|[file]|make a signature"
+msgstr "|[soubor]|vytvo�it podpis"
+
+#: g10/g10.c:290
+msgid "|[file]|make a clear text signature"
+msgstr "|[soubor]|vytvo�it podpis v �iteln�m dokumentu"
+
+#: g10/g10.c:291
+msgid "make a detached signature"
+msgstr "vytvo�it podpis odd�len� od dokumentu"
+
+#: g10/g10.c:292
+msgid "encrypt data"
+msgstr "�ifrovat data"
+
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[soubor]|�ifrovat soubor"
+
+#: g10/g10.c:294
+msgid "encryption only with symmetric cipher"
+msgstr "�ifrov�n� pouze se symetrickou �ifrou"
+
+#: g10/g10.c:295
+msgid "store only"
+msgstr "pouze ulo�en�"
+
+#: g10/g10.c:296
+msgid "decrypt data (default)"
+msgstr "de�ifrovat data (implicitn�)"
+
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[soubor]|de�ifrovat soubor"
+
+#: g10/g10.c:298
+msgid "verify a signature"
+msgstr "verifikovat podpis"
+
+#: g10/g10.c:300
+msgid "list keys"
+msgstr "vypsat seznam kl���"
+
+#: g10/g10.c:302
+msgid "list keys and signatures"
+msgstr "vypsat seznam kl��� a podpis�"
+
+#: g10/g10.c:303
+msgid "check key signatures"
+msgstr "zkontrolovat podpisy kl���"
+
+#: g10/g10.c:304
+msgid "list keys and fingerprints"
+msgstr "vypsat seznam kl��� a fingerprint�"
+
+#: g10/g10.c:305
+msgid "list secret keys"
+msgstr "vypsat seznam tajn�ch kl���"
+
+#: g10/g10.c:306
+msgid "generate a new key pair"
+msgstr "vytvo�it nov� p�r kl���"
+
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
+msgstr "odstranit kl�� ze souboru ve�ejn�ch kl���"
+
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "odstranit kl�� ze souboru tajn�ch kl���"
+
+#: g10/g10.c:310
+msgid "sign a key"
+msgstr "podepsat kl��"
+
+#: g10/g10.c:311
+msgid "sign a key locally"
+msgstr "podepsat kl�� lok�ln�"
+
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "podepsat kl�� bez mo�nosti revokace podpisu"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr ""
+"podepsat kl�� lok�ln� a bez mo�nosti\n"
+" revokace podpisu"
+
+#: g10/g10.c:314
+msgid "sign or edit a key"
+msgstr "podepsat nebo modifikovat kl��"
+
+#: g10/g10.c:315
+msgid "generate a revocation certificate"
+msgstr "vytvo�it revoka�n� certifik�t"
+
+#: g10/g10.c:316
+msgid "export keys"
+msgstr "exportovat kl��e"
+
+#: g10/g10.c:317
+msgid "export keys to a key server"
+msgstr "exportovat kl��e na server kl���"
+
+#: g10/g10.c:318
+msgid "import keys from a key server"
+msgstr "importovat kl��e ze serveru kl���"
+
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "vyhledat kl��e na serveru kl���"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "aktualizovat v�echny kl��e ze serveru kl���"
+
+#: g10/g10.c:326
+msgid "import/merge keys"
+msgstr "importovat/slou�it kl��e"
+
+#: g10/g10.c:328
+msgid "list only the sequence of packets"
+msgstr "vypsat pouze po�ad� paket�"
+
+#: g10/g10.c:330
+msgid "export the ownertrust values"
+msgstr ""
+"exportovat hodnoty d�v�ryhodnosti\n"
+" vlastn�ka kl��e"
+
+#: g10/g10.c:332
+msgid "import ownertrust values"
+msgstr ""
+"importovat hodnoty d�v�ryhodnosti\n"
+" vlastn�ka kl��e"
+
+#: g10/g10.c:334
+msgid "update the trust database"
+msgstr "aktualizovat datab�zi d�v�ry"
+
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "neinteraktivn� aktualizace datab�ze d�v�ry"
+
+#: g10/g10.c:337
+msgid "fix a corrupted trust database"
+msgstr "opravit naru�enou datab�zi d�v�ry"
+
+#: g10/g10.c:338
+msgid "De-Armor a file or stdin"
+msgstr "Dek�dovat ASCII soubor nebo std. vstup"
+
+#: g10/g10.c:340
+msgid "En-Armor a file or stdin"
+msgstr "Zak�dovat soubor nebo std. vstup do ASCII"
+
+#: g10/g10.c:342
+msgid "|algo [files]|print message digests"
+msgstr "|algo [soubory]|vypi� hash"
+
+#: g10/g10.c:346
+msgid ""
+"@\n"
+"Options:\n"
+" "
+msgstr ""
+"@\n"
+"Mo�nosti:\n"
+" "
+
+#: g10/g10.c:348
+msgid "create ascii armored output"
+msgstr "vytvo� v�stup zak�dovan� pomoc� ASCII"
+
+#: g10/g10.c:350
+msgid "|NAME|encrypt for NAME"
+msgstr "|JM�NO|�ifrovat pro JM�NO"
+
+#: g10/g10.c:353
+msgid "|NAME|use NAME as default recipient"
+msgstr "|JM�NO|pou��t JM�NO jako implicitn�ho adres�ta"
+
+#: g10/g10.c:355
+msgid "use the default key as default recipient"
+msgstr ""
+"pou��t implicitn� kl�� jako implicitn�ho\n"
+" adres�ta"
+
+#: g10/g10.c:361
+msgid "use this user-id to sign or decrypt"
+msgstr ""
+"pou��t tento id u�ivatele pro podeps�n�\n"
+" nebo de�ifrov�n�"
+
+#: g10/g10.c:362
+msgid "|N|set compress level N (0 disables)"
+msgstr ""
+"|N|nastavit �rov�� komprimace N (0 - ��dn�\n"
+" komprimace)"
+
+#: g10/g10.c:364
+msgid "use canonical text mode"
+msgstr "pou��t kanonick� textov� m�d"
+
+#: g10/g10.c:371
+msgid "use as output file"
+msgstr "pou��t jako v�stupn� soubor"
+
+#: g10/g10.c:372
+msgid "verbose"
+msgstr "s dodate�n�mi informacemi"
+
+#: g10/g10.c:373
+msgid "be somewhat more quiet"
+msgstr "b�t o trochu v�c tich�"
+
+#: g10/g10.c:374
+msgid "don't use the terminal at all"
+msgstr "v�bec nepou��vat termin�l"
+
+#: g10/g10.c:375
+msgid "force v3 signatures"
+msgstr "vynutit podpisy verze 3"
+
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "nevynucovat podpisy verze 3"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "vynutit podpisy verze 4"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "nevynucovat podpisy verze 4"
+
+#: g10/g10.c:379
+msgid "always use a MDC for encryption"
+msgstr "pro �ifrov�n� v�dy pou��t MDC"
+
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "pro �ifrov�n� nikdy nepou��t MDC"
+
+#: g10/g10.c:383
+msgid "do not make any changes"
+msgstr "neprov�d�t ��dn� zm�ny"
+
+#. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
+#: g10/g10.c:385
+msgid "use the gpg-agent"
+msgstr "pou�ijte gpg-agenta"
+
+#: g10/g10.c:388
+msgid "batch mode: never ask"
+msgstr "d�vkov� re�im: nikdy se na nic neptat"
+
+#: g10/g10.c:389
+msgid "assume yes on most questions"
+msgstr "automaticky odpov�d�t ANO na v�t�inu ot�zek"
+
+#: g10/g10.c:390
+msgid "assume no on most questions"
+msgstr "automaticky odpov�d�t NE na v�t�inu ot�zek"
+
+#: g10/g10.c:391
+msgid "add this keyring to the list of keyrings"
+msgstr ""
+"p�idat tento soubor kl��� do seznamu\n"
+" pou��van�ch soubor� kl���"
+
+#: g10/g10.c:392
+msgid "add this secret keyring to the list"
+msgstr "p�idat tento soubor tajn�ch kl��� do seznamu"
+
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "uka� ve kter�m souboru kl��� je vypsan� kl��"
+
+#: g10/g10.c:394
+msgid "|NAME|use NAME as default secret key"
+msgstr "|JM�NO|pou�ij JM�NO jako implicitn� tajn� kl��"
+
+#: g10/g10.c:395
+msgid "|HOST|use this keyserver to lookup keys"
+msgstr ""
+"|PO��TA�|pou�ij tento server kl��� pro vyhled�v�n�\n"
+" kl���"
+
+#: g10/g10.c:397
+msgid "|NAME|set terminal charset to NAME"
+msgstr "|JM�NO|nastav znakovou sadu termin�lu na JM�NO"
+
+#: g10/g10.c:398
+msgid "read options from file"
+msgstr "��st nastaven� ze souboru"
+
+#: g10/g10.c:402
+msgid "|FD|write status info to this FD"
+msgstr "|FD|zapsat informace o stavu do tohoto FD"
+
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[SOUBOR]|zapi� informaci o stavu do SOUBORu"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|KL��|�pln� d�v��ovat tomuto kl��i"
+
+#: g10/g10.c:411
+msgid "|FILE|load extension module FILE"
+msgstr "|SOUBOR|nahr�t roz�i�uj�c� modul SOUBOR"
+
+#: g10/g10.c:412
+msgid "emulate the mode described in RFC1991"
+msgstr "emulovat m�d popsan� v RFC1991"
+
+#: g10/g10.c:413
+msgid "set all packet, cipher and digest options to OpenPGP behavior"
+msgstr ""
+"nastav v�echny vlastnosti paket�, �ifer\n"
+" a hash� jako v OpenPGP"
+
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr ""
+"nastav v�echny vlastnosti paket�, �ifer\n"
+" a hash� jako v PGP 2.x"
+
+#: g10/g10.c:418
+msgid "|N|use passphrase mode N"
+msgstr "|N|pou��t m�d hesla N"
+
+#: g10/g10.c:420
+msgid "|NAME|use message digest algorithm NAME for passphrases"
+msgstr "|ALG|pou��t hashovac� algoritmus ALG pro hesla"
+
+#: g10/g10.c:422
+msgid "|NAME|use cipher algorithm NAME for passphrases"
+msgstr "|ALG|pou��t �ifrovac� algoritmus ALG pro hesla"
+
+#: g10/g10.c:424
+msgid "|NAME|use cipher algorithm NAME"
+msgstr "|ALG|pou��t �ifrovac� algoritmus ALG"
+
+#: g10/g10.c:425
+msgid "|NAME|use message digest algorithm NAME"
+msgstr "|ALG|pou��t hashovac� algoritmus ALG"
+
+#: g10/g10.c:426
+msgid "|N|use compress algorithm N"
+msgstr "|N|pou��t kompresn� algoritmus N"
+
+#: g10/g10.c:427
+msgid "throw keyid field of encrypted packets"
+msgstr ""
+"zahodit identifik�tor kl��e z �ifrovan�ch\n"
+" paket�"
+
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Zobrazit fotografick� ID"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "Nezobrazovat fotografick� ID"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr ""
+"Nastavit p��kazov� ��dek k prohl��en�\n"
+" fotografick�ho ID"
+
+#: g10/g10.c:431
+msgid "|NAME=VALUE|use this notation data"
+msgstr "|JM�NO=HODNOTA|pou��t tento z�pis dat"
+
+#: g10/g10.c:434
+msgid ""
+"@\n"
+"(See the man page for a complete listing of all commands and options)\n"
+msgstr ""
+"@\n"
+"(Pou�ijte manu�lov� str�nky pro kompletn� seznam v�ech p��kaz� a mo�nost�)\n"
+
+#: g10/g10.c:437
+msgid ""
+"@\n"
+"Examples:\n"
+"\n"
+" -se -r Bob [file]          sign and encrypt for user Bob\n"
+" --clearsign [file]         make a clear text signature\n"
+" --detach-sign [file]       make a detached signature\n"
+" --list-keys [names]        show keys\n"
+" --fingerprint [names]      show fingerprints\n"
+msgstr ""
+"@\n"
+" -se -r Bob [soubor]        podepsat a za�ifrovat pro u�ivatele Bob\n"
+" --clearsign [soubor]       vytvo�it podpis �iteln�ho dokumentu\n"
+" --detach-sign [soubor]     vytvo�it podpis odd�len� od dokumentu\n"
+" --list-keys [jm�na]        vypsat kl��e\n"
+" --fingerprint [jm�na]      vypsat fingerprinty \n"
+
+#: g10/g10.c:579
+msgid "Please report bugs to <[email protected]>.\n"
+msgstr ""
+"Chyby oznamte, pros�m, na adresu <[email protected]>.\n"
+"P�ipom�nky k p�ekladu <[email protected]>.\n"
+
+#: g10/g10.c:583
+msgid "Usage: gpg [options] [files] (-h for help)"
+msgstr "Pou�it�: gpg [mo�nosti] [soubory] (-h pro pomoc)"
+
+#: g10/g10.c:586
+msgid ""
+"Syntax: gpg [options] [files]\n"
+"sign, check, encrypt or decrypt\n"
+"default operation depends on the input data\n"
+msgstr ""
+"Syntaxe: gpg [mo�nosti] [soubory]\n"
+"podepsat, ov��it, �ifrovat nebo de�ifrovat\n"
+"implicitn� operace z�vis� na vstupn�ch datech\n"
+
+#: g10/g10.c:597
+msgid ""
+"\n"
+"Supported algorithms:\n"
+msgstr ""
+"\n"
+"Podporovan� algoritmy:\n"
+
+#: g10/g10.c:671
+msgid "usage: gpg [options] "
+msgstr "u�it�: gpg [mo�nosti]"
+
+#: g10/g10.c:728
+msgid "conflicting commands\n"
+msgstr "konfliktn� p��kazy\n"
+
+#: g10/g10.c:903
+#, c-format
+msgid "NOTE: no default option file `%s'\n"
+msgstr "POZN�MKA: neexistuje implicitn� soubor s mo�nostmi `%s'\n"
+
+#: g10/g10.c:907
+#, c-format
+msgid "option file `%s': %s\n"
+msgstr "soubor s mo�nostmi `%s': %s\n"
+
+#: g10/g10.c:914
+#, c-format
+msgid "reading options from `%s'\n"
+msgstr "�tu mo�nosti z `%s'\n"
+
+#: g10/g10.c:1197
+#, c-format
+msgid "%s is not a valid character set\n"
+msgstr "%s nen� platn� znakov� sada\n"
+
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "nelze pou��t URI serveru kl��� - chyba anal�zy URI\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "nelze nastavit exec-path na %s\n"
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "VAROV�N�: pou��v�n� paralteru %s se nedoporu�uje.\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "pu��jte m�sto n�j \"--keyserver-options %s\" \n"
+
+#: g10/g10.c:1347
+msgid "WARNING: program may create a core file!\n"
+msgstr "VAROV�N�: program m��e vytvo�it soubor core!\n"
+
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "VAROV�N�: %s p�ep��e %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
+#, c-format
+msgid "NOTE: %s is not for normal use!\n"
+msgstr "POZN�MKA: %s nen� pro norm�ln� pou�it�!\n"
+
+#: g10/g10.c:1360 g10/g10.c:1380
+#, c-format
+msgid "%s not allowed with %s!\n"
+msgstr "Nen� dovoleno pou��vat %s s %s!\n"
+
+#: g10/g10.c:1363
+#, c-format
+msgid "%s makes no sense with %s!\n"
+msgstr "%s ned�v� s %s smysl!\n"
+
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+"v m�du --pgp2 m��ete vytv��et pouze odd�len� podpisy nebo podpisy �iteln� "
+"jako text\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "v m�du --pgp2 nelze sou�asn� �ifrovat a podepisovat\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr "v m�du --pgp2 mus�te pou��t soubor (ne rouru).\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr "�ifrov�n� zpr�v v m�du --pgp2 vy�aduje algoritmus IDEA\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "tato zpr�va nen� pro PGP 2.x pou�iteln�\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
+msgid "selected cipher algorithm is invalid\n"
+msgstr "vybran� �ifrovac� algoritmus je neplatn�\n"
+
+#: g10/g10.c:1476 g10/g10.c:1488
+msgid "selected digest algorithm is invalid\n"
+msgstr "vybran� hashovac� algoritmus je neplatn�\n"
+
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "zadan� URL pro podepisovac� politiku je neplatn�\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "zadan� URL pro certifika�n� politiku je neplatn�\n"
+
+#: g10/g10.c:1499
+#, c-format
+msgid "compress algorithm must be in range %d..%d\n"
+msgstr "kompresn� algoritmus mus� b�t v rozmez� %d..%d\n"
+
+#: g10/g10.c:1501
+msgid "completes-needed must be greater than 0\n"
+msgstr "polo�ka completes-needed mus� b�t v�t�� ne� 0\n"
+
+#: g10/g10.c:1503
+msgid "marginals-needed must be greater than 1\n"
+msgstr "polo�ka marginals-needed mus� b�t v�t�� ne� 1\n"
+
+#: g10/g10.c:1505
+msgid "max-cert-depth must be in range 1 to 255\n"
+msgstr "polo�ka max-cert-depth mus� b�t v rozmez� od 1 do 255\n"
+
+#: g10/g10.c:1508
+msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
+msgstr "POZN�MKA: jednoduch� m�d S2K (0) je d�razn� nedoporu�ov�n\n"
+
+#: g10/g10.c:1512
+msgid "invalid S2K mode; must be 0, 1 or 3\n"
+msgstr "neplatn� m�d S2K; mus� b�t 0, 1 nebo 3\n"
+
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "neplatn� implicitn� �rove� kontroly; mus� b�t 0, 1, 2 nebo 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "neplatn� p�edvolby \n"
+
+#: g10/g10.c:1613
+#, c-format
+msgid "failed to initialize the TrustDB: %s\n"
+msgstr "nemohu inicializovat datab�zi d�v�ry: %s\n"
+
+#: g10/g10.c:1633
+msgid "--store [filename]"
+msgstr "--store [jm�no souboru]"
+
+#: g10/g10.c:1640
+msgid "--symmetric [filename]"
+msgstr "--symmetric [jm�no souboru]"
+
+#: g10/g10.c:1648
+msgid "--encrypt [filename]"
+msgstr "--encrypt [jm�no souboru]"
+
+#: g10/g10.c:1665
+msgid "--sign [filename]"
+msgstr "--sign [jm�no souboru]"
+
+#: g10/g10.c:1678
+msgid "--sign --encrypt [filename]"
+msgstr "--sign --encrypt [jm�no souboru]"
+
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [jm�no souboru]"
+
+#: g10/g10.c:1701
+msgid "--clearsign [filename]"
+msgstr "--clearsign [jm�no souboru]"
+
+#: g10/g10.c:1719
+msgid "--decrypt [filename]"
+msgstr "--decrypt [jm�no souboru]"
+
+#: g10/g10.c:1730
+msgid "--sign-key user-id"
+msgstr "--sign-key id u�ivatele"
+
+#: g10/g10.c:1738
+msgid "--lsign-key user-id"
+msgstr "--lsign-key id u�ivatele"
+
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key id u�ivatele"
+
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key id u�ivatele"
+
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key id u�ivatele [p��kazy]"
+
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
+#, c-format
+msgid "can't open %s: %s\n"
+msgstr "nelze otev��t %s: %s\n"
+
+#: g10/g10.c:1833
+msgid "-k[v][v][v][c] [user-id] [keyring]"
+msgstr "-k[v][v][v][c] [id u�ivatele] [soubor s kl��i (keyring)]"
+
+#: g10/g10.c:1916
+#, c-format
+msgid "dearmoring failed: %s\n"
+msgstr "dek�dov�n� z ASCII form�tu selhalo: %s\n"
+
+#: g10/g10.c:1924
+#, c-format
+msgid "enarmoring failed: %s\n"
+msgstr "k�dov�n� do ASCII form�tu selhalo: %s\n"
+
+#: g10/g10.c:2011
+#, c-format
+msgid "invalid hash algorithm `%s'\n"
+msgstr "neplatn� hashovac� algoritmus `%s'\n"
+
+#: g10/g10.c:2097
+msgid "[filename]"
+msgstr "[jm�no souboru]"
+
+#: g10/g10.c:2101
+msgid "Go ahead and type your message ...\n"
+msgstr "Za�n�te ps�t svou zpr�vu ...\n"
+
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
+#, c-format
+msgid "can't open `%s'\n"
+msgstr "nelze otev��t `%s'\n"
+
+#: g10/g10.c:2313
+msgid ""
+"the first character of a notation name must be a letter or an underscore\n"
+msgstr "prvn� znak jm�na mus� b�t p�smeno nebo podtr��tko\n"
+
+#: g10/g10.c:2319
+msgid ""
+"a notation name must have only letters, digits, dots or underscores and end "
+"with an '='\n"
+msgstr ""
+"jm�no m��e obsahovat pouze p�smena, ��slice, te�ky nebo podtr��tka a kon�it "
+"s '='\n"
+
+#: g10/g10.c:2325
+msgid "dots in a notation name must be surrounded by other characters\n"
+msgstr "te�ky ve jm�n� mus� b�t obklopeny jin�mi znaky\n"
+
+#: g10/g10.c:2333
+msgid "a notation value must not use any control characters\n"
+msgstr "hodnota nem��e obsahovat ��dn� kontroln� znaky\n"
+
+#: g10/armor.c:314
+#, c-format
+msgid "armor: %s\n"
+msgstr "ASCII k�dov�n�: %s\n"
+
+#: g10/armor.c:343
+msgid "invalid armor header: "
+msgstr "neplatn� hlavi�ka ASCII k�dov�n�: "
+
+#: g10/armor.c:350
+msgid "armor header: "
+msgstr "ASCII hlavi�ka: "
+
+#: g10/armor.c:361
+msgid "invalid clearsig header\n"
+msgstr "neplatn� hlavi�ka podpisu v �iteln�m form�tu\n"
+
+#: g10/armor.c:413
+msgid "nested clear text signatures\n"
+msgstr "vno�en� podpisy v �iteln�m form�tu\n"
+
+#: g10/armor.c:537
+msgid "invalid dash escaped line: "
+msgstr "nespr�vn� ozna�en� ��dku m�nusy: "
+
+#: g10/armor.c:549
+msgid "unexpected armor:"
+msgstr "neo�ek�van� k�dov�n� ASCII:"
+
+#: g10/armor.c:675 g10/armor.c:1242
+#, c-format
+msgid "invalid radix64 character %02x skipped\n"
+msgstr "neplatn� znak form�tu radix64 %02x byl p�esko�en\n"
+
+#: g10/armor.c:718
+msgid "premature eof (no CRC)\n"
+msgstr "p�ed�asn� konec souboru (��dn� CRC)\n"
+
+#: g10/armor.c:752
+msgid "premature eof (in CRC)\n"
+msgstr "p�ed�asn� konec souboru (��dn� CRC)\n"
+
+#: g10/armor.c:756
+msgid "malformed CRC\n"
+msgstr "�patn� form�t CRC\n"
+
+#: g10/armor.c:760 g10/armor.c:1279
+#, c-format
+msgid "CRC error; %06lx - %06lx\n"
+msgstr "Chyba CRC; %06lx - %06lx\n"
+
+#: g10/armor.c:780
+msgid "premature eof (in Trailer)\n"
+msgstr "p�ed�asn� konec souboru (v pati�ce)\n"
+
+#: g10/armor.c:784
+msgid "error in trailer line\n"
+msgstr "chyba v pati�ce\n"
+
+#: g10/armor.c:1057
+msgid "no valid OpenPGP data found.\n"
+msgstr "nenalezena ��dn� platn� data ve form�tu OpenPGP.\n"
+
+#: g10/armor.c:1062
+#, c-format
+msgid "invalid armor: line longer than %d characters\n"
+msgstr "neplatn� k�dov�n� ASCII: ��dek je del�� ne� %d znak�\n"
+
+#: g10/armor.c:1066
+msgid ""
+"quoted printable character in armor - probably a buggy MTA has been used\n"
+msgstr ""
+"neplatn� znak (quoted-printable) v ASCII k�dov�n� - pravd�podobn� byl pou�it "
+"�patn� MTA\n"
+
+#: g10/pkclist.c:61
+msgid "No reason specified"
+msgstr "D�vod nebyl specifikov�n"
+
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "Kl�� je nahrazen"
+
+#: g10/pkclist.c:65
+msgid "Key has been compromised"
+msgstr "Kl�� byl zkompromitov�n"
+
+#: g10/pkclist.c:67
+msgid "Key is no longer used"
+msgstr "Kl�� se ji� nepou��v�"
+
+#: g10/pkclist.c:69
+msgid "User ID is no longer valid"
+msgstr "Identifik�tor u�ivatele ji� neplat�"
+
+#: g10/pkclist.c:73
+msgid "Reason for revocation: "
+msgstr "D�vod pro revokaci: "
+
+#: g10/pkclist.c:90
+msgid "Revocation comment: "
+msgstr "Revoka�n� pozn�mka: "
+
+#. a string with valid answers
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMuUqQsS"
+
+#: g10/pkclist.c:258
+#, c-format
+msgid ""
+"No trust value assigned to:\n"
+"%4u%c/%08lX %s \""
+msgstr ""
+"K nen� p�i�azena ��dn� hodnota d�v�ry:\n"
+"%4u%c/%08lX %s \""
+
+#: g10/pkclist.c:270
+msgid ""
+"Please decide how far you trust this user to correctly\n"
+"verify other users' keys (by looking at passports,\n"
+"checking fingerprints from different sources...)?\n"
+"\n"
+msgstr ""
+"Pros�m rozhodn�te, nakolik d�v��ete tomuto u�ivateli, �e spr�vn�\n"
+"verifikuje kl��e jin�ch u�ivatel� (prohl�dnut�m cestovn�ch pas�,\n"
+"kontrolou fingerprint� z r�zn�ch zdroj�...)?\n"
+"\n"
+
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = Nev�m\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = Ned�v��uji\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = D�v��uji ��ste�n�\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = D�v��uji �pln�\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = D�v��uji absolutn�\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = pros�m o v�ce informac�\n"
+
+#: g10/pkclist.c:281
+msgid " m = back to the main menu\n"
+msgstr " m = zp�t do hlavn�ho menu\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = p�esko�it tento kl��\n"
+
+#: g10/pkclist.c:285
+msgid " q = quit\n"
+msgstr " u = ukon�it\n"
+
+#: g10/pkclist.c:292
+msgid "Your decision? "
+msgstr "Va�e rozhodnut�? "
+
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Opravdu chcete nastavit pro tento kl�� absolutn� d�v�ru? "
+
+#: g10/pkclist.c:325
+msgid "Certificates leading to an ultimately trusted key:\n"
+msgstr "Certifik�ty vedouc� k fin�ln�mu d�v�ryhodn�mu kl��i:\n"
+
+#: g10/pkclist.c:399
+#, c-format
+msgid "key %08lX: key has been revoked!\n"
+msgstr "kl�� %08lX: kl�� byl revokov�n\n"
+
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
+msgid "Use this key anyway? "
+msgstr "Pou��t p�esto tento kl��? "
+
+#: g10/pkclist.c:411
+#, c-format
+msgid "key %08lX: subkey has been revoked!\n"
+msgstr "kl�� %08lX: podkl�� byl revokov�n!\n"
+
+#: g10/pkclist.c:432
+#, c-format
+msgid "%08lX: key has expired\n"
+msgstr "%08lX: skon�ila platnost kl��e\n"
+
+#: g10/pkclist.c:442
+#, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"%08lX: Nic nenazna�uje tomu, �e tento podpis pat�� vlastn�kovi kl��e.\n"
+
+#: g10/pkclist.c:448
+#, c-format
+msgid "%08lX: We do NOT trust this key\n"
+msgstr "%08lX: NEd�v��ujeme tomuto kl��i!\n"
+
+#: g10/pkclist.c:454
+#, c-format
+msgid ""
+"%08lX: It is not sure that this key really belongs to the owner\n"
+"but it is accepted anyway\n"
+msgstr ""
+"%08lX: Nen� jist�, zda tento podpis pat�� vlastn�kovi, p�esto je akceptov�n\n"
+
+#: g10/pkclist.c:460
+msgid "This key probably belongs to the owner\n"
+msgstr "Tento kl�� pravd�podobn� n�le�� jeho majiteli\n"
+
+#: g10/pkclist.c:465
+msgid "This key belongs to us\n"
+msgstr "Tento kl�� n�le�� n�m (m�me odpov�daj�c� tajn� kl��)\n"
+
+#: g10/pkclist.c:507
+msgid ""
+"It is NOT certain that the key belongs to its owner.\n"
+"If you *really* know what you are doing, you may answer\n"
+"the next question with yes\n"
+"\n"
+msgstr ""
+"NEN� jist�, zda tento kl�� pat�� osob�, kter� se vyd�v� za jeho\n"
+"vlastn�ka. Pokud *skute�n�* v�te, co d�l�te, m��ete na ot�zku\n"
+"odpov�d�t ano\n"
+"\n"
+
+#: g10/pkclist.c:521 g10/pkclist.c:543
+msgid "WARNING: Using untrusted key!\n"
+msgstr "VAROV�N�: Je pou�it ned�v�ryhodn� kl��!\n"
+
+#: g10/pkclist.c:562
+msgid "WARNING: This key has been revoked by its owner!\n"
+msgstr "VAROV�N�: Tento kl�� byl revokov�n sv�m vlastn�kem!\n"
+
+#: g10/pkclist.c:563
+msgid "         This could mean that the signature is forgery.\n"
+msgstr "         To m��e znamenat, �e podpis je pad�lan�.\n"
+
+#: g10/pkclist.c:569
+msgid "WARNING: This subkey has been revoked by its owner!\n"
+msgstr "VAROV�N�: Tento podkl�� byl revokov�n sv�m vlastn�kem!\n"
+
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Pozn�mka: Tento kl�� byl ozna�en jako neplatn� (disabled).\n"
+
+#: g10/pkclist.c:579
+msgid "Note: This key has expired!\n"
+msgstr "Pozn�mka: Skon�ila platnost tohoto kl��e!\n"
+
+#: g10/pkclist.c:590
+msgid "WARNING: This key is not certified with a trusted signature!\n"
+msgstr "VAROV�N�: Tento kl�� nen� certifikov�n d�v�ryhodn�m podpisem!\n"
+
+#: g10/pkclist.c:592
+msgid ""
+"         There is no indication that the signature belongs to the owner.\n"
+msgstr ""
+"         Nic nenazna�uje tomu, �e tento podpis pat�� vlastn�kovi kl��e.\n"
+
+#: g10/pkclist.c:600
+msgid "WARNING: We do NOT trust this key!\n"
+msgstr "VAROV�N�: NEd�v��ujeme tomuto kl��i!\n"
+
+#: g10/pkclist.c:601
+msgid "         The signature is probably a FORGERY.\n"
+msgstr "         Tento podpis je pravd�podobn� PAD�LAN�.\n"
+
+#: g10/pkclist.c:609
+msgid ""
+"WARNING: This key is not certified with sufficiently trusted signatures!\n"
+msgstr ""
+"VAROV�N�: Tento kl�� nen� certifikov�n dostate�n� d�v�ryhodn�mi podpisy!\n"
+
+#: g10/pkclist.c:611
+msgid "         It is not certain that the signature belongs to the owner.\n"
+msgstr "         Nen� jist�, zda tento podpis pat�� vlastn�kovi.\n"
+
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
+#, c-format
+msgid "%s: skipped: %s\n"
+msgstr "%s: p�esko�eno: %s\n"
+
+#: g10/pkclist.c:723 g10/pkclist.c:911
+#, c-format
+msgid "%s: skipped: public key already present\n"
+msgstr "%s: p�esko�eno: ve�ejn� kl�� je ji� obsa�en v datab�zi\n"
+
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr ""
+"Nespecifikoval jste identifik�tor u�ivatele (user ID). M��ete pou��t \"-r\"\n"
+
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
+"\n"
+"Napi�te identifik�tor u�ivatele (user ID). Ukon�ete pr�zdn�m ��dkem: "
+
+#: g10/pkclist.c:776
+msgid "No such user ID.\n"
+msgstr "Takov� identifik�tor u�ivatele neexistuje.\n"
+
+#: g10/pkclist.c:781 g10/pkclist.c:857
+msgid "skipped: public key already set as default recipient\n"
+msgstr "p�esko�eno: ve�ejn� kl�� je u� nastaven podle implicitn�ho adres�ta\n"
+
+#: g10/pkclist.c:799
+msgid "Public key is disabled.\n"
+msgstr "Ve�ejn� kl�� je neplatn� (disabled).\n"
+
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "p�esko�eno: ve�ejn� kl�� je ji� nastaven\n"
+
+#: g10/pkclist.c:849
+#, c-format
+msgid "unknown default recipient `%s'\n"
+msgstr "nezn�m� implicitn� adres�t `%s'\n"
+
+#: g10/pkclist.c:893
+#, c-format
+msgid "%s: skipped: public key is disabled\n"
+msgstr "%s: p�esko�eno: ve�ejn� kl�� je neplatn� (disabled)\n"
+
+#: g10/pkclist.c:943
+msgid "no valid addressees\n"
+msgstr "��dn� platn� adresy\n"
+
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "p�edvolba %c%lu nen� platn�\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "duplicita p�edvolby %c%lu\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "p��li� mnoho `%c' p�edvoleb\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "neplatn� znak v �et�zci s p�edvolbami\n"
+
+#: g10/keygen.c:399
+msgid "writing self signature\n"
+msgstr "zapisuji podpis kl��e sebou sam�m\n"
+
+#: g10/keygen.c:443
+msgid "writing key binding signature\n"
+msgstr "zapisuji \"key-binding\" podpis\n"
+
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
+msgid "keysize invalid; using %u bits\n"
+msgstr "neplatn� d�lka kl��e; pou�iji %u bit�\n"
+
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
+msgid "keysize rounded up to %u bits\n"
+msgstr "d�lka kl��e zaokrouhlena na %u bit�\n"
+
+#: g10/keygen.c:777
+msgid "Please select what kind of key you want:\n"
+msgstr "Pros�m, vyberte druh kl��e, kter� chcete:\n"
+
+#: g10/keygen.c:779
+#, c-format
+msgid "   (%d) DSA and ElGamal (default)\n"
+msgstr "   (%d) DSA a ElGamal (implicitn�)\n"
+
+#: g10/keygen.c:780
+#, c-format
+msgid "   (%d) DSA (sign only)\n"
+msgstr "   (%d) DSA (pouze pro podpis)\n"
+
+#: g10/keygen.c:782
+#, c-format
+msgid "   (%d) ElGamal (encrypt only)\n"
+msgstr "   (%d) ElGamal (pouze pro �ifrov�n�)\n"
+
+#: g10/keygen.c:783
+#, c-format
+msgid "   (%d) ElGamal (sign and encrypt)\n"
+msgstr "   (%d) ElGamal (pro �ifrov�n� a podpis)\n"
+
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (pouze pro podpis)\n"
+
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (pouze pro �ifrov�n�)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
+msgid "Your selection? "
+msgstr "V� v�b�r? "
+
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr ""
+"Pou�it� tohoto algoritmu se ji� nedoporu�uje - chcete ho p�esto vytvo�it? "
+
+#: g10/keyedit.c:529 g10/keygen.c:823
+msgid "Invalid selection.\n"
+msgstr "Neplatn� v�b�r.\n"
+
+#: g10/keygen.c:836
+#, c-format
+msgid ""
+"About to generate a new %s keypair.\n"
+"              minimum keysize is  768 bits\n"
+"              default keysize is 1024 bits\n"
+"    highest suggested keysize is 2048 bits\n"
+msgstr ""
+"Chyst�m se vytvo�it nov� p�r kl��� %s.\n"
+"                       minim�ln� velikost kl��e je  768 bit�\n"
+"                      implicitn� velikost kl��e je 1024 bit�\n"
+"             nejvy��� navrhovan� velikost kl��e je 2048 bit�\n"
+
+#: g10/keygen.c:845
+msgid "What keysize do you want? (1024) "
+msgstr "Jakou velikost kl��e si p�ejete? (1024) "
+
+#: g10/keygen.c:850
+msgid "DSA only allows keysizes from 512 to 1024\n"
+msgstr "Kl�� DSA mus� m�t velikost od 512 do 1024 bit�.\n"
+
+#: g10/keygen.c:852
+msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr ""
+"velikost kl��e je p��li� mal�; minim�ln� dovolen� velikost pro RSA je 1024 "
+"bit�.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr ""
+"velikost kl��e je p��li� mal�; minim�ln� dovolen� velikost je 768 bit�.\n"
+
+#. It is ridiculous and an annoyance to use larger key sizes!
+#. * GnuPG can handle much larger sizes; but it takes an eternity
+#. * to create such a key (but less than the time the Sirius
+#. * Computer Corporation needs to process one of the usual
+#. * complaints) and {de,en}cryption although needs some time.
+#. * So, before you complain about this limitation, I suggest that
+#. * you start a discussion with Marvin about this theme and then
+#. * do whatever you want.
+#: g10/keygen.c:866
+#, c-format
+msgid "keysize too large; %d is largest value allowed.\n"
+msgstr "velikost kl��e je p��li� velk�; maxim�ln� dovolen� hodnota je %d.\n"
+
+#: g10/keygen.c:871
+msgid ""
+"Keysizes larger than 2048 are not suggested because\n"
+"computations take REALLY long!\n"
+msgstr ""
+"Velikosti kl��e v�t�� jak 2048 bit� se nedoporu�uj�, proto�e\n"
+"v�po�ty pak trvaj� VELMI dlouho!\n"
+
+#: g10/keygen.c:874
+msgid "Are you sure that you want this keysize? "
+msgstr "Opravdu chcete vytvo�it kl�� t�to d�lky? "
+
+#: g10/keygen.c:875
+msgid ""
+"Okay, but keep in mind that your monitor and keyboard radiation is also very "
+"vulnerable to attacks!\n"
+msgstr ""
+"Dob�e, ale nezapome�te, �e informace mohou b�t vyzrazeny z po��ta�e tak� "
+"elektromagnetick�m vyza�ov�n�m monitoru nebo kl�vesnice!\n"
+
+#: g10/keygen.c:884
+#, c-format
+msgid "Requested keysize is %u bits\n"
+msgstr "Po�adovan� d�lka kl��e je %u bit�.\n"
+
+#: g10/keygen.c:887 g10/keygen.c:891
+#, c-format
+msgid "rounded up to %u bits\n"
+msgstr "zaokrouhleno na %u bit�\n"
+
+#: g10/keygen.c:942
+msgid ""
+"Please specify how long the key should be valid.\n"
+"         0 = key does not expire\n"
+"      <n>  = key expires in n days\n"
+"      <n>w = key expires in n weeks\n"
+"      <n>m = key expires in n months\n"
+"      <n>y = key expires in n years\n"
+msgstr ""
+"Pros�m ur�ete, jak dlouho by kl�� m�l platit.\n"
+"         0 = doba platnosti kl��e nen� omezena\n"
+"      <n>  = doba platnosti kl��e skon�� za n dn�\n"
+"      <n>w = doba platnosti kl��e skon�� za n t�dn�\n"
+"      <n>m = doba platnosti kl��e skon�� za n m�s�c�\n"
+"      <n>y = doba platnosti kl��e skon�� za n let\n"
+
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Pros�m ur�ete, jak dlouho by m�l podpis platit.\n"
+"         0 = doba platnosti podpisu nen� omezena\n"
+"      <n>  = doba platnosti podpisu skon�� za n dn�\n"
+"      <n>w = doba platnosti podpisu skon�� za n t�dn�\n"
+"      <n>m = doba platnosti podpisu skon�� za n m�s�c�\n"
+"      <n>y = doba platnosti podpisu skon�� za n let\n"
+
+#: g10/keygen.c:973
+msgid "Key is valid for? (0) "
+msgstr "Kl�� je platn� pro? (0) "
+
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "Podpis je platn� pro? (0) "
+
+#: g10/keygen.c:980
+msgid "invalid value\n"
+msgstr "neplatn� hodnota\n"
+
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "platnost %s neskon��\n"
+
+#. print the date when the key expires
+#: g10/keygen.c:992
+#, c-format
+msgid "%s expires at %s\n"
+msgstr "platnost %s skon�� %s\n"
+
+#: g10/keygen.c:998
+msgid ""
+"Your system can't display dates beyond 2038.\n"
+"However, it will be correctly handled up to 2106.\n"
+msgstr ""
+"V� syst�m neum� zobrazit data po roce 2038.\n"
+"V ka�d�m p��pad� budou data korektn� zpracov�v�na do roku 2106.\n"
+
+#: g10/keygen.c:1003
+msgid "Is this correct (y/n)? "
+msgstr "Je to spr�vn� (a/n)? "
+
+#: g10/keygen.c:1046
+msgid ""
+"\n"
+"You need a User-ID to identify your key; the software constructs the user "
+"id\n"
+"from Real Name, Comment and Email Address in this form:\n"
+"    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
+"\n"
+msgstr ""
+"\n"
+"Aby bylo mo�n� rozpoznat V� kl��, mus�te zn�t identifik�tor u�ivatele;\n"
+"program jej slo�� z Va�eho jm�na a p��jmen�, koment��e a e-mailu\n"
+"v tomto tvaru:\n"
+"    \"Magda Prochazkova (student) <[email protected]>\"\n"
+"\n"
+
+#: g10/keygen.c:1058
+msgid "Real name: "
+msgstr "Jm�no a p��jmen�: "
+
+#: g10/keygen.c:1066
+msgid "Invalid character in name\n"
+msgstr "Neplatn� znak ve jm�n�\n"
+
+#: g10/keygen.c:1068
+msgid "Name may not start with a digit\n"
+msgstr "Jm�no nem��e za��nat ��slic�\n"
+
+#: g10/keygen.c:1070
+msgid "Name must be at least 5 characters long\n"
+msgstr "Jm�no mus� b�t dlouh� alespo� 5 znak�\n"
+
+#: g10/keygen.c:1078
+msgid "Email address: "
+msgstr "E-mailov� adresa: "
+
+#: g10/keygen.c:1089
+msgid "Not a valid email address\n"
+msgstr "Neplatn� e-mailov� adresa\n"
+
+#: g10/keygen.c:1097
+msgid "Comment: "
+msgstr "Koment��: "
+
+#: g10/keygen.c:1103
+msgid "Invalid character in comment\n"
+msgstr "Neplatn� znak v koment��i\n"
+
+#: g10/keygen.c:1126
+#, c-format
+msgid "You are using the `%s' character set.\n"
+msgstr "Pou��v�te znakovou sadu `%s'.\n"
+
+#: g10/keygen.c:1132
+#, c-format
+msgid ""
+"You selected this USER-ID:\n"
+"    \"%s\"\n"
+"\n"
+msgstr ""
+"Zvolil(a) jste tento identifik�tor u�ivatele:\n"
+"    \"%s\"\n"
+"\n"
+
+#: g10/keygen.c:1136
+msgid "Please don't put the email address into the real name or the comment\n"
+msgstr "Do pole jm�no nebo koment�� nepi�te, pros�m, e-mailovou adresu.\n"
+
+#: g10/keygen.c:1141
+msgid "NnCcEeOoQq"
+msgstr "jJkKeEPpUu"
+
+#: g10/keygen.c:1151
+msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
+msgstr "Zm�nit (J)m�no, (K)oment��, (E)-mail nebo (U)kon�it? "
+
+#: g10/keygen.c:1152
+msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
+msgstr ""
+"Zm�nit (J)m�no, (K)oment��, (E)-mail, (P)okra�ovat d�l nebo (U)kon�it "
+"program? "
+
+#: g10/keygen.c:1171
+msgid "Please correct the error first\n"
+msgstr "Nejd��v, pros�m, opravte chybu\n"
+
+#: g10/keygen.c:1210
+msgid ""
+"You need a Passphrase to protect your secret key.\n"
+"\n"
+msgstr ""
+"Pro ochranu Va�eho tajn�ho kl��e mus�te zadat heslo.\n"
+"\n"
+
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "heslo nen� zopakov�no spr�vn�; zkuste to znovu"
+
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"I will do it anyway.  You can change your passphrase at any time,\n"
+"using this program with the option \"--edit-key\".\n"
+"\n"
+msgstr ""
+"Nechcete heslo - to *nen�* dobr� n�pad!\n"
+"Dob�e, budu pokra�ovat bez hesla. Kdykoliv m��ete heslo zm�nit pou�it�m\n"
+"tohoto programu s parametrem \"--edit-key\".\n"
+"\n"
+
+#: g10/keygen.c:1246
+msgid ""
+"We need to generate a lot of random bytes. It is a good idea to perform\n"
+"some other action (type on the keyboard, move the mouse, utilize the\n"
+"disks) during the prime generation; this gives the random number\n"
+"generator a better chance to gain enough entropy.\n"
+msgstr ""
+"Mus�me vytvo�it mnoho n�hodn�ch bajt�. B�hem vytv��en� m��ete\n"
+"prov�d�t n�jakou jinou pr�ci na po��ta�i (ps�t na kl�vesnici, pohybovat "
+"my��,\n"
+"pou��vat disky); d�ky tomu m� gener�tor lep�� �anci z�skat dostatek "
+"entropie.\n"
+
+#: g10/keygen.c:1741
+msgid "DSA keypair will have 1024 bits.\n"
+msgstr "P�r kl��� DSA bude dlouh� 1024 bit�.\n"
+
+#: g10/keygen.c:1795
+msgid "Key generation canceled.\n"
+msgstr "Vytv��en� kl��e bylo zru�eno.\n"
+
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
+msgid "writing public key to `%s'\n"
+msgstr "zapisuji ve�ejn� kl�� do `%s'\n"
+
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
+msgid "writing secret key to `%s'\n"
+msgstr "zapisuji tajn� kl�� do `%s'\n"
+
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "nenalezen zapisovateln� soubor ve�ejn�ch kl��� (pubring): %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "nenalezen zapisovateln� soubor tajn�ch kl��� (secring): %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "chyba p�i z�pisu do souboru ve�ejn�ch kl��� `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "chyba p�i z�pisu do souboru tajn�ch kl��� `%s': %s\n"
+
+#: g10/keygen.c:1999
+msgid "public and secret key created and signed.\n"
+msgstr "ve�ejn� a tajn� kl�� byly vytvo�eny a podeps�ny.\n"
+
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "kl�� ozna�en jako absolutn� d�v�ryhodn�.\n"
+
+#: g10/keygen.c:2011
+msgid ""
+"Note that this key cannot be used for encryption.  You may want to use\n"
+"the command \"--edit-key\" to generate a secondary key for this purpose.\n"
+msgstr ""
+"Tento kl�� nem��e b�t pou�it� pro �ifrov�n�. K vytvo�en�\n"
+"sekund�rn�ho kl��e pro tento ��el m��ete pou��t p��kaz \"--edit-key\".\n"
+
+#: g10/keygen.c:2023 g10/keygen.c:2131
+#, c-format
+msgid "Key generation failed: %s\n"
+msgstr "Vytvo�en� kl��e se nepoda�ilo: %s\n"
+
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
+#, c-format
+msgid ""
+"key has been created %lu second in future (time warp or clock problem)\n"
+msgstr ""
+"kl�� byl vytvo�en %lu sekund v budoucnosti (do�lo ke zm�n� �asu nebo\n"
+"je probl�m se syst�mov�m �asem)\n"
+
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
+#, c-format
+msgid ""
+"key has been created %lu seconds in future (time warp or clock problem)\n"
+msgstr ""
+"kl�� byl vytvo�en %lu sekund v budoucnosti (do�lo ke zm�n� �asu nebo\n"
+"je probl�m se syst�mov�m �asem)\n"
+
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "POZN�MKA: vytvo�en� podkl��e pro kl��e v3 nen� v souladu s OpenPGP\n"
+
+#: g10/keygen.c:2107
+msgid "Really create? "
+msgstr "Opravdu vytvo�it? "
+
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output pro tento p��kaz nen� platn�\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' je ji� zakomprimov�n\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
+#, c-format
+msgid "%s: can't open: %s\n"
+msgstr "%s: nemohu otev��t: %s\n"
+
+#: g10/encode.c:122 g10/sign.c:959
+#, c-format
+msgid "error creating passphrase: %s\n"
+msgstr "chyba p�i vytv��en� hesla: %s\n"
+
+#: g10/encode.c:185 g10/encode.c:383
+#, c-format
+msgid "%s: WARNING: empty file\n"
+msgstr "%s: VAROV�N�: soubor je pr�zdn�\n"
+
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"v m�du --pgp2 m��ete �ifrovat pouze RSA kl��em o d�lce 2048 bit� a m�n�\n"
+
+#: g10/encode.c:313
+#, c-format
+msgid "reading from `%s'\n"
+msgstr "�tu z `%s'\n"
+
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr "algoritmus IDEA nelze pou��t pro v�echny kl��e, pro kter� �ifrujete.\n"
+
+#: g10/encode.c:563
+#, c-format
+msgid "%s/%s encrypted for: %s\n"
+msgstr "%s/%s za�ifrovan� pro: %s\n"
+
+#: g10/delkey.c:69 g10/export.c:141
+#, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "kl�� `%s' nenalezen: %s\n"
+
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "chyba p�i �ten� bloku kl��e: %s\n"
+
+#: g10/export.c:169
+#, c-format
+msgid "key %08lX: not a rfc2440 key - skipped\n"
+msgstr "kl�� %08lX: nen� ve form�tu RFC 2440 - p�esko�eno\n"
+
+#: g10/export.c:180
+#, c-format
+msgid "key %08lX: not protected - skipped\n"
+msgstr "kl�� %08lX: nen� chr�n�n� - p�esko�eno\n"
+
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "kl�� %08lX: PGP 2.x kl�� - p�esko�eno\n"
+
+#: g10/export.c:255
+msgid "WARNING: nothing exported\n"
+msgstr "VAROV�N�: nebylo nic vyexportov�no\n"
+
+#: g10/getkey.c:151
+msgid "too many entries in pk cache - disabled\n"
+msgstr "p��li� mnoho polo�ek v bufferu ve�ej�ch kl��� - vypnuto\n"
+
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[User ID not found]"
+
+# c-format
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+"Neplatn� kl�� %08lX zm�n�n na platn� pomoc� --always-non-selfsigned-uid\n"
+
+#: g10/getkey.c:1989
+#, c-format
+msgid "using secondary key %08lX instead of primary key %08lX\n"
+msgstr "pou��v�m sekund�rn� kl�� %08lX m�sto prim�rn�ho kl��e %08lX\n"
+
+#: g10/getkey.c:2036
+#, c-format
+msgid "key %08lX: secret key without public key - skipped\n"
+msgstr "kl�� %08lX: tajn� kl�� bez kl��e ve�ejn�ho - p�esko�eno\n"
+
+#: g10/import.c:206
+#, c-format
+msgid "skipping block of type %d\n"
+msgstr "blok typu %d byl p�esko�en\n"
+
+#: g10/import.c:213
+#, c-format
+msgid "%lu keys so far processed\n"
+msgstr "%lu kl��e byly doposud zpracov�ny\n"
+
+#: g10/import.c:218
+#, c-format
+msgid "error reading `%s': %s\n"
+msgstr "chyba p�i �ten� `%s': %s\n"
+
+#: g10/import.c:230
+#, c-format
+msgid "Total number processed: %lu\n"
+msgstr "Celkov� po�et zpracovan�ch kl���: %lu\n"
+
+#: g10/import.c:232
+#, c-format
+msgid "      skipped new keys: %lu\n"
+msgstr "      p�esko�eny nov� kl��e: %lu\n"
+
+#: g10/import.c:235
+#, c-format
+msgid "          w/o user IDs: %lu\n"
+msgstr "          bez identifik�tor� (user ID): %lu\n"
+
+#: g10/import.c:237
+#, c-format
+msgid "              imported: %lu"
+msgstr "              importov�no: %lu"
+
+#: g10/import.c:243
+#, c-format
+msgid "             unchanged: %lu\n"
+msgstr "             beze zm�n: %lu\n"
+
+#: g10/import.c:245
+#, c-format
+msgid "          new user IDs: %lu\n"
+msgstr "          nov� id u�ivatel� (user ID): %lu\n"
+
+#: g10/import.c:247
+#, c-format
+msgid "           new subkeys: %lu\n"
+msgstr "           nov� podkl��e: %lu\n"
+
+#: g10/import.c:249
+#, c-format
+msgid "        new signatures: %lu\n"
+msgstr "        nov� podpisy: %lu\n"
+
+#: g10/import.c:251
+#, c-format
+msgid "   new key revocations: %lu\n"
+msgstr "   nov� revokace kl���: %lu\n"
+
+#: g10/import.c:253
+#, c-format
+msgid "      secret keys read: %lu\n"
+msgstr "      p�e�ten� tajn� kl��e: %lu\n"
+
+#: g10/import.c:255
+#, c-format
+msgid "  secret keys imported: %lu\n"
+msgstr "  importovan� tajn� kl��e: %lu\n"
+
+#: g10/import.c:257
+#, c-format
+msgid " secret keys unchanged: %lu\n"
+msgstr "tajn� kl��e nezm�n�ny: %lu\n"
+
+#: g10/import.c:438 g10/import.c:657
+#, c-format
+msgid "key %08lX: no user ID\n"
+msgstr "kl�� %08lX: chyb� identifik�tor u�ivatele\n"
+
+# c-format
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "kl�� %08lX: p�ijat id u�ivatele '%s',kter� nen� podeps�n j�m sam�m\n"
+
+#: g10/import.c:462
+#, c-format
+msgid "key %08lX: no valid user IDs\n"
+msgstr "kl�� %08lX: chyb� platn� identifik�tor u�ivatele\n"
+
+#: g10/import.c:464
+msgid "this may be caused by a missing self-signature\n"
+msgstr "m��e to b�t zp�sobeno chyb�j�c�m podpisem kl��e j�m sam�m\n"
+
+#: g10/import.c:474 g10/import.c:726
+#, c-format
+msgid "key %08lX: public key not found: %s\n"
+msgstr "kl�� %08lX: ve�ejn� kl�� nenalezen: %s\n"
+
+#: g10/import.c:479
+#, c-format
+msgid "key %08lX: new key - skipped\n"
+msgstr "kl�� %08lX: nov� kl�� - p�esko�en\n"
+
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "nenalezen zapisovateln� soubor kl��� (keyring): %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
+#, c-format
+msgid "writing to `%s'\n"
+msgstr "zapisuji do '%s'\n"
+
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
+msgstr "chyba p�i z�pisu souboru kl��� (keyring)  `%s': %s\n"
+
+#: g10/import.c:505
+#, c-format
+msgid "key %08lX: public key imported\n"
+msgstr "kl�� %08lX: ve�ejn� kl�� importov�n\n"
+
+#: g10/import.c:524
+#, c-format
+msgid "key %08lX: doesn't match our copy\n"
+msgstr "kl�� %08lX: neodpov�d� na�� kopii\n"
+
+#: g10/import.c:542 g10/import.c:743
+#, c-format
+msgid "key %08lX: can't locate original keyblock: %s\n"
+msgstr "kl�� %08lX: nemohu naj�t origin�ln� blok kl��e: %s\n"
+
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "kl�� %08lX: nemohu ��st origin�ln� blok kl��e: %s\n"
+
+#: g10/import.c:579
+#, c-format
+msgid "key %08lX: 1 new user ID\n"
+msgstr "kl�� %08lX: 1 nov� identifik�tor u�ivatele\n"
+
+#: g10/import.c:582
+#, c-format
+msgid "key %08lX: %d new user IDs\n"
+msgstr "kl�� %08lX: %d nov�ch identifik�tor� u�ivatele\n"
+
+#: g10/import.c:585
+#, c-format
+msgid "key %08lX: 1 new signature\n"
+msgstr "kl�� %08lX: 1 nov� podpis\n"
+
+#: g10/import.c:588
+#, c-format
+msgid "key %08lX: %d new signatures\n"
+msgstr "kl�� %08lX: %d nov�ch podpis�\n"
+
+#: g10/import.c:591
+#, c-format
+msgid "key %08lX: 1 new subkey\n"
+msgstr "kl�� %08lX: 1 nov� podkl��\n"
+
+#: g10/import.c:594
+#, c-format
+msgid "key %08lX: %d new subkeys\n"
+msgstr "kl�� %08lX: %d nov�ch podkl���\n"
+
+#: g10/import.c:604
+#, c-format
+msgid "key %08lX: not changed\n"
+msgstr "kl�� %08lX: beze zm�n\n"
+
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "nen� nastaven implicitn� soubor tajn�ch kl��� %s\n"
+
+#: g10/import.c:682
+#, c-format
+msgid "key %08lX: secret key imported\n"
+msgstr "kl�� %08lX: tajn� kl�� importov�n\n"
+
+#. we can't merge secret keys
+#: g10/import.c:686
+#, c-format
+msgid "key %08lX: already in secret keyring\n"
+msgstr "kl�� %08lX: je ji� v souboru tajn�ch kl���\n"
+
+#: g10/import.c:691
+#, c-format
+msgid "key %08lX: secret key not found: %s\n"
+msgstr "kl�� %08lX: nenalezen tajn� kl��: %s\n"
+
+#: g10/import.c:720
+#, c-format
+msgid "key %08lX: no public key - can't apply revocation certificate\n"
+msgstr ""
+"kl�� %08lX: chyb� ve�ejn� kl�� - nemohu aplikovat revoka�n� certifik�t\n"
+
+#: g10/import.c:760
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
+msgstr "kl�� %08lX: neplatn� revoka�n� certifik�t: %s - zam�tnuto\n"
+
+#: g10/import.c:791
+#, c-format
+msgid "key %08lX: revocation certificate imported\n"
+msgstr "kl�� %08lX: revoka�n� certifik�t importov�n\n"
+
+#: g10/import.c:826
+#, c-format
+msgid "key %08lX: no user ID for signature\n"
+msgstr "kl�� %08lX: neexistuje id u�ivatele pro podpis\n"
+
+#: g10/import.c:839
+#, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr ""
+"kl�� %08lX: nepodporovan� algoritmus ve�ejn�ho kl��e u u�ivatelsk�ho id \"%s"
+"\"\n"
+
+#: g10/import.c:841
+#, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr ""
+"kl�� %08lX: neplatn� podpis kl��e j�m sam�m u u�ivatelsk�ho id \"%s\"\n"
+
+#: g10/import.c:858
+#, c-format
+msgid "key %08lX: no subkey for key binding\n"
+msgstr "kl�� %08lX: neexistuje podkl�� pro v�z�n� kl���\n"
+
+#: g10/import.c:868
+#, c-format
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "kl�� %08lX: nepodporovan� algoritmus ve�ejn�ho kl��e\n"
+
+#: g10/import.c:869
+#, c-format
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "kl�� %08lX: neplatn� vazba podkl��e\n"
+
+#: g10/import.c:899
+#, c-format
+msgid "key %08lX: skipped user ID '"
+msgstr "kl�� %08lX: identifik�tor u�ivatele p�esko�en '"
+
+#: g10/import.c:922
+#, c-format
+msgid "key %08lX: skipped subkey\n"
+msgstr "kl�� %08lX: podkl�� p�esko�en\n"
+
+#. here we violate the rfc a bit by still allowing
+#. * to import non-exportable signature when we have the
+#. * the secret key used to create this signature - it
+#. * seems that this makes sense
+#: g10/import.c:945
+#, c-format
+msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
+msgstr "kl�� %08lX: podpis nen� exportovateln� (t��da %02x) - p�esko�eno\n"
+
+#: g10/import.c:954
+#, c-format
+msgid "key %08lX: revocation certificate at wrong place - skipped\n"
+msgstr "kl�� %08lX: revoka�n� certifik�t na �patn�m m�st� - p�esko�eno \n"
+
+#: g10/import.c:971
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
+msgstr "kl�� %08lX: neplatn� revoka�n� certifik�t: %s - p�esko�en\n"
+
+#: g10/import.c:1072
+#, c-format
+msgid "key %08lX: duplicated user ID detected - merged\n"
+msgstr "kl�� %08lX: objeven duplikovan� identifik�tor u�ivatele - slou�en\n"
+
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+"VAROV�N�: kl�� %08lX m��e b�t revokov�n: zkou��m z�skat revoka�n� kl�� %"
+"08lX\n"
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+"VAROV�N�: kl�� %08lX m��e b�t revokov�n: revoka�n� kl�� %08lX nenalezen.\n"
+
+#: g10/import.c:1201
+#, c-format
+msgid "key %08lX: revocation certificate added\n"
+msgstr "kl�� %08lX: p�id�n revoka�n� certifik�t\n"
+
+#: g10/import.c:1231
+#, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "kl�� %08lX: podpis kl��e j�m sam�m (direct key signature)\n"
+
+#: g10/keyedit.c:142
+msgid "[revocation]"
+msgstr "[revokace]"
+
+#: g10/keyedit.c:143
+msgid "[self-signature]"
+msgstr "[podpis kl��e j�m sam�m]"
+
+#: g10/keyedit.c:214 g10/keylist.c:139
+msgid "1 bad signature\n"
+msgstr "1 �patn� podpis\n"
+
+#: g10/keyedit.c:216 g10/keylist.c:141
+#, c-format
+msgid "%d bad signatures\n"
+msgstr "%d �patn�ch podpis�\n"
+
+#: g10/keyedit.c:218 g10/keylist.c:143
+msgid "1 signature not checked due to a missing key\n"
+msgstr "1 podpis neov��en, proto�e chyb� kl��\n"
+
+#: g10/keyedit.c:220 g10/keylist.c:145
+#, c-format
+msgid "%d signatures not checked due to missing keys\n"
+msgstr "%d podpis� neov��en�ch, proto�e chyb� kl��\n"
+
+#: g10/keyedit.c:222 g10/keylist.c:147
+msgid "1 signature not checked due to an error\n"
+msgstr "1 podpis neov��en, proto�e vznikla chyba\n"
+
+#: g10/keyedit.c:224 g10/keylist.c:149
+#, c-format
+msgid "%d signatures not checked due to errors\n"
+msgstr "%d podpis� neov��en�ch, proto�e vznikly chyby\n"
+
+#: g10/keyedit.c:226
+msgid "1 user ID without valid self-signature detected\n"
+msgstr "objeven 1 identifik�tor u�ivatele bez platn�ho podpisu j�m sam�m\n"
+
+#: g10/keyedit.c:228
+#, c-format
+msgid "%d user IDs without valid self-signatures detected\n"
+msgstr "objeveno %d identifik�tor� u�ivatele bez platn�ho podpisu j�m sam�m\n"
+
+#: g10/keyedit.c:335
+#, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "U�ivatelsk� ID \"%s\" je revokov�no."
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Jste si jist�(�), �e st�le chcete podpsat tento kl��? (a/N) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr "  Nelze podepsat.\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"Va� sou�asn� podpis na \"%s\"\n"
+"je pouze lok�ln�.\n"
+"\n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr "P�ejete si jej zm�nit na pln� exportovateln� podpise? (a/N) "
+
+#: g10/keyedit.c:388
+#, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" je ji� lok�ln� podeps�n kl��em %08lX\n"
+
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" je ji� podeps�n kl��em %08lX\n"
+
+#: g10/keyedit.c:405
+#, c-format
+msgid "Nothing to sign with key %08lX\n"
+msgstr "Nic k podeps�n� kl��em %08lX\n"
+
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "Platnost kl��e vypr�ela!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Platnost kl��e vypr�� %s.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "Chcete, aby platnost Va�eho podpisu vypr�ela ve stejnou dobu? (A/n) "
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+"Nem��ete ud�lat OpenPGP podpis kl��e typu PGP 2.x, kdy� jste v --pgp2 m�du.\n"
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "To by zp�sobilo nepou�itelnost kl��e v PGP 2.x.\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"S jakou jistotou jste prov��ili, �e kl��, kter� chcete podepsat\n"
+"pat�� v��e uveden� osob�.\n"
+"Pokud nezn�te odpov��, zadejte \"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Neodpov�m.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) Nijak jsem to nekontroloval(a).%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) ��se�n� jsem to ov��il(a).%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) Velmi pe�liv� jsem to ov��il(a).%s\n"
+
+#: g10/keyedit.c:535
+msgid ""
+"Are you really sure that you want to sign this key\n"
+"with your key: \""
+msgstr ""
+"Jste si jist�(�), �e chcete podepsat tento kl��\n"
+"sv�m kl��em: \""
+
+#: g10/keyedit.c:544
+msgid ""
+"\n"
+"The signature will be marked as non-exportable.\n"
+msgstr ""
+"\n"
+"Podpis bude ozna�en jako neexportovateln�.\n"
+"\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"Podpis bude ozna�en jako neodvolateln� (non-revocable).\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"Nijak jsem tento kl�� neov��il.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"��ste�n� jsem ov��il tento kl��.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+"\n"
+"Velmi pe�liv� jsem ov��il tento kl��.\n"
+
+#: g10/keyedit.c:569
+msgid "Really sign? "
+msgstr "Skute�n� podepsat? "
+
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
+#, c-format
+msgid "signing failed: %s\n"
+msgstr "podeps�n� selhalo: %s\n"
+
+#: g10/keyedit.c:658
+msgid "This key is not protected.\n"
+msgstr "Tento kl�� nen� chr�n�n�.\n"
+
+#: g10/keyedit.c:662
+msgid "Secret parts of primary key are not available.\n"
+msgstr "Tajn� ��sti prim�rn�ho kl��e nejsou dostupn�.\n"
+
+#: g10/keyedit.c:666
+msgid "Key is protected.\n"
+msgstr "Kl�� je chr�n�n�.\n"
+
+#: g10/keyedit.c:686
+#, c-format
+msgid "Can't edit this key: %s\n"
+msgstr "Nen� mo�n� editovat tento kl��: %s\n"
+
+#: g10/keyedit.c:692
+msgid ""
+"Enter the new passphrase for this secret key.\n"
+"\n"
+msgstr ""
+"Vlo�te nov� heslo (passphrase) pro tento tajn� kl��.\n"
+"\n"
+
+#: g10/keyedit.c:706
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"\n"
+msgstr ""
+"Nechcete heslo - to *nen�* dobr� n�pad!\n"
+"\n"
+
+#: g10/keyedit.c:709
+msgid "Do you really want to do this? "
+msgstr "Opravdu to chcete ud�lat? "
+
+#: g10/keyedit.c:773
+msgid "moving a key signature to the correct place\n"
+msgstr "p�esunuji podpis kl��e na spr�vn� m�sto\n"
+
+#: g10/keyedit.c:815
+msgid "quit this menu"
+msgstr "ukon�it toto menu"
+
+#: g10/keyedit.c:816
+msgid "q"
+msgstr "u"
+
+#: g10/keyedit.c:817
+msgid "save"
+msgstr "ulo�it"
+
+#: g10/keyedit.c:817
+msgid "save and quit"
+msgstr "ulo�it a ukon�it"
+
+#: g10/keyedit.c:818
+msgid "help"
+msgstr "help"
+
+#: g10/keyedit.c:818
+msgid "show this help"
+msgstr "uk�zat tuto pomoc"
+
+#: g10/keyedit.c:820
+msgid "fpr"
+msgstr "fpr"
+
+#: g10/keyedit.c:820
+msgid "show fingerprint"
+msgstr "vypsat fingerprint"
+
+#: g10/keyedit.c:821
+msgid "list"
+msgstr "list"
+
+#: g10/keyedit.c:821
+msgid "list key and user IDs"
+msgstr "vypsat seznam kl��� a id u�ivatel�"
+
+#: g10/keyedit.c:822
+msgid "l"
+msgstr "l"
+
+#: g10/keyedit.c:823
+msgid "uid"
+msgstr "uid"
+
+#: g10/keyedit.c:823
+msgid "select user ID N"
+msgstr "vyberte identifik�tor u�ivatele N"
+
+#: g10/keyedit.c:824
+msgid "key"
+msgstr "key"
+
+#: g10/keyedit.c:824
+msgid "select secondary key N"
+msgstr "vyberte sekund�rn� kl�� N"
+
+#: g10/keyedit.c:825
+msgid "check"
+msgstr "check"
+
+#: g10/keyedit.c:825
+msgid "list signatures"
+msgstr "vypsat seznam podpis�"
+
+#: g10/keyedit.c:826
+msgid "c"
+msgstr "c"
+
+#: g10/keyedit.c:827
+msgid "sign"
+msgstr "sign"
+
+#: g10/keyedit.c:827
+msgid "sign the key"
+msgstr "podepsat kl��"
+
+#: g10/keyedit.c:828
+msgid "s"
+msgstr "s"
+
+#: g10/keyedit.c:829
+msgid "lsign"
+msgstr "lsign"
+
+#: g10/keyedit.c:829
+msgid "sign the key locally"
+msgstr "podepsat kl�� lok�ln�"
+
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsign"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "podepsat kl�� bez mo�nosti odvolat podpis (non-revocably)"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsign"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "podepsat kl�� lok�ln� a  bez mo�nosti odvolat podpis (non-revocably)"
+
+#: g10/keyedit.c:832
+msgid "debug"
+msgstr "debug"
+
+#: g10/keyedit.c:833
+msgid "adduid"
+msgstr "adduid"
+
+#: g10/keyedit.c:833
+msgid "add a user ID"
+msgstr "p�idat identifik�tor u�ivatele"
+
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "addphoto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "p�idat fotografick� ID"
+
+#: g10/keyedit.c:835
+msgid "deluid"
+msgstr "deluid"
+
+#: g10/keyedit.c:835
+msgid "delete user ID"
+msgstr "smazat identifik�tor u�ivatele"
+
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "delphoto"
+
+#: g10/keyedit.c:838
+msgid "addkey"
+msgstr "addkey"
+
+#: g10/keyedit.c:838
+msgid "add a secondary key"
+msgstr "p�idat sekund�rn� kl��"
+
+#: g10/keyedit.c:839
+msgid "delkey"
+msgstr "delkey"
+
+#: g10/keyedit.c:839
+msgid "delete a secondary key"
+msgstr "smazat sekund�rn� kl��"
+
+#: g10/keyedit.c:840
+msgid "delsig"
+msgstr "delsig"
+
+#: g10/keyedit.c:840
+msgid "delete signatures"
+msgstr "smazat podpisy"
+
+#: g10/keyedit.c:841
+msgid "expire"
+msgstr "expire"
+
+#: g10/keyedit.c:841
+msgid "change the expire date"
+msgstr "zm�nit dobu platnosti"
+
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "primary"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "ozna�it u�ivatelsk� ID jako prim�rn�"
+
+#: g10/keyedit.c:843
+msgid "toggle"
+msgstr "toggle"
+
+#: g10/keyedit.c:843
+msgid "toggle between secret and public key listing"
+msgstr "p�epnout mezi vyps�n�m seznamu tajn�ch a ve�ejn�ch kl���"
+
+#: g10/keyedit.c:845
+msgid "t"
+msgstr "t"
+
+#: g10/keyedit.c:846
+msgid "pref"
+msgstr "pref"
+
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "vypsat seznam p�edvoleb (pro experty)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "vypsat seznam p�edvoleb (podrobn�)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "setpref"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "nastavit seznam p�edvoleb"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "updpref"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "aktualizovat p�edvolby"
+
+#: g10/keyedit.c:850
+msgid "passwd"
+msgstr "passwd"
+
+#: g10/keyedit.c:850
+msgid "change the passphrase"
+msgstr "zm�nit heslo"
+
+#: g10/keyedit.c:851
+msgid "trust"
+msgstr "trust"
+
+#: g10/keyedit.c:851
+msgid "change the ownertrust"
+msgstr "zm�nit d�v�ryhodnost vlastn�ka kl��e"
+
+#: g10/keyedit.c:852
+msgid "revsig"
+msgstr "revsig"
+
+#: g10/keyedit.c:852
+msgid "revoke signatures"
+msgstr "revokovat podpisy"
+
+#: g10/keyedit.c:853
+msgid "revkey"
+msgstr "revkey"
+
+#: g10/keyedit.c:853
+msgid "revoke a secondary key"
+msgstr "revokovat sekund�rn� kl��"
+
+#: g10/keyedit.c:854
+msgid "disable"
+msgstr "disable"
+
+#: g10/keyedit.c:854
+msgid "disable a key"
+msgstr "nastavit kl�� jako neplatn� (disable)"
+
+#: g10/keyedit.c:855
+msgid "enable"
+msgstr "enable"
+
+#: g10/keyedit.c:855
+msgid "enable a key"
+msgstr "nastavit kl�� jako platn� (enable)"
+
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "showphoto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "uk�zat fotografick� ID"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
+msgid "can't do that in batchmode\n"
+msgstr "nelze prov�st v d�vkov�m m�du\n"
+
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "chyba p�i �ten� bloku tajn�ho kl��e `%s': %s\n"
+
+#: g10/keyedit.c:931
+msgid "Secret key is available.\n"
+msgstr "Tajn� kl�� je dostupn�.\n"
+
+#: g10/keyedit.c:962
+msgid "Command> "
+msgstr "P��kaz> "
+
+#: g10/keyedit.c:994
+msgid "Need the secret key to do this.\n"
+msgstr "Pro proveden� t�to operace je pot�eba tajn� kl��.\n"
+
+#: g10/keyedit.c:998
+msgid "Please use the command \"toggle\" first.\n"
+msgstr "Pros�m, nejd��ve pou�ijte p��kaz \"toggle\" (p�epnout).\n"
+
+#: g10/keyedit.c:1047
+msgid "Key is revoked."
+msgstr "Kl�� revokov�n."
+
+#: g10/keyedit.c:1066
+msgid "Really sign all user IDs? "
+msgstr "Opravdu podepsat v�echny id u�ivatele? "
+
+#: g10/keyedit.c:1067
+msgid "Hint: Select the user IDs to sign\n"
+msgstr "N�pov�da: Vyberte id u�ivatele k podeps�n�\n"
+
+#: g10/keyedit.c:1092
+#, c-format
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "Tento p��kaz nen� v m�d� %s dovolen�.\n"
+
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
+msgid "You must select at least one user ID.\n"
+msgstr "Mus�te vybrat alespo� jeden id u�ivatele.\n"
+
+#: g10/keyedit.c:1114
+msgid "You can't delete the last user ID!\n"
+msgstr "Nem��ete smazat posledn� id u�ivatele!\n"
+
+#: g10/keyedit.c:1117
+msgid "Really remove all selected user IDs? "
+msgstr "Opravdu odstranit v�echny vybran� id u�ivatele? "
+
+#: g10/keyedit.c:1118
+msgid "Really remove this user ID? "
+msgstr "Opravdu odstranit tento id u�ivatele? "
+
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
+msgid "You must select at least one key.\n"
+msgstr "Mus�te vybrat alespo� jeden kl��.\n"
+
+#: g10/keyedit.c:1160
+msgid "Do you really want to delete the selected keys? "
+msgstr "Opravdu chcete smazat vybran� kl��e? "
+
+#: g10/keyedit.c:1161
+msgid "Do you really want to delete this key? "
+msgstr "Opravdu chcete smazat tento kl��? "
+
+#: g10/keyedit.c:1182
+msgid "Do you really want to revoke the selected keys? "
+msgstr "Opravdu chcete revokovat vybran� kl��e? "
+
+#: g10/keyedit.c:1183
+msgid "Do you really want to revoke this key? "
+msgstr "Opravdu chcete revokovat tento kl��? "
+
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "Opravdu aktualizovat p�edvoleby pro vybran� id u�ivatele? "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Opravdu aktualizovat p�edvolby? "
+
+#: g10/keyedit.c:1292
+msgid "Save changes? "
+msgstr "Ulo�it zm�ny? "
+
+#: g10/keyedit.c:1295
+msgid "Quit without saving? "
+msgstr "Ukon�it bez ulo�en�? "
+
+#: g10/keyedit.c:1306
+#, c-format
+msgid "update failed: %s\n"
+msgstr "aktualizace selhala: %s\n"
+
+#: g10/keyedit.c:1313
+#, c-format
+msgid "update secret failed: %s\n"
+msgstr "aktualizace tajn�ho kl��e selhala: %s\n"
+
+#: g10/keyedit.c:1320
+msgid "Key not changed so no update needed.\n"
+msgstr "Kl�� nebyl zm�n�n, tak�e nen� pot�eba jej aktualizovat.\n"
+
+#: g10/keyedit.c:1332
+msgid "Invalid command  (try \"help\")\n"
+msgstr "Neplatn� p��kaz (zkuste \"help\")\n"
+
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "Tento kl�� m��e b�t revokov�n %s kl��em %s%s\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr "(citliv� informace)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
+#, c-format
+msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
+msgstr "%s%c %4u%c/%08lX  vytvo�en: %s platnost skon��: %s"
+
+#: g10/keyedit.c:1506
+#, c-format
+msgid " trust: %c/%c"
+msgstr "d�v�ra: %c/%c"
+
+#: g10/keyedit.c:1510
+msgid "This key has been disabled"
+msgstr "Tento kl�� byl ozna�en za neplatn� (disabled)"
+
+#: g10/keyedit.c:1539
+#, c-format
+msgid "rev! subkey has been revoked: %s\n"
+msgstr "rev! podkl�� byl revokov�n: %s\n"
+
+#: g10/keyedit.c:1542
+msgid "rev- faked revocation found\n"
+msgstr "rev- nalezena pad�lan� revokace\n"
+
+#: g10/keyedit.c:1544
+#, c-format
+msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? probl�m ov��en� revokace: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+"Pros�m nezapome�te, �e zobrazovan� �daje o platnosti kl��� nemus�\n"
+"b�t spr�vn�, dokud znova nespust�te program.\n"
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"VAROV�N�: Tento kl�� ji� obsahuje fotografick� ID.\n"
+"         P�id�n� dal�� fotografie m��e zm�st n�kter� verze PGP.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Jste si jist�, �e jej chcete st�le p�idat? (a/N) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "M�li byste m�t jen jeden fotografick� ID na kl��i.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"VAROV�N�: Toto je PGP2 kl��. P�id�n� fotografick�ho ID m��e v n�kter�ch\n"
+"         verz�ch PGP v�st k odm�tnut� tohoto kl��e.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "Nem�li by jste p�id�vat fotografick� ID k PGP2 kl��i.\n"
+
+#: g10/keyedit.c:1832
+msgid "Delete this good signature? (y/N/q)"
+msgstr "Smazat tento dobr� podpis? (a/N/u)"
+
+#: g10/keyedit.c:1842
+msgid "Delete this invalid signature? (y/N/q)"
+msgstr "Smazat tento neplatn� podpis? (a/N/u)"
+
+#: g10/keyedit.c:1846
+msgid "Delete this unknown signature? (y/N/q)"
+msgstr "Smazat tento nezn�m� podpis? (a/N/u)"
+
+#: g10/keyedit.c:1852
+msgid "Really delete this self-signature? (y/N)"
+msgstr "Opravdu smazat tento podpis podepsan� sebou sam�m? (a/N)"
+
+#: g10/keyedit.c:1866
+#, c-format
+msgid "Deleted %d signature.\n"
+msgstr "Smaz�n %d podpis.\n"
+
+#: g10/keyedit.c:1867
+#, c-format
+msgid "Deleted %d signatures.\n"
+msgstr "Smaz�no %d podpis�.\n"
+
+#: g10/keyedit.c:1870
+msgid "Nothing deleted.\n"
+msgstr "Nic nebylo smazn�no.\n"
+
+#: g10/keyedit.c:1943
+msgid "Please remove selections from the secret keys.\n"
+msgstr "Pros�m, odstra�te v�b�r z tajn�ch kl���.\n"
+
+#: g10/keyedit.c:1949
+msgid "Please select at most one secondary key.\n"
+msgstr "Pros�m, vyberte nejv��e jeden sekund�rn� kl��.\n"
+
+#: g10/keyedit.c:1953
+msgid "Changing expiration time for a secondary key.\n"
+msgstr "M�n�m dobu platnosti sekund�rn�ho kl��e.\n"
+
+#: g10/keyedit.c:1955
+msgid "Changing expiration time for the primary key.\n"
+msgstr "M�n�m dobu platnosti prim�rn�ho kl��e.\n"
+
+#: g10/keyedit.c:1997
+msgid "You can't change the expiration date of a v3 key\n"
+msgstr "Nem��ete zm�nit dobu platnosti kl��e verze 3\n"
+
+#: g10/keyedit.c:2013
+msgid "No corresponding signature in secret ring\n"
+msgstr "V souboru tajn�ch kl��� chyb� odpov�daj�c� podpis\n"
+
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Pros�m, vyberte pr�v� jeden id u�ivatele .\n"
+
+#: g10/keyedit.c:2284
+#, c-format
+msgid "No user ID with index %d\n"
+msgstr "Neexistuje identifik�tor u�ivatele s indexem %d\n"
+
+#: g10/keyedit.c:2330
+#, c-format
+msgid "No secondary key with index %d\n"
+msgstr "Neexistuje sekund�rn� kl�� s indexem %d\n"
+
+#: g10/keyedit.c:2444
+msgid "user ID: \""
+msgstr "id u�ivatele: \""
+
+#: g10/keyedit.c:2449
+#, c-format
+msgid ""
+"\"\n"
+"signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"podeps�no Va��m kl��em %08lX v %s\n"
+
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"lok�ln� podeps�no Va��m kl��em %08lX v %s\n"
+
+#: g10/keyedit.c:2457
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Platnost podpisu vypr�� %s.\n"
+
+#: g10/keyedit.c:2461
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Jste si jist�, �e jej chcete st�le revokovat? (a/N) "
+
+#: g10/keyedit.c:2465
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "Vytvo�it pro tento podpis revoka�n� certifik�t? (a/N)"
+
+#. FIXME: detect duplicates here
+#: g10/keyedit.c:2490
+msgid "You have signed these user IDs:\n"
+msgstr "Podepsal(a) jste n�sleduj�c� identifik�tory u�ivatele:\n"
+
+#: g10/keyedit.c:2504
+#, c-format
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   podeps�no %08lX v %s%s%s\n"
+
+#: g10/keyedit.c:2512
+#, c-format
+msgid "   revoked by %08lX at %s\n"
+msgstr "   revokov�no %08lX v %s\n"
+
+#: g10/keyedit.c:2532
+msgid "You are about to revoke these signatures:\n"
+msgstr "Chyst�te se revokovat tyto podpisy:\n"
+
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   podeps�no %08lX v %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr " (nexeportovateln�)"
+
+#: g10/keyedit.c:2551
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "Opravdu vytvo�it revoka�n� certifik�ty? (a/N) "
+
+#: g10/keyedit.c:2581
+msgid "no secret key\n"
+msgstr "neexistuje tajn� kl��\n"
+
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+"Zobrazuji %s fotografick� ID o velikosti %ld pro kl�� 0x%08lX (uid %d)\n"
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Podepisovac� politika: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "VAROV�N�: nalezen neplatn� form�t z�pisu datumu\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Podepisovac� notace: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "nen� v p��mo �iteln�m form�tu"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "soubor kl��� (keyring)"
+
+#. of subkey
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
+msgid " [expires: %s]"
+msgstr " [platnost skon��: %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Miniatura (fingerprint):"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "             Fingerprint:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "   Fingerprint kl��e ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s za�ifrovan� data\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "za�ifrov�no nezn�m�m algoritmem %d\n"
+
+#: g10/mainproc.c:280
+#, c-format
+msgid "public key is %08lX\n"
+msgstr "ve�ejn� kl�� je %08lX\n"
+
+#: g10/mainproc.c:326
+msgid "public key encrypted data: good DEK\n"
+msgstr "data za�ifrov�na ve�ejn�m kl��em: spr�vn� DEK\n"
+
+#: g10/mainproc.c:378
+#, c-format
+msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
+msgstr "za�ifrov�na %u-bitov�m %s kl��em, ID %08lX, vytvo�en�m %s\n"
+
+# Scripte scannen lt. dl1bke auf "ID (0-9A-F)+" deswegen mu� "ID" rein :-(
+# [kw]
+#: g10/mainproc.c:388
+#, c-format
+msgid "encrypted with %s key, ID %08lX\n"
+msgstr "za�ifrov�no %s kl��em, ID %08lX\n"
+
+#: g10/mainproc.c:402
+#, c-format
+msgid "public key decryption failed: %s\n"
+msgstr "de�ifrov�n� ve�en�m kl��em selhalo: %s\n"
+
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "p�edpokl�d�m %s �ifrovan�ch dat\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+"algoritmus IDEA nen� dostupn�; optimisticky se jej pokus�me nahradit "
+"algoritmem %s\n"
+
+#: g10/mainproc.c:466
+msgid "decryption okay\n"
+msgstr "de�ifrov�n� o.k.\n"
+
+#: g10/mainproc.c:471
+msgid "WARNING: encrypted message has been manipulated!\n"
+msgstr "VAROV�N�: se za�ifrovanou zpr�vou bylo manipulov�no!\n"
+
+#: g10/mainproc.c:476
+#, c-format
+msgid "decryption failed: %s\n"
+msgstr "de�ifrov�n� selhalo: %s\n"
+
+#: g10/mainproc.c:495
+msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
+msgstr "POZN�MKA: odes�latel po�adoval (\"for-your-eyes-only\")\n"
+
+#: g10/mainproc.c:497
+#, c-format
+msgid "original file name='%.*s'\n"
+msgstr "p�vodn� jm�no souboru='%.*s'\n"
+
+#: g10/mainproc.c:672
+msgid "standalone revocation - use \"gpg --import\" to apply\n"
+msgstr ""
+"samostatn� revoka�n� certifik�t -  pou�ijte \"gpg --import\", chcete-li jej "
+"u��t\n"
+
+#: g10/mainproc.c:733
+msgid "Notation: "
+msgstr "Notace: "
+
+#: g10/mainproc.c:745
+msgid "Policy: "
+msgstr "Politika: "
+
+#: g10/mainproc.c:1198
+msgid "signature verification suppressed\n"
+msgstr "verifikace podpisu potla�ena\n"
+
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "neum�m pracovat s t�mito n�sobn�mi podpisy\n"
+
+# Scripte scannen lt. dl1bke auf "ID (0-9A-F)+" deswegen mu� "ID" rein :-(
+#: g10/mainproc.c:1261
+#, c-format
+msgid "Signature made %.*s using %s key ID %08lX\n"
+msgstr ""
+"Podpis vytvo�en %.*s pomoc� %s kl��e s identifik�torem u�ivatele %08lX\n"
+
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
+msgid "BAD signature from \""
+msgstr "�PATN� podpis od \""
+
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Podpis s vypr�enou platnost� od \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
+msgid "Good signature from \""
+msgstr "Dobr� podpis od \""
+
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[nejist�]  "
+
+#: g10/mainproc.c:1351
+msgid "                aka \""
+msgstr "                alias \""
+
+#: g10/mainproc.c:1412
+#, c-format
+msgid "Can't check signature: %s\n"
+msgstr "Nemohu ov��it podpis: %s\n"
+
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "toto nen� podpis odd�len� od dokumentu\n"
+
+#: g10/mainproc.c:1508
+#, c-format
+msgid "standalone signature of class 0x%02x\n"
+msgstr "samostatn� podpis t��dy 0x%02x\n"
+
+#: g10/mainproc.c:1565
+msgid "old style (PGP 2.x) signature\n"
+msgstr "podpis star�ho typu (PGP 2.x)\n"
+
+#: g10/mainproc.c:1572
+msgid "invalid root packet detected in proc_tree()\n"
+msgstr "nalezen neplatn� ko�enov� paket v proc_tree()\n"
+
+#: g10/misc.c:101
+#, c-format
+msgid "can't disable core dumps: %s\n"
+msgstr "nemohu vypnout vytv��en� core soubor�: %s\n"
+
+#: g10/misc.c:211
+msgid "Experimental algorithms should not be used!\n"
+msgstr "Experiment�ln� algoritmy by se nem�ly pou��vat!\n"
+
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+"tento �ifrovac� algoritmus se nedoporu�uje; pros�m, pou�ijte n�jak� "
+"standardn�j��!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "VAROV�N�: vlastnictv� pro %s nastaveno nebezpe�n� \"%s\"\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "VAROV�N�: p��stupov� pr�va pro %s nejsou nastavena bezpe�n� \"%s\"\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "IDEA modul pro GnuPG nenalezen\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+"v�ce informac� naleznete v dokumentu http://www.gnupg.cz/why-not-idea.html\n"
+
+#: g10/parse-packet.c:119
+#, c-format
+msgid "can't handle public key algorithm %d\n"
+msgstr "nemohu pracovat s algoritmem ve�ejn�ho kl��e %d\n"
+
+#: g10/parse-packet.c:1053
+#, c-format
+msgid "subpacket of type %d has critical bit set\n"
+msgstr "podpaket typu %d m� nastaven� kritick� bit\n"
+
+#: g10/passphrase.c:442 g10/passphrase.c:489
+msgid "gpg-agent is not available in this session\n"
+msgstr "gpg-agent nen� v tomto sezen� dostupn�\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "nemohu nastavit PID clienta pro gpg-agenta\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "nelze z�skat server read file descriptor pro agenta r\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "nezle z�skat server write file descriptor pro agenta\n"
+
+#: g10/passphrase.c:498
+msgid "malformed GPG_AGENT_INFO environment variable\n"
+msgstr "�patn� form�t prom�nn� prost�ed� GPG_AGENT_INFO\n"
+
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "gpg-agent protokol verze %d nen� podporov�n\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
+msgid "can't connect to `%s': %s\n"
+msgstr "nemohu se p�ipojit k `%s': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "probl�m v komunikaci s gpg-agentem\n"
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "probl�m s agentem - pou��v�n� agenta vypnuto\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
+#, c-format
+msgid " (main key ID %08lX)"
+msgstr " (hlavn� ID kl��e %08lX)"
+
+#: g10/passphrase.c:641
+#, c-format
+msgid ""
+"You need a passphrase to unlock the secret key for user:\n"
+"\"%.*s\"\n"
+"%u-bit %s key, ID %08lX, created %s%s\n"
+msgstr ""
+"Pot�ebujete heslo, abyste odemknul(a) tajn� kl�� pro u�ivatele:\n"
+"\"%.*s\"\n"
+"Kl�� o d�lce %u bit�, typ %s, ID %08lX, vytvo�en� %s%s\n"
+
+#: g10/passphrase.c:662
+msgid "Enter passphrase\n"
+msgstr "Vlo�it heslo\n"
+
+#: g10/passphrase.c:664
+msgid "Repeat passphrase\n"
+msgstr "Opakovat heslo\n"
+
+#: g10/passphrase.c:705
+msgid "passphrase too long\n"
+msgstr "heslo je p��li� dlouh�\n"
+
+#: g10/passphrase.c:718
+msgid "invalid response from agent\n"
+msgstr "neplatn� reakce od agenta\n"
+
+#: g10/passphrase.c:727 g10/passphrase.c:808
+msgid "cancelled by user\n"
+msgstr "zru�eno u�ivatelem\n"
+
+#: g10/passphrase.c:729 g10/passphrase.c:890
+#, c-format
+msgid "problem with the agent: agent returns 0x%lx\n"
+msgstr "probl�m s agentem: agent vrac� 0x%lx\n"
+
+#: g10/passphrase.c:1003
+msgid ""
+"\n"
+"You need a passphrase to unlock the secret key for\n"
+"user: \""
+msgstr ""
+"\n"
+"Mus�te zn�t heslo, abyste odemknul(a) tajn� kl�� pro\n"
+"u�ivatele: \""
+
+#: g10/passphrase.c:1012
+#, c-format
+msgid "%u-bit %s key, ID %08lX, created %s"
+msgstr "d�lka %u bit�, typ %s, kl�� %08lX, vytvo�en� %s"
+
+#: g10/passphrase.c:1063
+msgid "can't query password in batchmode\n"
+msgstr "v d�vkov�m re�imu se nemohu pt�t na heslo\n"
+
+#: g10/passphrase.c:1067
+msgid "Enter passphrase: "
+msgstr "Vlo�te heslo: "
+
+#: g10/passphrase.c:1071
+msgid "Repeat passphrase: "
+msgstr "Opakujte heslo: "
+
+#: g10/plaintext.c:67
+msgid "data not saved; use option \"--output\" to save it\n"
+msgstr ""
+"data nebyla ulo�ena; k jejich ulo�en� pou�ijte parametr p��kazu \"--output"
+"\"\n"
+
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "chyba p�i vytv��en� `%s': %s\n"
+
+#: g10/plaintext.c:337
+msgid "Detached signature.\n"
+msgstr "Podpis odd�len� od dokumentu.\n"
+
+#: g10/plaintext.c:341
+msgid "Please enter name of data file: "
+msgstr "Pros�m, vlo�te n�zev datov�ho souboru: "
+
+#: g10/plaintext.c:362
+msgid "reading stdin ...\n"
+msgstr "�tu standardn� vstup ...\n"
+
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "chyb� podepsan� data\n"
+
+#: g10/plaintext.c:404
+#, c-format
+msgid "can't open signed data `%s'\n"
+msgstr "nemohu otev��t podepsan� data '%s'\n"
+
+#: g10/pubkey-enc.c:100
+#, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
+msgstr "anonymn� adres�t; zkou��m tajn� kl�� %08lX ...\n"
+
+#: g10/pubkey-enc.c:106
+msgid "okay, we are the anonymous recipient.\n"
+msgstr "o.k., my jsme anonymn� adres�t.\n"
+
+#: g10/pubkey-enc.c:158
+msgid "old encoding of the DEK is not supported\n"
+msgstr "star� k�dov�n� DEK nen� podporov�no\n"
+
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "�ifrovac� algoritmus %d%s je nezn�m� nebo je zneplatn�n\n"
+
+#: g10/pubkey-enc.c:220
+#, c-format
+msgid "NOTE: cipher algorithm %d not found in preferences\n"
+msgstr "POZN�MKA: v p�edvolb�ch nenalezen �ifrovac� algoritmus %d\n"
+
+#: g10/pubkey-enc.c:242
+#, c-format
+msgid "NOTE: secret key %08lX expired at %s\n"
+msgstr "POZN�MKA: platnost tajn�ho kl��e %08lX skon�ila %s\n"
+
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
+#, c-format
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "po�aduji kl�� %08lX z HKP serveru kl��� %s\n"
+
+#: g10/hkp.c:94
+#, c-format
+msgid "can't get key from keyserver: %s\n"
+msgstr "nemohu dostat kl�� ze serveru kl���: %s\n"
+
+#: g10/hkp.c:171
+#, c-format
+msgid "error sending to `%s': %s\n"
+msgstr "chyba p�i pos�l�n� na `%s': %s\n"
+
+#: g10/hkp.c:186
+#, c-format
+msgid "success sending to `%s' (status=%u)\n"
+msgstr "�sp�n� odesl�n� na `%s' (status=%u)\n"
+
+#: g10/hkp.c:189
+#, c-format
+msgid "failed sending to `%s': status=%u\n"
+msgstr "chyba odesl�n� na `%s': (status=%u)\n"
+
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "vyhled�v�m \"%s\" na HKP serveru %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "nemohu prohled�vat server kl���: %s\n"
+
+#: g10/seckey-cert.c:53
+msgid "secret key parts are not available\n"
+msgstr "tajn� ��sti kl��e nejsou dostupn�\n"
+
+#: g10/seckey-cert.c:59
+#, c-format
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "ochrann� algoritmus %d%s nen� podporov�n\n"
+
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Neplatn� heslo; pros�m, zkuste to znovu"
+
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
+
+#: g10/seckey-cert.c:273
+msgid "WARNING: Weak key detected - please change passphrase again.\n"
+msgstr "VAROV�N�: Objeven slab� kl�� - zm��te, pros�m, znovu heslo.\n"
+
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+"generuji _nevhodn�_ 16-ti bitov� kontroln� sou�et pro ochranu soukrom�ho "
+"kl��e\n"
+
+#: g10/sig-check.c:205
+msgid ""
+"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
+msgstr ""
+"toto je kl�� algoritmu ElGamal vygenerovan� v PGP - podpisy j�m vytvo�en� "
+"NEJSOU bezpe�n�!\n"
+
+#: g10/sig-check.c:213
+#, c-format
+msgid "public key is %lu second newer than the signature\n"
+msgstr "ve�ejn� kl�� je o %lu sekund nov�j�� ne� podpis\n"
+
+#: g10/sig-check.c:214
+#, c-format
+msgid "public key is %lu seconds newer than the signature\n"
+msgstr "ve�ejn� kl�� je o %lu sekund nov�j�� ne� podpis\n"
+
+#: g10/sig-check.c:237
+#, c-format
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "POZN�MKA: podpisov�mu kl��i %08lX skon�ila platnost %s\n"
+
+#: g10/sig-check.c:318
+msgid "assuming bad signature due to an unknown critical bit\n"
+msgstr "p�edpokl�d�m �patn� podpis, proto�e je nastaven nezn�m� kritick� bit\n"
+
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"VAROV�N�: nemohu %%-expandovat URL politiky (p��li� dlouh�). Pou�ity "
+"neexpandovan�.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "kontrola vytvo�en�ho podpisu se nepoda�ila: %s\n"
+
+#: g10/sign.c:283
+#, c-format
+msgid "%s signature from: %s\n"
+msgstr "%s podpis od: %s\n"
+
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "VAROV�N�: soubor `%s' je pr�zdn�\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "v m�du --pgp2 m��ete pouze podepisovat s kl��i form�tu PGP-2.x\n"
+
+#: g10/sign.c:643 g10/sign.c:812
+#, c-format
+msgid "can't create %s: %s\n"
+msgstr "%s: nemohu vytvo�it: %s\n"
+
+#: g10/sign.c:704
+msgid "signing:"
+msgstr "podepisuji:"
+
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"v m�du --pgp2 m��ete vytv��et jen �iteln� podpisy s kl��i form�tu PGP-2.x\n"
+
+#: g10/sign.c:953
+#, c-format
+msgid "%s encryption will be used\n"
+msgstr "bude pou�ito �ifrov�n� %s\n"
+
+#: g10/textfilter.c:134
+#, c-format
+msgid "can't handle text lines longer than %d characters\n"
+msgstr "nemohu pracovat s ��dky del��mi ne� %d znak�\n"
+
+#: g10/textfilter.c:231
+#, c-format
+msgid "input line longer than %d characters\n"
+msgstr "vstupn� ��dek je del�� ne� %d znak�\n"
+
+#: g10/tdbio.c:121 g10/tdbio.c:1382
+#, c-format
+msgid "trustdb rec %lu: lseek failed: %s\n"
+msgstr "z�znam v datab�zi d�v�ry %lu: lseek() se nepoda�il: %s\n"
+
+#: g10/tdbio.c:127 g10/tdbio.c:1389
+#, c-format
+msgid "trustdb rec %lu: write failed (n=%d): %s\n"
+msgstr "z�znam v datab�zi d�v�ry %lu: z�pis se nepoda�il (n=%d): %s\n"
+
+#: g10/tdbio.c:237
+msgid "trustdb transaction too large\n"
+msgstr "transakce s datab�z� d�v�ry je p��li� dlouh�\n"
+
+#: g10/tdbio.c:454
+#, c-format
+msgid "%s: can't access: %s\n"
+msgstr "%s: nemohu p�istoupit k: %s\n"
+
+#: g10/tdbio.c:468
+#, c-format
+msgid "%s: directory does not exist!\n"
+msgstr "%s: adres�� neexistuje!\n"
+
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
+#, c-format
+msgid "%s: can't create lock\n"
+msgstr "%s: nemohu vytvo�it z�mek\n"
+
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: nemohu zamknout\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: nemohu vytvo�it: %s\n"
+
+#: g10/tdbio.c:503
+#, c-format
+msgid "%s: failed to create version record: %s"
+msgstr "%s: nepoda�ilo se vytvo�it z�znam verze: %s"
+
+#: g10/tdbio.c:507
+#, c-format
+msgid "%s: invalid trustdb created\n"
+msgstr "%s: vytvo�ena neplatn� datab�ze d�v�ry\n"
+
+#: g10/tdbio.c:510
+#, c-format
+msgid "%s: trustdb created\n"
+msgstr "%s: datab�ze d�v�ry vytvo�ena\n"
+
+#: g10/tdbio.c:565
+#, c-format
+msgid "%s: invalid trustdb\n"
+msgstr "%s: neplatn� datab�ze d�v�ry\n"
+
+#: g10/tdbio.c:597
+#, c-format
+msgid "%s: failed to create hashtable: %s\n"
+msgstr "%s: nepoda�ilo se vytvo�it hashovac� tabulku: %s\n"
+
+#: g10/tdbio.c:605
+#, c-format
+msgid "%s: error updating version record: %s\n"
+msgstr "%s: chyba p�i aktualizaci z�znamu verze: %s\n"
+
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
+#, c-format
+msgid "%s: error reading version record: %s\n"
+msgstr "%s: chyba p�i �ten� z�znamu verze: %s\n"
+
+#: g10/tdbio.c:634 g10/tdbio.c:680
+#, c-format
+msgid "%s: error writing version record: %s\n"
+msgstr "%s: chyba p�i z�pisu z�znamu verze: %s\n"
+
+#: g10/tdbio.c:1119
+#, c-format
+msgid "trustdb: lseek failed: %s\n"
+msgstr "datab�ze d�v�ry: procedura lseek() selhala: %s\n"
+
+#: g10/tdbio.c:1127
+#, c-format
+msgid "trustdb: read failed (n=%d): %s\n"
+msgstr "datab�ze d�v�ry: procedura read() (n=%d) selhala: %s\n"
+
+#: g10/tdbio.c:1148
+#, c-format
+msgid "%s: not a trustdb file\n"
+msgstr "%s: nen� soubor datab�ze d�v�ry\n"
+
+#: g10/tdbio.c:1165
+#, c-format
+msgid "%s: version record with recnum %lu\n"
+msgstr "%s: z�znam verze s ��slem %lu\n"
+
+#: g10/tdbio.c:1170
+#, c-format
+msgid "%s: invalid file version %d\n"
+msgstr "%s: neplatn� verze souboru %d\n"
+
+#: g10/tdbio.c:1348
+#, c-format
+msgid "%s: error reading free record: %s\n"
+msgstr "%s: chyba pri �ten� voln�ho z�znamu: %s\n"
+
+#: g10/tdbio.c:1356
+#, c-format
+msgid "%s: error writing dir record: %s\n"
+msgstr "%s: chyba p�i z�pisu adres��ov�ho z�znamu: %s\n"
+
+#: g10/tdbio.c:1366
+#, c-format
+msgid "%s: failed to zero a record: %s\n"
+msgstr "%s: vynulov�n� z�znamu selhalo: %s\n"
+
+#: g10/tdbio.c:1396
+#, c-format
+msgid "%s: failed to append a record: %s\n"
+msgstr "%s: p�id�n� z�znamu selhalo: %s\n"
+
+#: g10/tdbio.c:1441
+msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
+msgstr "datab�ze d�v�ry je po�kozena; pros�m spus�te \"gpg --fix-trustdb\".\n"
+
+#: g10/trustdb.c:200
+#, c-format
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' nen� platn� dlouh� keyID\n"
+
+#: g10/trustdb.c:235
+#, c-format
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "kl�� %08lX: akceptov�n jako d�v�ryhodn� kl��\n"
+
+#: g10/trustdb.c:274
+#, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "kl�� %08lX se v datab�zi d�v�ry vyskytuje v�ce ne� jednou\n"
+
+#: g10/trustdb.c:290
+#, c-format
+msgid "key %08lX: no public key for trusted key - skipped\n"
+msgstr ""
+"kl�� %08lX: nenalezen ve�ejn� kl�� k d�v�ryhodn�mu kl��i - p�esko�eno\n"
+
+#: g10/trustdb.c:332
+#, c-format
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "z�znam d�v�ry %lu, typ po�. %d: �ten� selhalo: %s\n"
+
+#: g10/trustdb.c:338
+#, c-format
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "z�znam d�v�ry %lu nen� po�adovan�ho typu %d\n"
+
+#: g10/trustdb.c:353
+#, c-format
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "z�znam d�v�ry %lu, typ %d: z�pis selhal: %s\n"
+
+#: g10/trustdb.c:368
+#, c-format
+msgid "trustdb: sync failed: %s\n"
+msgstr "datab�ze d�v�ry: synchronizace selhala %s\n"
+
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "nen� nutn� kontrolovat datab�zi d�v�ry\n"
+
+#: g10/trustdb.c:474 g10/trustdb.c:1641
+#, c-format
+msgid "next trustdb check due at %s\n"
+msgstr "dal�� kontrolova datab�ze d�v�ry v %s\n"
+
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "kontroluji datab�zi d�v�ry\n"
+
+#: g10/trustdb.c:933
+#, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "ve�ejn� kl�� %08lX nebyl nalezen: %s\n"
+
+#: g10/trustdb.c:1515
+#, c-format
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "ve�ejn� kl�� k absolutn� d�v�ryhodn�mu kl��i  %08lX nebyl nalezen\n"
+
+#: g10/trustdb.c:1593
+#, c-format
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr "kontrola v hloubce %d podeps�no=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+
+#: g10/verify.c:108
+msgid ""
+"the signature could not be verified.\n"
+"Please remember that the signature file (.sig or .asc)\n"
+"should be the first file given on the command line.\n"
+msgstr ""
+"podpis nebylo mo�n� ov��it.\n"
+"Pros�m, nezapome�te, �e soubor s podpisem (.sig nebo .asc)\n"
+"by m�l b�t prvn�m souborem zadan�m na p��kazov� ��dce.\n"
+
+#: g10/verify.c:173
+#, c-format
+msgid "input line %u too long or missing LF\n"
+msgstr "vstupn� ��dek %u je p��li� dlouh� nebo na konci chyb� znak LF\n"
+
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"kl�� nen� ozna�en jako nedostate�n� bezpe�n� - nemohu jej pou��t s pad�lan�m "
+"RNG!\n"
+
+#: g10/skclist.c:138
+#, c-format
+msgid "skipped `%s': duplicated\n"
+msgstr "p�esko�en `%s': duplikov�n\n"
+
+#: g10/skclist.c:145 g10/skclist.c:153
+#, c-format
+msgid "skipped `%s': %s\n"
+msgstr "p�esko�en `%s': %s\n"
+
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "p�esko�eno: tajn� kl�� je u� v datab�zi\n"
+
+#: g10/skclist.c:160
+#, c-format
+msgid ""
+"skipped `%s': this is a PGP generated ElGamal key which is not secure for "
+"signatures!\n"
+msgstr ""
+"p�esko�en `%s': toto je vygenerovan� PGP kl�� podle algoritmu ElGamal,\n"
+"podpisy vytvo�en� t�mto kl��em nejsou bezpe�n�!\n"
+
+#. do not overwrite
+#: g10/openfile.c:84
+#, c-format
+msgid "File `%s' exists. "
+msgstr "Soubor `%s' existuje. "
+
+#: g10/openfile.c:86
+msgid "Overwrite (y/N)? "
+msgstr "P�epsat (a/N)? "
+
+#: g10/openfile.c:119
+#, c-format
+msgid "%s: unknown suffix\n"
+msgstr "%s: nezn�m� p��pona\n"
+
+#: g10/openfile.c:141
+msgid "Enter new filename"
+msgstr "Vlo�te nov� n�zev souboru"
+
+#: g10/openfile.c:184
+msgid "writing to stdout\n"
+msgstr "zapisuji do standardn�ho v�stupu\n"
+
+#: g10/openfile.c:273
+#, c-format
+msgid "assuming signed data in `%s'\n"
+msgstr "p�edpokl�d�m podepsan� data v `%s'\n"
+
+#: g10/openfile.c:323
+#, c-format
+msgid "%s: new options file created\n"
+msgstr "%s: vytvo�en nov� soubor s p�edvolbami\n"
+
+#: g10/openfile.c:350
+#, c-format
+msgid "%s: can't create directory: %s\n"
+msgstr "%s: nemohu vytvo�it adres��: %s\n"
+
+#: g10/openfile.c:353
+#, c-format
+msgid "%s: directory created\n"
+msgstr "%s: adres�� vytvo�en\n"
+
+#: g10/openfile.c:355
+msgid "you have to start GnuPG again, so it can read the new options file\n"
+msgstr "mus�te znovu spustit GnuPG pro op�tovn� na�ten� souboru p�edvoleb\n"
+
+#: g10/encr-data.c:91
+msgid ""
+"WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
+msgstr "VAROV�N�: zpr�va byla za�ifrov�na slab�m kl��em v symetrick� �if�e.\n"
+
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "probl�m se za�ifrovan�m paketem\n"
+
+#: g10/seskey.c:52
+msgid "weak key created - retrying\n"
+msgstr "vytvo�en slab� kl�� - zkou��m znovu\n"
+
+#: g10/seskey.c:57
+#, c-format
+msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
+msgstr ""
+"nemohu se vyvarovat slab�ho kl��e pro symetrickou �ifru; operaci jsem zkusil "
+"%d kr�t!\n"
+
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr "DSA po�aduje pou�it� 160-ti bitov�ho hashovac�ho algoritmu\n"
+
+#: g10/delkey.c:116
+msgid "can't do that in batchmode without \"--yes\"\n"
+msgstr "bez parametru \"--yes\" to nemohu v d�vkov�m m�du prov�st\n"
+
+#: g10/delkey.c:138
+msgid "Delete this key from the keyring? "
+msgstr "Smazat tento kl�� ze souboru kl���? "
+
+#: g10/delkey.c:146
+msgid "This is a secret key! - really delete? "
+msgstr "Toto je tajn� kl��! - opravdu smazat? "
+
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "smaz�n� bloku kl��e se nezda�ilo:  %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr "informace o d�v�ryhodnosti vlastn�ka kl��e vymaz�ny\n"
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "existuje tajn� kl�� pro tento ve�ejn� kl�� \"%s\"!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr ""
+"abyste ho smazal(a), pou�ijte nejprve parametr \"--delete-secret-key\".\n"
+
+#: g10/helptext.c:47
+msgid ""
+"It's up to you to assign a value here; this value will never be exported\n"
+"to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
+"to do with the (implicitly created) web-of-certificates."
+msgstr ""
+"Je na V�s, abyste zde p�i�adil(a) hodnotu; tato hodnota nebude nikdy\n"
+"exportov�na t�et� stran�. Pot�ebujeme ji k implementaci \"pavu�iny\n"
+"d�v�ry\"; nem� to nic spole�n�ho s (implicitn� vytvo�enou) \"pavu�inou\n"
+"certifik�t�\"."
+
+#: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Aby bylo mo�n� vybudovat pavu�inu d�v�ry, mus� GnuPG v�d�t, kter�m kl���m\n"
+"d�v��ujete absolutn� - obvykle to jsou ty kl��e, pro n� m�te p��stup\n"
+"k tajn�m kl���m. Odpov�zte \"ano\", abyste nastavili tyto kl��e\n"
+"jako absolutn� d�v�ryhodn�\n"
+
+#: g10/helptext.c:60
+msgid "If you want to use this revoked key anyway, answer \"yes\"."
+msgstr "Pokud p�esto chcete pou��t tento revokovan� kl��, odpov�zte \"ano\"."
+
+#: g10/helptext.c:64
+msgid "If you want to use this untrusted key anyway, answer \"yes\"."
+msgstr ""
+"Pokud p�esto chcete pou��t tento ned�v�ryhodn� kl��, odpov�zte \"ano\"."
+
+#: g10/helptext.c:68
+msgid ""
+"Enter the user ID of the addressee to whom you want to send the message."
+msgstr "Vlo�te identifik�tor adres�ta, kter�mu chcete poslat zpr�vu."
+
+#: g10/helptext.c:72
+msgid ""
+"Select the algorithm to use.\n"
+"\n"
+"DSA (aka DSS) is the digital signature algorithm which can only be used\n"
+"for signatures.  This is the suggested algorithm because verification of\n"
+"DSA signatures are much faster than those of ElGamal.\n"
+"\n"
+"ElGamal is an algorithm which can be used for signatures and encryption.\n"
+"OpenPGP distinguishs between two flavors of this algorithms: an encrypt "
+"only\n"
+"and a sign+encrypt; actually it is the same, but some parameters must be\n"
+"selected in a special way to create a safe key for signatures: this program\n"
+"does this but other OpenPGP implementations are not required to understand\n"
+"the signature+encryption flavor.\n"
+"\n"
+"The first (primary) key must always be a key which is capable of signing;\n"
+"this is the reason why the encryption only ElGamal key is not available in\n"
+"this menu."
+msgstr ""
+"Vyberte algoritmus.\n"
+"\n"
+"DSA (naz�van� tak� DSS) je algoritmus digit�ln�ho podpisu, kter� m��e b�t\n"
+"pou�it� pouze pro podpisy. Je to doporu�ovan� algoritmus, proto�e ov��en�\n"
+"DSA podpis� je mnohem rychlej�� ne� v algoritmu ElGamal.\n"
+"\n"
+"Algoritmus ElGamal m��e b�t pou��v�n jak pro podpisy tak pro �ifrov�n�.\n"
+"Standard OpenPGP rozli�uje mezi dv�ma re�imy tohoto algoritmu:\n"
+"pouze �ifrov�n� a �ifrov�n�+podpis; v podstat� je to stejn�, ale n�kolik\n"
+"parametr� mus� b�t vybr�no speci�ln�m zp�sobem pro vytvo�en� bezpe�n�ho "
+"kl��e\n"
+"pro podpisy: tento program to um�, ale nen� vy�adov�no, aby i jin�\n"
+"implementace OpenPGP pracovaly v re�imu podpis+�ifrov�n�.\n"
+"\n"
+"Prvn� (prim�rn�) kl�� mus� b�t v�dy kl��, kter� je schopn� podepisovat;\n"
+"to je d�vod, pro� v tomto menu nen� k dispozi kl�� algoritmu ElGamal\n"
+"ur�n� pouze pro �ifrov�n�."
+
+#: g10/helptext.c:92
+msgid ""
+"Although these keys are defined in RFC2440 they are not suggested\n"
+"because they are not supported by all programs and signatures created\n"
+"with them are quite large and very slow to verify."
+msgstr ""
+"A�koli jsou tyto kl��e definov�ny v RFC2440, nejsou doporu�ov�ny,\n"
+"proto�e nejsou podporov�ny v�emi programy a podpisy jimi vytvo�en�\n"
+"jsou zna�n� velk� a pro ov��en� velmi pomal�."
+
+#: g10/helptext.c:99
+msgid "Enter the size of the key"
+msgstr "Vlo�te d�lku kl��e"
+
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
+msgid "Answer \"yes\" or \"no\""
+msgstr "Odpov�zte \"ano\" nebo \"ne\""
+
+#: g10/helptext.c:113
+msgid ""
+"Enter the required value as shown in the prompt.\n"
+"It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
+"get a good error response - instead the system tries to interpret\n"
+"the given value as an interval."
+msgstr ""
+"Vlo�te po�adovanou hodnotu tak, jak je uvedeno v p��kazov�m ��dku.\n"
+"Je mo�n� vlo�it datum ve form�tu ISO (RRRR-MM-DD), ale nedostanete\n"
+"spr�vnou chybovou hl�ku - m�sto toho syst�m zkus� interpretovat\n"
+"zadanou hodnotu jako interval."
+
+#: g10/helptext.c:125
+msgid "Enter the name of the key holder"
+msgstr "Vlo�te jm�no dr�itele kl��e"
+
+#: g10/helptext.c:130
+msgid "please enter an optional but highly suggested email address"
+msgstr "pros�m, vlo�te e-mailovou adresu (nepovinn�, ale velmi doporu�ovan�)"
+
+#: g10/helptext.c:134
+msgid "Please enter an optional comment"
+msgstr "Pros�m, vlo�te nepovinn� koment��"
+
+#: g10/helptext.c:139
+msgid ""
+"N  to change the name.\n"
+"C  to change the comment.\n"
+"E  to change the email address.\n"
+"O  to continue with key generation.\n"
+"Q  to to quit the key generation."
+msgstr ""
+"N  pro zm�nu n�zvu.\n"
+"C  pro zm�nu koment��e.\n"
+"E  pro zm�nu e-mailov� adresy.\n"
+"O  pro pokra�ov�n� generov�n� kl��e.\n"
+"Q  pro ukon�en� generov�n� kl��e."
+
+#: g10/helptext.c:148
+msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
+msgstr "Jestli�e chcete generovat podkl��, odpov�zte \"ano\" (nebo jen \"a\")."
+
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Ne� podep��ete id u�ivatele, m�li byste nejprve ov��it, zda kl��\n"
+"pat�� osob�, jej�� jm�no je uvedeno v identifik�toru u�ivatele.\n"
+"Je velmi u�ite�n�, kdy� ostatn� v�d�, jak d�sledn� jste provedl(a)\n"
+"takov� ov��en�.\n"
+"\n"
+"\"0\" znamen�, �e neuv�d�te, jak d�sledn� jste pravost kl��e ov��il(a) \n"
+"\n"
+"\"1\" znamen�, �e v���te tomu, �e kl�� pat�� osob�, kter� je uvedena,\n"
+"    v u�ivatelsk�m ID, ale nemohl jste nebo jste neprov��il tuto "
+"skute�nost.\n"
+"    To je u�ite�n� pro \"osobn�\" verifikaci, kdy� podepisujete kl��e, "
+"kter�\n"
+"    pou��vaj� pseudonym u�ivatele.\n"
+"\n"
+"\"2\" znamen�, �e jste ��ste�n� ov��il pravost kl��e. Nap�. jste ov��il\n"
+"    fingerprint kl��e a zkontroloval identifik�tor u�ivatele\n"
+"    uveden� na kl��i s fotografick�m id.\n"
+"\n"
+"\"3\" Znamen�, �e jste provedl velmi pe�liv� ov��en� pravosti kl��e.\n"
+"    To m��e nap��klad znamenat, �e jste ov��il fingerprint kl��e \n"
+"    jeho vlastn�ka osobn� a d�le jste pomoc� obt��n� pad�lateln�ho \n"
+"    dokumentu s fotografi� (nap��klad pasu) ov��il, �e jm�no majitele\n"
+"    kl��e se shoduje se jm�nem uveden�m v u�ivatelsk�m ID a d�le jste \n"
+"    ov��il (v�m�nou elektronick�ch dopis�), �e elektronick� adresa uveden� \n"
+"    v ID u�ivatele pat�� majiteli kl��e.\n"
+"\n"
+"Pros�m nezapome�te, �e p��klady uveden� pro �rove� 2 a 3 jsou *pouze*\n"
+"p��klady.\n"
+"Je jen na Va�em rozhodnut� co \"��ste�n�\" a \"pe�liv�\" ov��en� znamen�\n"
+"kdy� budete podepisovat kl��e jin�m u�ivatel�m.\n"
+"\n"
+"Pokud nev�te, jak� je spr�vn� odpov��, odpov�zte \"0\"."
+
+#: g10/helptext.c:194
+msgid "Answer \"yes\" is you want to sign ALL the user IDs"
+msgstr ""
+"Pokud chcete podepsat V�ECHNY identifik�tory u�ivatel�, odpov�zte \"ano\""
+
+#: g10/helptext.c:198
+msgid ""
+"Answer \"yes\" if you really want to delete this user ID.\n"
+"All certificates are then also lost!"
+msgstr ""
+"Pokud opravdu chcete smazat tento identifik�tor u�ivatele, odpov�zte \"ano"
+"\".\n"
+"V�echny certifik�ty budou tak� ztraceny!"
+
+#: g10/helptext.c:203
+msgid "Answer \"yes\" if it is okay to delete the subkey"
+msgstr "Odpov�zte \"ano\", pokud chcete smazat podkl��"
+
+#: g10/helptext.c:208
+msgid ""
+"This is a valid signature on the key; you normally don't want\n"
+"to delete this signature because it may be important to establish a\n"
+"trust connection to the key or another key certified by this key."
+msgstr ""
+"Toto je platn� podpis kl��e; norm�ln� nechcete tento podpis smazat,\n"
+"proto�e m��e b�t d�le�it� p�i vytv��en� d�v�ry kl��e nebo jin�ho kl��e\n"
+"ceritifikovan�ho t�mto kl��em."
+
+#: g10/helptext.c:213
+msgid ""
+"This signature can't be checked because you don't have the\n"
+"corresponding key.  You should postpone its deletion until you\n"
+"know which key was used because this signing key might establish\n"
+"a trust connection through another already certified key."
+msgstr ""
+"Tento podpis nem��e b�t ov��en, proto�e nem�te odpov�daj�c� ve�ejn� kl��.\n"
+"Jeho smaz�n� byste m�l(a) odlo�it do doby, ne� budete zn�t, kter� kl��\n"
+"byl pou�it, proto�e tento podpisovac� kl�� m��e vytvo�it d�v�ru\n"
+"prost�ednictv�m jin�ho ji� certifikovan�ho kl��e."
+
+#: g10/helptext.c:219
+msgid ""
+"The signature is not valid.  It does make sense to remove it from\n"
+"your keyring."
+msgstr "Podpis je neplatn�. Je rozumn� ho odstranit z Va�eho souboru kl���."
+
+#: g10/helptext.c:223
+msgid ""
+"This is a signature which binds the user ID to the key. It is\n"
+"usually not a good idea to remove such a signature.  Actually\n"
+"GnuPG might not be able to use this key anymore.  So do this\n"
+"only if this self-signature is for some reason not valid and\n"
+"a second one is available."
+msgstr ""
+"Toto je podpis, kter� v�e identifik�tor u�ivatele ke kl��i. Obvykle\n"
+"nen� dobr� takov� podpis odstranit. GnuPG nem��e tento kl�� nad�le\n"
+"pou��vat. Ud�lejte to jenom v p��pad�, kdy je tento podpis kl��e\n"
+"j�m sam�m z n�jak�ho d�vodu neplatn� a kdy je k dipozici kl�� jin�."
+
+#: g10/helptext.c:231
+msgid ""
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+"Zm�nit p�edvolby pro v�echny u�ivatelsk� ID (nebo pouze pro ozna�en�)\n"
+"na aktu�ln� seznam p�edvoleb. �asov� raz�tka v�ech dot�en�ch podpis�\n"
+"kl��� jimi samotn�mi budou posunuty o jednu vte�inu dop�edu.\n"
+
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Pros�m, vlo�te heslo; toto je tajn� v�ta \n"
+
+#: g10/helptext.c:244
+msgid "Please repeat the last passphrase, so you are sure what you typed in."
+msgstr ""
+"Pros�m, zopakujte posledn� heslo, abyste si byl(a) jist�(�), co jste napsal"
+"(a)."
+
+#: g10/helptext.c:248
+msgid "Give the name of the file to which the signature applies"
+msgstr "Zadejte n�zev souboru, ke kter�mu se podpis vztahuje"
+
+#: g10/helptext.c:253
+msgid "Answer \"yes\" if it is okay to overwrite the file"
+msgstr "Pokud si p�ejete p�eps�n� souboru, odpov�zte \"ano\""
+
+#: g10/helptext.c:258
+msgid ""
+"Please enter a new filename. If you just hit RETURN the default\n"
+"file (which is shown in brackets) will be used."
+msgstr ""
+"Pros�m, vlo�te nov� n�zev souboru. Pokud pouze stisknete RETURN, bude\n"
+"pou�it implicitn� soubor (kter� je uk�z�n v z�vork�ch)."
+
+#: g10/helptext.c:264
+msgid ""
+"You should specify a reason for the certification.  Depending on the\n"
+"context you have the ability to choose from this list:\n"
+"  \"Key has been compromised\"\n"
+"      Use this if you have a reason to believe that unauthorized persons\n"
+"      got access to your secret key.\n"
+"  \"Key is superseded\"\n"
+"      Use this if you have replaced this key with a newer one.\n"
+"  \"Key is no longer used\"\n"
+"      Use this if you have retired this key.\n"
+"  \"User ID is no longer valid\"\n"
+"      Use this to state that the user ID should not longer be used;\n"
+"      this is normally used to mark an email address invalid.\n"
+msgstr ""
+"M�l(a) byste specifikovat d�vod certifikace. V z�vislosti na kontextu\n"
+"m�te mo�nost si vybrat ze seznamu:\n"
+"  \"Kl�� byl kompromitov�n\"\n"
+"      Toto pou�ijte, pokud si mysl�te, �e k Va�emu tajn�mu kl��i z�skaly\n"
+"       p��stup neopr�vn�n� osoby.\n"
+"  \"Kl�� je nahrazen\"\n"
+"      Toto pou�ijte, pokud jste tento kl�� nahradil(a) nov�j��m kl��em.\n"
+"  \"Kl�� se ji� nepou��v�\"\n"
+"      Toto pou�ijte, pokud tento kl�� ji� nepou��v�te.\n"
+"  \"Identifik�tor u�ivatele u� nen� platn�\"\n"
+"      Toto pou�ijte, pokud by se identifik�tor u�ivatele u� nem�l pou��vat;\n"
+"      norm�ln� se pou��v� k ozna�en� neplatn� e-mailov� adresy.\n"
+
+#: g10/helptext.c:280
+msgid ""
+"If you like, you can enter a text describing why you issue this\n"
+"revocation certificate.  Please keep this text concise.\n"
+"An empty line ends the text.\n"
+msgstr ""
+"Pokud chcete, m��ete vlo�it text popisuj�c� p�vod vzniku tohoto revoka�n�ho\n"
+"ceritifik�tu. Pros�m, stru�n�. \n"
+"Text kon�� pr�zdn�m ��dkem.\n"
+
+#: g10/helptext.c:295
+msgid "No help available"
+msgstr "Pomoc nen� k dispozici"
+
+#: g10/helptext.c:303
+#, c-format
+msgid "No help available for `%s'"
+msgstr "Pomoc nen� dostupn� pro '%s'"
+
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "chyba p�i vytv��en� souboru kl��� (keyring)`%s': %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "zm�na u�ivatelsk�ch opr�vn�n� `%s' selhala: %s\n"
+
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "soubor kl��� (keyring) `%s' vytvo�en\n"
+
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "selhalo obnoven� vyrovn�vac� pam�ti kl���: %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "VAROV�N�: Existuj� dva soubory s tajn�mi informacemi.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s je beze zm�ny\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s je nov�\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Pros�m, opravte tento mo�n� bezpe�nostn� probl�m\n"
+
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "kontroluji soubor kl��� (keyring) `%s'\n"
+
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu kl��� ji� zkontrolov�no (%lu podpis�)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu kl��� zkontrolov�n (%lu podpis�)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: soubor kl��� (keyring) vytvo�en\n"
diff --git a/po/da.po b/po/da.po
index d29dc2452..3129218f2 100644
--- a/po/da.po
+++ b/po/da.po
@@ -7,7 +7,7 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: gnupg 1.0.0h\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
 "PO-Revision-Date: 2000-03-07 22:51+01:00\n"
 "Last-Translator: Birger Langkjer <[email protected]>\n"
 "Language-Team: Danish <[email protected]>\n"
@@ -15,289 +15,320 @@ msgstr ""
 "Content-Type: text/plain; charset=ISO-8859-1\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Advarsel: benytter ubeskyttet hukommelse!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr ""
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "operation er ikke mulig uden beskyttet hukommelse indl�st\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(du kan have brugt et forkert program til denne opgave)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "ja"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "jJ"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "n"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "afslut"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "aA"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "generel fejl"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "ukendt pakketype"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "ukendt version"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "ukendt offentlig n�glealgoritme"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "ukendt sammenfatningsalgoritme"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "d�rlig offentlig n�gle"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "d�rlig hemmelig n�gle"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "d�rlig signatur"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "tjeksumsfejl"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "d�rlig kodes�tning"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "offentlig n�gle ikke fundet"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "ukendt cifferalgoritme "
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "kan ikke �bne n�gleringen"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "ugyldig pakke"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "ugyldig rustning"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "ikke-eksisterende bruger id"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "hemmelig n�gle ikke tilg�ngelig"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "forkert hemmelig n�gle brugt"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "ikke underst�ttet"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "d�rlig n�gle"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "fill�sningsfejl"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "filskrivningsfejl"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "ukendt kompressionsalgoritme"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "fil�bningsfejl"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "filoprettelsesfejl"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "ugyldig kodes�tning"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "uimplementeret offentlig n�glealgoritme"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "uimplementeret cifferalgoritme"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "ukendt signaturklasse"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "tillidsdatabasefejl"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "d�rlig mpi"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "resursegr�nse"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "ugyldig n�glering"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "ugyldigt certifikat"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "d�rlig bruger-id"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "fillukningsfejl"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "filomd�bningsfejl"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "filsletningsfejl"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "uforventet data"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "tidsstempelkonflikt"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "uanvendelig offentlig n�glealgoritme"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "fil eksisterer"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "svag n�gle"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "ugyldigt argument"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "ugyldig URI"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "ikke-underst�ttet URI"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "netv�rksfejl"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "ikke krypteret"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "ikke bearbejdet"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+#, fuzzy
+msgid "unusable public key"
+msgstr "d�rlig offentlig n�gle"
+
+#: util/errors.c:106
+#, fuzzy
+msgid "unusable secret key"
+msgstr "d�rlig hemmelig n�gle"
+
+#: util/errors.c:107
+#, fuzzy
+msgid "keyserver error"
+msgstr "generel fejl"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... dette er en fejl (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "du fandt en fejl ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "kan ikke �bne '%s': %s\n"
 
-#: cipher/random.c:325
+#: cipher/random.c:324
 #, fuzzy, c-format
 msgid "can't stat `%s': %s\n"
 msgstr "kan ikke �bne '%s': %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
 msgstr ""
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
 msgstr ""
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
 
-#: cipher/random.c:349
+#: cipher/random.c:348
 #, fuzzy, c-format
 msgid "can't read `%s': %s\n"
 msgstr "kan ikke �bne '%s': %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
 msgstr ""
 
-#: cipher/random.c:407
+#: cipher/random.c:406
 #, fuzzy, c-format
 msgid "can't create `%s': %s\n"
 msgstr "kan ikke oprette %s: %s\n"
 
-#: cipher/random.c:414
+#: cipher/random.c:413
 #, fuzzy, c-format
 msgid "can't write `%s': %s\n"
 msgstr "kan ikke �bne '%s': %s\n"
 
-#: cipher/random.c:417
+#: cipher/random.c:416
 #, fuzzy, c-format
 msgid "can't close `%s': %s\n"
 msgstr "kan ikke �bne '%s': %s\n"
 
-#: cipher/random.c:428
-#, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
-
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr "ADVARSEL: bruger usikker tilf�ldig-nummer-generator!!!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -311,7 +342,7 @@ msgstr ""
 "BENYT IKKE DATA GENERERET AF DETTE PROGRAM!!!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -322,19 +353,7 @@ msgstr ""
 "Ikke nok tilf�ldige byte tilg�ngelig.  Please do some other work to give\n"
 "the OS a chance to collect more entropy! (Kr�ver %d byte mere)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Advarsel: benytter ubeskyttet hukommelse!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "operation er ikke mulig uden beskyttet hukommelse indl�st\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(du kan have brugt et forkert program til denne opgave)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -342,139 +361,170 @@ msgstr ""
 "@Kommandoer:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[filer]|opret en signatur"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[filer]|opret rentekst signatur"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "opret en separat signatur"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "krypt�r data"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr ""
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "krypt�r kun med symmetriske cifre"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "gem kun"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "afkrypt�r data (standard)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr ""
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "godkend en signatur"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "vis n�gler"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "vis n�gler og signaturer"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "tjek n�glesignaturer"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "vis n�gle og fingeraftryk"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "vis hemmelige n�gler"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "gener�r et nyt n�glepar"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
+#: g10/g10.c:307
+#, fuzzy
+msgid "remove keys from the public keyring"
 msgstr "fjern n�gle fra den offentlige n�glering"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
+#: g10/g10.c:309
+#, fuzzy
+msgid "remove keys from the secret keyring"
 msgstr "fjern n�gle fra den hemmelige n�glering"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "sign�r en n�gle"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "sign�r en n�gle lokalt"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+#, fuzzy
+msgid "sign a key non-revocably"
+msgstr "sign�r en n�gle lokalt"
+
+#: g10/g10.c:313
+#, fuzzy
+msgid "sign a key locally and non-revocably"
+msgstr "sign�r en n�gle lokalt"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "sign�r eller redig�r en n�gle"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "Gener�r en annull�rbar certifikat"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "eksport�r n�gler"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "eksport�r n�gler til en n�gletjener"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "import�r n�gler fra en n�gleserver"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+#, fuzzy
+msgid "search for keys on a key server"
+msgstr "eksport�r n�gler til en n�gletjener"
+
+#: g10/g10.c:322
+#, fuzzy
+msgid "update all keys from a keyserver"
+msgstr "import�r n�gler fra en n�gleserver"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "import�r/fusion�r n�gler"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "vis kun pakkesekvensen"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "eksport�r ejertillidsv�rdierne"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "import�r ejertillidsv�rdierne"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "opdat�r tillidsdatabasen"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NAMES]|tjek tillidsdatabasen"
+#: g10/g10.c:336
+#, fuzzy
+msgid "unattended trust database update"
+msgstr "opdat�r tillidsdatabasen"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "repar�r en �delagt tillidsdatabase"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "De-beskydt en fil el. stdin"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "Beskydt en fil el. stdin"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [filer]|print meddelelsesresum�"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -484,162 +534,208 @@ msgstr ""
 "Indstillinger:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "opret ascii beskyttet uddata"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NAME|krypt�r for NAME"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NAME|brug NAME som standard modtager"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "brug standard n�glen som standard modtager"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "brug denne bruger-id til at signere eller dekryptere"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|s�t kompresningsniveau N (0 = sl�et fra)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "brug kanonisk tekstmodus"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "brug som uddatafil"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "meddelsom"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "v�r mere stille"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "brug overhovedet ikke terminalen"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "tving v3 signaturer"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+#, fuzzy
+msgid "do not force v3 signatures"
+msgstr "tving v3 signaturer"
+
+#: g10/g10.c:377
+#, fuzzy
+msgid "force v4 key signatures"
+msgstr "tving v3 signaturer"
+
+#: g10/g10.c:378
+#, fuzzy
+msgid "do not force v4 key signatures"
+msgstr "tving v3 signaturer"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "brug altid en MDC for kryptering"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+#, fuzzy
+msgid "never use a MDC for encryption"
+msgstr "brug altid en MDC for kryptering"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "lav ingen �ndringer"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
 msgstr ""
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "k�rselsmodus: sp�rg aldrig"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "forvent ja til de fleste spr�gsm�l"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "forvent nej til de fleste spr�gsm�l"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "tilf�j denne n�glering til n�gleringslisten"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "tilf�j denne hemmeligen�glering til listen"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr ""
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NAME|brug NAME som standard hemmelign�gle"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|HOST|brug denne n�gletjener til at sl� n�gler op"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NAME|s�t terminal karakters�t til NAME"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "l�s indstillinger fra fil"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr "|FD|skriv statusinfo til denne FD"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
+#: g10/g10.c:404
+#, fuzzy
+msgid "|[file]|write status info to file"
+msgstr "|FD|skriv statusinfo til denne FD"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
 msgstr ""
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|FILE|indl�s udvidelsesmodul FILE"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "emul�r modusen beskrevet i RFC1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr "s�t alle pakker, cifre og resum� flag til OpenPGP standard"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+#, fuzzy
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "s�t alle pakker, cifre og resum� flag til OpenPGP standard"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|brug pasfrasemodus N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr "|NAME|brug meddelelses resum�algoritme NAME for pasfrase"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr "|NAME|brug cifrealgoritme NAME for pasfrase"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NAME|brug cifferalgoritme NAME"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NAME|brug meddelelsesresum� algoritme NAME"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|brug kompresalgoritme N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr ""
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr ""
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NAME=VALUE|brug denne notationsdata"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -659,16 +755,16 @@ msgstr ""
 " --list-keys [navne]        vis n�gler\n"
 " --fingerprint [navne]      vis fingeraftryk\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr "Rapport�r venligst fejl til <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Brug: gpg [flag] [filer] (-h for hj�lp)"
 
 # Skal alt dette overs�ttes eller er det flagene?
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -678,7 +774,7 @@ msgstr ""
 "sign, check, encrypt eller decrypt\n"
 "standard operation afh�nger af inddata\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -686,436 +782,495 @@ msgstr ""
 "\n"
 "Underst�ttede algoritmer:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "brug: gpg [flag] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "konfliktende kommandoer\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "NOTITS: ingen standard alternativfil '%s'\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "alternativfil`%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "l�ser indstillinger fra `%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s er ikke et gyldigt tegns�t\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr ""
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "ADVARSEL: '%s' er en tom fil\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr ""
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr ""
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "NOTITS: %s er ikke til normal brug!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s ikke tilladt med %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s er meningsl�s sammen med %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr ""
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "valgte cifferalgoritme er ugyldig\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "valgte resum�algoritme er ugyldig\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
+#: g10/g10.c:1492
+#, fuzzy
+msgid "the given signature policy URL is invalid\n"
 msgstr "den givne politik-URL er ugyldig\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1496
+#, fuzzy
+msgid "the given certification policy URL is invalid\n"
+msgstr "den givne politik-URL er ugyldig\n"
+
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr ""
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr ""
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr ""
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr ""
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "NOTE: simpel S2K modus (0) frar�des p� det skarpeste\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "ugyldig S2K modus; skal v�re 0, 1 el. 3\n"
 
+#: g10/g10.c:1516
+#, fuzzy
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "ugyldig S2K modus; skal v�re 0, 1 el. 3\n"
+
+#: g10/g10.c:1519
+#, fuzzy
+msgid "invalid preferences\n"
+msgstr "vis pr�ferencer"
+
 # er det klogt at overs�tte TrustDB?
-#: g10/gpg.c:1171
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "kunne ikke initialisere TillidsDB: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [filnavn (som gemmes)]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [filnavn]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [filnavn (som krypteres)]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [filnavn (som signeres)]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [filnavn]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+#, fuzzy
+msgid "--sign --symmetric [filename]"
+msgstr "--symmetric [filnavn]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [filnavn]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [filnavn (som dekrypteres)]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key bruger-id"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key bruger-id"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key bruger-id [kommandoer]"
+#: g10/g10.c:1746
+#, fuzzy
+msgid "--nrsign-key user-id"
+msgstr "--sign-key bruger-id"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key bruger-id"
+#: g10/g10.c:1754
+#, fuzzy
+msgid "--nrlsign-key user-id"
+msgstr "--sign-key bruger-id"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key bruger-id"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key bruger-id [kommandoer]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "kan ikke �bne %s: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [bruger-id] [n�glering]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "fjernelse af beskyttelse fejlede: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "p�kl�dning af beskyttelse fejlede: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "ugyldig hash-algoritme `%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[filnavn]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "G� til sagen og skriv meddelelsen ...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "kan ikke �bne `%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr ""
 "f�rste bogstav af en notationsnavn skal v�re et bogstave eller en "
 "understregning\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
 msgstr ""
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr ""
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "en notationsv�rdi m� ikke bruge nogen kontroltegn\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "panser: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "ugyldigt panserhoved: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "panserhoved: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr ""
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr ""
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr ""
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "uforventet beskyttelse:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "ugyldigt radix64 tegn %02x udeladt\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "for tidlig eof (ingen CRC)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "for tidlig eof (i CRC)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "d�rlig CRC\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "CRC fejl; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "for tidlig eof (i trailer)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "fejl i trailerlinie\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "ingen gyldig OpenPGP data fundet.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "ugyldigt panser: linie l�ngere end %d tegn\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr "quoted printable-tegn i panser - m�ske pga. en fejlbeh�ftet MTA\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "             Fingeraftryk:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Fingeraftryk:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
 msgstr ""
 
-#: g10/pkclist.c:119
+#: g10/pkclist.c:63
 #, fuzzy
-msgid "Key is superseeded"
+msgid "Key is superseded"
 msgstr "N�glen er beskyttet.\n"
 
-#: g10/pkclist.c:121
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
 msgstr ""
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
 msgstr ""
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
 msgstr ""
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
 msgstr ""
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
 msgstr ""
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr ""
 
-#: g10/pkclist.c:308
-#, c-format
+#: g10/pkclist.c:258
+#, fuzzy, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
 "Ingen tillidsv�rdi tildelt til %lu:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 
-#: g10/pkclist.c:329
-msgid " m = back to the main menu\n"
-msgstr " m = tilbage til hovedmenu\n"
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr ""
 
-#: g10/pkclist.c:331
-msgid " q = quit\n"
-msgstr " q = afslut\n"
+#: g10/pkclist.c:274
+#, fuzzy, c-format
+msgid " %d = I do NOT trust\n"
+msgstr "%08lX: Vi stoler IKKE p� denne n�gle\n"
 
-#: g10/pkclist.c:337
-msgid "Your decision? "
-msgstr "Dit valg? "
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr ""
 
-#: g10/pkclist.c:359
-msgid "Certificates leading to an ultimately trusted key:\n"
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
 msgstr ""
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
 msgstr ""
 
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
 msgstr ""
 
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
+#: g10/pkclist.c:281
+msgid " m = back to the main menu\n"
+msgstr " m = tilbage til hovedmenu\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
 msgstr ""
 
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr "Ingen tillidsv�rdier er �ndret.\n"
+#: g10/pkclist.c:285
+msgid " q = quit\n"
+msgstr " q = afslut\n"
+
+#: g10/pkclist.c:292
+msgid "Your decision? "
+msgstr "Dit valg? "
+
+#: g10/pkclist.c:313
+#, fuzzy
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Vil du virkelig gerne g�re dette?"
+
+#: g10/pkclist.c:325
+msgid "Certificates leading to an ultimately trusted key:\n"
+msgstr ""
 
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "n�gle %08lX: n�gle er blevet annulleret!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "Brug denne n�gle alligevel? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "n�gle %08lX: undern�gle er blevet annulleret!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: n�gle er udl�bet\n"
 
-#: g10/pkclist.c:519
-#, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: ignen info til at udregne en tillidssandsynlighed\n"
+#: g10/pkclist.c:442
+#, fuzzy, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr "         Intet tyder p� at denne signatur tilh�rer ejeren.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: Vi stoler IKKE p� denne n�gle\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
 "but it is accepted anyway\n"
 msgstr ""
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Denne n�gle tilh�rer sikkert ejeren\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Denne n�gle tilh�rer os\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1123,169 +1278,196 @@ msgid ""
 "\n"
 msgstr ""
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "ADVARSEL: Bruger n�gle uden tillid!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "ADVARSEL: Denne n�gle er blevet annulleret af dets ejer!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "         Dette kan betyde at signaturen er forfalsket.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "ADVARSEL: Denne undern�gle er blevet tilbagekaldt af dens ejer!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+#, fuzzy
+msgid "Note: This key has been disabled.\n"
+msgstr "Bem�rk: Denne n�gle er for�ldet!\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Bem�rk: Denne n�gle er for�ldet!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr ""
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr "         Intet tyder p� at denne signatur tilh�rer ejeren.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "ADVARSEL: Vi tror IKKE p� denne n�gle!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "         Signaturen er formentlig FORFALSKET.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr "         Det er ikke sikkert at signaturen tilh�rer ejeren.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: udelod: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: udelod: offentlig n�gle er allerede tilstede\n"
 
-#: g10/pkclist.c:855
-msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
-"\n"
+#: g10/pkclist.c:752
+#, fuzzy
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
 msgstr ""
 "Du angav ikke en bruger-id. (du kan bruge \"-r\")\n"
 "\n"
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Indtast bruger-id: "
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
 
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Ingen s�dan bruger-id.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr "udeladt: offentlig n�gle er allerede valgt som standard modtager\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "Offentlig n�gle er sl�et fra.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "udeladt: offentlig n�gle er allerede valgt med --encrypt-to\n"
+#: g10/pkclist.c:806
+#, fuzzy
+msgid "skipped: public key already set\n"
+msgstr "%s: udelod: offentlig n�gle er allerede tilstede\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "ukendt standard modtager '%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: fejl ved unders�gelse af n�gle: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: udelod: offentlign�gle er sl�et fra\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "ingen gyldige adresser\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr ""
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr ""
+
+#: g10/keygen.c:192
+#, fuzzy, c-format
+msgid "too many `%c' preferences\n"
+msgstr "vis pr�ferencer"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "Ugyldige bogstaver i navn\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "skriver selvsignatur\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr ""
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
 #, fuzzy, c-format
 msgid "keysize invalid; using %u bits\n"
 msgstr "�nsket n�glest�rrelse er %u bit\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
 #, fuzzy, c-format
 msgid "keysize rounded up to %u bits\n"
 msgstr "rundet op til %u bit\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "V�lg venligst hvilken slags n�gle du vil have:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA og ElGamal (standard)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (sign�r kun)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (krypt�r kun)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (sign�r og krypt�r)\n"
 
-#: g10/keygen.c:643
+#: g10/keygen.c:784
 #, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (sign�r og krypt�r)\n"
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) DSA (sign�r kun)\n"
+
+#: g10/keygen.c:786
+#, fuzzy, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) ElGamal (krypt�r kun)\n"
 
-#: g10/keygen.c:647
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Dit valg? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Vil du gerne oprette en underskrivnings- og krypteringsn�gle? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr ""
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Ugyldigt valg.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1294,20 +1476,20 @@ msgid ""
 "    highest suggested keysize is 2048 bits\n"
 msgstr ""
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Hvilken n�glest�rrelse �nsker du? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA tillader kun n�glest�rrelser fra 512 til 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
+#: g10/keygen.c:852
+msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
 msgstr ""
 
-#: g10/keygen.c:708
-msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
 msgstr ""
 
 #. It is ridiculous and an annoyance to use larger key sizes!
@@ -1318,42 +1500,38 @@ msgstr ""
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr ""
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
 msgstr ""
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Er du sikker p� at de vil benytte denne n�glest�rrelse? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
 msgstr ""
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr ""
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "�nsket n�glest�rrelse er %u bit\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "rundet op til %u bit\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1363,36 +1541,52 @@ msgid ""
 "      <n>y = key expires in n years\n"
 msgstr ""
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "N�gle er gyldig for? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+#, fuzzy
+msgid "Signature is valid for? (0) "
+msgstr "N�gle er gyldig for? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "ugyldig v�rdi\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
+#: g10/keygen.c:985
+#, fuzzy, c-format
+msgid "%s does not expire at all\n"
 msgstr "N�glen udl�ber aldrig\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
-#, c-format
-msgid "Key expires at %s\n"
+#: g10/keygen.c:992
+#, fuzzy, c-format
+msgid "%s expires at %s\n"
 msgstr "N�gle udl�ber d. %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
 msgstr ""
 
 # virker j automatisk istedetfor y?
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "Er dette korrekt (j/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1402,44 +1596,44 @@ msgid ""
 "\n"
 msgstr ""
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Rigtige navn: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Ugyldige bogstaver i navn\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Navn m� ikke starte med et tal\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Navn skal v�re mindst 5 bogstaver langt\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Epostadresse: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Ikke en gyldig epostadresse\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Kommentar: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Ugyldigt tegn i kommentar\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Du bruger '%s' tegns�ttet.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1450,28 +1644,28 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr ""
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnCcEeOoQq"
 
-#: g10/keygen.c:986
+#: g10/keygen.c:1151
 #, fuzzy
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
 msgstr "�ndr (N)avn, (K)ommentar, (E)post eller (O)kay/(Q)vit? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "�ndr (N)avn, (K)ommentar, (E)post eller (O)kay/(Q)vit? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
 msgstr ""
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1479,11 +1673,17 @@ msgstr ""
 "Du skal bruge en kodes�tning til at beskytte din hemmelige n�gle.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+#, fuzzy
+msgid "passphrase not correctly repeated; try again"
 msgstr "kodes�tningen blev ikke ordentlig gentaget; pr�v igen.\n"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr ""
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1491,7 +1691,7 @@ msgid ""
 "\n"
 msgstr ""
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1499,349 +1699,428 @@ msgid ""
 "generator a better chance to gain enough entropy.\n"
 msgstr ""
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "DSA n�glepar vil have 1024 bit.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "N�gleoprettelse annulleret.\n"
 
-#: g10/keygen.c:1668
+#: g10/keygen.c:1883 g10/keygen.c:1963
 #, fuzzy, c-format
 msgid "writing public key to `%s'\n"
 msgstr "skriver offentligt certifikat til '%s'\n"
 
-#: g10/keygen.c:1669
+#: g10/keygen.c:1884 g10/keygen.c:1965
 #, fuzzy, c-format
 msgid "writing secret key to `%s'\n"
 msgstr "skriver hemmeligt certifikat til '%s'\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, fuzzy, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "n�gle %08lX: offentlig n�gle ikke fundet: %s\n"
+
+#: g10/keygen.c:1958
+#, fuzzy, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "skriver hemmeligt certifikat til '%s'\n"
+
+#: g10/keygen.c:1972
+#, fuzzy, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "fejl ved skrivning af n�glering `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, fuzzy, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "fejl ved skrivning af n�glering `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "offentlig og hemmelig n�gle oprettet og signeret.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr ""
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
 msgstr ""
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr ""
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
 msgstr ""
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
 msgstr ""
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr ""
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Vil du virkelig oprette?"
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr ""
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr ""
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: kan ikke �bne: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "fejl ved oprettelse af kodes�tning: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: ADVARSEL: tom fil\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "l�ser fra '%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s krypteret for: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
-#, c-format
-msgid "%s: user not found: %s\n"
+#: g10/delkey.c:69 g10/export.c:141
+#, fuzzy, c-format
+msgid "key `%s' not found: %s\n"
 msgstr "%s: bruger ikke fundet: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, fuzzy, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "fejl ved l�sning af '%s': %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "n�gle %08lX: ikke en rfc2440 n�gle - udeladt\n"
 
-#: g10/export.c:175
+#: g10/export.c:180
 #, fuzzy, c-format
 msgid "key %08lX: not protected - skipped\n"
 msgstr "n�gle %08lX: ikke en rfc2440 n�gle - udeladt\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, fuzzy, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "n�gle %08lX: ikke en rfc2440 n�gle - udeladt\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "ADVARSEL: intet blev eksporteret\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr ""
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+#, fuzzy
+msgid "[User id not found]"
+msgstr "[bruger ikke fundet]"
+
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
 msgstr ""
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "bruger sekund�r n�gle %08lX istedetfor prim�r n�gle %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr ""
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: bruger ikke fundet\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "sprang over blok af typen %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu n�gler behandlet indtil nu\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "fejl ved l�sning af '%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "Totalt antal behandlede: %lu\n"
 
-#: g10/import.c:206
+#: g10/import.c:232
 #, fuzzy, c-format
 msgid "      skipped new keys: %lu\n"
 msgstr "       nye undern�gler: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr ""
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "           importerede: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "              u�ndrede: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "      nye bruger-id'er: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "       nye undern�gler: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "        nye signaturer: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "  nye n�gletilbagekald: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr " hemmelige n�gler l�st: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "hemmelige n�gler import: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr "hemmelige n�gler u�ndre: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "n�gle %08lX: ingen bruger-id\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "n�gle %08lX: ingen gyldige bruger-id'er\n"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "n�gle %08lX: ingen gyldige bruger-id'er\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr ""
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "n�gle %08lX: offentlig n�gle ikke fundet: %s\n"
 
-#: g10/import.c:421
+#: g10/import.c:479
 #, fuzzy, c-format
 msgid "key %08lX: new key - skipped\n"
 msgstr "n�gle %08lX: ikke en rfc2440 n�gle - udeladt\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, fuzzy, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "fejl ved skrivning af n�glering `%s': %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "skriver til `%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "fejl ved skrivning af n�glering `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "n�gle %08lX: offentlig n�gle importeret\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "n�gle %08lX: stemmer ikke med vores kopi\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "n�gle %08lX: kan ikke lokalisere original n�gleblok: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "n�gle %08lX: kan ikke l�se original n�gleblok: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr ""
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr ""
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr ""
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr ""
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr ""
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr ""
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr ""
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, fuzzy, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "ingen standard offentlig n�glering\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr ""
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr ""
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr ""
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr ""
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr ""
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr ""
 
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
-msgstr ""
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr "n�gle %08lX: offentlig n�gle ikke fundet: %s\n"
 
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
-msgstr ""
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "n�gle %08lX: ingen gyldige bruger-id'er\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr ""
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
+msgid "key %08lX: unsupported public key algorithm\n"
 msgstr ""
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
+msgid "key %08lX: invalid subkey binding\n"
 msgstr ""
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr ""
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr ""
@@ -1850,758 +2129,1154 @@ msgstr ""
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr ""
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr ""
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr ""
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr ""
 
-#: g10/import.c:1016
+#: g10/import.c:1131
 #, c-format
-msgid "key %08lX: revocation certificate added\n"
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
 msgstr ""
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1145
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
 msgstr ""
 
-#: g10/keyedit.c:150
+#: g10/import.c:1201
+#, c-format
+msgid "key %08lX: revocation certificate added\n"
+msgstr ""
+
+#: g10/import.c:1231
+#, fuzzy, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "n�gle %08lX: offentlig n�gle importeret\n"
+
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr ""
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[selv-signatur]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 d�rlig signature\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d d�rlige signaturer\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr ""
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr ""
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr ""
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr ""
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr ""
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr ""
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "N�glen er beskyttet.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+#, fuzzy
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Er du sikker p� at de vil benytte denne n�glest�rrelse? "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
 #, c-format
-msgid "Already signed by key %08lX\n"
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
 msgstr ""
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+
+#: g10/keyedit.c:388
+#, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr ""
+
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr ""
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr ""
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+#, fuzzy
+msgid "This key has expired!"
+msgstr "Bem�rk: Denne n�gle er for�ldet!\n"
+
+#: g10/keyedit.c:440
+#, fuzzy, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Denne n�gle er ikke beskyttet.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr ""
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr ""
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
 msgstr ""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr ""
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+
+#: g10/keyedit.c:561
+msgid ""
 "\n"
+"I have checked this key very carefully.\n"
 msgstr ""
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Vil du gerne signere? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "signering fejlede: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Denne n�gle er ikke beskyttet.\n"
 
-#: g10/keyedit.c:426
+#: g10/keyedit.c:662
 #, fuzzy
 msgid "Secret parts of primary key are not available.\n"
 msgstr "hemmelig n�gle ikke tilg�ngelig"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "N�glen er beskyttet.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Kan ikke redigere denne n�gle: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
 msgstr ""
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
 msgstr ""
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Vil du virkelig gerne g�re dette?"
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr ""
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "afslut denne menu"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "a"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "gem"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "gem og afslut"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "hj�lp"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "vis denne hj�lp"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "vis fingeraftryk"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "vis"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "vis n�gler og bruger-id'er"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr ""
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "n�gle"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "v�lg sekund�r n�gle N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "tjek"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "vis signaturer"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "sign�r"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "sign�r n�glen"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsign�r"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "sign�r n�glen lokalt"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "nrsign"
+msgstr "sign�r"
+
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "sign the key non-revocably"
+msgstr "sign�r n�glen lokalt"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "nrlsign"
+msgstr "sign�r"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "sign the key locally and non-revocably"
+msgstr "sign�r n�glen lokalt"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "aflus"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "tilf�j-bid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "tilf�j bruger-id"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr ""
+
+#: g10/keyedit.c:834
+#, fuzzy
+msgid "add a photo ID"
+msgstr "tilf�j bruger-id"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "sletbid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "slet bruger id"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr ""
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "tilf�j n�gle"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "tilf�j sekund�r n�gle"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "sletn�gle"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "slet sekund�r n�gle"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "sletsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "slet signaturer"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "udl�b"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "�ndr udl�bsdatoen"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr ""
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr ""
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "skift"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "skift imellem hemmelig og offentlig n�gle visning"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "s"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pr�f"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
+#: g10/keyedit.c:846
+#, fuzzy
+msgid "list preferences (expert)"
+msgstr "vis pr�ferencer"
+
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "showpref"
+msgstr "vispr�f"
+
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "list preferences (verbose)"
+msgstr "vis pr�ferencer"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "setpref"
+msgstr "pr�f"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "set preference list"
+msgstr "vis pr�ferencer"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updpref"
+msgstr "pr�f"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updated preferences"
 msgstr "vis pr�ferencer"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "kodeord"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "�ndr kodes�tningen"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "betro"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr ""
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr ""
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr ""
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr ""
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr ""
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "sl�fra"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "sl� n�gle fra"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "sl�til"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "sl� n�gle til"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr ""
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr ""
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr ""
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, fuzzy, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "fejl ved l�sning af '%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr ""
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr ""
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr ""
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
 msgstr ""
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "N�glen er beskyttet.\n"
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr ""
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr ""
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
 msgstr ""
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr ""
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr ""
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr ""
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr ""
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr ""
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr ""
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr ""
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr ""
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr ""
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr ""
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr ""
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Gem �ndringer? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Afslut uden at gemme? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr ""
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr ""
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr ""
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr ""
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, fuzzy, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "ADVARSEL: Denne n�gle er blevet annulleret af dets ejer!\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr ""
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
 msgstr ""
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
 msgstr ""
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr ""
 
-#: g10/keyedit.c:1116
+#: g10/keyedit.c:1539
 #, fuzzy, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "n�gle %08lX: undern�gle er blevet annulleret!\n"
+msgstr "rev! undern�gle er blevet annulleret! %s\n"
 
-#: g10/keyedit.c:1119
+#: g10/keyedit.c:1542
 #, fuzzy
 msgid "rev- faked revocation found\n"
-msgstr "  nye n�gletilbagekald: %lu\n"
+msgstr "rev- forkert n�gletilbagekald\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
 msgstr ""
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Er du sikker p� at de vil benytte denne n�glest�rrelse? "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr ""
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr ""
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr ""
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr ""
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "Slettede %d signatur.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr ""
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr ""
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr ""
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr ""
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr ""
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr ""
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr ""
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr ""
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+#, fuzzy
+msgid "Please select exactly one user ID.\n"
+msgstr "V�lg venligst hvilken slags n�gle du vil have:\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Ingen bruger-id med indeks %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Ingen sekund�r n�gle med indeks %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "bruger-id: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
 "signed with your key %08lX at %s\n"
 msgstr ""
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
 msgstr ""
 
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Denne n�gle er ikke beskyttet.\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Er du sikker p� at de vil benytte denne n�glest�rrelse? "
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "Gener�r en annull�rbar certifikat"
+
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr ""
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
+#: g10/keyedit.c:2504
 #, c-format
-msgid "   signed by %08lX at %s\n"
+msgid "   signed by %08lX at %s%s%s\n"
 msgstr ""
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr ""
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr ""
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
 msgstr ""
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
+
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "Gener�r en annull�rbar certifikat"
+
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr ""
 
-#: g10/keylist.c:158
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
 #, fuzzy
-msgid "invalid"
-msgstr "ugyldig rustning"
+msgid "Signature policy: "
+msgstr "%s signatur fra: %s\n"
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr ""
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr ""
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr ""
 
-#: g10/keylist.c:178
-msgid "revoked"
+#: g10/keylist.c:216
+msgid "Keyring"
 msgstr ""
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
+#: g10/keylist.c:423 g10/mainproc.c:856
 #, fuzzy, c-format
 msgid " [expires: %s]"
 msgstr "N�gle udl�ber d. %s\n"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Fingeraftryk:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "             Fingeraftryk:"
+
+#: g10/keylist.c:899
+#, fuzzy
+msgid "     Key fingerprint ="
+msgstr "             Fingeraftryk:"
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr ""
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr ""
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr ""
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr ""
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr ""
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr ""
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
+#: g10/mainproc.c:402
+#, c-format
+msgid "public key decryption failed: %s\n"
 msgstr ""
 
-#: g10/mainproc.c:305
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, fuzzy, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "krypt�r data"
+
+#: g10/mainproc.c:436
 #, c-format
-msgid "public key decryption failed: %s\n"
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
 msgstr ""
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr ""
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr ""
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr ""
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr ""
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr ""
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr ""
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr ""
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr ""
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Politik: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr ""
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+#, fuzzy
+msgid "can't handle these multiple signatures\n"
+msgstr "opret en separat signatur"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr ""
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "D�RLIG signatur fra \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+#, fuzzy
+msgid "Expired signature from \""
+msgstr "God signatur fra \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "God signatur fra \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr ""
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "              alias \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Kan ikke tjekke signatur: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+#, fuzzy
+msgid "not a detached signature\n"
+msgstr "opret en separat signatur"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr ""
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "gammeldags (PGP 2.x) signatur\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr ""
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "kan ikke sl� core-dump fra: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr ""
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
 msgstr ""
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr ""
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr ""
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr ""
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
 msgstr ""
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
 msgstr ""
 
-#: g10/hkp.c:158 g10/passphrase.c:223
+#: g10/passphrase.c:511
+#, fuzzy, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "valgte cifferalgoritme %d er ugyldig\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
 #, fuzzy, c-format
 msgid "can't connect to `%s': %s\n"
 msgstr "kan ikke �bne '%s': %s\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr ""
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr ""
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (hovedn�gle-ID %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:641
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -2609,58 +3284,54 @@ msgid ""
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
 
-#: g10/passphrase.c:315
+#: g10/passphrase.c:662
 #, fuzzy
 msgid "Enter passphrase\n"
 msgstr "Indtast kodes�tning: "
 
-#: g10/passphrase.c:317
+#: g10/passphrase.c:664
 #, fuzzy
 msgid "Repeat passphrase\n"
 msgstr "Gentag kodes�tning: "
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
 msgstr ""
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
 msgstr ""
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
 msgstr ""
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
 msgstr ""
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
 "user: \""
 msgstr ""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr ""
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr ""
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Indtast kodes�tning: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Gentag kodes�tning: "
 
@@ -2668,145 +3339,190 @@ msgstr "Gentag kodes�tning: "
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr ""
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, fuzzy, c-format
+msgid "error creating `%s': %s\n"
+msgstr "fejl ved l�sning af '%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
 msgstr ""
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr ""
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "l�ser stdin ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr ""
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr ""
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr ""
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr ""
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr ""
 
-#: g10/pubkey-enc.c:216
+#: g10/pubkey-enc.c:177
 #, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "valgte cifferalgoritme er ugyldig\n"
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "valgte cifferalgoritme %d er ugyldig\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr ""
 
-#: g10/pubkey-enc.c:261
+#: g10/pubkey-enc.c:242
 #, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
 msgstr ""
 
-#: g10/hkp.c:62
-#, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
-
-#: g10/hkp.c:75
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, fuzzy, c-format
-msgid "can't get key from keyserver: %s\n"
-msgstr "import�r n�gler fra en n�gleserver"
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "import�r n�gler fra en n�gleserver: %s\n"
 
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
-
-#: g10/hkp.c:106
+#: g10/hkp.c:94
 #, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s er ikke et gyldigt tegns�t\n"
+msgid "can't get key from keyserver: %s\n"
+msgstr "import�r n�gler fra en n�gleserver: %s\n"
 
-#: g10/hkp.c:182
+#: g10/hkp.c:171
 #, fuzzy, c-format
 msgid "error sending to `%s': %s\n"
 msgstr "fejl ved l�sning af '%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
 msgstr ""
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
 msgstr ""
 
-#: g10/seckey-cert.c:89
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr ""
+
+#: g10/hkp.c:521
+#, fuzzy, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "import�r n�gler fra en n�gleserver: %s\n"
+
+#: g10/seckey-cert.c:53
 #, fuzzy
 msgid "secret key parts are not available\n"
 msgstr "hemmelig n�gle ikke tilg�ngelig"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
+#, fuzzy, c-format
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "valgte cifferalgoritme %d er ugyldig\n"
+
+#: g10/seckey-cert.c:215
+#, fuzzy
+msgid "Invalid passphrase; please try again"
+msgstr "ugyldig kodes�tning"
+
+#: g10/seckey-cert.c:216
 #, c-format
-msgid "protection algorithm %d is not supported\n"
+msgid "%s ...\n"
 msgstr ""
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
+#: g10/seckey-cert.c:273
+msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr ""
 
-#: g10/seckey-cert.c:308
-msgid "WARNING: Weak key detected - please change passphrase again.\n"
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
 msgstr ""
 
-#: g10/sig-check.c:279
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr ""
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr ""
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
 msgstr ""
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr ""
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+
+#: g10/sign.c:274
+#, fuzzy, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "Kan ikke tjekke signatur: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "%s signatur fra: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "ADVARSEL: '%s' er en tom fil\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "kan ikke oprette %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "signerer:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "ADVARSEL: '%s' er en tom fil\n"
+msgid "%s encryption will be used\n"
+msgstr ""
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2818,464 +3534,236 @@ msgstr ""
 msgid "input line longer than %d characters\n"
 msgstr ""
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr ""
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr ""
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr ""
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
+msgid "%s: can't create lock\n"
 msgstr ""
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, fuzzy, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: kan ikke �bne: %s\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
 #, c-format
-msgid "%s: can't create lock\n"
+msgid "%s: can't create: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:473
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr ""
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr ""
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr ""
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr ""
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr ""
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr ""
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr ""
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr ""
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr ""
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr ""
 
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr ""
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr ""
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:474
+#: g10/trustdb.c:200
 #, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
+msgid "`%s' is not a valid long keyID\n"
 msgstr "%s er ikke et gyldigt tegns�t\n"
 
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr ""
-
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr ""
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr ""
+#: g10/trustdb.c:235
+#, fuzzy, c-format
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "n�gle %08lX: ikke en rfc2440 n�gle - udeladt\n"
 
-#: g10/trustdb.c:520
+#: g10/trustdb.c:274
 #, c-format
-msgid "key %08lX: accepted as trusted key.\n"
+msgid "key %08lX occurs more than once in the trustdb\n"
 msgstr ""
 
-#: g10/trustdb.c:547
+#: g10/trustdb.c:290
 #, fuzzy, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
 msgstr "n�gle %08lX: ikke en rfc2440 n�gle - udeladt\n"
 
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr ""
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr ""
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr ""
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr ""
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr ""
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr ""
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr ""
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr ""
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr ""
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr ""
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr ""
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Godt certifikat"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr ""
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr ""
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr ""
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr ""
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr ""
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr ""
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr ""
-
-#: g10/trustdb.c:1823
+#: g10/trustdb.c:332
 #, c-format
-msgid "\t%lu keys inserted\n"
-msgstr ""
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr ""
-
-#: g10/trustdb.c:1884
-#, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr ""
-
-#: g10/trustdb.c:1886
-#, c-format
-msgid "\t%lu keys skipped\n"
-msgstr ""
-
-#: g10/trustdb.c:1890
-#, c-format
-msgid "\t%lu keys updated\n"
-msgstr ""
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr ""
-
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr ""
-
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
 msgstr ""
 
-#: g10/trustdb.c:2406
+#: g10/trustdb.c:338
 #, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
+msgid "trust record %lu is not of requested type %d\n"
 msgstr ""
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:353
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
 msgstr ""
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:368
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "trustdb: sync failed: %s\n"
 msgstr ""
 
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
 msgstr ""
 
-#: g10/trustdb.c:2441
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
+msgid "next trustdb check due at %s\n"
 msgstr ""
 
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr ""
+#: g10/trustdb.c:779
+#, fuzzy
+msgid "checking the trustdb\n"
+msgstr "|[NAMES]|tjek tillidsdatabasen"
 
-#: g10/trustdb.c:2594
-#, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr ""
+#: g10/trustdb.c:933
+#, fuzzy, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "offentlig n�gle ikke fundet"
 
-#: g10/trustdb.c:2597
+#: g10/trustdb.c:1515
 #, c-format
-msgid "user '%s' not in trustdb - inserting\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
 msgstr ""
 
-#: g10/trustdb.c:2600
+#: g10/trustdb.c:1593
 #, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 msgstr ""
 
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
 "should be the first file given on the command line.\n"
 msgstr ""
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr ""
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
 msgstr ""
 
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
+#: g10/skclist.c:138
 #, c-format
-msgid "%s: keyring created\n"
+msgid "skipped `%s': duplicated\n"
 msgstr ""
 
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr ""
-
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr ""
-
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
-#, c-format
-msgid "%s is the new one\n"
-msgstr ""
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr ""
-
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr ""
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+#, fuzzy
+msgid "skipped: secret key already present\n"
+msgstr "udelod: hemmelig n�gle er allerede tilstede\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3292,87 +3780,95 @@ msgstr "Fil `%s' eksisterer. "
 msgid "Overwrite (y/N)? "
 msgstr "Overskriv (j/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: ukendt suffiks\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Indtast nyt filnavn"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "skriver til stdout\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr ""
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr ""
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: kan ikke oprette mappe: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: mappe oprettet\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr ""
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr ""
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr ""
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr ""
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr ""
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr ""
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr ""
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr ""
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Slet denne n�gle fra n�gleringen? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr ""
 
+#: g10/delkey.c:156
+#, fuzzy, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "fjernelse af beskyttelse fejlede: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr ""
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr ""
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3381,19 +3877,27 @@ msgid ""
 msgstr ""
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr ""
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr ""
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr ""
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3414,23 +3918,23 @@ msgid ""
 "this menu."
 msgstr ""
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
 "with them are quite large and very slow to verify."
 msgstr ""
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Indtast n�glens st�rrelse"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Svar \"ja\" eller \"nej\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3438,19 +3942,19 @@ msgid ""
 "the given value as an interval."
 msgstr ""
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr ""
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr ""
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr ""
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3459,32 +3963,73 @@ msgid ""
 "Q  to to quit the key generation."
 msgstr ""
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr ""
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr ""
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
 msgstr ""
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr ""
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
 "trust connection to the key or another key certified by this key."
 msgstr ""
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3492,13 +4037,13 @@ msgid ""
 "a trust connection through another already certified key."
 msgstr ""
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
 msgstr ""
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3507,25 +4052,30 @@ msgid ""
 "a second one is available."
 msgstr ""
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
 msgstr ""
 
-#: g10/helptext.c:209
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr ""
+
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr ""
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr ""
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Svar \"ja\" hvis det er ok at overskrive filen"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3533,14 +4083,14 @@ msgstr ""
 "Indtast et nyt filnavn. Hvis du bare trykker RETUR vil det\n"
 "forvalgte navn (som er vist i klammer) blive brugt."
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3549,48 +4099,167 @@ msgid ""
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Ingen hj�lp tilg�ngelig"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Ingen hj�lp tilg�ngelig for `%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "certifikatl�seproblem: %s\n"
+#: g10/keydb.c:177
+#, fuzzy, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "fejl ved skrivning af n�glering `%s': %s\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "RSA n�gle kan ikke bruges i denne version\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr ""
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Ingen n�gle for bruger-ID\n"
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr ""
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Ingen bruger-ID for n�gle\n"
+#: g10/keydb.c:587
+#, fuzzy, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "ingen standard offentlig n�glering\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr ""
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr ""
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr ""
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr ""
+
+#: g10/keyring.c:1337
+#, fuzzy, c-format
+msgid "checking keyring `%s'\n"
+msgstr "fejl ved skrivning af n�glering `%s': %s\n"
+
+#: g10/keyring.c:1368
+#, fuzzy, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu n�gler behandlet indtil nu\n"
+
+#: g10/keyring.c:1379
+#, fuzzy, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "vis n�gler og signaturer"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr ""
+
+#, fuzzy
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "Er du sikker p� at de vil benytte denne n�glest�rrelse? "
+
+#, fuzzy
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "Er du sikker p� at de vil benytte denne n�glest�rrelse? "
+
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Vil du gerne signere? "
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key bruger-id"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key bruger-id"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "ingen standard offentlig n�glering\n"
+#, fuzzy
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key bruger-id"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Indtast bruger-id: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "udeladt: offentlig n�gle er allerede valgt med --encrypt-to\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "\n"
+#~ "WARNING: This is a PGP2-style key\n"
+#~ msgstr "ADVARSEL: '%s' er en tom fil\n"
+
+#~ msgid "sSmMqQ"
+#~ msgstr "sSmMqQ"
+
+#, fuzzy
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s er ikke et gyldigt tegns�t\n"
+
+#, fuzzy
+#~ msgid "%lu key(s) to refresh\n"
+#~ msgstr "%lu n�gler behandlet indtil nu\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr "Ingen tillidsv�rdier er �ndret.\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr "%08lX: ignen info til at udregne en tillidssandsynlighed\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: fejl ved unders�gelse af n�gle: %s\n"
+
+#~ msgid "Good certificate"
+#~ msgstr "Godt certifikat"
+
+#, fuzzy
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) ElGamal (sign�r og krypt�r)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr "Vil du gerne oprette en underskrivnings- og krypteringsn�gle? "
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "certifikatl�seproblem: %s\n"
 
 #~ msgid "can't lock keyring `%s': %s\n"
 #~ msgstr "kan ikke l�se n�glering `%s': %s\n"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "n�gle %08lX: kan ikke l�se original n�gleblok: %s\n"
-
 #~ msgid "%s: user not found\n"
 #~ msgstr "%s: bruger ikke fundet\n"
 
-#~ msgid "not processed"
-#~ msgstr "ikke bearbejdet"
+#, fuzzy
+#~ msgid "invalid"
+#~ msgstr "ugyldig rustning"
+
+#~ msgid "RSA key cannot be used in this version\n"
+#~ msgstr "RSA n�gle kan ikke bruges i denne version\n"
+
+#~ msgid "No key for user ID\n"
+#~ msgstr "Ingen n�gle for bruger-ID\n"
+
+#~ msgid "No user ID for key\n"
+#~ msgstr "Ingen bruger-ID for n�gle\n"
 
 #~ msgid "set debugging flags"
 #~ msgstr "s�t aflusningsflag"
diff --git a/po/de.glo b/po/de.glo
index ddda5b97a..7e32f93ab 100644
--- a/po/de.glo
+++ b/po/de.glo
@@ -1,115 +1,238 @@
 # Glossary for GnuPG german translation
+# Zusammenstellung der Liste:
 # Copyright (C) 1998 Free Software Foundation, Inc.
-# Walter Koch <[email protected]>, 1998.
+# Walter Koch <[email protected]>, 1998.
+#
 # This is just a textfile for your information.
 # It will _not_ be read or processed automatically by any program 
+#
+# 1. Die Begriffe ohne ein  "<"  oder  ">"  vor dem deutschen Wort 
+#    stammen aus der Wortliste von Walter Koch (Programm�bersetzung).
+# 2. Die �nderungsvorschl�ge dazu mit einem "*" vor dem deutschen Wort 
+#    stammen von Peter Gerwinski.
+# 3. Die Begriffe mit einem  "<" vor dem deutschen Wort sind so in der 
+#    Bearbeitung von Herrn Goretzki verwendet worden
+# 4. Die Begriffe mit einem  ">" vor dem deutschen Wort sind 
+#    alternative �bersetzungsm�glichkeiten, die von H.Martin angegeben 
+#    wurden.
+# 5. (*) Uneinheitlich verwendet
+# 6.  - Gef�llt mir (Walter Koch) nicht so toll
+# 7. Die erste genannte �bersetzung ist die in de.po verwendete
+# 8. # - Wurde in fr�herere de.po-Version verwendet
 
-........		Authentisierung
+
+agent			Agent 
 aka			alias
 algorithm		Verfahren          
 anonymous		ungenannter
-argument
+argument    		> Argument
 armor			ASCII-H�lle
-available		vorhanden [besser?: verf�gbar]
-bad [signature]		falsch[e] Unterschrift 
+assigned		zugewiesen
+associate with a person <einer Person zuordnen
+authentication  	Authentisierung
+available		vorhanden [besser?: verf�gbar, greifbar?]
 bad [MPI]		fehlerhafte MPI 
+bad [signature]		falsch[e] Unterschrift 
+break (the encryption)  <(Die Verschl�sselung) aufbrechen
 bug			"Bug (Programmfehler)"
-cache			Lager [ ob das ernst gemeint ist? :-) ]
+cache   		Cache, -#Lager  *Zwischenspeicher
+can't read		nicht lesbar
+cancelled		Abbruch, abgebrochen
+casual  		>zuf�llig, >gelegentlich >unregelm��ig
 certificate		Zertifikat
+, (Urkunde)
 character set		Zeichensatz
-check (verb)		pr|fen, gepr|ft
+check (verb)		pr�fen, gepr�ft
+checking [sth.]		[sth-]-�berpr�fung
 checksum		Pr�fsumme
 cipher algorithm	Verschl�sselungsverfahren
+clearsign 
 clearsig header		Klartextsignatur-Einleitung
+created			erzeugt
 command			Befehl
-compress algorithm	Komprimierverfahren *
+comment			Bemerkung
+compress algorithm      Komprimierverfahren,*Komprimierungsverfahren ?   
+compressed		komprimiert
+compromised             nicht mehr sicher
 core dump		core-dump-Datei
+, (Speicherauszug?)
+core function    	<wesentliche Funktion
+correct			beseitigen (please correct the error first)
 corrupted		besch�digter
-critical bit		???
-dash escaped 		mit Bindestrich \"escapte\" 
-decryption		Enschl�sselung
+cover   		>behandeln, <erl�utern
+created			erstellt
+creation    		<Erzeugung
+critical bit   		???
+dash escaped            mit Bindestrich \"escapte\", *m.Bindestrichen maskiert?
+decryption		Entschl�sselung
+default option  	<Standardoption
+default option file 	--voreingestellte Optionendatei
 DEK 			???
-delete			entfernen
-depreciated		taugt nicht mehr viel
+delete  		entfernen, *>l�schen 
+depend on   		>sich verlassen auf,>angewiesen sein auf,>abh�ngen von
+deprecated              mi�billigte
+detached [sign]		abgetrennte [Unterschrift]
+determined attacker 	>zielbewusster,>entschlossener Angreifer
 digest algorithm	Hashmethode
+direct [key sig]        -"direct key"
 disabled		abgeschaltet
+duplicated (adj.)	doppelt
 encrypted		verschl�sselte
+enviorement variable  	Umgebungsvariable
+eventually  		>schlie�lich, endlich  Nicht: eventuell
+expand
+expiration date 	<Verfalldatum
+expire  		<verfallen
+expires			verf�llt
 expire date		Verfallsdatum
 failed			fehlgeschlagen
-faked [RNG]		
+faked [RNG]             - *manipulierter Zufallszahlengenerator
+faked [certificate]     gef�lscht
 fingerprint  		Fingerabdruck
+flag [verb]  		-kennzeichnen
+found [xyz found]       entdeckt [xyz entdeckt]
 for-your-eyes-only	Vertraulichkeit (\"for-your-eyes-only\")
+, Verschlu�sache
 generated		erzeugter
 good certificate	Korrektes Zertifikat
-handle			benutzt
+handle [verb]		benutzen, behandeln, mit ... umgehen
 hint			Tip
-init			-
-key-ID			Schl�ssel-ID
+human readable          -nicht als Klartext darstellbar 
+ignored			unbeachtet
+include 		<enthalten
+init    		*initialisieren
+invalid ...		falsche ...
+is adequate 		>ist angemessen, manchmal: <reicht v�llig aus
+issue
+key-ID                  Schl�ssel-ID, *Schl�sselkennung ?
+
 key binding		Schl�sselanbindung
 keyblock		Schl�sselblock
+keyserver   		Schl�sselserver, Schl�.server, -*Schl�ssel-Server 
+keysize			
 keyring 		Schl�sselbund
-keyserver               - Schl�sselserver
+lifetime    		>G�ltigkeitsdauer, >Geltungsdauer
+listed 
+locally                 (nur) f�r diesen Rechner, #(nur) auf diesem Rechner
 lookup			- Suche
+machine 		h�ufig: Computer, Rechner
 main key		Hauptschl�ssel
-maintenance utility	Wartungs-Hilfsprogramm
-malformed		ung�nstig aufgebaute
+maintenance utility	-Wartungs-Hilfsprogramm
+making signatures       >Unterschreiben <Unterzeichnen, <Leisten von 
+malformed   		ung�nstig aufgebaute,  *fehlerhaft aufgebaute
+master key  		>Universalschl�ssel
+, Generalschl�ssel
+match			Treffer
 MDC			Manipulation detection code (Siegel ?)
+merge  (to) 		>zusammenf�hren, >vermischen ??
 message 		Botschaft
 mode			Modus, Methode   *
-move			schieben
+move    		schieben, *verschieben
+multiple signature	Mehrfachunterschriften
+NAI
 network error		Netzwerkfehler
+non-revocably           nicht-widerrufbar, unwiderruflich??
 note			Hinweis
 okay			in Ordnung
 Ooops			Huch
-original		Urspr�nglicher
-ownertrust		\"Owner trust\"
+OpenPGP 		
+option                  Option
+original		urspr�nglicher
+overrides		-ersetzt
+ownertrust  		\"Owner trust\"  *Vertrauensw�rdigkeit des Besitzers
 packet			Paket
 packet type		Pakettyp
+parse 			-zerlegen
 passphrase		Mantra
+permission [file]       Zugriffsrechte
+Photo-ID                Foto-ID
+policy			Richtlinie
+policy URL		Richtlinien-URL
 preference items	????
-preferences		Einstellungen
+preferences 		Einstellungen    *(die gesamten) Einstellungen
 preferred		bevorzugt
 primary keys		Hauptschl�ssel
+problem [to do sth.]    -Schwierigkeit
+prompt (to) 		auch: >abfragen, >anfordern, >verlangen
+protected
 protection algorithm	Schutzverfahren
-pubkey algorithm	Public-Key Verfahren	 (*)
+pubkey algorithm	Public-Key-Verfahren	 
 public key		�ffentlicher Sch�ssel
-public key algorithm 	Public-Key Verfahren
-quit
+public key algorithm    Public-Key-Verfahren 
+quit    		*(Programm) verlassen, beenden
 radix64			radix64
 random 			Zufall
 random bytes		Zufallswerte
+reason			Grund (f�r revocation)
+[xyz] rebuild           [xyz]-Neuaufbau, neu erzeugt
+regular file		normale Datei
+response		Antwort (Reaktion?)
 retry			???? (Wiederholung?, Wiederaufnahme?)
+returns			gibt zur�ck / antwortet
+reveal  		auch: <jemandem zeigen, >anderen zeigen 
+revocation  		Widerruf <*>R�ckruf
+revocation certificate  *<R�ckrufurkunde *R�ckruf-Zertifikat
 revoke			widerrufen
-revocation 		Widerruf
+revocably               widerrufbar
 RNG			Zufallsgenerator
 secondary key		Zweitschl�ssel
 secret key		geheimer Schl�ssel
+secret keyring          geheimer Schl�sselbund, geh. Schl�sselbund
+secret parts		geheime Teile
+security need(s)	>Sicherheitsbed�fnis(se), >Sicherheitsbedarf
 self-signature		Eigenbeglaubigung     
 sender			Absender
+sensitive		- empfindlich
+set [sth.]              einstellen, festlegen
+session			Sitzung
+show			[an]zeigen, zeigen
 sign user id		User-ID beglaubigen   *
+signed			unterschriebene
 signature (files)	Unterschrift          *
 signature (keys)	Beglaubigung          *
 simple S2K mode		????
 skipped			�bergangen, �bersprungen, ignoriert
-stdin			- stdin                 
+so far 			bislang
+specify 		>spezifizieren, <angeben, ?festlegen
+stdin   		- stdin, *die Standardeingabe 
+string			Zeichenkette
+[PGP2-]style[ key]      [PGP2-] artiger [Schl�ssel]
 subkey			Unterschl�ssel
-terminal charset 	- Terminalzeichensatz
+superseeded		�berholt, veraltet
+terminal charset        - Terminalzeichensatz *Terminal-Zeichensatz(s.o.)
 throw			verwerfe
 Timestamp conflict	Zeitangaben differieren
-Trust-DB		'Trust'-Datenbank
+trust			Vertrauen
+Trust-DB    		'Trust'-Datenbank, *Vertrauensdatenbank ?
 trusted			- vertrauensw�rdig
-trustvalues		- trustvalues           
+trustvalues		- trustvalues >Vertrauensniveaus?? *Vertrauensma�? >Vertrauenswerte?
 trying			Versuch
 type [message]		[Botschaft] eintippen
-ulimately [trust]	uneingeschr�nktes [Vertrauen]
-update			�ndern, �nderung 
-User			- User
+ulimately [trust]	uneingeschr�nkt [vertrauen]
+ultimate trust          uneingeschr�nktes Vertrauen
+unable
+unattended              unbeaufsichtigt
+unavailble
+untrusted               - nichtvertrauensw�rdig, *nicht vertrauensw�rdig
+unusable		unbrauchbar
+update                  �ndern, �nderung >Aktualisieren, >Aktualisierung *auf den 
+URL                     (die) URL 
+[the] use [of]           
+User    		- User, *<Benutzer, *Teilnehmer
 user ID 		User-ID
 user IDs		User-IDs
-username		Username
-untrusted		- nichtvertruensw�rdig 
+user interface  	>Benutzer-Schnittstelle
+username    		Username, *<Benutzername,  
+used			benutzt (no loger used)
+using xyz		verwende xyz
+valid 			g�ltig
+validate    		-- authentifizieren (>besser authentisieren ?? So im 
+W�rterbuch der neuen Rechtschreibung)
+validation  		-- >Authentisierung 
+verbose			ausf�hrlich
+verify  		< �berpr�fen
 warning			Warnung
 weak key		unsicherer Schl�ssel
+writeable		schreibbarer 
+wisely                  >klug, vern�nftig(erweise), >gescheit; m�glichst sinnvoll
 
- (*) Uneinheitlich verwendet
-  -  Gef�llt mir nicht so toll
\ No newline at end of file
diff --git a/po/de.po b/po/de.po
index 2e20ed80c..1fcfb4668 100644
--- a/po/de.po
+++ b/po/de.po
@@ -1,301 +1,332 @@
 # GnuPG german translation
-# Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
-# Walter Koch <[email protected]>, 1998, 1999, 2000
+# Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+# Walter Koch <[email protected]>, 1998, 1999, 2000, 2001
 msgid ""
 msgstr ""
-"Project-Id-Version: gnupg 1.0.0h\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 2000-06-12  12:50+0200\n"
+"Project-Id-Version: gnupg-1.0.4\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-09 19:41+0200\n"
 "Last-Translator: Walter Koch <[email protected]>\n"
 "Language-Team: German <[email protected]>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=iso-8859-1\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Warnung: Sensible Daten k�nnten auf Platte ausgelagert werden.\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "siehe http://www.gnupg.org/de/faq.html f�r weitere Informationen\n"
+
+# "  Um dies zu vermeiden, kann das Programm suid(root) installiert werden.\n"
+# "  Bitte wenden Sie sich hierzu an den Systemadministrator.\n"
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "Vorgang ist ohne sicheren Hauptspeicher nicht m�glich\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr ""
+"(m�glicherweise haben Sie das falsche Programm f�r diese Aufgabe benutzt)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "ja"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "jJyY"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "nein"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "quit"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "qQ"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "Allgemeiner Fehler"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "Unbekannter Pakettyp"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "Unbekannte Version"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
-msgstr "Unbekanntes Public-Key Verfahren"
+msgstr "Unbekanntes Public-Key-Verfahren"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "Unbekanntes Hashverfahren"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "Falscher �ffentlicher Sch�ssel"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "Falscher geheimer Schl�ssel"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "Falsche Unterschrift"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "Pr�fsummen-Fehler"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "Falsches Mantra"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "�ffentlicher Schl�ssel nicht gefunden"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "Unbekanntes Verschl�sselungsverfahren"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "Der Schl�sselbund kann nicht ge�ffnet werden"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "Ung�ltiges Paket"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "Ung�ltige ASCII-H�lle"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "Keine solche User-ID"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "Geheimer Schl�ssel ist nicht vorhanden"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "Falscher geheimer Schl�ssel benutzt"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "Wird nicht unterst�tzt"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "Falscher Schl�ssel"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "Dateilesefehler"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "Dateischreibfehler"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "Unbekanntes Komprimierverfahren"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "Fehler beim �ffnen der Datei"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "Fehler beim Erzeugen der Datei"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "Ung�ltiges Mantra"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
-msgstr "�ffentliches Schl�sselverfahren ist nicht implementiert."
+msgstr "nicht implementiertes �ffentliches Schl�sselverfahren"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "Verschl�sselungsverfahren ist nicht implementiert"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "Unbekannte Unterschriftenklasse"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "Fehler in der Trust-DB"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "Falsche MPI"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
-msgstr "festdefinierte Resourcenobergrenze erreicht"
+msgstr "festdefinierte Ressourcenobergrenze erreicht"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "Ung�ltiger Schl�sselbund"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "Falsches Zertifikat"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "Ung�nstig aufgebaute User-ID"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "Fehler beim Schlie�en der Datei"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "Fehler beim Umbenennen einer Datei"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "Fehler beim L�schen einer Datei"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "Unerwartete Daten"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "Zeitangaben differieren"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "Unbenutzbares �ffentliches Schl�sselverfahren"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "Datei existiert bereits"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "Unsicherer Schl�ssel"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "Ung�ltiges Argument"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "fehlerhafter URI"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "Nicht unterst�tzter URI"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "Netzwerkfehler"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "nicht verschl�sselt"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "nicht bearbeitet"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "unbrauchbarer �ffentlicher Sch�ssel"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "unbrauchbarer geheimer Schl�ssel"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "Schl�sselserverfehler"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... dies ist ein Bug (Programmfehler) (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "Sie haben eine Bug (Programmfehler) gefunden ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "'%s' kann nicht ge�ffnet werden: %s\n"
 
-#: cipher/random.c:325
+#: cipher/random.c:324
 #, c-format
 msgid "can't stat `%s': %s\n"
 msgstr "Status von '%s' ist nicht feststellbar: %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
 msgstr "'%s' ist keine normale Datei - sie bleibt unbeachtet\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
 msgstr "Hinweis: 'random_seed'-Datei ist leer\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
 "Warnung: Falsche Gr��e der 'random_seed'-Datei - sie wird nicht verwendet\n"
 
-#: cipher/random.c:349
+#: cipher/random.c:348
 #, c-format
 msgid "can't read `%s': %s\n"
 msgstr "'%s' ist unlesbar: %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
 msgstr "Hinweis: 'random_seed'-Datei bleibt unver�ndert\n"
 
-#: cipher/random.c:407
+#: cipher/random.c:406
 #, c-format
 msgid "can't create `%s': %s\n"
 msgstr "'%s' kann nicht erzeugt werden: %s\n"
 
-#: cipher/random.c:414
+#: cipher/random.c:413
 #, c-format
 msgid "can't write `%s': %s\n"
 msgstr "kann '%s' nicht schreiben: %s\n"
 
-#: cipher/random.c:417
+#: cipher/random.c:416
 #, c-format
 msgid "can't close `%s': %s\n"
 msgstr "kann '%s' nicht schliessen: %s\n"
 
-#: cipher/random.c:428
-#, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr "Zu viele Zufallswerte angefordert: Die Grenze liegt bei %d\n"
-
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr "WARNUNG: Der Zufallsgenerator erzeugt keine echten Zufallszahlen!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -309,7 +340,7 @@ msgstr ""
 "BENUTZEN SIE DIE DURCH DIESES PROGRAMM ERZEUGTEN DATEN NICHT!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -321,22 +352,7 @@ msgstr ""
 "Arbeiten durch, damit das Betriebssystem weitere Entropie sammeln kann!\n"
 "(Es werden noch %d Byte ben�tigt.)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Warnung: Sensible Daten k�nnten auf Platte ausgelagert werden.\n"
-
-# "  Um dies zu vermeiden, kann das Programm suid(root) installiert werden.\n"
-# "  Bitte wenden Sie sich hierzu an den Systemadministrator.\n"
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "Vorgang ist ohne sicheren Hauptspeicher nicht m�glich\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr ""
-"(m�glicherweise haben Sie das falsche Programm f�r diese Aufgabe benutzt)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -344,139 +360,163 @@ msgstr ""
 "@Befehle:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[Datei]|Eine Unterschrift erzeugen"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[Datei]|Eine Klartextunterschrift erzeugen"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "Eine abgetrennte Unterschrift erzeugen"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "Daten verschl�sseln"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[Dateien]|Dateien verschl�sseln"
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "Daten symmetrisch verschl�sseln"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "Nur speichern"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "Daten entschl�sseln (Voreinstellung)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[Dateien]|Dateien entschl�sseln"
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "Signatur pr�fen"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "Liste der Schl�ssel"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "Liste der Schl�ssel und ihrer Signaturen"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "Signaturen der Schl�ssel pr�fen"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "Liste der Schl�ssel und ihrer \"Fingerabdr�cke\""
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "Liste der geheimen Schl�ssel"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "Ein neues Schl�sselpaar erzeugen"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
 msgstr "Schl�ssel aus dem �ff. Schl�sselbund entfernen"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
 msgstr "Schl�ssel aus dem geh. Schl�sselbund entfernen"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "Schl�ssel signieren"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
-msgstr "Schl�ssel nur auf diesem Rechner signieren"
+msgstr "Schl�ssel nur f�r diesen Rechner signieren"
+
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "Schl�ssel nicht widerrufbar signieren"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "Schl�ssel nur f�r diesen Rechner und nicht-widerrufbar signieren"
 
-#: g10/gpg.c:224
+#: g10/g10.c:314
 msgid "sign or edit a key"
-msgstr "Unterschreiben oder Bearbeiten eines Schl."
+msgstr "Unterschreiben oder bearbeiten eines Schl."
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "Ein Schl�sselwiderruf-Zertifikat erzeugen"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "Schl�ssel exportieren"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "Schl�ssel zu einem Schl�.server exportieren"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "Schl�ssel von einem Schl�.server importieren"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "Schl�ssel auf einem Schl�.server suchen"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "alle Schl�ssel per Schl�.server aktualisieren"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "Schl�ssel importieren/kombinieren"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "Lediglich Struktur der Datenpakete anzeigen"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
-msgstr "Exportieren der \"Owner trust\" Werte"
+msgstr "Exportieren der \"Owner trust\"-Werte"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
-msgstr "Importieren der \"Owner trust\" Werte"
+msgstr "Importieren der \"Owner trust\"-Werte"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "�ndern der \"Trust\"-Datenbank"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NAMEN]|�berpr�fen der \"Trust\"-Datenbank"
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "unbeaufsichtigtes �ndern der \"Trust\"-Datenbank"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "Reparieren einer besch�digten \"Trust\"-Datenb."
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "Datei oder stdin von der ASCII-H�lle befreien"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "Datei oder stdin in eine ASCII-H�lle einpacken"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [Dateien]|Message-Digests f�r die Dateien ausgeben"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -486,160 +526,202 @@ msgstr ""
 "Optionen:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "Ausgabe mit ASCII-H�lle versehen"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NAME|Verschl�sseln f�r NAME"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NAME|NAME als voreingestellten Empf�nger benutzen"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr ""
 "Den Standardschl�ssel als voreingestellten\n"
 "Empf�nger benutzen"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "Mit dieser User-ID signieren"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "Kompressionsstufe auf N setzen (0=keine)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "Textmodus benutzen"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "Als Ausgabedatei benutzen"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "Detaillierte Informationen"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "Etwas weniger Infos"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "das Terminal gar nicht benutzen"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "v3 Signaturen erzwingen"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "v3 Signaturen nicht erzwingen"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "v4 Signaturen erzwingen"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "v4 Signaturen nicht erzwingen"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "Beim Verschl�sseln ein Siegel (MDC) verwenden"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "Beim Verschl�sseln niemals ein Siegel (MDC) verwenden"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "Keine wirklichen �nderungen durchf�hren"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "den GPG-Agent verwenden"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "Stapelmodus: Keine Abfragen"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "\"Ja\" als Standardantwort annehmen"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "\"Nein\" als Standardantwort annehmen"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "Als �ffentlichen Schl�sselbund mitbenutzen"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "Als geheimen Schl�sselbund mitbenutzen"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "Anzeigen des Schl�sselbundes, in dem ein Schl�ssel drin ist"
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NAME|NAME als voreingestellten Schl�ssel benutzen"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|HOST|Schl�ssel bei diesem Server nachschlagen"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NAME|Terminalzeichensatz NAME benutzen"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "Optionen aus der Datei lesen"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr "|FD|Statusinfo auf FD (Dateihandle) ausgeben"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr ""
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[Datei]|Statusinfo in Datei schreiben"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|KEYID|diesem Schl�ssel uneingeschr�nkt vertrauen"
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|DATEI|Erweiterungsmodul DATEI laden"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "Den in RFC1991 beschriebenen Modus nachahmen"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr ""
 "alle Paket-, Verschl�sselungs- und\n"
 "Hashoptionen auf OpenPGP-Verhalten einstellen"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr ""
+"alle Paket-, Verschl�sselungs- und\n"
+"Hashoptionen auf PGP 2.X-Verhalten einstellen"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|Verwenden des Mantra-Modus N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr "|NAME|Hashverfahren NAME f�r Mantras benutzen"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
-msgstr "|NAME|Verschl�.verfahren NAME f�r Mantras benutzen"
+msgstr "|NAME|Verschl.verfahren NAME f�r Mantras benutzen"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
-msgstr "|NAME|Verschl�.verfahren NAME benutzen"
+msgstr "|NAME|Verschl.verfahren NAME benutzen"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NAME|Hashverfahren NAME benutzen"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|Komprimierverfahren N benutzen"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
-msgstr "Entferne Empf�nger-ID verschl�sselter Pakete"
+msgstr "Empf�nger-ID verschl�sselter Pakete entfernen"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Foto-IDs anzeigen"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "Foto-IDs nicht anzeigen"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "Kommandozeilentext f�r den Foto-Betrachter setzen"
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
-msgstr "|NAME=WERT|verwende diese \"notation\"-Daten"
+msgstr "|NAME=WERT|diese \"notation\"-Daten verwenden"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
@@ -648,7 +730,7 @@ msgstr ""
 "(Auf der \"man\"-Seite ist eine vollst�ndige Liste aller Kommandos und "
 "Optionen)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -668,27 +750,27 @@ msgstr ""
 " --list-keys [Namen]        Schl�ssel anzeigen\n"
 " --fingerprint [Namen]      \"Fingerabdr�cke\" anzeigen\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr ""
-"Berichte �ber Bugs (Programmfehler) bitte an <[email protected]>.\n"
+"Berichte �ber Programmfehler bitte in englisch an <[email protected]>.\n"
 "Sinn- oder Schreibfehler in den deutschen Texten bitte an <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Aufruf: gpg [Optionen] [Dateien] (-h f�r Hilfe)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
 "default operation depends on the input data\n"
 msgstr ""
 "Aufruf: gpg [Optionen] [Dateien]\n"
-"Signieren, pr�fen, verschl�sseln, entschl�sseln\n"
-"Die voreingestellte Operation ist abh�ngig von den Eingabedaten\n"
+"Signieren, pr�fen, verschl�sseln, entschl�sseln.\n"
+"Die voreingestellte Operation ist abh�ngig von den Eingabedaten.\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -696,193 +778,258 @@ msgstr ""
 "\n"
 "Unterst�tzte Verfahren:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "Aufruf: gpg [Optionen] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "Widerspr�chliche Befehle\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "Hinweis: Keine voreingestellte Optionendatei '%s' vorhanden\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "Optionendatei '%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "Optionen werden aus '%s' gelesen\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s ist kein g�ltiger Zeichensatz.\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "Schl�sselserver-URI konnte nicht zerlegt werden\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "Der Ausf�hrungspfad konnte nicht auf %s gesetzt werden.\n"
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "WARNUNG: %s ist eine mi�billigte Option.\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "Bitte benutzen Sie stattdessen \"--keyserver-options %s\".\n"
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "WARNUNG: Programm k�nnte eine core-dump-Datei schreiben!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "WARNUNG: %s ersetzt %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "Hinweis: %s ist nicht f�r den �blichen Gebrauch gedacht!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s kann nicht zusammen mit %s verwendet werden!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s zusammen mit %s ist nicht sinnvoll!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+"Im --pgp2-Modus k�nnen Sie nur abgetrennte oder Klartextunterschriften "
+"machen\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+"Im --pgp2-Modus k�nnen Sie nicht gleichzeitig unterschreiben und "
+"verschl�sseln\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+"Im --pgp2-Modus m�ssen Sie Dateien benutzen und k�nnen keine Pipes "
+"verwenden.\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+"Verschl�ssen einer Botschaft ben�tigt im --pgp2-Modus die IDEA-"
+"Verschl�sselung\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "Diese Botschaft k�nnte f�r PGP 2.x unbrauchbar sein\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
-msgstr "Das ausgew�hlte Verschl�sslungsverfahren ist ung�ltig\n"
+msgstr "Das ausgew�hlte Verschl�sselungsverfahren ist ung�ltig\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "Das ausgew�hlte Hashverfahren ist ung�ltig\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "Die angegebene URL f�r Richtlinien ist ung�ltig\n"
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "Die angegebene Unterschriften-Richtlinien-URL ist ung�ltig\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "Die angegebene Zertifikat-Richtlinien-URL ist ung�ltig\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "Das Komprimierverfahren mu� im Bereich %d bis %d liegen\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "completes-needed m�ssen gr��er als 0 sein\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "marginals-needed m�ssen gr��er als 1 sein\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "max-cert-depth mu� im Bereich 1 bis 255 liegen\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "Hinweis: Vom \"simple S2K\"-Modus (0) ist strikt abzuraten\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "ung�ltiger \"simple S2K\"-Modus; Wert mu� 0, 1 oder 3 sein\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "ung�ltiger \"default-check-level\"; Wert mu� 0, 1, 2 oder 3 sein\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "ung�ltige Voreinstellungen\n"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "Die Trust-DB kann nicht initialisiert werden: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [Dateiname]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [Dateiname]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [Dateiname]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [Dateiname]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [Dateiname]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [Dateiname]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [Dateiname]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [Dateiname]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key User-ID"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key User-ID"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key User-ID [Befehle]"
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key User-ID"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key User-ID"
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key User-ID"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key User-ID"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key User-ID [Befehle]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "'%s' kann nicht ge�ffnet werden: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [User-ID] [Schl�sselbund]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "Entfernen der ASCII-H�lle ist fehlgeschlagen: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "Anbringen der ASCII-H�lle ist fehlgeschlagen: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "Ung�ltiges Hashverfahren '%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[Dateiname]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Auf geht's - Botschaft eintippen ...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "'%s' kann nicht ge�ffnet werden\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr ""
 "Das erste Zeichen eines \"notation\"-Namens mu� ein Buchstabe oder\n"
 "ein Unterstrich sein\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -890,254 +1037,231 @@ msgstr ""
 "Ein \"notation\"-Name darf nur Buchstaben, Zahlen, Punkte oder Unterstriche "
 "enthalten und mu� mit einem '=' enden\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr ""
 "Punkte in einem \"notation\"-Namen m�ssen von anderen Zeichen umgeben sein\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "Ein \"notation\"-Wert darf keine Kontrollzeichen verwenden\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "ASCII-H�lle: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "Ung�ltige ASCII-H�lle"
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "ASCII-H�lle: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "Ung�ltige Klartextsignatur-Einleitung\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "verschachtelte Klartextunterschriften\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "Ung�ltige mit Bindestrich \"escapte\" Zeile: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "Unerwartete ASCII-H�lle:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "Ung�ltiges \"radix64\" Zeichen %02x ignoriert\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "vorzeitiges Dateiende (keine Pr�fsumme)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "vorzeitiges Dateiende (innerhalb der Pr�fsumme)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "Falsch aufgebaute Pr�fsumme\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "Pr�fsummenfehler; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "vorzeitiges Dateiende (im Nachsatz)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "Fehler in der Nachsatzzeile\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr "Weitere Infos: siehe http://www.gnupg.org"
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "Keine g�ltigen OpenPGP-Daten gefunden.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "ung�ltige ASCII-H�lle: Zeile ist l�nger als %d Zeichen\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "\"quoted printable\" Zeichen in der ASCII-H�lle gefunden - m�glicherweise\n"
 " war ein fehlerhafter E-Mail-Transporter(\"MTA\") die Ursache\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "           Fingerabdruck:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Fingerabdruck:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
 msgstr "Kein Grund angegeben"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
 msgstr "Schl�ssel ist �berholt"
 
-#: g10/pkclist.c:121
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
 msgstr "Hinweis: Dieser Schl�ssel ist nicht mehr sicher"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
 msgstr "Schl�ssel wird nicht mehr benutzt"
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
 msgstr "User-ID ist nicht mehr g�ltig"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
 msgstr "Grund f�r Widerruf: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
 msgstr "Widerruf-Bemerkung: "
 
-# valid user replies (not including 1..4)
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMqQsS"
 
-#: g10/pkclist.c:308
+#: g10/pkclist.c:258
 #, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
-"Es ist kein \"Owner trust\" f�r %lu definiert:\n"
+"Es ist kein \"trust value\" zugewiesen f�r:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Bitte entscheiden Sie, in wieweit Sie diesem User zutrauen,\n"
-"den Schl�ssel eines anderen Users korrekt zu pr�fen (Vergleich mit\n"
-"Lichtbildausweisen, Vergleich der Fingerabdr�cke aus unterschiedlichen\n"
-"Quellen ...)?\n"
+"Schl�ssel anderer User korrekt zu pr�fen (durch Vergleich\n"
+"mit Lichtbildausweisen, Vergleich der Fingerabdr�cke aus\n"
+"unterschiedlichen Quellen ...)?\n"
 "\n"
-" 1 = Wei� nicht so recht\n"
-" 2 = Nee, dem traue ich das nicht zu\n"
-" 3 = Ich vertraue ihm normalerweise\n"
-" 4 = Ich vertraue ihm vollst�ndig\n"
-" s = Bitte weitere Information anzeigen\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = Wei� nicht so recht\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = Nein, ihm traue ich NICHT\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = Ich vertraue ihm einigerma�en\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = Ich vertraue ihm vollst�ndig\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = Ich vertraue ihm absolut\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = Bitte weitere Information anzeigen\n"
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = Zur�ck zum Men�\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = diesen Schl�ssel �berSpringen\n"
+
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = verlassen\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Ihre Auswahl? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "M�chten Sie diesem Schl�ssel wirklich uneingeschr�nkt vertrauen? "
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Zertifikate f�hren zu einem letztlich vertrauensw�rdigen Schl�ssel:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"F�r diesen Schl�ssel konnte kein g�ltiger \"Trust Path\" gefunden werden.\n"
-"Mal sehen, ob wir sonst irgendwie ein paar fehlende \"Owner trust\" Werte \n"
-"ermitteln k�nnen.\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"Kein Pfad f�hrt zu einen unserer Schl�sseln.\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Keine Zertifikate mit undefinierten Vertrauen gefunden.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Keine \"trust\" Werte ge�ndert.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "Schl�ssel %08lX: Schl�ssel wurde widerrufen\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
-msgstr "Diesen Schl�ssel trotzdem benutzen?"
+msgstr "Diesen Schl�ssel trotzdem benutzen? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "Schl�ssel %08lX: Unterschl�ssel wurde widerrufen\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: Schl�ssel ist verfallen!\n"
 
-#: g10/pkclist.c:519
+#: g10/pkclist.c:442
 #, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
 msgstr ""
-"%08lX: Keine Infos zur Berechnung der Vertrauenswahrscheinlichkeit "
-"vorgefunden\n"
+"%08lX: Es gibt keinen Hinweis, da� die Signatur wirklich dem vorgeblichen "
+"Besitzer geh�rt.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: Wir haben KEIN Vertrauen zu diesem Schl�ssel!\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1146,18 +1270,18 @@ msgstr ""
 "%08lX: Es ist nicht sicher, da� dieser Schl�ssel wirklich dem vorgeblichen\n"
 "Besitzer geh�rt, aber er wird trotzdem akzeptiert\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr ""
 "Dieser Schl�ssel geh�rt h�chstwahrscheinlich dem angegebenen Besitzer\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr ""
 "Dieser Schl�ssel geh�rt uns (da wir n�mlich den geheimen Schl�ssel dazu "
 "haben)\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1168,179 +1292,201 @@ msgstr ""
 "Wenn Sie *wirklich* wissen, was Sie tun, k�nnen Sie die n�chste\n"
 "Frage mit ja beantworten\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "WARNUNG: Ein Schl�ssel ohne gesichertes Vertrauen wird benutzt!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "WARNUNG: Dieser Schl�ssel wurde von seinem Besitzer widerrufen!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "         Das k�nnte bedeuten, da� die Signatur gef�lscht ist.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "WARNUNG: Dieser Unterschl�ssel wurde von seinem Besitzer widerrufen!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Hinweis: Dieser Schl�ssel wurde abgeschaltet.\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Hinweis: Dieser Schl�ssel ist verfallen!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr "WARNUNG: Dieser Schl�ssel tr�gt keine vertrauensw�rdige Signatur!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr ""
 "         Es gibt keinen Hinweis, da� die Signatur wirklich dem vorgeblichen "
 "Besitzer geh�rt.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "WARNUNG: Wir haben KEIN Vertrauen zu diesem Schl�ssel!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "         Die Signatur ist wahrscheinlich eine F�LSCHUNG.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "WARNUNG: Dieser Schl�ssel ist nicht durch hinreichend vertrauensw�rdige "
 "Signaturen zertifiziert!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr ""
 "         Es ist nicht sicher, da� die Signatur wirklich dem vorgeblichen "
 "Besitzer geh�rt.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: �bersprungen: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: �bersprungen: �ffentlicher Schl�ssel bereits vorhanden\n"
 
-#: g10/pkclist.c:855
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr ""
+"Sie haben keine User-ID angegeben (Sie k�nnen die Option \"-r\" verwenden).\n"
+
+#: g10/pkclist.c:762
 msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
 "\n"
+"Enter the user ID.  End with an empty line: "
 msgstr ""
-"Sie gaben keine User-ID angegeben (Benutzen Sie die Option \"-r\").\n"
 "\n"
+"Geben Sie die User-ID ein. Beenden mit einer leeren Zeile: "
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Geben Sie die User-ID ein: "
-
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Keine solche User-ID vorhanden.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr ""
 "�bersprungen: �ffentlicher Schl�ssel bereits als Standardempf�nger gesetzt\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "�ffentlicher Schl�ssel ist abgeschaltet.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr ""
-"�bersprungen: �ffentlicher Schl�ssel bereits mittels --encrypt-to gesetzt\n"
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "�bersprungen: �ffentlicher Schl�ssel bereits gesetzt\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "Unbekannter voreingestellter Empf�nger '%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: Fehler beim Pr�fen des Schl�ssels: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: �bersprungen: �ffentlicher Schl�ssel ist abgeschaltet\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "Keine g�ltigen Adressaten\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "Voreinstellung %c%lu ist nicht g�ltig\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "Voreinstellung %c%lu ist doppelt\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "zu viele `%c' Voreinstellungen\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "Ung�ltiges Zeichen in den Voreinstellungen\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "Die Eigenbeglaubigung wird geschrieben\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "Schreiben der \"key-binding\" Signatur\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
 #, c-format
 msgid "keysize invalid; using %u bits\n"
 msgstr "Ung�ltig Schl�ssell�nge; %u Bit werden verwendet\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
 #, c-format
 msgid "keysize rounded up to %u bits\n"
 msgstr "Schl�ssell�nge auf %u Bit aufgerundet\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Bitte w�hlen Sie, welche Art von Schl�ssel Sie m�chten:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA und ElGamal (voreingestellt)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (nur signieren/beglaubigen)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (nur verschl�sseln)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (signieren/beglaubigen und verschl�sseln)\n"
 
-#: g10/keygen.c:643
-#, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (signieren/beglaubigen und verschl�sseln)\n"
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (nur signieren/beglaubigen)\n"
+
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (nur verschl�sseln)\n"
 
-#: g10/keygen.c:647
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Ihre Auswahl? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
 msgstr ""
-"M�chten Sie wirklich einen Unterschriften-/Verschl�sselungschl�ssel "
-"erzeugen? "
+"Von der Benutzung dieses Verfahrens ist abzuraten - Trotzdem erzeugen? "
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Ung�ltige Auswahl.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1353,21 +1499,20 @@ msgstr ""
 "              standard Schl�ssell�nge ist 1024 Bit\n"
 "      gr��te sinnvolle Schl�ssell�nge ist 2048 Bit\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Welche Schl�ssell�nge w�nschen Sie? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA erlaubt nur Schl�ssell�ngen von 512 bis 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "zu kurz; 768 ist die kleinste m�gliche Schl�ssell�nge.\n"
-
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr "zu kurz; 1024 ist die kleinste f�r RSA m�gliche Schl�ssell�nge.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
 msgstr "zu kurz; 768 ist die kleinste m�gliche Schl�ssell�nge.\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
@@ -1378,12 +1523,12 @@ msgstr "zu kurz; 768 ist die kleinste m�gliche Schl�ssell�nge.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "Sch�sselgr��e zu hoch; %d ist der Maximalwert.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1391,11 +1536,11 @@ msgstr ""
 "Schl�ssell�ngen gr��er als 2048 werden nicht empfohlen, da die\n"
 "Berechnungen dann WIRKLICH lange brauchen!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Sind Sie sicher, da� Sie diese Schl�ssell�nge w�nschen? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1403,21 +1548,17 @@ msgstr ""
 "Gut, aber bitte denken Sie auch daran, da� Monitor und Tastatur Daten "
 "abstrahlen und diese leicht mitgelesen werden k�nnen.\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Brauchen Sie wirklich einen derartig langen Schl�ssel? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "Die verlangte Schl�ssell�nge betr�gt %u Bit\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "aufgerundet auf %u Bit\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1433,25 +1574,46 @@ msgstr ""
 "      <n>m = Schl�ssel verf�llt nach n Monaten\n"
 "      <n>y = Schl�ssel verf�llt nach n Jahren\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Bitte w�hlen Sie, wie lange die Beglaubigung g�ltig bleiben soll.\n"
+"         0 = Schl�ssel verf�llt nie\n"
+"      <n>  = Schl�ssel verf�llt nach n Tagen\n"
+"      <n>w = Schl�ssel verf�llt nach n Wochen\n"
+"      <n>m = Schl�ssel verf�llt nach n Monaten\n"
+"      <n>y = Schl�ssel verf�llt nach n Jahren\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
-msgstr "Der Schl�ssel bleibt wie lange g�ltig? (0) "
+msgstr "Wie lange bleibt der Schl�ssel g�ltig? (0) "
+
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "Wie lange bleibt die Beglaubigung g�ltig? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "Ung�ltiger Wert.\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "Der Schl�ssel verf�llt nie.\n"
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s verf�llt nie.\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
+#: g10/keygen.c:992
 #, c-format
-msgid "Key expires at %s\n"
-msgstr "Der Schl�ssel verf�llt am %s\n"
+msgid "%s expires at %s\n"
+msgstr "%s verf�llt am %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1459,11 +1621,11 @@ msgstr ""
 "Ihr Rechner kann Daten jenseits des Jahres 2038 nicht anzeigen.\n"
 "Trotzdem werden Daten bis 2106 korrekt verarbeitet.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "Ist dies richtig? (j/n) "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1479,44 +1641,44 @@ msgstr ""
 "    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Ihr Name (\"Vorname Nachname\"): "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Ung�ltiges Zeichen im Namen\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Der Name darf nicht mit einer Ziffer beginnen.\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Der Name mu� min. 5 Zeichen lang sein.\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "E-Mail-Adresse: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Diese E-Mail-Adresse ist ung�ltig\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Kommentar: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Ung�ltiges Zeichen im Kommentar.\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Sie benutzen den Zeichensatz `%s'\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1527,27 +1689,27 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr "Bitte keine E-Mailadressen als Namen oder Kommentar verwenden\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnKkEeFfBb"
 
-#: g10/keygen.c:986
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
 msgstr "�ndern: (N)ame, (K)ommentar, (E)-Mail oder (B)eenden? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "�ndern: (N)ame, (K)ommentar, (E)-Mail oder (F)ertig/(B)eenden? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
 msgstr "Bitte beseitigen Sie zuerst den Fehler\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1555,11 +1717,16 @@ msgstr ""
 "Sie ben�tigen ein Mantra, um den geheimen Schl�ssel zu sch�tzen.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr "Mantra wurde nicht richtig wiederholt; noch einmal versuchen.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "Mantra wurde nicht richtig wiederholt; noch einmal versuchen"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1572,7 +1739,7 @@ msgstr ""
 "aufrufen.\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1583,29 +1750,53 @@ msgstr ""
 "unterst�tzen, indem Sie z.B. in einem anderen Fenster/Konsole irgendetwas\n"
 "tippen, die Maus verwenden oder irgendwelche anderen Programme benutzen.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
-msgstr "Der DSA Schl�ssel wird 1024 Bit haben.\n"
+msgstr "Das DSA-Schl�sselpaar wird 1024 Bit haben.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Schl�sselerzeugung abgebrochen.\n"
 
-#: g10/keygen.c:1668
+#: g10/keygen.c:1883 g10/keygen.c:1963
 #, c-format
 msgid "writing public key to `%s'\n"
 msgstr "schreiben des �ffentlichen Schl�ssels nach '%s'\n"
 
-#: g10/keygen.c:1669
+#: g10/keygen.c:1884 g10/keygen.c:1965
 #, c-format
 msgid "writing secret key to `%s'\n"
 msgstr "schreiben des geheimen Schl�ssels nach '%s'\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "kein schreibbarer �ffentlicher Schl�sselbund gefunden: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "kein schreibbarer geheimer Schl�sselbund gefunden: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "Fehler beim Schreiben des �ff. Schl�sselbundes `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "Fehler beim Schreiben des geheimen Schl�sselbundes `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "�ffentlichen und geheimen Schl�ssel erzeugt und signiert.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "Schl�ssel ist als uneingeschr�nkt vertrauensw�rdig gekennzeichnet.\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
@@ -1614,12 +1805,12 @@ msgstr ""
 "werden kann.  Sie k�nnen aber mit dem Befehl \"--edit-key\" einen\n"
 "Zweitschl�ssel f�r diesem Zweck erzeugen.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "Schl�sselerzeugung fehlgeschlagen: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1627,7 +1818,7 @@ msgstr ""
 "Der Schl�ssel wurde %lu Sekunde in der Zukunft erzeugt (Zeitreise oder Uhren "
 "stimmen nicht �berein)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1635,310 +1826,373 @@ msgstr ""
 "Der Schl�ssel wurde %lu Sekunden in der Zukunft erzeugt (Zeitreise oder "
 "Uhren stimmen nicht �berein)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "HINWEIS: Unterschl�ssel f�r v3-Schl�ssen sind nicht OpenPGP-konform\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Wirklich erzeugen? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output funktioniert nicht bei diesem Kommando\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' ist bereits komprimiert\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: kann nicht ge�ffnet werden: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "Fehler beim Erzeugen des Mantras: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: WARNUNG: Leere Datei\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"Im --pgp2-Modus kann nur f�r RSA-Schl�ssel mit maximal 2048 Bit "
+"verschl�sselt werden\n"
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "Lesen von '%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+"Die IDEA-Verschl�sselung kann nicht mit allen Zielschl�sseln verwendet "
+"werden.\n"
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s verschl�sselt f�r: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
+#: g10/delkey.c:69 g10/export.c:141
 #, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: Benutzer nicht gefunden: %s\n"
+msgid "key `%s' not found: %s\n"
+msgstr "Schl�ssel `%s' nicht gefunden: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "Fehler beim Lesen des Schl�sselblocks: %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
-msgstr "Schl�ssel %08lX: dies ist kein rfc2440-Sch�ssel - �bersprungen\n"
+msgstr "Schl�ssel %08lX: dies ist kein RFC2440-Sch�ssel - �bersprungen\n"
 
-#: g10/export.c:175
+#: g10/export.c:180
 #, c-format
 msgid "key %08lX: not protected - skipped\n"
 msgstr "Schl�ssel %08lX: ungesch�tzt - �bersprungen\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "Schl�ssel %08lX: PGP 2.x-artiger Schl�ssel - �bersprungen\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "WARNUNG: Nichts exportiert\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
-msgstr "zu viele Eintr�ge im pk-Lager - abgeschaltet\n"
+msgstr "zu viele Eintr�ge im pk-Cache - abgeschaltet\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "zu viele Eintr�ge im unk-Lager - abgeschaltet\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[User-ID nicht gefunden]"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+"Ung�ltiger Schl�ssel %08lX, g�ltig gemacht per --allow-non-selfsigned-uid\n"
+
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr ""
 "der Zweitschl�ssel %08lX wird anstelle des Hauptschl�ssels %08lX verwendet\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr ""
 "Schl�ssel %08lX: geheimer Schl�ssel, aber ohne �ffentlichen Schl�ssel - "
 "�bersprungen\n"
 
-#: g10/getkey.c:2513
-msgid "[User id not found]"
-msgstr "[User-ID nicht gefunden]"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "�berspringe den Block vom Typ %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu Schl�ssel bislang bearbeitet\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "Fehler beim Lesen von `%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "Anzahl insgesamt bearbeiteter Schl�ssel: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "  neue Unterschl�ssel: %lu\n"
+msgstr "              ignorierte neue Schl�ssel: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
-msgstr "         ohne User-ID: %lu\n"
+msgstr "                           ohne User-ID: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
-msgstr "           importiert: %lu"
+msgstr "                             importiert: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
-msgstr "          unver�ndert: %lu\n"
+msgstr "                            unver�ndert: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
-msgstr "        neue User-IDs: %lu\n"
+msgstr "                          neue User-IDs: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
-msgstr "  neue Unterschl�ssel: %lu\n"
+msgstr "                    neue Unterschl�ssel: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
-msgstr "        neue Signaturen: %lu\n"
+msgstr "                        neue Signaturen: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
-msgstr "neue Schl�sselwiderrufe: %lu\n"
+msgstr "                neue Schl�sselwiderrufe: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
-msgstr " gelesene geheime Schl.: %lu\n"
+msgstr "             gelesene geheime Schl�ssel: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
-msgstr "geheime Schl�ssel importiert: %lu\n"
+msgstr "           geheime Schl�ssel importiert: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
-msgstr " unver�nderte geh.Schl.: %lu\n"
+msgstr "                 unver�nderte geh.Schl.: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "Schl�ssel %08lX: Keine User-ID\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "Schl�ssel %08lX: Nicht eigenbeglaubigte User-ID `%s' �bernommen\n"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "Schl�ssel %08lX: Keine g�ltigen User-IDs\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "dies k�nnte durch fehlende Eigenbeglaubigung verursacht worden sein\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "Schl�ssel %08lX: �ffentlicher Schl�ssel nicht gefunden: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "Schl�ssel %08lX: dies ist kein rfc2440-Sch�ssel - �bersprungen\n"
+msgstr "Schl�ssel %08lX: neuer Schl�ssel - �bersprungen\n"
+
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "kein schreibbarer Schl�sselbund gefunden: %s\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "Schreiben nach '%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "Fehler beim Schreiben des Schl�sselbundes `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "Schl�ssel %08lX: �ffentlicher Schl�ssel importiert\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "Schl�ssel %08lX: Stimmt nicht mit unserer Kopie �berein\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr ""
-"Schl�ssel %08lX: der lokale originale Schl�sselblocks wurde nicht gefunden: "
-"%s\n"
+"Schl�ssel %08lX: der lokale originale Schl�sselblocks wurde nicht gefunden: %"
+"s\n"
+
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr ""
+"Schl�ssel %08lX: Lesefehler im lokalen originalen Schl�sselblocks: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "Schl�ssel %08lX: 1 neue User-ID\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "Schl�ssel %08lX: %d neue User-IDs\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "Schl�ssel %08lX: 1 neue Signatur\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "Schl�ssel %08lX: %d neue Signaturen\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "Schl�ssel %08lX: 1 neuer Unterschl�ssel\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "Schl�ssel %08lX: %d neue Unterschl�ssel\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "Schl�ssel %08lX: Nicht ge�ndert\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "Kein voreingestellter geheimer Schl�sselbund: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "Schl�ssel %08lX: Geheimer Schl�ssel importiert\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "Schl�ssel %08lX: Ist bereits im geheimen Schl�sselbund\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "Schl�ssel %08lX: geheimer Schl�ssel nicht gefunden: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "Schl�ssel %08lX: Kein �ffentlicher Schl�ssel - der Schl�sselwiderruf kann "
 "nicht angebracht werden\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "Schl�ssel %08lX: Ung�ltiges Widerrufzertifikat: %s - zur�ckgewiesen\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "Schl�ssel %08lX: Widerrufzertifikat importiert\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "Schl�ssel %08lX: Keine User-ID f�r Signatur\n"
 
-#: g10/import.c:719 g10/import.c:743
+#: g10/import.c:839
 #, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
-msgstr "Schl�ssel %08lX: Nicht unterst�tztes Public-Key-Verfahren\n"
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr ""
+"Schl�ssel %08lX: Nicht unterst�tztes Public-Key-Verfahren f�r User-ID \"%s"
+"\"\n"
 
-#: g10/import.c:720
+#: g10/import.c:841
 #, c-format
-msgid "key %08lX: invalid self-signature\n"
-msgstr "Schl�ssel %08lX: Ung�ltige Eigenbeglaubigung\n"
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "Schl�ssel %08lX: Ung�ltige Eigenbeglaubigung f�r User-ID \"%s\"\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "Schl�ssel %08lX: Kein Unterschl�ssel f�r die Schl�sselanbindung\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "Schl�ssel %08lX: Ung�ltige Unterschl�ssel-Anbindung\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "Schl�ssel %08lX: Nicht unterst�tztes Public-Key-Verfahren\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "Schl�ssel %08lX: Nicht eigenbeglaubigte User-ID �bernommen'"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "Schl�ssel %08lX: Ung�ltige Unterschl�ssel-Anbindung\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "Schl�ssel %08lX: User-ID �bergangen '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "Schl�ssel %08lX: Unterschl�ssel ignoriert\n"
@@ -1947,94 +2201,194 @@ msgstr "Schl�ssel %08lX: Unterschl�ssel ignoriert\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr ""
 "Schl�ssel %08lX: Nicht exportf�hige Unterschrift (Klasse %02x) - �bergangen\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr "Schl�ssel %08lX: Widerrufzertifikat an falschem Platz - �bergangen\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "Schl�ssel %08lX: Ung�ltiges Widerrufzertifikat: %s - �bergangen\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "Schl�ssel %08lX: Doppelte User-ID entdeckt - zusammengef�hrt\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+"Warnung: Schl�ssel %08lX ist u.U. widerrufen: hole Widerrufschl�ssel %08lX\n"
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+"Warnung: Schl�ssel %08lX ist u.U. widerrufen: Widerrufschl�ssel %08lX ist "
+"nicht vorhanden\n"
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "Schl�ssel %08lX: Widerrufzertifikat hinzugef�gt\n"
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1231
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "Schl�ssel %08lX: Unsere Kopie hat keine Eigenbeglaubigung\n"
+msgid "key %08lX: direct key signature added\n"
+msgstr "Schl�ssel %08lX: \"direct-key\"-Signaturen hinzugef�gt\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[Widerruf]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[Eigenbeglaubigung]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 falsche Beglaubigung\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d falsche Beglaubigungen\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 Beglaubigung wegen fehlendem Schl�ssel nicht gepr�ft\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d Beglaubigungen wegen fehlenden Schl�sseln nicht gepr�ft\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 Beglaubigung aufgrund von Fehler nicht gepr�ft\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d Beglaubigungen aufgrund von Fehlern nicht gepr�ft\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "Eine User-ID ohne g�ltige Eigenbeglaubigung entdeckt\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr "%d User-IDs ohne g�ltige Eigenbeglaubigung entdeckt\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
+#, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "User-ID \"%s\" ist widerrufen."
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Wollen Sie ihn immmer noch beglaubigen? (j/N) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr "  Beglaubigen ist nicht m�glich.\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
 #, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "Ist bereits durch Schl�ssel %08lX beglaubigt.\n"
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"Die derzeitige Beglaubigung von \"%s\"\n"
+"ist nur f�r diesen Rechner g�ltig.\n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+"Soll sie zu einer voll exportierbaren Beglaubigung erhoben werden? (j/N) "
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:388
+#, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" wurde bereits durch Schl�ssel %08lX lokal beglaubigt\n"
+
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" wurde bereits durch Schl�ssel %08lX beglaubigt\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Nichts zu beglaubigen f�r Schl�ssel %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "Dieser Schl�ssel ist verfallen!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Dieser Schl�ssel wird %s verfallen.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "Soll Ihre Beglaubigung zur selben Zeit verfallen? (J/n) "
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+"Im --pgp2-Modus kann nur mit PGP-2.x-artigen Schl�sseln unterschrieben "
+"werden\n"
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "Dies w�rde den Schl�ssel f�r PGP 2.x unbrauchbar machen\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Wie genau haben Sie �berpr�ft, ob der Schl�ssel, den Sie jetzt beglaubigen\n"
+"wollen, wirklich der o.g. Person geh�rt?\n"
+"Wenn Sie darauf keine Antwort wissen, geben Sie \"0\" ein.\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Ich antworte nicht.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) Ich habe es �berhaupt nicht �berpr�ft.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) Ich habe es fl�chtig �berpr�ft.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) Ich habe es sehr sorgf�ltig �berpr�ft.%s\n"
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2042,41 +2396,73 @@ msgstr ""
 "Sind Sie wirklich sicher, da� Sie vorstehenden Schl�ssel mit Ihrem\n"
 "Schl�ssel beglaubigen wollen: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr ""
 "\n"
+"Die Unterschrift wird als nicht exportf�hig markiert werden.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
 msgstr ""
+"\n"
 "Die Unterschrift wird als nicht exportf�hig markiert werden.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"Ich habe diesen Schl�ssel �berhaupt nicht �berpr�ft.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"Ich habe diesen Schl�ssel fl�chtig �berpr�ft.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
 "\n"
+"Ich habe diesen Schl�ssel sehr sorgf�ltig �berpr�ft.\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Wirklich unterschreiben? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "Beglaubigung fehlgeschlagen: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Dieser Schl�ssel ist nicht gesch�tzt.\n"
 
-#: g10/keyedit.c:426
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
 msgstr "Geheime Teile des Haupschl�ssels sind nicht vorhanden\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "Schl�ssel ist gesch�tzt.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Dieser Schl�ssel kann nicht editiert werden: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2084,7 +2470,7 @@ msgstr ""
 "Geben Sie das neue Mantra f�r diesen geheimen Schl�ssel ein.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2092,421 +2478,557 @@ msgstr ""
 "Sie wollen kein Mantra - dies ist bestimmt *keine* gute Idee!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "M�chten Sie dies wirklich tun? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "schiebe eine Beglaubigung an die richtige Stelle\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "Men� verlassen"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "save"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "speichern und Men� verlassen"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "help"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "Diese Hilfe zeigen"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "\"Fingerabdruck\" anzeigen"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "Liste der Schl�ssel"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "Schl�ssel und User-IDs auflisten"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "User-ID N ausw�hlen"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "key"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "Zweitschl�ssel N ausw�hlen"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "check"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "Liste der Signaturen"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "sign"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "Den Schl�ssel signieren"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsign"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
-msgstr "Den Schl�ssel nur auf diesem Rechner signieren"
+msgstr "Den Schl�ssel nur f�r diesen Rechner beglaubigen"
+
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsign"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "Den Schl�ssel nicht-widerrufbar beglaubigen"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsign"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "Den Schl�ssel nicht-widerrufbar und nur f�r diesen Rechner signieren"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "debug"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "adduid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "Eine User-ID hinzuf�gen"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "addphoto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "Eine Foto-ID hinzuf�gen"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "deluid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "User-ID entfernen"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "delphoto"
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "addkey"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "Einen Zweitschl�ssel hinzuf�gen"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "delkey"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "Einen Zweitschl�ssel entfernen"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "delsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "Signatur entfernen"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "�ndern des Verfallsdatums"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "primary"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "User-ID als Haupt-User-ID kennzeichnen"
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "toggle"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "Umschalten zwischen Anzeige geheimer und �ffentlicher Schl�ssel"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr "Liste der Voreinstellungen"
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "Liste der Voreinstellungen (f�r Experten)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "Liste der Voreinstellungen (ausf�hrlich)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "setpref"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "Liste der Voreinstellungen einstellen"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "updpref"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "ge�nderte Voreinstellungen"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "passwd"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "Das Mantra �ndern"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "trust"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "Den \"Owner trust\" �ndern"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "Signaturen widerrufen"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "revkey"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "Einen Zweitschl�ssel widerrufen"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "disable"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "Schl�ssel abschalten"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "enable"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "Schl�ssel anschalten"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "showphoto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "Foto-ID anzeigen"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "Dies kann im Batchmodus nicht durchgef�hrt werden.\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "Fehler beim Lesen des geheimen Schl�sselblocks `%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Geheimer Schl�ssel ist vorhanden.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Befehl> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "Hierzu wird der geheime Schl�ssel ben�tigt.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
 msgstr "Bitte verwenden sie zun�chst den Befehl \"toggle\"\n"
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+msgid "Key is revoked."
+msgstr "Schl�ssel wurde widerrufen."
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Wirklich alle User-IDs beglaubigen? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Tip: W�hlen Sie die User-IDs, die beglaubigt werden sollen\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "�nderung der \"Trust-DB\" fehlgeschlagen: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "Dieses Kommando ist im %s-Modus nicht erlaubt.\n"
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Zumindestens eine User-ID mu� ausgew�hlt werden.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Die letzte User-ID kann nicht gel�scht werden!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "M�chten Sie alle ausgew�hlten User-IDs wirklich entfernen? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Diese User-ID wirklich entfernen? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Zumindestens ein Schl�ssel mu� ausgew�hlt werden.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "M�chten Sie die ausgew�hlten Schl�ssel wirklich entfernen? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "M�chten Sie diesen Schl�ssel wirklich entfernen? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "M�chten Sie die ausgew�hlten Schl�ssel wirklich widerrufen? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "M�chten Sie diesen Schl�ssel wirklich wiederrufen? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr ""
+"M�chten Sie die Voreinstellungen der ausgew�hlten User-IDs wirklich �ndern? "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Die Voreinstellungen wirklich �ndern? "
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "�nderungen speichern? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Beenden ohne zu speichern? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "�nderung fehlgeschlagen: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "�nderung des Geheimnisses fehlgeschlagen: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "Schl�ssel ist nicht ge�ndert worden, also ist kein Speichern n�tig.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Ung�ltiger Befehl (versuchen Sie's mal mit \"help\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "Dieser Schl�ssel k�nnte von %s key %s%s widerrufen worden sein\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr "(empfindlich)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  erstellt: %s verf�llt: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " Vertrauen: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Hinweis: Dieser Schl�ssel ist abgeschaltet"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "Schl�ssel %08lX: Unterschl�ssel wurde widerrufen\n"
+msgstr "rev! Unterschl�ssel wurde widerrufen: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr "neue Schl�sselwiderrufe: %lu\n"
+msgstr "rev- gef�lschter Schl�sselwiderruf entdeckt\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? Schwierigkeiten bei der Widerruf-�berpr�fung: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
 msgstr ""
+"Bitte beachten Sie, da� ohne einen Programmneustart die angezeigte\n"
+"Schl�sselg�ltigkeit nicht notwendigerweise korrekt ist.\n"
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"WARNUNG: Dieser Schl�ssel besitzt bereits eine Foto-ID.\n"
+"         Ein hinzugef�gte Foto-ID k�nnte einige Versionen von PGP "
+"verwirren.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Wollen Sie ihn immmer noch hinzuf�gen? (j/N) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "Sie k�nnen nur eine Foto-ID f�r diesen Schl�ssel haben.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"WARNUNG: Dies ist ein PGP2-artiger Schl�ssel. Hinzuf�gen einer Foto-ID "
+"k�nnte\n"
+"         bei einigen PGP-Versionen zur Zur�ckweisung des Schl�ssels f�hren.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "Sie k�nnen einem PGP2-artigen Schl��sel keine Foto-ID hinzuf�gen.\n"
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "Diese korrekte Beglaubigung entfernen? (j/N/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "Diese ung�ltige Beglaubigung entfernen= (j/N/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "Diese unbekannte Beglaubigung entfernen? (j/N/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "Eigenbeglaubigung wirklich entfernen? (j/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "%d Beglaubigungen entfernt.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "%d Beglaubigungen entfernt.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Nichts entfernt.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Bitte entfernen Sie die Auswahl von den geheimen Schl�sseln.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Bitte w�hlen Sie h�chstens einen Zweitschl�ssel aus.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "�ndern des Verfallsdatums des Zweitschl�ssels.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "�ndern des Verfallsdatums des Hauptschl�ssels.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Sie k�nnen das Verfallsdatum eines v3-Schl�ssels nicht �ndern\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Keine entsprechende Signatur im geheimen Schl�sselbund\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Bitte genau eine User-ID ausw�hlen.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Keine User-ID mit Index %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Kein Zweitschl�ssel mit Index %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "User-ID: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2515,250 +3037,375 @@ msgstr ""
 "\"\n"
 "unterschrieben mit Ihrem Schl�ssel %08lX um %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"lokal unterschrieben mit Ihrem Schl�ssel %08lX um %s\n"
+
+#: g10/keyedit.c:2457
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Diese Unterschrift ist seit %s verfallen.\n"
+
+#: g10/keyedit.c:2461
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Wollen Sie ihn immmer noch widerrufen? (j/N) "
+
+#: g10/keyedit.c:2465
+msgid "Create a revocation certificate for this signature? (y/N) "
 msgstr "Ein Widerrufszertifikat f�r diese Unterschrift erzeugen (j/N)"
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Sie haben folgende User-IDs beglaubigt:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
+#: g10/keyedit.c:2504
 #, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "   beglaubigt durch %08lX um %s\n"
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   beglaubigt durch %08lX um %s%s%s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   widerrufen durch %08lX um %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Es werden nun folgende Beglaubigungen entfernt:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   beglaubigt durch %08lX am %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr " (nicht-exportierbar)"
+
+#: g10/keyedit.c:2551
+msgid "Really create the revocation certificates? (y/N) "
 msgstr "Wirklich ein Unterschrift-Widerrufszertifikat erzeugen? (j/N) "
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "Kein geheimer Schl�ssel\n"
 
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "Ung�ltige ASCII-H�lle"
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+"Anzeigen einer %s Photo ID (%ld Byte) f�r Schl�ssel %08lX (User-ID %d)\n"
 
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "revkey"
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Beglaubigungsrichtlinie: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "WARNUNG: Ung�ltige \"Notation\"-Daten gefunden\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Beglaubigungs-\"Notation\": "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "nicht als Klartext darstellbar"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "Schl�sselbund"
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
+#: g10/keylist.c:423 g10/mainproc.c:856
 #, c-format
 msgid " [expires: %s]"
 msgstr " [verf�llt: %s]"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Fingerabdruck:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "           Fingerabdruck:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr " Schl.-Fingerabdruck ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s verschl�sselte Daten\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "Mit unbekanntem Verfahren verschl�sselt %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "�ffentlicher Schl�ssel ist %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "Mit �ffentlichem Sch�ssel verschl�sselte Daten: Korrekte DEK\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "verschl�sselt mit %u-Bit %s Schl�ssel, ID %08lX, erzeugt %s\n"
 
 # Scripte scannen lt. dl1bke auf "ID (0-9A-F)+" deswegen mu� "ID" rein :-(
 # [kw]
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "verschl�sselt mit %s Schl�ssel, ID %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "kein geheimer Schl�ssel zur Entschl�sselung vorhanden\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "Entschl�sselung mit �ffentlichem Schl�ssel fehlgeschlagen: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "vermutlich %s-verschl�sselte Daten\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr "IDEA-Verschl�sselung nicht verf�gbar; versucht wird stattdessen %s\n"
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
-msgstr "Enschl�sselung fehlgeschlagen: %s\n"
+msgstr "Entschl�sselung erfolgreich\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "Warnung: Verschl�sselte Botschaft ist manipuliert worden!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
-msgstr "Enschl�sselung fehlgeschlagen: %s\n"
+msgstr "Entschl�sselung fehlgeschlagen: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr ""
 "Hinweis: Der Absender verlangte Vertraulichkeit(\"for-your-eyes-only\")\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "Urspr�nglicher Dateiname='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr ""
 "Einzelner Widerruf - verwenden Sie \"gpg --import\" um ihn anzuwenden\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "WARNUNG: Ung�ltige \"Notation\"-Daten gefunden\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "\"Notation\": "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Richtlinie: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "Unterschriften-�berpr�fung unterdr�ckt\n"
 
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "diese Mehrfachunterschriften k�nnen nicht behandelt werden\n"
+
 # Scripte scannen lt. dl1bke auf "ID (0-9A-F)+" deswegen mu� "ID" rein :-(
-#: g10/mainproc.c:1080
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Unterschrift vom %.*s, %s Schl�ssel ID %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "FALSCHE Unterschrift von \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Verfallene Unterschrift von \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Korrekte Unterschrift von \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[ungewi�]  "
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "                    alias \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Unterschrift kann nicht gepr�ft werden: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "keine abgetrennte Unterschrift\n"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "Einzelne Unterschrift der Klasse 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "Unterschrift nach alter (PGP 2.x) Art\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "ung�ltiges root-Paket in proc_tree() entdeckt\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "core-dump-Dateierzeugung kann nicht abgeschaltet werden: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Experimentiermethoden sollten nicht benutzt werden!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
-msgstr ""
-"Diese Verschl�sselungsmethode taugt nicht mehr viel; verwenden Sie eine "
-"st�rker standardisierte Methode!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr "Es ist davon abzuraten, diese Verschl�sselungsmethode zu benutzen!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Warnung: Unsicheres Besitzverh�ltnis von %s \"%s\"\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Warnung: Unsichere Zugriffsrechte f�r %s \"%s\"\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "das IDEA-Verschl�sselungs-Plugin ist nicht vorhanden\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr "F�r weitere Info siehe http://www.gnupg.org/why-not-idea.html\n"
 
-#: g10/parse-packet.c:115
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "dieses Public-Key Verfahren %d kann nicht benutzt werden\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "Im Unterpaket des Typs %d ist das \"critical bit\" gesetzt\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
-msgstr ""
+msgstr "GPG-Agent ist in dieser Sitzung nicht vorhanden\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "Client-PID f�r den Agent kann nicht gesetzt werden\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "Server-Lese-Handle f�r den Agent nicht verf�gbar\n"
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "Server-Schreib-Handle f�r den Agent nicht verf�gbar\n"
+
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
-msgstr ""
+msgstr "fehlerhaft aufgebaute GPG_AGENT_INFO - Umgebungsvariable\n"
+
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "GPG-Agent-Protokoll-Version %d wird nicht unterst�tzt\n"
 
-#: g10/hkp.c:158 g10/passphrase.c:223
+#: g10/hkp.c:147 g10/passphrase.c:532
 #, c-format
 msgid "can't connect to `%s': %s\n"
 msgstr "Verbindung zu '%s' kann nicht aufgebaut werden: %s\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "Kommunikationsproblem mit GPG-Agent\n"
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr ""
+"Schwierigkeiten mit dem Agenten - Agent-Ansteuerung wird abgeschaltet\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (Hauptschl�ssel-ID %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
 "Sie ben�tigen ein Mantra, um den geheimen Schl�ssel zu entsperren.\n"
-"Benutzer: \""
+"Benutzer: \"\"%.*s\"\n"
+"%u-bit %s Schl�ssel, ID %08lX, erzeugt %s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Geben Sie das Mantra ein: "
+msgstr "Geben Sie das Mantra ein\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "Geben Sie das Mantra nochmal ein: "
-
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
+msgstr "Geben Sie das Mantra nochmal ein\n"
 
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr ""
+msgstr "Mantra ist zu lang\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "Falsche Antwort des Agenten\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "Abbruch durch Benutzer\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "Schwierigkeiten mit dem Agenten: Agent antwortet 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2768,20 +3415,20 @@ msgstr ""
 "Sie ben�tigen ein Mantra, um den geheimen Schl�ssel zu entsperren.\n"
 "Benutzer: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "%u-Bit %s Schl�ssel, ID %08lX, erzeugt %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "Mantra kann im Batchmodus nicht abgefragt werden\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Geben Sie das Mantra ein: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Geben Sie das Mantra nochmal ein: "
 
@@ -2790,151 +3437,203 @@ msgid "data not saved; use option \"--output\" to save it\n"
 msgstr ""
 "Daten wurden nicht gespeichert; verwenden Sie daf�r die Option \"--output\"\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "Fehler beim Erstellen von `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
 msgstr "Abgetrennte Beglaubigungen.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Bitte geben Sie den Namen der Datendatei ein: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "lese stdin ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "keine unterschriebene Daten\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "kann signierte Datei '%s' nicht �ffnen.\n"
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
-msgstr "Ungenannter Empf�nger: Versuch mit geheimen Schl�ssel %08lX ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
+msgstr "Ungenannter Empf�nger; Versuch mit geheimen Schl�ssel %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "Alles klar, wir sind der ungenannte Empf�nger.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "alte Kodierung des DEK wird nicht unterst�tzt\n"
 
-#: g10/pubkey-enc.c:216
+#: g10/pubkey-enc.c:177
 #, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "Versch�sselungsverfahren %d ist unbekannt oder abgeschaltet\n"
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "Versch�sselungsverfahren %d%s ist unbekannt oder abgeschaltet\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr "Hinweis: Verfahren %d ist kein bevorzugtes Verschl�sselungsverfahren\n"
 
-#: g10/pubkey-enc.c:261
+#: g10/pubkey-enc.c:242
 #, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
 msgstr "Hinweis: geheimer Schl�ssel %08lX verf�llt am %s\n"
 
-#: g10/hkp.c:62
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr "Schl�ssel %08lX von %s wird angefordert ...\n"
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "Schl�ssel %08lX wird von HKP-Schl�sselserver %s angefordert\n"
 
-#: g10/hkp.c:75
+#: g10/hkp.c:94
 #, c-format
 msgid "can't get key from keyserver: %s\n"
 msgstr "Schl�ssel ist beim Schl�sselserver nicht erh�ltlich: %s\n"
 
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr "Kein Schl�sselserver bekannt (Option --keyserver verwenden)\n"
-
-#: g10/hkp.c:106
-#, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s: Dies ist keine g�ltige Schl�ssel-ID\n"
-
-#: g10/hkp.c:182
+#: g10/hkp.c:171
 #, c-format
 msgid "error sending to `%s': %s\n"
 msgstr "Fehler beim Senden an `%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
 msgstr "Senden an `%s' erfolgreich (status=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
 msgstr "Senden an `%s' erfolglos (status=%u)\n"
 
-#: g10/seckey-cert.c:89
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "suche nach \"%s\" auf HKP-Server %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "kann Schl�sselserver nicht durchsuchen: %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
 msgstr "Teile des geheimen Schl�ssels sind nicht vorhanden\n"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
 #, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "Schutzverfahren %d wird nicht unterst�tzt\n"
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "Schutzverfahren %d%s wird nicht unterst�tzt\n"
+
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Ung�ltiges Mantra; versuchen Sie es bitte noch einmal"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr "Ung�ltiges Mantra; versuchen Sie's doch noch einmal ...\n"
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr ""
 "WARNUNG: Unsicherer Schl�ssel entdeckt -\n"
 "         bitte Mantra nochmals wechseln.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+"Die mi�billigte 16-bit Pr�fsumme wird zum Schutz des geheimen Schl�ssels "
+"benutzt\n"
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "Dieser durch PGP erzeugte ElGamal-Schl�ssel ist f�r Signaturen NICHT sicher "
 "genug!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr ""
 "�ffentlicher Schl�ssel ist um %lu Sekunde j�nger als die Unterschrift\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr ""
 "�ffentlicher Schl�ssel ist um %lu Sekunden j�nger als die Unterschrift\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "Hinweis: Schl�ssel der Signatur ist verfallen am %s.\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "Hinweis: Signaturschl�ssel %08lX ist am %s verfallen.\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr ""
 "Vermutlich eine FALSCHE Unterschrift, wegen unbekanntem \"critical bit\"\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"WARNUNG: Richtlinien-URL kann nicht %%-erweitert werden (zu gro0). Verwende "
+"\"unerweiterte\".\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "Pr�fung der erstellten Unterschrift ist fehlgeschlagen: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "%s Unterschrift von: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "WARNUNG: '%s' ist eine leere Datei.\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"Im --pgp2-Modus kann nur mit PGP-2.x-artigen Schl�sseln unterschrieben "
+"werden\n"
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "%s kann nicht erzeugt werden: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "unterschreibe:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"Im --pgp2-Modus k�nnen Sie Klartextunterschriften nur mit PGP-2.x-artigen "
+"Schl�ssel machen\n"
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "WARNUNG: '%s' ist eine leere Datei.\n"
+msgid "%s encryption will be used\n"
+msgstr "%s Verschl�sselung wird verwendet\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2946,426 +3645,210 @@ msgstr "Textzeilen l�nger als %d Zeichen k�nnen nicht benutzt werden\n"
 msgid "input line longer than %d characters\n"
 msgstr "Eingabezeile ist l�nger als %d Zeichen\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb Satz %lu: lseek fehlgeschlagen: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr "trustdb Satz %lu: write fehlgeschlagen (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "trustdb Transaktion zu gro�\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: kann nicht zugegriffen werden: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: Verzeichnis existiert nicht!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: kann nicht erzeugt werden: %s\n"
+msgid "%s: can't create lock\n"
+msgstr "%s: Sperre kann nicht erzeugt werden\n"
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:480 g10/tdbio.c:544
 #, c-format
-msgid "%s: can't create lock\n"
+msgid "%s: can't make lock\n"
 msgstr "%s: Sperre kann nicht erzeugt werden\n"
 
-#: g10/tdbio.c:473
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: kann nicht erzeugt werden: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: Fehler beim Erzeugen des Versionsatzes: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: ung�ltige trust-db erzeugt\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: trust-db erzeugt\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: ung�ltige 'Trust'-Datenbank\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: hashtable kann nicht erzeugt werden: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: Fehler beim �ndern des Versionsatzes: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: Fehler beim Lesen des Versionsatzes: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: Fehler beim Schreiben des Versionsatzes: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "trustdb: lseek fehlgeschlagen: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "trustdb: read failed (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: keine trustdb Datei\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: version record with recnum %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: invalid file version %d\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: Fehler beim Lesen eines freien Satzes: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: Fehler beim Schreiben eines Verzeichnis-Satzes: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: konnte einen Satz nicht Nullen: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: konnte Satz nicht anh�ngen: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr ""
-"Die \"Trust\"-Datenbank ist besch�digt; verwenden Sie \"gpg "
-"--fix-trustdb\".\n"
-
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "trust record %lu, req type %d: read failed: %s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "trust record %lu, type %d: write failed: %s\n"
-
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "Vertrauenssatz %lu: l�schen fehlgeschlagen: %s\n"
-
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "\"Trust-DB\": sync fehlgeschlagen: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "Fehler beim Lesen des Dir-Satzes f�r LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: Dir-Satz erwartet, aber es kam Typ %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "Kein Hauptschl�ssel f�r LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "Fehler beim Lesen den Hauptschl�ssels der LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record fehlgeschlagen: %s\n"
+"Die \"Trust\"-Datenbank ist besch�digt; verwenden Sie \"gpg --fix-trustdb"
+"\".\n"
 
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "%s: Dies ist keine g�ltige Schl�ssel-ID\n"
-
-#: g10/trustdb.c:502
+#: g10/trustdb.c:200
 #, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "Schl�ssel %08lX kann nicht in die \"trustdb\" eingef�gt werden\n"
+msgid "`%s' is not a valid long keyID\n"
+msgstr "'%s' ist keine g�ltige lange Schl�ssel-ID\n"
 
-#: g10/trustdb.c:508
+#: g10/trustdb.c:235
 #, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "Schl�ssel %08lX: Satzabfrage fehlgeschlagen\n"
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "Schl�ssel %08lX: Akzeptiert als vertrauensw�rdiger Schl�ssel\n"
 
-#: g10/trustdb.c:517
+#: g10/trustdb.c:274
 #, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "Schl�ssel %08lX: Ist bereits in geheimer Schl�sseltabelle\n"
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "Schl�ssel %08lX tritt mehr als einmal in der \"trustdb\" auf\n"
 
-#: g10/trustdb.c:520
+#: g10/trustdb.c:290
 #, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "Schl�ssel %08lX: Akzeptiert als vertrauensw�rdiger Schl�ssel.\n"
-
-#: g10/trustdb.c:547
-#, fuzzy, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "Schl�ssel %08lX: ungesch�tzt - �bersprungen\n"
-
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "HINWEIS: Geheimer Schl�ssel %08lX ist NICHT gesch�tzt.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr ""
-"Schl�ssel %08lX: geheimer und �ffentlicher Schl�ssel passen nicht zusammen.\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "enum_secret_keys fehlgeschlagen: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "Schl�ssel %08lX.%lu: Korrekte Unterschl�ssel-Anbindung\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "Schl�ssel %08lX.%lu: Ung�ltige Unterschl�ssel-Anbindung: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "Schl�ssel %08lX.%lu: G�ltiger Schl�sselwiderruf\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "Schl�ssel %08lX.%lu: Ung�ltiger Schl�sselwiderruf: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "Schl�ssel %08lX.%lu: G�ltiger Unterschl�sselwiderruf\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Korrekte Eigenbeglaubigung"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Ung�ltige Eigenbeglaubigung"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
 msgstr ""
-"G�ltiger User-ID-Widerruf ignoriert, da eine neuere Eigenbeglaubigung "
-"vorliegt"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "G�ltiger User-ID-Widerruf"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Ung�ltiger User-ID-Widerruf"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "G�ltiger Zerifikat-Widerruf"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Korrektes Zertifikat"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Ung�ltiger Zertifikatswiderruf"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Ung�ltiges Zertifikat"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "Signatursatz %lu[%d] zeigt auf falschen Satz.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "Doppelte Zertifikate - entfernt"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir fehlgeschlagen: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: Einf�gen fehlgeschlagen: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: Einf�gen fehlgeschlagen: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: eingef�gt\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "Fehler beim Lesen des Verz.Satzes: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu Schl�ssel bearbeitet\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu Schl�ssel mit Fehlern\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu Schl�ssel eingef�gt\n"
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "enumerate Schl�sselblock fehlgeschlagen: %s\n"
+"Schl�ssel %08lX: kein �ffentlicher Schl�ssel f�r den vertrauensw�rdigen "
+"Schl�ssel - �bersprungen\n"
 
-#: g10/trustdb.c:1874
+#: g10/trustdb.c:332
 #, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: Dir-Satz ohne Schl�ssel - �bergangen\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "trust record %lu, req type %d: read failed: %s\n"
 
-#: g10/trustdb.c:1884
+#: g10/trustdb.c:338
 #, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu wegen neuer Schl�ssel\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "Vertrauenssatz %lu ist nicht von der angeforderten Art %d\n"
 
-#: g10/trustdb.c:1886
+#: g10/trustdb.c:353
 #, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu Schl�ssel �bersprungen\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "trust record %lu, type %d: write failed: %s\n"
 
-#: g10/trustdb.c:1890
+#: g10/trustdb.c:368
 #, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu Schl�ssel ge�ndert\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Huch, keine Schl�ssel\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "\"Trust-DB\": sync fehlgeschlagen: %s\n"
 
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Huch, keine User-IDs\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "\"Trust-DB\"-�berpr�fung nicht n�tig\n"
 
-#: g10/trustdb.c:2397
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: Suche nach Dir-Satz fehlgeschlagen: %s\n"
+msgid "next trustdb check due at %s\n"
+msgstr "n�chste \"Trust-DB\"-Pflicht�berpr�fung am %s\n"
 
-#: g10/trustdb.c:2406
-#, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "Schl�ssel %08lX: 'trust record' einf�gen fehlgeschlagen: %s\n"
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "\"Trust-DB\" wird �berpr�ft\n"
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:933
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "Schl�ssel %08lX.%lu: in \"trustdb\" eingef�gt\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "�ffentlicher Schl�ssel %08lX nicht gefunden: %s\n"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:1515
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
 msgstr ""
-"Schl�ssel %08lX.%lu: wurde in der Zukunft erzeugt (Zeitreise oder Uhren "
-"stimmen nicht �berein)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "Schl�ssel %08lX.%lu: verfallen am %s\n"
+"�ff.Schl�ssel des uneingeschr�nkt vertrautem Schl�ssel %08lX nicht gefunden\n"
 
-#: g10/trustdb.c:2441
+#: g10/trustdb.c:1593
 #, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "Schl�ssel %08lX.%lu: Vertrauenspr�fung fehlgeschlagen: %s\n"
-
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "Benutzer '%s' nicht gefunden: %s\n"
-
-#: g10/trustdb.c:2594
-#, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "Problem, '%s' in der Trust-DB zu finden: %s\n"
-
-#: g10/trustdb.c:2597
-#, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "User '%s' ist nicht in der 'Trust'-Datenbank - wird eingef�gt\n"
-
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "konnte '%s' nicht in die 'Trust'-Datenbank hineintun: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "WARNUNG: Lange 'Pref'-Records k�nnen noch nicht benutzt werden\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr ""
+"�berpr�fen, Tiefe %d, unterschrieben =%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3375,45 +3858,32 @@ msgstr ""
 "Denken Sie daran, da� die Datei mit der Unterschrift (.sig oder .asc)\n"
 "als erster in der Kommandozeile stehen sollte.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr "Eingabezeile %u ist zu lang oder es fehlt ein LF\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: Schl�sselbund kann nicht erzeugt werden: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: Schl�sselbund erstellt\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "Warnung: Zwei Dateien mit vertraulichem Inhalt vorhanden.\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"Schl�ssel ist nicht als unsicher gekennzeichnet - er ist nur mit einem\n"
+"echten Zufallsgenerator verwendbar\n"
 
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s ist der Unver�nderte\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "�bersprungen '%s': doppelt\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
-#, c-format
-msgid "%s is the new one\n"
-msgstr "%s ist der Neue\n"
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Bitte diesen potentiellen Sicherheitsmangel beseitigen\n"
-
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "�bersprungen '%s': %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "�bersprungen: geheimer Schl�ssel bereits vorhanden\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3432,93 +3902,102 @@ msgstr "Datei '%s' existiert bereits. "
 msgid "Overwrite (y/N)? "
 msgstr "�berschreiben (j/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: unbekannte Dateinamenerweiterung\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Neuen Dateinamen eingeben"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "Schreiben auf die Standardausgabe\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "die unterzeichneten Daten sind wohl in '%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: neue Optionendatei erstellt\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: Verzeichnis kann nicht erzeugt werden: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: Verzeichnis erzeugt\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr ""
 "Sie m�ssen GnuPG noch einmal starten, damit es die neue Optionsdatei liest\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "Mit unbekanntem Verfahren verschl�sselt %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "%s verschl�sselte Daten\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "Warnung: Botschaft wurde mit einem unsicheren Schl�ssel verschl�sselt.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "Problem beim Bearbeiten des verschl�sselten Pakets\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "Unsicherer Schl�ssel erzeugt - neuer Versuch\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "Trotz %d-fachen Versuch konnte die Erzeugung eines unsicheren Schl�ssels f�r "
 "sym.Verschl�sselung nicht vermieden werden!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "Es gibt einen privaten Schl�ssel zu diesem �ffentlichen Schl�ssel!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr ""
-"Benutzen Sie das Kommando \"--delete-secret-key\", um ihn vorab zu "
-"entfernen.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr "DSA ben�tigt einen 160-bit Hash Algorithmus\n"
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "Dies kann im Batchmodus ohne \"--yes\" nicht durchgef�hrt werden.\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Diesen Schl�ssel aus dem Schl�sselbund l�schen? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "Dies ist ein privater Schl�ssel! - Wirklich l�schen? "
 
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "l�schen des Schl�sselblocks fehlgeschlagen: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr "Der \"Ownertrust\" wurde gel�scht\n"
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr ""
+"Es gibt einen privaten Schl�ssel zu diesem �ffentlichen Schl�ssel \"%s\"!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr ""
+"Verwenden Sie zun�chst das Kommando \"--delete-secret-key\", um ihn zu "
+"entfernen.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3531,24 +4010,36 @@ msgstr ""
 "(implizit erzeugten) \"Netz der Zertifikate\" zu tun."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Um das Web-of-Trust aufzubauen mu� GnuPG wissen, welchen Schl�sseln\n"
+"uneingeschr�nkt vertraut wird. Das sind �blicherweise die Schl�ssel\n"
+"auf deren geheimen Schl�ssel Sie Zugruff haben.\n"
+"Antworten Sie mit \"yes\" um diesen Schl�ssel uneingeschr�nkt zu vertrauen\n"
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr ""
 "Wenn Sie diesen widerrufenen Schl�ssel trotzdem benutzen wollen,\n"
 "so antworten Sie mit \"ja\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr ""
 "Wenn Sie diesen nicht vertrauensw�rdigen Schl�ssel trotzdem benutzen "
 "wollen,\n"
 "so antworten Sie mit \"ja\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr "Geben Sie die User-ID dessen ein, dem Sie die Botschaft senden wollen."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3591,7 +4082,7 @@ msgstr ""
 "sein. Deshalb kann ein nur-Verschl�ssel-ElGamal-Schl�ssel daf�r nicht\n"
 "verwendet werden."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3603,16 +4094,16 @@ msgstr ""
 "Au�erdem sind damit ezeugte Unterschriften recht gro� und ihre �berpr�fung\n"
 "ist langsam."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "W�hlen Sie die gew�nschte Schl�ssell�nge"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Geben Sie \"ja\" oder \"nein\" ein"
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3624,21 +4115,21 @@ msgstr ""
 "erh�lt dann ggfs. keine brauchbaren Fehlermeldungen - stattdessen versucht\n"
 "der Rechner den Wert als Intervall (von-bis) zu deuten."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Geben Sie den Namen des Schl�sselinhabers ein"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr ""
 "Geben Sie eine E-Mail-Adresse ein. Dies ist zwar nicht unbedingt notwendig,\n"
 "aber sehr empfehlenswert."
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Geben Sie - bei Bedarf - einen Kommentar ein"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3652,16 +4143,91 @@ msgstr ""
 "F  um mit der Schl�sselerzeugung fortzusetzen.\n"
 "B  um die Schl�sselerzeugung abbrechen."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr ""
 "Geben Sie \"ja\" (oder nur \"j\") ein, um den Unterschl�ssel zu erzeugen."
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Wenn Sie die User-ID eines Schl�ssels beglaubigen wollen, sollten Sie "
+"zun�chst\n"
+"sicherstellen, da� der Schl�ssel demjenigen geh�rt, der in der User-ID "
+"genannt\n"
+"ist. F�r Dritte ist es hilfreich zu wissen, wie gut diese Zuordnung "
+"�berpr�ft\n"
+"wurde.\n"
+"\n"
+"\"0\" zeigt, da� Sie keine bestimmte Aussage �ber die Sorgfalt der \n"
+"    Schl�sselzuordnung machen.\n"
+"\n"
+"\"1\" Sie glauben, da� der Schl�ssel der benannten Person geh�rt,\n"
+"    aber Sie konnten oder nahmen die �berp�fung �berhaupt nicht vor.\n"
+"    Dies ist hilfreich f�r eine \"persona\"-�berpr�fung, wobei man den\n"
+"    Schl�ssel eines Pseudonym-Tr�gers beglaubigt\n"
+"\n"
+"\"2\" Sie nahmen eine fl�chtige �berpr�fung vor. Das heisst Sie haben z.B.\n"
+"    den Schl�sselfingerabdruck kontrolliert und die User-ID des Schl�ssels\n"
+"    anhand des Fotos gepr�ft.\n"
+"\n"
+"\"3\" Sie haben eine ausf�hrlich Kontrolle des Schl�ssels vorgenommen.\n"
+"    Das kann z.B. die Kontrolle des Schl�sselfingerabdrucks mit dem\n"
+"    Schl�sselinhaber pers�nlich vorgenommen haben; da� Sie die User-ID des\n"
+"    Schl�ssel anhand einer schwer zu f�lschenden Urkunde mit Foto (wie z.B.\n"
+"    einem Pa�) abgeglichen haben und schliesslich per E-Mail-Verkehr die\n"
+"    E-Mail-Adresse als zum Schl�sselbesitzer geh�rig erkannt haben.\n"
+"\n"
+"Beachten Sie, da� diese Beispiele f�r die Antworten 2 und 3 *nur* Beispiele "
+"sind.\n"
+"Schlu�endlich ist es Ihre Sache, was Sie unter \"fl�chtig\" oder "
+"\"ausf�hrlich\"\n"
+"verstehen, wenn Sie Schl�ssel Dritter beglaubigen.\n"
+"\n"
+"Wenn Sie nicht wissen, wie Sie antworten sollen, w�hlen Sie \"0\"."
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Geben Sie \"ja\" (oder nur \"j\") ein, um alle User-IDs zu beglaubigen"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3669,12 +4235,12 @@ msgstr ""
 "Geben Sie \"ja\" (oder nur \"j\") ein, um diese User-ID zu L�SCHEN.\n"
 "Alle Zertifikate werden dann auch weg sein!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr ""
 "Geben Sie \"ja\" (oder nur \"j\") ein, um diesen Unterschl�ssel zu l�schen"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3686,7 +4252,7 @@ msgstr ""
 "Schl�ssel\n"
 "herzustellen."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3699,7 +4265,7 @@ msgstr ""
 "sie wissen, welcher Schl�ssel verwendet wurde. Denn vielleicht w�rde genau\n"
 "diese Beglaubigung den \"Trust\"-Weg kompletieren."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
@@ -3707,7 +4273,7 @@ msgstr ""
 "Diese Beglaubigung ist ung�ltig. Es ist sinnvoll sie aus Ihrem\n"
 "Schl�sselbund zu entfernen."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3723,40 +4289,38 @@ msgstr ""
 "irgendeinem Grund nicht g�ltig ist und eine zweite Beglaubigung verf�gbar "
 "ist."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
 msgstr ""
-"Bitte geben Sie das Mantra ein. Dies ist ein geheimer Satz, der aus\n"
-"beliebigen Zeichen bestehen kann. Was Sie eingegeben wird nicht angezeigt.\n"
-"\n"
-"Zur ihrer eigenen Sicherbeit benutzen Sie bitte einen Satz, den sie sich\n"
-"gut merken k�nne, der aber nicht leicht zu erraten ist; Zitate und andere\n"
-"bekannte Texte sind eine SCHLECHTE Wahl, da diese mit Sicherheit online\n"
-"verf�gbar sind und durch entsprechende Programme zum Raten des Mantras\n"
-"benutzt werden.  S�tze mit pers�nlicher Bedeutung, die auch noch durch\n"
-"falsche Gro�-/Kleinschreibung und eingestreute Sonderzeichen ver�ndert "
-"werden,\n"
-"sind i.d.R. eine gute Wahl"
-
-#: g10/helptext.c:209
+"�ndern der Voreinstellung aller User-IDs (oder nur der ausgew�hlten)\n"
+"auf die aktuelle Liste der Voreinstellung. Die Zeitangaben aller "
+"betroffenen\n"
+"Eigenbeglaubigungen werden um eine Sekunde vorgestellt.\n"
+
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Bitte geben Sie das Mantra ein. Dies ist ein geheimer Satz \n"
+
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr ""
 "Um sicher zu gehen, da� Sie sich bei der Eingabe des Mantras nicht\n"
 "vertippt haben, geben Sie diese bitte nochmal ein.  Nur wenn beide Eingaben\n"
 "�bereinstimmen, wird das Mantra akzeptiert."
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr ""
 "Geben Sie den Namen der Datei an, zu dem die abgetrennte Unterschrift geh�rt"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Geben Sie \"ja\" ein, wenn Sie die Datei �berschreiben m�chten"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3765,15 +4329,14 @@ msgstr ""
 "Eingabetaste bet�tigen, wird der (in Klammern angezeigte) Standarddateiname\n"
 "verwendet."
 
-#: g10/helptext.c:229
-#, fuzzy
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3794,7 +4357,7 @@ msgstr ""
 "      Um bekanntzugeben, da� die User-ID nicht mehr benutzt werden soll.\n"
 "      So weist man normalerweise auf eine ung�ltige E-Mailadresse hin.\n"
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
@@ -3804,59 +4367,391 @@ msgstr ""
 "Sie diesen Widerruf herausgeben.  Der Text sollte m�glichst knapp sein.\n"
 "Eine Leerzeile beendet die Eingabe.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Keine Hilfe vorhanden."
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Keine Hilfe f�r '%s' vorhanden."
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "Zertifikat Leseproblem: %s\n"
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "Fehler beim Erzeugen des Schl�sselbundes `%s': %s\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "RSA-Schl�ssel k�nnen in dieser Version nicht verwendet werden\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "�ndern der Zugriffsrechte f�r `%s' ist fehlgeschlagen: %s\n"
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Kein Schl�ssel f�r User-ID\n"
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "Schl�sselbund `%s' erstellt\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Keine User-ID f�r Schl�ssel\n"
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "Schl�sselbund-Cache konnte nicht neu erzeugt werden: %s\n"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "Kein voreingestellter �ffentlicher Schl�sselbund\n"
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "Warnung: Zwei Dateien mit vertraulichem Inhalt vorhanden.\n"
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "kann Schl�sselbund `%s' nicht sperren: %s\n"
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s ist der Unver�nderte\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s ist der Neue\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Bitte diesen potentiellen Sicherheitsmangel beseitigen\n"
+
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "Pr�fen des Schl�sselbundes `%s'\n"
+
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu Schl�ssel bislang gepr�ft (%lu Beglaubigungen)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu Schl�ssel gepr�ft (%lu Beglaubigungen)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: Schl�sselbund erstellt\n"
+
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "Sind Sie sicher, da� Sie dies wiklich unterschreiben m�chten?\n"
+
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "  Sind Sie sicher, da� Sie dies immer noch unterschreiben wollen?\n"
+
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Wirklich unterschreiben? (j/N) "
+
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "Schl�ssel %08lX: Unsere Kopie hat keine Eigenbeglaubigung\n"
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Brauchen Sie wirklich einen derartig langen Schl�ssel? "
+
+#~ msgid "   signed by %08lX at %s\n"
+#~ msgstr "   beglaubigt durch %08lX um %s\n"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key User-ID"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key User-ID"
+
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key User-ID"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Geben Sie die User-ID ein: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
 #~ msgstr ""
-#~ "Schl�ssel %08lX: Lesefehler im lokalen originalen Schl�sselblocks: %s\n"
+#~ "�bersprungen: �ffentlicher Schl�ssel bereits mittels --encrypt-to "
+#~ "gesetzt\n"
 
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: Benutzer nicht gefunden\n"
+#~ msgid ""
+#~ "\n"
+#~ "WARNING: This is a PGP2-style key\n"
+#~ msgstr "WARNUNG: '%s' ist eine leere Datei.\n"
+
+# valid user replies (not including 1..4)
+#~ msgid "sSmMqQ"
+#~ msgstr "sSmMqQ"
+
+#~ msgid "no keyserver known (use option --keyserver)\n"
+#~ msgstr "Kein Schl�sselserver bekannt (Option --keyserver verwenden)\n"
+
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s: Dies ist keine g�ltige Schl�ssel-ID\n"
+
+#~ msgid "duplicate (short) key ID %08lX\n"
+#~ msgstr "�ffentlicher Schl�ssel ist %08lX\n"
+
+#~ msgid "%lu key(s) to refresh\n"
+#~ msgstr "\t%lu Schl�ssel mit Fehlern\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NAMEN]|�berpr�fen der \"Trust\"-Datenbank"
 
 #~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "F�r diesen Schl�ssel konnte kein g�ltiger \"Trust Path\" gefunden "
+#~ "werden.\n"
+#~ "Mal sehen, ob wir sonst irgendwie ein paar fehlende \"Owner trust\" "
+#~ "Werte \n"
+#~ "ermitteln k�nnen.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kein Pfad f�hrt zu einem unserer Schl�sseln.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Keine Zertifikate mit undefiniertem Vertrauen gefunden.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Keine \"trust\" Werte ge�ndert.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr ""
+#~ "%08lX: Keine Infos zur Berechnung der Vertrauenswahrscheinlichkeit "
+#~ "vorgefunden\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: Fehler beim Pr�fen des Schl�ssels: %s\n"
+
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "zu viele Eintr�ge im unk-Lager - abgeschaltet\n"
+
+#~ msgid "secret key %08lX not imported (use %s to allow for it)\n"
 #~ msgstr ""
-#~ "RSA Schl�ssel sind nicht erw�nscht; bitte denken Sie dar�ber nach, einen\n"
-#~ "neuen Schl�ssel zu erzeugen und diesen in Zukunft zu benutzen\n"
+#~ "Geheimer Schl�ssel %08lX nicht importiert (%s verwenden, um das zu "
+#~ "erm�glichen)\n"
 
-#~ msgid "not processed"
-#~ msgstr "nicht bearbeitet"
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr "�nderung der \"Trust-DB\" fehlgeschlagen: %s\n"
 
 #~ msgid "assuming bad MDC due to an unknown critical bit\n"
 #~ msgstr ""
 #~ "Vermutlich ist das Siegel (MDC) BESCH�DIGT (wegen unbekanntem \"critical "
 #~ "bit\")\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "Fehler beim Lesen des Dir-Satzes f�r LID %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr "lid %lu: Dir-Satz erwartet, aber es kam Typ %d\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "Kein Hauptschl�ssel f�r LID %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr "Fehler beim Lesen den Hauptschl�ssels der LID %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: search_record fehlgeschlagen: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "Schl�ssel %08lX: Satzabfrage fehlgeschlagen\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "Schl�ssel %08lX: Ist bereits in geheimer Schl�sseltabelle\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "HINWEIS: Geheimer Schl�ssel %08lX ist NICHT gesch�tzt.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
 #~ msgstr ""
-#~ "Schl�ssel ist nicht als unsicher gekennzeichnet - er ist nur mit einem\n"
-#~ "echten Zufallsgenerator verwendbar\n"
+#~ "Schl�ssel %08lX: geheimer und �ffentlicher Schl�ssel passen nicht "
+#~ "zusammen.\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "enum_secret_keys fehlgeschlagen: %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "Schl�ssel %08lX.%lu: Korrekte Unterschl�ssel-Anbindung\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "Schl�ssel %08lX.%lu: Ung�ltige Unterschl�ssel-Anbindung: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "Schl�ssel %08lX.%lu: G�ltiger Schl�sselwiderruf\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "Schl�ssel %08lX.%lu: Ung�ltiger Schl�sselwiderruf: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "Schl�ssel %08lX.%lu: G�ltiger Unterschl�sselwiderruf\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Korrekte Eigenbeglaubigung"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Ung�ltige Eigenbeglaubigung"
+
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
+#~ msgstr ""
+#~ "G�ltiger User-ID-Widerruf ignoriert, da eine neuere Eigenbeglaubigung "
+#~ "vorliegt"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "G�ltiger User-ID-Widerruf"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Ung�ltiger User-ID-Widerruf"
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "G�ltiger Zerifikat-Widerruf"
+
+#~ msgid "Good certificate"
+#~ msgstr "Korrektes Zertifikat"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Ung�ltiger Zertifikatswiderruf"
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Ung�ltiges Zertifikat"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "Signatursatz %lu[%d] zeigt auf falschen Satz.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "Doppelte Zertifikate - entfernt"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "tdbio_search_dir fehlgeschlagen: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lid ?: Einf�gen fehlgeschlagen: %s\n"
+
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lid %lu: Einf�gen fehlgeschlagen: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lid %lu: eingef�gt\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "Fehler beim Lesen des Verz.Satzes: %s\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "\t%lu Schl�ssel eingef�gt\n"
+
+#~ msgid "enumerate keyblocks failed: %s\n"
+#~ msgstr "enumerate Schl�sselblock fehlgeschlagen: %s\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lid %lu: Dir-Satz ohne Schl�ssel - �bergangen\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "\t%lu wegen neuer Schl�ssel\n"
+
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "\t%lu Schl�ssel �bersprungen\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "\t%lu Schl�ssel ge�ndert\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Huch, keine Schl�ssel\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Huch, keine User-IDs\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr "check_trust: Suche nach Dir-Satz fehlgeschlagen: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr "Schl�ssel %08lX: 'trust record' einf�gen fehlgeschlagen: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "Schl�ssel %08lX.%lu: in \"trustdb\" eingef�gt\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+#~ msgstr ""
+#~ "Schl�ssel %08lX.%lu: wurde in der Zukunft erzeugt (Zeitreise oder Uhren "
+#~ "stimmen nicht �berein)\n"
+
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "Schl�ssel %08lX.%lu: verfallen am %s\n"
+
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "Schl�ssel %08lX.%lu: Vertrauenspr�fung fehlgeschlagen: %s\n"
+
+#~ msgid "user '%s' not found: %s\n"
+#~ msgstr "Benutzer '%s' nicht gefunden: %s\n"
+
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr "Problem, '%s' in der Trust-DB zu finden: %s\n"
+
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr "User '%s' ist nicht in der 'Trust'-Datenbank - wird eingef�gt\n"
+
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "konnte '%s' nicht in die 'Trust'-Datenbank hineintun: %s\n"
+
+#~ msgid "too many random bits requested; the limit is %d\n"
+#~ msgstr "Zu viele Zufallswerte angefordert: Die Grenze liegt bei %d\n"
+
+#~ msgid "For info see http://www.gnupg.org"
+#~ msgstr "Weitere Infos: siehe http://www.gnupg.org"
+
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) RSA (signieren/beglaubigen und verschl�sseln)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr ""
+#~ "M�chten Sie wirklich einen Unterschriften-/Verschl�sselungschl�ssel "
+#~ "erzeugen? "
+
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: Benutzer nicht gefunden: %s\n"
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "Zertifikat Leseproblem: %s\n"
+
+#~ msgid "can't lock keyring `%s': %s\n"
+#~ msgstr "kann Schl�sselbund `%s' nicht sperren: %s\n"
+
+#~ msgid "%s: user not found\n"
+#~ msgstr "%s: Benutzer nicht gefunden\n"
+
+#~ msgid "WARNING: can't yet handle long pref records\n"
+#~ msgstr "WARNUNG: Lange 'Pref'-Records k�nnen noch nicht benutzt werden\n"
+
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: Schl�sselbund kann nicht erzeugt werden: %s\n"
+
+#~ msgid "invalid"
+#~ msgstr "ung�ltig"
+
+#~ msgid "revoked"
+#~ msgstr "widerrufen"
+
+#~ msgid "RSA key cannot be used in this version\n"
+#~ msgstr "RSA-Schl�ssel k�nnen in dieser Version nicht verwendet werden\n"
+
+#~ msgid "No key for user ID\n"
+#~ msgstr "Kein Schl�ssel f�r User-ID\n"
+
+#~ msgid "No user ID for key\n"
+#~ msgstr "Keine User-ID f�r Schl�ssel\n"
+
+#~ msgid "no secret key for decryption available\n"
+#~ msgstr "kein geheimer Schl�ssel zur Entschl�sselung vorhanden\n"
 
 #~ msgid "   (%d) ElGamal in a v3 packet\n"
 #~ msgstr "   (%d) ElGamal in einem v3-Paket\n"
diff --git a/po/el.po b/po/el.po
new file mode 100644
index 000000000..c3155828c
--- /dev/null
+++ b/po/el.po
@@ -0,0 +1,4383 @@
+# Greek Translation of GnuPG.
+# Copyright (C) 2002 Free Software Foundation, Inc.
+# Dokianakis Theofanis <[email protected]>, 2002.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: gnupg 1.0.6\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-29 13:24+0200\n"
+"Last-Translator: Dokianakis Theofanis <[email protected]>\n"
+"Language-Team: Greek <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-7\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "�������������: ����� �� �������� ������\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "����� �� http://www.gnupg.org/faq.html ��� ������������ �����������\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "� ���������� ��� ����� ������ ����� �������������� ������ �����\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(���� ��������������� ����� ��������� ��� ���� ��� �������)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
+msgid "yes"
+msgstr "���"
+
+#: util/miscutil.c:297 util/miscutil.c:334
+msgid "yY"
+msgstr "yY"
+
+#: util/miscutil.c:298 util/miscutil.c:332
+msgid "no"
+msgstr "���"
+
+#: util/miscutil.c:299 util/miscutil.c:335
+msgid "nN"
+msgstr "nN"
+
+#: g10/keyedit.c:815 util/miscutil.c:333
+msgid "quit"
+msgstr "�����������"
+
+#: util/miscutil.c:336
+msgid "qQ"
+msgstr "qQ"
+
+#: util/errors.c:54
+msgid "general error"
+msgstr "������ ������"
+
+#: util/errors.c:55
+msgid "unknown packet type"
+msgstr "�������� ����� �������"
+
+#: util/errors.c:56
+msgid "unknown version"
+msgstr "������� ������"
+
+#: util/errors.c:57
+msgid "unknown pubkey algorithm"
+msgstr "�������� ���������� �������� ��������"
+
+#: util/errors.c:58
+msgid "unknown digest algorithm"
+msgstr "�������� ���������� ���������"
+
+#: util/errors.c:59
+msgid "bad public key"
+msgstr "���� ������� ������"
+
+#: util/errors.c:60
+msgid "bad secret key"
+msgstr "���� ������� ������"
+
+#: util/errors.c:61
+msgid "bad signature"
+msgstr "���� ��������"
+
+#: util/errors.c:62
+msgid "checksum error"
+msgstr "������ checksum"
+
+#: util/errors.c:63
+msgid "bad passphrase"
+msgstr "���� ����� ������"
+
+#: util/errors.c:64
+msgid "public key not found"
+msgstr "��� ������� �� ������� ������"
+
+#: util/errors.c:65
+msgid "unknown cipher algorithm"
+msgstr "�������� ���������� ��������������"
+
+#: util/errors.c:66
+msgid "can't open the keyring"
+msgstr "�������� ��������� ��� ����������"
+
+#: util/errors.c:67
+msgid "invalid packet"
+msgstr "�� ������ ������"
+
+#: util/errors.c:68
+msgid "invalid armor"
+msgstr "�� ������ ��������"
+
+#: util/errors.c:69
+msgid "no such user id"
+msgstr "������� ��������� ������ (user id)"
+
+#: util/errors.c:70
+msgid "secret key not available"
+msgstr "�� ������� ������ ��� ����� ���������"
+
+#: util/errors.c:71
+msgid "wrong secret key used"
+msgstr "����� ����� �������� ��������"
+
+#: util/errors.c:72
+msgid "not supported"
+msgstr "��� �������������"
+
+#: util/errors.c:73
+msgid "bad key"
+msgstr "���� ������"
+
+#: util/errors.c:74
+msgid "file read error"
+msgstr "������ ��������� �������"
+
+#: util/errors.c:75
+msgid "file write error"
+msgstr "������ �������� �������"
+
+#: util/errors.c:76
+msgid "unknown compress algorithm"
+msgstr "�������� ���������� ���������"
+
+#: util/errors.c:77
+msgid "file open error"
+msgstr "������ ��������� �������"
+
+#: util/errors.c:78
+msgid "file create error"
+msgstr "������ ����������� �������"
+
+#: util/errors.c:79
+msgid "invalid passphrase"
+msgstr "�� ������ ����� ������"
+
+#: util/errors.c:80
+msgid "unimplemented pubkey algorithm"
+msgstr "�� ������������ ���������� �������� ��������"
+
+#: util/errors.c:81
+msgid "unimplemented cipher algorithm"
+msgstr "�� ������������ ���������� ��������������"
+
+#: util/errors.c:82
+msgid "unknown signature class"
+msgstr "������� ����� ���������"
+
+#: util/errors.c:83
+msgid "trust database error"
+msgstr "������ ��� ����� ��������� ������������"
+
+#: util/errors.c:84
+msgid "bad MPI"
+msgstr "���� MPI"
+
+#: util/errors.c:85
+msgid "resource limit"
+msgstr "���� �����"
+
+#: util/errors.c:86
+msgid "invalid keyring"
+msgstr "�� ������ ����������"
+
+#: util/errors.c:87
+msgid "bad certificate"
+msgstr "���� �������������"
+
+#: util/errors.c:88
+msgid "malformed user id"
+msgstr "��������������� ��������� ������ (user id)"
+
+#: util/errors.c:89
+msgid "file close error"
+msgstr "������ ����������� �������"
+
+#: util/errors.c:90
+msgid "file rename error"
+msgstr "������ ������������ �������"
+
+#: util/errors.c:91
+msgid "file delete error"
+msgstr "������ ��������� �������"
+
+#: util/errors.c:92
+msgid "unexpected data"
+msgstr "�� ����������� ��������"
+
+#: util/errors.c:93
+msgid "timestamp conflict"
+msgstr "��������� ���� (timestamp)"
+
+#: util/errors.c:94
+msgid "unusable pubkey algorithm"
+msgstr "�� ���������������� ���������� �������� ��������"
+
+#: util/errors.c:95
+msgid "file exists"
+msgstr "�� ������ �������"
+
+#: util/errors.c:96
+msgid "weak key"
+msgstr "������� ������"
+
+#: util/errors.c:97
+msgid "invalid argument"
+msgstr "�� ������ ������"
+
+#: util/errors.c:98
+msgid "bad URI"
+msgstr "���� URI"
+
+#: util/errors.c:99
+msgid "unsupported URI"
+msgstr "�� �������������� URI"
+
+#: util/errors.c:100
+msgid "network error"
+msgstr "������ �������"
+
+#: util/errors.c:102
+msgid "not encrypted"
+msgstr "�� ���������������"
+
+#: util/errors.c:103
+msgid "not processed"
+msgstr "�� �������������"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "�� ��������������� ������� ������"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "�� ��������������� ������� ������"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "������ ���������� ��������"
+
+#: util/logger.c:249
+#, c-format
+msgid "... this is a bug (%s:%d:%s)\n"
+msgstr "... ���� ����� bug (%s:%d:%s)\n"
+
+#: util/logger.c:255
+#, c-format
+msgid "you found a bug ... (%s:%d)\n"
+msgstr "������� ��� bug ... (%s:%d)\n"
+
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
+#, c-format
+msgid "can't open `%s': %s\n"
+msgstr "�������� ��������� ��� `%s': %s\n"
+
+#: cipher/random.c:324
+#, c-format
+msgid "can't stat `%s': %s\n"
+msgstr "�������� ����� ����������� ��� �� `%s': %s\n"
+
+#: cipher/random.c:329
+#, c-format
+msgid "`%s' is not a regular file - ignored\n"
+msgstr "`%s' ��� ����� �������� ������ - ���������\n"
+
+#: cipher/random.c:334
+msgid "note: random_seed file is empty\n"
+msgstr "��������: �� ������ random_seed ����� �����\n"
+
+#: cipher/random.c:340
+msgid "warning: invalid size of random_seed file - not used\n"
+msgstr ""
+"�������������: �� ������ ������� ������� random_seed - ��� �� "
+"��������������\n"
+
+#: cipher/random.c:348
+#, c-format
+msgid "can't read `%s': %s\n"
+msgstr "�������� ��������� ��� `%s': %s\n"
+
+#: cipher/random.c:386
+msgid "note: random_seed file not updated\n"
+msgstr "��������: ��� ���� ��������� �� ������ random_seed\n"
+
+#: cipher/random.c:406
+#, c-format
+msgid "can't create `%s': %s\n"
+msgstr "�������� ����������� ��� `%s': %s\n"
+
+#: cipher/random.c:413
+#, c-format
+msgid "can't write `%s': %s\n"
+msgstr "�������� �������� ��� `%s': %s\n"
+
+#: cipher/random.c:416
+#, c-format
+msgid "can't close `%s': %s\n"
+msgstr "�������� ����������� ��� `%s': %s\n"
+
+#: cipher/random.c:662
+msgid "WARNING: using insecure random number generator!!\n"
+msgstr "�������������: ����� �� �������� ���������� ������� �������!!\n"
+
+#: cipher/random.c:663
+msgid ""
+"The random number generator is only a kludge to let\n"
+"it run - it is in no way a strong RNG!\n"
+"\n"
+"DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
+"\n"
+msgstr ""
+"� ��������� ������� ������� ����� ���� ������� ��� ���� �� �����\n"
+"\n"
+"�� ��������������� �������� ��� ����� �������� ��� ���� �� ���������!!\n"
+"\n"
+
+#: cipher/rndlinux.c:142
+#, c-format
+msgid ""
+"\n"
+"Not enough random bytes available.  Please do some other work to give\n"
+"the OS a chance to collect more entropy! (Need %d more bytes)\n"
+msgstr ""
+"\n"
+"��� �������� ������ ��������� ������ bytes.  ����������� �� ���������� �\n"
+"�� ����������� �� ����������� ������� ����� ���� �� ������������\n"
+"����������� ��������! (����������� %d ����������� bytes)\n"
+
+#: g10/g10.c:287
+msgid ""
+"@Commands:\n"
+" "
+msgstr ""
+"@�������:\n"
+" "
+
+#: g10/g10.c:289
+msgid "|[file]|make a signature"
+msgstr "|[������]|���������� ���� ���������"
+
+#: g10/g10.c:290
+msgid "|[file]|make a clear text signature"
+msgstr "|[������]|���������� ���� �� ���������������� ���������"
+
+#: g10/g10.c:291
+msgid "make a detached signature"
+msgstr "���������� ���� �� ������������� ���������"
+
+#: g10/g10.c:292
+msgid "encrypt data"
+msgstr "������������� ���������"
+
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[������]|������������� �������"
+
+#: g10/g10.c:294
+msgid "encryption only with symmetric cipher"
+msgstr "������������� �� ����� ���� ����������� ����������"
+
+#: g10/g10.c:295
+msgid "store only"
+msgstr "���������� ����"
+
+#: g10/g10.c:296
+msgid "decrypt data (default)"
+msgstr "���������������� ��������� (��������������)"
+
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[������]|���������������� �������"
+
+#: g10/g10.c:298
+msgid "verify a signature"
+msgstr "���������� ���� ���������"
+
+#: g10/g10.c:300
+msgid "list keys"
+msgstr "���������� ��� ������ ��������"
+
+#: g10/g10.c:302
+msgid "list keys and signatures"
+msgstr "���������� ��� ������ �������� ��� ���������"
+
+#: g10/g10.c:303
+msgid "check key signatures"
+msgstr "������� ��������� ��������"
+
+#: g10/g10.c:304
+msgid "list keys and fingerprints"
+msgstr "���������� ��� ������ �������� ��� ������������ (fingerprints)"
+
+#: g10/g10.c:305
+msgid "list secret keys"
+msgstr "���������� ��� ������ �������� ��������"
+
+#: g10/g10.c:306
+msgid "generate a new key pair"
+msgstr "���������� ���� ���� ������� ��������"
+
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
+msgstr "�������� ��� �������� ��� �� ������� ����������"
+
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "�������� ��� �������� ��� �� ������� ����������"
+
+#: g10/g10.c:310
+msgid "sign a key"
+msgstr "�������� ���� ��������"
+
+#: g10/g10.c:311
+msgid "sign a key locally"
+msgstr "�������� ���� �������� ������"
+
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "�������� ���� �������� ��-�����������"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "�������� ���� �������� ������ ��� ��-�����������"
+
+#: g10/g10.c:314
+msgid "sign or edit a key"
+msgstr "�������� � ����������� ���� ��������"
+
+#: g10/g10.c:315
+msgid "generate a revocation certificate"
+msgstr "���������� ���� �������������� ���������"
+
+#: g10/g10.c:316
+msgid "export keys"
+msgstr "������� ��������"
+
+#: g10/g10.c:317
+msgid "export keys to a key server"
+msgstr "������� �������� �� ��� ���������� ��������"
+
+#: g10/g10.c:318
+msgid "import keys from a key server"
+msgstr "�������� �������� ��� ��� ���������� ��������"
+
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "��������� �������� �� ��� ���������� ��������"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "�������� ���� ��� �������� ��� ��� ���������� ��������"
+
+#: g10/g10.c:326
+msgid "import/merge keys"
+msgstr "��������/���������� ��������"
+
+#: g10/g10.c:328
+msgid "list only the sequence of packets"
+msgstr "���������� ���� ��� ���������� �������"
+
+#: g10/g10.c:330
+msgid "export the ownertrust values"
+msgstr "������� ��� ����� ������������"
+
+#: g10/g10.c:332
+msgid "import ownertrust values"
+msgstr "�������� ��� ����� ������������"
+
+#: g10/g10.c:334
+msgid "update the trust database"
+msgstr "�������� ��� ����� ��������� ������������"
+
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "�������� ��� �������������� ����� ��������� ������������"
+
+#: g10/g10.c:337
+msgid "fix a corrupted trust database"
+msgstr "�������� ���� ��������� ����� ��������� ������������"
+
+#: g10/g10.c:338
+msgid "De-Armor a file or stdin"
+msgstr "��������-��������� ���� ������� � stdin"
+
+#: g10/g10.c:340
+msgid "En-Armor a file or stdin"
+msgstr "��������-��������� ���� ������� � stdin"
+
+#: g10/g10.c:342
+msgid "|algo [files]|print message digests"
+msgstr "|����� [������]| ���������� ���������� ��� ���������"
+
+#: g10/g10.c:346
+msgid ""
+"@\n"
+"Options:\n"
+" "
+msgstr ""
+"@\n"
+"��������:\n"
+" "
+
+#: g10/g10.c:348
+msgid "create ascii armored output"
+msgstr "���������� ascii ������������ ������"
+
+#: g10/g10.c:350
+msgid "|NAME|encrypt for NAME"
+msgstr "|�����|������������� ��� �����"
+
+#: g10/g10.c:353
+msgid "|NAME|use NAME as default recipient"
+msgstr "|�����|����� ��� �������� �� ��������������� ���������"
+
+#: g10/g10.c:355
+msgid "use the default key as default recipient"
+msgstr "����� ��� ��������������� �������� �� ��������������� ���������"
+
+#: g10/g10.c:361
+msgid "use this user-id to sign or decrypt"
+msgstr "����� ����� ��� ���������� (user id) ��� �������� � ����������������"
+
+#: g10/g10.c:362
+msgid "|N|set compress level N (0 disables)"
+msgstr "|N|���������� �������� ��������� N (0 �������������)"
+
+#: g10/g10.c:364
+msgid "use canonical text mode"
+msgstr "����� ��������� ���������� ��������"
+
+#: g10/g10.c:371
+msgid "use as output file"
+msgstr "����� �� ������� ������"
+
+#: g10/g10.c:372
+msgid "verbose"
+msgstr "���������"
+
+#: g10/g10.c:373
+msgid "be somewhat more quiet"
+msgstr "����� ������"
+
+#: g10/g10.c:374
+msgid "don't use the terminal at all"
+msgstr "�� ����� ����������"
+
+#: g10/g10.c:375
+msgid "force v3 signatures"
+msgstr "������������ ������ v3 ���������"
+
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "��� ������������ ������ v3 ���������"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "������������ ������ v4 ���������"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "��� ������������ ������ v4 ���������"
+
+#: g10/g10.c:379
+msgid "always use a MDC for encryption"
+msgstr "����� ������� MDC ��� �������������"
+
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "���� ����� MDC ��� �������������"
+
+#: g10/g10.c:383
+msgid "do not make any changes"
+msgstr "�� �� ����� ������ ������"
+
+#. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
+#: g10/g10.c:385
+msgid "use the gpg-agent"
+msgstr "����� ��� gpg-agent"
+
+#: g10/g10.c:388
+msgid "batch mode: never ask"
+msgstr "��������� batch: �� �� �������� ���������"
+
+#: g10/g10.c:389
+msgid "assume yes on most questions"
+msgstr "�������� ��� ���� ������������ ���������"
+
+#: g10/g10.c:390
+msgid "assume no on most questions"
+msgstr "�������� ��� ���� ������������ ���������"
+
+#: g10/g10.c:391
+msgid "add this keyring to the list of keyrings"
+msgstr "�������� ����� ��� �������� ��� ����� ��� �����������"
+
+#: g10/g10.c:392
+msgid "add this secret keyring to the list"
+msgstr "�������� ����� ��� �������� ����������� ��� �����"
+
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "���������� ��� ����������� ���� ����� ��������� �� ������"
+
+#: g10/g10.c:394
+msgid "|NAME|use NAME as default secret key"
+msgstr "|�����|����� �������� ��� �������������� ������� ������"
+
+#: g10/g10.c:395
+msgid "|HOST|use this keyserver to lookup keys"
+msgstr "|�����������|����� ����� ��� ���������� �������� ��� ���������"
+
+#: g10/g10.c:397
+msgid "|NAME|set terminal charset to NAME"
+msgstr "|�����|���������� ��� ��� ���������� ���������� �� �����"
+
+#: g10/g10.c:398
+msgid "read options from file"
+msgstr "�������� �������� ��� ������"
+
+#: g10/g10.c:402
+msgid "|FD|write status info to this FD"
+msgstr "|FD|������� ��� ����������� ���������� ��� FD"
+
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[������]|������� ��� ����������� ���������� ��� ������"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|KEYID|������� ����������� �� ���� �� ������"
+
+#: g10/g10.c:411
+msgid "|FILE|load extension module FILE"
+msgstr "|������|������� ��� ���������� ��������� ������"
+
+#: g10/g10.c:412
+msgid "emulate the mode described in RFC1991"
+msgstr "��������� ��� ���������� ��� ������������ ��� RFC1991"
+
+#: g10/g10.c:413
+msgid "set all packet, cipher and digest options to OpenPGP behavior"
+msgstr ""
+"����������� ���� ��� �������� ������,���������� ��� �������� �� OPENPGP"
+
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr ""
+"������� ���� ��� �������� ������,����������,�������� �� PGP 2.x �����������"
+
+#: g10/g10.c:418
+msgid "|N|use passphrase mode N"
+msgstr "|N|����� ��� ���������� ������ ������ N"
+
+#: g10/g10.c:420
+msgid "|NAME|use message digest algorithm NAME for passphrases"
+msgstr ""
+"|ONOMA|����� ��� ���������� ��������� ��������� ����� ��� ������� �������"
+
+#: g10/g10.c:422
+msgid "|NAME|use cipher algorithm NAME for passphrases"
+msgstr "|�����|����� ���������� �������������� ����� ��� ������� �������"
+
+#: g10/g10.c:424
+msgid "|NAME|use cipher algorithm NAME"
+msgstr "|�����|����� ���������� �������������� �����"
+
+#: g10/g10.c:425
+msgid "|NAME|use message digest algorithm NAME"
+msgstr "|�����|����� ���������� ��������� ��������� ����� "
+
+#: g10/g10.c:426
+msgid "|N|use compress algorithm N"
+msgstr "|N|����� ���������� ��������� N"
+
+#: g10/g10.c:427
+msgid "throw keyid field of encrypted packets"
+msgstr "�������� ��� ������ keyid ��� ���������������� �������"
+
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "���������� ��� Photo ID"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "�� ���������� ��� Photo ID"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "������� ��� ������� ������� ��� ���������� ��� Photo ID"
+
+#: g10/g10.c:431
+msgid "|NAME=VALUE|use this notation data"
+msgstr "|�����=����|����� ����� ��� ���������� ���������"
+
+#: g10/g10.c:434
+msgid ""
+"@\n"
+"(See the man page for a complete listing of all commands and options)\n"
+msgstr ""
+"@\n"
+"(����� �� ������ man ��� ��� ����� ����� ������� ��� ��������)\n"
+
+#: g10/g10.c:437
+msgid ""
+"@\n"
+"Examples:\n"
+"\n"
+" -se -r Bob [file]          sign and encrypt for user Bob\n"
+" --clearsign [file]         make a clear text signature\n"
+" --detach-sign [file]       make a detached signature\n"
+" --list-keys [names]        show keys\n"
+" --fingerprint [names]      show fingerprints\n"
+msgstr ""
+"@\n"
+"������������:\n"
+"\n"
+" -se -r Bob [������]          �������� ��� ������������� ��� �� Bob\n"
+" --clearsign [������]         ���������� �� ���������������� ���������\n"
+" --detach-sign [������]       ���������� ����������� ���������\n"
+" --list-keys [�������]        ���������� ��������\n"
+" --fingerprint [�������]      ���������� ������������ (fingerprints)\n"
+
+#: g10/g10.c:579
+msgid "Please report bugs to <[email protected]>.\n"
+msgstr "��������� �� ���������� ��� <[email protected]>\n"
+
+#: g10/g10.c:583
+msgid "Usage: gpg [options] [files] (-h for help)"
+msgstr "�����: gpg [��������] [������] (-h ��� �������)"
+
+#: g10/g10.c:586
+msgid ""
+"Syntax: gpg [options] [files]\n"
+"sign, check, encrypt or decrypt\n"
+"default operation depends on the input data\n"
+msgstr ""
+"�������: gpg [��������] [������]\n"
+"��������, �������, ������������� � ����������������\n"
+"� �������������� ���������� ��������� ��� �� �������� �������\n"
+
+#: g10/g10.c:597
+msgid ""
+"\n"
+"Supported algorithms:\n"
+msgstr ""
+"\n"
+"��������������� ����������:\n"
+
+#: g10/g10.c:671
+msgid "usage: gpg [options] "
+msgstr "�����: gpg [��������] "
+
+#: g10/g10.c:728
+msgid "conflicting commands\n"
+msgstr "������������� �������\n"
+
+#: g10/g10.c:903
+#, c-format
+msgid "NOTE: no default option file `%s'\n"
+msgstr "��������:�� �������������� ������ �������� `%s'\n"
+
+#: g10/g10.c:907
+#, c-format
+msgid "option file `%s': %s\n"
+msgstr "������ �������� `%s': %s\n"
+
+#: g10/g10.c:914
+#, c-format
+msgid "reading options from `%s'\n"
+msgstr "�������� �������� ��� `%s'\n"
+
+#: g10/g10.c:1197
+#, c-format
+msgid "%s is not a valid character set\n"
+msgstr "�� %s ��� ����� ������ ��� ����������\n"
+
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "�������� ������������ ��� URI ��� ��������� ��������\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "�������� ������� ��� exec-path �� %s\n"
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "�������������: `%s' ����� ��� �� ������������ �������\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "�������������� ��� ������� \"--keyserver-options %s\" ��������\n"
+
+#: g10/g10.c:1347
+msgid "WARNING: program may create a core file!\n"
+msgstr "�������������: �� ��������� ���� ������������ ������ core!\n"
+
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "�������������: �� %s ����������� �� %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
+#, c-format
+msgid "NOTE: %s is not for normal use!\n"
+msgstr "��������: �� %s ��� ����� ��� �������� �����!\n"
+
+#: g10/g10.c:1360 g10/g10.c:1380
+#, c-format
+msgid "%s not allowed with %s!\n"
+msgstr "�� %s ��� ����������� �� �� %s!\n"
+
+#: g10/g10.c:1363
+#, c-format
+msgid "%s makes no sense with %s!\n"
+msgstr "�� %s ��� ���� ������ ������ ���� �� �� %s!\n"
+
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+"�������� �� ������ ����������� � ������� ��������� ���� �� --pgp2 ���������\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+"��� �������� �� ���������� ��� �� �������������� ���������� �� --pgp2 "
+"���������\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr "���� ������ ������������ (��� ��� pipes) ���� ��� ��������� --pgp2.\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+"� ������������� ���� ��������� �� --pgp2 ��������� ������� ��� �����. IDEA\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "���� �� �'����� ���� ��� ������ �� �������������� �� PGP 2.x\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
+msgid "selected cipher algorithm is invalid\n"
+msgstr "� ����������� ���������� �������������� ��� ����� �������\n"
+
+#: g10/g10.c:1476 g10/g10.c:1488
+msgid "selected digest algorithm is invalid\n"
+msgstr "� ����������� ���������� ��������� ��� ����� �������\n"
+
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "�� URL ��������� ��������� ��� ������ ��� ����� ������\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "�� URL ��������� �������������� ��� ������ ��� ����� ������\n"
+
+#: g10/g10.c:1499
+#, c-format
+msgid "compress algorithm must be in range %d..%d\n"
+msgstr "� ���������� ��������� ������ �� ����� ������ %d..%d\n"
+
+#: g10/g10.c:1501
+msgid "completes-needed must be greater than 0\n"
+msgstr "completes-needed ������ �� ����� ���������� ��� 0\n"
+
+#: g10/g10.c:1503
+msgid "marginals-needed must be greater than 1\n"
+msgstr "marginals-needed ������ �� ����� ���������� ��� 1\n"
+
+#: g10/g10.c:1505
+msgid "max-cert-depth must be in range 1 to 255\n"
+msgstr "max-cert-depth ������ �� ����� ������ 1 ��� 255\n"
+
+#: g10/g10.c:1508
+msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
+msgstr "��������: � ���� S2K ��������� (0) ������ �� �����������\n"
+
+#: g10/g10.c:1512
+msgid "invalid S2K mode; must be 0, 1 or 3\n"
+msgstr "�� ������ ��������� S2K; ������ �� ����� 0, 1 � 3\n"
+
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "�� ������ default-check-level� ������ �� ����� 0, 1, 2, � 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "�� ������� �����������\n"
+
+#: g10/g10.c:1613
+#, c-format
+msgid "failed to initialize the TrustDB: %s\n"
+msgstr "�������� ������������� ��� TrustDB: %s\n"
+
+#: g10/g10.c:1633
+msgid "--store [filename]"
+msgstr "--store [����� �������]"
+
+#: g10/g10.c:1640
+msgid "--symmetric [filename]"
+msgstr "--symmetric [����� �������]"
+
+#: g10/g10.c:1648
+msgid "--encrypt [filename]"
+msgstr "--encrypt [����� �������]"
+
+#: g10/g10.c:1665
+msgid "--sign [filename]"
+msgstr "--sign [����� �������]"
+
+#: g10/g10.c:1678
+msgid "--sign --encrypt [filename]"
+msgstr "--sign --encrypt [����� �������]"
+
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [����� �������]"
+
+#: g10/g10.c:1701
+msgid "--clearsign [filename]"
+msgstr "--clearsign [����� �������]"
+
+#: g10/g10.c:1719
+msgid "--decrypt [filename]"
+msgstr "--decrypt [����� �������]"
+
+#: g10/g10.c:1730
+msgid "--sign-key user-id"
+msgstr "--sign-key user-id"
+
+#: g10/g10.c:1738
+msgid "--lsign-key user-id"
+msgstr "--lsign-key user-id"
+
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key user-id"
+
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key user-id"
+
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key user-id [�������]"
+
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
+#, c-format
+msgid "can't open %s: %s\n"
+msgstr "�������� ��������� ��� %s: %s\n"
+
+#: g10/g10.c:1833
+msgid "-k[v][v][v][c] [user-id] [keyring]"
+msgstr "-k[v][v][v][c] [user-id] [����������]"
+
+#: g10/g10.c:1916
+#, c-format
+msgid "dearmoring failed: %s\n"
+msgstr "����������� �������: %s\n"
+
+#: g10/g10.c:1924
+#, c-format
+msgid "enarmoring failed: %s\n"
+msgstr "�������� �������: %s\n"
+
+#: g10/g10.c:2011
+#, c-format
+msgid "invalid hash algorithm `%s'\n"
+msgstr "�� ������� ����������  hash `%s'\n"
+
+#: g10/g10.c:2097
+msgid "[filename]"
+msgstr "[����� �������]"
+
+#: g10/g10.c:2101
+msgid "Go ahead and type your message ...\n"
+msgstr "�������� ���� �� ���������� �� ������ ��� ...\n"
+
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
+#, c-format
+msgid "can't open `%s'\n"
+msgstr "�������� ��������� ��� `%s'\n"
+
+#: g10/g10.c:2313
+msgid ""
+"the first character of a notation name must be a letter or an underscore\n"
+msgstr ""
+"� ������ ���������� ��� �������� ��������� ������ �� ����� ������ � "
+"underscore\n"
+
+#: g10/g10.c:2319
+msgid ""
+"a notation name must have only letters, digits, dots or underscores and end "
+"with an '='\n"
+msgstr ""
+"��� ����� ��������� ������ �� �������� ���� �������������, ������� � "
+"underscores ��� ����� �� '='\n"
+
+#: g10/g10.c:2325
+msgid "dots in a notation name must be surrounded by other characters\n"
+msgstr "�� ������� ��� ����� ��������� ������ �� ����� ������ ����������\n"
+
+#: g10/g10.c:2333
+msgid "a notation value must not use any control characters\n"
+msgstr "� ���� ��������� ������ �� �� ������������ ���������� control\n"
+
+#: g10/armor.c:314
+#, c-format
+msgid "armor: %s\n"
+msgstr "��������: %s\n"
+
+#: g10/armor.c:343
+msgid "invalid armor header: "
+msgstr "�� ������ ����������� ���������: "
+
+#: g10/armor.c:350
+msgid "armor header: "
+msgstr "����������� ���������: "
+
+#: g10/armor.c:361
+msgid "invalid clearsig header\n"
+msgstr "�� ������ ����������� clearsig\n"
+
+#: g10/armor.c:413
+msgid "nested clear text signatures\n"
+msgstr "����������� �� ���������������� ���������\n"
+
+#: g10/armor.c:537
+msgid "invalid dash escaped line: "
+msgstr "�� ������ dash escaped ������: "
+
+#: g10/armor.c:549
+msgid "unexpected armor:"
+msgstr "�� ����������� ��������:"
+
+#: g10/armor.c:675 g10/armor.c:1242
+#, c-format
+msgid "invalid radix64 character %02x skipped\n"
+msgstr "�� ������� radix64 ���������� %02x ���������\n"
+
+#: g10/armor.c:718
+msgid "premature eof (no CRC)\n"
+msgstr "������ ����� ������� (������� CRC)\n"
+
+#: g10/armor.c:752
+msgid "premature eof (in CRC)\n"
+msgstr "������ ����� ������� (����� CRC)\n"
+
+#: g10/armor.c:756
+msgid "malformed CRC\n"
+msgstr "����� ����� CRC\n"
+
+#: g10/armor.c:760 g10/armor.c:1279
+#, c-format
+msgid "CRC error; %06lx - %06lx\n"
+msgstr "������ CRC: %06lx - %06lx\n"
+
+#: g10/armor.c:780
+msgid "premature eof (in Trailer)\n"
+msgstr "������ ����� ������� (��� �railer)\n"
+
+#: g10/armor.c:784
+msgid "error in trailer line\n"
+msgstr "������ ��� ������ trailer\n"
+
+#: g10/armor.c:1057
+msgid "no valid OpenPGP data found.\n"
+msgstr "�� �������� ������ OpenPGP ��������.\n"
+
+#: g10/armor.c:1062
+#, c-format
+msgid "invalid armor: line longer than %d characters\n"
+msgstr "�� ������ ��������: � ������ ����� ���� ��� %d ����������\n"
+
+#: g10/armor.c:1066
+msgid ""
+"quoted printable character in armor - probably a buggy MTA has been used\n"
+msgstr ""
+"�����������, �� ����������, ���������� ��� �������� - ���� ����� ����� "
+"������������� MTA\n"
+
+#: g10/pkclist.c:61
+msgid "No reason specified"
+msgstr "��� ���� ������� �����"
+
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "�� ������ ���� ����������"
+
+#: g10/pkclist.c:65
+msgid "Key has been compromised"
+msgstr "�� ������ ���� �������"
+
+#: g10/pkclist.c:67
+msgid "Key is no longer used"
+msgstr "�� ������ �� ��������������� �����"
+
+#: g10/pkclist.c:69
+msgid "User ID is no longer valid"
+msgstr "�� User ID ��� ����� ����� ������"
+
+#: g10/pkclist.c:73
+msgid "Reason for revocation: "
+msgstr "����� ��� ��������:"
+
+#: g10/pkclist.c:90
+msgid "Revocation comment: "
+msgstr "������ ���������:"
+
+#. a string with valid answers
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMqQsS"
+
+#: g10/pkclist.c:258
+#, c-format
+msgid ""
+"No trust value assigned to:\n"
+"%4u%c/%08lX %s \""
+msgstr ""
+"��� ������ ���� ������������ ���:\n"
+"%4u%c/%08lX %s \""
+
+#: g10/pkclist.c:270
+msgid ""
+"Please decide how far you trust this user to correctly\n"
+"verify other users' keys (by looking at passports,\n"
+"checking fingerprints from different sources...)?\n"
+"\n"
+msgstr ""
+"�������� ���������� ���� ���� ������������ ���� ��\n"
+"������, ���� �� ������ �� ���������� ������� ����� (�� ��\n"
+"�� �������� passports ��� fingerprints ��� �������� �����...);\n"
+"\n"
+
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = ��� ����\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d =  ��� ��� �����������\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = ��� ������ �����������\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = ��� ����� �����������\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = ������������ �������\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = ���������� ������������ �����������\n"
+
+#: g10/pkclist.c:281
+msgid " m = back to the main menu\n"
+msgstr " m = ���� ��� ������ �����\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = ��������� ����� ��� ��������\n"
+
+#: g10/pkclist.c:285
+msgid " q = quit\n"
+msgstr " q = �����������\n"
+
+#: g10/pkclist.c:292
+msgid "Your decision? "
+msgstr "� ������� ���; "
+
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "������� ������ ���� �� ������ �� ������� ��� �������� ������������; "
+
+#: g10/pkclist.c:325
+msgid "Certificates leading to an ultimately trusted key:\n"
+msgstr "������������� ��� ������� �� ��� ������ �������� ������������:\n"
+
+#: g10/pkclist.c:399
+#, c-format
+msgid "key %08lX: key has been revoked!\n"
+msgstr "������ %08lX: �� ������ ���� ���������!\n"
+
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
+msgid "Use this key anyway? "
+msgstr "����� ���������� ����� ��� ��������; "
+
+#: g10/pkclist.c:411
+#, c-format
+msgid "key %08lX: subkey has been revoked!\n"
+msgstr "������ %08lX: �� ��������� ���� ���������!\n"
+
+#: g10/pkclist.c:432
+#, c-format
+msgid "%08lX: key has expired\n"
+msgstr "%08lX: �� ������ ���� �����\n"
+
+#: g10/pkclist.c:442
+#, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"%08lX: ��� ������� ������� ��� � �������� ���� ������ ���� ���������.\n"
+
+#: g10/pkclist.c:448
+#, c-format
+msgid "%08lX: We do NOT trust this key\n"
+msgstr "%08lX: ��� �������������� ���� �� ������\n"
+
+#: g10/pkclist.c:454
+#, c-format
+msgid ""
+"%08lX: It is not sure that this key really belongs to the owner\n"
+"but it is accepted anyway\n"
+msgstr ""
+"%08lX: ��� ����� ������ ��� ���� �� ������ ������ ���� ���������\n"
+"���� �� ���� ���������� ������� �����\n"
+
+#: g10/pkclist.c:460
+msgid "This key probably belongs to the owner\n"
+msgstr "���� �� ������ ������� ������ ���� ���������\n"
+
+#: g10/pkclist.c:465
+msgid "This key belongs to us\n"
+msgstr "���� �� ������ ������ �� ����\n"
+
+#: g10/pkclist.c:507
+msgid ""
+"It is NOT certain that the key belongs to its owner.\n"
+"If you *really* know what you are doing, you may answer\n"
+"the next question with yes\n"
+"\n"
+msgstr ""
+"��� ����� ������ ��� ���� �� ������ ������ ���� ��������� ���.\n"
+"��� *����������* ������ �� ������, �������� �� ����������\n"
+"��� ������� ������� ����������\n"
+"\n"
+
+#: g10/pkclist.c:521 g10/pkclist.c:543
+msgid "WARNING: Using untrusted key!\n"
+msgstr "�������������: ����� �������� ����� �����������!\n"
+
+#: g10/pkclist.c:562
+msgid "WARNING: This key has been revoked by its owner!\n"
+msgstr "�������������: ���� �� ������ ���� ��������� ��� ��� ��������� ���!\n"
+
+#: g10/pkclist.c:563
+msgid "         This could mean that the signature is forgery.\n"
+msgstr "         ���� ������ �� �������� ��� � �������� ����� ������������.\n"
+
+#: g10/pkclist.c:569
+msgid "WARNING: This subkey has been revoked by its owner!\n"
+msgstr ""
+"�������������: ���� �� ��������� ���� ��������� ��� ��� ��������� ���!\n"
+
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "��������: ���� �� ������ ���� ���������������.\n"
+
+#: g10/pkclist.c:579
+msgid "Note: This key has expired!\n"
+msgstr "��������: ���� �� ������ ���� �����!\n"
+
+#: g10/pkclist.c:590
+msgid "WARNING: This key is not certified with a trusted signature!\n"
+msgstr ""
+"�������������: ���� �� ������ ��� ���� ������������ �� ������������ "
+"��������!\n"
+
+#: g10/pkclist.c:592
+msgid ""
+"         There is no indication that the signature belongs to the owner.\n"
+msgstr "         ��� ������� ������� ��� � �������� ������ ���� ���������.\n"
+
+#: g10/pkclist.c:600
+msgid "WARNING: We do NOT trust this key!\n"
+msgstr "�������������: ��� �������������� ���� �� ������!\n"
+
+#: g10/pkclist.c:601
+msgid "         The signature is probably a FORGERY.\n"
+msgstr "         � �������� ������ ����� ������������.\n"
+
+#: g10/pkclist.c:609
+msgid ""
+"WARNING: This key is not certified with sufficiently trusted signatures!\n"
+msgstr ""
+"�������������: ���� �� ������ ��� ���� ������������ �� ���������\n"
+"������� ������������!\n"
+
+#: g10/pkclist.c:611
+msgid "         It is not certain that the signature belongs to the owner.\n"
+msgstr "         ��� ����� ������ ��� � �������� ������ ���� ���������.\n"
+
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
+#, c-format
+msgid "%s: skipped: %s\n"
+msgstr "%s: ������������: %s\n"
+
+#: g10/pkclist.c:723 g10/pkclist.c:911
+#, c-format
+msgid "%s: skipped: public key already present\n"
+msgstr "%s: ������������: ������� ������ ����� ��� �����\n"
+
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr "��� �������� ��� user ID. (��������������� �� \"-r\")\n"
+
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
+"\n"
+"�������������� �� user ID. ����� �� ��� ����� ������: "
+
+#: g10/pkclist.c:776
+msgid "No such user ID.\n"
+msgstr "��� ������� ���� �� user ID.\n"
+
+#: g10/pkclist.c:781 g10/pkclist.c:857
+msgid "skipped: public key already set as default recipient\n"
+msgstr ""
+"������������: ������� ������ ���� ��� ������� ��� �� ������� ����������\n"
+
+#: g10/pkclist.c:799
+msgid "Public key is disabled.\n"
+msgstr "�� ������� ������ ���� ���������������.\n"
+
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "������������: ������� ������ ���� ��� �������\n"
+
+#: g10/pkclist.c:849
+#, c-format
+msgid "unknown default recipient `%s'\n"
+msgstr "�������� ��������������� ���������� `%s'\n"
+
+#: g10/pkclist.c:893
+#, c-format
+msgid "%s: skipped: public key is disabled\n"
+msgstr "%s: ������������: �� ������� ������ ���� ���������������.\n"
+
+#: g10/pkclist.c:943
+msgid "no valid addressees\n"
+msgstr "������ ������ ���������\n"
+
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "� ���������� %c%lu ��� ����� ������\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "� ���������� %c%lu ������������\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "���� ������ `%c' �����������\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "�� ������� ���������� ��� \"�������\" ��� ��������\n"
+
+#: g10/keygen.c:399
+msgid "writing self signature\n"
+msgstr "������� ����-���������\n"
+
+#: g10/keygen.c:443
+msgid "writing key binding signature\n"
+msgstr "������� ��������� \"�������\" ��������\n"
+
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
+msgid "keysize invalid; using %u bits\n"
+msgstr "�� ������ ������� ��������, ����� %u bits\n"
+
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
+msgid "keysize rounded up to %u bits\n"
+msgstr "��������������� ��� ������� �������� ��� %u bits\n"
+
+#: g10/keygen.c:777
+msgid "Please select what kind of key you want:\n"
+msgstr "�������� �������� ��� ���� ��� �������� ��� ������:\n"
+
+#: g10/keygen.c:779
+#, c-format
+msgid "   (%d) DSA and ElGamal (default)\n"
+msgstr "   (%d) DSA ��� ElGamal (��������������)\n"
+
+#: g10/keygen.c:780
+#, c-format
+msgid "   (%d) DSA (sign only)\n"
+msgstr "   (%d) DSA (��� �������� ����)\n"
+
+#: g10/keygen.c:782
+#, c-format
+msgid "   (%d) ElGamal (encrypt only)\n"
+msgstr "   (%d) ElGamal (��� ������������� ����)\n"
+
+#: g10/keygen.c:783
+#, c-format
+msgid "   (%d) ElGamal (sign and encrypt)\n"
+msgstr "   (%d) ElGamal (�������� ��� �������������)\n"
+
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (��� �������� ����)\n"
+
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (��� ������������� ����)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
+msgid "Your selection? "
+msgstr "� ������� ���; "
+
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr ""
+"� ����� ����� ��� ���������� �������������� - ������� �� ������������; "
+
+#: g10/keyedit.c:529 g10/keygen.c:823
+msgid "Invalid selection.\n"
+msgstr "�� ������ �������.\n"
+
+#: g10/keygen.c:836
+#, c-format
+msgid ""
+"About to generate a new %s keypair.\n"
+"              minimum keysize is  768 bits\n"
+"              default keysize is 1024 bits\n"
+"    highest suggested keysize is 2048 bits\n"
+msgstr ""
+"�� ���������� ����������� ���� ���� %s keypair.\n"
+"              �������� ������� �������� �����  768 bits\n"
+"              �������������� ������� �������� ����� 1024 bits\n"
+"    ������� ������������ ������� �������� ����� 2048 bits\n"
+
+#: g10/keygen.c:845
+msgid "What keysize do you want? (1024) "
+msgstr "�� ������� �������� �� ������; (1024) "
+
+#: g10/keygen.c:850
+msgid "DSA only allows keysizes from 512 to 1024\n"
+msgstr "� DSA ��������� ���� ������� �������� ��� 512 ��� 1024\n"
+
+#: g10/keygen.c:852
+msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr ""
+"�� ������� �������� ����� ���� �����, 1024 ����� � �������� ���� ��� RSA.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr ""
+"�� ������� �������� ����� ���� �����, 768 ����� � �������� ������������ "
+"����.\n"
+
+#. It is ridiculous and an annoyance to use larger key sizes!
+#. * GnuPG can handle much larger sizes; but it takes an eternity
+#. * to create such a key (but less than the time the Sirius
+#. * Computer Corporation needs to process one of the usual
+#. * complaints) and {de,en}cryption although needs some time.
+#. * So, before you complain about this limitation, I suggest that
+#. * you start a discussion with Marvin about this theme and then
+#. * do whatever you want.
+#: g10/keygen.c:866
+#, c-format
+msgid "keysize too large; %d is largest value allowed.\n"
+msgstr ""
+"�� ������� �������� ����� ���� ������, %d ����� � ������� ���� ��� "
+"�����������.\n"
+
+#: g10/keygen.c:871
+msgid ""
+"Keysizes larger than 2048 are not suggested because\n"
+"computations take REALLY long!\n"
+msgstr ""
+"������ �������� ���������� ��� 2048 ��� ����������� �����\n"
+"�� ����������� ����� ����������!\n"
+
+#: g10/keygen.c:874
+msgid "Are you sure that you want this keysize? "
+msgstr "������� ������ ���� �� ������� ��������; "
+
+#: g10/keygen.c:875
+msgid ""
+"Okay, but keep in mind that your monitor and keyboard radiation is also very "
+"vulnerable to attacks!\n"
+msgstr ""
+"�������, ���� �� ����� ��'��� ��� � ����� ��� �� ������������ �����\n"
+"������ ���� ����� �� ���������!\n"
+
+#: g10/keygen.c:884
+#, c-format
+msgid "Requested keysize is %u bits\n"
+msgstr "�� ������� �������� ��� �������� ����� %u bits\n"
+
+#: g10/keygen.c:887 g10/keygen.c:891
+#, c-format
+msgid "rounded up to %u bits\n"
+msgstr "����������������� ��� �� %u bits\n"
+
+#: g10/keygen.c:942
+msgid ""
+"Please specify how long the key should be valid.\n"
+"         0 = key does not expire\n"
+"      <n>  = key expires in n days\n"
+"      <n>w = key expires in n weeks\n"
+"      <n>m = key expires in n months\n"
+"      <n>y = key expires in n years\n"
+msgstr ""
+"�������� ������ ��� ���� ����� �� ������ �� ����� ������.\n"
+"         0 = �� ������ ��� ����� ����\n"
+"      <n>  = �� ������ ����� �� n �����\n"
+"      <n>w = �� ������ ����� �� n ���������\n"
+"      <n>m = �� ������ ����� �� n �����\n"
+"      <n>y = �� ������ ����� �� n ���\n"
+
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"�������� ������ ��� ���� ����� �� ������ �� ����� ������.\n"
+"         0 = �� ������ ��� ����� ����\n"
+"      <n>  = �� ������ ����� �� n �����\n"
+"      <n>w = �� ������ ����� �� n ���������\n"
+"      <n>m = �� ������ ����� �� n �����\n"
+"      <n>y = �� ������ ����� �� n ���\n"
+
+#: g10/keygen.c:973
+msgid "Key is valid for? (0) "
+msgstr "�� ������ ����� ������ ���; (0) "
+
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "� �������� ����� ������ ���; (0) "
+
+#: g10/keygen.c:980
+msgid "invalid value\n"
+msgstr "�� ������ ����\n"
+
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "�� %s ��� ����� ����\n"
+
+#. print the date when the key expires
+#: g10/keygen.c:992
+#, c-format
+msgid "%s expires at %s\n"
+msgstr "�� %s ����� ���� %s\n"
+
+#: g10/keygen.c:998
+msgid ""
+"Your system can't display dates beyond 2038.\n"
+"However, it will be correctly handled up to 2106.\n"
+msgstr ""
+"�� ������� ��� ��� ������ �� ����������� ����������� ���� ��� 2038.\n"
+"����, �� ����������� ����� ��� �� 2106.\n"
+
+#: g10/keygen.c:1003
+msgid "Is this correct (y/n)? "
+msgstr "����� ���� ����� (y/n); "
+
+#: g10/keygen.c:1046
+msgid ""
+"\n"
+"You need a User-ID to identify your key; the software constructs the user "
+"id\n"
+"from Real Name, Comment and Email Address in this form:\n"
+"    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
+"\n"
+msgstr ""
+"\n"
+"���������� ��� User-ID ��� �� ������������ ��� ������. �� ��������� "
+"������������\n"
+"�� user-id ��� �� ������� �����, ������ ��� ��������� Email ����� ����:\n"
+"    \"Nikolaoy Nikos (toy Ioanni) <[email protected]>\"\n"
+"\n"
+
+#: g10/keygen.c:1058
+msgid "Real name: "
+msgstr "������� �����: "
+
+#: g10/keygen.c:1066
+msgid "Invalid character in name\n"
+msgstr "�� ������� ���������� ��� �����\n"
+
+#: g10/keygen.c:1068
+msgid "Name may not start with a digit\n"
+msgstr "�� ����� ��� ����������� �� ������ �� ���������� �����\n"
+
+#: g10/keygen.c:1070
+msgid "Name must be at least 5 characters long\n"
+msgstr "�� ����� ������ �� ���� ����������� 5 ����������\n"
+
+#: g10/keygen.c:1078
+msgid "Email address: "
+msgstr "��������� Email: "
+
+#: g10/keygen.c:1089
+msgid "Not a valid email address\n"
+msgstr "�� ������ ��������� Email\n"
+
+#: g10/keygen.c:1097
+msgid "Comment: "
+msgstr "������: "
+
+#: g10/keygen.c:1103
+msgid "Invalid character in comment\n"
+msgstr "�� ������� ���������� ��� ������\n"
+
+#: g10/keygen.c:1126
+#, c-format
+msgid "You are using the `%s' character set.\n"
+msgstr "�������������� �� `%s' ��� ����������.\n"
+
+#: g10/keygen.c:1132
+#, c-format
+msgid ""
+"You selected this USER-ID:\n"
+"    \"%s\"\n"
+"\n"
+msgstr ""
+"��������� �� USER-ID:\n"
+"    \"%s\"\n"
+"\n"
+
+#: g10/keygen.c:1136
+msgid "Please don't put the email address into the real name or the comment\n"
+msgstr "�������� ��� ����������� ��� ��������� email ��� ����� � ��� ������\n"
+
+#: g10/keygen.c:1141
+msgid "NnCcEeOoQq"
+msgstr "NnCcEeOoQq"
+
+#: g10/keygen.c:1151
+msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
+msgstr "������ (N)�����, (C)������, (E)mail � (Q)�����������; "
+
+#: g10/keygen.c:1152
+msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
+msgstr "������ (N)�����, (C)������, (E)mail � (O)�������/(Q)�����������; "
+
+#: g10/keygen.c:1171
+msgid "Please correct the error first\n"
+msgstr "��������, ��������� ����� �� ������\n"
+
+#: g10/keygen.c:1210
+msgid ""
+"You need a Passphrase to protect your secret key.\n"
+"\n"
+msgstr ""
+"���������� ��� ����� ������ ��� �� ������������� �� ������� ������.\n"
+"\n"
+
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "� ����� ������ ��� ������������ �����. ��������� ����"
+
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"I will do it anyway.  You can change your passphrase at any time,\n"
+"using this program with the option \"--edit-key\".\n"
+"\n"
+msgstr ""
+"��� ���������� ��� ����� ������ - ���� ����� ������ ��� *����* ����!\n"
+"�� �������� ���� ��� �� ����. �������� �� �������� �� ����� ���\n"
+"����� ������, �� ��� ������� \"--edit-key\".\n"
+"\n"
+
+#: g10/keygen.c:1246
+msgid ""
+"We need to generate a lot of random bytes. It is a good idea to perform\n"
+"some other action (type on the keyboard, move the mouse, utilize the\n"
+"disks) during the prime generation; this gives the random number\n"
+"generator a better chance to gain enough entropy.\n"
+msgstr ""
+"������ �� ������������� ����� ������ bytes. ����� ���� ���� �� ������\n"
+"������ ������� (��������������, ����������� �� �������, ��������������\n"
+"���� �������) ���� �� �������� ����������� ������ �������. ���� �����\n"
+"��� ��������� ������� ������� ��� �������� �� ������� ������ ��������.\n"
+
+#: g10/keygen.c:1741
+msgid "DSA keypair will have 1024 bits.\n"
+msgstr "�� ������ �������� DSA �� ����� 1024 bits.\n"
+
+#: g10/keygen.c:1795
+msgid "Key generation canceled.\n"
+msgstr "� ���������� �������� ����������.\n"
+
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
+msgid "writing public key to `%s'\n"
+msgstr "������� ��� �������� �������� ��� `%s'\n"
+
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
+msgid "writing secret key to `%s'\n"
+msgstr "������� ��� �������� �������� ��� `%s'\n"
+
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "�� ������� ��������� ������� ����������: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "�� ������� ��������� ������� ����������: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "�������� �������� �������� ����������� `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "�������� �������� �������� ����������� `%s': %s\n"
+
+#: g10/keygen.c:1999
+msgid "public and secret key created and signed.\n"
+msgstr "�� ������� ��� �� ������� ������ �������������� ��� �����������.\n"
+
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "�������� �������� ��� �������� ������������.\n"
+
+#: g10/keygen.c:2011
+msgid ""
+"Note that this key cannot be used for encryption.  You may want to use\n"
+"the command \"--edit-key\" to generate a secondary key for this purpose.\n"
+msgstr ""
+"��������� ��� ���� �� ������ ��� ������ �� �������������� ��� "
+"�������������.\n"
+"�������� �� ��������������� ��� ������ \"--edit-key\" ��� �� ������������\n"
+"��� ���������� ������ ��� ���� �� ����.\n"
+
+#: g10/keygen.c:2023 g10/keygen.c:2131
+#, c-format
+msgid "Key generation failed: %s\n"
+msgstr "� ���������� �������� �������: %s\n"
+
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
+#, c-format
+msgid ""
+"key has been created %lu second in future (time warp or clock problem)\n"
+msgstr ""
+"�� ������ ������������� %lu ������������ ��� ������ (��������� �\n"
+"����� �������� ��� �����)\n"
+
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
+#, c-format
+msgid ""
+"key has been created %lu seconds in future (time warp or clock problem)\n"
+msgstr ""
+"�� ������ ������������� %lu ������������ ��� ������ (��������� �\n"
+"����� �������� ��� �����)\n"
+
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr ""
+"��������: � ���������� ����������� ��� ������� v3 ��� ����� �������\n"
+"�� �� OpenPGP\n"
+
+#: g10/keygen.c:2107
+msgid "Really create? "
+msgstr "������� �� ������������; "
+
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output ��� ���������� ��� ���� ��� ������\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' ��� �����������\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
+#, c-format
+msgid "%s: can't open: %s\n"
+msgstr "%s: �������� ��������� ���: %s\n"
+
+#: g10/encode.c:122 g10/sign.c:959
+#, c-format
+msgid "error creating passphrase: %s\n"
+msgstr "������ ��� ���������� ��� ������ ������: %s\n"
+
+#: g10/encode.c:185 g10/encode.c:383
+#, c-format
+msgid "%s: WARNING: empty file\n"
+msgstr "%s: �������������: ����� ������\n"
+
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"������������� �� ������� RSA ��� 2048 bit � ��� ���� ���� �� ��������� --"
+"pgp2\n"
+
+#: g10/encode.c:313
+#, c-format
+msgid "reading from `%s'\n"
+msgstr "�������� ��� `%s'\n"
+
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+"�������� ������ ��� ��������������� IDEA ��� ��� �� ������� �� �� "
+"�������������������.\n"
+
+#: g10/encode.c:563
+#, c-format
+msgid "%s/%s encrypted for: %s\n"
+msgstr "%s/%s ��������������� ���: %s\n"
+
+#: g10/delkey.c:69 g10/export.c:141
+#, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "�� ������ '%s' �� �������: %s\n"
+
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "������ ���� ��� �������� ��� ����� ��������: %s\n"
+
+#: g10/export.c:169
+#, c-format
+msgid "key %08lX: not a rfc2440 key - skipped\n"
+msgstr "������ %08lX: ��� ����� ��� rfc2440 ������ - ������������\n"
+
+#: g10/export.c:180
+#, c-format
+msgid "key %08lX: not protected - skipped\n"
+msgstr "������ %08lX: ��� ����� ������������� - ������������\n"
+
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "������ %08lX:  ������ ����� PGP 2.x - ������������\n"
+
+#: g10/export.c:255
+msgid "WARNING: nothing exported\n"
+msgstr "�������������: ��� ����� ������ �������\n"
+
+#: g10/getkey.c:151
+msgid "too many entries in pk cache - disabled\n"
+msgstr "���� ������ ������������ ��� pk cache - ����������������\n"
+
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[User id ��� �������]"
+
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+"�� ������ ������ %08lX ����� ������ ��� �� --allow-non-selfsigned-uid\n"
+
+#: g10/getkey.c:1989
+#, c-format
+msgid "using secondary key %08lX instead of primary key %08lX\n"
+msgstr "����� ��� ������������� �������� %08lX ���� ��� ����������� %08lX\n"
+
+#: g10/getkey.c:2036
+#, c-format
+msgid "key %08lX: secret key without public key - skipped\n"
+msgstr "������ %08lX: ������� ������ ����� ������� - ������������\n"
+
+#: g10/import.c:206
+#, c-format
+msgid "skipping block of type %d\n"
+msgstr "��������� �������� ��� ����� %d\n"
+
+#: g10/import.c:213
+#, c-format
+msgid "%lu keys so far processed\n"
+msgstr "%lu ������� ����� ����� ���� ������������\n"
+
+#: g10/import.c:218
+#, c-format
+msgid "error reading `%s': %s\n"
+msgstr "������ ���� ��� �������� ��� `%s': %s\n"
+
+#: g10/import.c:230
+#, c-format
+msgid "Total number processed: %lu\n"
+msgstr "��������� ������� ��� ��������������: %lu\n"
+
+#: g10/import.c:232
+#, c-format
+msgid "      skipped new keys: %lu\n"
+msgstr "      ��� ������� ��� �������������: %lu\n"
+
+#: g10/import.c:235
+#, c-format
+msgid "          w/o user IDs: %lu\n"
+msgstr "          ����� user ID: %lu\n"
+
+#: g10/import.c:237
+#, c-format
+msgid "              imported: %lu"
+msgstr "              ����������: %lu"
+
+#: g10/import.c:243
+#, c-format
+msgid "             unchanged: %lu\n"
+msgstr "             ����������: %lu\n"
+
+#: g10/import.c:245
+#, c-format
+msgid "          new user IDs: %lu\n"
+msgstr "          ��� user ID: %lu\n"
+
+#: g10/import.c:247
+#, c-format
+msgid "           new subkeys: %lu\n"
+msgstr "           ��� ����������: %lu\n"
+
+#: g10/import.c:249
+#, c-format
+msgid "        new signatures: %lu\n"
+msgstr "        ���� ���������: %lu\n"
+
+#: g10/import.c:251
+#, c-format
+msgid "   new key revocations: %lu\n"
+msgstr "   ���� ���������� ��������: %lu\n"
+
+#: g10/import.c:253
+#, c-format
+msgid "      secret keys read: %lu\n"
+msgstr "      ����������� ������� �������: %lu\n"
+
+#: g10/import.c:255
+#, c-format
+msgid "  secret keys imported: %lu\n"
+msgstr "  ���������� ������� �������: %lu\n"
+
+#: g10/import.c:257
+#, c-format
+msgid " secret keys unchanged: %lu\n"
+msgstr " ���������� ������� �������: %lu\n"
+
+#: g10/import.c:438 g10/import.c:657
+#, c-format
+msgid "key %08lX: no user ID\n"
+msgstr "������ %08lX: ��� ������� ���� �� user ID\n"
+
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "������ %08lX: ����� �� ����-������������� user ID '%s'\n"
+
+#: g10/import.c:462
+#, c-format
+msgid "key %08lX: no valid user IDs\n"
+msgstr "������ %08lX: ��� ���� ������ user ID\n"
+
+#: g10/import.c:464
+msgid "this may be caused by a missing self-signature\n"
+msgstr "���� ������ �� ������� ��� ��� ������ ������������\n"
+
+#: g10/import.c:474 g10/import.c:726
+#, c-format
+msgid "key %08lX: public key not found: %s\n"
+msgstr "������ %08lX: ������� ������ ��� �� �������: %s\n"
+
+#: g10/import.c:479
+#, c-format
+msgid "key %08lX: new key - skipped\n"
+msgstr "������ %08lX:  ��� ������ - ������������\n"
+
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "��� ������� ��������� ����������: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
+#, c-format
+msgid "writing to `%s'\n"
+msgstr "������� ���  `%s'\n"
+
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
+msgstr "�������� �������� ��� ����������� `%s': %s\n"
+
+#: g10/import.c:505
+#, c-format
+msgid "key %08lX: public key imported\n"
+msgstr "������ %08lX: ������� ������ ���� ��������\n"
+
+#: g10/import.c:524
+#, c-format
+msgid "key %08lX: doesn't match our copy\n"
+msgstr "������ %08lX: ��� ��������� �� �� ��������� ���\n"
+
+#: g10/import.c:542 g10/import.c:743
+#, c-format
+msgid "key %08lX: can't locate original keyblock: %s\n"
+msgstr "������ %08lX: �������� ���������� ��� ������� �������� ��������: %s\n"
+
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "������ %08lX: �������� ��������� ��� ������� �������� ��������: %s\n"
+
+#: g10/import.c:579
+#, c-format
+msgid "key %08lX: 1 new user ID\n"
+msgstr "������ %08lX: 1 ��� user ID\n"
+
+#: g10/import.c:582
+#, c-format
+msgid "key %08lX: %d new user IDs\n"
+msgstr "������ %08lX: %d ��� user ID\n"
+
+#: g10/import.c:585
+#, c-format
+msgid "key %08lX: 1 new signature\n"
+msgstr "������ %08lX: 1 ��� ��������\n"
+
+#: g10/import.c:588
+#, c-format
+msgid "key %08lX: %d new signatures\n"
+msgstr "������ %08lX: %d ���� ���������\n"
+
+#: g10/import.c:591
+#, c-format
+msgid "key %08lX: 1 new subkey\n"
+msgstr "������ %08lX: 1 ��� ���������\n"
+
+#: g10/import.c:594
+#, c-format
+msgid "key %08lX: %d new subkeys\n"
+msgstr "������ %08lX: %d ��� ����������\n"
+
+#: g10/import.c:604
+#, c-format
+msgid "key %08lX: not changed\n"
+msgstr "������ %08lX: ����������\n"
+
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "��� ������� �������������� ����������: %s\n"
+
+#: g10/import.c:682
+#, c-format
+msgid "key %08lX: secret key imported\n"
+msgstr "������ %08lX: ������� ������ ���������\n"
+
+#. we can't merge secret keys
+#: g10/import.c:686
+#, c-format
+msgid "key %08lX: already in secret keyring\n"
+msgstr "������ %08lX: ��� ��� ������� ����������\n"
+
+#: g10/import.c:691
+#, c-format
+msgid "key %08lX: secret key not found: %s\n"
+msgstr "������ %08lX: �� ������� �� ������� ������: %s\n"
+
+#: g10/import.c:720
+#, c-format
+msgid "key %08lX: no public key - can't apply revocation certificate\n"
+msgstr ""
+"������ %08lX: ��� ������� ������ - �������� ��������� �������������� "
+"���������\n"
+
+#: g10/import.c:760
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
+msgstr "������ %08lX: �� ������ ������������� ���������: %s - ��������\n"
+
+#: g10/import.c:791
+#, c-format
+msgid "key %08lX: revocation certificate imported\n"
+msgstr "������ %08lX: ������������� ��������� ���������\n"
+
+#: g10/import.c:826
+#, c-format
+msgid "key %08lX: no user ID for signature\n"
+msgstr "������ %08lX: ��� ������� user ID ��� ��� ��������\n"
+
+#: g10/import.c:839
+#, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr ""
+"������ %08lX: �� ��������������� ���������� �������� �������� ��� user id \"%"
+"s\"\n"
+
+#: g10/import.c:841
+#, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "������ %08lX: �� ������ ����-�������� ��� user id \"%s\"\n"
+
+#: g10/import.c:858
+#, c-format
+msgid "key %08lX: no subkey for key binding\n"
+msgstr "������ %08lX: ��� ������� ��������� ��� �� �������� ��������\n"
+
+#: g10/import.c:868
+#, c-format
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "������ %08lX: �� ��������������� ���������� �������� ��������\n"
+
+#: g10/import.c:869
+#, c-format
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "������ %08lX: �� ������ �������� �����������\n"
+
+#: g10/import.c:899
+#, c-format
+msgid "key %08lX: skipped user ID '"
+msgstr "������ %08lX: ������������ user ID '"
+
+#: g10/import.c:922
+#, c-format
+msgid "key %08lX: skipped subkey\n"
+msgstr "������ %08lX: ������������ ���������\n"
+
+#. here we violate the rfc a bit by still allowing
+#. * to import non-exportable signature when we have the
+#. * the secret key used to create this signature - it
+#. * seems that this makes sense
+#: g10/import.c:945
+#, c-format
+msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
+msgstr "������ %08lX: �� ��������� �������� (����� %02x) - ������������\n"
+
+#: g10/import.c:954
+#, c-format
+msgid "key %08lX: revocation certificate at wrong place - skipped\n"
+msgstr ""
+"������ %08lX: �� ������������� ��������� �� ����� ������ - ������������\n"
+
+#: g10/import.c:971
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
+msgstr "������ %08lX: �� ������ ������������� ���������: %s - ������������\n"
+
+#: g10/import.c:1072
+#, c-format
+msgid "key %08lX: duplicated user ID detected - merged\n"
+msgstr "������ %08lX: ����������� ����� user ID - ��������\n"
+
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+"�������������: ������ %08lX ������ �� ���������: ���� �������� ��������� %"
+"08lX\n"
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
+#, c-format
+msgid "key %08lX: revocation certificate added\n"
+msgstr "������ %08lX: ������������� ��������� ����������\n"
+
+#: g10/import.c:1231
+#, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "������ %08lX: ����� �������� �������� ����������\n"
+
+#: g10/keyedit.c:142
+msgid "[revocation]"
+msgstr "[��������]"
+
+#: g10/keyedit.c:143
+msgid "[self-signature]"
+msgstr "[����-��������]"
+
+#: g10/keyedit.c:214 g10/keylist.c:139
+msgid "1 bad signature\n"
+msgstr "1 ���� ��������\n"
+
+#: g10/keyedit.c:216 g10/keylist.c:141
+#, c-format
+msgid "%d bad signatures\n"
+msgstr "%d ����� ���������\n"
+
+#: g10/keyedit.c:218 g10/keylist.c:143
+msgid "1 signature not checked due to a missing key\n"
+msgstr "1 �������� ��� ��������� ���� ������� ��������\n"
+
+#: g10/keyedit.c:220 g10/keylist.c:145
+#, c-format
+msgid "%d signatures not checked due to missing keys\n"
+msgstr "%d ��������� ��� ���������� ���� ������� ��������\n"
+
+#: g10/keyedit.c:222 g10/keylist.c:147
+msgid "1 signature not checked due to an error\n"
+msgstr "1 �������� ��� ��������� ���� ���� ���������\n"
+
+#: g10/keyedit.c:224 g10/keylist.c:149
+#, c-format
+msgid "%d signatures not checked due to errors\n"
+msgstr "%d ��������� ��� ���������� ���� ���������\n"
+
+#: g10/keyedit.c:226
+msgid "1 user ID without valid self-signature detected\n"
+msgstr "1 user ID ����������� ����� ������ ����-��������\n"
+
+#: g10/keyedit.c:228
+#, c-format
+msgid "%d user IDs without valid self-signatures detected\n"
+msgstr "%d user ID ������������ ����� ������� ����-���������\n"
+
+#: g10/keyedit.c:335
+#, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "�� user ID \"%s\" ����������."
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "������� ������ ����� �� �� ����������; (y/N) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr "  �������� ���������.\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"� ������������ �������� ��� ��� \"%s\"\n"
+"����� ��� ������ ��������.\n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr "������ �� �� �������� �� ��� ����� ��������� ��������; (y/N) "
+
+#: g10/keyedit.c:388
+#, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" ��� ����������� ��� �� ������ %08lX\n"
+
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" ��� ����������� ��� �� ������ %08lX\n"
+
+#: g10/keyedit.c:405
+#, c-format
+msgid "Nothing to sign with key %08lX\n"
+msgstr "������ ��� �� ��������� �� �� ������  %08lX\n"
+
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "���� �� ������ ���� �����!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "���� �� ������ �������� �� ����� ���� %s.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "������ � ���������� �� ����� ����������;  (Y/n) "
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+"�������� �� ��������������� ��� OpenPGP �������� �� ��� PGP 2.x ���� �� "
+"��������� --pgp2.\n"
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "���� �� ����� �� ������ ������� �� �� PGP 2.x.\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"����� �������� ��� �������� ���������� ��� �� ������ ��� ����� ������� ��\n"
+"������ �������� ��� ����������� �����; ��� ��� ������ �� �� ���������� "
+"�������\"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) ��� ������.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) ��� ��� ������� �������.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) ��� ����� ��� ������ ������.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) ��� ����� ���������� ������.%s\n"
+
+#: g10/keyedit.c:535
+msgid ""
+"Are you really sure that you want to sign this key\n"
+"with your key: \""
+msgstr ""
+"������� ������ �� ���������� ���� �� ������\n"
+"�� �� ������ ���: \""
+
+#: g10/keyedit.c:544
+msgid ""
+"\n"
+"The signature will be marked as non-exportable.\n"
+msgstr ""
+"\n"
+"� �������� �� ��������� ��� ��-���������.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"� �������� �� ��������� ��� ��-�����������.\n"
+"\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"��� ��� ������� ������� ���� �� ������.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"��� ����� ����������� ������ �� ���� �� ������.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+"\n"
+"��� ������� ���� ���������� ���� �� ������.\n"
+
+#: g10/keyedit.c:569
+msgid "Really sign? "
+msgstr "������� �� ���������; "
+
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
+#, c-format
+msgid "signing failed: %s\n"
+msgstr "� �������� �������: %s\n"
+
+#: g10/keyedit.c:658
+msgid "This key is not protected.\n"
+msgstr "���� �� ������ ��� �������������.\n"
+
+#: g10/keyedit.c:662
+msgid "Secret parts of primary key are not available.\n"
+msgstr "������� ������� ��� ������ �������� ��� ����� ���������.\n"
+
+#: g10/keyedit.c:666
+msgid "Key is protected.\n"
+msgstr "�� ������ �������������.\n"
+
+#: g10/keyedit.c:686
+#, c-format
+msgid "Can't edit this key: %s\n"
+msgstr "������� � ����������� ����� ��� ��������:%s\n"
+
+#: g10/keyedit.c:692
+msgid ""
+"Enter the new passphrase for this secret key.\n"
+"\n"
+msgstr ""
+"�������������� ��� ��� ����� ������ ��� ���� �� ������� ������.\n"
+"\n"
+
+#: g10/keyedit.c:706
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"\n"
+msgstr "��� ������ ����� ������ - ���� ����� ������ *����* ����!\n"
+
+#: g10/keyedit.c:709
+msgid "Do you really want to do this? "
+msgstr "������� ������ �� ������ ����; "
+
+#: g10/keyedit.c:773
+msgid "moving a key signature to the correct place\n"
+msgstr "���������� ��������� �������� ��� ����� ����\n"
+
+#: g10/keyedit.c:815
+msgid "quit this menu"
+msgstr "����������� ����� ��� �����"
+
+#: g10/keyedit.c:816
+msgid "q"
+msgstr "q"
+
+#: g10/keyedit.c:817
+msgid "save"
+msgstr "save"
+
+#: g10/keyedit.c:817
+msgid "save and quit"
+msgstr "���������� ��� ������"
+
+#: g10/keyedit.c:818
+msgid "help"
+msgstr "help"
+
+#: g10/keyedit.c:818
+msgid "show this help"
+msgstr "���������� ����� ��� ��������"
+
+#: g10/keyedit.c:820
+msgid "fpr"
+msgstr "fpr"
+
+#: g10/keyedit.c:820
+msgid "show fingerprint"
+msgstr "���������� ��� fingerprint"
+
+#: g10/keyedit.c:821
+msgid "list"
+msgstr "list"
+
+#: g10/keyedit.c:821
+msgid "list key and user IDs"
+msgstr "���������� ��� �������� ��� ��� user ID"
+
+#: g10/keyedit.c:822
+msgid "l"
+msgstr "l"
+
+#: g10/keyedit.c:823
+msgid "uid"
+msgstr "uid"
+
+#: g10/keyedit.c:823
+msgid "select user ID N"
+msgstr "������� user ID N"
+
+#: g10/keyedit.c:824
+msgid "key"
+msgstr "key"
+
+#: g10/keyedit.c:824
+msgid "select secondary key N"
+msgstr "������� ������������� �������� N"
+
+#: g10/keyedit.c:825
+msgid "check"
+msgstr "check"
+
+#: g10/keyedit.c:825
+msgid "list signatures"
+msgstr "���������� ���������"
+
+#: g10/keyedit.c:826
+msgid "c"
+msgstr "c"
+
+#: g10/keyedit.c:827
+msgid "sign"
+msgstr "sign"
+
+#: g10/keyedit.c:827
+msgid "sign the key"
+msgstr "�������� ��� ��������"
+
+#: g10/keyedit.c:828
+msgid "s"
+msgstr "s"
+
+#: g10/keyedit.c:829
+msgid "lsign"
+msgstr "lsign"
+
+#: g10/keyedit.c:829
+msgid "sign the key locally"
+msgstr "�������� ��� �������� ������"
+
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsign"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "�������� ��� �������� ��-�����������"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsign"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "�������� ��� �������� ������ ��� ��-�����������"
+
+#: g10/keyedit.c:832
+msgid "debug"
+msgstr "debug"
+
+#: g10/keyedit.c:833
+msgid "adduid"
+msgstr "adduid"
+
+#: g10/keyedit.c:833
+msgid "add a user ID"
+msgstr "�������� ���� user ID"
+
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "addphoto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "�������� ���� photo ID"
+
+#: g10/keyedit.c:835
+msgid "deluid"
+msgstr "deluid"
+
+#: g10/keyedit.c:835
+msgid "delete user ID"
+msgstr "�������� ���� user ID"
+
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "delphoto"
+
+#: g10/keyedit.c:838
+msgid "addkey"
+msgstr "addkey"
+
+#: g10/keyedit.c:838
+msgid "add a secondary key"
+msgstr "�������� ���� ������������� ��������"
+
+#: g10/keyedit.c:839
+msgid "delkey"
+msgstr "delkey"
+
+#: g10/keyedit.c:839
+msgid "delete a secondary key"
+msgstr "�������� ���� ������������� ��������"
+
+#: g10/keyedit.c:840
+msgid "delsig"
+msgstr "delsig"
+
+#: g10/keyedit.c:840
+msgid "delete signatures"
+msgstr "�������� ���������"
+
+#: g10/keyedit.c:841
+msgid "expire"
+msgstr "expire"
+
+#: g10/keyedit.c:841
+msgid "change the expire date"
+msgstr "������ ��� ����������� �����"
+
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "��������"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "�������� ��� user ID ��� ��������"
+
+#: g10/keyedit.c:843
+msgid "toggle"
+msgstr "toggle"
+
+#: g10/keyedit.c:843
+msgid "toggle between secret and public key listing"
+msgstr "������ ������ ��� ����������� �������� ��� �������� ��������"
+
+#: g10/keyedit.c:845
+msgid "t"
+msgstr "t"
+
+#: g10/keyedit.c:846
+msgid "pref"
+msgstr "pref"
+
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "���������� ����������� (�������)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "���������� �������� (���������)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "setpref"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "������� ����������� ��������"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "updpref"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "����������� ��������"
+
+#: g10/keyedit.c:850
+msgid "passwd"
+msgstr "passwd"
+
+#: g10/keyedit.c:850
+msgid "change the passphrase"
+msgstr "������ ��� ������ ������"
+
+#: g10/keyedit.c:851
+msgid "trust"
+msgstr "trust"
+
+#: g10/keyedit.c:851
+msgid "change the ownertrust"
+msgstr "������ ��� ������������ ���������"
+
+#: g10/keyedit.c:852
+msgid "revsig"
+msgstr "revsig"
+
+#: g10/keyedit.c:852
+msgid "revoke signatures"
+msgstr "�������� ���������"
+
+#: g10/keyedit.c:853
+msgid "revkey"
+msgstr "revkey"
+
+#: g10/keyedit.c:853
+msgid "revoke a secondary key"
+msgstr "�������� ���� ������������� ��������"
+
+#: g10/keyedit.c:854
+msgid "disable"
+msgstr "disable"
+
+#: g10/keyedit.c:854
+msgid "disable a key"
+msgstr "������������� ��� ������"
+
+#: g10/keyedit.c:855
+msgid "enable"
+msgstr "enable"
+
+#: g10/keyedit.c:855
+msgid "enable a key"
+msgstr "����������� ��� ������"
+
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "showphoto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "���������� photo ID"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
+msgid "can't do that in batchmode\n"
+msgstr "��� ������ �� ����� ���� �� ��������� ������ (batchmode)\n"
+
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "������ ���� ��� �������� �������� ����� �������� `%s': %s\n"
+
+#: g10/keyedit.c:931
+msgid "Secret key is available.\n"
+msgstr "�� ������� ������ ����� ���������.\n"
+
+#: g10/keyedit.c:962
+msgid "Command> "
+msgstr "������> "
+
+#: g10/keyedit.c:994
+msgid "Need the secret key to do this.\n"
+msgstr "���������� �� ������� ������ ��� �� ����� ����.\n"
+
+#: g10/keyedit.c:998
+msgid "Please use the command \"toggle\" first.\n"
+msgstr "�������� ��������������� ��� ������ \"toggle\" �����.\n"
+
+#: g10/keyedit.c:1047
+msgid "Key is revoked."
+msgstr "�� ������ ����������."
+
+#: g10/keyedit.c:1066
+msgid "Really sign all user IDs? "
+msgstr "������� �� ���������� ��� �� user ID; "
+
+#: g10/keyedit.c:1067
+msgid "Hint: Select the user IDs to sign\n"
+msgstr "��������: �������� �� user ID ��� ��������\n"
+
+#: g10/keyedit.c:1092
+#, c-format
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "���� � ������ ����������� �� ���� ��� ��������� %s.\n"
+
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
+msgid "You must select at least one user ID.\n"
+msgstr "������ �� ��������� �� �������� ��� user ID.\n"
+
+#: g10/keyedit.c:1114
+msgid "You can't delete the last user ID!\n"
+msgstr "��� �������� �� ���������� �� ��������� user ID!\n"
+
+#: g10/keyedit.c:1117
+msgid "Really remove all selected user IDs? "
+msgstr "������� ������ �� ���������� ��� �� ���������� user ID; "
+
+#: g10/keyedit.c:1118
+msgid "Really remove this user ID? "
+msgstr "������� ������ �� ��������� ���� �� user ID; "
+
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
+msgid "You must select at least one key.\n"
+msgstr "������ �� ��������� ����������� ��� ������.\n"
+
+#: g10/keyedit.c:1160
+msgid "Do you really want to delete the selected keys? "
+msgstr "������� ������ �� ���������� �� ���������� �������; "
+
+#: g10/keyedit.c:1161
+msgid "Do you really want to delete this key? "
+msgstr "������� ������ �� ��������� ���� �� ������; "
+
+#: g10/keyedit.c:1182
+msgid "Do you really want to revoke the selected keys? "
+msgstr "������� ������ �� ���������� �� ���������� �������; "
+
+#: g10/keyedit.c:1183
+msgid "Do you really want to revoke this key? "
+msgstr "������� ������ �� ��������� ���� �� ������; "
+
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr ""
+"������� ������ �� ���������� �� ����������� ��� �� ���������� user ID; "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "������� �� ���������� �� �����������;"
+
+#: g10/keyedit.c:1292
+msgid "Save changes? "
+msgstr "���������� ��� �������; "
+
+#: g10/keyedit.c:1295
+msgid "Quit without saving? "
+msgstr "����������� ����� ����������; "
+
+#: g10/keyedit.c:1306
+#, c-format
+msgid "update failed: %s\n"
+msgstr "� ��������� �������: %s\n"
+
+#: g10/keyedit.c:1313
+#, c-format
+msgid "update secret failed: %s\n"
+msgstr "� ��������� �������� �������: %s\n"
+
+#: g10/keyedit.c:1320
+msgid "Key not changed so no update needed.\n"
+msgstr "�� ������ ��� ������ ����� ��� ���������� ���������.\n"
+
+#: g10/keyedit.c:1332
+msgid "Invalid command  (try \"help\")\n"
+msgstr "�� ������ ������  (��������� \"help\")\n"
+
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "���� �� ������ ������ �� ��������� ��� %s ������ %s%s\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (���������)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
+#, c-format
+msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
+msgstr "%s%c %4u%c/%08lX  ����������: %s ����: %s"
+
+#: g10/keyedit.c:1506
+#, c-format
+msgid " trust: %c/%c"
+msgstr " �����������: %c/%c"
+
+#: g10/keyedit.c:1510
+msgid "This key has been disabled"
+msgstr "���� �� ������ ���� ���������������"
+
+#: g10/keyedit.c:1539
+#, c-format
+msgid "rev! subkey has been revoked: %s\n"
+msgstr "rev! �� ������ ����������: %s\n"
+
+#: g10/keyedit.c:1542
+msgid "rev- faked revocation found\n"
+msgstr "rev- ������� ������������ ��������\n"
+
+#: g10/keyedit.c:1544
+#, c-format
+msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? �������� ���� ������ ���������: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+"� ���������� ��� ��������������� �������� ��� ����� ���������� ������\n"
+"����� ��� ��� ������������� �� ���������.\n"
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"�������������: ���� �� ������ ���� ��� ��� photo ID.\n"
+"    � �������� ���� ����� photo ID ������ �� ��������� ������� �������� "
+"PGP.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "������� ����� ������ �� �� ����������; (y/N) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "�������� �� ����� ���� ��� photo ID �� ��� ������.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"�������������: ���� ����� ��� ������ ����� PGP2. � �������� ���� photo ID\n"
+"               ������ �� ����� ������� �������� PGP �� �� ����������.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "��� �������� �� ���������� ��� photo ID �� ��� ������ ����� PGP2.\n"
+
+#: g10/keyedit.c:1832
+msgid "Delete this good signature? (y/N/q)"
+msgstr "�������� ����� ��� ����� ���������; (y/N/q)"
+
+#: g10/keyedit.c:1842
+msgid "Delete this invalid signature? (y/N/q)"
+msgstr "�������� ����� ��� �� ������� ���������; (y/N/q)"
+
+#: g10/keyedit.c:1846
+msgid "Delete this unknown signature? (y/N/q)"
+msgstr "�������� ����� ��� �������� ���������; (y/N/q)"
+
+#: g10/keyedit.c:1852
+msgid "Really delete this self-signature? (y/N)"
+msgstr "������� �� ��������� ���� � ����-��������; (y/N)"
+
+#: g10/keyedit.c:1866
+#, c-format
+msgid "Deleted %d signature.\n"
+msgstr "����������� %d ��������.\n"
+
+#: g10/keyedit.c:1867
+#, c-format
+msgid "Deleted %d signatures.\n"
+msgstr "����������� %d ���������.\n"
+
+#: g10/keyedit.c:1870
+msgid "Nothing deleted.\n"
+msgstr "������ ��� �����������.\n"
+
+#: g10/keyedit.c:1943
+msgid "Please remove selections from the secret keys.\n"
+msgstr "�������� ��������� ��� �������� ��� �� ������� �������.\n"
+
+#: g10/keyedit.c:1949
+msgid "Please select at most one secondary key.\n"
+msgstr "�������� �������� �� ���� ��� ���������� ������.\n"
+
+#: g10/keyedit.c:1953
+msgid "Changing expiration time for a secondary key.\n"
+msgstr "������ ����������� ����� ��� ��� ���������� ������.\n"
+
+#: g10/keyedit.c:1955
+msgid "Changing expiration time for the primary key.\n"
+msgstr "������ ����������� ����� ��� ��� �������� ������.\n"
+
+#: g10/keyedit.c:1997
+msgid "You can't change the expiration date of a v3 key\n"
+msgstr "��� �������� �� �������� ��� ���������� ����� �� ��� v3 ������\n"
+
+#: g10/keyedit.c:2013
+msgid "No corresponding signature in secret ring\n"
+msgstr "��� ������� ���������� �������� ��� ������� ����������\n"
+
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "������ �� ��������� ������� ��� user ID.\n"
+
+#: g10/keyedit.c:2284
+#, c-format
+msgid "No user ID with index %d\n"
+msgstr "��� ������� user ID �� ������ %d\n"
+
+#: g10/keyedit.c:2330
+#, c-format
+msgid "No secondary key with index %d\n"
+msgstr "��� ������� ���������� ������ �� ������ %d\n"
+
+#: g10/keyedit.c:2444
+msgid "user ID: \""
+msgstr "user ID: \""
+
+#: g10/keyedit.c:2449
+#, c-format
+msgid ""
+"\"\n"
+"signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"����������� �� �� ������ ��� %08lX ���� %s\n"
+
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"����������� ������ �� �� ������ ��� %08lX ���� %s\n"
+
+#: g10/keyedit.c:2457
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "���� � �������� ����� ���� %s.\n"
+
+#: g10/keyedit.c:2461
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "������� ������ �� ��������� ���� �� ������; "
+
+#: g10/keyedit.c:2465
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "���������� ���� �������������� ��������� ��� ���� ��� ��������; (y/N)"
+
+#. FIXME: detect duplicates here
+#: g10/keyedit.c:2490
+msgid "You have signed these user IDs:\n"
+msgstr "����� ��������� ���� �� user ID:\n"
+
+#: g10/keyedit.c:2504
+#, c-format
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   ����������� ��� %08lX ���� %s%s%s\n"
+
+#: g10/keyedit.c:2512
+#, c-format
+msgid "   revoked by %08lX at %s\n"
+msgstr "   ���������� ��� %08lX ���� %s\n"
+
+#: g10/keyedit.c:2532
+msgid "You are about to revoke these signatures:\n"
+msgstr "��������� �� ����������� ����� ��� ���������:\n"
+
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   ����������� ��� %08lX ���� %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr " (��-���������)"
+
+#: g10/keyedit.c:2551
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "������� �� ������������� �� ������������� ���������; (y/N)"
+
+#: g10/keyedit.c:2581
+msgid "no secret key\n"
+msgstr "������ ������� ������\n"
+
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr "���������� %s photo ID �������� %ld ��� �� ������ 0x%08lX (uid %d)\n"
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "�������� ���������: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "�������������: �������� �� ������ �������� ���������\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "�������� ���������: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "�� ����������"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "����������"
+
+#. of subkey
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
+msgid " [expires: %s]"
+msgstr " [�����: %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Fingerprint:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "             ���������:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "     ��������� �������� ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s ��������������� ��������\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "��������������� �� ������� ��������� %d\n"
+
+#: g10/mainproc.c:280
+#, c-format
+msgid "public key is %08lX\n"
+msgstr "������� ������ ����� %08lX\n"
+
+#: g10/mainproc.c:326
+msgid "public key encrypted data: good DEK\n"
+msgstr "��������������� �������� �� ������� ������: ���� DEK\n"
+
+#: g10/mainproc.c:378
+#, c-format
+msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
+msgstr "��������������� �� %u-bit %s ������, ID %08lX, ������������� %s\n"
+
+#: g10/mainproc.c:388
+#, c-format
+msgid "encrypted with %s key, ID %08lX\n"
+msgstr "��������������� �� %s key, ID %08lX\n"
+
+#: g10/mainproc.c:402
+#, c-format
+msgid "public key decryption failed: %s\n"
+msgstr "������������� �� ������� ������ �������: %s\n"
+
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "������� %s ���������������� ���������\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+"��������������� IDEA �� ����������, ��������� ���������� ������ ���\n"
+"%s ��������\n"
+
+#: g10/mainproc.c:466
+msgid "decryption okay\n"
+msgstr "���������������� OK\n"
+
+#: g10/mainproc.c:471
+msgid "WARNING: encrypted message has been manipulated!\n"
+msgstr "�������������: �� ��������������� ������ ���� ���������!\n"
+
+#: g10/mainproc.c:476
+#, c-format
+msgid "decryption failed: %s\n"
+msgstr "���������������� �������: %s\n"
+
+#: g10/mainproc.c:495
+msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
+msgstr "��������: � ���������� ������ \"���-��-�����-���-����\"\n"
+
+#: g10/mainproc.c:497
+#, c-format
+msgid "original file name='%.*s'\n"
+msgstr "������ ����� �������='%.*s'\n"
+
+#: g10/mainproc.c:672
+msgid "standalone revocation - use \"gpg --import\" to apply\n"
+msgstr "���������� �������� - ��������������� \"gpg --import\" ��� ��������\n"
+
+#: g10/mainproc.c:733
+msgid "Notation: "
+msgstr "��������: "
+
+#: g10/mainproc.c:745
+msgid "Policy: "
+msgstr "��������: "
+
+#: g10/mainproc.c:1198
+msgid "signature verification suppressed\n"
+msgstr "��������� ��������� ���������\n"
+
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "�������� ��������� ����� ��� ��������� ���������\n"
+
+#: g10/mainproc.c:1261
+#, c-format
+msgid "Signature made %.*s using %s key ID %08lX\n"
+msgstr "�������� %.*s �� ����� ��� ��������%s ID %08lX\n"
+
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
+msgid "BAD signature from \""
+msgstr "���� �������� ��� \""
+
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "������� �������� ��� \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
+msgid "Good signature from \""
+msgstr "���� �������� ��� \""
+
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[�������]"
+
+#: g10/mainproc.c:1351
+msgid "                aka \""
+msgstr "                ������ ��� \""
+
+#: g10/mainproc.c:1412
+#, c-format
+msgid "Can't check signature: %s\n"
+msgstr "�������� ������� ��� ���������: %s\n"
+
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "��� ����� ���������� ��������\n"
+
+#: g10/mainproc.c:1508
+#, c-format
+msgid "standalone signature of class 0x%02x\n"
+msgstr "���������� �������� ������ 0x%02x\n"
+
+#: g10/mainproc.c:1565
+msgid "old style (PGP 2.x) signature\n"
+msgstr "�������� ������ ���� (PGP 2.x)\n"
+
+#: g10/mainproc.c:1572
+msgid "invalid root packet detected in proc_tree()\n"
+msgstr "�� ������ ������(root) ������ ����������� ��� proc_tree()\n"
+
+#: g10/misc.c:101
+#, c-format
+msgid "can't disable core dumps: %s\n"
+msgstr "�������� ��������������� ��� core dump: %s\n"
+
+#: g10/misc.c:211
+msgid "Experimental algorithms should not be used!\n"
+msgstr "������������ ���������� ��� ������ �� ����������������!\n"
+
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+"� ����� ����� ��� ���������� �������������� ��� ����������. �������������� "
+"��� ��� �����������!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "�������������: �� ������� ���������� ��� %s \"%s\"\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "�������������: �� �������� ������ ��� %s \"%s\"\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "�� ����� ��� ��������������� IDEA ��� �������\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+"����� �� http://www.gnupg.org/why-not-idea.html ��� ������������ "
+"�����������\n"
+
+#: g10/parse-packet.c:119
+#, c-format
+msgid "can't handle public key algorithm %d\n"
+msgstr "�������� ��������� ��� ���������� �������� �������� %d\n"
+
+#: g10/parse-packet.c:1053
+#, c-format
+msgid "subpacket of type %d has critical bit set\n"
+msgstr "��������� ����� %d ���� �������� �� ������� bit\n"
+
+#: g10/passphrase.c:442 g10/passphrase.c:489
+msgid "gpg-agent is not available in this session\n"
+msgstr "� gpg-agent ��� ����� ���������� �� ���� �� ��������\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "�������� ������� ��� pid ��� ������ ��� �� agent\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "�������� ��������� ��� FD ��� �� ���������� ��� ��� agent\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "�������� �������� ��� FD ��� �� ���������� ��� ��� agent\n"
+
+#: g10/passphrase.c:498
+msgid "malformed GPG_AGENT_INFO environment variable\n"
+msgstr "��������������� ��������� ������������� GPG_AGENT_INFO\n"
+
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "��� ������������� � ������ ����������� %d ��� gpg-agent\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
+msgid "can't connect to `%s': %s\n"
+msgstr "�������� �������� ��� `%s': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "�������� ������������ �� �� gpg-agent\n"
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "�������� �� ��� agent - �������������� ��� ������ ��� agent\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
+#, c-format
+msgid " (main key ID %08lX)"
+msgstr " (����� ������, ID %08lX)"
+
+#: g10/passphrase.c:641
+#, c-format
+msgid ""
+"You need a passphrase to unlock the secret key for user:\n"
+"\"%.*s\"\n"
+"%u-bit %s key, ID %08lX, created %s%s\n"
+msgstr ""
+"���������� ��� ����� ������ ��� �� ������������ �� ������� ������ ��� �� "
+"������:\n"
+"\"%.*s\"\n"
+"%u-bit %s ������, ID %08lX, ���������� %s%s\n"
+
+#: g10/passphrase.c:662
+msgid "Enter passphrase\n"
+msgstr "�������������� �� ����� ������\n"
+
+#: g10/passphrase.c:664
+msgid "Repeat passphrase\n"
+msgstr "����������� �� �����\n"
+
+#: g10/passphrase.c:705
+msgid "passphrase too long\n"
+msgstr "� ����� ������ ����� ���� ������\n"
+
+#: g10/passphrase.c:718
+msgid "invalid response from agent\n"
+msgstr "�� ������ �������� ��� ��� agent\n"
+
+#: g10/passphrase.c:727 g10/passphrase.c:808
+msgid "cancelled by user\n"
+msgstr "��������� ��� �� ������\n"
+
+#: g10/passphrase.c:729 g10/passphrase.c:890
+#, c-format
+msgid "problem with the agent: agent returns 0x%lx\n"
+msgstr "�������� �� ��� agent: agent ���������� 0x%lx\n"
+
+#: g10/passphrase.c:1003
+msgid ""
+"\n"
+"You need a passphrase to unlock the secret key for\n"
+"user: \""
+msgstr ""
+"\n"
+"���������� ��� ����� ������ ��� �� ������������ �� ������� ������\n"
+"��� �� ������: \""
+
+#: g10/passphrase.c:1012
+#, c-format
+msgid "%u-bit %s key, ID %08lX, created %s"
+msgstr "%u-bit %s ������, ID %08lX, ���������� %s"
+
+#: g10/passphrase.c:1063
+msgid "can't query password in batchmode\n"
+msgstr "�������� �������� ��� ����� ������ �� ��������� ������\n"
+
+#: g10/passphrase.c:1067
+msgid "Enter passphrase: "
+msgstr "�������������� �� ����� ������: "
+
+#: g10/passphrase.c:1071
+msgid "Repeat passphrase: "
+msgstr "����������� �� ����� ������: "
+
+#: g10/plaintext.c:67
+msgid "data not saved; use option \"--output\" to save it\n"
+msgstr "�������� ��� �������������. ���������� �� ��� ������� \"--output\"\n"
+
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "������ ���� �� ���������� ��� `%s': %s\n"
+
+#: g10/plaintext.c:337
+msgid "Detached signature.\n"
+msgstr "���������� ��������.\n"
+
+#: g10/plaintext.c:341
+msgid "Please enter name of data file: "
+msgstr "�������� �� ����� ������� ���������: "
+
+#: g10/plaintext.c:362
+msgid "reading stdin ...\n"
+msgstr "�������� ��� stdin ...\n"
+
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "��� �������� ������������� ��������\n"
+
+#: g10/plaintext.c:404
+#, c-format
+msgid "can't open signed data `%s'\n"
+msgstr "�������� ��������� �������������� ��������� `%s'\n"
+
+#: g10/pubkey-enc.c:100
+#, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
+msgstr "�������� ���������� ������ �������� �������� %08lX ...\n"
+
+#: g10/pubkey-enc.c:106
+msgid "okay, we are the anonymous recipient.\n"
+msgstr "�������, ������� � �������� ����������.\n"
+
+#: g10/pubkey-enc.c:158
+msgid "old encoding of the DEK is not supported\n"
+msgstr "������ ������������ ��� DEK ��� �������������\n"
+
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "� ���������� �������������� %d%s ����� �������� � �����������������\n"
+
+#: g10/pubkey-enc.c:220
+#, c-format
+msgid "NOTE: cipher algorithm %d not found in preferences\n"
+msgstr "��������: � ���������� �������������� %d ��� ����� ���� ��������\n"
+
+#: g10/pubkey-enc.c:242
+#, c-format
+msgid "NOTE: secret key %08lX expired at %s\n"
+msgstr "��������: �� ������� ������ %08lX ����� ���� %s\n"
+
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
+#, c-format
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "������ �������� %08lX ��� �� HKP ���������� �������� %s ...\n"
+
+#: g10/hkp.c:94
+#, c-format
+msgid "can't get key from keyserver: %s\n"
+msgstr "�������� ����� ��� �������� ��� �� ����������: %s\n"
+
+#: g10/hkp.c:171
+#, c-format
+msgid "error sending to `%s': %s\n"
+msgstr "������ ��� �������� ���� �� `%s': %s\n"
+
+#: g10/hkp.c:186
+#, c-format
+msgid "success sending to `%s' (status=%u)\n"
+msgstr "�������� ��� ��������� ��� `%s' (���������=%u)\n"
+
+#: g10/hkp.c:189
+#, c-format
+msgid "failed sending to `%s': status=%u\n"
+msgstr "�������� ���� �������� ���� �� `%s': ���������=%u\n"
+
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "��������� ��� \"%s\" ��� �� HKP ���������� %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "�������� ���������� ����������: %s\n"
+
+#: g10/seckey-cert.c:53
+msgid "secret key parts are not available\n"
+msgstr "������� ��� �������� �������� ��� ����� ���������\n"
+
+#: g10/seckey-cert.c:59
+#, c-format
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "��� ������������� � ���������� ���������� %d%s\n"
+
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "�� ������ ����� ������, ��������� ����"
+
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
+
+#: g10/seckey-cert.c:273
+msgid "WARNING: Weak key detected - please change passphrase again.\n"
+msgstr "�������������: ����������� ������� ������ - ������� �� ����� ������\n"
+
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+"���������� ��� �� ������������� 16-bit checksum ��� �� ��������� ���\n"
+"�������� ��������\n"
+
+#: g10/sig-check.c:205
+msgid ""
+"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
+msgstr ""
+"���� ��, ������������� ��� PGP, ������ ElGamal ��� ����� ������� ��� "
+"���������!\n"
+
+#: g10/sig-check.c:213
+#, c-format
+msgid "public key is %lu second newer than the signature\n"
+msgstr "�� ������� ������ ����� %lu ������������ ������� ��� ��� ��������\n"
+
+#: g10/sig-check.c:214
+#, c-format
+msgid "public key is %lu seconds newer than the signature\n"
+msgstr "�� ������� ������ ����� %lu ������������ ������� ��� ��� ��������\n"
+
+#: g10/sig-check.c:237
+#, c-format
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "��������: �� ������ ��������� %08lX ����� ���� %s\n"
+
+#: g10/sig-check.c:318
+msgid "assuming bad signature due to an unknown critical bit\n"
+msgstr "������� ����� ��������� ���� �������� �������� bit\n"
+
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"�������������: �������� ��� %%-�������� ��� url ��������� (���� ������).\n"
+"               ����� �� ������������.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "������� � ������� ��� ��������� ��� �������������: %s\n"
+
+#: g10/sign.c:283
+#, c-format
+msgid "%s signature from: %s\n"
+msgstr "%s �������� ���: %s\n"
+
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "�������������: `%s' ����� ��� ����� ������\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"�������� �� ���������� �� ������� ����� PGP 2.x ���� �� --pgp2 ���������\n"
+
+#: g10/sign.c:643 g10/sign.c:812
+#, c-format
+msgid "can't create %s: %s\n"
+msgstr "�������� ����������� ��� %s: %s\n"
+
+#: g10/sign.c:704
+msgid "signing:"
+msgstr "��������:"
+
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"�������� �� ���������� ������ �� ������� ����� PGP 2.x �� ��������� --pgp2\n"
+
+#: g10/sign.c:953
+#, c-format
+msgid "%s encryption will be used\n"
+msgstr "%s ������������� �� ��������������\n"
+
+#: g10/textfilter.c:134
+#, c-format
+msgid "can't handle text lines longer than %d characters\n"
+msgstr "�������� ��������� ������� �������� ����������� ��� %d ����������\n"
+
+#: g10/textfilter.c:231
+#, c-format
+msgid "input line longer than %d characters\n"
+msgstr "������ ������� ���������� ��� %d ����������\n"
+
+#: g10/tdbio.c:121 g10/tdbio.c:1382
+#, c-format
+msgid "trustdb rec %lu: lseek failed: %s\n"
+msgstr "trustdb rec %lu: �������� lseek: %s\n"
+
+#: g10/tdbio.c:127 g10/tdbio.c:1389
+#, c-format
+msgid "trustdb rec %lu: write failed (n=%d): %s\n"
+msgstr "trustdb rec %lu: �������� write (n=%d): %s\n"
+
+#: g10/tdbio.c:237
+msgid "trustdb transaction too large\n"
+msgstr "���� ������ ��������� trustdb\n"
+
+#: g10/tdbio.c:454
+#, c-format
+msgid "%s: can't access: %s\n"
+msgstr "%s: �������� ���������: %s\n"
+
+#: g10/tdbio.c:468
+#, c-format
+msgid "%s: directory does not exist!\n"
+msgstr "%s: � ������� ��� �������!\n"
+
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
+#, c-format
+msgid "%s: can't create lock\n"
+msgstr "%s: �������� ����������� ����������� (lock)\n"
+
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: �������� ����������� ����������� (lock)\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: �������� �����������: %s\n"
+
+#: g10/tdbio.c:503
+#, c-format
+msgid "%s: failed to create version record: %s"
+msgstr "%s: �������� ����������� ���� �������� �������: %s"
+
+#: g10/tdbio.c:507
+#, c-format
+msgid "%s: invalid trustdb created\n"
+msgstr "%s: ������������� �� ������ trustdb\n"
+
+#: g10/tdbio.c:510
+#, c-format
+msgid "%s: trustdb created\n"
+msgstr "%s: ������������� � trustdb\n"
+
+#: g10/tdbio.c:565
+#, c-format
+msgid "%s: invalid trustdb\n"
+msgstr "%s: �� ������ trustdb\n"
+
+#: g10/tdbio.c:597
+#, c-format
+msgid "%s: failed to create hashtable: %s\n"
+msgstr "%s: �������� ����������� hashtable: %s\n"
+
+#: g10/tdbio.c:605
+#, c-format
+msgid "%s: error updating version record: %s\n"
+msgstr "%s: ������ ���� ��������� ��� �������� �������: %s\n"
+
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
+#, c-format
+msgid "%s: error reading version record: %s\n"
+msgstr "%s: ������ ���� �������� ��� �������� �������: %s\n"
+
+#: g10/tdbio.c:634 g10/tdbio.c:680
+#, c-format
+msgid "%s: error writing version record: %s\n"
+msgstr "%s: ������ ���� ������� ��� �������� �������: %s\n"
+
+#: g10/tdbio.c:1119
+#, c-format
+msgid "trustdb: lseek failed: %s\n"
+msgstr "trustdb: ������� lseek: %s\n"
+
+#: g10/tdbio.c:1127
+#, c-format
+msgid "trustdb: read failed (n=%d): %s\n"
+msgstr "trustdb: read ������� (n=%d): %s\n"
+
+#: g10/tdbio.c:1148
+#, c-format
+msgid "%s: not a trustdb file\n"
+msgstr "%s: ��� ����� trustdb ������\n"
+
+#: g10/tdbio.c:1165
+#, c-format
+msgid "%s: version record with recnum %lu\n"
+msgstr "%s: ������� ������� �� recnum %lu\n"
+
+#: g10/tdbio.c:1170
+#, c-format
+msgid "%s: invalid file version %d\n"
+msgstr "%s: �� ������ ������ ������� %d\n"
+
+#: g10/tdbio.c:1348
+#, c-format
+msgid "%s: error reading free record: %s\n"
+msgstr "%s: ������ ���� �������� ��� �������� free : %s\n"
+
+#: g10/tdbio.c:1356
+#, c-format
+msgid "%s: error writing dir record: %s\n"
+msgstr "%s: ������ ���� ������� ��� �������� dir : %s\n"
+
+#: g10/tdbio.c:1366
+#, c-format
+msgid "%s: failed to zero a record: %s\n"
+msgstr "%s: �������� ���� ��������� ���� ��������: %s\n"
+
+#: g10/tdbio.c:1396
+#, c-format
+msgid "%s: failed to append a record: %s\n"
+msgstr "%s: �������� ���� �������� ���� ��������: %s\n"
+
+#: g10/tdbio.c:1441
+msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
+msgstr "� trustdb ����� �������� - ��������������� �� \"gpg --fix-trustdb\".\n"
+
+#: g10/trustdb.c:200
+#, c-format
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' ��� ����� ������ ����� keyID\n"
+
+#: g10/trustdb.c:235
+#, c-format
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "������ %08lX: ������� ��� ������ �� �����������\n"
+
+#: g10/trustdb.c:274
+#, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "�� ������ %08lX ������� ���� ��� ��� ���� ���� trustdb\n"
+
+#: g10/trustdb.c:290
+#, c-format
+msgid "key %08lX: no public key for trusted key - skipped\n"
+msgstr ""
+"������ %08lX: ������ ������� ������ ��� �� ������ �� ����������� - "
+"���������\n"
+
+#: g10/trustdb.c:332
+#, c-format
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "������� trust %lu, req ����� %d: read �������: %s\n"
+
+#: g10/trustdb.c:338
+#, c-format
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "� ������� trust %lu ��� ����� ��� ���������� ����� %d\n"
+
+#: g10/trustdb.c:353
+#, c-format
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "������� trust %lu, ����� %d: write �������: %s\n"
+
+#: g10/trustdb.c:368
+#, c-format
+msgid "trustdb: sync failed: %s\n"
+msgstr "trustdb: sync �������: %s\n"
+
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "��� ������� ������ ��� ������ ��� trustdb\n"
+
+#: g10/trustdb.c:474 g10/trustdb.c:1641
+#, c-format
+msgid "next trustdb check due at %s\n"
+msgstr "�������� ������� ��� trustdb �� ����� ���� %s\n"
+
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "������� ��� trustdb\n"
+
+#: g10/trustdb.c:933
+#, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "�� ������� ������ %08lX ��� �������: %s\n"
+
+#: g10/trustdb.c:1515
+#, c-format
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr ""
+"�� ������� �� ������� ������ ��� ������� ������������� �������� %08lX\n"
+
+#: g10/trustdb.c:1593
+#, c-format
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr "������� �� ����� %d �����������=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+
+#: g10/verify.c:108
+msgid ""
+"the signature could not be verified.\n"
+"Please remember that the signature file (.sig or .asc)\n"
+"should be the first file given on the command line.\n"
+msgstr ""
+"�������� ����������� ��� ���������.\n"
+"�������� ��� ������� ��� �� ������ ��������� (.sig or .asc)\n"
+"������ �� ����� �� ����� ������ ��� ������ �������.\n"
+
+#: g10/verify.c:173
+#, c-format
+msgid "input line %u too long or missing LF\n"
+msgstr "������ ������� %u ����� ���� ������ � ��� ������ �� LF\n"
+
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"�� ������ ��� ���� ��������� ��� ��������� - ��� ������ �� �������������� �� "
+"������� RNG!\n"
+
+#: g10/skclist.c:138
+#, c-format
+msgid "skipped `%s': duplicated\n"
+msgstr "������������ `%s': ������������\n"
+
+#: g10/skclist.c:145 g10/skclist.c:153
+#, c-format
+msgid "skipped `%s': %s\n"
+msgstr "������������ `%s': %s\n"
+
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "������������: ������� ������ ��� �����\n"
+
+#: g10/skclist.c:160
+#, c-format
+msgid ""
+"skipped `%s': this is a PGP generated ElGamal key which is not secure for "
+"signatures!\n"
+msgstr ""
+"������������ `%s': ���� ����� ������������� ��� PGP ������ ElGamal ��� ��� "
+"����� ������� ��� ���������!\n"
+
+#. do not overwrite
+#: g10/openfile.c:84
+#, c-format
+msgid "File `%s' exists. "
+msgstr "�� ������ `%s' ������� ���. "
+
+#: g10/openfile.c:86
+msgid "Overwrite (y/N)? "
+msgstr "��������� (y/N); "
+
+#: g10/openfile.c:119
+#, c-format
+msgid "%s: unknown suffix\n"
+msgstr "%s: ������� ��������\n"
+
+#: g10/openfile.c:141
+msgid "Enter new filename"
+msgstr "�������������� ��� ��� ����� �������"
+
+#: g10/openfile.c:184
+msgid "writing to stdout\n"
+msgstr "������� ���� stdout\n"
+
+#: g10/openfile.c:273
+#, c-format
+msgid "assuming signed data in `%s'\n"
+msgstr "������� �������������� ��������� ��� `%s'\n"
+
+#: g10/openfile.c:323
+#, c-format
+msgid "%s: new options file created\n"
+msgstr "%s: ������������� ��� ������ ��������\n"
+
+#: g10/openfile.c:350
+#, c-format
+msgid "%s: can't create directory: %s\n"
+msgstr "%s: �������� ����������� ���������: %s\n"
+
+#: g10/openfile.c:353
+#, c-format
+msgid "%s: directory created\n"
+msgstr "%s: ��������� �������������\n"
+
+#: g10/openfile.c:355
+msgid "you have to start GnuPG again, so it can read the new options file\n"
+msgstr ""
+"������ �� �������������� �� GnuPG, ���� �� �������� �� ��� ������ ��������\n"
+
+#: g10/encr-data.c:91
+msgid ""
+"WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
+msgstr ""
+"�������������: �� ������ ��������������� �� ������� ������ ���\n"
+"���������� ��������������.\n"
+
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "�������� ��� �������� ���������������� �������\n"
+
+#: g10/seskey.c:52
+msgid "weak key created - retrying\n"
+msgstr "������������� ������� ������ - ��������� �����������\n"
+
+#: g10/seskey.c:57
+#, c-format
+msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
+msgstr ""
+"�������� �������� �������� �������� ��� ���������� ��������������, ������ "
+"��� %d �����!\n"
+
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr "� DSA ������� �� ����� ���� 160 bit ���������� hash\n"
+
+#: g10/delkey.c:116
+msgid "can't do that in batchmode without \"--yes\"\n"
+msgstr "��� ������ �� ����� ���� �� ��������� ������ ����� �� \"--yes\"\n"
+
+#: g10/delkey.c:138
+msgid "Delete this key from the keyring? "
+msgstr "�������� ����� ��� �������� ��� �� ����������; "
+
+#: g10/delkey.c:146
+msgid "This is a secret key! - really delete? "
+msgstr "���� ����� ��� ������� ������! - ������� �� ���������; "
+
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "�������� block �������� �������: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr "���������� ����������� ������������-���������\n"
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "������� ��� ������� ������ ��� �� ������� ������ \"%s\"!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr ""
+"��������������� ����� ��� ������� \"--delete-secret-key\" ��� �������� ���.\n"
+
+#: g10/helptext.c:47
+msgid ""
+"It's up to you to assign a value here; this value will never be exported\n"
+"to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
+"to do with the (implicitly created) web-of-certificates."
+msgstr ""
+"����� ������� ��� �� ������� ���� ���. ���� � ���� ��� �� �������\n"
+"���� �� ����� �������.  �� ������������ ��� �������� ��� �����-"
+"������������,\n"
+"��� ���� ������ �� ����� �� ��� (������� �������������) ����-��������������."
+
+#: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"��� �� ������ ���� �����-������������, �� GnuPG ������ �� ����� ���� "
+"�������\n"
+"����� ������ ������������ - ���� ����� ������� ������� ��� ����� �����\n"
+"�������� ��� ������� ������. ��������� \"yes\" (���) ��� �� ����� ��� "
+"������\n"
+"���� ����� �����������\n"
+
+#: g10/helptext.c:60
+msgid "If you want to use this revoked key anyway, answer \"yes\"."
+msgstr ""
+"��� ������ �� ��������������� ���� �� ��������� ������, ��������� \"yes\"."
+
+#: g10/helptext.c:64
+msgid "If you want to use this untrusted key anyway, answer \"yes\"."
+msgstr ""
+"��� ������ �� ��������������� ���� �� �� ������������ ������, ��������� \"yes"
+"\"."
+
+#: g10/helptext.c:68
+msgid ""
+"Enter the user ID of the addressee to whom you want to send the message."
+msgstr ""
+"�������������� �� user ID ��� �������� ����� ��� ������ �� �������� ������."
+
+#: g10/helptext.c:72
+msgid ""
+"Select the algorithm to use.\n"
+"\n"
+"DSA (aka DSS) is the digital signature algorithm which can only be used\n"
+"for signatures.  This is the suggested algorithm because verification of\n"
+"DSA signatures are much faster than those of ElGamal.\n"
+"\n"
+"ElGamal is an algorithm which can be used for signatures and encryption.\n"
+"OpenPGP distinguishs between two flavors of this algorithms: an encrypt "
+"only\n"
+"and a sign+encrypt; actually it is the same, but some parameters must be\n"
+"selected in a special way to create a safe key for signatures: this program\n"
+"does this but other OpenPGP implementations are not required to understand\n"
+"the signature+encryption flavor.\n"
+"\n"
+"The first (primary) key must always be a key which is capable of signing;\n"
+"this is the reason why the encryption only ElGamal key is not available in\n"
+"this menu."
+msgstr ""
+"�������� ��� ��������� ��� ������ �� ���������������.\n"
+"\n"
+"DSA (������ ������� ��� DSS) ����� � ���������� �������� ���������\n"
+"��� ������ �� �������������� ���� ��� ���������.  ����� � �������������\n"
+"���������� ������ � ���������� ��� DSA ��������� ����� �������� ���\n"
+"��� ��������� ����� ElGamal.\n"
+"\n"
+"ElGamal ����� ���� ���������� ��� ����� ��� �� ��������� ��� ��� ������-\n"
+"�������. �� OpenPGP ��������� ��� ��� \"�������\" ����� ��� ����������:\n"
+"��� ��������������-���� ��� ��� ���������-���-��������������, ����\n"
+"�������������� ����� � �����, ���� ������� ���������� ������ �� ���������\n"
+"�� ��� ������ ����� ��� �� ������������ ��� ������� ������ ��� ���������.\n"
+"���� �� ��������� �� �����, ���� �� ����� OpenPGP ����������� ���\n"
+"����� ���������� �� ������������� ���� �� ��������� (�����).\n"
+"\n"
+"�� ����� (��������) ������ ������ �� ����� ������� ��� ������ ����� ���\n"
+"��������. ����� ����� � ����� ��� ��� ����� � ��������������-����\n"
+"������ ElGamal ��� ����� ��������� �� ���� �� �����."
+
+#: g10/helptext.c:92
+msgid ""
+"Although these keys are defined in RFC2440 they are not suggested\n"
+"because they are not supported by all programs and signatures created\n"
+"with them are quite large and very slow to verify."
+msgstr ""
+"�� ��� ���� �� ������� ������������� ��� RFC2440 ��� ������������\n"
+"������ ��� �������������� ��� ��� �� ����������� ��� �� ��������� ���\n"
+"����� ������������ ��� ���� ����� ������� ��� ���� ����� ���� ����������."
+
+#: g10/helptext.c:99
+msgid "Enter the size of the key"
+msgstr "�������������� �� ������� ��� ��������"
+
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
+msgid "Answer \"yes\" or \"no\""
+msgstr "��������� \"yes\"(���) � \"no\"(���)"
+
+#: g10/helptext.c:113
+msgid ""
+"Enter the required value as shown in the prompt.\n"
+"It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
+"get a good error response - instead the system tries to interpret\n"
+"the given value as an interval."
+msgstr ""
+"�������������� ��� ����������� ���� ���� ������������.\n"
+"�������� �� �������� ��� ���������� ISO (YYYY-MM-DD) ����\n"
+"��� �� ������ ��� ���� �������� ��������� - �������� �� �������\n"
+"��������� �� ���������� ��� ���� ��� ��������."
+
+#: g10/helptext.c:125
+msgid "Enter the name of the key holder"
+msgstr "�������������� �� ����� ��� �������������"
+
+#: g10/helptext.c:130
+msgid "please enter an optional but highly suggested email address"
+msgstr "�������������� ����������� ��� ��������� email (����������)"
+
+#: g10/helptext.c:134
+msgid "Please enter an optional comment"
+msgstr "�������� ����������� �������������� ��� ������"
+
+#: g10/helptext.c:139
+msgid ""
+"N  to change the name.\n"
+"C  to change the comment.\n"
+"E  to change the email address.\n"
+"O  to continue with key generation.\n"
+"Q  to to quit the key generation."
+msgstr ""
+"N  ��� ������ ��� ��������.\n"
+"C  ��� ������ ��� �������.\n"
+"E  ��� ������ ��� ���������� email.\n"
+"O  ��� �������� ��� ����������� ��������.\n"
+"Q  ��� �� ����������� �� ���������� ��������."
+
+#: g10/helptext.c:148
+msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
+msgstr ""
+"��������� \"yes\" (� ���� \"y\") ��� ����� ������� �� ������������ �� "
+"���������."
+
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"���� ���������� ��� user ID �� ��� ������, ������ ����� �� ����������� ���\n"
+"�� ������ ������ ��� ������� ��� ��������� ��� user ID. ����� ������� "
+"������� ������, �� ������ ���� ���������� ������ ���� �� �����������.\n"
+"\n"
+"\"0\" �������� ��� ��� �������� ���� ���� ���������� ������������� �� "
+"������.\n"
+"\"1\" �������� ��� ��������� ��� �� ������ ������ ��� ����� ��� ���� ��� "
+"���\n"
+"    ������, ���� ��� �������� � ��� ������������� ������� �� ������. ����\n"
+"    ����� ������� ���� ���������� �� ������ ���� \"����������\" ������.\n"
+"\n"
+"\"2\" �������� ��� ������ ��� ������ ����������� ��� ��������. ��� "
+"����������\n"
+"    ���� ������ �� �������� ��� ������������� �� ������ ��� �������� ��\n"
+"    user ID ��� ������ �� ��� photo ID.\n"
+"\n"
+"\"3\" �������� ��� ������ ���������� ������ ��� ������. ��� ����������, "
+"����\n"
+"    ���� ������ �� �������� ��� �������� �� ��������� ��� �������� �� ���\n"
+"    ��������� ��� �������� \"������\" ����� ��� �������� ��� �� photo ID "
+"���\n"
+"    �������� ����� ����� �� ���� �� ��� ������� �� ������������ ������� �."
+"�.\n"
+"    ���������, ����������, ������� ��������.\n"
+"\n"
+"����� ����� ��� �� ������������ ��� ������� ��� \"�������\" 2 ��� 3 �����\n"
+"*����* ������������. ��� ����� �������� ���� ��� ���� �� ����������� ��\n"
+"�������� \"�������\" ��� �� \"�����������\" �� ���� ���� ���������� "
+"�������.\n"
+"\n"
+"��� ��� ������ ���� ����� � ����� ��������, ����� \"0\"."
+
+#: g10/helptext.c:194
+msgid "Answer \"yes\" is you want to sign ALL the user IDs"
+msgstr "��������� \"yes\" ��� ������ �� ���������� ��� �� user ID"
+
+#: g10/helptext.c:198
+msgid ""
+"Answer \"yes\" if you really want to delete this user ID.\n"
+"All certificates are then also lost!"
+msgstr ""
+"��������� \"yes\" ��� ���������� ������ �� ��������� ����\n"
+"�� user ID.  ��� �� ������������� �� ������ ����!"
+
+#: g10/helptext.c:203
+msgid "Answer \"yes\" if it is okay to delete the subkey"
+msgstr "��������� \"yes\" ��� ����� ������� �� ��������� �� ���������"
+
+#: g10/helptext.c:208
+msgid ""
+"This is a valid signature on the key; you normally don't want\n"
+"to delete this signature because it may be important to establish a\n"
+"trust connection to the key or another key certified by this key."
+msgstr ""
+"���� ����� ��� ������ �������� ��� ������. �������� ��� �� ������\n"
+"�� ��������� ���� � �������� ������ ������ �� ����� ���������� ���\n"
+"��������� ��� �������� ������������ ��� ������ � �� ��� ���� ������\n"
+"������������� ��� ����."
+
+#: g10/helptext.c:213
+msgid ""
+"This signature can't be checked because you don't have the\n"
+"corresponding key.  You should postpone its deletion until you\n"
+"know which key was used because this signing key might establish\n"
+"a trust connection through another already certified key."
+msgstr ""
+"���� � �������� ��� ������ �� �������� ������ ��� ����� �� ����������\n"
+"������.  ������ �� ���������� �� �������� ���, ����� �� ������ ��� ������\n"
+"��������������� ����� ���� �� ������ ��������� ������ �� ����������\n"
+"��� ������� ������������ ���� ���� ����� ��� �������������� ��������."
+
+#: g10/helptext.c:219
+msgid ""
+"The signature is not valid.  It does make sense to remove it from\n"
+"your keyring."
+msgstr ""
+"� �������� ��� ����� ������.  ����� ������ �� ��������� ��� ��\n"
+"���������� ���."
+
+#: g10/helptext.c:223
+msgid ""
+"This is a signature which binds the user ID to the key. It is\n"
+"usually not a good idea to remove such a signature.  Actually\n"
+"GnuPG might not be able to use this key anymore.  So do this\n"
+"only if this self-signature is for some reason not valid and\n"
+"a second one is available."
+msgstr ""
+"���� ����� ��� �������� ��� ������� �� user ID ��� ������. ���\n"
+"����� ������� ���� ���� �� ��������� ��� ������ ��������.  ����\n"
+"�������������� �� GnuPG ���� �� �� ������ �� �������������� ����\n"
+"�� ������ ���.  ����� �� ���������� ���� ��� ���� � ����-�������� ���\n"
+"������ ���� ��� ����� ������ � ������� ��� �������."
+
+#: g10/helptext.c:231
+msgid ""
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+"������� ��� ����������� ���� ��� user ID (� ���� ��� �����������)\n"
+"���� ������������ ����� �����������.  � ���������� ���� ��� ������������\n"
+"����-��������� �� ������� ���� 1 ������������.\n"
+
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "�������������� �� ����� �����߷ ���� ����� ��� ������� ������� \n"
+
+#: g10/helptext.c:244
+msgid "Please repeat the last passphrase, so you are sure what you typed in."
+msgstr "�������� ����������� �� ��������� ����� ������, ��� ��������."
+
+#: g10/helptext.c:248
+msgid "Give the name of the file to which the signature applies"
+msgstr "����� �� ����� ��� ������� ��� ����� ����������� � ��������"
+
+#: g10/helptext.c:253
+msgid "Answer \"yes\" if it is okay to overwrite the file"
+msgstr "��������� \"yes\" ��� ����� ������� �� ����������� �� ������"
+
+#: g10/helptext.c:258
+msgid ""
+"Please enter a new filename. If you just hit RETURN the default\n"
+"file (which is shown in brackets) will be used."
+msgstr ""
+"�������� �������� ��� ��� ����� �������. ��� ���� �������� RETURN\n"
+"�� ��'������� ������ (������������� ���� �������) �� ��������������."
+
+#: g10/helptext.c:264
+msgid ""
+"You should specify a reason for the certification.  Depending on the\n"
+"context you have the ability to choose from this list:\n"
+"  \"Key has been compromised\"\n"
+"      Use this if you have a reason to believe that unauthorized persons\n"
+"      got access to your secret key.\n"
+"  \"Key is superseded\"\n"
+"      Use this if you have replaced this key with a newer one.\n"
+"  \"Key is no longer used\"\n"
+"      Use this if you have retired this key.\n"
+"  \"User ID is no longer valid\"\n"
+"      Use this to state that the user ID should not longer be used;\n"
+"      this is normally used to mark an email address invalid.\n"
+msgstr ""
+"������ �� ������� ��� ���� ��� ��� �����������.  ������� �� ��\n"
+"������������, ����� �� ���������� �� ��������� ��� �� �����:\n"
+"  \"�� ������ ���� �������\"\n"
+"      ��������������� ��� ��������� ��� �� ��������������� �������\n"
+"      ����� �������� ��� ������� ������ ���.\n"
+"  \"�� ������ ���� ����������\"\n"
+"      ��������������� ��� ����� �������������� �� ������ �� ��� ����.\n"
+"  \"�� ������ ��� �������������� �����\"\n"
+"      ��������������� ��� ����� �������� ���� �� ������.\n"
+"  \"�� user ID ��� ����� ����� ������\"\n"
+"      ��������������� ���� ��� �� �������� ��� �� user ID ��� ������\n"
+"      �� ��������������� ���. ��� �� ������� ����� ��� ��������� email.\n"
+
+#: g10/helptext.c:280
+msgid ""
+"If you like, you can enter a text describing why you issue this\n"
+"revocation certificate.  Please keep this text concise.\n"
+"An empty line ends the text.\n"
+msgstr ""
+"��� ����������, �������� �� ��������������� ��� ������� ���\n"
+"���������� ��� ���� ��� ��������� ���� �� ������������� ���������.\n"
+"�������� �������� ���� �� ������� ���������. ��� ����� ������\n"
+"����� �� �������.\n"
+
+#: g10/helptext.c:295
+msgid "No help available"
+msgstr "��� ������� ��������� �������"
+
+#: g10/helptext.c:303
+#, c-format
+msgid "No help available for `%s'"
+msgstr "��� ������� ��������� ������� ��� `%s'"
+
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "�������� ����������� ��� ����������� `%s': %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "� ������ ������ ��� `%s' �������: %s\n"
+
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "���������� `%s' �������������\n"
+
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "�������� ������������ ��� cache �����������: %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "�������������: 2 ������ �� ������������� ����������� ��������.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s ����� �� ����������\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s ����� �� ���\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "�������� ��������� ���� ��� ������ \"�����\" ���������\n"
+
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "������� ����������� `%s'\n"
+
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu ������� ����� ����� ���� �������� (%lu ���������)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu ������� ����� �������� (%lu ���������)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: ���������� �������������\n"
diff --git a/po/eo.po b/po/eo.po
index 8c1e2803e..c36a2b73a 100644
--- a/po/eo.po
+++ b/po/eo.po
@@ -1,301 +1,329 @@
 # Mesa�oj por la programo GnuPG
-# Copyright (C) 2000 Free Software Foundation, Inc.
-# Edmund GRIMLEY EVANS <[email protected]>, 2000.
+# Copyright (C) 2000, 2001, 2002 Free Software Foundation, Inc.
+# Edmund GRIMLEY EVANS <[email protected]>, 2000-2002.
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: gnupg 1.0.1e\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 2000-06-02 21:04+01:00\n"
+"Project-Id-Version: gnupg 1.0.6d\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-14 14:33+0100\n"
 "Last-Translator: Edmund GRIMLEY EVANS <[email protected]>\n"
-"Language-Team: Esperanto <[email protected]>\n"
+"Language-Team: Esperanto <[email protected]>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=iso-8859-3\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Averto: uzas malsekuran memoron!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "bonvolu vidi http://www.gnupg.org/faq.html por pliaj informoj\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "operacio ne eblas sen sekura memoro kun komenca valoro\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(eble vi uzis la mal�ustan programon por �i tiu tasko)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "jes"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "jJ"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "ne"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "fini"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "fF"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "�enerala eraro"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "nekonata paketo-speco"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "nekonata versio"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "nekonata publik�losila metodo"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "nekonata kompendi-metodo"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "malbona publika �losilo"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "malbona sekreta �losilo"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "malbona subskribo"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "eraro en kontrolsumo"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "malbona pasfrazo"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "publika �losilo ne trovita"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "nekonata �ifrad-metodo"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "ne povas malfermi la �losilaron"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "nevalida paketo"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "nevalida kiraso"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "uzantidentigilo ne ekzistas"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "sekreta �losilo ne havebla"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "mal�usta sekreta �losilo uzata"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "ne realigita"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "malbona �losilo"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "legeraro �e dosiero"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "skriberaro �e dosiero"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "nekonata densig-metodo"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "eraro �e malfermo de dosiero"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "eraro �e kreo de dosiero"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "nevalida pasfrazo"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "nerealigita publik�losila metodo"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "nerealigita �ifrad-metodo"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "nekonata klaso de subskribo"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "eraro en fido-datenaro"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "malbona MPI"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "trafis rimedolimon"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "nevalida �losilaro"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "malbona atestilo"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "misformita uzantidentigilo"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "eraro �e fermo de dosiero"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "eraro �e renomado de dosiero"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "eraro �e forvi�o de dosiero"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "neatendita dateno"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "malkongruo de tempostampoj"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "neuzebla publik�losila metodo"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "dosiero ekzistas"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "malforta �losilo"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "nevalida argumento"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "malbona URI"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "nerealigita URI"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "reteraro"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "ne �ifrita"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "ne traktita"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "neuzebla publika �losilo"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "neuzebla sekreta �losilo"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "�losilservila eraro"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... �i tio estas cimo (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "vi trovis cimon ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "ne povas malfermi '%s': %s\n"
 
-#: cipher/random.c:325
+#: cipher/random.c:324
 #, c-format
 msgid "can't stat `%s': %s\n"
 msgstr "ne povas stat-i '%s': %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
 msgstr "'%s' ne estas normala dosiero - ignorita\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
 msgstr "noto: dosiero random_seed estas malplena\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr "averto: nevalida grando de la dosiero random_seen - ne uzita\n"
 
-#: cipher/random.c:349
+#: cipher/random.c:348
 #, c-format
 msgid "can't read `%s': %s\n"
 msgstr "ne povas legi '%s': %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
 msgstr "noto: dosiero random_seed ne aktualigita\n"
 
-#: cipher/random.c:407
+#: cipher/random.c:406
 #, c-format
 msgid "can't create `%s': %s\n"
 msgstr "ne povas krei '%s': %s\n"
 
-#: cipher/random.c:414
+#: cipher/random.c:413
 #, c-format
 msgid "can't write `%s': %s\n"
 msgstr "ne povas skribi '%s': %s\n"
 
-#: cipher/random.c:417
+#: cipher/random.c:416
 #, c-format
 msgid "can't close `%s': %s\n"
 msgstr "ne povas fermi '%s': %s\n"
 
-#: cipher/random.c:428
-#, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr "tro da stokastaj bitoj petitaj; la limo estas %d\n"
-
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr "AVERTO: uzas malsekuran stokastilon!!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -309,7 +337,7 @@ msgstr ""
 "NE UZU DATENOJN KREITAJN DE �I TIU PROGRAMO!!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -320,19 +348,7 @@ msgstr ""
 "Nesufi�e da stokastaj datenoj. Bonvolu fari ion por ebligi al la\n"
 "mastruma sistemo kolekti pli da entropio! (Mankas %d bitokoj)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Averto: uzas malsekuran memoron!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "operacio ne eblas sen sekura memoro kun komenca valoro\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(eble vi uzis la mal�ustan programon por �i tiu tasko)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -340,139 +356,163 @@ msgstr ""
 "@Komandoj:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[dosiero]|fari subskribon"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[dosiero]|fari klartekstan subskribon"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "fari apartan subskribon"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "�ifri datenojn"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[dosieroj]|�ifri dosierojn"
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "�ifri nur kun simetria �ifro"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "nur skribi"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "mal�ifri datenojn (implicita elekto)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[dosieroj]|mal�ifri dosierojn"
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "kontroli subskribon"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "listigi �losilojn"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "listigi �losilojn kaj subskribojn"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "kontroli �losilsubskribojn"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "listigi �losilojn kaj fingro�purojn"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "listigi sekretajn �losilojn"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "krei novan �losilparon"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
-msgstr "forigi �losilon de la publika �losilaro"
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
+msgstr "forigi �losilojn de la publika �losilaro"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
-msgstr "forigi �losilon de la sekreta �losilaro"
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "forigi �losilojn de la sekreta �losilaro"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "subskribi �losilon"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "subskribi �losilon loke"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "subskribi �losilon nerevokeble"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "subskribi �losilon loke kaj nerevokeble"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "subskribi a� redakti �losilon"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "krei revokatestilon"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "eksporti �losilojn"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "eksporti �losilojn al �losilservilo"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "importi �losilojn de �losilservilo"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "ser�i �losilojn �e �losilservilo"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "aktualigi �iujn �losilojn de �losilservilo"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "importi/kunfandi �losilojn"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "listigi nur la sinsekvon de paketoj"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "eksporti la posedantofido-valorojn"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "importi posedantofido-valorojn"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "aktualigi la fido-datenaron"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NOMOJ]|kontroli la fido-datenaron"
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "senintervena aktualigo de fido-datenaro"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "ripari fu�itan fido-datenaron"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "elkirasigi dosieron a� la normalan enigon"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "enkirasigi dosieron a� la normalan enigon"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|metodo [dosieroj]|presi mesa�o-kompendiojn"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -482,156 +522,196 @@ msgstr ""
 "Opcioj:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "krei eligon en askia kiraso"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NOMO|�ifri por NOMO"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NOMO|uzi NOMOn kiel implicitan ricevonton"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "uzi la implicitan �losilon kiel implicitan ricevonton"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "uzi �i tiun uzantidentigilon por subskribi a� mal�ifri"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|difini densig-nivelon N (0=nenia)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "uzi tekstan re�imon"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "uzi dosieron por eligo"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "detala eligo"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "iom malpli da informoj"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "tute ne uzi la terminalon"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "devigi v3-subskribojn"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "ne devigi v3-subskribojn"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "devigi v4-subskribojn"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "ne devigi v4-�losilsubskribojn"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "�iam uzi sigelon (MDC) por �ifrado"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "neniam uzi MDC por �ifrado"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "fari neniajn �an�ojn"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "uzi gpg-agent"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "neinteraga re�imo: neniam demandi"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "supozi \"jes\" �e la plej multaj demandoj"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "supozi \"ne\" �e la plej multaj demandoj"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "aldoni �i tiun �losilaron al la listo de �losilaroj"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "aldoni �i tiun sekretan �losilaron al la listo"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "montri, en kiu �losilaro estas listigita �losilo"
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NOMO|uzi NOMOn kiel la implicitan sekretan �losilon"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|SERVILO|uzi �i tiun �losilservilon por ser�i �losilojn"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NOMO|difini NOMOn kiel la signaron de la terminalo"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "legi la opciojn el dosiero"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr "|FD|skribi statusinformojn al FD (dosierpriskribilo)"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr ""
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[dosiero]|skribi statusinformojn al dosiero"
 
-#: g10/gpg.c:297
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|KEYID|fidi �i tiun �losilon absolute"
+
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|DOSIERO|legi aldonan bibliotekon DOSIERO"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "imiti la re�imon priskribitan en RFC 1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr "�alti �iujn paket-, �ifrad- kaj kompendi-opciojn al OpenPGP-konduto"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "�alti �iujn paket-, �ifrad- kaj kompendi-opciojn al PGP-2.x-konduto"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|uzi pasfraz-re�imon N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr "|NOMO|uzi kompendi-metodon NOMO por pasfrazoj"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr "|NOMO|uzi �ifrad-metodon NOMO por pasfrazoj"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NOMO|uzi �ifrad-metodon NOMO"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NOMO|uzi kompendi-metodon NOMO"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|uzi densig-metodon N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr "forigi la �losilidentigilon de �ifritaj paketoj"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Montri Foto-Identigilojn"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "Ne montri Foto-Identigilojn"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "Agordi komandlinion por montri Foto-Identigilojn"
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NOMO=VALORO|uzi �i tiun notacian datenon"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
@@ -639,7 +719,7 @@ msgstr ""
 "@\n"
 "(Vidu la manpa�on por kompleta listo de �iuj komandoj kaj opcioj)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -659,15 +739,15 @@ msgstr ""
 " --list-keys [nomoj]        montri �losilojn\n"
 " --fingerprint [nomoj]      montri fingro�purojn\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr "Bonvolu raporti cimojn al <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Uzado: gpg [opcioj] [dosieroj] (-h por helpo)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -677,7 +757,7 @@ msgstr ""
 "subskribi, kontroli, �ifri a� mal�ifri\n"
 "implicita operacio dependas de la enigataj datenoj\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -685,191 +765,248 @@ msgstr ""
 "\n"
 "Realigitaj metodoj:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "uzado: gpg [opcioj] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "malkongruaj komandoj\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "NOTO: mankas implicita opcio-dosiero '%s'\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "opcio-dosiero '%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "legas opciojn el '%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s ne estas valida signaro\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "ne povis analizi URI de �losilservilo\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "AVERTO: '%s' estas malplena dosiero\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "AVERTO: programo povas krei core-dosieron!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "AVERTO: %s nuligas %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "NOTO: %s ne estas por normala uzado!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s ne eblas kun %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s ne havas sencon kun %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr "eblas fari nur apartajn kaj klartekstajn subskribojn kun --pgp2\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "ne eblas samtempe subskribi kaj �ifri kun --pgp2\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr "necesas uzi dosierojn (kaj ne tubon) kun --pgp2\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr "�ifri mesa�on kun --pgp2 postulas la �ifron IDEA\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "�i tiu mesa�o povas ne esti uzebla de PGP 2.x\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "elektita �ifrad-metodo ne validas\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "elektita kompendi-metodo ne validas\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "la donita gvidlinia URL ne validas\n"
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "la donita gvidlinia URL por subskriboj ne validas\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "la donita gvidlinia URL por atestado ne validas\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "la densig-metodo devas esti inter %d kaj %d\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "completes-needed devas esti pli granda ol 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "marginals-needed devas esti pli granda ol 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "max-cert-depth devas esti inter 1 kaj 255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "NOTO: simpla S2K-re�imo (0) estas forte malrekomendata\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "nevalida S2K-re�imo; devas esti 0, 1 a� 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "nevalida default-check-level; devas esti 0, 1, 2 a� 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "nevalidaj preferoj\n"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "malsukcesis doni komencajn valorojn al fido-datenaro: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [dosiero]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [dosiero]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [dosiero]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [dosiero]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [dosiero]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [dosiero]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [dosiero]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [dosiero]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key uzantidentigilo"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key uzantidentigilo"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key uzantidentigilo [komandoj]"
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key uzantidentigilo"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key uzantidentigilo"
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key uzantidentigilo"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key uzantidentigilo"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key uzantidentigilo [komandoj]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "ne povas malfermi %s: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [uzantidentigilo] [�losilaro]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "elkirasigo malsukcesis: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "enkirasigo malsukcesis: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "nevalida kompendi-metodo '%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[dosiero]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Ektajpu vian mesa�on ...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "ne povas malfermi '%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr "la unua signo de notacia nomo devas esti litero a� substreko\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -877,249 +1014,228 @@ msgstr ""
 "notacia nomo devas enhavi nur literojn, ciferojn, punktojn a� substrekojn "
 "kaj fini per '='\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr "punktoj en notacia nomo devas esti inter aliaj signoj\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "notacia valoro ne povas enhavi stirsignojn\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "kiraso: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "nevalida kiraso�apo: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "kiraso�apo: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "nevalida �apo de klarteksta subskribo\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "ingitaj klartekstaj subskriboj\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "nevalida strek-eskapita linio: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "neatendita kiraso:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "nevalida signo %02x en bazo 64 ignorita\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "tro frua dosierfino (nenia CRC)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "tro frua dosierfino (en CRC)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "misformita CRC\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "CRC-eraro; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "tro frua dosierfino (en vosto)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "eraro en vostolinio\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr "Por informoj vidu http://www.gnupg.org"
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "validaj OpenPGP-datenoj ne trovitaj.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "nevalida kiraso: linio pli longa ol %d signojn\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "quoted-printable-signo en kiraso - ver�ajne cima po�totransendilo estis "
 "uzata\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "             Fingrospuro:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Fingrospuro:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
 msgstr "Nenia kialo specifita"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
 msgstr "�losilo estas anstata�igita."
 
-#: g10/pkclist.c:121
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
 msgstr "�losilo estas kompromitita"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
 msgstr "�losilo estas ne plu uzata"
 
-#: g10/pkclist.c:125
-#, fuzzy
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
 msgstr "Uzantidentigilo ne plu validas"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
 msgstr "Kialo por revoko: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
 msgstr "Komento pri revoko: "
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "iImMfF"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMfFsS"
 
-#: g10/pkclist.c:308
+#: g10/pkclist.c:258
 #, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
-"Nenia fidovaloro atribuita al %lu:\n"
+"Nenia fidovaloro atribuita al:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Bonvolu decidi, kiagrade vi fidas al �i tiu uzanto �uste\n"
 "kontroli la �losilojn de aliaj uzantoj (rigardante pasportojn,\n"
 "kontrolante fingrospurojn el diversaj fontoj ...)?\n"
 "\n"
-" 1 = Ne scias\n"
-" 2 = Mi NE fidas\n"
-" 3 = Mi iom fidas\n"
-" 4 = Mi plene fidas\n"
-" i = Montru pli da informoj\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = Ne scias\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = Ni NE fidas �i tiun �losilon\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = Mi fidas iomete\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = Mi plene fidas\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = Mi fidas absolute\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = bonvolu montri pli da informoj\n"
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = reen al la �efmenuo\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = supersalti �i tiun �losilon\n"
+
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " f = fini\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Via decido? "
 
-#: g10/pkclist.c:359
-msgid "Certificates leading to an ultimately trusted key:\n"
-msgstr "Atestiloj, kiuj kondukas fine al fidata �losilo:\n"
-
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"Ne povis trovi validan fidovojon al la �losilo. Ni vidu, �u eblas\n"
-"atribui iujn mankantajn posedantofido-valorojn.\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"Nenia vojo trovita, kiu kondukas al unu el niaj �losiloj.\n"
-"\n"
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "�u vi vere volas �an�i �i tiun �losilon al absoluta fido? "
 
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Neniom da atestiloj trovitaj kun nedifinita fidovaloro.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Neniuj fidovaloroj �an�itaj.\n"
-"\n"
+#: g10/pkclist.c:325
+msgid "Certificates leading to an ultimately trusted key:\n"
+msgstr "Atestiloj, kiuj kondukas al absolute fidata �losilo:\n"
 
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "�losilo %08lX: �losilo estas revokita!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "�u tamen uzi �i tiun �losilon? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "�losilo %08lX: sub�losilo estas revokita!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: �losilo eksvalidi�is\n"
 
-#: g10/pkclist.c:519
+#: g10/pkclist.c:442
 #, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: mankas informoj por kalkuli fidovaloron\n"
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"%08lX: Estas nenia indiko, ke �i tiu �losilo vere apartenas al la posedanto\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: Ni NE fidas �i tiun �losilon\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1128,15 +1244,15 @@ msgstr ""
 "%08lX: Ne estas certe, ke �i tiu �losilo vere apartenas al la posedanto,\n"
 "sed �i tamen estas akceptita\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "�i tiu �losilo ver�ajne apartenas al la posedanto\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "�i tiu �losilo apartenas al ni\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1148,171 +1264,195 @@ msgstr ""
 "la sekva demando per \"jes\"\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "AVERTO: Uzas nefidatan �losilon!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "AVERTO: �i tiu �losilo estas revokita de sia posedanto!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "         Tio povas signifi, ke la subskribo estas falsa.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "AVERTO: �i tiu sub�losilo estas revokita de sia posedanto!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Noto: �i tiu �losilo estas mal�altita.\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Noto: �i tiu �losilo eksvalidi�is!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr "AVERTO: �i tiu �losilo ne estas atestita kun fidata subskribo!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr ""
 "         Estas nenia indiko, ke la subskribo apartenas al la posedanto.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "AVERTO: Ni NE fidas �i tiun �losilon!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "         La subskribo ver�ajne estas FALSA.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "AVERTO: �i tiu �losilo ne estas atestita kun sufi�e fidataj subskriboj!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr "         Ne estas certe, ke la subskribo apartenas al la posedanto.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: ignorita: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: ignorita: publika �losilo jam �eestas\n"
 
-#: g10/pkclist.c:855
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr "Vi ne specifis uzantidentigilon. (Vi povas uzi \"-r\")\n"
+
+#: g10/pkclist.c:762
 msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
 "\n"
+"Enter the user ID.  End with an empty line: "
 msgstr ""
-"Vi ne specifis uzantidentigilon. (Vi povas uzi \"-r\")\n"
 "\n"
+"Donu la uzantidentigilon. Finu per malplena linio: "
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Donu la uzantidentigilon: "
-
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Uzantidentigilo ne ekzistas.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr "ignorita: publika �losilo jam difinita kiel implicita ricevonto\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "Publika �losilo estas mal�altita.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "ignorita: publika �losilo jam difinita per --encrypt-to\n"
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "ignorita: publika �losilo jam agordita\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "nekonata implicita ricevonto '%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: eraro dum kontrolo de �losilo: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: ignorita: publika �losilo estas mal�altita\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "mankas validaj adresitoj\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "prefero %c%lu ne estas valida\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "prefero %c%lu ripetita\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "tro da '%c'-preferoj\n"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "nevalida signo en signo�eno\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "skribas mem-subskribon\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "skribas �losilbindan subskribon\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
 #, c-format
 msgid "keysize invalid; using %u bits\n"
 msgstr "�losilgrando nevalida; uzas %u bitojn\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
 #, c-format
 msgid "keysize rounded up to %u bits\n"
 msgstr "�losilgrando rondigita �is %u bitoj\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Bonvolu elekti, kian �losilon vi deziras:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA kaj ElGamal (implicita elekto)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (nur subskribi)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (nur �ifri)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (subskribi kaj �ifri)\n"
 
-#: g10/keygen.c:643
-#, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (subskribi kaj �ifri)\n"
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (nur subskribi)\n"
+
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (nur �ifri)\n"
 
-#: g10/keygen.c:647
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Via elekto? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "�u vi vere volas krei subskriban kaj �ifran �losilon? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "Uzado de �i tiu algoritmo estas malrekomendata - �u tamen krei? "
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Nevalida elekto.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1325,21 +1465,20 @@ msgstr ""
 "               implicita �losilgrando estas 1024 bitoj\n"
 " plej granda rekomendata �losilgrando estas 2048 bitoj\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Kiun �losilgrandon vi deziras? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA permesas �losilgrandon nur inter 512 kaj 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "�losilgrando tro malgranda; 768 estas plej eta permesata valoro.\n"
-
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr "�losilgrando tro malgranda; 1024 estas plej eta valoro por RSA.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
 msgstr "�losilgrando tro malgranda; 768 estas plej eta permesata valoro.\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
@@ -1350,12 +1489,12 @@ msgstr "�losilgrando tro malgranda; 768 estas plej eta permesata valoro.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "�losilgrando tro granda; %d estas plej granda permesata valoro.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1363,11 +1502,11 @@ msgstr ""
 "�losilgrandoj pli grandaj ol 2048 ne estas rekomendataj,\n"
 "�ar la komputado da�ras TRE longe!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "�u vi estas certa, ke vi deziras �i tiun �losilgrandon? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1375,21 +1514,17 @@ msgstr ""
 "Bone, sed pripensu, ke la elradiado de viaj ekrano kaj klavaro estas tre "
 "facile kaptebla!\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "�u vi vere bezonas tiom grandan �losilgrandon? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "Petita �losilgrando estas %u bitoj\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "rondigita �is %u bitoj\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1405,25 +1540,46 @@ msgstr ""
 "      <n>m = �losilo eksvalidi�os post n monatoj\n"
 "      <n>y = �losilo eksvalidi�os post n jaroj\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Bonvolu specifi, kiom longe la �losilo validu.\n"
+"         0 = �losilo neniam eksvalidi�os\n"
+"      <n>  = �losilo eksvalidi�os post n tagoj\n"
+"      <n>w = �losilo eksvalidi�os post n semajnoj\n"
+"      <n>m = �losilo eksvalidi�os post n monatoj\n"
+"      <n>y = �losilo eksvalidi�os post n jaroj\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "�losilo validu ...? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "�losilo validu por ...? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "nevalida valoro\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "�losilo neniam eksvalidi�os\n"
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s neniam eksvalidi�os\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
+#: g10/keygen.c:992
 #, c-format
-msgid "Key expires at %s\n"
-msgstr "�losilo eksvalidi�os je %s\n"
+msgid "%s expires at %s\n"
+msgstr "%s eksvalidi�os je %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1431,11 +1587,11 @@ msgstr ""
 "Via sistemo ne povas montri datojn post 2038.\n"
 "Tamen, �i estos �uste traktata �is 2106.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "�u tio estas �usta (j/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1450,44 +1606,44 @@ msgstr ""
 "    \"Heinrich Heine (la poeto) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Vera nomo: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Nevalida signo en nomo\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Nomo ne povas komenci�i per cifero\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Nomo devas havi almena� 5 signojn\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Retadreso: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Nevalida retadreso\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Komento: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Nevalida signo en komento\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Vi uzas la signaron '%s'.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1498,27 +1654,27 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr "Bonvolu ne meti la retadreson en la veran nomon a� la komenton\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnKkAaBbFf"
 
-#: g10/keygen.c:986
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
 msgstr "�an�u (N)omon, (K)omenton, (A)adreson, a� (F)ini? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "�an�u (N)omon, (K)omenton, (A)adreson, a� (B)one/(F)ini? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
 msgstr "Bonvolu korekti la eraron unue\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1526,11 +1682,16 @@ msgstr ""
 "Vi bezonas pasfrazon por protekti vian sekretan �losilon.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr "la pasfrazo ne estis �uste ripetita; provu denove.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "la pasfrazo ne estis �uste ripetita; provu denove"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1542,7 +1703,7 @@ msgstr ""
 "uzante �i tiun programon kun la opcio \"--edit-key\".\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1554,29 +1715,53 @@ msgstr ""
 "kreado de la primoj; tio donas al la stokastilo pli bonan �ancon\n"
 "akiri sufi�e da entropio.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "DSA-�losilparo havos 1024 bitojn.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Kreado de �losiloj nuligita.\n"
 
-#: g10/keygen.c:1668
+#: g10/keygen.c:1883 g10/keygen.c:1963
 #, c-format
 msgid "writing public key to `%s'\n"
 msgstr "skribas publikan �losilon al '%s'\n"
 
-#: g10/keygen.c:1669
+#: g10/keygen.c:1884 g10/keygen.c:1965
 #, c-format
 msgid "writing secret key to `%s'\n"
 msgstr "skribas sekretan �losilon al '%s'\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "neniu skribebla publika �losilaro trovita: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "neniu skribebla sekreta �losilaro trovita: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "eraro dum skribado de publika �losilaro '%s': %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "eraro dum skribado de sekreta �losilaro '%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "publika kaj sekreta �losiloj kreitaj kaj subskribitaj.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "�losilo markita kiel absolute fidata.\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
@@ -1584,12 +1769,12 @@ msgstr ""
 "Notu, ke �i tiu �losilo ne estas uzebla por �ifrado. Vi eble volos\n"
 "uzi la komandon \"--edit-key\" por krei flankan �losilon por tiu celo.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "Kreado de �losiloj malsukcesis: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1597,7 +1782,7 @@ msgstr ""
 "�losilo estis kreita %lu sekundon en la estonteco (tempotordo a� "
 "horlo�eraro)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1605,305 +1790,359 @@ msgstr ""
 "�losilo estis kreita %lu sekundojn en la estonteco (tempotordo a� "
 "horlo�eraro)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "NOTO: krei sub�losilojn por v3-�losiloj ne estas OpenPGP-kongrue\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "�u vere krei? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output ne funkcias por �i tiu komando\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "'%s' jam densigita\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: ne povas malfermi: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "eraro dum kreado de pasfrazo: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: AVERTO: malplena dosiero\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr "eblas �ifri nur per RSA-�losiloj de maksimume 2048 bitoj kun --pgp2\n"
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "legas el '%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr "ne povas uzi la �ifron IDEA por �iuj �losiloj, al kiuj vi �ifras.\n"
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s-�ifrita por: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
+#: g10/delkey.c:69 g10/export.c:141
 #, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: uzanto ne trovita: %s\n"
+msgid "key `%s' not found: %s\n"
+msgstr "�losilo '%s' ne trovita: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "eraro dum legado de �losilbloko: %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "�losilo %08lX: ne estas RFC-2440-�losilo - ignorita\n"
 
-#: g10/export.c:175
+#: g10/export.c:180
 #, c-format
 msgid "key %08lX: not protected - skipped\n"
 msgstr "�losilo %08lX: ne protektita - ignorita\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "�losilo %08lX: PGP-2.x-stila �losilo - ignorita\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "AVERTO: nenio estis eksportita\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "tro da registroj en pk-staplo - mal�altas\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "tro da registroj en unk-staplo - mal�altas\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[Uzantidentigilo ne trovita]"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1360
+#, fuzzy, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr "Nevalida �losilo %08lX validigita per --always-trust\n"
+
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "uzas flankan �losilon %08lX anstata� la �efa �losilo %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr "�losilo %08lX: sekreta �losilo sen publika �losilo - ignorita\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: uzanto ne trovita\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "ignoras blokon de speco %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu �losiloj jam traktitaj\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "eraro dum legado de '%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "      Nombro traktita entute: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "           novaj sub�losiloj: %lu\n"
+msgstr "    ignoritaj novaj �losiloj: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "         sen uzantidentigilo: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "                  importitaj: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "                  ne�an�itaj: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "      novaj uzantidentigiloj: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "           novaj sub�losiloj: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "            novaj subskriboj: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "         novaj �losilrevokoj: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "   sekretaj �losiloj legitaj: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "sekretaj �losiloj importitaj: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr "sekretaj �losiloj ne�an�itaj: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "�losilo %08lX: mankas uzantidentigilo\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "�losilo %08lX: akceptis ne-mem-subskribitan uzantidentigilon '"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "�losilo %08lX: mankas valida uzantidentigilo\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "tio povas esti ka�zata de mankanta mem-subskribo\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "�losilo %08lX: publika �losilo ne trovita: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "�losilo %08lX: ne estas RFC-2440-�losilo - ignorita\n"
+msgstr "�losilo %08lX: nova �losilo - ignorita\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "neniu skribebla �losilaro trovita: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "skribas al '%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "eraro dum skribado de �losilaro '%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "�losilo %08lX: publika �losilo importita\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "�losilo %08lX: diferencas de nia kopio\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "�losilo %08lX: ne povas trovi originalan �losilblokon: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "�losilo %08lX: ne povas legi originalan �losilblokon: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "�losilo %08lX: 1 nova uzantidentigilo\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "�losilo %08lX: %d novaj uzantidentigiloj\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "�losilo %08lX: 1 nova subskribo\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "�losilo %08lX: %d novaj subskriboj\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "�losilo %08lX: 1 nova sub�losilo\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "�losilo %08lX: %d novaj sub�losiloj\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "�losilo %08lX: ne �an�ita\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "mankas implicita sekreta �losilaro: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "�losilo %08lX: sekreta �losilo importita\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "�losilo %08lX: jam en sekreta �losilaro\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "�losilo %08lX: sekreta �losilo ne trovita: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "�losilo %08lX: publika �losilo mankas - ne povas apliki revokatestilon\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "�losilo %08lX: nevalida revokatestilo: %s - malakceptita\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "�losilo %08lX: revokatestilo importita\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "�losilo %08lX: mankas uzantidentigilo por subskribo\n"
 
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
 msgstr "�losilo %08lX: nerealigita publik�losila metodo\n"
 
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
 msgstr "�losilo %08lX: nevalida mem-subskribo\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "�losilo %08lX: mankas sub�losilo por �losilbindado\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "�losilo %08lX: nevalida sub�losila bindado\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "�losilo %08lX: nerealigita publik�losila metodo\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "�losilo %08lX: akceptis ne-mem-subskribitan uzantidentigilon '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "�losilo %08lX: nevalida sub�losila bindado\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "�losilo %08lX: ignoris uzantidentigilon '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "�losilo %08lX: ignoris sub�losilon\n"
@@ -1912,93 +2151,197 @@ msgstr "�losilo %08lX: ignoris sub�losilon\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr "�losilo %08lX: neeksportebla subskribo (klaso %02x) - ignorita\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr "�losilo %08lX: revokatestilo en mal�usta loko - ignorita\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "�losilo %08lX: nevalida revokatestilo: %s - ignorita\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "�losilo %08lX: trovis ripetitan uzantidentigilon - kunfandita\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "�losilo %08lX: revokatestilo aldonita\n"
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1231
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "�losilo %08lX: nia kopio ne havas mem-subskribon\n"
+msgid "key %08lX: direct key signature added\n"
+msgstr "�losilo %08lX: rekta �losilsubskribo aldonita\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[revoko]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[mem-subskribo]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 malbona subskribo\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d malbonaj subskriboj\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 subskribo ne kontrolita pro manko de �losilo\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d subskriboj ne kontrolitaj pro manko de �losiloj\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 subskribo ne kontrolita pro eraro\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d subskriboj ne kontrolitaj pro eraroj\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "1 uzantidentigilo sen valida mem-subskribo estis trovita\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr "%d uzantidentigiloj sen valida mem-subskribo estis trovitaj\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
-#, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "Jam subskribita per �losilo %08lX\n"
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "Uzantidentigilo \"%s\" estas revokita.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+#, fuzzy
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "�u vi estas certa, ke vi ankora� volas subskribi �in?\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, fuzzy, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"Via aktuala subskribo sur \"%s\"\n"
+"estas loka subskribo.\n"
+"\n"
+"�u vi volas igi �in plena eksportebla subskribo?\n"
+
+#: g10/keyedit.c:368
+#, fuzzy
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+"Via aktuala subskribo sur \"%s\"\n"
+"estas loka subskribo.\n"
+"\n"
+"�u vi volas igi �in plena eksportebla subskribo?\n"
+
+#: g10/keyedit.c:388
+#, fuzzy, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" jam estis %ssubskribita per �losilo %08lX\n"
+
+#: g10/keyedit.c:393
+#, fuzzy, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" jam estis %ssubskribita per �losilo %08lX\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Nenio por subskribi per �losilo %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "�i tiu �losilo eksvalidi�is!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "�i tiu �losilo eksvalidi�os je %s.\n"
+
+#: g10/keyedit.c:444
+#, fuzzy
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "�u vi volas, ke via subskribo eksvalidi�u je la sama tempo? (j/n) "
+
+#: g10/keyedit.c:477
+#, fuzzy
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr "eblas subskribi nur per PGP-2.x-stilaj �losiloj kun --pgp2\n"
+
+#: g10/keyedit.c:479
+#, fuzzy
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "�i tiu mesa�o povas ne esti uzebla de PGP 2.x\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Kiom zorge vi kontrolis, ke la �losilo, kiun vi subskribos, vere apartenas\n"
+"al la supre nomita persono? Se vi ne scias la respondon, donu \"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Mi ne respondas.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) Mi tute ne kontrolis.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) Mi malzorge kontrolis.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) Mi tre zorge kontrolis.%s\n"
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2006,41 +2349,73 @@ msgstr ""
 "�u vi estas tute certa, ke vi volas subskribi �i tiun �losilon\n"
 "per via �losilo: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
 msgid ""
-"The signature will be marked as non-exportable.\n"
 "\n"
+"The signature will be marked as non-exportable.\n"
 msgstr ""
+"\n"
 "La subskribo estos markita kiel neeksportebla.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"La subskribo estos markita kiel nerevokebla.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"Mi tute ne kontrolis �i tiun �losilon.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"Mi malzorge kontrolis �i tiun �losilon.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
 "\n"
+"Mi tre zorge kontrolis �i tiun �losilon.\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "�u vere subskribi? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "subskribado malsukcesis: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "�i tiu �losilo ne estas protektita.\n"
 
-#: g10/keyedit.c:426
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
 msgstr "Sekretaj partoj de �efa �losilo ne estas disponataj.\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "�losilo estas protektita.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Ne povas redakti �i tiun �losilon: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2048,7 +2423,7 @@ msgstr ""
 "Donu la novan pasfrazon por �i tiu sekreta �losilo.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2056,421 +2431,554 @@ msgstr ""
 "Vi ne deziras pasfrazon - tio ver�ajne estas *malbona* ideo!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "�u vi vere volas fari tion? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "movas �losilsubskribon al la �usta loko\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "forlasi �i tiun menuon"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "f"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "skribi"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "skribi kaj fini"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "helpo"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "montri �i tiun helpon"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fsp"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "montri fingrospuron"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "listo"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "listigi �losilojn kaj uzantidentigilojn"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "elekti uzantidentigilon N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "�losilo"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "elekti flankan �losilon N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "kontroli"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "listigi subskribojn"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "k"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "subskribi"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "subskribi la �losilon"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsub"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "subskribi la �losilon loke"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsub"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "subskribi la �losilon nerevokeble"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsub"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "subskribi la �losilon loke kaj nerevokeble"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "spuri"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "aluid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "aldoni uzantidentigilon"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "alfoto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "aldoni foto-identigilon"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "foruid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "forvi�i uzantidentigilon"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "forfoto"
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "al"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "aldoni flankan �losilon"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "for"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "forvi�i flankan �losilon"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "forsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "forvi�i subskribojn"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "eksval"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "�an�i la daton de eksvalidi�o"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "�efa"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "marku uzantidentigilon kiel �efan"
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "alia"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "de sekreta a� publika listo iri al la alia"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "a"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr "listigi preferojn"
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "listigi preferojn (spertula)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "monpref"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "listigi preferojn (detale)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "agpref"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "agordi liston de preferoj"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "aktpref"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "aktualigitaj preferoj"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "pasf"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "�an�i la pasfrazon"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "fido"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "�an�i la posedantofidon"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "revoki subskribojn"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "rev"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "revoki flankan �losilon"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "el"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "mal�alti �losilon"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "en"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "�alti �losilon"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "monfoto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "montri foto-identigilon"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "ne povas fari tion en neinteraga re�imo\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "eraro dum legado de sekreta �losilbloko '%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Sekreta �losilo estas havebla.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Komando> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "Bezonas la sekretan �losilon por fari tion.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
 msgstr "Bonvolu uzi la komandon \"toggle\" unue.\n"
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "�losilo estas revokita.\n"
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "�u vere subskribi �iujn uzantidentigilojn? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Sugesto: Elekti la uzantidentigilojn por subskribi\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "aktualigo de fido-datenaro malsukcesis: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "Tiu komando ne eblas en la re�imo %s.\n"
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Vi devas elekti almena� unu uzantidentigilon.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Vi ne povas forvi�i la lastan uzantidentigilon!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "�u vere forigi �iujn elektitajn uzantidentigilojn? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "�u vere forigi �i tiun uzantidentigilon? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Vi devas elekti almena� unu �losilon.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "�u vi vere volas forvi�i la elektitajn �losilojn? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "�u vi vere volas forvi�i �i tiun �losilon? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "�u vi vere volas revoki la elektitajn �losilojn? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "�u vi vere volas revoki �i tiun �losilon? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "�u vere aktualigi la preferojn por la elektitaj uzantidentigiloj? "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "�u vere aktualigi la preferojn? "
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "�u skribi �an�ojn? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "�u fini sen skribi �an�ojn? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "aktualigo malsukcesis: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "aktualigo de sekreto malsukcesis: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "�losilo ne �an�ita, do aktualigo ne necesas.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Nevalida komando (provu per \"helpo\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "�i tiu �losilo estas revokebla per %s �losilo %s%s\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (sentema)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  kreita: %s eksvalidi�os: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " fido: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "�i tiu �losilo estas mal�altita"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "�losilo %08lX: sub�losilo estas revokita!\n"
+msgstr "rev! sub�losilo estas revokita: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr "         novaj �losilrevokoj: %lu\n"
+msgstr "rev- falsita revoko trovita\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? problemo en kontrolo de revoko: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
 msgstr ""
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"AVERTO: �i tiu �losilo jam havas foto-identigilon.\n"
+"        Aldono de alia foto-identigilo eble konfuzos iujn versiojn de PGP.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "�u vi estas certa, ke vi ankora� volas aldoni �in? (j/n) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "Eblas havi nur unu foto-identigilon sur �losilo.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"AVERTO: �i tiu estas PGP2-stila �losilo. Aldono de foto-identigilo eble\n"
+"        ka�zos, ke iuj versioj de PGP malakceptos la �losilon.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "Ne eblas aldoni foto-identigilon al PGP2-stila �losilo.\n"
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "�u forvi�i �i tiun bonan subskribon? (j/N/f)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "�u forvi�i �i tiun nevalidan subskribon? (j/N/f)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "�u forvi�i �i tiun nekonatan subskribon? (j/N/f)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "�u vere forvi�i �i tiun mem-subskribon? (j/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "Forvi�is %d subskribon.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "Forvi�is %d subskribojn.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Nenio estis forvi�ita.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Bonvolu malelekti la sekretajn �losilojn.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Bonvolu elekti maksimume unu flankan �losilon.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "�an�as la daton de eksvalidi�o de flanka �losilo.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "�an�as la daton de eksvalidi�o de la �efa �losilo.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Vi ne povas �an�i la daton de eksvalidi�o de v3-�losilo\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Mankas responda subskribo en sekreta �losilaro\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Bonvolu elekti precize unu uzantidentigilon.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Mankas uzantidentigilo kun indekso %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Mankas flanka �losilo kun indekso %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "uzantidentigilo: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2479,243 +2987,372 @@ msgstr ""
 "\"\n"
 "subskribita per via �losilo %08lX je %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, fuzzy, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"subskribita per via �losilo %08lX je %s\n"
+
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "�i tiu �losilo eksvalidi�os je %s.\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "�u vi estas certa, ke vi ankora� volas aldoni �in? (j/n) "
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
 msgstr "�u krei revokatestilon por �i tiu subskribo? (j/N)"
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Vi subskribis la sekvajn uzantidentigilojn:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
-#, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "   subskribita per %08lX je %s\n"
+#: g10/keyedit.c:2504
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   subskribita per %08lX je %s%s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   revokita de %08lX je %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Vi revokos la sekvajn subskribojn:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   subskribita per %08lX je %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
+
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
 msgstr "�u vere krei la revokatestilojn? (j/N)"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "mankas sekreta �losilo\n"
 
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "nevalida kiraso"
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
 
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "rev"
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Subskribo-gvidlinioj: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "AVERTO: nevalida notacia dateno trovita\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Subskribo-notacio: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "ne homlegebla"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "�losilaro"
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
+#: g10/keylist.c:423 g10/mainproc.c:856
 #, c-format
 msgid " [expires: %s]"
 msgstr " [eksvalidi�os: %s]"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Fingrospuro:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "             Fingrospuro:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "     �losilo-fingrospuro ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s-�ifritaj datenoj\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "�ifrita per nekonata metodo %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "publika �losilo estas %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "publik�losile �ifritaj datenoj: bona DEK\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "�ifrita per %u-bita %s-�losilo, %08lX, kreita je %s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "�ifrita per %s-�losilo, %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "mankas sekreta �losilo por mal�ifrado\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "publik�losila mal�ifrado malsukcesis: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "supozas %s �ifritajn datenojn\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr "�ifro IDEA ne disponata, optimisme provas uzi %s anstata�e\n"
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "mal�ifrado sukcesis\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "AVERTO: �ifrita mesa�o estis manipulita!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr "mal�ifrado malsukcesis: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr "NOTO: sendinto petis konfidencon (\"for-your-eyes-only\")\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "originala dosiernomo='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr "memstara revoko - uzu \"gpg --import\" por apliki �in\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "AVERTO: nevalida notacia dateno trovita\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Notacio: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Gvidlinio: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "kontrolo de subskribo estas mal�altita\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "ne povas trakti �i tiujn pluroblajn subskribojn\n"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Subskribo farita je %.*s per %s, �losilo %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "MALBONA subskribo de \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Eksvalidi�inta subskribo de \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Bona subskribo de \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[malcerta]"
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "            alinome \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Ne povas kontroli subskribon: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "ne aparta subskribo\n"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "memstara subskribo de klaso 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "malnovstila subskribo (PGP 2.x)\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "nevalida radikpaketo trovita en proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "ne povas mal�alti kreadon de core-dosieroj: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Eksperimentaj metodoj ne estu uzataj!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
 msgstr "�i tiu �ifrad-metodo estas malrekomendata; bonvolu uzi pli normalan!\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Averto: malsekura posedeco sur %s \"%s\"\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Averto: malsekuraj permesoj sur %s \"%s\"\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "la aldona�o por la �ifro IDEA en �eestas\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+"bonvolu vidi http://www.gnupg.org/why-not-idea.html por pliaj informoj\n"
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "ne povas trakti publik�losilan metodon %d\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpaketo de speco %d havas �altitan \"critical bit\"\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
-msgstr ""
+msgstr "gpg-agent ne estas disponata en �i tiu sesio\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "ne povas agordi kliento-PID por la agento\n"
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "ne povas akiri lego-FD de servilo por la agento\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "ne povas akiri skribo-FD de servilo por la agento\n"
+
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
-msgstr ""
+msgstr "malbona valoro de la media variablo GPG_AGENT_INFO\n"
 
-#: g10/hkp.c:158 g10/passphrase.c:223
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "protokolversio %d de gpg-agent ne estas uzebla\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
 #, c-format
 msgid "can't connect to `%s': %s\n"
 msgstr "ne povas konekti�i al '%s': %s\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "komunikproblemo kun gpg-agent\n"
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "problemo kun agento - mal�altas uzadon de agento\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (�ef�losilo %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
-"Vi bezonas pasfrazon por mal�losi la sekretan �losilon\n"
-"por la uzanto: \""
+"Vi bezonas pasfrazon por mal�losi la sekretan �losilon por la uzanto:\n"
+"\"%.*s\"\n"
+"%u-bita %s �losilo, ID %08lX, kreita je %s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Donu pasfrazon: "
+msgstr "Donu pasfrazon\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "Ripetu pasfrazon: "
+msgstr "Ripetu pasfrazon\n"
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr ""
+msgstr "pasfrazo estas tro longa\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "nevalida respondo de agento\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "nuligita de uzanto\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "problemo kun agento: agento redonas 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2725,20 +3362,20 @@ msgstr ""
 "Vi bezonas pasfrazon por mal�losi la sekretan �losilon\n"
 "por la uzanto: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "%u-bita %s-�losilo, %08lX, kreita je %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "ne povas kontroli pasvorton en neinteraga re�imo\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Donu pasfrazon: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Ripetu pasfrazon: "
 
@@ -2746,147 +3383,194 @@ msgstr "Ripetu pasfrazon: "
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr "datenoj ne savitaj; uzu la opcion \"--output\" por savi ilin\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "eraro dum kreado de '%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
 msgstr "Aparta subskribo.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Bonvolu doni la nomon de la dosiero: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "legas la normalan enigon ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "mankas subskribitaj datenoj\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "ne povas malfermi subskribitan dosieron '%s'\n"
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "nenomita ricevonto; provas per sekreta �losilo %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "bone; ni estas la nenomita ricevonto.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "malnova kodado de DEK ne estas realigita\n"
 
-#: g10/pubkey-enc.c:216
+#: g10/pubkey-enc.c:177
 #, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "�ifrad-metodo %d estas nekonata a� mal�altita\n"
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "�ifrad-metodo %d%s estas nekonata a� mal�altita\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr "NOTO: �ifrad-metodo %d ne trovita en preferoj\n"
 
-#: g10/pubkey-enc.c:261
+#: g10/pubkey-enc.c:242
 #, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
 msgstr "NOTO: sekreta �losilo %08lX eksvalidi�is je %s\n"
 
-#: g10/hkp.c:62
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr "petas la �losilon %08lX de %s ...\n"
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "petas la �losilon %08lX de HKP-�losilservilo %s ...\n"
 
-#: g10/hkp.c:75
+#: g10/hkp.c:94
 #, c-format
 msgid "can't get key from keyserver: %s\n"
 msgstr "ne povas akiri �losilon de �losilservilo: %s\n"
 
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr "neniu �losilservilo konata (uzu la opcion --keyserver)\n"
-
-#: g10/hkp.c:106
-#, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s: ne valida �losilidentigilo\n"
-
-#: g10/hkp.c:182
+#: g10/hkp.c:171
 #, c-format
 msgid "error sending to `%s': %s\n"
 msgstr "eraro dum sendo al '%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
 msgstr "sukceso dum sendo al '%s' (statuso=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
 msgstr "malsukceso dum sendo al '%s': statuso=%u\n"
 
-#: g10/seckey-cert.c:89
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "ser�as pri \"%s\" �e HKP-servilo %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "ne povas ser�i �e �losilservilo: %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
 msgstr "sekretaj �losilpartoj ne estas disponataj\n"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
 #, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "protekto-metodo %d ne estas realigita\n"
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "protekto-metodo %d%s ne estas realigita\n"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr "Nevalida pasfrazo; bonvolu provi denove ...\n"
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Nevalida pasfrazo; bonvolu provi denove"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
+
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr ""
 "AVERTO: Malforta �losilo trovita - bonvolu �an�i la pasfrazon denove.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "�i tio estas PGP-kreita ElGamal-�losilo, kiu NE estas sekura por "
 "subskribado!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "la publika �losilo estas %lu sekundon pli nova ol la subskribo\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "la publika �losilo estas %lu sekundojn pli nova ol la subskribo\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "NOTO: subskribo-�losilo eksvalidi�is je %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "NOTO: subskribo-�losilo %08lX eksvalidi�is je %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr "supozas malbonan subskribon pro nekonata \"critical bit\"\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"AVERTO: ne povas %%-kompletigi gvidlinian URL (tro granda); uzas sen "
+"kompletigo.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "kontrolo de kreita subskribo malsukcesis: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "%s-subskribo de: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "AVERTO: '%s' estas malplena dosiero\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "eblas subskribi nur per PGP-2.x-stilaj �losiloj kun --pgp2\n"
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "ne povas krei %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "subskribas:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"eblas klartekste subskribi nur per PGP-2.x-stilaj �losiloj kun --pgp2\n"
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "AVERTO: '%s' estas malplena dosiero\n"
+msgid "%s encryption will be used\n"
+msgstr "%s �ifrado estos aplikata\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2898,420 +3582,205 @@ msgstr "ne povas trakti tekstliniojn pli longajn ol %d signojn\n"
 msgid "input line longer than %d characters\n"
 msgstr "enigata linio pli longa ol %d signojn\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "fido-datenaro loko %lu: lseek malsukcesis: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr "fido-datenaro loko %lu: skribo malsukcesis (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "fido-datenaro-transakcio tro granda\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: ne povas aliri: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: dosierujo ne ekzistas!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: ne povas krei: %s\n"
+msgid "%s: can't create lock\n"
+msgstr "%s: ne povas krei �loson\n"
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:480 g10/tdbio.c:544
 #, c-format
-msgid "%s: can't create lock\n"
+msgid "%s: can't make lock\n"
 msgstr "%s: ne povas krei �loson\n"
 
-#: g10/tdbio.c:473
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: ne povas krei: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: malsukcesis krei versiregistron: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: nevalida fido-datenaro kreita\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: fido-datenaro kreita\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: nevalida fido-datenaro\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: malsukcesis krei haktabelon: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: eraro dum aktualigo de versiregistro: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: eraro dum legado de versiregistro: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: eraro dum skribado de versiregistro: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "fido-datenaro: lseek malsukcesis: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "fido-datenaro: lego malsukcesis (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: ne estas fido-datenaro\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: versiregistro kun registronumero %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: nevalida dosiero-versio %d\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: eraro dum legado de libera registro: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: eraro dum skribo de dosieruja registro: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: malsukcesis nuligi registron: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: malsukcesis aldoni registron: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr "la fido-datenaro estas fu�ita; bonvolu ruli \"gpg --fix-trustdb\".\n"
 
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "fido-datenaro loko %lu, petospeco %d: lego malsukcesis: %s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "fido-datenaro %lu, speco %d: skribo malsukcesis: %s\n"
-
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "fido-registro %lu: forvi�o malsukcesis: %s\n"
-
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "fido-datenaro: sync malsukcesis: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "eraro dum legado de dosieruja registro por LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: atendis dosierujan registron, trovis specon %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "mankas �efa �losilo por LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "eraro dum legado de �efa �losilo por LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record malsukcesis: %s\n"
-
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "%s: ne valida �losilidentigilo\n"
-
-#: g10/trustdb.c:502
+#: g10/trustdb.c:200
 #, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "�losilo %08lX: ne povas meti �in en la fido-datenaron\n"
+msgid "`%s' is not a valid long keyID\n"
+msgstr "'%s' ne estas valida longa �losilidentigilo\n"
 
-#: g10/trustdb.c:508
+#: g10/trustdb.c:235
 #, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "�losilo %08lX: peto-registro malsukcesis\n"
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "�losilo %08lX: akceptita kiel fidata �losilo\n"
 
-#: g10/trustdb.c:517
+#: g10/trustdb.c:274
 #, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "�losilo %08lX: jam en tabelo de fidataj �losiloj\n"
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "�losilo %08lX aperas pli ol unufoje en la fido-datenaro\n"
 
-#: g10/trustdb.c:520
+#: g10/trustdb.c:290
 #, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "�losilo %08lX: akceptita kiel fidata �losilo.\n"
-
-#: g10/trustdb.c:547
-#, fuzzy, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "�losilo %08lX: ne protektita - ignorita\n"
-
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "NOTO: sekreta �losilo %08lX NE estas protektita.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "�losilo %08lX: sekreta kaj publika �losiloj ne kongruas\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "listigo de sekretaj �losiloj malsukcesis: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "�losilo %08lX.%lu: Bona sub�losila bindado\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "�losilo %08lX.%lu: Nevalida sub�losila bindado: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "�losilo %08lX.%lu: Valida �losilrevoko\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "�losilo %08lX.%lu: Nevalida �losilrevoko: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "�losilo %08lX.%lu: Valida sub�losilrevoko\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Bona mem-subskribo"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Nevalida mem-subskribo"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr "Valida uzantidentigil-revoko ignorita pro pli nova mem-subskribo"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Valida uzantidentigil-revoko"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Nevalida uzantidentigil-revoko"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Valida atestilrevoko"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Bona atestilo"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Nevalida atestilrevoko"
+msgstr "�losilo %08lX: mankas publika �losilo por fidata �losilo - ignorita\n"
 
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Nevalida atestilo"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "subskribo-registro %lu[%d] montras al mal�usta registro.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "ripetita atestilo - forvi�ita"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir malsukcesis: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: en�ovo malsukcesis: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: en�ovo malsukcesis: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: en�ovita\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "eraro dum legado de dosieruja registro: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
+#: g10/trustdb.c:332
 #, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu �losiloj traktitaj\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu �losiloj kun eraroj\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu �losiloj en�ovitaj\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "fido-datenaro loko %lu, petospeco %d: lego malsukcesis: %s\n"
 
-#: g10/trustdb.c:1826
+#: g10/trustdb.c:338
 #, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "listigo de �losilblokoj malsukcesis: %s\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "fido-registro %lu ne havas petitan specon %d\n"
 
-#: g10/trustdb.c:1874
+#: g10/trustdb.c:353
 #, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: dosieruja registro sen �losilo - ignorita\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "fido-datenaro %lu, speco %d: skribo malsukcesis: %s\n"
 
-#: g10/trustdb.c:1884
+#: g10/trustdb.c:368
 #, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu pro novaj publikaj �losiloj\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "fido-datenaro: sync malsukcesis: %s\n"
 
-#: g10/trustdb.c:1886
-#, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu �losiloj ignoritaj\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "kontrolo de fido-datenaro ne estas bezonata\n"
 
-#: g10/trustdb.c:1890
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu �losiloj aktualigitaj\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Hu, mankas �losiloj\n"
-
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Hu, mankas uzantidentigiloj\n"
+msgid "next trustdb check due at %s\n"
+msgstr "sekva kontrolo de fido-datenaro je %s\n"
 
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: ser�o pri dosieruja registro malsukcesis: %s\n"
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "kontrolas la fido-datenaron\n"
 
-#: g10/trustdb.c:2406
+#: g10/trustdb.c:933
 #, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "�losilo %08lX: en�ovo de fidoregistro malsukcesis: %s\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "publika �losilo %08lX ne trovita: %s\n"
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:1515
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "�losilo %08lX.%lu: en�ovis en fido-datenaron\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "publika �losilo de absolute fidata �losilo %08lX ne trovita\n"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:1593
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 msgstr ""
-"�losilo %08lX.%lu: kreita en la estonteco (tempotordo a� horlo�eraro)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "�losilo %08lX.%lu: eksvalidi�is je %s\n"
-
-#: g10/trustdb.c:2441
-#, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "�losilo %08lX.%lu: fido-kontrolo malsukcesis: %s\n"
-
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "uzanto '%s' ne trovita: %s\n"
-
-#: g10/trustdb.c:2594
-#, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "problemo dum trovo de '%s' en fido-datenaro: %s\n"
-
-#: g10/trustdb.c:2597
-#, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "uzanto '%s' ne estas en fido-datenaro - en�ovas\n"
-
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "malsukcesis meti '%s' en fido-datenaron: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "AVERTO: ne povas trakti longajn preferoregistrojn\n"
+"kontrolas �e profundo %d subskribita=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3321,45 +3790,32 @@ msgstr ""
 "Bonvolu memori, ke la subskribodosiero (.sig a� .asc)\n"
 "devas esti la unua dosiero donita en la komandlinio.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr "enigata linio %u tro longa, a� mankas linifino\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: ne povas krei �losilaron: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: �losilaro kreita\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "AVERTO: ekzistas 2 dosieroj kun sekretaj informoj.\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"�losilo ne estas markita kiel malsekura - ne povas uzi �in kun falsa "
+"stokastilo!\n"
 
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s estas la ne�an�ita\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "ignoris '%s': ripetita\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
-#, c-format
-msgid "%s is the new one\n"
-msgstr "%s estas la nova\n"
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Bonvolu ripari �i tiun eblan sekurecproblemon\n"
-
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "ignoris '%s': %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "ignorita: sekreta �losilo jam �eestas\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3378,90 +3834,98 @@ msgstr "Dosiero '%s' ekzistas. "
 msgid "Overwrite (y/N)? "
 msgstr "�u surskribi (j/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: nekonata sufikso\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Donu novan dosiernomon"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "skribas al la normala eligo\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "supozas subskribitajn datenojn en '%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: nova opcio-dosiero kreita\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: ne povas krei dosierujon: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: dosierujo kreita\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr ""
 "vi devas restartigi GnuPG, por ke �i povu legi la novan opcio-dosieron\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "�ifrita per nekonata metodo %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "%s-�ifritaj datenoj\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "AVERTO: mesa�o estis �ifrita per malforta �losilo en la simetria �ifro.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "problemo �e traktado de �ifrita paketo\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "malforta �losilo kreita - provas denove\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "ne povas eviti malfortajn �losilojn por simetria �ifro; provis %d fojojn!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "mankas sekreta �losilo por �i tiu publika �losilo!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "uzu la opcion \"--delete-secret-key\" por forvi�i �in unue.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr ""
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "ne povas fari tion en neinteraga re�imo sen \"--yes\"\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "�u forvi�i �i tiun �losilon de la �losilaro? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "Tio estas sekreta �losilo! �u vere forvi�i �in? "
 
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "forvi�o de �losilbloko malsukcesis: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "estas sekreta �losilo por la publika �losilo \"%s\"!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "uzu la opcion \"--delete-secret-key\" por forvi�i �in unue.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3473,22 +3937,34 @@ msgstr ""
 "rilatas al la (implicite kreita) atestilo-reto."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Por konstrui la fido-reton, GnuPG devas scii, kiuj �losiloj estas\n"
+"absolute fidataj; normale tiuj estas la �losiloj, por kiuj vi havas\n"
+"aliron al la sekreta �losilo. Respondu \"jes\" por igi �i tiun �losilon\n"
+"absolute fidata\n"
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr ""
 "Se vi tamen volas uzi �i tiun revokitan �losilon, respondu per \"jes\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr ""
 "Se vi tamen volas uzi �i tiun nefidatan �losilon, respondu per \"jes\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr ""
 "Donu la uzantidentigilon de la adresito, al kiu vi volas sendi la mesa�on."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3524,7 +4000,7 @@ msgstr ""
 "La unua (�efa) �losilo devas esti �losilo uzebla por subskribado;\n"
 "tial la nur�ifra ElGamal-�losilo ne estas proponata en �i tiu menuo."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3534,16 +4010,16 @@ msgstr ""
 "rekomendataj, �ar ili ne estas komprenataj de �iuj programoj, kaj\n"
 "subskriboj kreitaj per ili etas iom grandaj kaj malrapide kontroleblaj."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Donu la �losilgrandon"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Respondu per \"jes\" a� \"ne\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3555,19 +4031,19 @@ msgstr ""
 "bonan eraromesa�on; anstata�e la sistemo provas interpreti\n"
 "la donitan valoron kiel gamon."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Donu la nomon de la �losilposedanto"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr "bonvolu doni retadreson (ne devige, sed tre rekomendate)"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Bonvolu doni nedevigan komenton"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3581,15 +4057,85 @@ msgstr ""
 "B  por da�rigi kun la �losilkreado.\n"
 "F  por interrompi la �losilkreadon kaj fini."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Respondu per \"jes\" (a� nur \"j\"), se la sub�losilo estu kreita."
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Kiam vi subskribas uzantidentigilon sur �losilo, vi devas unue kontroli,\n"
+"ke la �losilo apartenas al la persono nomita en la identigilo. Estas\n"
+"utile por aliaj homoj scii, kiom zorge vi kontrolis tion.\n"
+"\n"
+"\"0\" signifas, ke vi faras nenian specifan aserton pri tio, kiel zorge vi\n"
+"    kontrolis la �losilon.\n"
+"\n"
+"\"1\" signifas, ke vi kredas, ke la �losilo apartenas al la homo, kiu\n"
+"    pretendas posedi �in, sed vi ne povis kontroli, a� simple ne\n"
+"    kontrolis la �losilon. Tio estas utila, kiam oni subskribas la\n"
+"    �losilon de pse�donoma uzanto.\n"
+"\n"
+"\"2\" signifas, ke vi malzorge kontrolis la �losilon. Ekzemple, povas esti,\n"
+"    ke vi kontrolis la fingro�puron de la �losilo kaj komparis la\n"
+"    uzantidentigilon sur la �losilo kun foto-identigilo.\n"
+"\n"
+"\"3\" signifas, ke vi zorge kontrolis la �losilon. Ekzemple, povas esti,\n"
+"    ke vi kontrolis la fingro�puron persone �e la posedanto de la\n"
+"    �losilo, kaj vi kontrolis, per malfacile falsebla dokumento kun\n"
+"    foto-identigilo (ekzemple pasporto), ke la nomo de �losilposedanto\n"
+"    kongruas kun la nomo en la uzantidentigilo sur la �losilo, kaj fine\n"
+"    vi kontrolis (per inter�an�o de retmesa�oj), ke la retadreso sur\n"
+"    la �losilo apartenas al la posedanto de la �losilo.\n"
+"\n"
+"Notu, ke la ekzemploj donitaj supre por la niveloj 2 kaj 3 estas nur\n"
+"ekzemploj. Vi devas fine mem decidi, kion precize signifas \"malzorga\"\n"
+"kaj \"zorga\", kiam vi subskribas aliajn �losilojn.\n"
+"\n"
+"Se vi ne scias la �ustan respondon, respondu per \"0\"."
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Respondu per \"jes\", se vi volas subskribi �iujn uzantidentigilojn"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3597,11 +4143,11 @@ msgstr ""
 "Respondu per \"jes\", se vi vere volas forvi�i la uzantidentigilon.\n"
 "Tiam anka� �iuj atestiloj perdi�os!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Respondu per \"jes\", se la sub�losilo estu forvi�ita"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3611,7 +4157,7 @@ msgstr ""
 "�i tiun subskribon, �ar eble �i estos grava por establi fido-ligon\n"
 "al la �losilo a� al alia �losilo atestita per �i tiu �losilo."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3623,7 +4169,7 @@ msgstr ""
 "�losilo estis uzita, �ar la subskribanta �losilo eble establos\n"
 "fido-ligon tra alia jam atestita �losilo."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
@@ -3631,7 +4177,7 @@ msgstr ""
 "La subskribo ne estas valida. Estas prudente forigi �in de\n"
 "via �losilaro."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3645,28 +4191,35 @@ msgstr ""
 "mem-subskribo estas ial nevalida, kaj dua mem-subskribo estas\n"
 "havebla."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
+#, fuzzy
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
 msgstr ""
-"Bonvolu doni la pasfrazon; tio estas sekreta frazo, kiu ne\n"
-"estas facile divenebla."
+"�an�i la preferojn de �iuj uzantidentigiloj (a� nur la elektitaj)\n"
+"al la aktuala listo de preferoj. La dato de �iuj trafitaj\n"
+"mem-subskriboj estos anta�enigitaj je unu sekundo.\n"
+
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Bonvolu doni la pasfrazon; tio estas sekreta frazo \n"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr ""
 "Bonvolu ripeti la pasfrazon, por kontroli, ke vi bone scias, kion vi tajpis."
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr "Donu la nomon de la dosiero, al kiu la subskribo apliki�as"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Respondu per \"jes\", se la dosiero estu surskribita"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3674,15 +4227,14 @@ msgstr ""
 "Bonvolu doni novan dosiernomon. Se vi premas nur ENEN, la implicita\n"
 "dosiero (montrita en parentezo) estos uzata."
 
-#: g10/helptext.c:229
-#, fuzzy
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3703,7 +4255,7 @@ msgstr ""
 "      Uzu �i tion por aserti, ke la uzantidentigilo ne plu estu uzata;\n"
 "      normale oni uzas �i tion por marki retadreson kiel nevalidan.\n"
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
@@ -3713,53 +4265,346 @@ msgstr ""
 "�i tiun revokatestilon. Bonvolu fari �i tiun tekston konciza.\n"
 "Malplena linio finas la tekston.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Nenia helpo disponata"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Nenia helpo disponata por '%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "problemo �e legado de atestilo: %s\n"
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "eraro dum kreado de �losilaro '%s': %s\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "RSA-�losilo ne estas uzebla kun �i tiu versio\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "�an�o de permesoj de '%s' malsukcesis: %s\n"
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Mankas �losilo por uzantidentigilo\n"
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "�losilaro '%s' kreita\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Mankas uzantidentigilo por �losilo\n"
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "malsukcesis rekonstrui �losilaran staplon: %s\n"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "mankas implicita publika �losilaro\n"
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "AVERTO: ekzistas 2 dosieroj kun sekretaj informoj.\n"
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "ne povas �losi la �losilaron '%s': %s\n"
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s estas la ne�an�ita\n"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "�losilo %08lX: ne povas legi originalan �losilblokon: %s\n"
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s estas la nova\n"
 
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: uzanto ne trovita\n"
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Bonvolu ripari �i tiun eblan sekurecproblemon\n"
+
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "kontrolas �losilaron '%s'\n"
+
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu �losiloj jam kontrolitaj (%lu subskriboj)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu �losiloj kontrolitaj (%lu subskriboj)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: �losilaro kreita\n"
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "�u vi vere bezonas tiom grandan �losilgrandon? "
+
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "�losilo %08lX: nia kopio ne havas mem-subskribon\n"
+
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "  �u vi estas certa, ke vi ankora� volas subskribi �in?\n"
+
+#~ msgid "   signed by %08lX at %s\n"
+#~ msgstr "   subskribita per %08lX je %s\n"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key uzantidentigilo"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key uzantidentigilo"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Donu la uzantidentigilon: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "ignorita: publika �losilo jam difinita per --encrypt-to\n"
+
+#~ msgid "sSmMqQ"
+#~ msgstr "iImMfF"
+
+#~ msgid "no keyserver known (use option --keyserver)\n"
+#~ msgstr "neniu �losilservilo konata (uzu la opcion --keyserver)\n"
+
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s: ne valida �losilidentigilo\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NOMOJ]|kontroli la fido-datenaron"
+
+#~ msgid ""
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Ne povis trovi validan fidovojon al la �losilo. Ni vidu, �u eblas\n"
+#~ "atribui iujn mankantajn posedantofido-valorojn.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Nenia vojo trovita, kiu kondukas al unu el niaj �losiloj.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Neniom da atestiloj trovitaj kun nedifinita fidovaloro.\n"
+#~ "\n"
 
 #~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
+#~ "No trust values changed.\n"
+#~ "\n"
 #~ msgstr ""
-#~ "RSA-�losiloj estas malrekomendataj; bonvolu pripensi krei novan �losilon kaj "
-#~ "uzi tiun en la estonteco\n"
+#~ "Neniuj fidovaloroj �an�itaj.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr "%08lX: mankas informoj por kalkuli fidovaloron\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: eraro dum kontrolo de �losilo: %s\n"
 
-#~ msgid "not processed"
-#~ msgstr "ne traktita"
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "tro da registroj en unk-staplo - mal�altas\n"
+
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr "aktualigo de fido-datenaro malsukcesis: %s\n"
 
 #~ msgid "assuming bad MDC due to an unknown critical bit\n"
 #~ msgstr "supozas malbonan sigelon (MDC) pro nekonata \"critical bit\"\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "eraro dum legado de dosieruja registro por LID %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr "lid %lu: atendis dosierujan registron, trovis specon %d\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "mankas �efa �losilo por LID %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr "eraro dum legado de �efa �losilo por LID %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: search_record malsukcesis: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "�losilo %08lX: peto-registro malsukcesis\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "�losilo %08lX: jam en tabelo de fidataj �losiloj\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "NOTO: sekreta �losilo %08lX NE estas protektita.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
+#~ msgstr "�losilo %08lX: sekreta kaj publika �losiloj ne kongruas\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "listigo de sekretaj �losiloj malsukcesis: %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "�losilo %08lX.%lu: Bona sub�losila bindado\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "�losilo %08lX.%lu: Nevalida sub�losila bindado: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "�losilo %08lX.%lu: Valida �losilrevoko\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "�losilo %08lX.%lu: Nevalida �losilrevoko: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "�losilo %08lX.%lu: Valida sub�losilrevoko\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Bona mem-subskribo"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Nevalida mem-subskribo"
+
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
+#~ msgstr "Valida uzantidentigil-revoko ignorita pro pli nova mem-subskribo"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "Valida uzantidentigil-revoko"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Nevalida uzantidentigil-revoko"
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "Valida atestilrevoko"
+
+#~ msgid "Good certificate"
+#~ msgstr "Bona atestilo"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Nevalida atestilrevoko"
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Nevalida atestilo"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "subskribo-registro %lu[%d] montras al mal�usta registro.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "ripetita atestilo - forvi�ita"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "tdbio_search_dir malsukcesis: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lid ?: en�ovo malsukcesis: %s\n"
+
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lid %lu: en�ovo malsukcesis: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lid %lu: en�ovita\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "eraro dum legado de dosieruja registro: %s\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "\t%lu �losiloj en�ovitaj\n"
+
+#~ msgid "enumerate keyblocks failed: %s\n"
+#~ msgstr "listigo de �losilblokoj malsukcesis: %s\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lid %lu: dosieruja registro sen �losilo - ignorita\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "\t%lu pro novaj publikaj �losiloj\n"
+
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "\t%lu �losiloj ignoritaj\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "\t%lu �losiloj aktualigitaj\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Hu, mankas �losiloj\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Hu, mankas uzantidentigiloj\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr "check_trust: ser�o pri dosieruja registro malsukcesis: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr "�losilo %08lX: en�ovo de fidoregistro malsukcesis: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "�losilo %08lX.%lu: en�ovis en fido-datenaron\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
 #~ msgstr ""
-#~ "�losilo ne estas markita kiel malsekura - ne povas uzi �in kun falsa "
-#~ "stokastilo!\n"
+#~ "�losilo %08lX.%lu: kreita en la estonteco (tempotordo a� horlo�eraro)\n"
+
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "�losilo %08lX.%lu: eksvalidi�is je %s\n"
+
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "�losilo %08lX.%lu: fido-kontrolo malsukcesis: %s\n"
+
+#~ msgid "user '%s' not found: %s\n"
+#~ msgstr "uzanto '%s' ne trovita: %s\n"
+
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr "problemo dum trovo de '%s' en fido-datenaro: %s\n"
+
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr "uzanto '%s' ne estas en fido-datenaro - en�ovas\n"
+
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "malsukcesis meti '%s' en fido-datenaron: %s\n"
+
+#~ msgid "too many random bits requested; the limit is %d\n"
+#~ msgstr "tro da stokastaj bitoj petitaj; la limo estas %d\n"
+
+#~ msgid "For info see http://www.gnupg.org"
+#~ msgstr "Por informoj vidu http://www.gnupg.org"
+
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) RSA (subskribi kaj �ifri)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr "�u vi vere volas krei subskriban kaj �ifran �losilon? "
+
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: uzanto ne trovita: %s\n"
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "problemo �e legado de atestilo: %s\n"
+
+#~ msgid "can't lock keyring `%s': %s\n"
+#~ msgstr "ne povas �losi la �losilaron '%s': %s\n"
+
+#~ msgid "%s: user not found\n"
+#~ msgstr "%s: uzanto ne trovita\n"
+
+#~ msgid "WARNING: can't yet handle long pref records\n"
+#~ msgstr "AVERTO: ne povas trakti longajn preferoregistrojn\n"
+
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: ne povas krei �losilaron: %s\n"
+
+#~ msgid "RSA key cannot be used in this version\n"
+#~ msgstr "RSA-�losilo ne estas uzebla kun �i tiu versio\n"
+
+#~ msgid "No key for user ID\n"
+#~ msgstr "Mankas �losilo por uzantidentigilo\n"
+
+#~ msgid "No user ID for key\n"
+#~ msgstr "Mankas uzantidentigilo por �losilo\n"
+
+#~ msgid "invalid"
+#~ msgstr "nevalida"
+
+#~ msgid "revoked"
+#~ msgstr "revokita"
+
+#~ msgid "no secret key for decryption available\n"
+#~ msgstr "mankas sekreta �losilo por mal�ifrado\n"
diff --git a/po/es_ES.po b/po/es.po
index ac414ac36..5d45b834e 100644
--- a/po/es_ES.po
+++ b/po/es.po
@@ -1,311 +1,366 @@
-# Spanish messages for gnupg
-# Urko Lusa <[email protected]>, 1998-99
-# I've tried to mantain the terminology used by Armando Ramos
-# <[email protected]> is his PGP 2.3.6i translation.
-# I also got inspiration from it.po by Marco d'Itri <[email protected]>
+# Mensajes en espa�ol para GnuPG.
+# Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.
+# Urko Lusa <[email protected]>, 1998, 1999.
+#  I've tried to mantain the terminology used by Armando Ramos
+#  <[email protected]> in his PGP 2.3.6i translation.
+#  I also got inspiration from it.po by Marco d'Itri <[email protected]>
+# Jaime Su�rez <[email protected]>, 2001.
 #
-# GPG version: 1.0.0
-msgid ""
-msgstr ""
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 1999-10-27 06:35+0200\n"
-"Content-Type: text/plain; charset=iso-8859-1\n"
-"Date: 1998-11-13 10:49:25+0100\n"
-"From: Urko Lusa <[email protected]>\n"
-"Updated: 1998-01-12\n"
-"By: Luca Olivetti <[email protected]>\n"
-"Xgettext-Options: --default-domain=gnupg --directory=.. --add-comments "
-"--keyword=_ --keyword=N_ --files-from=./POTFILES.in\n"
-"Files: util/secmem.c util/argparse.c cipher/random.c cipher/rand-dummy.c "
-"cipher/rand-unix.c cipher/rand-w32.c g10/g10.c g10/pkclist.c g10/keygen.c "
-"g10/decrypt.c g10/encode.c g10/import.c g10/keyedit.c g10/keylist.c "
-"g10/mainproc.c g10/passphrase.c g10/plaintext.c g10/pref.c g10/seckey-cert.c "
-"g10/sig-check.c g10/sign.c g10/trustdb.c g10/verify.c\n"
-
-#: util/miscutil.c:278 util/miscutil.c:307
+msgid ""
+msgstr ""
+"Project-Id-Version: GNU gnupg 1.0.6\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-22 21:27+0200\n"
+"Last-Translator: Jaime Su�rez <[email protected]>\n"
+"Language-Team: Spanish <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "ATENCI�N: �se est� usando memoria insegura!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr ""
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "operaci�n imposible sin memoria segura inicializada\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(es posible que haya usado el programa incorrecto para esta tarea)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "s�"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "sS"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
-msgstr ""
+msgstr "no"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
-msgstr ""
+msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
-msgstr ""
+msgstr "salir"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
-msgstr ""
+msgstr "sS"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "Error general"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "Formato desconocido"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "Versi�n desconocida"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "Algoritmo de clave p�blica desconocido"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "Algoritmo desconocido de resumen de mensaje"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "Clave p�blica incorrecta"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "Clave secreta incorrecta"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "Firma incorrecta"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
-msgstr "Error en suma de comprobaci�n"
-
-#: util/errors.c:64
+msgstr "Error en la suma de comprobaci�n"
+
+# �Por qu� no frase de paso?
+# Porque todo el mundo sabe lo que es una contrase�a
+# y una "frase de paso" no. Soy consciente de que se
+# traduce igual password y passphrase pero el contexto
+# permite saber de lo que se est� hablando.
+# No s�, no s�.
+# �Por qu� los ingleses entonces s� que saben lo que es un "passphrase"?
+# �Es que son m�s listos? :-)
+#
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "Contrase�a incorrecta"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "Clave p�blica no encontrada"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "Algoritmo de cifrado desconocido"
 
-#: util/errors.c:67
+# �y llavero?
+# Hombre... las claves son parecidas a las llaves pero no lo mismo
+# toda la literatura en castellano usa "anillos de claves" si un
+# programa nos habla del llavero �no puedo abrir el llavero? nos
+# miraremos en el bolsillo bastante desconcertados. No creo que se
+# trate de establecer una nomenclatura propia.
+# A lo mejor toda esa literatura est� producida por gente que no sab�a
+# c�mo se dice llavero en ingl�s...
+# Si los ingleses dicen llavero en su idioma �por qu� no vamos a poder
+# nosotros decir lo mismo en el nuestro?
+#: util/errors.c:66
 msgid "can't open the keyring"
-msgstr "No se puede abrir el anillo"
+msgstr "No se puede abrir el anillo de claves"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
-msgstr "Valor no v�lido"
+msgstr "Paquete inv�lido"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
-msgstr "Armadura no v�lida"
+msgstr "Armadura inv�lida"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "No existe el ID de usuario"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "Clave secreta no disponible"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "Clave secreta incorrecta"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
-msgstr "No soportado"
+msgstr "No disponible"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "Clave incorrecta"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "Error de lectura"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "error de escritura"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "Algoritmo de compresi�n desconocido"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "Error al abrir fichero"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "Error al crear fichero"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "Contrase�a incorrecta"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "Algoritmo de clave p�blica no implementado"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "Algoritmo de cifrado no implementado"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "Clase de firma desconocida"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "Error en la base de datos de confianza"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "MPI incorrecto"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "L�mite de recurso"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
-msgstr "Anillo no v�lido"
+msgstr "Anillo inv�lido"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "Certificado incorrecto"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "ID de usuario mal formado"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "Error al cerrar fichero"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "Error al renombrar fichero"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "Error al borrar fichero"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "Datos inesperados"
 
-#: util/errors.c:94
+# o tal vez "en el sello..."
+# Creo que es mejor "con el sello de fecha", no es un conflicto
+# del sello en si mismo sino en relaci�n con el mensaje.
+# Ok.
+#: util/errors.c:93
 msgid "timestamp conflict"
-msgstr "Conflicto con sello de fecha"
+msgstr "Conflicto con el sello de fecha"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "Algoritmo de clave p�blica no utilizable"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
-msgstr "El fichero existe."
+msgstr "El fichero existe"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "Clave d�bil"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
-msgstr "Argumento no v�lido"
+msgstr "Argumento inv�lido"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "URI incorrecto"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
-msgstr "URI no soportado"
+msgstr "URI no disponible"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "Error de red"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "No cifrado"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "no procesado"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "Clave p�blica inutilizable"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "Clave secreta inutilizable"
+
+#: util/errors.c:107
+#, fuzzy
+msgid "keyserver error"
+msgstr "Error general"
+
+# bicho :-)
+# �Error simplemente?
+# Uf, preferir�a bug, si leo "error" voy a pensar en otra cosa distinta...
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... esto es un bug (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
-msgstr "Ha encontrado Vd. un bug... (%s:%d)\n"
+msgstr "Ha encontrado un error... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
-msgstr "no puede abrirse `%s': %s\n"
+msgstr "no se puede abrir `%s': %s\n"
 
-#: cipher/random.c:325
-#, fuzzy, c-format
+#: cipher/random.c:324
+#, c-format
 msgid "can't stat `%s': %s\n"
-msgstr "no puede abrirse `%s': %s\n"
+msgstr "no se puede obtener informaci�n de `%s': %s\n"
 
-#: cipher/random.c:330
+# ignore no es ignorar, es no tener en cuenta, ignorar es not to know.
+# Sugerencia: descartar.
+# Sugerencia a la sugerencia: �qu� tal omitido? (pasar en silencio una
+# cosa; excluirla de lo que se habla o escribe) dice el diccionario.
+# Bien. Tambi�n se puede poner "descartado".
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
-msgstr ""
+msgstr "`%s` no es un fichero regular - omitido\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
-msgstr ""
+msgstr "nota: el fichero de semillas aleatorias est� vac�o\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
+"atenci�n: tama�o incorrecto del fichero de semillas aleatorias - no se usa\n"
 
-#: cipher/random.c:349
-#, fuzzy, c-format
+#: cipher/random.c:348
+#, c-format
 msgid "can't read `%s': %s\n"
-msgstr "no puede abrirse `%s': %s\n"
+msgstr "no se puede leer `%s': %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
-msgstr ""
+msgstr "nota: el fichero de semillas aleatorias no se ha actualizado\n"
 
-#: cipher/random.c:407
-#, fuzzy, c-format
+#: cipher/random.c:406
+#, c-format
 msgid "can't create `%s': %s\n"
-msgstr "no puede crearse %s: %s\n"
+msgstr "no se puede crear %s: %s\n"
 
-#: cipher/random.c:414
-#, fuzzy, c-format
+#: cipher/random.c:413
+#, c-format
 msgid "can't write `%s': %s\n"
-msgstr "no puede abrirse `%s': %s\n"
+msgstr "no se puede escribir `%s': %s\n"
 
-#: cipher/random.c:417
-#, fuzzy, c-format
-msgid "can't close `%s': %s\n"
-msgstr "no puede abrirse `%s': %s\n"
-
-#: cipher/random.c:428
+#: cipher/random.c:416
 #, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
+msgid "can't close `%s': %s\n"
+msgstr "no se puede cerrar `%s': %s\n"
 
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
-msgstr ""
-"ATENCI�N: �se est� usando un generador de n�meros aleatorios inseguro!\n"
+msgstr "ATENCI�N: �usando un generador de n�meros aleatorios inseguro!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -313,13 +368,13 @@ msgid ""
 "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
 "\n"
 msgstr ""
-"EL generador de n�meros aleatorios es s�lo un apa�o\n"
-"para poder compilar. �No es en absoluto seguro!\n"
+"El generador de n�meros aleatorios es s�lo un apa�o\n"
+"para poder compilar. �No es en absoluto un generador seguro!\n"
 "\n"
-"�NO USE NING�N DATO GENERADO POR ESTE PROGRAMA!\n"
+"�NO USE DATOS GENERADOS POR ESTE PROGRAMA!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -331,160 +386,182 @@ msgstr ""
 "otro trabajo para que el sistema pueda recolectar m�s entrop�a\n"
 "(se necesitan %d bytes m�s).\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "ATENCI�N: �se est� usando memoria insegura!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "operaci�n imposible sin memoria segura inicializada\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(es posible que haya usado el programa incorrecto para esta tarea)\n"
-
-#: g10/gpg.c:201
+# �rdenes, please...
+# S�, este no he podido ser yo :-) Por cierto, �por qu� la O no se
+# puede acentuar? �demasiado alta?
+# �Qui�n dice que no se puede? :-)
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
 msgstr ""
-"@Comandos:\n"
+"@�rdenes:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
-msgstr "|[file]|hace una firma"
+msgstr "|[file]|crea una firma"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
-msgstr "|[file]|hace una firma en texto claro"
+msgstr "|[file]|crea una firma en texto claro"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
-msgstr "hace una firma separada"
+msgstr "crea una firma separada"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "cifra datos"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr ""
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "cifra s�lo con un cifrado sim�trico"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "s�lo almacenar"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "descifra datos (predefinido)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr ""
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "verifica una firma"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "lista claves"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "lista claves y firmas"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "comprueba las firmas de las claves"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "lista claves y huellas dactilares"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "lista claves secretas"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "genera un nuevo par de claves"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
+#: g10/g10.c:307
+#, fuzzy
+msgid "remove keys from the public keyring"
 msgstr "elimina la clave del anillo p�blico"
 
-#: g10/gpg.c:221
+#: g10/g10.c:309
 #, fuzzy
-msgid "remove key from the secret keyring"
-msgstr "elimina la clave del anillo p�blico"
+msgid "remove keys from the secret keyring"
+msgstr "elimina la clave del anillo privado"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "firma la clave"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "firma la clave localmente"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+#, fuzzy
+msgid "sign a key non-revocably"
+msgstr "firma la clave localmente"
+
+#: g10/g10.c:313
+#, fuzzy
+msgid "sign a key locally and non-revocably"
+msgstr "firma la clave localmente"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "firma o modifica una clave"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "genera un certificado de revocaci�n"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "exporta claves"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "exporta claves a un servidor de claves"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "importa claves desde un servidor de claves"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+#, fuzzy
+msgid "search for keys on a key server"
+msgstr "exporta claves a un servidor de claves"
+
+#: g10/g10.c:322
+#, fuzzy
+msgid "update all keys from a keyserver"
+msgstr "importa claves desde un servidor de claves"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "importa/fusiona claves"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "lista s�lo la secuencia de paquetes"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "exporta los valores de confianza"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "importa los valores de confianza"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "actualiza la base de datos de confianza"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NOMBRES]|comprueba la base de datos de confianza"
+#: g10/g10.c:336
+#, fuzzy
+msgid "unattended trust database update"
+msgstr "actualiza la base de datos de confianza"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "arregla una base de datos de confianza da�ada"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
-msgstr "quita la armadura de un fichero o stdin"
+msgstr "quita la armadura de un fichero o de la entrada est�ndar"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
-msgstr "crea la armadura a un fichero o stdin"
+msgstr "crea la armadura a un fichero o a la entrada est�ndar"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [ficheros]|imprime res�menes de mensaje"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -494,168 +571,223 @@ msgstr ""
 "Opciones:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "crea una salida ascii con armadura"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NOMBRE|cifra para NOMBRE"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NOMBRE|usa NOMBRE como destinatario por defecto"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "usa la clave por defecto como destinatario"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "usa este usuario para firmar o descifrar"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|nivel de compresi�n N (0 no comprime)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "usa modo de texto can�nico"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "usa como fichero de salida"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "prolijo"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "algo m�s discreto"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "no usa la terminal en absoluto"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "fuerza firmas v3"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+#, fuzzy
+msgid "do not force v3 signatures"
+msgstr "fuerza firmas v3"
+
+#: g10/g10.c:377
+#, fuzzy
+msgid "force v4 key signatures"
+msgstr "fuerza firmas v3"
+
+#: g10/g10.c:378
+#, fuzzy
+msgid "do not force v4 key signatures"
+msgstr "fuerza firmas v3"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "siempre usa un MCD para cifrar"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+#, fuzzy
+msgid "never use a MDC for encryption"
+msgstr "siempre usa un MCD para cifrar"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "no hace ning�n cambio"
 
+# usa
+# Vale.
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "usa el agente gpg"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "proceso por lotes: nunca preguntar"
 
-#: g10/gpg.c:280
+# assume -> suponer, no asumir
+# No estoy seguro. El diccionario Collins en la acepci�n b) de asumir
+# dice "b) (suponer) to assume, suppose..."
+# Adem�s una de las acepciones de asumir es "aceptar algo" y suponer
+# viene a ser asumir una idea como propia. Suponer "s�" en casi todas las
+# preguntas no me acaba de gustar.
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "asume \"s�\" en casi todas las preguntas"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "asume \"no\" en casi todas las preguntas"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "a�ade este anillo a la lista de anillos"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "a�ade este anillo secreto a la lista"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr ""
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NOMBRE|usa NOMBRE como clave secreta por defecto"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|SERVIDOR|usa este servidor de claves"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NOMBRE|usa el juego de caracteres NOMBRE"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "lee opciones del fichero"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
-msgstr "|DF|escribe informaci�n de estado en descriptor DF"
+msgstr "|DF|escribe informaci�n de estado en este descriptor de fichero"
+
+#: g10/g10.c:404
+#, fuzzy
+msgid "|[file]|write status info to file"
+msgstr "|DF|escribe informaci�n de estado en este descriptor de fichero"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
 msgstr "|ID-CLAVE|conf�a plenamente en esta clave"
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|FICHERO|carga m�dulo de extensiones FICHERO"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "emula el modo descrito en la RFC1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
-msgstr ""
-"todas las opciones de paquete, cifrado y\n"
-"resumen tipo OpenPGP"
+msgstr "todas las opciones de paquete, cifrado y resumen tipo OpenPGP"
+
+#: g10/g10.c:414
+#, fuzzy
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "todas las opciones de paquete, cifrado y resumen tipo OpenPGP"
 
-#: g10/gpg.c:300
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|usa modo de contrase�a N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr ""
-"|NOMBRE|usa algoritmo de resumen de mensaje NOMBRE\n"
-"para las contrase�as"
+"|NOMBRE|usa algoritmo de resumen de mensaje NOMBRE para las contrase�as"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
-msgstr ""
-"|NOMBRE|usa el algoritmo de cifrado NOMBRE para las\n"
-"contrase�as"
+msgstr "|NOMBRE|usa el algoritmo de cifrado NOMBRE para las contrase�as"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NOMBRE|usa el algoritmo de cifrado NOMBRE"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NOMBRE|usa algoritmo de resumen de mensaje NOMBRE"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|usa el algoritmo de compresi�n N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr "elimina campo keyid de los paquetes cifrados"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr ""
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NOMBRE=VALOR|usa estos datos de notaci�n"
 
-#: g10/gpg.c:312
+# ordenes -> �rdenes
+# p�gina man -> p�gina de manual
+# Vale. �del manual mejor?
+# Hmm, no s�, en man-db se usa "de". La verdad es que no lo he pensado.
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
+"@\n"
+"(V�ase en la p�gina del manual la lista completo de �rdenes y opciones)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -675,217 +807,285 @@ msgstr ""
 " --list-keys [nombres]      muestra las claves\n"
 " --fingerprint [nombres]    muestra las huellas dactilares\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr "Por favor, informe de posibles \"bugs\" a <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Uso: gpg [opciones] [ficheros] (-h para ayuda)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
 "default operation depends on the input data\n"
 msgstr ""
 "Sintaxis: gpg [opciones] [ficheros]\n"
-"Firma, comprueba, cifra o descifra.\n"
-"La operaci�n por defecto depende del tipo de datos de entrada.\n"
+"firma, comprueba, cifra o descifra\n"
+"la operaci�n por defecto depende del tipo de datos de entrada.\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
 msgstr ""
 "\n"
-"Algoritmos soportados:\n"
+"Algoritmos disponibles:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "uso: gpg [opciones] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
-msgstr "comandos incompatibles\n"
-
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
+msgstr "�rdenes incompatibles\n"
 
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "NOTA: no existe el fichero de opciones predefinido `%s'\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "fichero de opciones `%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "leyendo opciones desde `%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s no es un juego de caracteres v�lido\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr ""
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "ATENCI�N `%s' es un fichero vac�o\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
-msgstr "ATENCI�N: �el programa podr�a crear un fichero core dump!\n"
+msgstr "ATENCI�N: �el programa podr�a volcar un fichero core!\n"
+
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr ""
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "NOTA: �%s no es para uso normal!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "�%s no permitido con %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "�%s no tiene sentido con %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr ""
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
-msgstr "el algoritmo de cifrado seleccionado no es v�lido\n"
+msgstr "el algoritmo de cifrado seleccionado es inv�lido\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
-msgstr "el algoritmo de resumen seleccionado no es v�lido\n"
+msgstr "el algoritmo de resumen seleccionado no inv�lido\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "URL de pol�tica no v�lida\n"
+#: g10/g10.c:1492
+#, fuzzy
+msgid "the given signature policy URL is invalid\n"
+msgstr "URL de pol�tica inv�lida\n"
+
+#: g10/g10.c:1496
+#, fuzzy
+msgid "the given certification policy URL is invalid\n"
+msgstr "URL de pol�tica inv�lida\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "el algoritmo de compresi�n debe estar en el rango %d-%d\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "completes-needed debe ser mayor que 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "marginals-needed debe ser mayor que 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "max-cert-depth debe estar en el rango 1-255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "NOTA: el modo S2K simple (0) no es nada recomendable\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "modo S2K incorrecto; debe ser 0, 1 o 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+#, fuzzy
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "modo S2K incorrecto; debe ser 0, 1 o 3\n"
+
+#: g10/g10.c:1519
+#, fuzzy
+msgid "invalid preferences\n"
+msgstr "muestra preferencias"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "inicializaci�n de la base de datos de confianza fallida: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [nombre_fichero]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [nombre_fichero]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [nombre_fichero]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [nombre_fichero]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [nombre_fichero]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+#, fuzzy
+msgid "--sign --symmetric [filename]"
+msgstr "--symmetric [nombre_fichero]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [nombre_fichero]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [nombre_fichero]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key id-usuario"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key id-usuario"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key id-usuario [comandos]"
+#: g10/g10.c:1746
+#, fuzzy
+msgid "--nrsign-key user-id"
+msgstr "--sign-key id-usuario"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key id-usuario"
+#: g10/g10.c:1754
+#, fuzzy
+msgid "--nrlsign-key user-id"
+msgstr "--lsign-key id-usuario"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key id-usuario"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key id-usuario [�rdenes]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
-msgstr "no puede abrirse `%s': %s\n"
+msgstr "no se puede abrir `%s': %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [id-usuario] [anillo]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "eliminaci�n de armadura fallida: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "creaci�n de armadura fallida: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
-msgstr "algoritmo de distribuci�n no v�lido `%s'\n"
+msgstr "algoritmo de distribuci�n inv�lido `%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[nombre_fichero]"
 
-#: g10/gpg.c:1605
+# Falta un espacio.
+# En espa�ol no se deja espacio antes de los puntos suspensivos
+# (Real Academia dixit) :)
+# Tomo nota :-). Este comentario d�jalo siempre.
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Adelante, teclee su mensaje...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
-msgstr "no puede abrirse `%s'\n"
+msgstr "no se puede abrir `%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
-msgstr "El primer caracter de una notaci�n debe ser una letra o un subrayado\n"
+msgstr "El primer car�cter de una notaci�n debe ser una letra o un subrayado\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -893,158 +1093,138 @@ msgstr ""
 "un nombre de notaci�n debe tener s�lo letras, d�gitos, puntos o subrayados, "
 "y acabar con un '='\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr "los puntos en una notaci�n deben estar rodeados por otros caracteres\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "un valor de notaci�n no debe usar ning�n caracter de control\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "armadura: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
-msgstr "cabecera de armadura no v�lida: "
+msgstr "cabecera de armadura inv�lida: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "cabecera de armadura: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
-msgstr "cabecera de firma clara no v�lida\n"
+msgstr "cabecera de firma clara inv�lida\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "firmas en texto claro anidadas\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
-msgstr "L�nea con guiones no v�lida: "
+msgstr "L�nea con guiones inv�lida: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "armadura inesperada"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
-msgstr "caracteres no v�lidos radix64 %02x ignorados\n"
+msgstr "caracteres inv�lidos radix64 %02x omitidos\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
-msgstr "Fin de fichero prematuro\n"
+msgstr "Fin de fichero prematuro (falta suma de comprobaci�n)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "Fin de suma de comprobaci�n prematuro\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "Suma de comprobaci�n mal creada\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "Error en suma de comprobaci�n: %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "fin de fichero prematuro (en el cierre)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "error en la l�nea de cierre\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "no se han encontrados datos OpenPGP v�lidos\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "armadura incorrecta: l�nea m�s larga de %d caracteres\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "caracter \"quoted printable\" en la armadura - probablemente se us�\n"
 "un MTA defectuoso\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "         Huella dactilar:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Huella dactilar:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
-msgstr ""
+msgstr "No se dio ninguna raz�n"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
-msgstr "La clave est� protegida.\n"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "La clave ha sido reemplazada."
 
-#: g10/pkclist.c:121
-#, fuzzy
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
-msgstr "Esta clave est� deshabilitada"
+msgstr "La clave ha sido comprometida"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
-msgstr ""
+msgstr "La clave ya no est� en uso"
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
-msgstr ""
+msgstr "El identificador de usuario ya no es v�lido"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
-msgstr ""
+msgstr "Raz�n para la revocaci�n: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
-msgstr ""
+msgstr "Comentario a la revocaci�n: "
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "iImMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr ""
 
-#: g10/pkclist.c:308
-#, c-format
+#: g10/pkclist.c:258
+#, fuzzy, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
 "No hay confianza definida para %lu:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
+#, fuzzy
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Por favor, decida su nivel de confianza para que este usuario\n"
 "verifique las claves de otros usuarios (mirando pasaportes,\n"
@@ -1056,104 +1236,108 @@ msgstr ""
 " 4 = Me f�o completamente\n"
 " i = Mostrar m�s informaci�n\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr ""
+
+#: g10/pkclist.c:274
+#, fuzzy, c-format
+msgid " %d = I do NOT trust\n"
+msgstr "%08lX: �Esta clave NO es de confianza!\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr ""
+
+#: g10/pkclist.c:276
+#, fuzzy, c-format
+msgid " %d = I trust fully\n"
+msgstr "%s: no es una base de datos de confianza\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr ""
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr ""
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = volver al men� principal\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr ""
+
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = salir\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Su decisi�n: "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+#, fuzzy
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "�De verdad quiere borrar esta clave? "
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Certificados que llevan a una clave de confianza absoluta:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"No puede encontrarse una ruta de confianza v�lida para esta clave. Veamos\n"
-"si es posible asignar algunos valores de confianza perdidos.\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"No se ha encontrado ninguna ruta con una de nuestras claves.\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"No se ha encontrado ning�n certificado sin valor de confianza.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"No se cambi� ning�n valor de confianza.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "clave %08lX: �esta clave ha sido revocada!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "�Usar esta clave de todas formas? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "clave %08lX: �esta subclave ha sido revocada!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: clave caducada\n"
 
-#: g10/pkclist.c:519
-#, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: no hay informaci�n para calcular la probabilidad de confianza\n"
+#: g10/pkclist.c:442
+#, fuzzy, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr "          No hay indicios de que la firma pertenezca al propietario.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: �Esta clave NO es de confianza!\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
 "but it is accepted anyway\n"
 msgstr ""
-"%08lX: No hay seguridad que esta clave pertenezca realmente a su "
-"proprietario\n"
-"pero se acepta igualmente\n"
+"%08lX: No hay seguridad que esta clave pertenezca realmente a su \n"
+"proprietario pero se acepta igualmente\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Esta clave probablemente pertenece a su proprietario\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Esta clave nos pertenece\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1165,172 +1349,199 @@ msgstr ""
 "\"s�\" a la siguiente pregunta.\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "ATENCI�N: �Usando una clave no fiable!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "ATENCI�N: �Esta clave ha sido revocada por su propietario!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "          Esto puede significar que la firma est� falsificada.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "ATENCI�N: �Esta clave ha sido revocada por su propietario!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+#, fuzzy
+msgid "Note: This key has been disabled.\n"
+msgstr "Esta clave est� deshabilitada"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
-msgstr "Nota: �Esta clave est� caducada!\n"
+msgstr "Nota: �Esta clave ha caducado!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr ""
 "ATENCI�N: �Esta clave no est� certificada por una firma de confianza!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr "          No hay indicios de que la firma pertenezca al propietario.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "ATENCI�N: �Esta clave NO es de confianza!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "          La firma es probablemente una FALSIFICACI�N.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "ATENCI�N: �Esta clave no est� certificada con suficientes firmas de "
 "confianza!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr "          No es seguro que la firma pertenezca al propietario.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
-msgstr "%s: ignorado: %s\n"
+msgstr "%s: omitido: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
-msgstr "%s: ignorado: clave p�blica ya presente\n"
+msgstr "%s: omitida: clave p�blica ya presente\n"
 
-#: g10/pkclist.c:855
-msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
-"\n"
+#: g10/pkclist.c:752
+#, fuzzy
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
 msgstr ""
 "No se ha especificado un ID de usuario (puede usar \"-r\")\n"
 "\n"
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Introduzca el ID de usuario: "
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
 
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "ID de usuario inexistente.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
-msgstr "ignorado: clave p�blica ya designada como destinataria por defecto\n"
+msgstr "omitida: clave p�blica ya designada como destinataria por defecto\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "Clave p�blica deshabilitada.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "ignorado: clave p�blica ya designada con --encrypt-to\n"
+#: g10/pkclist.c:806
+#, fuzzy
+msgid "skipped: public key already set\n"
+msgstr "%s: omitida: clave p�blica ya presente\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "desconocido el destinatario predefinido `%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: error comprobando la clave: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
-msgstr "%s: ignorado: clave p�blica deshabilitada\n"
+msgstr "%s: omitida: clave p�blica deshabilitada\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "no hay direcciones v�lidas\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr ""
+
+#: g10/keygen.c:187
+#, fuzzy, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "`%s' omitido: duplicado\n"
+
+#: g10/keygen.c:192
+#, fuzzy, c-format
+msgid "too many `%c' preferences\n"
+msgstr "Demasiadas preferencias"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "Caracter inv�lido en el nombre\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "escribiendo autofirma\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "escribiendo la firma de comprobaci�n de clave\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
-#, fuzzy, c-format
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
 msgid "keysize invalid; using %u bits\n"
-msgstr "El tama�o requerido es de %u bits\n"
+msgstr "tama�o de clave incorrecto; se usar�n %u bits\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
-#, fuzzy, c-format
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
 msgid "keysize rounded up to %u bits\n"
-msgstr "redondeados a %u bits\n"
+msgstr "tama�o de clave redondeado a %u bits\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Por favor seleccione tipo de clave deseado:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA y ElGamal (por defecto)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
-msgstr "   (%d) DSA (s�lo firma)\n"
+msgstr "   (%d) DSA (s�lo firmar)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
-msgstr "   (%d) ElGamal (s�lo cifrado)\n"
+msgstr "   (%d) ElGamal (s�lo cifrar)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (firma y cifrado)\n"
+msgstr "   (%d) ElGamal (firmar y cifrar)\n"
+
+#: g10/keygen.c:784
+#, fuzzy, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) DSA (s�lo firmar)\n"
 
-#: g10/keygen.c:643
+#: g10/keygen.c:786
 #, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (firma y cifrado)\n"
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) ElGamal (s�lo cifrar)\n"
 
-#: g10/keygen.c:647
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Su elecci�n: "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "�De verdad quiere crear una clave de firma y cifrado? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "El uso de este algoritmo est� desaconsejado - �crear de todas formas?"
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
-msgstr "Elecci�n no v�lida.\n"
+msgstr "Elecci�n inv�lida.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1343,21 +1554,20 @@ msgstr ""
 "        el tama�o por defecto es 1024 bits\n"
 " el tama�o m�ximo recomendado es 2048 bits\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "�De qu� tama�o quiere la clave (1024)? "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA s�lo permite tama�os desde 512 a 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "tama�o insuficiente; 768 es el valor m�nimo permitido\n"
-
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr "tama�o de clave insuficiente; 1024 es el m�nimo permitido para RSA.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
 msgstr "tama�o insuficiente; 768 es el valor m�nimo permitido\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
@@ -1368,47 +1578,42 @@ msgstr "tama�o insuficiente; 768 es el valor m�nimo permitido\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "tama�o excesivo; %d es el m�ximo valor permitido.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
 msgstr ""
 "No se recomiendan claves de m�s de 2048 bits porque\n"
-"el tiempo de computaci�n es REALMENTE largo.\n"
+"�el tiempo de c�lculo es REALMENTE largo!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "�Seguro que quiere una clave de este tama�o? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
 msgstr ""
-"De acuerdo, �pero tenga en cuenta que las radiaciones de su monitor y "
-"teclado\n"
-"tambi�n son vulnerables a un ataque!\n"
-
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "�De verdad necesita una clave tan grande? "
+"De acuerdo, �pero tenga en cuenta que las radiaciones de su monitor y\n"
+"teclado tambi�n son vulnerables a un ataque!\n"
 
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "El tama�o requerido es de %u bits\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "redondeados a %u bits\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1424,35 +1629,60 @@ msgstr ""
 "      <n>m = la clave caduca en n meses\n"
 "      <n>y = la clave caduca en n a�os\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+#, fuzzy
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Por favor, especifique el per�odo de validez de la clave.\n"
+"         0 = la clave nunca caduca\n"
+"      <n>  = la clave caduca en n d�as\n"
+"      <n>w = la clave caduca en n semanas\n"
+"      <n>m = la clave caduca en n meses\n"
+"      <n>y = la clave caduca en n a�os\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "�Validez de la clave (0)? "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+#, fuzzy
+msgid "Signature is valid for? (0) "
+msgstr "�Validez de la clave (0)? "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
-msgstr "valor no v�lido\n"
+msgstr "valor inv�lido\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
+#: g10/keygen.c:985
+#, fuzzy, c-format
+msgid "%s does not expire at all\n"
 msgstr "La clave nunca caduca\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
-#, c-format
-msgid "Key expires at %s\n"
+#: g10/keygen.c:992
+#, fuzzy, c-format
+msgid "%s expires at %s\n"
 msgstr "La clave caduca el %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
 msgstr ""
+"Su sistema no puede mostrar fechas m�s all� del 2038.\n"
+"Sin embargo funcionar� correctamente hasta el 2106.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "�Es correcto (s/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1462,52 +1692,50 @@ msgid ""
 "\n"
 msgstr ""
 "\n"
-"Necesita un identificativo de usuario para identificar su clave. El "
-"programa\n"
-"construye el identificativo a partir del Nombre Real, Comentario y "
-"Direcci�n\n"
+"Necesita un identificador de usuario para identificar su clave. El programa\n"
+"construye el identificador a partir del Nombre Real, Comentario y Direcci�n\n"
 "de Correo Electr�nico de esta forma:\n"
 "    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Nombre y apellidos: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
-msgstr "Caracter no v�lido en el nombre\n"
+msgstr "Caracter inv�lido en el nombre\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "El nombre no puede empezar con un n�mero\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "El nombre debe tener al menos 5 caracteres\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Direcci�n de correo electr�nico: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
-msgstr "Direcci�n no v�lida\n"
+msgstr "Direcci�n inv�lida\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Comentario: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
-msgstr "Caracter no v�lido en el comentario\n"
+msgstr "Caracter inv�lido en el comentario\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Est� usando el juego de caracteres `%s'.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1518,28 +1746,29 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr ""
+"Por favor no ponga la direcci�n de correo-e en el nombre realo en el "
+"comentario\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnCcDdVvSs"
 
-#: g10/keygen.c:986
-#, fuzzy
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
-msgstr "�Cambia (N)ombre, (C)omentario, (D)irecci�n o (V)ale/(S)alir? "
+msgstr "�Cambia (N)ombre, (C)omentario, (D)irecci�n o (S)alir? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "�Cambia (N)ombre, (C)omentario, (D)irecci�n o (V)ale/(S)alir? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
-msgstr ""
+msgstr "Por favor corrija primero el error.\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1547,11 +1776,17 @@ msgstr ""
 "Necesita una contrase�a para proteger su clave secreta.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+#, fuzzy
+msgid "passphrase not correctly repeated; try again"
 msgstr "contrase�a repetida incorrecta, int�ntelo de nuevo.\n"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr ""
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1563,7 +1798,7 @@ msgstr ""
 "la opci�n \"--edit-key\".\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1576,43 +1811,67 @@ msgstr ""
 "generador de n�meros aleatorios mayor oportunidad de recoger suficiente\n"
 "entrop�a.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "El par de claves DSA tendr� 1024 bits.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Creaci�n de claves cancelada.\n"
 
-#: g10/keygen.c:1668
-#, fuzzy, c-format
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
 msgid "writing public key to `%s'\n"
-msgstr "escribiendo certificado p�blico en `%s'\n"
+msgstr "escribiendo clave p�blica en `%s'\n"
 
-#: g10/keygen.c:1669
-#, fuzzy, c-format
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
 msgid "writing secret key to `%s'\n"
-msgstr "escribiendo certificado privado en `%s'\n"
+msgstr "escribiendo clave privada en `%s'\n"
+
+#: g10/keygen.c:1952
+#, fuzzy, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "clave %08lX: clave p�blica no encontrada: %s\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1958
+#, fuzzy, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "no puede bloquearse el anillo secreto: %s\n"
+
+#: g10/keygen.c:1972
+#, fuzzy, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "error escribiendo anillo `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, fuzzy, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "error escribiendo anillo `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
-msgstr "Claves p�blica y secreta creadas y firmadas.\n"
+msgstr "claves p�blica y secreta creadas y firmadas.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+#, fuzzy
+msgid "key marked as ultimately trusted.\n"
+msgstr "Certificados que llevan a una clave de confianza absoluta:\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
 msgstr ""
 "Tenga en cuenta que esta clave no puede ser usada para cifrado. Puede usar\n"
-"el comando \"--edit-key\" para crear una clave secundaria con este "
-"prop�sito.\n"
+"la orden \"--edit-key\" para crear una clave secundaria con este prop�sito.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "Creaci�n de la clave fallida: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1620,7 +1879,7 @@ msgstr ""
 "clave p�blica creada %lu segundos en el futuro (salto en el tiempo o\n"
 "problemas con el reloj)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1628,402 +1887,546 @@ msgstr ""
 "clave p�blica creada %lu segundos en el futuro (salto en el tiempo o\n"
 "problemas con el reloj)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "NOTA: crear subclaves para claves V3 no sigue el est�ndar OpenPGP\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "�Crear de verdad? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr ""
+
+#: g10/encode.c:92 g10/encode.c:296
+#, fuzzy, c-format
+msgid "`%s' already compressed\n"
+msgstr "se han procesado %lu claves\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
-msgstr "%s: no puede abrirse: %s\n"
+msgstr "%s: no se puede abrir: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "error creando contrase�a: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: ATENCI�N: fichero vac�o\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "leyendo desde `%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s cifrado para: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
-#, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: usuario no encontrado: %s\n"
+#: g10/delkey.c:69 g10/export.c:141
+#, fuzzy, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "usuario '%s' no encontrado: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, fuzzy, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "error leyendo `%s': %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
-msgstr "clave %08lX: no es conforme a rfc2440 - ignorada\n"
+msgstr "clave %08lX: no es conforme a rfc2440 - omitida\n"
 
-#: g10/export.c:175
-#, fuzzy, c-format
+#: g10/export.c:180
+#, c-format
 msgid "key %08lX: not protected - skipped\n"
-msgstr "clave %08lX: no es conforme a rfc2440 - ignorada\n"
+msgstr "clave %08lX: no protegida - omitida\n"
+
+#: g10/export.c:188
+#, fuzzy, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "clave %08lX: clave nueva - omitida\n"
 
-#: g10/export.c:225
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "ATENCI�N: no se ha exportado nada\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "demasiados registros en la cache pk - anulada\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "demasiados registros en la cache unk - anulada\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[Identificador de usuario no encontrado]"
+
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "usando clave secundaria %08lX en vez de clave primaria %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
-msgstr "clave %08lX: clave secreta sin clave p�blica - ignorada\n"
+msgstr "clave %08lX: clave secreta sin clave p�blica - omitida\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: usuario no encontrado\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
-msgstr "ignorando bloque de tipo %d\n"
+msgstr "omitiendo bloque de tipo %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "hasta ahora se han procesado %lu claves\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "error leyendo `%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
-msgstr "   Cantidad total procesada: %lu\n"
+msgstr "Cantidad total procesada: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "           nuevas subclaves: %lu\n"
+msgstr "      omitidas nuevas claves: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
-msgstr "         sin identificativo: %lu\n"
+msgstr "          sin identificador: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
-msgstr "                 importadas: %lu"
+msgstr "              importadas: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
-msgstr "                sin cambios: %lu\n"
+msgstr "             sin cambios: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "     nuevos identificativos: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "           nuevas subclaves: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "              nuevas firmas: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
-msgstr "        nuevas revocaciones: %lu\n"
+msgstr "        nuevas revocaciones de claves: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "     claves secretas le�das: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr " claves secretas importadas: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr "claves secretas sin cambios: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
-msgstr "clave %08lX: no hay identificativo de usuario\n"
+msgstr "clave %08lX: sin identificador de usuario\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "clave %08lX: aceptado ID de usuario sin autofirma '"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
-msgstr "clave %08lX: no hay identificativos de usuario v�lidos\n"
+msgstr "clave %08lX: sin identificadores de usuario v�lidos\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "esto puede ser debido a la ausencia de autofirma\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "clave %08lX: clave p�blica no encontrada: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "clave %08lX: no es conforme a rfc2440 - ignorada\n"
+msgstr "clave %08lX: clave nueva - omitida\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, fuzzy, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "no puede escribirse el anillo: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "escribiendo en `%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "error escribiendo anillo `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "clave %08lX: clave p�blica importada\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
-msgstr "clave %08lX: no se corresponde con nuestra copia\n"
+msgstr "clave %08lX: no coincide con nuestra copia\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "clave %08lX: no puede localizarse el bloque de claves original: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "clave %08lX: no puede leerse el bloque de claves original: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
-msgstr "clave %08lX: 1 nuevo identificativo de usuario\n"
+msgstr "clave %08lX: 1 nuevo identificador de usuario\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
-msgstr "clave %08lX: %d nuevos identificativos de usuario\n"
+msgstr "clave %08lX: %d nuevos identificadores de usuario\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "clave %08lX: 1 nueva firma\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "clave %08lX: %d nuevas firmas\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "clave %08lX: 1 nueva subclave\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "clave %08lX: %d nuevas subclaves\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "clave %08lX: sin cambios\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, fuzzy, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "no puede bloquearse el anillo secreto: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "clave %08lX: clave secreta importada\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "clave %08lX: ya estaba en el anillo secreto\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "clave %08lX: clave secreta no encontrada: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
-"clave %08lX: falta la clave p�blica - imposibile applicar el\n"
+"clave %08lX: falta la clave p�blica - imposible emplear el\n"
 "certificado de revocaci�n\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
-msgstr "clave %08lX: certificado de revocaci�n no v�lido: %s - rechazado\n"
+msgstr "clave %08lX: certificado de revocaci�n inv�lido: %s - rechazado\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "clave %08lX: certificado de revocaci�n importado\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
-msgstr "clave %08lX: no hay identificativo de usuario para la firma\n"
+msgstr "clave %08lX: no hay identificador de usuario para la firma\n"
 
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
-msgstr "clave %08lX: algoritmo de clave p�blica no soportado\n"
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr "clave %08lX: algoritmo de clave p�blica no disponible\n"
 
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
-msgstr "clave %08lX: autofirma no v�lida\n"
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "clave %08lX: autofirma inv�lida\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
-msgstr "clave %08lX: no hay subclave para unir\n"
+msgstr "clave %08lX: no hay subclave que unir\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "clave %08lX.%lu: uni�n de subclave no v�lida\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "clave %08lX: algoritmo de clave p�blica no disponible\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "clave %08lX: aceptado ID de usuario sin autofirma '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "clave %08lX: uni�n de subclave inv�lida\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
-msgstr "clave %08lX: ignorado ID de usuario '"
+msgstr "clave %08lX: omitido ID de usuario '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
-msgstr "clave %08lX: subclave ignorada\n"
+msgstr "clave %08lX: subclave omitida\n"
 
 #. here we violate the rfc a bit by still allowing
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
-msgstr "clave %08lX: firma no exportable (clase %02x) - ignorada\n"
+msgstr "clave %08lX: firma no exportable (clase %02x) - omitida\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
-msgstr ""
-"clave %08lX: certificado de revocaci�n en lugar equivocado - ignorado\n"
+msgstr "clave %08lX: certificado de revocaci�n en lugar equivocado - omitido\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
-msgstr "clave %08lX: certificado de revocaci�n no valido: %s - ignorado\n"
+msgstr "clave %08lX: certificado de revocaci�n no valido: %s - omitido\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "clave %08lX: detectado usuario duplicado - fusionada\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "clave %08lX: certificado de revocaci�n a�adido\n"
 
-#: g10/import.c:1130 g10/import.c:1183
-#, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "clave %08lX: nuestra copia no tiene autofirma\n"
+#: g10/import.c:1231
+#, fuzzy, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "clave %08lX: %d nuevas firmas\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[revocaci�n]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[autofirma]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 firma incorrecta\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d firmas incorrectas\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 firma no comprobada por falta de clave\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d firmas no comprobadas por falta de clave\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 firma no comprobada por causa de un error\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d firmas no comprobadas por causa de un error\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
-msgstr "Detectado 1 identificativo de usuario sin autofirma v�lida\n"
+msgstr "Detectado 1 identificador de usuario sin autofirma v�lida\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
-msgstr "Detectados %d identificativos de usuario sin autofirma v�lida\n"
+msgstr "Detectados %d identificadores de usuario sin autofirma v�lida\n"
+
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "La clave est� protegida.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+#, fuzzy
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "�Seguro que quiere una clave de este tama�o? "
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
 #, c-format
-msgid "Already signed by key %08lX\n"
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+
+#: g10/keyedit.c:388
+#, fuzzy, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
 msgstr "Ya firmada por la clave %08lX\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:393
+#, fuzzy, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "Ya firmada por la clave %08lX\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Nada que firmar con la clave %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+#, fuzzy
+msgid "This key has expired!"
+msgstr "Nota: �Esta clave ha caducado!\n"
+
+#: g10/keyedit.c:440
+#, fuzzy, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Esta clave no est� protegida.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr ""
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr ""
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2031,42 +2434,69 @@ msgstr ""
 "�Est� realmente seguro de querer firmar esta clave\n"
 "con su clave: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
+#, fuzzy
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr ""
+"La firma se marcar� como no exportable.\n"
+"\n"
+
+#: g10/keyedit.c:548
+#, fuzzy
+msgid ""
 "\n"
+"The signature will be marked as non-revocable.\n"
 msgstr ""
 "La firma se marcar� como no exportable.\n"
 "\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "�Firmar de verdad? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "firma fallida: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Esta clave no est� protegida.\n"
 
-#: g10/keyedit.c:426
-#, fuzzy
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
-msgstr "Clave secreta no disponible"
+msgstr "Las partes secretas de la clave primaria no est�n disponibles.\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "La clave est� protegida.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "No puede editarse esta clave: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2074,7 +2504,7 @@ msgstr ""
 "Introduzca la nueva contrase�a para esta clave secreta.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2082,421 +2512,564 @@ msgstr ""
 "No ha especificado contrase�a. Esto es probablemente una *mala* idea.\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "�Realmente quiere hacer esto? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "moviendo la firma de la clave al lugar correcto\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "sale de este men�"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
-msgstr ""
+msgstr "s"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
-msgstr ""
+msgstr "graba"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "graba y sale"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
-msgstr ""
+msgstr "ayuda"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "muestra esta ayuda"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
-msgstr ""
+msgstr "hdac"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "muestra huella dactilar"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
-msgstr ""
+msgstr "lista"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
-msgstr "lista clave e identificativos de usuario"
+msgstr "lista clave e identificadores de usuario"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
-msgstr ""
+msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
-msgstr ""
+msgstr "idu"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
-msgstr "selecciona identificativo de usuario N"
+msgstr "selecciona identificador de usuario N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
-msgstr ""
+msgstr "clave"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "selecciona clave secundaria N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
-msgstr ""
+msgstr "comprueba"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "lista firmas"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
-msgstr ""
+msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
-msgstr ""
+msgstr "firma"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "firma la clave"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
-msgstr ""
+msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
-msgstr ""
+msgstr "firmal"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "firma la clave localmente"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "nrsign"
+msgstr "firma"
+
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "sign the key non-revocably"
+msgstr "firma la clave localmente"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "nrlsign"
+msgstr "firmal"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "sign the key locally and non-revocably"
+msgstr "firma la clave localmente"
+
+#: g10/keyedit.c:832
 msgid "debug"
-msgstr ""
+msgstr "depura"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
-msgstr ""
+msgstr "a�aidu"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
-msgstr "a�ade un identificativo de usuario"
+msgstr "a�ade un identificador de usuario"
 
-#: g10/keyedit.c:592
-msgid "deluid"
+#: g10/keyedit.c:834
+msgid "addphoto"
 msgstr ""
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+#, fuzzy
+msgid "add a photo ID"
+msgstr "a�ade un identificador de usuario"
+
+#: g10/keyedit.c:835
+msgid "deluid"
+msgstr "borridu"
+
+#: g10/keyedit.c:835
 msgid "delete user ID"
-msgstr "borra un identificativo de usuario"
+msgstr "borra un identificador de usuario"
 
-#: g10/keyedit.c:593
-msgid "addkey"
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
 msgstr ""
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
+msgid "addkey"
+msgstr "a�acla"
+
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "a�ade una clave secundaria"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
-msgstr ""
+msgstr "borrcla"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "borra una clave secundaria"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
-msgstr ""
+msgstr "borrfir"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "borra firmas"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
-msgstr ""
+msgstr "expira"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "cambia fecha de caducidad"
 
-#: g10/keyedit.c:597
-msgid "toggle"
+#: g10/keyedit.c:842
+msgid "primary"
 msgstr ""
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr ""
+
+#: g10/keyedit.c:843
+msgid "toggle"
+msgstr "cambia"
+
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "cambia entre lista de claves secretas y p�blicas"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
-msgstr ""
+msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
-msgstr ""
+msgstr "pref"
+
+#: g10/keyedit.c:846
+#, fuzzy
+msgid "list preferences (expert)"
+msgstr "muestra preferencias"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "verpref"
+
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "list preferences (verbose)"
 msgstr "muestra preferencias"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "setpref"
+msgstr "pref"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "set preference list"
+msgstr "muestra preferencias"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updpref"
+msgstr "pref"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updated preferences"
+msgstr "muestra preferencias"
+
+#: g10/keyedit.c:850
 msgid "passwd"
-msgstr ""
+msgstr "contr"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "cambia la contrase�a"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
-msgstr ""
+msgstr "conf"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "cambia valores de confianza"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
-msgstr ""
+msgstr "revfir"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "revoca firmas"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
-msgstr ""
+msgstr "revcla"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "revoca una clave secundaria"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
-msgstr ""
+msgstr "descla"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "deshabilita una clave"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
-msgstr ""
+msgstr "habcla"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "habilita una clave"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr ""
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr ""
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "imposible hacer esto en modo de proceso por lotes\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, fuzzy, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "error leyendo `%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Clave secreta disponible.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
-msgstr "Comando> "
+msgstr "Orden> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "Se necesita la clave secreta para hacer esto.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
-msgstr ""
+msgstr "Por favor use la orden \"cambia\" primero.\n"
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "La clave est� protegida.\n"
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
-msgstr "�Firmar realmente todos los identificativos de usuario? "
+msgstr "�Firmar realmente todos los identificadores de usuario? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
-msgstr "Sugerencia: seleccione los identificativos de usuario a firmar\n"
+msgstr "Sugerencia: seleccione los identificadores de usuario para firmar\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "actualizaci�n de confianza fallida: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr ""
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
-msgstr "Debe seleccionar por lo menos un identificativo de usuario.\n"
+msgstr "Debe seleccionar por lo menos un identificador de usuario.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
-msgstr "�No puede borrar el �ltimo identificativo de usuario!\n"
+msgstr "�No puede borrar el �ltimo identificador de usuario!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
-msgstr "�Borrar realmente todos los identificativos seleccionados? "
+msgstr "�Borrar realmente todos los identificadores seleccionados? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
-msgstr "�Borrar realmente este identificativo? "
+msgstr "�Borrar realmente este identificador de usuario? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Debe seleccionar por lo menos una clave.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
-msgstr "�Borrar realmente las claves seleccionadas? "
+msgstr "�De verdad quiere borrar las claves seleccionadas? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
-msgstr "�Borrar realmente esta clave? "
+msgstr "�De verdad quiere borrar esta clave? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
-msgstr "�Revocar realmente las claves seleccionadas? "
+msgstr "�De verdad quiere revocar las claves seleccionadas? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
-msgstr "�Revocar realmente esta clave? "
+msgstr "�De verdad quiere revocar esta clave? "
+
+#: g10/keyedit.c:1252
+#, fuzzy
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "�Borrar realmente todos los identificadores seleccionados? "
+
+#: g10/keyedit.c:1254
+#, fuzzy
+msgid "Really update the preferences? "
+msgstr "�Crear los certificados de revocaci�n realmente? (s/N)"
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "�Grabar cambios? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "�Salir sin grabar? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "actualizaci�n fallida: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "actualizaci�n de la clave secreta fallida: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "Clave sin cambios, no se necesita actualizaci�n.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
-msgstr "Comando no v�lido (pruebe \"help\")\n"
+msgstr "Orden inv�lida (pruebe \"help\")\n"
+
+#: g10/keyedit.c:1489
+#, fuzzy, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "ATENCI�N: �Esta clave ha sido revocada por su propietario!\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr ""
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  creada: %s expira: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " confianza: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Esta clave est� deshabilitada"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "clave %08lX: �esta subclave ha sido revocada!\n"
+msgstr "rev! �esta subclave ha sido revocada! %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr "        nuevas revocaciones: %lu\n"
+msgstr "rev-  se encontr� una revocaci�n falsificada\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? problema comprobando la revocaci�n: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "�Seguro que quiere una clave de este tama�o? "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
 msgstr ""
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "�Borrar esta firma correcta? (s/N/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
-msgstr "�Borrar esta firma no v�lida? (s/N/q)"
+msgstr "�Borrar esta firma inv�lida? (s/N/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "�Borrar esta firma desconocida? (s/N/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "�Borrar realmente esta autofirma? (s/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "%d firmas borradas.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "%d firmas borradas\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "No se borr� nada\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Por favor, quite la selecci�n de las claves secretas.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Por favor, seleccione como m�ximo una clave secundaria.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "Cambiando caducidad de clave secundaria.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "Cambiando caducidad de clave primaria.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "No puede cambiar la fecha de caducidad de una clave v3\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
-msgstr "No hay firma correspondiente en anillo secreto\n"
+msgstr "No existe la firma correspondiente en el anillo secreto\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+#, fuzzy
+msgid "Please select exactly one user ID.\n"
+msgstr "Debe seleccionar por lo menos un identificador de usuario.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
-msgstr "No hay ning�n identificativo de usuario con el �ndice %d\n"
+msgstr "No hay ning�n identificador de usuario con el �ndice %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "No hay ninguna clave secundaria con el �ndice %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "ID de usuario: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2505,245 +3078,378 @@ msgstr ""
 "\"\n"
 "firmada con su clave %08lX el %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, fuzzy, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"firmada con su clave %08lX el %s\n"
+
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "firma %s de: %s\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "�De verdad quiere revocar esta clave? "
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
 msgstr "�Crear un certificado de revocaci�n para esta clave (s/N)?"
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Ha firmado los siguientes IDs de usuario:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
-#, c-format
-msgid "   signed by %08lX at %s\n"
+#: g10/keyedit.c:2504
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s%s\n"
 msgstr "   firmada por %08lX el %s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   revocada por %08lX el %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
-msgstr "Va Vd. a revocar las siguientes firmas:\n"
+msgstr "Va a revocar las siguientes firmas:\n"
+
+#: g10/keyedit.c:2542
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   firmada por %08lX el %s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
 msgstr "�Crear los certificados de revocaci�n realmente? (s/N)"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "no hay clave secreta\n"
 
-#: g10/keylist.c:158
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
 #, fuzzy
-msgid "invalid"
-msgstr "Armadura no v�lida"
+msgid "Signature policy: "
+msgstr "firma %s de: %s\n"
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "ATENCI�N: encontrados datos de notaci�n inv�lidos\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+#, fuzzy
+msgid "Signature notation: "
+msgstr "Notaci�n: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr ""
 
-#: g10/keylist.c:178
-msgid "revoked"
+#: g10/keylist.c:216
+msgid "Keyring"
 msgstr ""
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
-#, fuzzy, c-format
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
 msgid " [expires: %s]"
-msgstr "La clave caduca el %s\n"
+msgstr " [caduca el %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Huella dactilar:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "         Huella dactilar:"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:899
+#, fuzzy
+msgid "     Key fingerprint ="
+msgstr "         Huella dactilar:"
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "datos cifrados %s\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "cifrado con algoritmo desconocido %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "la clave p�blica es %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
-msgstr "datos cifrados de la clave p�blica: DEK bueno\n"
+msgstr "datos cifrados de la clave p�blica: DEK correcta\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "cifrado con clave %2$s de %1$u bits, ID %3$08lX, creada el %4$s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "cifrado con clave %s, ID %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "clave secreta para descifrado no disponible\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "descifrado de la clave p�blica fallido: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, fuzzy, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "datos cifrados %s\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "descifrado correcto\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "ATENCI�N: �el mensaje cifrado ha sido manipulado!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr "descifrado fallido: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr "NOTA: el remitente solicit� \"s�lo-para-tus-ojos\"\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "nombre fichero original='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
-msgstr ""
+msgstr "revocaci�n independiente - use \"gpg --import\" para aplicarla\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "ATENCI�N: encontrados datos de notaci�n no v�lidos\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Notaci�n: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Pol�tica: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "suprimida la verificaci�n de la firma\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "no se puede trabajar con firmas m�ltiples\n"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Firma creada el %.*s usando clave %s ID %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "Firma INCORRECTA de \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+#, fuzzy
+msgid "Expired signature from \""
+msgstr "Firma correcta de \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Firma correcta de \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr ""
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
-msgstr "tambi�n conocido como \""
+msgstr "                alias \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Imposible comprobar la firma: %s\n"
 
-#: g10/mainproc.c:1230
-#, fuzzy, c-format
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "no es una firma separada\n"
+
+#: g10/mainproc.c:1508
+#, c-format
 msgid "standalone signature of class 0x%02x\n"
-msgstr "Clase de firma desconocida"
+msgstr "firma independiente de clase 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
-msgstr "firma viejo estilo (PGP 2.x)\n"
+msgstr "firma al viejo estilo (PGP 2.x)\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
-msgstr "paquete ra�z no v�lido detectado en proc_tree()\n"
+msgstr "paquete ra�z inv�lido detectado en proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
-msgstr "no se pueden desactivar los core dumps: %s\n"
+msgstr "no se pueden desactivar los volcados de core: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "�No se deber�an usar algoritmos experimentales!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+"ese algoritmo de cifrado est� desacreditado;�por favor use uno m�s "
+"est�ndar!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr ""
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
 msgstr ""
-"este algoritmo de cifrado est� en desuso, considere el uso de uno m�s "
-"est�ndar.\n"
 
-#: g10/parse-packet.c:115
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "no puedo manejar el algoritmo de clave p�blica %d\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "el subpaquete de tipo %d tiene el bit cr�tico activado\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
+msgstr "el agente gpg no esta disponible en esta sesi�n\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
 msgstr ""
 
-#: g10/passphrase.c:204
-msgid "malformed GPG_AGENT_INFO environment variable\n"
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
 msgstr ""
 
-#: g10/hkp.c:158 g10/passphrase.c:223
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:498
+msgid "malformed GPG_AGENT_INFO environment variable\n"
+msgstr "variable de entorno GPG_AGENT_INFO malformada\n"
+
+#: g10/passphrase.c:511
 #, fuzzy, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "el algoritmo de protecci�n %d no puede ser utilizado\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
 msgid "can't connect to `%s': %s\n"
-msgstr "no puede abrirse `%s': %s\n"
+msgstr "no se puede conectar con `%s': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr ""
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+#, fuzzy
+msgid "problem with the agent - disabling agent use\n"
+msgstr "problema con el agente: el agente devuelve 0x%lx\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr "(ID clave primaria %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
 "Necesita una contrase�a para desbloquear la clave secreta\n"
-"del usuario: \""
+"del usuario: \"%2$.*1$s\"\n"
+"clave %4$s de %3$u bits, ID %5$08lX, creada el %6$s%7$s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Introduzca contrase�a: "
+msgstr "Introduzca contrase�a\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "Repita contrase�a: "
-
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
+msgstr "Repita contrase�a\n"
 
-#: g10/passphrase.c:355
-#, fuzzy
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr "linea demasiado larga\n"
+msgstr "contrase�a demasiado larga\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "respuesta del agente inv�lida\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "cancelado por el usuario\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "problema con el agente: el agente devuelve 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2753,20 +3459,20 @@ msgstr ""
 "Necesita una contrase�a para desbloquear la clave secreta\n"
 "del usuario: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "clave %2$s de %1$u bits, ID %3$08lX, creada el %4$s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "imposible pedir contrase�a en modo de proceso por lotes\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Introduzca contrase�a: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Repita contrase�a: "
 
@@ -2774,148 +3480,191 @@ msgstr "Repita contrase�a: "
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr "datos no grabados; use la opci�n \"--output\" para grabarlos\n"
 
-#: g10/plaintext.c:324
-#, fuzzy
+#: g10/plaintext.c:108
+#, fuzzy, c-format
+msgid "error creating `%s': %s\n"
+msgstr "error leyendo `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
-msgstr "%d firmas borradas.\n"
+msgstr "Firma separada.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Introduzca el nombre del fichero de datos: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "leyendo stdin...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "no hay datos firmados\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "imposible abrir datos firmados `%s'\n"
 
-#: g10/pubkey-enc.c:135
-#, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+#: g10/pubkey-enc.c:100
+#, fuzzy, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "destinatario an�nimo, probando clave secreta %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "de acuerdo, somos el destinatario an�nimo.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
-msgstr "la codificaci�n vieja de DEK no est� soportada\n"
+msgstr "la antigua codificaci�n de la DEK no puede usarse\n"
 
-#: g10/pubkey-enc.c:216
+#: g10/pubkey-enc.c:177
 #, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "el algoritmo de protecci�n %d no est� soportado\n"
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "algoritmo de cifrado %d desconocido o desactivado\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr "NOTA: algoritmo de cifrado %d no encontrado en las preferencias\n"
 
-#: g10/pubkey-enc.c:261
-#, fuzzy, c-format
-msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "NOTA: clave de la firma caducada el %s\n"
-
-#: g10/hkp.c:62
+#: g10/pubkey-enc.c:242
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
+msgid "NOTE: secret key %08lX expired at %s\n"
+msgstr "NOTA: clave secreta %08lX caducada el %s\n"
 
-#: g10/hkp.c:75
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, fuzzy, c-format
-msgid "can't get key from keyserver: %s\n"
-msgstr "no puede escribirse en el anillo: %s\n"
-
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "solicitando clave %08lX de %s ...\n"
 
-#: g10/hkp.c:106
-#, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "'%s' no es un identificativo largo de clave v�lido\n"
+#: g10/hkp.c:94
+#, c-format
+msgid "can't get key from keyserver: %s\n"
+msgstr "no puede obtenerse la clave en el servidor: %s\n"
 
-#: g10/hkp.c:182
-#, fuzzy, c-format
+#: g10/hkp.c:171
+#, c-format
 msgid "error sending to `%s': %s\n"
-msgstr "error leyendo `%s': %s\n"
+msgstr "error enviando a `%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
-msgstr ""
+msgstr "envi� correcto a `%s` (estado=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
+msgstr "fall� el envio a `%s': status=%u\n"
+
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
 msgstr ""
 
-#: g10/seckey-cert.c:89
-#, fuzzy
+#: g10/hkp.c:521
+#, fuzzy, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "no puede obtenerse la clave en el servidor: %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
-msgstr "Clave secreta no disponible"
+msgstr "las partes de la clave privada no est�n disponibles\n"
 
-#: g10/seckey-cert.c:95
-#, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "el algoritmo de protecci�n %d no est� soportado\n"
+#: g10/seckey-cert.c:59
+#, fuzzy, c-format
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "el algoritmo de protecci�n %d no puede ser utilizado\n"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
+#: g10/seckey-cert.c:215
+#, fuzzy
+msgid "Invalid passphrase; please try again"
 msgstr "Contrase�a incorrecta, int�ntelo de nuevo...\n"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr ""
+
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr "ATENCI�N: detectada clave d�bil - por favor cambie la contrase�a.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "�esto es una clave ElGamal generada por PGP que NO es segura para las "
 "firmas!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "la clave p�blica es %lu segundos m�s nueva que la firma\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "la clave p�blica es %lu segundos m�s nueva que la firma\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "NOTA: clave de la firma caducada el %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "NOTA: clave de la firma %08lX caducada el %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr "asumiendo firma incorrecta debido a un bit cr�tico desconocido\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "la comprobaci�n de la firma creada fall�: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "firma %s de: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "ATENCI�N `%s' es un fichero vac�o\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
-msgstr "no puede crearse %s: %s\n"
+msgstr "no se puede crear %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "firmando:"
 
-#: g10/sign.c:583
-#, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "ATENCI�N `%s' es un fichero vac�o\n"
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:953
+#, fuzzy, c-format
+msgid "%s encryption will be used\n"
+msgstr "descifrado fallido: %s\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2927,476 +3676,248 @@ msgstr "no se pueden manejar l�neas de texto de m�s de %d caracteres\n"
 msgid "input line longer than %d characters\n"
 msgstr "l�nea de longitud superior a %d caracteres\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "registro base de datos de confianza %lu: lseek fallido: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr ""
 "resgistro base de datos de confianza %lu: escritura fallida (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "transacci�n en la base de datos de confianza demasiado grande\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
-msgstr "%s: no puede abrirse: %s\n"
+msgstr "%s: no se puede abrir: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: �el directorio no existe!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: no puede crearse: %s\n"
+msgid "%s: can't create lock\n"
+msgstr "%s: no se puede crear bloqueo\n"
+
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, fuzzy, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: no se puede crear bloqueo\n"
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
 #, c-format
-msgid "%s: can't create lock\n"
-msgstr "%s: no puede crearse bloqueo\n"
+msgid "%s: can't create: %s\n"
+msgstr "%s: no se puede crear: %s\n"
 
-#: g10/tdbio.c:473
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: fallo en la creaci�n del registro de versi�n: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
-msgstr "%s: se ha creado base de datos de confianza no v�lida\n"
+msgstr "%s: se ha creado base de datos de confianza inv�lida\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: se ha creado base de datos de confianza\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
-msgstr "%s: base de datos de confianza no v�lida\n"
+msgstr "%s: base de datos de confianza inv�lida\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: fallo en la creaci�n de la tabla hash: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: error actualizando el registro de versi�n: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: error leyendo registro de versi�n: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: error escribiendo registro de versi�n: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "base de datos de confianza: fallo lseek: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "base de datos de confianza: error lectura (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: no es una base de datos de confianza\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: registro de versi�n con n�mero de registro %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
-msgstr "%s: versi�n del fichero %d no v�lida\n"
+msgstr "%s: versi�n del fichero %d inv�lida\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: error leyendo registro libre: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: error escribiendo registro de directorio: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: fallo en poner a cero un registro: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: fallo al a�adir un registro: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr ""
 "La base de datos de confianza est� da�ada. Por favor, ejecute\n"
 "\"gpg --fix-trust-db\".\n"
 
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "registro de confianza %lu, petici�n tipo %d: fallo lectura: %s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "registro de confianza %lu, tipo %d: fallo escritura: %s\n"
-
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "registro de confianza %lu: fallo al borrar: %s\n"
-
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "base de datos de confianza: fallo sincronizaci�n: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "error leyendo registro de directorio del LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: esperaba registro directorio, encontrado tipo %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "no hay clave primaria para el LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "error leyendo clave primaria para el LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record fallida: %s\n"
+#: g10/trustdb.c:200
+#, fuzzy, c-format
+msgid "`%s' is not a valid long keyID\n"
+msgstr "'%s' no es un identificador largo de clave v�lido\n"
 
-#: g10/trustdb.c:474
+#: g10/trustdb.c:235
 #, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "'%s' no es un identificativo largo de clave v�lido\n"
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "clave %08lX: aceptada como clave de confianza.\n"
 
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
+#: g10/trustdb.c:274
+#, fuzzy, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
 msgstr "clave %08lX: imposible incluirla en la base de datos de confianza\n"
 
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "clave %08lX: petici�n de registro fallida\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "clave %08lX: ya est� en la tabla de confianza\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "clave %08lX: aceptada como clave de confianza.\n"
-
-#: g10/trustdb.c:547
+#: g10/trustdb.c:290
 #, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "clave %08lX: clave de confianza sin clave p�blica - ignorada\n"
-
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "NOTA: la clave secreta %08lX NO est� protegida.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "clave %08lX: las claves p�blica y secreta no se corresponden\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "enumeraci�n de claves secretas fallida: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "clave %08lX.%lu: uni�n de subclave v�lida\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "clave %08lX.%lu: uni�n de subclave no v�lida: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "clave %08lX.%lu: revocaci�n de clave v�lida\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "clave %08lX.%lu: revocaci�n de clave no v�lida: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "clave %08lX.%lu: revocaci�n de subclave v�lida\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Autofirma v�lida"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Autofirma no v�lida"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr ""
-"Revocaci�n v�lida de ID de usuario ignorada debido a autofirma m�s reciente"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Revocaci�n de ID de usuario v�lida"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Revocaci�n de ID de usuario no v�lida."
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Revocaci�n de certificado v�lida"
+msgstr "clave %08lX: clave fiable sin clave p�blica - omitida\n"
 
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Certificado correcto"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Certificado de revocaci�n incorrecto"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Certificado incorrecto"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "registro de firma %lu[%d] apunta al registro equivocado.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "certificado duplicado - eliminado"
-
-#: g10/trustdb.c:1661
+#: g10/trustdb.c:332
 #, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir fallida: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: inserci�n fallida: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: inserci�n fallida: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: insertada\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "error leyendo registro de directorio: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "se han procesado %lu claves\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu claves con errores\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu claves insertadas\n"
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "enumeraci�n bloques de clave fallido: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: registro de directiorio sin clave - ignorado\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "registro de confianza %lu, petici�n tipo %d: fallo lectura: %s\n"
 
-#: g10/trustdb.c:1884
+#: g10/trustdb.c:338
 #, fuzzy, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "clave %08lX: %d nuevas subclaves\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "registro de confianza %lu: fallo al borrar: %s\n"
 
-#: g10/trustdb.c:1886
+#: g10/trustdb.c:353
 #, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu claves ignoradas\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "registro de confianza %lu, tipo %d: fallo escritura: %s\n"
 
-#: g10/trustdb.c:1890
+#: g10/trustdb.c:368
 #, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu claves actualizadas\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Oh oh, no hay claves\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "base de datos de confianza: fallo sincronizaci�n: %s\n"
 
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Oh oh, no hay ning�n ID de usuario\n"
+#: g10/trustdb.c:468
+#, fuzzy
+msgid "no need for a trustdb check\n"
+msgstr "%s: no es una base de datos de confianza\n"
 
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: b�squeda registro directorio fallida: %s\n"
+#: g10/trustdb.c:474 g10/trustdb.c:1641
+#, fuzzy, c-format
+msgid "next trustdb check due at %s\n"
+msgstr "inserci�n del registro de confianza fallida: %s\n"
 
-#: g10/trustdb.c:2406
-#, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "clave %08lX: inserci�n del registro de confianza fallida: %s\n"
+#: g10/trustdb.c:779
+#, fuzzy
+msgid "checking the trustdb\n"
+msgstr "cambia valores de confianza"
 
-#: g10/trustdb.c:2410
-#, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "clave %08lX.%lu: incluida en la base de datos de confianza\n"
+#: g10/trustdb.c:933
+#, fuzzy, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "Clave p�blica no encontrada"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:1515
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
 msgstr ""
-"clave %08lX.%lu: creada en el futuro (salto en el tiempo o\n"
-"problemas con el reloj)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "clave %08lX.%lu: caducada el %s\n"
-
-#: g10/trustdb.c:2441
-#, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "clave %08lX.%lu: comprobaci�n de confianza fallida: %s\n"
-
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "usuario '%s' no encontrado: %s\n"
-
-#: g10/trustdb.c:2594
-#, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "problema buscando '%s' en la tabla de confianza: %s\n"
 
-#: g10/trustdb.c:2597
+#: g10/trustdb.c:1593
 #, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "usuario '%s' no est� en la tabla de confianza - insertando\n"
-
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "fallo al poner '%s' en la tabla de confianza: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "ATENC�ON: todav�a no puedo tratar registros de preferencias largos\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr ""
 
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
 "should be the first file given on the command line.\n"
 msgstr ""
+"la firma no se pudo verificar.\n"
+"Por favor recuerde que el fichero de firma (.sig o .asc)\n"
+"deber�a ser el primero que se da en la l�nea de �rdenes.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
-msgstr ""
-
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: no se puede crear el anillo: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: anillo creado\n"
+msgstr "la l�nea %u es demasiado larga o no tiene avance de l�nea (LF)\n"
 
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "ATENCI�N: existen 2 ficheros con informaci�n confidencial.\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr "clave no marcada como insegura - no puede usarse con el pseudo RNG\n"
 
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s es el que no se ha modificado\n"
-
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
-#, c-format
-msgid "%s is the new one\n"
-msgstr "%s es el nuevo\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "`%s' omitido: duplicado\n"
 
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Por favor arregle este posible fallo de seguridad\n"
-
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
-msgstr "`%s' ignorado: %s\n"
+msgstr "`%s' omitido: %s\n"
+
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "omitido: clave secreta ya presente\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
 "signatures!\n"
 msgstr ""
-"`%s' ignorada: esta es una clave ElGamal generada por PGP que NO es segura "
+"`%s' omitida: esta es una clave ElGamal generada por PGP que NO es segura "
 "para las firmas\n"
 
 #. do not overwrite
@@ -3409,90 +3930,99 @@ msgstr "El fichero `%s' ya existe. "
 msgid "Overwrite (y/N)? "
 msgstr "�Sobreescribir (s/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: sufijo desconocido\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Introduzca nuevo nombre de fichero"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "escribiendo en stdout\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "asumiendo que hay datos firmados en `%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: se ha creado un nuevo fichero de opciones\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
-msgstr "%s: no puede crearse el directorio: %s\n"
+msgstr "%s: no se puede crear el directorio: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: directorio creado\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
-msgstr ""
-
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "cifrado con algoritmo desconocido %d\n"
+msgstr "reinicie GnuPG otra vez para que lea el nuevo fichero de opciones\n"
 
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "datos cifrados %s\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "ATENCI�N: mensaje cifrado con una clave d�bil en el cifrado sim�trico.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "problema trabajando con un paquete cifrado\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "creada clave d�bil - reintentando\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "�imposible evitar clave d�bil para cifrado sim�trico despu�s de %d "
 "intentos!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "�hay una clave secreta para esta clave p�blica!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "use la opci�n \"--delete-secret-key\" para borrarla antes.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr ""
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "imposible hacer esto en modo de proceso por lotes sin \"--yes\"\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "�Eliminar esta clave del anillo? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "�Esta es una clave secreta! �Eliminar realmente? "
 
+#: g10/delkey.c:156
+#, fuzzy, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "enumeraci�n de bloques de clave fallida: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, fuzzy, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "�hay una clave secreta para esta clave p�blica!\n"
+
+#: g10/delkey.c:196
+#, fuzzy
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "use la opci�n \"--delete-secret-key\" para borrarla antes.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3504,22 +4034,27 @@ msgstr ""
 "que ver con la red de certificados (impl�citamente creada)."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr "Si quiere usar esta clave revocada de todos modos, conteste \"s�\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
-msgstr ""
-"Si quiere usar esta clave no confiable de todos modos, conteste \"s�\"."
+msgstr "Si quiere usar esta clave no fiable de todos modos, conteste \"s�\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
-msgstr ""
-"Introduzca el ID de usuario de la direcci�n a la que quiere enviar el "
-"mensaje."
+msgstr "Introduzca el ID de usuario al que quiere enviar el mensaje."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3539,42 +4074,42 @@ msgid ""
 "this is the reason why the encryption only ElGamal key is not available in\n"
 "this menu."
 msgstr ""
-"Seleccione el algoritmo a usar.\n"
+"Seleccione el algoritmo que usar�.\n"
 "\n"
-"DSA (tambi�n conocido como DSS) es el algoritmo de firma digital que s�lo\n"
+"DSA (tambi�n conocido como DSS) es un algoritmo de firma digital que s�lo\n"
 "puede usarse para firmas. Es el algoritmo sugerido porque la verificaci�n\n"
 "de firmas DSA es mucho m�s r�pida que la de firmas ElGamal.\n"
 "\n"
 "ElGamal es un algoritmo que puede ser usado para firma y cifrado. OpenPGP\n"
-"distingue entre dos tipos de estos algoritmos: para s�lo cifrado y para\n"
+"distingue entre dos tipos de estos algoritmos: s�lo para cifrado y para\n"
 "firma y cifrado. En realidad es lo mismo, pero se deben seleccionar ciertos\n"
 "par�metros de una forma particular para crear una clave segura para firmas.\n"
 "Este programa lo hace as�, pero otras implementaciones de OpenPGP no tienen\n"
-"porqu� entender el tipo de firma y cifrado.\n"
+"por qu� entender el tipo de firma y cifrado.\n"
 "\n"
 "La clave primaria debe ser una clave capaz de firmar, es por ello que la\n"
 "opci�n de clave ElGamal s�lo para cifrado no est� disponible en este men�."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
 "with them are quite large and very slow to verify."
 msgstr ""
-"Aunque estas claves est�n definidas en la RFC2440, no se sugiere su uso,\n"
-"ya que no est�n soportadas por todos los programas y las firmas creadas\n"
+"Aunque estas claves est�n definidas en RFC2440, no se aconseja su uso,\n"
+"ya que no todos los programas pueden utilizarlas y las firmas creadas\n"
 "con ellas son bastante grandes y lentas de verificar."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Introduzca la longitud de la clave"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Responda \"s�\" o \"no\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3586,21 +4121,21 @@ msgstr ""
 "buena respuesta a los errores; el sistema intentar� interpretar el valor\n"
 "introducido como un intervalo."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Introduzca el nombre del due�o de la clave"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr ""
 "Introduzca una direcci�n de correo electr�nico (opcional pero muy\n"
 "recomendable)"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Introduzca un comentario opcional"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3614,15 +4149,56 @@ msgstr ""
 "O  para continuar con la generaci�n de clave.\n"
 "S  para interrumpir la generaci�n de clave."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Responda \"s�\" (o s�lo \"s\") para generar la subclave."
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Responda \"s�\" si quiere firmar TODOS los IDs de usuario"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3630,11 +4206,11 @@ msgstr ""
 "Responda \"s�\" si realmente quiere borrar este ID de usuario.\n"
 "�Tambi�n se perder�n todos los certificados!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Responda \"s�\" si quiere borrar esta subclave"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3644,7 +4220,7 @@ msgstr ""
 "borrar esta firma ya que puede ser importante para establecer una conexi�n\n"
 "de confianza con la clave o con otra clave certificada por �sta."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3656,13 +4232,13 @@ msgstr ""
 "se us�, ya que dicha clave podr�a establecer una conexi�n de confianza\n"
 "a trav�s de otra clave certificada."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
 msgstr "Esta firma no es v�lida. Tiene sentido borrarla de su anillo."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3670,49 +4246,53 @@ msgid ""
 "only if this self-signature is for some reason not valid and\n"
 "a second one is available."
 msgstr ""
-"Esta es una firma que une el ID de usuario a la clave. No suele ser una "
-"buena\n"
-"idea borrar dichas firmas. De hecho, GnuPG podr�a no ser capaz de volver a\n"
-"usar esta clave. As� que b�rrela tan s�lo si esta autofirma no es v�lida "
-"por\n"
-"alguna raz�n y hay otra disponible."
+"Esta es una firma que une el ID de usuario a la clave. No suele ser una\n"
+"buena idea borrar dichas firmas. De hecho, GnuPG podr�a no ser capaz de\n"
+"volver a usar esta clave. As� que b�rrela tan s�lo si esta autofirma no\n"
+"es v�lida por alguna raz�n y hay otra disponible."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+
+#: g10/helptext.c:238
+#, fuzzy
+msgid "Please enter the passhrase; this is a secret sentence \n"
 msgstr "Por favor introduzca la contrase�a"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr "Repita la �ltima contrase�a para asegurarse de lo que tecle�."
 
-#: g10/helptext.c:213
-#, fuzzy
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr "Introduzca el nombre del fichero al que corresponde la firma"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Responda \"s�\" para sobreescribir el fichero"
 
-#: g10/helptext.c:223
+# Sugerencia: ENTER -> INTRO.
+# Aceptada.
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
 msgstr ""
-"Introduzca un nuevo nombre de fichero. Si pulsa ENTER se usar� el fichero "
-"por\n"
-"omisi�n (mostrado entre corchetes)."
+"Introduzca un nuevo nombre de fichero. Si pulsa INTRO se usar� el fichero\n"
+"por omisi�n (mostrado entre corchetes)."
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3720,67 +4300,393 @@ msgid ""
 "      Use this to state that the user ID should not longer be used;\n"
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
-
-#: g10/helptext.c:245
+"Deber�a especificar un motivo para la certificaci�n. Dependiendo del\n"
+"contexto puede elegir una opci�n de esta lista:\n"
+"  \"La clave ha sido comprometida\"\n"
+"      Use esto si tiene razones para pensar que personas no autorizadas\n"
+"      tuvieron acceso a su clave secreta.\n"
+"  \"La clave ha sido sustituida\"\n"
+"      Use esto si ha reemplazado la clave por otra m�s nueva.\n"
+"  \"La clave ya no est� en uso\"\n"
+"      Use esto si ha dejado de usar esta clave.\n"
+"  \"La identificaci�n de usuario ya no es v�lida\"\n"
+"      Use esto para se�alar que la identificaci�n de usuario no deber�a\n"
+"      seguir siendo usada; esto se utiliza normalmente para marcar una\n"
+"      direcci�n de correo-e como inv�lida.\n"
+
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
+"Si lo desea puede introducir un texto explicando por qu� emite\n"
+"este certificado de revocaci�n. Por favor, que el texto sea breve.\n"
+"Una l�nea vac�a pone fin al texto.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Ayuda no disponible"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
-msgstr "Ayuda no disponible para `%s'"
+msgstr "No hay ayuda disponible para `%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "problema en la lectura del certificado: %s\n"
+#: g10/keydb.c:177
+#, fuzzy, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "error escribiendo anillo `%s': %s\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "No puede usarse clave RSA en esta versi�n\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr ""
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "No hay clave para tal usuario\n"
+#: g10/keydb.c:197
+#, fuzzy, c-format
+msgid "keyring `%s' created\n"
+msgstr "%s: anillo creado\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "No hay clave secreta para tal usuario\n"
+#: g10/keydb.c:587
+#, fuzzy, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "%s: fallo en la creaci�n de la tabla hash: %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "ATENCI�N: existen 2 ficheros con informaci�n confidencial.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s es el que no se ha modificado\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s es el nuevo\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Por favor arregle este posible fallo de seguridad\n"
+
+#: g10/keyring.c:1337
+#, fuzzy, c-format
+msgid "checking keyring `%s'\n"
+msgstr "no puede bloquearse el anillo `%s': %s\n"
+
+#: g10/keyring.c:1368
+#, fuzzy, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "hasta ahora se han procesado %lu claves\n"
+
+#: g10/keyring.c:1379
+#, fuzzy, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "lista claves y firmas"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: anillo creado\n"
+
+#, fuzzy
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "�Seguro que quiere una clave de este tama�o? "
+
+#, fuzzy
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "�Seguro que quiere una clave de este tama�o? "
+
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "�Firmar de verdad? "
+
+#~ msgid "too many random bits requested; the limit is %d\n"
+#~ msgstr "se solicitan demasiados bits aleatorios; el l�mite es %d\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NOMBRES]|comprueba la base de datos de confianza"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key id-usuario"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key id-usuario"
+
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key id-usuario"
+
+#~ msgid "For info see http://www.gnupg.org"
+#~ msgstr "Informaci�n en http://www.gnupg.org"
+
+#~ msgid "sSmMqQ"
+#~ msgstr "iImMqQ"
+
+#~ msgid ""
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "No puede encontrarse una ruta de confianza v�lida para esta clave. "
+#~ "Veamos\n"
+#~ "si es posible asignar algunos valores de confianza perdidos.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "No se ha encontrado ninguna ruta con una de nuestras claves.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "No se ha encontrado ning�n certificado sin valor de confianza.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "No se cambi� ning�n valor de confianza.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr ""
+#~ "%08lX: no hay informaci�n para calcular la probabilidad de confianza\n"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Introduzca el ID de usuario: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "omitida: clave p�blica ya designada con --encrypt-to\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: error comprobando la clave: %s\n"
+
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) RSA (firmar y cifrar)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr "�De verdad quiere crear una clave de firma y cifrado? "
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "�De verdad necesita una clave tan grande? "
+
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: usuario no encontrado: %s\n"
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "problema en la lectura del certificado: %s\n"
+
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "demasiados registros en la cache unk - anulada\n"
 
 #~ msgid "no default public keyring\n"
 #~ msgstr "no hay anillo p�blico por defecto\n"
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "no puede bloquearse el anillo `%s': %s\n"
-
-#~ msgid "error writing keyring `%s': %s\n"
-#~ msgstr "error escribiendo anillo `%s': %s\n"
+#~ msgid "secret key %08lX not imported (use %s to allow for it)\n"
+#~ msgstr "clave secreta %08lX no importada (use %s para permitirlo)\n"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "clave %08lX: no puede leerse el bloque de claves original: %s\n"
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "clave %08lX: nuestra copia no tiene autofirma\n"
 
 #~ msgid "%s: user not found\n"
 #~ msgstr "%s: usuario no encontrado\n"
 
-#~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
-#~ msgstr ""
-#~ "Las claves RSA est�n en desuso, considere la creaci�n de una nueva clave "
-#~ "para futuros usos\n"
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr "actualizaci�n de base de datos de confianza fallida: %s\n"
 
-#, fuzzy
-#~ msgid "not processed"
-#~ msgstr "se han procesado %lu claves\n"
+#~ msgid "no keyserver known (use option --keyserver)\n"
+#~ msgstr "no hay servidores de claves conocidos (use opci�n --keyserver)\n"
+
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "'%s' no es un identificador de clave v�lido\n"
 
 #~ msgid "assuming bad MDC due to an unknown critical bit\n"
 #~ msgstr "asumiendo MDC incorrecto debido a un bit cr�tico desconocido\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "error leyendo registro de directorio del LID %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr "lid %lu: esperaba registro directorio, encontrado tipo %d\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "no hay clave primaria para el LID %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr "error leyendo clave primaria para el LID %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: search_record fallida: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "clave %08lX: petici�n de registro fallida\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "clave %08lX: ya est� en la tabla de confianza\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "NOTA: la clave secreta %08lX NO est� protegida.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
+#~ msgstr "clave %08lX: las claves p�blica y secreta no se corresponden\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "enumeraci�n de claves secretas fallida: %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "clave %08lX.%lu: uni�n de subclave v�lida\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "clave %08lX.%lu: uni�n de subclave inv�lida: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "clave %08lX.%lu: revocaci�n de clave v�lida\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "clave %08lX.%lu: revocaci�n de clave inv�lida: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "clave %08lX.%lu: revocaci�n de subclave v�lida\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Autofirma v�lida"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Autofirma inv�lida"
+
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
 #~ msgstr ""
-#~ "clave no marcada como insegura - no puede usarse con el pseudo RNG\n"
+#~ "Revocaci�n v�lida de ID de usuario omitida, existe autofirma m�s reciente"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "Revocaci�n de ID de usuario v�lida"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Revocaci�n de ID de usuario inv�lida."
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "Revocaci�n de certificado v�lida"
+
+#~ msgid "Good certificate"
+#~ msgstr "Certificado correcto"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Certificado de revocaci�n incorrecto"
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Certificado incorrecto"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "registro de firma %lu[%d] apunta al registro equivocado.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "certificado duplicado - eliminado"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "tdbio_search_dir fallida: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lid ?: inserci�n fallida: %s\n"
+
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lid %lu: inserci�n fallida: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lid %lu: insertada\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "error leyendo registro de directorio: %s\n"
+
+#~ msgid "\t%lu keys with errors\n"
+#~ msgstr "\t%lu claves con errores\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "\t%lu claves insertadas\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lid %lu: registro de directiorio sin clave - omitido\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "\t%lu debido a las nuevas claves p�blicas\n"
+
+# msgstr "clave %08lX: %d nuevas subclaves\n"
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "\t%lu claves omitidas\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "\t%lu claves actualizadas\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Oh oh, no hay claves\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Oh oh, no hay ning�n ID de usuario\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr "check_trust: b�squeda registro directorio fallida: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr "clave %08lX: inserci�n del registro de confianza fallida: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "clave %08lX.%lu: incluida en la base de datos de confianza\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+#~ msgstr ""
+#~ "clave %08lX.%lu: creada en el futuro (salto en el tiempo o\n"
+#~ "problemas con el reloj)\n"
+
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "clave %08lX.%lu: caducada el %s\n"
+
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "clave %08lX.%lu: comprobaci�n de confianza fallida: %s\n"
+
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr "problema buscando '%s' en la tabla de confianza: %s\n"
+
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr "usuario '%s' no est� en la tabla de confianza - insertando\n"
+
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "fallo al poner '%s' en la tabla de confianza: %s\n"
+
+#~ msgid "WARNING: can't yet handle long pref records\n"
+#~ msgstr ""
+#~ "ATENC�ON: todav�a no puedo tratar registros de preferencias largos\n"
+
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: no se puede crear el anillo: %s\n"
+
+#, fuzzy
+#~ msgid "invalid"
+#~ msgstr "Armadura no v�lida"
+
+#~ msgid "RSA key cannot be used in this version\n"
+#~ msgstr "No puede usarse clave RSA en esta versi�n\n"
+
+#~ msgid "No key for user ID\n"
+#~ msgstr "No hay clave para tal usuario\n"
+
+#~ msgid "No user ID for key\n"
+#~ msgstr "No hay clave secreta para tal usuario\n"
+
+#~ msgid "no secret key for decryption available\n"
+#~ msgstr "clave secreta para descifrado no disponible\n"
+
+#~ msgid ""
+#~ "RSA keys are deprecated; please consider creating a new key and use this "
+#~ "key in the future\n"
+#~ msgstr ""
+#~ "Las claves RSA est�n en desuso, considere la creaci�n de una nueva clave "
+#~ "para futuros usos\n"
 
 #~ msgid "set debugging flags"
 #~ msgstr "establece los par�metros de depuraci�n"
@@ -3853,9 +4759,6 @@ msgstr "Ayuda no disponible para `%s'"
 #~ msgid "lid %lu: can't get keyblock: %s\n"
 #~ msgstr "lid %lu: no puedo obtener el bloque de clave: %s\n"
 
-#~ msgid "Too many preferences"
-#~ msgstr "Demasiadas preferencias"
-
 #~ msgid "Too many preference items"
 #~ msgstr "Demasiados �tems de preferencias"
 
@@ -3892,6 +4795,9 @@ msgstr "Ayuda no disponible para `%s'"
 #~ msgid "can't lock keyring `%': %s\n"
 #~ msgstr "no puede bloquearse el anillo p�blico `%s': %s\n"
 
+#~ msgid "error writing keyring `%': %s\n"
+#~ msgstr "error escribiendo anillo `%s': %s\n"
+
 #~ msgid "can't open file: %s\n"
 #~ msgstr "no puede abrirse el fichero: %s\n"
 
@@ -3904,12 +4810,6 @@ msgstr "Ayuda no disponible para `%s'"
 #~ msgid "can't write keyblock: %s\n"
 #~ msgstr "no puede escribirse el bloque de claves: %s\n"
 
-#~ msgid "can't lock secret keyring: %s\n"
-#~ msgstr "no puede bloquearse el anillo secreto: %s\n"
-
-#~ msgid "can't write keyring: %s\n"
-#~ msgstr "no puede escribirse el anillo: %s\n"
-
 #, fuzzy
 #~ msgid "encrypted message is valid\n"
 #~ msgstr "el algoritmo de resumen seleccionado no es v�lido\n"
@@ -3946,9 +4846,6 @@ msgstr "Ayuda no disponible para `%s'"
 #~ msgid "lid %lu: read pref record failed: %s\n"
 #~ msgstr "lid %lu: lectura registro preferencias fallida: %s\n"
 
-#~ msgid "lid %lu: read sig record failed: %s\n"
-#~ msgstr "lid %lu: lectura registro firma fallida: %s\n"
-
 #~ msgid "user '%s' read problem: %s\n"
 #~ msgstr "problema de lectura usuario '%s': %s\n"
 
@@ -3986,9 +4883,6 @@ msgstr "Ayuda no disponible para `%s'"
 #~ msgid "Oops: key is now in trustdb???\n"
 #~ msgstr "Oh oh: la clave ahora est� en la tabla de confianza???\n"
 
-#~ msgid "insert trust record failed: %s\n"
-#~ msgstr "inserci�n del registro de confianza fallida: %s\n"
-
 #~ msgid "Hmmm, public key lost?"
 #~ msgstr "Oh oh, �se ha perdido la clave p�blica?"
 
diff --git a/po/et.po b/po/et.po
new file mode 100644
index 000000000..ee1577aed
--- /dev/null
+++ b/po/et.po
@@ -0,0 +1,4317 @@
+# Estonian translations for gnupg.
+# Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+# Toomas Soome <[email protected]>, 2002.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: gnupg 1.0.6d\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-22 12:07+0200\n"
+"Last-Translator: Toomas Soome <[email protected]>\n"
+"Language-Team: Estonian <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-15\n"
+"Content-Transfer-Encoding: 8-bit\n"
+
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Hoiatus: kasutan ebaturvalist m�lu!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "Lisainfot leiate lehelt http://www.gnupg.org/faq.html\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "initsialiseerimata turvalise m�luta ei ole operatsioon v�imalik\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(te kasutasite vahest selle t�� jaoks valet programmi)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
+msgid "yes"
+msgstr "jah"
+
+#: util/miscutil.c:297 util/miscutil.c:334
+msgid "yY"
+msgstr "jJ"
+
+#: util/miscutil.c:298 util/miscutil.c:332
+msgid "no"
+msgstr "ei"
+
+#: util/miscutil.c:299 util/miscutil.c:335
+msgid "nN"
+msgstr "eE"
+
+#: g10/keyedit.c:815 util/miscutil.c:333
+msgid "quit"
+msgstr "v�lju"
+
+#: util/miscutil.c:336
+msgid "qQ"
+msgstr "vV"
+
+#: util/errors.c:54
+msgid "general error"
+msgstr "�ldine viga"
+
+#: util/errors.c:55
+msgid "unknown packet type"
+msgstr "tundmatu paketi t��p"
+
+#: util/errors.c:56
+msgid "unknown version"
+msgstr "tundmatu versioon"
+
+#: util/errors.c:57
+msgid "unknown pubkey algorithm"
+msgstr "tundmatu avaliku v�tme algoritm"
+
+#: util/errors.c:58
+msgid "unknown digest algorithm"
+msgstr "tundmatu l�hendi algoritm"
+
+#: util/errors.c:59
+msgid "bad public key"
+msgstr "halb avalik v�ti"
+
+#: util/errors.c:60
+msgid "bad secret key"
+msgstr "halb salajane v�ti"
+
+#: util/errors.c:61
+msgid "bad signature"
+msgstr "halb allkiri"
+
+#: util/errors.c:62
+msgid "checksum error"
+msgstr "kontrollsumma viga"
+
+#: util/errors.c:63
+msgid "bad passphrase"
+msgstr "halb parool"
+
+#: util/errors.c:64
+msgid "public key not found"
+msgstr "ei leia avalikku v�tit"
+
+#: util/errors.c:65
+msgid "unknown cipher algorithm"
+msgstr "tundmatu �ifri algoritm"
+
+#: util/errors.c:66
+msgid "can't open the keyring"
+msgstr "v�tmehoidlat ei �nnestu avada"
+
+#: util/errors.c:67
+msgid "invalid packet"
+msgstr "vigane pakett"
+
+#: util/errors.c:68
+msgid "invalid armor"
+msgstr "vigane pakend"
+
+#: util/errors.c:69
+msgid "no such user id"
+msgstr "sellist kasutaja id pole"
+
+#: util/errors.c:70
+msgid "secret key not available"
+msgstr "salajane v�ti ei ole k�ttesaadav"
+
+#: util/errors.c:71
+msgid "wrong secret key used"
+msgstr "kasutati valet salajast v�tit"
+
+#: util/errors.c:72
+msgid "not supported"
+msgstr "ei ole toetatud"
+
+#: util/errors.c:73
+msgid "bad key"
+msgstr "halb v�ti"
+
+#: util/errors.c:74
+msgid "file read error"
+msgstr "viga faili lugemisel"
+
+#: util/errors.c:75
+msgid "file write error"
+msgstr "viga faili kirjutamisel"
+
+#: util/errors.c:76
+msgid "unknown compress algorithm"
+msgstr "tundmatu pakkimisalgoritm"
+
+#: util/errors.c:77
+msgid "file open error"
+msgstr "viga faili avamisel"
+
+#: util/errors.c:78
+msgid "file create error"
+msgstr "viga faili loomisel"
+
+#: util/errors.c:79
+msgid "invalid passphrase"
+msgstr "vigane parool"
+
+#: util/errors.c:80
+msgid "unimplemented pubkey algorithm"
+msgstr "realiseerimata avaliku v�tme algoritm"
+
+#: util/errors.c:81
+msgid "unimplemented cipher algorithm"
+msgstr "realiseerimata �ifri algoritm"
+
+#: util/errors.c:82
+msgid "unknown signature class"
+msgstr "tundmatu allkirja klass"
+
+#: util/errors.c:83
+msgid "trust database error"
+msgstr "usalduse andmebaasi viga"
+
+#: util/errors.c:84
+msgid "bad MPI"
+msgstr "halb MPI"
+
+#: util/errors.c:85
+msgid "resource limit"
+msgstr "ressursi limiit"
+
+#: util/errors.c:86
+msgid "invalid keyring"
+msgstr "vigane v�tmehoidla"
+
+#: util/errors.c:87
+msgid "bad certificate"
+msgstr "halb sertifikaat"
+
+#: util/errors.c:88
+msgid "malformed user id"
+msgstr "vigane kasutaja id"
+
+#: util/errors.c:89
+msgid "file close error"
+msgstr "viga faili sulgemisel"
+
+#: util/errors.c:90
+msgid "file rename error"
+msgstr "viga faili �mber nimetamisel"
+
+#: util/errors.c:91
+msgid "file delete error"
+msgstr "viga faili kustutamisel"
+
+#: util/errors.c:92
+msgid "unexpected data"
+msgstr "ootamatud andmed"
+
+#: util/errors.c:93
+msgid "timestamp conflict"
+msgstr "ajatemplite konflikt"
+
+#: util/errors.c:94
+msgid "unusable pubkey algorithm"
+msgstr "mittekasutatav avaliku v�tme algoritm"
+
+#: util/errors.c:95
+msgid "file exists"
+msgstr "fail on olemas"
+
+#: util/errors.c:96
+msgid "weak key"
+msgstr "n�rk v�ti"
+
+#: util/errors.c:97
+msgid "invalid argument"
+msgstr "vigane argument"
+
+#: util/errors.c:98
+msgid "bad URI"
+msgstr "halb URI"
+
+#: util/errors.c:99
+msgid "unsupported URI"
+msgstr "mittetoetatud URI"
+
+#: util/errors.c:100
+msgid "network error"
+msgstr "v�rgu viga"
+
+#: util/errors.c:102
+msgid "not encrypted"
+msgstr "kr�ptimata"
+
+#: util/errors.c:103
+msgid "not processed"
+msgstr "ei t��deldud"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "mittekasutatav avalik v�ti"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "mittekasutatav salajane v�ti"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "v�tmeserveri viga"
+
+#: util/logger.c:249
+#, c-format
+msgid "... this is a bug (%s:%d:%s)\n"
+msgstr "... see on viga (%s:%d:%s)\n"
+
+#: util/logger.c:255
+#, c-format
+msgid "you found a bug ... (%s:%d)\n"
+msgstr "te leidsite vea ... (%s:%d)\n"
+
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
+#, c-format
+msgid "can't open `%s': %s\n"
+msgstr "`%s' ei �nnestu avada: %s\n"
+
+#: cipher/random.c:324
+#, c-format
+msgid "can't stat `%s': %s\n"
+msgstr "ei �nnestu lugeda `%s' atribuute: %s\n"
+
+#: cipher/random.c:329
+#, c-format
+msgid "`%s' is not a regular file - ignored\n"
+msgstr "`%s' ei ole tavaline fail - ignoreerin\n"
+
+#: cipher/random.c:334
+msgid "note: random_seed file is empty\n"
+msgstr "m�rkus: random_seed fail on t�hi\n"
+
+#: cipher/random.c:340
+msgid "warning: invalid size of random_seed file - not used\n"
+msgstr "hoiatus: vigane random_seed faili suurus - ei kasuta\n"
+
+#: cipher/random.c:348
+#, c-format
+msgid "can't read `%s': %s\n"
+msgstr "`%s' ei �nnestu lugeda: %s\n"
+
+#: cipher/random.c:386
+msgid "note: random_seed file not updated\n"
+msgstr "m�rkus: random_seed faili ei uuendatud\n"
+
+#: cipher/random.c:406
+#, c-format
+msgid "can't create `%s': %s\n"
+msgstr "`%s' ei �nnestu luua: %s\n"
+
+#: cipher/random.c:413
+#, c-format
+msgid "can't write `%s': %s\n"
+msgstr "`%s' ei �nnestu kirjutada: %s\n"
+
+#: cipher/random.c:416
+#, c-format
+msgid "can't close `%s': %s\n"
+msgstr "`%s' ei �nnestu sulgeda: %s\n"
+
+#: cipher/random.c:662
+msgid "WARNING: using insecure random number generator!!\n"
+msgstr "HOIATUS: kasutan ebaturvalist juhuarvude generaatorit!!\n"
+
+#: cipher/random.c:663
+msgid ""
+"The random number generator is only a kludge to let\n"
+"it run - it is in no way a strong RNG!\n"
+"\n"
+"DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
+"\n"
+msgstr ""
+"Juhuarvude generaator on ainult t�hi kest, et programmid\n"
+"k�iks - see EI OLE tugev juhuarvude generaator!\n"
+"\n"
+"�RGE KASUTAGE SELLE PROGRAMMI POOLT GENEREERITUD ANDMEID!!\n"
+"\n"
+
+#: cipher/rndlinux.c:142
+#, c-format
+msgid ""
+"\n"
+"Not enough random bytes available.  Please do some other work to give\n"
+"the OS a chance to collect more entropy! (Need %d more bytes)\n"
+msgstr ""
+"\n"
+"Juhuslikke baite ei ole piisavalt. Palun tehke arvutiga muid t�id,\n"
+"et anda masinal v�imalust koguda enam entroopiat! (Vajatakse %d baiti)\n"
+
+#: g10/g10.c:287
+msgid ""
+"@Commands:\n"
+" "
+msgstr ""
+"@K�sud:\n"
+" "
+
+#: g10/g10.c:289
+msgid "|[file]|make a signature"
+msgstr "|[fail]|loo allkiri"
+
+#: g10/g10.c:290
+msgid "|[file]|make a clear text signature"
+msgstr "|[fail]|loo avateksti allkiri"
+
+#: g10/g10.c:291
+msgid "make a detached signature"
+msgstr "loo eraldiseisev allkiri"
+
+#: g10/g10.c:292
+msgid "encrypt data"
+msgstr "kr�pteeri andmed"
+
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[failid]|kr�pteeri failid"
+
+#: g10/g10.c:294
+msgid "encryption only with symmetric cipher"
+msgstr "kr�pteerimine kasutades ainult s�mmeetrilist �ifrit"
+
+#: g10/g10.c:295
+msgid "store only"
+msgstr "ainult salvesta"
+
+#: g10/g10.c:296
+msgid "decrypt data (default)"
+msgstr "dekr�pteeri andmed (vaikimisi)"
+
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[failid]|dekr�pteeri failid"
+
+#: g10/g10.c:298
+msgid "verify a signature"
+msgstr "kontrolli allkirja"
+
+#: g10/g10.c:300
+msgid "list keys"
+msgstr "n�ita v�tmeid"
+
+#: g10/g10.c:302
+msgid "list keys and signatures"
+msgstr "n�ita v�tmeid ja allkirju"
+
+#: g10/g10.c:303
+msgid "check key signatures"
+msgstr "kontrolli v�tmete allkirju"
+
+#: g10/g10.c:304
+msgid "list keys and fingerprints"
+msgstr "n�ita v�tmeid ja s�rmej�lgi"
+
+#: g10/g10.c:305
+msgid "list secret keys"
+msgstr "n�ita salajasi v�tmeid"
+
+#: g10/g10.c:306
+msgid "generate a new key pair"
+msgstr "genereeri uus v�tmepaar"
+
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
+msgstr "eemalda v�tmed avalike v�tmete hoidlast"
+
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "eemalda v�tmed salajaste v�tmete hoidlast"
+
+#: g10/g10.c:310
+msgid "sign a key"
+msgstr "allkirjasta v�ti"
+
+#: g10/g10.c:311
+msgid "sign a key locally"
+msgstr "allkirjasta v�ti lokaalselt"
+
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "allkirjasta v�ti mitte-t�histatavana"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "allkirjasta v�ti lokaalselt ja mitte-t�histatavana"
+
+#: g10/g10.c:314
+msgid "sign or edit a key"
+msgstr "allkirjasta v�i toimeta v�tit"
+
+#: g10/g10.c:315
+msgid "generate a revocation certificate"
+msgstr "genereeri t�histamise sertifikaat"
+
+#: g10/g10.c:316
+msgid "export keys"
+msgstr "ekspordi v�tmed"
+
+#: g10/g10.c:317
+msgid "export keys to a key server"
+msgstr "ekspordi v�tmed v�tmeserverisse"
+
+#: g10/g10.c:318
+msgid "import keys from a key server"
+msgstr "impordi v�tmed v�tmeserverist"
+
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "otsi v�tmeid v�tmeserverist"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "uuenda v�tmeid v�tmeserverist"
+
+#: g10/g10.c:326
+msgid "import/merge keys"
+msgstr "impordi/mesti v�tmed"
+
+#: g10/g10.c:328
+msgid "list only the sequence of packets"
+msgstr "n�ita ainult pakettide j�rjendeid"
+
+#: g10/g10.c:330
+msgid "export the ownertrust values"
+msgstr "ekspordi usalduse v��rtused"
+
+#: g10/g10.c:332
+msgid "import ownertrust values"
+msgstr "impordi usalduse v��rtused"
+
+#: g10/g10.c:334
+msgid "update the trust database"
+msgstr "uuenda usalduse andmebaasi"
+
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "hooldusvaba usalduse andmebaasi uuendamine"
+
+#: g10/g10.c:337
+msgid "fix a corrupted trust database"
+msgstr "paranda vigane usalduse andmebaas"
+
+#: g10/g10.c:338
+msgid "De-Armor a file or stdin"
+msgstr "Pakenda fail v�i standardsisend lahti"
+
+#: g10/g10.c:340
+msgid "En-Armor a file or stdin"
+msgstr "Pakenda fail v�i standardsisend"
+
+#: g10/g10.c:342
+msgid "|algo [files]|print message digests"
+msgstr "|algo [failid]|tr�ki teatel�hendid"
+
+#: g10/g10.c:346
+msgid ""
+"@\n"
+"Options:\n"
+" "
+msgstr ""
+"@\n"
+"V�tmed:\n"
+" "
+
+#: g10/g10.c:348
+msgid "create ascii armored output"
+msgstr "loo ascii pakendis v�ljund"
+
+#: g10/g10.c:350
+msgid "|NAME|encrypt for NAME"
+msgstr "|NIMI|kr�pti NIMEle"
+
+#: g10/g10.c:353
+msgid "|NAME|use NAME as default recipient"
+msgstr "|NIMI|kasuta NIME vaikimisi saajana"
+
+#: g10/g10.c:355
+msgid "use the default key as default recipient"
+msgstr "kasuta vaikimisi saajana vaikimisi v�tit"
+
+#: g10/g10.c:361
+msgid "use this user-id to sign or decrypt"
+msgstr "kasuta seda kasutaja IDd"
+
+#: g10/g10.c:362
+msgid "|N|set compress level N (0 disables)"
+msgstr "|N|m��ra pakkimise tase N (0 blokeerib)"
+
+#: g10/g10.c:364
+msgid "use canonical text mode"
+msgstr "kasuta kanoonilist tekstimoodi"
+
+#: g10/g10.c:371
+msgid "use as output file"
+msgstr "kasuta v�ljundfailina"
+
+#: g10/g10.c:372
+msgid "verbose"
+msgstr "ole jutukas"
+
+#: g10/g10.c:373
+msgid "be somewhat more quiet"
+msgstr "ole m�nev�rra vaiksem"
+
+#: g10/g10.c:374
+msgid "don't use the terminal at all"
+msgstr "�ra kasuta terminali"
+
+#: g10/g10.c:375
+msgid "force v3 signatures"
+msgstr "kasuta v3 allkirju"
+
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "�ra kasuta v3 allkirju"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "kasuta v4 v�tme allkirju"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "�ra kasuta v3 v�tme allkirju"
+
+#: g10/g10.c:379
+msgid "always use a MDC for encryption"
+msgstr "kr�ptimisel kasuta alati MDC"
+
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "kr�ptimisel �ra kasuta kunagi MDC"
+
+#: g10/g10.c:383
+msgid "do not make any changes"
+msgstr "�ra tee mingeid muutusi"
+
+#. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
+#: g10/g10.c:385
+msgid "use the gpg-agent"
+msgstr "kasuta gpg-agenti"
+
+#: g10/g10.c:388
+msgid "batch mode: never ask"
+msgstr "pakettmood: �ra k�si kunagi"
+
+#: g10/g10.c:389
+msgid "assume yes on most questions"
+msgstr "eelda enamus k�simustele jah vastust"
+
+#: g10/g10.c:390
+msgid "assume no on most questions"
+msgstr "eelda enamus k�simustele ei vastust"
+
+#: g10/g10.c:391
+msgid "add this keyring to the list of keyrings"
+msgstr "lisa see v�tmehoidla v�tmehoidlate nimekirja"
+
+#: g10/g10.c:392
+msgid "add this secret keyring to the list"
+msgstr "lisa see salajaste v�tmete hoidla nimekirja"
+
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "n�ita millisesse v�tmehoidlasse n�idatud v�ti kuulub"
+
+#: g10/g10.c:394
+msgid "|NAME|use NAME as default secret key"
+msgstr "|NIMI|kasuta NIME vaikimisi salajase v�tmena"
+
+#: g10/g10.c:395
+msgid "|HOST|use this keyserver to lookup keys"
+msgstr "|HOST|kasuta seda v�tmeserverit"
+
+#: g10/g10.c:397
+msgid "|NAME|set terminal charset to NAME"
+msgstr "|NIMI|terminali kooditabel on NIMI"
+
+#: g10/g10.c:398
+msgid "read options from file"
+msgstr "loe v�tmed failist"
+
+#: g10/g10.c:402
+msgid "|FD|write status info to this FD"
+msgstr "|FP|kirjuta olekuinfo sellesse failipidemesse"
+
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[fail]|kirjuta olekuinfo faili"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|V�TMEID|usalda seda v�tit t�ielikult"
+
+#: g10/g10.c:411
+msgid "|FILE|load extension module FILE"
+msgstr "|FAIL|lae laiendusmoodul FAIL"
+
+#: g10/g10.c:412
+msgid "emulate the mode described in RFC1991"
+msgstr "emuleeri dokumendis RFC1991 kirjeldatud moodi"
+
+#: g10/g10.c:413
+msgid "set all packet, cipher and digest options to OpenPGP behavior"
+msgstr "kasuta k�ikides tegevustes OpenPGP v�tmeid"
+
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "kasuta k�ikide pakettide, �iffrite ja l�hendi seadeid PGP 2.x moodis"
+
+#: g10/g10.c:418
+msgid "|N|use passphrase mode N"
+msgstr "|N|kasuta parooli moodi N"
+
+#: g10/g10.c:420
+msgid "|NAME|use message digest algorithm NAME for passphrases"
+msgstr "|NIMI|kasuta paroolidega l�hendialgoritmi NIMI"
+
+#: g10/g10.c:422
+msgid "|NAME|use cipher algorithm NAME for passphrases"
+msgstr "|NIMI|kasuta paroolidega �ifri algoritmi NIMI"
+
+#: g10/g10.c:424
+msgid "|NAME|use cipher algorithm NAME"
+msgstr "|NIMI|kasuta �ifri algoritmi NIMI"
+
+#: g10/g10.c:425
+msgid "|NAME|use message digest algorithm NAME"
+msgstr "|NIMI|kasuta teatel�hendi algoritmi NIMI"
+
+#: g10/g10.c:426
+msgid "|N|use compress algorithm N"
+msgstr "|N|kasuta pakkimisalgoritmi N"
+
+#: g10/g10.c:427
+msgid "throw keyid field of encrypted packets"
+msgstr "�ra lisa kr�ptimisel v�tme id"
+
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Esita foto IDd"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "Ei esita foto IDd"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "Sea k�surida foto ID vaatamiseks"
+
+#: g10/g10.c:431
+msgid "|NAME=VALUE|use this notation data"
+msgstr "|NIMI=V��RTUS|kasuta neid noteerimise andmeid"
+
+#: g10/g10.c:434
+msgid ""
+"@\n"
+"(See the man page for a complete listing of all commands and options)\n"
+msgstr ""
+"@\n"
+"(K�ikide k�skude ja v�tmete t�ieliku kirjelduse leiate manualist)\n"
+
+#: g10/g10.c:437
+msgid ""
+"@\n"
+"Examples:\n"
+"\n"
+" -se -r Bob [file]          sign and encrypt for user Bob\n"
+" --clearsign [file]         make a clear text signature\n"
+" --detach-sign [file]       make a detached signature\n"
+" --list-keys [names]        show keys\n"
+" --fingerprint [names]      show fingerprints\n"
+msgstr ""
+"@\n"
+"N�ited:\n"
+"\n"
+" -se -r Bob [fail]          allkirjasta ja kr�pti kasutajale Bob\n"
+" --clearsign [fail]         loo avateksti allkiri\n"
+" --detach-sign [fail]       loo eraldiseisev allkiri\n"
+" --list-keys [nimed]        n�ita v�tmeid\n"
+" --fingerprint [nimed]      n�ita s�rmej�lgi\n"
+
+#: g10/g10.c:579
+msgid "Please report bugs to <[email protected]>.\n"
+msgstr "Palun saatke veateated aadressil <[email protected]>.\n"
+
+#: g10/g10.c:583
+msgid "Usage: gpg [options] [files] (-h for help)"
+msgstr "Kasuta: gpg [v�tmed] [failid] (-h n�itab abiinfot)"
+
+#: g10/g10.c:586
+msgid ""
+"Syntax: gpg [options] [files]\n"
+"sign, check, encrypt or decrypt\n"
+"default operation depends on the input data\n"
+msgstr ""
+"S�ntaks: gpg [v�tmed] [failid]\n"
+"allkirjasta, kontrolli, kr�pti ja dekr�pti\n"
+"vaikimisi operatsioon s�ltub sisendandmetest\n"
+
+#: g10/g10.c:597
+msgid ""
+"\n"
+"Supported algorithms:\n"
+msgstr ""
+"\n"
+"Toetatud algoritmid:\n"
+
+#: g10/g10.c:671
+msgid "usage: gpg [options] "
+msgstr "kasuta: gpg [v�tmed] "
+
+#: g10/g10.c:728
+msgid "conflicting commands\n"
+msgstr "vastuolulised k�sud\n"
+
+#: g10/g10.c:903
+#, c-format
+msgid "NOTE: no default option file `%s'\n"
+msgstr "M�RKUS: vaikimisi v�tmete fail `%s' puudub\n"
+
+#: g10/g10.c:907
+#, c-format
+msgid "option file `%s': %s\n"
+msgstr "v�tmete fail `%s': %s\n"
+
+#: g10/g10.c:914
+#, c-format
+msgid "reading options from `%s'\n"
+msgstr "loen v�tmeid failist `%s'\n"
+
+#: g10/g10.c:1197
+#, c-format
+msgid "%s is not a valid character set\n"
+msgstr "%s ei ole lubatud kooditabel\n"
+
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "ei saa parsida v�tmeserveri URI\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "exec-path v��rtuseks ei �nnestu seada %s\n"
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "HOIATUS: v�tit %s ei soovitata kasutada.\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "palun kasutage selle asemel \"--keyserver-options %s\"\n"
+
+#: g10/g10.c:1347
+msgid "WARNING: program may create a core file!\n"
+msgstr "HOIATUS: programm v�ib salvestada oma m�lupildi!\n"
+
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "HOIATUS: %s m��rab �le %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
+#, c-format
+msgid "NOTE: %s is not for normal use!\n"
+msgstr "M�RKUS: %s ei ole tavap�raseks kasutamiseks!\n"
+
+#: g10/g10.c:1360 g10/g10.c:1380
+#, c-format
+msgid "%s not allowed with %s!\n"
+msgstr "%s ja %s ei ole koos lubatud!\n"
+
+#: g10/g10.c:1363
+#, c-format
+msgid "%s makes no sense with %s!\n"
+msgstr "%s ja %s ei oma koos m�tet!\n"
+
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+"--pgp2 moodis saate luua ainult eraldiseisvaid v�i avateksti allkirju\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "--pgp2 moodis ei saa korraga allkirjastada ja kr�pteerida\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr "--pgp2 moodis peate kasutama faile (ja mitte toru).\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr "teate kr�pteerimine --pgp2 moodis n�uab IDEA �iffrit\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "see teade ei pruugi olla PGP 2.x programmidega kasutatav\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
+msgid "selected cipher algorithm is invalid\n"
+msgstr "valitud �ifri algoritm ei ole lubatud\n"
+
+#: g10/g10.c:1476 g10/g10.c:1488
+msgid "selected digest algorithm is invalid\n"
+msgstr "valitud l�hendi algoritm ei ole lubatud\n"
+
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "antud allkirja poliisi URL on vigane\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "antud sertifikaadi poliisi URL on vigane\n"
+
+#: g10/g10.c:1499
+#, c-format
+msgid "compress algorithm must be in range %d..%d\n"
+msgstr "pakkimise algoritm peab olema vahemikust %d..%d\n"
+
+#: g10/g10.c:1501
+msgid "completes-needed must be greater than 0\n"
+msgstr "completes-needed peab olema suurem, kui 0\n"
+
+#: g10/g10.c:1503
+msgid "marginals-needed must be greater than 1\n"
+msgstr "marginals-needed peab olema suurem, kui 1\n"
+
+#: g10/g10.c:1505
+msgid "max-cert-depth must be in range 1 to 255\n"
+msgstr "max-cert-depth peab olema vahemikus 1 kuni 255\n"
+
+#: g10/g10.c:1508
+msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
+msgstr "M�RKUS: lihtne S2K mood (0) ei soovitata kasutada\n"
+
+#: g10/g10.c:1512
+msgid "invalid S2K mode; must be 0, 1 or 3\n"
+msgstr "vigane S2K mood; peab olema 0, 1 v�i 3\n"
+
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "vigane vaikimisi kontrolli mood; peab olema 0, 1, 2 v�i 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "vigased eelistused\n"
+
+#: g10/g10.c:1613
+#, c-format
+msgid "failed to initialize the TrustDB: %s\n"
+msgstr "TrustDB initsialiseerimine eba�nnestus: %s\n"
+
+#: g10/g10.c:1633
+msgid "--store [filename]"
+msgstr "--store [failinimi]"
+
+#: g10/g10.c:1640
+msgid "--symmetric [filename]"
+msgstr "--symmetric [failinimi]"
+
+#: g10/g10.c:1648
+msgid "--encrypt [filename]"
+msgstr "--encrypt [failinimi]"
+
+#: g10/g10.c:1665
+msgid "--sign [filename]"
+msgstr "--sign [failinimi]"
+
+#: g10/g10.c:1678
+msgid "--sign --encrypt [filename]"
+msgstr "--sign --encrypt [failinimi]"
+
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [failinimi]"
+
+#: g10/g10.c:1701
+msgid "--clearsign [filename]"
+msgstr "--clearsign [failinimi]"
+
+#: g10/g10.c:1719
+msgid "--decrypt [filename]"
+msgstr "--decrypt [failinimi]"
+
+#: g10/g10.c:1730
+msgid "--sign-key user-id"
+msgstr "--sign-key kasutaja-id"
+
+#: g10/g10.c:1738
+msgid "--lsign-key user-id"
+msgstr "--lsign-key kasutaja-id"
+
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key kasutaja-id"
+
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key kasutaja-id"
+
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key kasutaja-id [k�sud]"
+
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
+#, c-format
+msgid "can't open %s: %s\n"
+msgstr "%s ei �nnestu avada: %s\n"
+
+#: g10/g10.c:1833
+msgid "-k[v][v][v][c] [user-id] [keyring]"
+msgstr "-k[v][v][v][c] [kasutaja-id] [v�tmehoidla]"
+
+#: g10/g10.c:1916
+#, c-format
+msgid "dearmoring failed: %s\n"
+msgstr "lahtipakendamine eba�nnestus: %s\n"
+
+#: g10/g10.c:1924
+#, c-format
+msgid "enarmoring failed: %s\n"
+msgstr "pakendamine eba�nnestus: %s\n"
+
+#: g10/g10.c:2011
+#, c-format
+msgid "invalid hash algorithm `%s'\n"
+msgstr "vigane teatel�hendi algoritm `%s'\n"
+
+#: g10/g10.c:2097
+msgid "[filename]"
+msgstr "[failinimi]"
+
+#: g10/g10.c:2101
+msgid "Go ahead and type your message ...\n"
+msgstr "Kirjutage n��d oma teade ...\n"
+
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
+#, c-format
+msgid "can't open `%s'\n"
+msgstr "`%s' ei �nnestu avada\n"
+
+#: g10/g10.c:2313
+msgid ""
+"the first character of a notation name must be a letter or an underscore\n"
+msgstr "esimene s�mbol noteerimise nimes peab olema t�ht v�i alakriips\n"
+
+#: g10/g10.c:2319
+msgid ""
+"a notation name must have only letters, digits, dots or underscores and end "
+"with an '='\n"
+msgstr ""
+"noteerimise nimes v�ivad olla ainult t�hed, numbrid, punktid ja alakriipsud\n"
+"ning l�pus peab olema '='\n"
+
+#: g10/g10.c:2325
+msgid "dots in a notation name must be surrounded by other characters\n"
+msgstr ""
+"punktid noteerimise nimes peavad olema �mbritsetud teiste s�mbolitega\n"
+
+#: g10/g10.c:2333
+msgid "a notation value must not use any control characters\n"
+msgstr "noteerimise v��rtus ei v�i sisaldada kontroll s�mboleid\n"
+
+#: g10/armor.c:314
+#, c-format
+msgid "armor: %s\n"
+msgstr "pakend: %s\n"
+
+#: g10/armor.c:343
+msgid "invalid armor header: "
+msgstr "vigane pakendi p�is: "
+
+#: g10/armor.c:350
+msgid "armor header: "
+msgstr "pakendi p�is: "
+
+#: g10/armor.c:361
+msgid "invalid clearsig header\n"
+msgstr "vigane avateksti allkirja p�is\n"
+
+#: g10/armor.c:413
+msgid "nested clear text signatures\n"
+msgstr "avateksti allkirjad �ksteise sees\n"
+
+#: g10/armor.c:537
+msgid "invalid dash escaped line: "
+msgstr "vigane kriipsudega m�rgitud rida: "
+
+#: g10/armor.c:549
+msgid "unexpected armor:"
+msgstr "ootamatu pakend:"
+
+#: g10/armor.c:675 g10/armor.c:1242
+#, c-format
+msgid "invalid radix64 character %02x skipped\n"
+msgstr "vigane radix64 s�mbol %02x vahele j�etud\n"
+
+#: g10/armor.c:718
+msgid "premature eof (no CRC)\n"
+msgstr "enneaegne failil�pp (puudub CRC)\n"
+
+#: g10/armor.c:752
+msgid "premature eof (in CRC)\n"
+msgstr "enneaegne failil�pp (poolik CRC)\n"
+
+#: g10/armor.c:756
+msgid "malformed CRC\n"
+msgstr "vigane CRC\n"
+
+#: g10/armor.c:760 g10/armor.c:1279
+#, c-format
+msgid "CRC error; %06lx - %06lx\n"
+msgstr "CRC viga; %06lx - %06lx\n"
+
+#: g10/armor.c:780
+msgid "premature eof (in Trailer)\n"
+msgstr "enneaegne failil�pp (l�petaval real)\n"
+
+#: g10/armor.c:784
+msgid "error in trailer line\n"
+msgstr "viga l�petaval real\n"
+
+#: g10/armor.c:1057
+msgid "no valid OpenPGP data found.\n"
+msgstr "ei leia OpenPGP andmeid.\n"
+
+#: g10/armor.c:1062
+#, c-format
+msgid "invalid armor: line longer than %d characters\n"
+msgstr "vigane pakend: rida on pikem, kui %d s�mbolit\n"
+
+#: g10/armor.c:1066
+msgid ""
+"quoted printable character in armor - probably a buggy MTA has been used\n"
+msgstr ""
+"kvooditud s�mbol pakendis - t�en�oliselt on kasutatud vigast MTA programmi\n"
+
+#: g10/pkclist.c:61
+msgid "No reason specified"
+msgstr "P�hjus puudub"
+
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "V�ti on asendatud"
+
+#: g10/pkclist.c:65
+msgid "Key has been compromised"
+msgstr "V�ti on kompromiteeritud"
+
+#: g10/pkclist.c:67
+msgid "Key is no longer used"
+msgstr "V�ti ei ole enam kasutusel"
+
+#: g10/pkclist.c:69
+msgid "User ID is no longer valid"
+msgstr "Kasutaja ID ei ole enam kehtiv"
+
+#: g10/pkclist.c:73
+msgid "Reason for revocation: "
+msgstr "T�histamise p�hjus: "
+
+#: g10/pkclist.c:90
+msgid "Revocation comment: "
+msgstr "T�histamise kommentaar: "
+
+#. a string with valid answers
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iItTvVjJ"
+
+#: g10/pkclist.c:258
+#, c-format
+msgid ""
+"No trust value assigned to:\n"
+"%4u%c/%08lX %s \""
+msgstr ""
+"Usalduse v��rtus puudub:\n"
+"%4u%c/%08lX %s \""
+
+#: g10/pkclist.c:270
+msgid ""
+"Please decide how far you trust this user to correctly\n"
+"verify other users' keys (by looking at passports,\n"
+"checking fingerprints from different sources...)?\n"
+"\n"
+msgstr ""
+"Palun otsustage, kuiv�rd te usaldate seda kasutajat\n"
+"teiste kasutajate v�tmete kontrollimisel (kontrollige\n"
+"passe, kontrollige erinevatest allikatest n�puj�lgi...)?\n"
+"\n"
+
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = Ei tea\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = EI usalda\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = Usaldan v�hesel m��ral\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = Usaldan t�iesti\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = Usaldan absoluutselt\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = esita palun t�iendavat infot\n"
+
+#: g10/pkclist.c:281
+msgid " m = back to the main menu\n"
+msgstr " t = tagasi p�himen��sse\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " j = j�ta see v�ti vahele\n"
+
+#: g10/pkclist.c:285
+msgid " q = quit\n"
+msgstr " v = v�lju\n"
+
+#: g10/pkclist.c:292
+msgid "Your decision? "
+msgstr "Teie otsus? "
+
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Kas te t�esti soovite seda v�tit absoluutselt usaldada? "
+
+#: g10/pkclist.c:325
+msgid "Certificates leading to an ultimately trusted key:\n"
+msgstr "Sertifikaadid t�iesti usaldatava v�tmeni:\n"
+
+#: g10/pkclist.c:399
+#, c-format
+msgid "key %08lX: key has been revoked!\n"
+msgstr "v�ti %08lX: v�ti on t�histatud!\n"
+
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
+msgid "Use this key anyway? "
+msgstr "Kasutan seda v�tit ikka? "
+
+#: g10/pkclist.c:411
+#, c-format
+msgid "key %08lX: subkey has been revoked!\n"
+msgstr "v�ti %08lX: alamv�ti on t�histatud!\n"
+
+#: g10/pkclist.c:432
+#, c-format
+msgid "%08lX: key has expired\n"
+msgstr "%08lX: v�ti on aegunud\n"
+
+#: g10/pkclist.c:442
+#, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr "%08lX: Ei ole midagi, mis n�itaks, et see v�ti kuulub omanikule\n"
+
+#: g10/pkclist.c:448
+#, c-format
+msgid "%08lX: We do NOT trust this key\n"
+msgstr "%08lX: Me EI usalda seda v�tit\n"
+
+#: g10/pkclist.c:454
+#, c-format
+msgid ""
+"%08lX: It is not sure that this key really belongs to the owner\n"
+"but it is accepted anyway\n"
+msgstr ""
+"%08lX: Ei ole kindel, et see v�ti t�esti kuulub omanikule,\n"
+"aktsepteerime seda siiski\n"
+
+#: g10/pkclist.c:460
+msgid "This key probably belongs to the owner\n"
+msgstr "See v�ti kuulub t�en�oliselt omanikule\n"
+
+#: g10/pkclist.c:465
+msgid "This key belongs to us\n"
+msgstr "See v�ti kuulub meile\n"
+
+#: g10/pkclist.c:507
+msgid ""
+"It is NOT certain that the key belongs to its owner.\n"
+"If you *really* know what you are doing, you may answer\n"
+"the next question with yes\n"
+"\n"
+msgstr ""
+"EI ole kindel, et see v�ti kuulub tema omanikule.\n"
+"Kui te *t�esti* teate, mida te teete, v�ite j�rgnevale\n"
+"k�simusele vastata jaatavalt\n"
+"\n"
+
+#: g10/pkclist.c:521 g10/pkclist.c:543
+msgid "WARNING: Using untrusted key!\n"
+msgstr "HOIATUS: Kasutan mitteusaldatavat v�tit!\n"
+
+#: g10/pkclist.c:562
+msgid "WARNING: This key has been revoked by its owner!\n"
+msgstr "HOIATUS: See v�ti on omaniku poolt t�histatud!\n"
+
+#: g10/pkclist.c:563
+msgid "         This could mean that the signature is forgery.\n"
+msgstr "         See v�ib t�hendada, et allkiri on v�ltsing.\n"
+
+#: g10/pkclist.c:569
+msgid "WARNING: This subkey has been revoked by its owner!\n"
+msgstr "HOIATUS: See alamv�ti on omaniku poolt t�histatud!\n"
+
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "M�rkus: See v�ti on blokeeritud.\n"
+
+#: g10/pkclist.c:579
+msgid "Note: This key has expired!\n"
+msgstr "M�rkus: See v�ti on aegunud!\n"
+
+#: g10/pkclist.c:590
+msgid "WARNING: This key is not certified with a trusted signature!\n"
+msgstr "HOIATUS: Seda v�tit ei ole sertifitseeritud usaldatava allkirjaga!\n"
+
+#: g10/pkclist.c:592
+msgid ""
+"         There is no indication that the signature belongs to the owner.\n"
+msgstr "         Ei ole midagi, mis n�itaks, et allkiri kuulub omanikule.\n"
+
+#: g10/pkclist.c:600
+msgid "WARNING: We do NOT trust this key!\n"
+msgstr "HOIATUS: Me EI usalda seda v�tit!\n"
+
+#: g10/pkclist.c:601
+msgid "         The signature is probably a FORGERY.\n"
+msgstr "         Allkiri on t�en�oliselt V�LTSING.\n"
+
+#: g10/pkclist.c:609
+msgid ""
+"WARNING: This key is not certified with sufficiently trusted signatures!\n"
+msgstr ""
+"HOIATUS: Seda v�tit ei ole sertifitseeritud piisavalt usaldatava "
+"allkirjaga!\n"
+
+#: g10/pkclist.c:611
+msgid "         It is not certain that the signature belongs to the owner.\n"
+msgstr "         Ei ole kindel, et allkiri kuulub omanikule.\n"
+
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
+#, c-format
+msgid "%s: skipped: %s\n"
+msgstr "%s: j�tsin vahele: %s\n"
+
+#: g10/pkclist.c:723 g10/pkclist.c:911
+#, c-format
+msgid "%s: skipped: public key already present\n"
+msgstr "%s: j�tsin vahele: avalik v�ti on juba olemas\n"
+
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr "Te ei m��ranud kasutaja IDd. (v�ite kasutada v�tit \"-r\")\n"
+
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
+"\n"
+"Sisestage kasutaja ID.  L�petage t�hja reaga: "
+
+#: g10/pkclist.c:776
+msgid "No such user ID.\n"
+msgstr "Tundmatu kasutaja ID.\n"
+
+#: g10/pkclist.c:781 g10/pkclist.c:857
+msgid "skipped: public key already set as default recipient\n"
+msgstr "j�tsin vahele: avalik v�ti on juba vaikimisi saaja\n"
+
+#: g10/pkclist.c:799
+msgid "Public key is disabled.\n"
+msgstr "Avalik v�ti on blokeeritud.\n"
+
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "j�tsin vahele: avalik v�ti on juba olemas\n"
+
+#: g10/pkclist.c:849
+#, c-format
+msgid "unknown default recipient `%s'\n"
+msgstr "tundmatu vaikimisi saaja `%s'\n"
+
+#: g10/pkclist.c:893
+#, c-format
+msgid "%s: skipped: public key is disabled\n"
+msgstr "%s: j�tsin vahele: avalik v�ti on blokeeritud\n"
+
+#: g10/pkclist.c:943
+msgid "no valid addressees\n"
+msgstr "kehtivaid aadresse pole\n"
+
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "eelistus %c%lu ei ole lubatud\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "eelistus %c%lu on duplikaat\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "liiga palju `%c' eelistusi\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "lubamatu s�mbol eelistuste s�nes\n"
+
+#: g10/keygen.c:399
+msgid "writing self signature\n"
+msgstr "kirjutan iseenda allkirja\n"
+
+#: g10/keygen.c:443
+msgid "writing key binding signature\n"
+msgstr "kirjutan v�tit siduva allkirja\n"
+
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
+msgid "keysize invalid; using %u bits\n"
+msgstr "vigane v�tme suurus; kasutan %u bitti\n"
+
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
+msgid "keysize rounded up to %u bits\n"
+msgstr "v�tme suurus �mardatud �les %u bitini\n"
+
+#: g10/keygen.c:777
+msgid "Please select what kind of key you want:\n"
+msgstr "Palun valige, millist v�tmet��pi te soovite:\n"
+
+#: g10/keygen.c:779
+#, c-format
+msgid "   (%d) DSA and ElGamal (default)\n"
+msgstr "   (%d) DSA ja ElGamal (vaikimisi)\n"
+
+#: g10/keygen.c:780
+#, c-format
+msgid "   (%d) DSA (sign only)\n"
+msgstr "   (%d) DSA (ainult allkirjastamiseks)\n"
+
+#: g10/keygen.c:782
+#, c-format
+msgid "   (%d) ElGamal (encrypt only)\n"
+msgstr "   (%d) ElGamal (ainult kr�ptimiseks)\n"
+
+#: g10/keygen.c:783
+#, c-format
+msgid "   (%d) ElGamal (sign and encrypt)\n"
+msgstr "   (%d) ElGamal (allkirjastamiseks ja kr�ptimiseks)\n"
+
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (ainult allkirjastamiseks)\n"
+
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (ainult kr�pteerimiseks)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
+msgid "Your selection? "
+msgstr "Teie valik? "
+
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "Selle algoritmi kasutamine ei ole soovitatav - loon ikkagi? "
+
+#: g10/keyedit.c:529 g10/keygen.c:823
+msgid "Invalid selection.\n"
+msgstr "Vigane valik.\n"
+
+#: g10/keygen.c:836
+#, c-format
+msgid ""
+"About to generate a new %s keypair.\n"
+"              minimum keysize is  768 bits\n"
+"              default keysize is 1024 bits\n"
+"    highest suggested keysize is 2048 bits\n"
+msgstr ""
+"Enne uue %s v�tmepaari genereerimist.\n"
+"           minimaalne v�tmepikkus on  768 bitti\n"
+"            vaikimisi v�tmepikkus on 1024 bitti\n"
+"    suurim soovitatav v�tmepikkus on 2048 bitti\n"
+
+#: g10/keygen.c:845
+msgid "What keysize do you want? (1024) "
+msgstr "Millist v�tmepikkust te soovite? (1024) "
+
+#: g10/keygen.c:850
+msgid "DSA only allows keysizes from 512 to 1024\n"
+msgstr "DSA lubab v�tmepikkuseid ainult vahemikus 512 kuni 1024\n"
+
+#: g10/keygen.c:852
+msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr "v�tmepikkus on liiga v�ike; RSA korral on v�ikseim v��rtus 1024.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr "v�tmepikkus on liiga v�ike; v�ikseim lubatud v��rtus on 768.\n"
+
+#. It is ridiculous and an annoyance to use larger key sizes!
+#. * GnuPG can handle much larger sizes; but it takes an eternity
+#. * to create such a key (but less than the time the Sirius
+#. * Computer Corporation needs to process one of the usual
+#. * complaints) and {de,en}cryption although needs some time.
+#. * So, before you complain about this limitation, I suggest that
+#. * you start a discussion with Marvin about this theme and then
+#. * do whatever you want.
+#: g10/keygen.c:866
+#, c-format
+msgid "keysize too large; %d is largest value allowed.\n"
+msgstr "v�tmepikkus on liiga suur; suurim lubatud v��rtus on %d.\n"
+
+#: g10/keygen.c:871
+msgid ""
+"Keysizes larger than 2048 are not suggested because\n"
+"computations take REALLY long!\n"
+msgstr ""
+"Suuremad v�tmepikkused kui 2048 ei ole soovitatavad, kuna\n"
+"arvutused v�tavad V�GA palju aega!\n"
+
+#: g10/keygen.c:874
+msgid "Are you sure that you want this keysize? "
+msgstr "Olete kindel, et soovite sellist v�tmepikkust? "
+
+#: g10/keygen.c:875
+msgid ""
+"Okay, but keep in mind that your monitor and keyboard radiation is also very "
+"vulnerable to attacks!\n"
+msgstr ""
+"Olgu, kuid pidage meeles, et ka teie monitor ja klaviatuur on samuti\n"
+"v�imalikud r�ndeobjektid!\n"
+
+#: g10/keygen.c:884
+#, c-format
+msgid "Requested keysize is %u bits\n"
+msgstr "Soovitud v�tmepikkus on %u bitti\n"
+
+#: g10/keygen.c:887 g10/keygen.c:891
+#, c-format
+msgid "rounded up to %u bits\n"
+msgstr "�mardatud �les %u bitini\n"
+
+#: g10/keygen.c:942
+msgid ""
+"Please specify how long the key should be valid.\n"
+"         0 = key does not expire\n"
+"      <n>  = key expires in n days\n"
+"      <n>w = key expires in n weeks\n"
+"      <n>m = key expires in n months\n"
+"      <n>y = key expires in n years\n"
+msgstr ""
+"Palun m��rake, kui kaua on v�ti kehtiv.\n"
+"         0 = v�ti ei aegu\n"
+"      <n>  = v�ti aegub n p�evaga\n"
+"      <n>w = v�ti aegub n n�dalaga\n"
+"      <n>m = v�ti aegub n kuuga\n"
+"      <n>y = v�ti aegub n aastaga\n"
+
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Palun m��rake, kui kaua allkiri kehtib.\n"
+"         0 = allkiri ei aegu\n"
+"      <n>  = allkiri aegub n p�evaga\n"
+"      <n>w = allkiri aegub n n�dalaga\n"
+"      <n>m = allkiri aegub n kuuga\n"
+"      <n>y = allkiri aegub n aastaga\n"
+
+#: g10/keygen.c:973
+msgid "Key is valid for? (0) "
+msgstr "V�ti on kehtiv kuni? (0) "
+
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "Allkiri on kehtiv kuni? (0) "
+
+#: g10/keygen.c:980
+msgid "invalid value\n"
+msgstr "vigane v��rtus\n"
+
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s ei aegu kunagi\n"
+
+#. print the date when the key expires
+#: g10/keygen.c:992
+#, c-format
+msgid "%s expires at %s\n"
+msgstr "%s aegub %s\n"
+
+#: g10/keygen.c:998
+msgid ""
+"Your system can't display dates beyond 2038.\n"
+"However, it will be correctly handled up to 2106.\n"
+msgstr ""
+"Teie s�steem ei saa esitada kuup�evi peale aastat 2038.\n"
+"Siiski k�sitletakse neid korrektselt aastani 2106.\n"
+
+#: g10/keygen.c:1003
+msgid "Is this correct (y/n)? "
+msgstr "On see �ige (j/e)? "
+
+#: g10/keygen.c:1046
+msgid ""
+"\n"
+"You need a User-ID to identify your key; the software constructs the user "
+"id\n"
+"from Real Name, Comment and Email Address in this form:\n"
+"    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
+"\n"
+msgstr ""
+"\n"
+"V�tme identifitseerimiseks on vaja m��rata kasutaja; tarkvara konstrueerib\n"
+"kasutaja id kasutades p�risnime, kommentaari ja e-posti aadressi kujul:\n"
+"    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
+"\n"
+
+#: g10/keygen.c:1058
+msgid "Real name: "
+msgstr "P�risnimi: "
+
+#: g10/keygen.c:1066
+msgid "Invalid character in name\n"
+msgstr "Lubamatu s�mbol nimes\n"
+
+#: g10/keygen.c:1068
+msgid "Name may not start with a digit\n"
+msgstr "Nimi ei v�i alata numbriga\n"
+
+#: g10/keygen.c:1070
+msgid "Name must be at least 5 characters long\n"
+msgstr "Nimes peab olema v�hemalt 5 s�mbolit\n"
+
+#: g10/keygen.c:1078
+msgid "Email address: "
+msgstr "E-posti aadress: "
+
+#: g10/keygen.c:1089
+msgid "Not a valid email address\n"
+msgstr "Selline e-posti aadress ei ole lubatud\n"
+
+#: g10/keygen.c:1097
+msgid "Comment: "
+msgstr "Kommentaar: "
+
+#: g10/keygen.c:1103
+msgid "Invalid character in comment\n"
+msgstr "Lubamatu s�mbol kommentaaris\n"
+
+#: g10/keygen.c:1126
+#, c-format
+msgid "You are using the `%s' character set.\n"
+msgstr "Te kasutate kooditabelit `%s'.\n"
+
+#: g10/keygen.c:1132
+#, c-format
+msgid ""
+"You selected this USER-ID:\n"
+"    \"%s\"\n"
+"\n"
+msgstr ""
+"Te valisite selle KASUTAJA-ID:\n"
+"    \"%s\"\n"
+"\n"
+
+#: g10/keygen.c:1136
+msgid "Please don't put the email address into the real name or the comment\n"
+msgstr "�rge palun kirjutage e-posti aadressi p�risnimesse ega kommentaari\n"
+
+#: g10/keygen.c:1141
+msgid "NnCcEeOoQq"
+msgstr "NnKkEeOoVv"
+
+#: g10/keygen.c:1151
+msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
+msgstr "Muuda (N)ime, (K)ommentaari, (E)posti v�i (V)�lju? "
+
+#: g10/keygen.c:1152
+msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
+msgstr "Muuda (N)ime, (K)ommentaari, (E)posti v�i (O)k/(V)�lju? "
+
+#: g10/keygen.c:1171
+msgid "Please correct the error first\n"
+msgstr "Palun parandage k�igepealt viga\n"
+
+#: g10/keygen.c:1210
+msgid ""
+"You need a Passphrase to protect your secret key.\n"
+"\n"
+msgstr ""
+"Te vajate oma salajase v�tme kaitsmiseks parooli.\n"
+"\n"
+
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "parooli ei korratud �ieti; proovige uuesti"
+
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"I will do it anyway.  You can change your passphrase at any time,\n"
+"using this program with the option \"--edit-key\".\n"
+"\n"
+msgstr ""
+"Te ei soovi parooli - see on t�en�oliselt *halb* idee!\n"
+"Ma siiski t�idan teie soovi. Te saate oma parooli alati muuta,\n"
+"kasutades seda programmi v�tmega \"--edit-key\".\n"
+"\n"
+
+#: g10/keygen.c:1246
+msgid ""
+"We need to generate a lot of random bytes. It is a good idea to perform\n"
+"some other action (type on the keyboard, move the mouse, utilize the\n"
+"disks) during the prime generation; this gives the random number\n"
+"generator a better chance to gain enough entropy.\n"
+msgstr ""
+"Me peame genereerima palju juhuslikke baite. Praegu oleks hea teostada\n"
+"arvutil mingeid teisi tegevusi (kirjutada klaviatuuril, liigutada hiirt,\n"
+"kasutada kettaid jne), see annaks juhuarvude generaatorile v�imaluse\n"
+"koguda paremat entroopiat.\n"
+
+#: g10/keygen.c:1741
+msgid "DSA keypair will have 1024 bits.\n"
+msgstr "DSA v�tmepaari pikkuseks saab 1024 bitti.\n"
+
+#: g10/keygen.c:1795
+msgid "Key generation canceled.\n"
+msgstr "V�tme genereerimine katkestati.\n"
+
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
+msgid "writing public key to `%s'\n"
+msgstr "kirjutan avaliku v�tme faili `%s'\n"
+
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
+msgid "writing secret key to `%s'\n"
+msgstr "kirjutan salajase v�tme faili `%s'\n"
+
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "kirjutatavat avalike v�tmete hoidlat pole: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "kirjutatavat salajaste v�tmete hoidlat pole: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "viga avaliku v�tme v�tmehoidlasse `%s' kirjutamisel: %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "viga salajase v�tme v�tmehoidlasse `%s' kirjutamisel: %s\n"
+
+#: g10/keygen.c:1999
+msgid "public and secret key created and signed.\n"
+msgstr "avalik ja salajane v�ti on loodud ja allkirjastatud.\n"
+
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "v�ti on m�rgitud abslouutselt usaldatuks.\n"
+
+#: g10/keygen.c:2011
+msgid ""
+"Note that this key cannot be used for encryption.  You may want to use\n"
+"the command \"--edit-key\" to generate a secondary key for this purpose.\n"
+msgstr ""
+"Pidage silmas, et seda v�tit ei saa kasutada kr�ptimiseks. \n"
+"Kr�ptimiseks tuleb genereerida teine v�ti, seda saate teha\n"
+"kasutades v�tit \"--edit-key\".\n"
+
+#: g10/keygen.c:2023 g10/keygen.c:2131
+#, c-format
+msgid "Key generation failed: %s\n"
+msgstr "V�tme genereerimine eba�nnestus: %s\n"
+
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
+#, c-format
+msgid ""
+"key has been created %lu second in future (time warp or clock problem)\n"
+msgstr "v�ti loodi %lu sekund tulevikus (ajah�pe v�i kella probleem)\n"
+
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
+#, c-format
+msgid ""
+"key has been created %lu seconds in future (time warp or clock problem)\n"
+msgstr "v�ti loodi %lu sekundit tulevikus (ajah�pe v�i kella probleem)\n"
+
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "M�RKUS: v3 v�tmetele alamv�tmete loomine ei ole OpenPGP �hilduv\n"
+
+#: g10/keygen.c:2107
+msgid "Really create? "
+msgstr "Loon t�esti? "
+
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "v�ti --output ei t��ta selle k�suga\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' on juba pakitud\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
+#, c-format
+msgid "%s: can't open: %s\n"
+msgstr "%s: ei �nnestu avada: %s\n"
+
+#: g10/encode.c:122 g10/sign.c:959
+#, c-format
+msgid "error creating passphrase: %s\n"
+msgstr "viga parooli loomisel: %s\n"
+
+#: g10/encode.c:185 g10/encode.c:383
+#, c-format
+msgid "%s: WARNING: empty file\n"
+msgstr "%s: HOIATUS: t�hi fail\n"
+
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"RSA v�tmeid pikkusega kuni 2048 bitti saab kr�pteerida ainult --pgp2 moodis\n"
+
+#: g10/encode.c:313
+#, c-format
+msgid "reading from `%s'\n"
+msgstr "loen failist `%s'\n"
+
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr "k�ikide kr�pteeritavate v�tmetega ei saa IDEA �iffrit kasutada.\n"
+
+#: g10/encode.c:563
+#, c-format
+msgid "%s/%s encrypted for: %s\n"
+msgstr "%s/%s kr�ptitud kasutajale: %s\n"
+
+#: g10/delkey.c:69 g10/export.c:141
+#, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "v�tit '%s' ei leitud: %s\n"
+
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "viga v�tmebloki lugemisel: %s\n"
+
+#: g10/export.c:169
+#, c-format
+msgid "key %08lX: not a rfc2440 key - skipped\n"
+msgstr "v�ti %08lX: ei ole rfc2440 v�ti - j�tsin vahele\n"
+
+#: g10/export.c:180
+#, c-format
+msgid "key %08lX: not protected - skipped\n"
+msgstr "v�ti %08lX: ei ole kaitstud - j�tsin vahele\n"
+
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "v�ti %08lX: PGP 2.x stiilis v�ti - j�tsin vahele\n"
+
+#: g10/export.c:255
+msgid "WARNING: nothing exported\n"
+msgstr "HOIATUS: midagi ei eksporditud\n"
+
+#: g10/getkey.c:151
+msgid "too many entries in pk cache - disabled\n"
+msgstr "avalike v�tmete puhvris on liiga palju v�tmeid - blokeerin\n"
+
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[Kasutaja id puudub]"
+
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+"Vigane v�ti %08lX muudeti kehtivaks v�tme --allow-non-selfsigned-uid "
+"kasutamisega\n"
+
+#: g10/getkey.c:1989
+#, c-format
+msgid "using secondary key %08lX instead of primary key %08lX\n"
+msgstr "kasutan sekundaarset v�tit %08lX primaarse v�tme %08lX asemel\n"
+
+#: g10/getkey.c:2036
+#, c-format
+msgid "key %08lX: secret key without public key - skipped\n"
+msgstr "v�ti %08lX: salajane v�ti avaliku v�tmeta - j�tsin vahele\n"
+
+#: g10/import.c:206
+#, c-format
+msgid "skipping block of type %d\n"
+msgstr "j�tan bloki t��biga %d vahele\n"
+
+#: g10/import.c:213
+#, c-format
+msgid "%lu keys so far processed\n"
+msgstr "%lu v�tit on seni t��deldud\n"
+
+#: g10/import.c:218
+#, c-format
+msgid "error reading `%s': %s\n"
+msgstr "viga `%s' lugemisel: %s\n"
+
+#: g10/import.c:230
+#, c-format
+msgid "Total number processed: %lu\n"
+msgstr "T��deldud kokku: %lu\n"
+
+#: g10/import.c:232
+#, c-format
+msgid "      skipped new keys: %lu\n"
+msgstr " vahele j�etud uusi v�tmeid: %lu\n"
+
+#: g10/import.c:235
+#, c-format
+msgid "          w/o user IDs: %lu\n"
+msgstr "    puudub kasutaja ID: %lu\n"
+
+#: g10/import.c:237
+#, c-format
+msgid "              imported: %lu"
+msgstr "            imporditud: %lu"
+
+#: g10/import.c:243
+#, c-format
+msgid "             unchanged: %lu\n"
+msgstr "              muutmata: %lu\n"
+
+#: g10/import.c:245
+#, c-format
+msgid "          new user IDs: %lu\n"
+msgstr "       uusi kasutajaid: %lu\n"
+
+#: g10/import.c:247
+#, c-format
+msgid "           new subkeys: %lu\n"
+msgstr "      uusi alamv�tmeid: %lu\n"
+
+#: g10/import.c:249
+#, c-format
+msgid "        new signatures: %lu\n"
+msgstr "         uusi allkirju: %lu\n"
+
+#: g10/import.c:251
+#, c-format
+msgid "   new key revocations: %lu\n"
+msgstr "      uusi t�histamisi: %lu\n"
+
+#: g10/import.c:253
+#, c-format
+msgid "      secret keys read: %lu\n"
+msgstr " loetud salajasi v�tmeid: %lu\n"
+
+#: g10/import.c:255
+#, c-format
+msgid "  secret keys imported: %lu\n"
+msgstr " salajasi v�tmeid imporditud: %lu\n"
+
+#: g10/import.c:257
+#, c-format
+msgid " secret keys unchanged: %lu\n"
+msgstr " muutmata salajasi v�tmeid: %lu\n"
+
+#: g10/import.c:438 g10/import.c:657
+#, c-format
+msgid "key %08lX: no user ID\n"
+msgstr "v�ti %08lX: kasutaja ID puudub\n"
+
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr ""
+"v�ti %08lX: aktsepteerisin iseenda poolt allakirjutamata kasutaja ID '%s'\n"
+
+#: g10/import.c:462
+#, c-format
+msgid "key %08lX: no valid user IDs\n"
+msgstr "v�ti %08lX: puudub kehtiv kasutaja ID\n"
+
+#: g10/import.c:464
+msgid "this may be caused by a missing self-signature\n"
+msgstr "see v�ib olla p�hjustatud puuduvast iseenda allkirjast\n"
+
+#: g10/import.c:474 g10/import.c:726
+#, c-format
+msgid "key %08lX: public key not found: %s\n"
+msgstr "v�ti %08lX: avalikku v�tit ei leitud: %s\n"
+
+#: g10/import.c:479
+#, c-format
+msgid "key %08lX: new key - skipped\n"
+msgstr "v�ti %08lX: uus v�ti - j�tsin vahele\n"
+
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "ei leia kirjutatavat v�tmehoidlat: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
+#, c-format
+msgid "writing to `%s'\n"
+msgstr "kirjutan faili `%s'\n"
+
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
+msgstr "viga v�tmehoidlasse `%s' kirjutamisel: %s\n"
+
+#: g10/import.c:505
+#, c-format
+msgid "key %08lX: public key imported\n"
+msgstr "v�ti %08lX: avalik v�ti on imporditud\n"
+
+#: g10/import.c:524
+#, c-format
+msgid "key %08lX: doesn't match our copy\n"
+msgstr "v�ti %08lX: ei sobi meie koopiaga\n"
+
+#: g10/import.c:542 g10/import.c:743
+#, c-format
+msgid "key %08lX: can't locate original keyblock: %s\n"
+msgstr "v�ti %08lX: ei leia algset v�tmeblokki: %s\n"
+
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "v�ti %08lX: ei �nnestu lugeda algset v�tmeblokki: %s\n"
+
+#: g10/import.c:579
+#, c-format
+msgid "key %08lX: 1 new user ID\n"
+msgstr "v�ti %08lX: 1 uus kasutaja ID\n"
+
+#: g10/import.c:582
+#, c-format
+msgid "key %08lX: %d new user IDs\n"
+msgstr "v�ti %08lX: %d uut kasutaja IDd\n"
+
+#: g10/import.c:585
+#, c-format
+msgid "key %08lX: 1 new signature\n"
+msgstr "v�ti %08lX: 1 uus allkiri\n"
+
+#: g10/import.c:588
+#, c-format
+msgid "key %08lX: %d new signatures\n"
+msgstr "v�ti %08lX: %d uut allkirja\n"
+
+#: g10/import.c:591
+#, c-format
+msgid "key %08lX: 1 new subkey\n"
+msgstr "v�ti %08lX: 1 uus alamv�ti\n"
+
+#: g10/import.c:594
+#, c-format
+msgid "key %08lX: %d new subkeys\n"
+msgstr "v�ti %08lX: %d uut alamv�tit\n"
+
+#: g10/import.c:604
+#, c-format
+msgid "key %08lX: not changed\n"
+msgstr "v�ti %08lX: ei muudetud\n"
+
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "puudub salajaste v�tmete vaikimisi v�tmehoidla: %s\n"
+
+#: g10/import.c:682
+#, c-format
+msgid "key %08lX: secret key imported\n"
+msgstr "v�ti %08lX: salajane v�ti on imporditud\n"
+
+#. we can't merge secret keys
+#: g10/import.c:686
+#, c-format
+msgid "key %08lX: already in secret keyring\n"
+msgstr "v�ti %08lX: on juba salajaste v�tmete hoidlas\n"
+
+#: g10/import.c:691
+#, c-format
+msgid "key %08lX: secret key not found: %s\n"
+msgstr "v�ti %08lX: salajast v�tit ei leitud: %s\n"
+
+#: g10/import.c:720
+#, c-format
+msgid "key %08lX: no public key - can't apply revocation certificate\n"
+msgstr ""
+"v�ti %08lX: avalik v�ti puudub - t�histamise sertifikaati ei saa rakendada\n"
+
+#: g10/import.c:760
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
+msgstr "v�ti %08lX: vigane t�histamise sertifikaat: %s - l�kkasin tagasi\n"
+
+#: g10/import.c:791
+#, c-format
+msgid "key %08lX: revocation certificate imported\n"
+msgstr "v�ti %08lX: t�histamise sertifikaat imporditud\n"
+
+#: g10/import.c:826
+#, c-format
+msgid "key %08lX: no user ID for signature\n"
+msgstr "v�ti %08lX: allkirjal puudub kasutaja ID\n"
+
+#: g10/import.c:839
+#, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr "v�ti %08lX: mittetoetatud avaliku v�tme algoritm kasutajaga \"%s\"\n"
+
+#: g10/import.c:841
+#, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "v�ti %08lX: kasutajal \"%s\" on vigane iseenda allkiri\n"
+
+#: g10/import.c:858
+#, c-format
+msgid "key %08lX: no subkey for key binding\n"
+msgstr "v�ti %08lX: v�tmeseosel puudub alamv�ti\n"
+
+#: g10/import.c:868
+#, c-format
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "v�ti %08lX: mittetoetatud avaliku v�tme algoritm\n"
+
+#: g10/import.c:869
+#, c-format
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "v�ti %08lX: vigane alamv�tme seos\n"
+
+#: g10/import.c:899
+#, c-format
+msgid "key %08lX: skipped user ID '"
+msgstr "v�ti %08lX: j�tsin vahele kasutaja ID '"
+
+#: g10/import.c:922
+#, c-format
+msgid "key %08lX: skipped subkey\n"
+msgstr "v�ti %08lX: j�tsin alamv�tme vahele\n"
+
+#. here we violate the rfc a bit by still allowing
+#. * to import non-exportable signature when we have the
+#. * the secret key used to create this signature - it
+#. * seems that this makes sense
+#: g10/import.c:945
+#, c-format
+msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
+msgstr "v�ti %08lX: mitte eksporditav allkiri (klass %02x) - j�tan vahele\n"
+
+#: g10/import.c:954
+#, c-format
+msgid "key %08lX: revocation certificate at wrong place - skipped\n"
+msgstr "v�ti %08lX: t�histamise sertifikaat on vales kohas - j�tan vahele\n"
+
+#: g10/import.c:971
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
+msgstr "v�ti %08lX: vigane t�histamise sertifikaat: %s - j�tan vahele\n"
+
+#: g10/import.c:1072
+#, c-format
+msgid "key %08lX: duplicated user ID detected - merged\n"
+msgstr "v�ti %08lX: tuvastasin dubleeritud kasutaja ID - mestisin\n"
+
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+"Hoiatus: v�ti %08lX v�ib olla t�histatud: laen t�histamise v�tit %08lX\n"
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+"Hoiatus: v�ti %08lX v�ib olla t�histatud: t�histamise v�tit %08lX pole.\n"
+
+#: g10/import.c:1201
+#, c-format
+msgid "key %08lX: revocation certificate added\n"
+msgstr "v�ti %08lX: t�histamise sertifikaat lisatud\n"
+
+#: g10/import.c:1231
+#, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "v�ti %08lX: lisatud vahetu v�tme allkiri\n"
+
+#: g10/keyedit.c:142
+msgid "[revocation]"
+msgstr "[t�histamine]"
+
+#: g10/keyedit.c:143
+msgid "[self-signature]"
+msgstr "[iseenda allkiri]"
+
+#: g10/keyedit.c:214 g10/keylist.c:139
+msgid "1 bad signature\n"
+msgstr "1 halb allkiri\n"
+
+#: g10/keyedit.c:216 g10/keylist.c:141
+#, c-format
+msgid "%d bad signatures\n"
+msgstr "%d halba allkirja\n"
+
+#: g10/keyedit.c:218 g10/keylist.c:143
+msgid "1 signature not checked due to a missing key\n"
+msgstr "1 allkiri j�i testimata, kuna v�ti puudub\n"
+
+#: g10/keyedit.c:220 g10/keylist.c:145
+#, c-format
+msgid "%d signatures not checked due to missing keys\n"
+msgstr "%d allkirja j�i testimata, kuna v�tmed puuduvad\n"
+
+#: g10/keyedit.c:222 g10/keylist.c:147
+msgid "1 signature not checked due to an error\n"
+msgstr "1 allkiri j�i vea t�ttu kontrollimata\n"
+
+#: g10/keyedit.c:224 g10/keylist.c:149
+#, c-format
+msgid "%d signatures not checked due to errors\n"
+msgstr "%d allkirja j�i vigade t�ttu kontrollimata\n"
+
+#: g10/keyedit.c:226
+msgid "1 user ID without valid self-signature detected\n"
+msgstr "tuvastasin �he kehtiva iseenda allkirjata kasutaja ID\n"
+
+#: g10/keyedit.c:228
+#, c-format
+msgid "%d user IDs without valid self-signatures detected\n"
+msgstr "tuvastasin %d kehtiva iseenda allkirjata kasutaja IDd\n"
+
+#: g10/keyedit.c:335
+#, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "Kasutaja ID \"%s\" on t�histatud."
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Olete kindel, et soovite seda ikka allkirjastada? (j/e) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr "  Ei saa allkirjastada.\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"Teie praegune allkiri \"%s\"\n"
+"on lokaalne allkiri.\n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+"Kas te soovite seda edutada t�ielikuks eksporditavaks allkirjaks? (j/E) "
+
+#: g10/keyedit.c:388
+#, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" on juba lokaalselt allkirjastatud v�tmega %08lX\n"
+
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" on juba allkirjastatud v�tmega %08lX\n"
+
+#: g10/keyedit.c:405
+#, c-format
+msgid "Nothing to sign with key %08lX\n"
+msgstr "V�tmega %08lX pole midagi allkirjastada\n"
+
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "See v�ti on aegunud!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "See v�ti aegub %s.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "Soovite, et teie allkiri aeguks samal ajal? (J/e) "
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr "--pgp2 moodis ei saa PGP 2.x v�tmele OpenPGP allkirja anda.\n"
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "See muudab v�tme PGP 2.x programmidega mitte-kasutatavaks.\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Kui hoolikalt te olete kontrollinud et v�ti, mida te asute allkirjastama,\n"
+"kuulub ka tegelikult �lal mainitud isikule? Kui te ei tea, mida vastata,\n"
+"sisestage \"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Ma ei vasta.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) Ma ei ole �ldse kontrollinud.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) Ma olen teinud pealiskaudset kontrolli.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) Ma olen kontrollinud v�ga hoolikalt.%s\n"
+
+#: g10/keyedit.c:535
+msgid ""
+"Are you really sure that you want to sign this key\n"
+"with your key: \""
+msgstr ""
+"Olete t�esti kindel, et soovite seda v�tit oma\n"
+"v�tmega allkirjastada: \""
+
+#: g10/keyedit.c:544
+msgid ""
+"\n"
+"The signature will be marked as non-exportable.\n"
+msgstr ""
+"\n"
+"Allkiri m�rgitakse mitte-eksporditavaks.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"Allkiri m�rgitakse kehtetuks mitte-tunnistatavaks.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"Ma ei ole seda v�tit �ldse kontrollinud.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"Ma olen seda v�tit kontrollinud ainult pealiskaudselt.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+"\n"
+"Ma olen kontrollinud seda v�tit v�ga hoolikalt.\n"
+
+#: g10/keyedit.c:569
+msgid "Really sign? "
+msgstr "Allkirjastan t�esti? "
+
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
+#, c-format
+msgid "signing failed: %s\n"
+msgstr "allkirjastamine eba�nnestus: %s\n"
+
+#: g10/keyedit.c:658
+msgid "This key is not protected.\n"
+msgstr "See v�ti ei ole kaitstud.\n"
+
+#: g10/keyedit.c:662
+msgid "Secret parts of primary key are not available.\n"
+msgstr "Primaarse v�tme salajased komponendid ei ole k�ttesaadavad.\n"
+
+#: g10/keyedit.c:666
+msgid "Key is protected.\n"
+msgstr "V�ti on kaitstud.\n"
+
+#: g10/keyedit.c:686
+#, c-format
+msgid "Can't edit this key: %s\n"
+msgstr "Seda v�tit ei �nnestu toimetada: %s\n"
+
+#: g10/keyedit.c:692
+msgid ""
+"Enter the new passphrase for this secret key.\n"
+"\n"
+msgstr ""
+"Sisestage sellele salajasele v�tmele uus parool.\n"
+"\n"
+
+#: g10/keyedit.c:706
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"\n"
+msgstr ""
+"Te ei soovi parooli - see on t�en�oliselt *halb* idee!\n"
+"\n"
+
+#: g10/keyedit.c:709
+msgid "Do you really want to do this? "
+msgstr "Kas te t�esti soovite seda teha? "
+
+#: g10/keyedit.c:773
+msgid "moving a key signature to the correct place\n"
+msgstr "t�stan v�tme allkirja �igesse kohta\n"
+
+#: g10/keyedit.c:815
+msgid "quit this menu"
+msgstr "v�lju sellest men��st"
+
+#: g10/keyedit.c:816
+msgid "q"
+msgstr "v"
+
+#: g10/keyedit.c:817
+msgid "save"
+msgstr "save"
+
+#: g10/keyedit.c:817
+msgid "save and quit"
+msgstr "salvesta ja v�lju"
+
+#: g10/keyedit.c:818
+msgid "help"
+msgstr "help"
+
+#: g10/keyedit.c:818
+msgid "show this help"
+msgstr "n�ita seda abiinfot"
+
+#: g10/keyedit.c:820
+msgid "fpr"
+msgstr "fpr"
+
+#: g10/keyedit.c:820
+msgid "show fingerprint"
+msgstr "n�ita s�rmej�lge"
+
+#: g10/keyedit.c:821
+msgid "list"
+msgstr "list"
+
+#: g10/keyedit.c:821
+msgid "list key and user IDs"
+msgstr "n�ita v�tit ja kasutaja IDd"
+
+#: g10/keyedit.c:822
+msgid "l"
+msgstr "l"
+
+#: g10/keyedit.c:823
+msgid "uid"
+msgstr "uid"
+
+#: g10/keyedit.c:823
+msgid "select user ID N"
+msgstr "vali kasutaja ID N"
+
+#: g10/keyedit.c:824
+msgid "key"
+msgstr "key"
+
+#: g10/keyedit.c:824
+msgid "select secondary key N"
+msgstr "vali sekundaarne v�ti N"
+
+#: g10/keyedit.c:825
+msgid "check"
+msgstr "check"
+
+#: g10/keyedit.c:825
+msgid "list signatures"
+msgstr "n�ita allkirju"
+
+#: g10/keyedit.c:826
+msgid "c"
+msgstr "c"
+
+#: g10/keyedit.c:827
+msgid "sign"
+msgstr "sign"
+
+#: g10/keyedit.c:827
+msgid "sign the key"
+msgstr "allkirjasta v�ti"
+
+#: g10/keyedit.c:828
+msgid "s"
+msgstr "s"
+
+#: g10/keyedit.c:829
+msgid "lsign"
+msgstr "lsign"
+
+#: g10/keyedit.c:829
+msgid "sign the key locally"
+msgstr "allkirjasta v�ti lokaalselt"
+
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsign"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "allkirjasta v�ti kehtetuks mitte-tunnistatavana"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsign"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "allkirjasta v�ti lokaalselt ja kehtetuks mitte-tunnistatavana"
+
+#: g10/keyedit.c:832
+msgid "debug"
+msgstr "debug"
+
+#: g10/keyedit.c:833
+msgid "adduid"
+msgstr "adduid"
+
+#: g10/keyedit.c:833
+msgid "add a user ID"
+msgstr "lisa kasutaja ID"
+
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "lisa foto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "lisa foto ID"
+
+#: g10/keyedit.c:835
+msgid "deluid"
+msgstr "deluid"
+
+#: g10/keyedit.c:835
+msgid "delete user ID"
+msgstr "kustuta kasutaja ID"
+
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "delphoto"
+
+#: g10/keyedit.c:838
+msgid "addkey"
+msgstr "addkey"
+
+#: g10/keyedit.c:838
+msgid "add a secondary key"
+msgstr "lisa sekundaarne v�ti"
+
+#: g10/keyedit.c:839
+msgid "delkey"
+msgstr "delkey"
+
+#: g10/keyedit.c:839
+msgid "delete a secondary key"
+msgstr "kustuta sekundaarne v�ti"
+
+#: g10/keyedit.c:840
+msgid "delsig"
+msgstr "delsig"
+
+#: g10/keyedit.c:840
+msgid "delete signatures"
+msgstr "kustuta allkirjad"
+
+#: g10/keyedit.c:841
+msgid "expire"
+msgstr "expire"
+
+#: g10/keyedit.c:841
+msgid "change the expire date"
+msgstr "muuda aegumise kuup�eva"
+
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "primaarne"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "m�rgi kasutaja ID primaarseks"
+
+#: g10/keyedit.c:843
+msgid "toggle"
+msgstr "l�lita"
+
+#: g10/keyedit.c:843
+msgid "toggle between secret and public key listing"
+msgstr "l�lita salajaste v�i avalike v�tmete loendi vahel"
+
+#: g10/keyedit.c:845
+msgid "t"
+msgstr "t"
+
+#: g10/keyedit.c:846
+msgid "pref"
+msgstr "pref"
+
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "n�ita eelistusi (ekspert)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "n�ita eelistusi (detailsena)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "setpref"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "sea eelistuste nimekiri"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "updpref"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "uuendatud eelistused"
+
+#: g10/keyedit.c:850
+msgid "passwd"
+msgstr "passwd"
+
+#: g10/keyedit.c:850
+msgid "change the passphrase"
+msgstr "muuda parooli"
+
+#: g10/keyedit.c:851
+msgid "trust"
+msgstr "trust"
+
+#: g10/keyedit.c:851
+msgid "change the ownertrust"
+msgstr "muuda omaniku usaldust"
+
+#: g10/keyedit.c:852
+msgid "revsig"
+msgstr "revsig"
+
+#: g10/keyedit.c:852
+msgid "revoke signatures"
+msgstr "t�hista allkirjad"
+
+#: g10/keyedit.c:853
+msgid "revkey"
+msgstr "revkey"
+
+#: g10/keyedit.c:853
+msgid "revoke a secondary key"
+msgstr "t�hista sekundaarne v�ti"
+
+#: g10/keyedit.c:854
+msgid "disable"
+msgstr "disable"
+
+#: g10/keyedit.c:854
+msgid "disable a key"
+msgstr "blokeeri v�ti"
+
+#: g10/keyedit.c:855
+msgid "enable"
+msgstr "enable"
+
+#: g10/keyedit.c:855
+msgid "enable a key"
+msgstr "luba v�ti"
+
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "showphoto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "n�ita foto ID"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
+msgid "can't do that in batchmode\n"
+msgstr "seda ei saa teha pakettmoodis\n"
+
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "viga salajase v�tmebloki `%s' lugemisel: %s\n"
+
+#: g10/keyedit.c:931
+msgid "Secret key is available.\n"
+msgstr "Salajane v�ti on kasutatav.\n"
+
+#: g10/keyedit.c:962
+msgid "Command> "
+msgstr "K�sklus> "
+
+#: g10/keyedit.c:994
+msgid "Need the secret key to do this.\n"
+msgstr "Selle tegamiseks on vaja salajast v�tit.\n"
+
+#: g10/keyedit.c:998
+msgid "Please use the command \"toggle\" first.\n"
+msgstr "Palun kasutage k�igepealt k�sku \"toggle\".\n"
+
+#: g10/keyedit.c:1047
+msgid "Key is revoked."
+msgstr "V�ti on t�histatud."
+
+#: g10/keyedit.c:1066
+msgid "Really sign all user IDs? "
+msgstr "Kas allkirjastan t�esti k�ik kasutaja IDd? "
+
+#: g10/keyedit.c:1067
+msgid "Hint: Select the user IDs to sign\n"
+msgstr "Vihje: Valige allkirjastamiseks kasutaja\n"
+
+#: g10/keyedit.c:1092
+#, c-format
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "See k�sklus ei ole %s moodis lubatud.\n"
+
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
+msgid "You must select at least one user ID.\n"
+msgstr "Te peate valima v�hemalt �he kasutaja ID.\n"
+
+#: g10/keyedit.c:1114
+msgid "You can't delete the last user ID!\n"
+msgstr "Viimast kasutaja ID ei saa kustutada!\n"
+
+#: g10/keyedit.c:1117
+msgid "Really remove all selected user IDs? "
+msgstr "Kas kustutan t�esti k�ik kasutaja IDd? "
+
+#: g10/keyedit.c:1118
+msgid "Really remove this user ID? "
+msgstr "Kas eemaldan t�esti selle kasutaja ID? "
+
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
+msgid "You must select at least one key.\n"
+msgstr "Te peata valima v�hemalt �he v�tme.\n"
+
+#: g10/keyedit.c:1160
+msgid "Do you really want to delete the selected keys? "
+msgstr "Kas te t�esti soovite valitud v�tmeid kustutada? "
+
+#: g10/keyedit.c:1161
+msgid "Do you really want to delete this key? "
+msgstr "Kas te t�esti soovite seda v�tit kustutada? "
+
+#: g10/keyedit.c:1182
+msgid "Do you really want to revoke the selected keys? "
+msgstr "Kas te t�esti soovite valitud v�tmeid t�histada? "
+
+#: g10/keyedit.c:1183
+msgid "Do you really want to revoke this key? "
+msgstr "Kas te t�esti soovite seda v�tit t�histada? "
+
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "Kas uuendan t�esti k�ik kasutaja ID-de seaded? "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Kas t�esti uuendan seaded? "
+
+#: g10/keyedit.c:1292
+msgid "Save changes? "
+msgstr "Salvestan muutused? "
+
+#: g10/keyedit.c:1295
+msgid "Quit without saving? "
+msgstr "V�ljun salvestamata? "
+
+#: g10/keyedit.c:1306
+#, c-format
+msgid "update failed: %s\n"
+msgstr "uuendamine eba�nnestus: %s\n"
+
+#: g10/keyedit.c:1313
+#, c-format
+msgid "update secret failed: %s\n"
+msgstr "salajase v�tme uuendamine eba�nnestus: %s\n"
+
+#: g10/keyedit.c:1320
+msgid "Key not changed so no update needed.\n"
+msgstr "V�tit ei muudetud, seega pole uuendamist vaja.\n"
+
+#: g10/keyedit.c:1332
+msgid "Invalid command  (try \"help\")\n"
+msgstr "Vigane k�sklus (proovige \"help\")\n"
+
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "Selle v�tme v�ib olla t�histanud %s v�ti %s%s\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (tundlik)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
+#, c-format
+msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
+msgstr "%s%c %4u%c/%08lX  loodud: %s aegub: %s"
+
+#: g10/keyedit.c:1506
+#, c-format
+msgid " trust: %c/%c"
+msgstr " usaldus: %c/%c"
+
+#: g10/keyedit.c:1510
+msgid "This key has been disabled"
+msgstr "See v�ti on blokeeritud"
+
+#: g10/keyedit.c:1539
+#, c-format
+msgid "rev! subkey has been revoked: %s\n"
+msgstr "rev! alamv�ti on t�histatud: %s\n"
+
+#: g10/keyedit.c:1542
+msgid "rev- faked revocation found\n"
+msgstr "rev- leitud v�ltsitud t�histamine\n"
+
+#: g10/keyedit.c:1544
+#, c-format
+msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? probleem t�histamise kontrollimisel: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+"Tuleb t�hele panna, et kuni te pole programmi uuesti k�ivitanud,ei pruugi "
+"n�idatud v�tme kehtivus olla tingimata korrektne.\n"
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"HOIATUS: Sellel v�tmel on juba foto ID.\n"
+"         J�rgmise foto ID lisamine v�ib tekitada segadusi m�ne PGP\n"
+"         versiooni kasutamisel.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Olete kindel, et soovite seda ikka lisada? (j/E) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "V�tmel v�ib olla ainult �ks foto ID.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"HOIATUS: See on PGP2-stiilis v�ti. Foto ID lisamine v�ib sundida m�ningaid\n"
+"         PGP versioone seda v�tit tagasi l�kkama.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "Foto IDd ei saa PGP2 v�tmele lisada.\n"
+
+#: g10/keyedit.c:1832
+msgid "Delete this good signature? (y/N/q)"
+msgstr "Kustutan selle korrektse allkirja? (j/E/v)"
+
+#: g10/keyedit.c:1842
+msgid "Delete this invalid signature? (y/N/q)"
+msgstr "Kustutan selle vigase allkirja? (j/E/v)"
+
+#: g10/keyedit.c:1846
+msgid "Delete this unknown signature? (y/N/q)"
+msgstr "Kustutan selle tundmatu allkirja? (j/E/v)"
+
+#: g10/keyedit.c:1852
+msgid "Really delete this self-signature? (y/N)"
+msgstr "Kas t�esti kustutan selle iseenda allkirja? (j/E)"
+
+#: g10/keyedit.c:1866
+#, c-format
+msgid "Deleted %d signature.\n"
+msgstr "Kustutatud %d allkiri.\n"
+
+#: g10/keyedit.c:1867
+#, c-format
+msgid "Deleted %d signatures.\n"
+msgstr "Kustutatud %d allkirja.\n"
+
+#: g10/keyedit.c:1870
+msgid "Nothing deleted.\n"
+msgstr "Midagi ei kustutatud.\n"
+
+#: g10/keyedit.c:1943
+msgid "Please remove selections from the secret keys.\n"
+msgstr "Palun eemaldage salajastelt v�tmetelt valikud.\n"
+
+#: g10/keyedit.c:1949
+msgid "Please select at most one secondary key.\n"
+msgstr "palun valige �limalt �ks sekundaarne v�ti.\n"
+
+#: g10/keyedit.c:1953
+msgid "Changing expiration time for a secondary key.\n"
+msgstr "Muudan sekundaarse v�tme aegumise aega.\n"
+
+#: g10/keyedit.c:1955
+msgid "Changing expiration time for the primary key.\n"
+msgstr "Muudan primaarse v�tme aegumise aega.\n"
+
+#: g10/keyedit.c:1997
+msgid "You can't change the expiration date of a v3 key\n"
+msgstr "v3 v�tme aegumise aega ei saa muuta.\n"
+
+#: g10/keyedit.c:2013
+msgid "No corresponding signature in secret ring\n"
+msgstr "Vastavat allkirja salajaste v�tmete hoidlas pole\n"
+
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Palun valige t�pselt �ks kasutaja ID.\n"
+
+#: g10/keyedit.c:2284
+#, c-format
+msgid "No user ID with index %d\n"
+msgstr "Kasutaja ID numbriga %d puudub\n"
+
+#: g10/keyedit.c:2330
+#, c-format
+msgid "No secondary key with index %d\n"
+msgstr "Sekundaarne v�ti numbriga %d puudub\n"
+
+#: g10/keyedit.c:2444
+msgid "user ID: \""
+msgstr "kasutaja ID: \""
+
+#: g10/keyedit.c:2449
+#, c-format
+msgid ""
+"\"\n"
+"signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"allkirjastatud teie v�tmega %08lX %s\n"
+
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"lokaalselt allkirjastatud teie v�tmega %08lX %s\n"
+
+#: g10/keyedit.c:2457
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "See allkiri aegub %s.\n"
+
+#: g10/keyedit.c:2461
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Olete kindel, et soovite seda ikka t�histada? (j/E) "
+
+#: g10/keyedit.c:2465
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "Loon sellele allkirjale t�histamise sertifikaadi? (j/E) "
+
+#. FIXME: detect duplicates here
+#: g10/keyedit.c:2490
+msgid "You have signed these user IDs:\n"
+msgstr "Te olete allkirjastanud j�rgnevad kasutaja IDd:\n"
+
+#: g10/keyedit.c:2504
+#, c-format
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   allkirjastanud %08lX %s%s%s\n"
+
+#: g10/keyedit.c:2512
+#, c-format
+msgid "   revoked by %08lX at %s\n"
+msgstr "   t�histanud %08lX %s\n"
+
+#: g10/keyedit.c:2532
+msgid "You are about to revoke these signatures:\n"
+msgstr "Te asute t�histama j�rgmisi allkirju:\n"
+
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   allkirjastanud %08lX %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr " (mitte-eksporditav)"
+
+#: g10/keyedit.c:2551
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "Kas t�esti loon t�histamise sertifikaadid? (j/E) "
+
+#: g10/keyedit.c:2581
+msgid "no secret key\n"
+msgstr "salajast v�tit pole\n"
+
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr "N�itan %s foto IDd suurusega %ld, v�ti 0x%08lX (uid %d)\n"
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Allkirja poliitika: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "HOIATUS: leidsin vigased noteerimise andmed\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Allkirja noteerimine: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "pole inimese poolt loetav"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "V�tmehoidla"
+
+#. of subkey
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
+msgid " [expires: %s]"
+msgstr " [aegub: %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "S�rmej�lg:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "               S�rmej�lg:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "     V�tme s�rmej�lg ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s kr�pteeritud andmed\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "kr�pteeritud tundmatu algoritmiga %d\n"
+
+#: g10/mainproc.c:280
+#, c-format
+msgid "public key is %08lX\n"
+msgstr "avalik v�ti on %08lX\n"
+
+#: g10/mainproc.c:326
+msgid "public key encrypted data: good DEK\n"
+msgstr "avaliku v�tmega kr�pteeritud andmed: hea DEK\n"
+
+#: g10/mainproc.c:378
+#, c-format
+msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
+msgstr "kr�pteeritud %u-bitise %s v�tmega, ID %08lX, loodud %s\n"
+
+#: g10/mainproc.c:388
+#, c-format
+msgid "encrypted with %s key, ID %08lX\n"
+msgstr "kr�pteeritud %s v�tmega, ID %08lX\n"
+
+#: g10/mainproc.c:402
+#, c-format
+msgid "public key decryption failed: %s\n"
+msgstr "avaliku v�tmega lahtikr�pteerimine eba�nnestus: %s\n"
+
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "eeldan %s kr�pteeritud andmeid\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr "IDEA �iffer pole saadaval, loodan kasutada selle asemel %s\n"
+
+#: g10/mainproc.c:466
+msgid "decryption okay\n"
+msgstr "lahtikr�pteerimine �nnestus\n"
+
+#: g10/mainproc.c:471
+msgid "WARNING: encrypted message has been manipulated!\n"
+msgstr "HOIATUS: kr�pteeritud teadet on muudetud!\n"
+
+#: g10/mainproc.c:476
+#, c-format
+msgid "decryption failed: %s\n"
+msgstr "lahtikr�pteerimine eba�nnestus: %s\n"
+
+#: g10/mainproc.c:495
+msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
+msgstr "M�RKUS: saatja n�udis \"ainult-teie-silmadele\"\n"
+
+#: g10/mainproc.c:497
+#, c-format
+msgid "original file name='%.*s'\n"
+msgstr "algne failinimi on='%.*s'\n"
+
+#: g10/mainproc.c:672
+msgid "standalone revocation - use \"gpg --import\" to apply\n"
+msgstr "eraldiseisev t�histus - realiseerimiseks kasutage \"gpg --import\"\n"
+
+#: g10/mainproc.c:733
+msgid "Notation: "
+msgstr "Noteering: "
+
+#: g10/mainproc.c:745
+msgid "Policy: "
+msgstr "Poliis: "
+
+#: g10/mainproc.c:1198
+msgid "signature verification suppressed\n"
+msgstr "allkirja kontroll j�eti �ra\n"
+
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "neid allkirju ei �nnestu t��delda\n"
+
+#: g10/mainproc.c:1261
+#, c-format
+msgid "Signature made %.*s using %s key ID %08lX\n"
+msgstr "Allkirja l�i %.*s kasutades %s v�tit ID %08lX\n"
+
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
+msgid "BAD signature from \""
+msgstr "HALB allkiri kasutajalt \""
+
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Aegunud allkiri kasutajalt \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
+msgid "Good signature from \""
+msgstr "Korrektne allkiri kasutajalt \""
+
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[ebakindel]"
+
+#: g10/mainproc.c:1351
+msgid "                aka \""
+msgstr "                 ka \""
+
+#: g10/mainproc.c:1412
+#, c-format
+msgid "Can't check signature: %s\n"
+msgstr "Allkirja ei saa kontrollida: %s\n"
+
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "ei ole eraldiseisev allkiri\n"
+
+#: g10/mainproc.c:1508
+#, c-format
+msgid "standalone signature of class 0x%02x\n"
+msgstr "eraldiseisev allkiri klassiga 0x%02x\n"
+
+#: g10/mainproc.c:1565
+msgid "old style (PGP 2.x) signature\n"
+msgstr "vana stiili (PGP 2.x) allkiri\n"
+
+#: g10/mainproc.c:1572
+msgid "invalid root packet detected in proc_tree()\n"
+msgstr "proc_tree() tuvastas vigase juurmise paketi\n"
+
+#: g10/misc.c:101
+#, c-format
+msgid "can't disable core dumps: %s\n"
+msgstr "ei �nnestu blokeerida m�lupildi salvestamist: %s\n"
+
+#: g10/misc.c:211
+msgid "Experimental algorithms should not be used!\n"
+msgstr "Eksperimentaalseid algoritme ei peaks kasutama!\n"
+
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+"see �ifri algoritm ei ole soovitatav; kasutage palun m�nd standardsemat!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Hoiatus: ebaturvaline omanik %s \"%s\"\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Hoiatus: ebaturvalised �igused %s \"%s\"\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "IDEA �ifri lisandprogrammi pole\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr "lisainfot leiate lehelt http://www.gnupg.org/why-not-idea.html\n"
+
+#: g10/parse-packet.c:119
+#, c-format
+msgid "can't handle public key algorithm %d\n"
+msgstr "ei oska k�sitleda avaliku v�tme algoritmi %d\n"
+
+#: g10/parse-packet.c:1053
+#, c-format
+msgid "subpacket of type %d has critical bit set\n"
+msgstr "alampaketil t��biga %d on kriitiline bitt seatud\n"
+
+#: g10/passphrase.c:442 g10/passphrase.c:489
+msgid "gpg-agent is not available in this session\n"
+msgstr "gpg-agent ei ole sesses sessioonis kasutatav\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "agendile ei �nnestu seada kliendi pid\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "agendiga suhtlemiseks ei �nnestu saada lugemise FD\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "agendiga suhtlemiseks ei �nnestu saada kirjutamise FD\n"
+
+#: g10/passphrase.c:498
+msgid "malformed GPG_AGENT_INFO environment variable\n"
+msgstr "vigane GPG_AGENT_INFO keskkonnamuutuja\n"
+
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "gpg-agendi protokolli versioon %d ei ole toetatud\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
+msgid "can't connect to `%s': %s\n"
+msgstr "ei �nnestu luua �hendust serveriga `%s': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "probleem gpg-agent programmiga suhtlemisel\n"
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "probleem agendiga - blokeerin agendi kasutamise\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
+#, c-format
+msgid " (main key ID %08lX)"
+msgstr " (peamise v�tme ID %08lX)"
+
+#: g10/passphrase.c:641
+#, c-format
+msgid ""
+"You need a passphrase to unlock the secret key for user:\n"
+"\"%.*s\"\n"
+"%u-bit %s key, ID %08lX, created %s%s\n"
+msgstr ""
+"Te vajate kasutaja salajase v�tme lahtilukustamiseks parooli:\n"
+"\"%.*s\"\n"
+"%u-bitti %s v�ti, ID %08lX, loodud %s%s\n"
+
+#: g10/passphrase.c:662
+msgid "Enter passphrase\n"
+msgstr "Sisestage parool\n"
+
+#: g10/passphrase.c:664
+msgid "Repeat passphrase\n"
+msgstr "Korrake parooli\n"
+
+#: g10/passphrase.c:705
+msgid "passphrase too long\n"
+msgstr "liiga pikk parool\n"
+
+#: g10/passphrase.c:718
+msgid "invalid response from agent\n"
+msgstr "vigane vastus agendilt\n"
+
+#: g10/passphrase.c:727 g10/passphrase.c:808
+msgid "cancelled by user\n"
+msgstr "katkestatud kasutaja poolt\n"
+
+#: g10/passphrase.c:729 g10/passphrase.c:890
+#, c-format
+msgid "problem with the agent: agent returns 0x%lx\n"
+msgstr "probleem agendiga: agent tagastas 0x%lx\n"
+
+#: g10/passphrase.c:1003
+msgid ""
+"\n"
+"You need a passphrase to unlock the secret key for\n"
+"user: \""
+msgstr ""
+"\n"
+"Te vajate kasutaja salajase v�tme lahtilukustamiseks\n"
+"parooli: \""
+
+#: g10/passphrase.c:1012
+#, c-format
+msgid "%u-bit %s key, ID %08lX, created %s"
+msgstr "%u-bitine %s v�ti, ID %08lX, loodud %s"
+
+#: g10/passphrase.c:1063
+msgid "can't query password in batchmode\n"
+msgstr "pakettmoodis ei saa parooli k�sida\n"
+
+#: g10/passphrase.c:1067
+msgid "Enter passphrase: "
+msgstr "Sisestage parool: "
+
+#: g10/passphrase.c:1071
+msgid "Repeat passphrase: "
+msgstr "Korrake parooli: "
+
+#: g10/plaintext.c:67
+msgid "data not saved; use option \"--output\" to save it\n"
+msgstr "andmeid ei salvestatud; salvestamiseks kasutage v�tit \"--output\"\n"
+
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "viga `%s' loomisel: %s\n"
+
+#: g10/plaintext.c:337
+msgid "Detached signature.\n"
+msgstr "Eraldiseisev allkiri.\n"
+
+#: g10/plaintext.c:341
+msgid "Please enter name of data file: "
+msgstr "Palun sisestage andmefaili nimi: "
+
+#: g10/plaintext.c:362
+msgid "reading stdin ...\n"
+msgstr "loen standardsisendit ...\n"
+
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "allkirjastatud andmeid pole\n"
+
+#: g10/plaintext.c:404
+#, c-format
+msgid "can't open signed data `%s'\n"
+msgstr "allkirjastatud andmete avamine eba�nnestus `%s'\n"
+
+#: g10/pubkey-enc.c:100
+#, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
+msgstr "anon��mne saaja; proovin salajast v�tit %08lX ...\n"
+
+#: g10/pubkey-enc.c:106
+msgid "okay, we are the anonymous recipient.\n"
+msgstr "ok, me oleme anon��mne teate saaja.\n"
+
+#: g10/pubkey-enc.c:158
+msgid "old encoding of the DEK is not supported\n"
+msgstr "vana DEK kodeerimine ei ole toetatud\n"
+
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "�ifri algoritm %d%s on tundmatu v�i blokeeritud\n"
+
+#: g10/pubkey-enc.c:220
+#, c-format
+msgid "NOTE: cipher algorithm %d not found in preferences\n"
+msgstr "M�RKUS: �ifri algoritm %d puudub eelistustes\n"
+
+#: g10/pubkey-enc.c:242
+#, c-format
+msgid "NOTE: secret key %08lX expired at %s\n"
+msgstr "M�RKUS: salajane v�ti %08lX aegus %s\n"
+
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
+#, c-format
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "k�sin v�tit %08lX HKP v�tmeserverist %s\n"
+
+#: g10/hkp.c:94
+#, c-format
+msgid "can't get key from keyserver: %s\n"
+msgstr "v�tmeserverist ei saa v�tit: %s\n"
+
+#: g10/hkp.c:171
+#, c-format
+msgid "error sending to `%s': %s\n"
+msgstr "viga teate saatmisel serverile `%s': %s\n"
+
+#: g10/hkp.c:186
+#, c-format
+msgid "success sending to `%s' (status=%u)\n"
+msgstr "teate saatmine serverile `%s' �nnestus (olek=%u)\n"
+
+#: g10/hkp.c:189
+#, c-format
+msgid "failed sending to `%s': status=%u\n"
+msgstr "teate saatmine serverile `%s' eba�nnestus: olek=%u\n"
+
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "otsin \"%s\" HKP serverist %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "v�tmeserverist ei saa otsida: %s\n"
+
+#: g10/seckey-cert.c:53
+msgid "secret key parts are not available\n"
+msgstr "salajase v�tme komponendid ei ole k�ttesaadavad\n"
+
+#: g10/seckey-cert.c:59
+#, c-format
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "kaitse algoritm %d%s ei ole toetatud\n"
+
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Vigane parool; palun proovige uuesti"
+
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
+
+#: g10/seckey-cert.c:273
+msgid "WARNING: Weak key detected - please change passphrase again.\n"
+msgstr "HOIATUS: Tuvastasin n�rga v�tme - palun muutke uuesti parooli.\n"
+
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+"loon salajase v�tme kaitseks mittesoovitavat 16 bitist kontrollsummat\n"
+
+#: g10/sig-check.c:205
+msgid ""
+"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
+msgstr ""
+"see on PGP genereeritud ElGamal v�ti ja EI OLE allkirjastamiseks turvaline!\n"
+
+#: g10/sig-check.c:213
+#, c-format
+msgid "public key is %lu second newer than the signature\n"
+msgstr "avalik v�ti on %lu sekund uuem, kui allkiri\n"
+
+#: g10/sig-check.c:214
+#, c-format
+msgid "public key is %lu seconds newer than the signature\n"
+msgstr "avalik v�ti on %lu sekundit uuem, kui allkiri\n"
+
+#: g10/sig-check.c:237
+#, c-format
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "M�RKUS: allkirja v�ti %08lX aegus %s\n"
+
+#: g10/sig-check.c:318
+msgid "assuming bad signature due to an unknown critical bit\n"
+msgstr "eeldan tundmatu kriitilise biti t�ttu vigast allkirja\n"
+
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"HOIATUS: poliisi urli %%-asendus eba�nnestus (liiga suur). Kasutan "
+"kompaktset.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "Loodud allkirja ei �nnestu kontrollida: %s\n"
+
+#: g10/sign.c:283
+#, c-format
+msgid "%s signature from: %s\n"
+msgstr "%s allkiri kasutajalt: %s\n"
+
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "HOIATUS: `%s' on t�hi fail\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "PGP 2.x stiilis v�tmetega saab allkirjastada ainult --pgp2 moodis\n"
+
+#: g10/sign.c:643 g10/sign.c:812
+#, c-format
+msgid "can't create %s: %s\n"
+msgstr "%s ei �nnestu luua: %s\n"
+
+#: g10/sign.c:704
+msgid "signing:"
+msgstr "allkirjastan:"
+
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"PGP 2.x stiilis v�tmetega saab avateksti allkirjastada ainult --pgp2 moodis\n"
+
+#: g10/sign.c:953
+#, c-format
+msgid "%s encryption will be used\n"
+msgstr "kasutatakse %s kr�pteerimist\n"
+
+#: g10/textfilter.c:134
+#, c-format
+msgid "can't handle text lines longer than %d characters\n"
+msgstr "ei suuda k�sitleda tekstiridu mis on pikemad, kui %d s�mbolit\n"
+
+#: g10/textfilter.c:231
+#, c-format
+msgid "input line longer than %d characters\n"
+msgstr "sisendrida on pikem, kui %d s�mbolit\n"
+
+#: g10/tdbio.c:121 g10/tdbio.c:1382
+#, c-format
+msgid "trustdb rec %lu: lseek failed: %s\n"
+msgstr "trustdb kirje %lu: lseek eba�nnestus: %s\n"
+
+#: g10/tdbio.c:127 g10/tdbio.c:1389
+#, c-format
+msgid "trustdb rec %lu: write failed (n=%d): %s\n"
+msgstr "trustdb rec %lu: write failed (n=%d): %s\n"
+
+#: g10/tdbio.c:237
+msgid "trustdb transaction too large\n"
+msgstr "trustdb transaktsioon on liiga suur\n"
+
+#: g10/tdbio.c:454
+#, c-format
+msgid "%s: can't access: %s\n"
+msgstr "%s: ei �nnestu kasutada: %s\n"
+
+#: g10/tdbio.c:468
+#, c-format
+msgid "%s: directory does not exist!\n"
+msgstr "%s: kataloogi ei ole!\n"
+
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
+#, c-format
+msgid "%s: can't create lock\n"
+msgstr "%s: ei �nnestu luua lukku\n"
+
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: ei �nnestu seada lukku\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: ei �nnestu luua: %s\n"
+
+#: g10/tdbio.c:503
+#, c-format
+msgid "%s: failed to create version record: %s"
+msgstr "%s: versioonikirje loomine ei �nnestu: %s"
+
+#: g10/tdbio.c:507
+#, c-format
+msgid "%s: invalid trustdb created\n"
+msgstr "%s: loodi vigane usalduse andmebaas\n"
+
+#: g10/tdbio.c:510
+#, c-format
+msgid "%s: trustdb created\n"
+msgstr "%s: trustdb on loodud\n"
+
+#: g10/tdbio.c:565
+#, c-format
+msgid "%s: invalid trustdb\n"
+msgstr "%s: vigane trustdb\n"
+
+#: g10/tdbio.c:597
+#, c-format
+msgid "%s: failed to create hashtable: %s\n"
+msgstr "%s: paisktabeli loomine eba�nnestus: %s\n"
+
+#: g10/tdbio.c:605
+#, c-format
+msgid "%s: error updating version record: %s\n"
+msgstr "%s: viga versioonikirje uuendamisel: %s\n"
+
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
+#, c-format
+msgid "%s: error reading version record: %s\n"
+msgstr "%s: viga versioonikirje lugemisel: %s\n"
+
+#: g10/tdbio.c:634 g10/tdbio.c:680
+#, c-format
+msgid "%s: error writing version record: %s\n"
+msgstr "%s: viga versioonikirje kirjutamisel: %s\n"
+
+#: g10/tdbio.c:1119
+#, c-format
+msgid "trustdb: lseek failed: %s\n"
+msgstr "trustdb: lseek eba�nnestus: %s\n"
+
+#: g10/tdbio.c:1127
+#, c-format
+msgid "trustdb: read failed (n=%d): %s\n"
+msgstr "trustdb: lugemine eba�nnestus (n=%d): %s\n"
+
+#: g10/tdbio.c:1148
+#, c-format
+msgid "%s: not a trustdb file\n"
+msgstr "%s: ei ole trustdb fail\n"
+
+#: g10/tdbio.c:1165
+#, c-format
+msgid "%s: version record with recnum %lu\n"
+msgstr "%s: versioonikirje kirje numbriga %lu\n"
+
+#: g10/tdbio.c:1170
+#, c-format
+msgid "%s: invalid file version %d\n"
+msgstr "%s: vigane faili versioon %d\n"
+
+#: g10/tdbio.c:1348
+#, c-format
+msgid "%s: error reading free record: %s\n"
+msgstr "%s: viga vaba kirje lugemisel: %s\n"
+
+#: g10/tdbio.c:1356
+#, c-format
+msgid "%s: error writing dir record: %s\n"
+msgstr "%s: viga kataloogikirje kirjutamisel: %s\n"
+
+#: g10/tdbio.c:1366
+#, c-format
+msgid "%s: failed to zero a record: %s\n"
+msgstr "%s: kirje nullimine eba�nnestus: %s\n"
+
+#: g10/tdbio.c:1396
+#, c-format
+msgid "%s: failed to append a record: %s\n"
+msgstr "%s: kirje lisamine eba�nnestus: %s\n"
+
+#: g10/tdbio.c:1441
+msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
+msgstr "trustdb on vigane; palun k�ivitage \"gpg --fix-trustdb\".\n"
+
+#: g10/trustdb.c:200
+#, c-format
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' ei ole kehtiv pikk v�tmeID\n"
+
+#: g10/trustdb.c:235
+#, c-format
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "v�ti %08lX: aktsepteerin usaldusv��rse v�tmena\n"
+
+#: g10/trustdb.c:274
+#, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "v�ti %08lX esineb trustdb failis enam kui korra\n"
+
+#: g10/trustdb.c:290
+#, c-format
+msgid "key %08lX: no public key for trusted key - skipped\n"
+msgstr "v�ti %08lX: usaldataval v�tmel pole avalikku v�tit - j�tsin vahele\n"
+
+#: g10/trustdb.c:332
+#, c-format
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "usalduse kirje %lu, p�ringu t��p %d: lugemine eba�nnestus: %s\n"
+
+#: g10/trustdb.c:338
+#, c-format
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "usalduse kirje %lu ei oma soovitud t��pi %d\n"
+
+#: g10/trustdb.c:353
+#, c-format
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "usalduse kirje %lu, t��p %d: kirjutamine eba�nnestus: %s\n"
+
+#: g10/trustdb.c:368
+#, c-format
+msgid "trustdb: sync failed: %s\n"
+msgstr "trustdb: sync eba�nnestus: %s\n"
+
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "trustdb kontrolliks puudub vajadus\n"
+
+#: g10/trustdb.c:474 g10/trustdb.c:1641
+#, c-format
+msgid "next trustdb check due at %s\n"
+msgstr "trustdb j�rgmine kontroll %s\n"
+
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "kontrollin trustdb faili\n"
+
+#: g10/trustdb.c:933
+#, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "ei leia avalikku v�tit %08lX: %s\n"
+
+#: g10/trustdb.c:1515
+#, c-format
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "puudub absoluutselt usaldatava v�tme %08lX avalik v�ti\n"
+
+#: g10/trustdb.c:1593
+#, c-format
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr ""
+"kontrollin s�gavusel %d allkirjastatud=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+
+#: g10/verify.c:108
+msgid ""
+"the signature could not be verified.\n"
+"Please remember that the signature file (.sig or .asc)\n"
+"should be the first file given on the command line.\n"
+msgstr ""
+"allkirja ei �nnestu kontrollida.\n"
+"Palun pidage meeles, et allkirja fail (.sig v�i .asc)\n"
+"peab olema k�sureal esimene fail.\n"
+
+#: g10/verify.c:173
+#, c-format
+msgid "input line %u too long or missing LF\n"
+msgstr "sisendrida %u on liiga pikk v�i seavahetus puudub\n"
+
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"v�ti ei ole m�rgitud ebaturvaliseks - sellega ei saa v�lts RNGd kasutada!\n"
+
+#: g10/skclist.c:138
+#, c-format
+msgid "skipped `%s': duplicated\n"
+msgstr "`%s' j�tsin vahele: duplikaat\n"
+
+#: g10/skclist.c:145 g10/skclist.c:153
+#, c-format
+msgid "skipped `%s': %s\n"
+msgstr "`%s' j�tsin vahele: %s\n"
+
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "j�tsin vahele: avalik v�ti on juba olemas\n"
+
+#: g10/skclist.c:160
+#, c-format
+msgid ""
+"skipped `%s': this is a PGP generated ElGamal key which is not secure for "
+"signatures!\n"
+msgstr ""
+"j�tsin `%s' vahele: see on PGP genereeritud ElGamal v�ti,\n"
+"mis ei ole allkirjades kasutamiseks turvaline!\n"
+
+#. do not overwrite
+#: g10/openfile.c:84
+#, c-format
+msgid "File `%s' exists. "
+msgstr "Fail `%s' on olemas. "
+
+#: g10/openfile.c:86
+msgid "Overwrite (y/N)? "
+msgstr "Kirjutan �le (j/E)? "
+
+#: g10/openfile.c:119
+#, c-format
+msgid "%s: unknown suffix\n"
+msgstr "%s: tundmatu suffiks\n"
+
+#: g10/openfile.c:141
+msgid "Enter new filename"
+msgstr "Sisestage uus failinimi"
+
+#: g10/openfile.c:184
+msgid "writing to stdout\n"
+msgstr "kirjutan standardv�ljundisse\n"
+
+#: g10/openfile.c:273
+#, c-format
+msgid "assuming signed data in `%s'\n"
+msgstr "eeldan allkirjastatud andmeid failis `%s'\n"
+
+#: g10/openfile.c:323
+#, c-format
+msgid "%s: new options file created\n"
+msgstr "%s: uus omaduste fail on loodud\n"
+
+#: g10/openfile.c:350
+#, c-format
+msgid "%s: can't create directory: %s\n"
+msgstr "%s: kataloogi ei �nnestu luua: %s\n"
+
+#: g10/openfile.c:353
+#, c-format
+msgid "%s: directory created\n"
+msgstr "%s: kataloog on loodud\n"
+
+#: g10/openfile.c:355
+msgid "you have to start GnuPG again, so it can read the new options file\n"
+msgstr "te peate GnuPG uuesti k�ivitama, siis v�etakse uued v�tmed arvesse\n"
+
+#: g10/encr-data.c:91
+msgid ""
+"WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
+msgstr "HOIATUS: teade on kr�ptitud s�mmeetrilise �ifri n�rga v�tmega.\n"
+
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "probleem kr�ptitud paketi k�sitlemisel\n"
+
+#: g10/seskey.c:52
+msgid "weak key created - retrying\n"
+msgstr "loodi n�rk v�ti - proovin uuesti\n"
+
+#: g10/seskey.c:57
+#, c-format
+msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
+msgstr ""
+"s�mmeetrilises �ifris ei �nnestu v�ltida n�rga v�tme kasutamist; proovisin %"
+"d korda!\n"
+
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr "DSA n�uab 160 bitist r�sialgoritmi kasutamist\n"
+
+#: g10/delkey.c:116
+msgid "can't do that in batchmode without \"--yes\"\n"
+msgstr "pakettmoodis ei �nnestu seda v�tmeta teha \"--yes\"\n"
+
+#: g10/delkey.c:138
+msgid "Delete this key from the keyring? "
+msgstr "Kustutan selle v�tme v�tmehoidlast? "
+
+#: g10/delkey.c:146
+msgid "This is a secret key! - really delete? "
+msgstr "See on salajane v�ti! - kas kustutan t�esti? "
+
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "v�tmebloki kustutamine eba�nnestus: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr "omaniku usalduse info puhastatud\n"
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "avaliku v�tme \"%s\" jaoks on salajane v�ti!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "selle kustutamiseks kasutage v�tit \"--delete-secret-keys\".\n"
+
+#: g10/helptext.c:47
+msgid ""
+"It's up to you to assign a value here; this value will never be exported\n"
+"to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
+"to do with the (implicitly created) web-of-certificates."
+msgstr ""
+"Teie �lesanne on sisestada n��d v��rtus; seda v��rtust ei avalikustata\n"
+"kolmandatele pooltele. Seda v��rtust on vaja et realiseerida usaldusv�rk."
+
+#: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Usalduse v�rgu loomiseks peab GnuPG teadma, millised v�tmed on\n"
+"absoluutselt usaldatavad. Need on tavaliselt v�tmed, mille puhul\n"
+"on teil juurdep��s ka nende salajastele v�tmetele. Kui soovite\n"
+"m��rata seda v�tit absoluutselt usaldatavaks, vastake \"jah\"\n"
+
+#: g10/helptext.c:60
+msgid "If you want to use this revoked key anyway, answer \"yes\"."
+msgstr "Kui te ikkagi soovite kasutada seda kehtetut v�tit, vastake \"jah\"."
+
+#: g10/helptext.c:64
+msgid "If you want to use this untrusted key anyway, answer \"yes\"."
+msgstr ""
+"Kui te ikkagi soovite kasutada seda mitteusaldatavat v�tit, vastake \"jah\"."
+
+#: g10/helptext.c:68
+msgid ""
+"Enter the user ID of the addressee to whom you want to send the message."
+msgstr "Sisestage kasutaja ID aadressile, kellele te soovite teadet saata."
+
+#: g10/helptext.c:72
+msgid ""
+"Select the algorithm to use.\n"
+"\n"
+"DSA (aka DSS) is the digital signature algorithm which can only be used\n"
+"for signatures.  This is the suggested algorithm because verification of\n"
+"DSA signatures are much faster than those of ElGamal.\n"
+"\n"
+"ElGamal is an algorithm which can be used for signatures and encryption.\n"
+"OpenPGP distinguishs between two flavors of this algorithms: an encrypt "
+"only\n"
+"and a sign+encrypt; actually it is the same, but some parameters must be\n"
+"selected in a special way to create a safe key for signatures: this program\n"
+"does this but other OpenPGP implementations are not required to understand\n"
+"the signature+encryption flavor.\n"
+"\n"
+"The first (primary) key must always be a key which is capable of signing;\n"
+"this is the reason why the encryption only ElGamal key is not available in\n"
+"this menu."
+msgstr ""
+"Valige kasutatav algoritm.\n"
+"\n"
+"DSA (ka DSS) on digitaalallkirja algoritm, mida saab kasutada ainult\n"
+"allkirjades. See on soovitatav algoritm, kuna DSA allkirjade kontroll\n"
+"on oluliselt kiirem ElGamal allkirjade kontrollimisest.\n"
+"\n"
+"ElGamal on algoritm, mida saab kasutada nii allkirjastamisel, kui ka\n"
+"kr�ptimisel. OpenPGP eristab selle algoritmi kahte varianti: ainult\n"
+"kr�ptivat ja kr�ptivat ning allkirjastavat. Algoritm on sama, aga\n"
+"turvaliseks allkirjastamiseks on vaja valida sobivad parameetrid. See\n"
+"programm toetab m�lemat varianti, aga teised OpenPGP realisatsioonid\n"
+"ei pruugi kr�ptivat ning allkirjastavat v�imalust tunda.\n"
+"\n"
+"Esimene (primaarne) v�ti peab alati olema selline, mida saab kasutada\n"
+"allkirjastamisel; see on ka p�hjus, miks selles men��s ei lubata valida\n"
+"ainult kr�ptivat ElGamal v�tit."
+
+#: g10/helptext.c:92
+msgid ""
+"Although these keys are defined in RFC2440 they are not suggested\n"
+"because they are not supported by all programs and signatures created\n"
+"with them are quite large and very slow to verify."
+msgstr ""
+"Kuigi need v�tmed on kirjeldatud dokumendis RFC2440, ei ole nende\n"
+"kasutamine soovitatav, kuna mitte k�ik programmid ei toeta neid\n"
+"ja nendega loodud allkirjad on suured ning kontrollimine aeglane."
+
+#: g10/helptext.c:99
+msgid "Enter the size of the key"
+msgstr "Sisestage v�tmepikkus"
+
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
+msgid "Answer \"yes\" or \"no\""
+msgstr "Vastake \"jah\" v�i \"ei\""
+
+#: g10/helptext.c:113
+msgid ""
+"Enter the required value as shown in the prompt.\n"
+"It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
+"get a good error response - instead the system tries to interpret\n"
+"the given value as an interval."
+msgstr ""
+"Sisestage n�utav v��rtus, nagu viibal n�idati.\n"
+"V�imalik on ka sisestada ISO kuup�ev (AAAA-KK-PP), aga te ei\n"
+"saa korrektset veateadet, kuna s�steem �ritab antud v��rtust\n"
+"t�lgendada vahemikuna."
+
+#: g10/helptext.c:125
+msgid "Enter the name of the key holder"
+msgstr "Sisestage v�tmehoidja nimi"
+
+#: g10/helptext.c:130
+msgid "please enter an optional but highly suggested email address"
+msgstr "palun e-posti aadress, aadress ei ole kohustuslik, aga v�ga soovitav"
+
+#: g10/helptext.c:134
+msgid "Please enter an optional comment"
+msgstr "Te v�ite n��d sisestada kommentaari"
+
+#: g10/helptext.c:139
+msgid ""
+"N  to change the name.\n"
+"C  to change the comment.\n"
+"E  to change the email address.\n"
+"O  to continue with key generation.\n"
+"Q  to to quit the key generation."
+msgstr ""
+"N  et muuta nime.\n"
+"K  et muuta kommentaari.\n"
+"E  et muuta e-posti aadressi.\n"
+"O  et j�tkata v�tme loomist.\n"
+"V  et l�petada v�tme loomine."
+
+#: g10/helptext.c:148
+msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
+msgstr "Vastake \"jah\" (v�i \"j\"), kui v�ib alustada alamv�tme loomisega."
+
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Kui te allkirjastate v�tme kasutaja ID, kontrollige k�igepealt, kas v�ti\n"
+"ikka kuulub antud ID-ga n�idatud isikule. Teistel inimestel on hea teada,\n"
+"kui hoolikalt te seda kontrolli olete teostanud.\n"
+"\n"
+"\"0\" t�hendab, et te ei v�ida oma kontrollimise kohta midagi.\n"
+"\n"
+"\"1\" t�hendab, et te usute, et v�tit omab isik, kes seda v�idab omavat, "
+"kuid\n"
+"    te ei saanud v�i ei soovinud seda v�idet t�iendavalt kontrollida. See\n"
+"    on kasulik \"persooni\" kontrolliks, kui te allkirjastate isiku pseudo-\n"
+"    n��mi v�tit.\n"
+"\n"
+"\"2\" t�hendab, et te teostasite v�tme pealiskaudset kontrolli. See v�ib\n"
+"    n�iteks t�hendada, et te kontrollisite v�tme s�rmej�lge ja "
+"kontrollisite\n"
+"    v�tme kasutaja ID foto ID vastu.\n"
+"\n"
+"\"3\" t�hendab, et te teostasite v�tme p�hjalikku kontrolli. See v�ib "
+"n�iteks\n"
+"    t�hendada, et v�rdlesite v�tme s�rmej�lge v�rme omanikuga otse suheldes\n"
+"    ja et te kontrollisite raskesti v�ltsitavast allikast (nt. pass) et\n"
+"    v�tme omaniku nimi vastab v�tmel n�idatud kasutaja IDle ja te kontrol-\n"
+"    lisite, et v�tmel n�idatud e-posti aadress kuulub v�tme omanikule.\n"
+"\n"
+"pange t�hele, et n�ited tasemete 2 ja 3 juures on *ainult* n�ited. S�ltub\n"
+"ainult teist, milline on \"pealiskaudse\" ja \"p�hjaliku\" kontrolli "
+"t�hendus,\n"
+"kui te allkirjastate teisi v�tmeid.\n"
+"\n"
+"Kui te ei tea �iget vastust, vastake \"0\"."
+
+#: g10/helptext.c:194
+msgid "Answer \"yes\" is you want to sign ALL the user IDs"
+msgstr "Kui te soovite allkirjastada K�IK kasutaja IDd, vastake \"jah\""
+
+#: g10/helptext.c:198
+msgid ""
+"Answer \"yes\" if you really want to delete this user ID.\n"
+"All certificates are then also lost!"
+msgstr ""
+"Kui te t�esti soovite seda kasutaja IDd kustutada, vastake \"jah\".\n"
+"Sertifikaadid kustutatakse samuti!"
+
+#: g10/helptext.c:203
+msgid "Answer \"yes\" if it is okay to delete the subkey"
+msgstr "Kui selle alamv�tme v�ib kustutada, vastake \"jah\""
+
+#: g10/helptext.c:208
+msgid ""
+"This is a valid signature on the key; you normally don't want\n"
+"to delete this signature because it may be important to establish a\n"
+"trust connection to the key or another key certified by this key."
+msgstr ""
+"See on v�tme kehtiv allkiri; tavaliselt seda ei soovita kustutada,\n"
+"kuna see allkiri v�ib olla vajalik, et kirjeldada antud v�tme v�i\n"
+"antud v�tmega sertifitseeritud teise v�tme usaldatavust."
+
+#: g10/helptext.c:213
+msgid ""
+"This signature can't be checked because you don't have the\n"
+"corresponding key.  You should postpone its deletion until you\n"
+"know which key was used because this signing key might establish\n"
+"a trust connection through another already certified key."
+msgstr ""
+"Seda allkirja ei saa kontrollida, kuna puudub allkirjale vastav v�ti.\n"
+"Te peaksite peatama kustutamise, kuni on teada, millist v�tit see\n"
+"kasutab, sest see v�ti v�ib moodustada usaldussuhte l�bi m�ne juba\n"
+"sertifitseeritud v�tme."
+
+#: g10/helptext.c:219
+msgid ""
+"The signature is not valid.  It does make sense to remove it from\n"
+"your keyring."
+msgstr "Allkiri ei ole kehtiv. Oleks m�istlik see v�tmehoidlast kustutada."
+
+#: g10/helptext.c:223
+msgid ""
+"This is a signature which binds the user ID to the key. It is\n"
+"usually not a good idea to remove such a signature.  Actually\n"
+"GnuPG might not be able to use this key anymore.  So do this\n"
+"only if this self-signature is for some reason not valid and\n"
+"a second one is available."
+msgstr ""
+"See allkiri seob kasutaja ID v�tmega. Sellist allkirja ei ole\n"
+"�ldiselt soovitatav eemaldada. Peale selle kustutamist ei pruugi\n"
+"GnuPG enam olla v�imeline seda v�tit leidma. Kustutada v�iks\n"
+"vaid siis, kui see allkiri ei ole miskip�rast kehtiv ja on\n"
+"olemas ka teine allkiri, mis kasutajat v�tmega seob."
+
+#: g10/helptext.c:231
+msgid ""
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+"Muuda k�ikide kasutaja ID-de seaded (v�i ainult valitud)\n"
+"vastavaks hetkel m��ratud seadetele. K�ikide asjasse puutuvate\n"
+"ise loodud allkirjade ajatempleid suurendatakse �he sekundi v�rra.\n"
+
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Palun sisestage parool; see on salajane tekst \n"
+
+#: g10/helptext.c:244
+msgid "Please repeat the last passphrase, so you are sure what you typed in."
+msgstr "Palun korrake parooli, siis saate oma kirjutatus kindel olla."
+
+#: g10/helptext.c:248
+msgid "Give the name of the file to which the signature applies"
+msgstr "Sisestage palun failinimi, mida allkirjastada"
+
+#: g10/helptext.c:253
+msgid "Answer \"yes\" if it is okay to overwrite the file"
+msgstr "Vastake \"jah\", kui faili v�ib �le kirjutada"
+
+#: g10/helptext.c:258
+msgid ""
+"Please enter a new filename. If you just hit RETURN the default\n"
+"file (which is shown in brackets) will be used."
+msgstr ""
+"Palun sisestage uus failinimi. Kui te vajutate lihtsalt reavahetust,\n"
+"kasutatakse vaikimisi faili (nimi on nurksulgudes)."
+
+#: g10/helptext.c:264
+msgid ""
+"You should specify a reason for the certification.  Depending on the\n"
+"context you have the ability to choose from this list:\n"
+"  \"Key has been compromised\"\n"
+"      Use this if you have a reason to believe that unauthorized persons\n"
+"      got access to your secret key.\n"
+"  \"Key is superseded\"\n"
+"      Use this if you have replaced this key with a newer one.\n"
+"  \"Key is no longer used\"\n"
+"      Use this if you have retired this key.\n"
+"  \"User ID is no longer valid\"\n"
+"      Use this to state that the user ID should not longer be used;\n"
+"      this is normally used to mark an email address invalid.\n"
+msgstr ""
+"Te peate m��rama sertifitseerimise p�hjuse. S�ltuvalt kontekstist on\n"
+"teil v�imalus valida �ks j�rgnevaist:\n"
+"  \"V�ti on kompromiteeritud\"\n"
+"      Kasutage seda, kui teil on p�hjust uskuda, et autoriseerimata\n"
+"      isikud on saanud juurdep��su teie salajasele v�tmele.\n"
+"  \"V�ti on asendatud\"\n"
+"      Kasutage seda, kui te olete selle v�tme asendanud uuemaga.\n"
+"  \"V�ti ei ole enam kasutusel\"\n"
+"      Kasutage seda, kui te ei kasuta enam seda v�tit.\n"
+"  \"Kasutaja ID ei ole enam kehtiv\"\n"
+"      Kasutage seda m�rkimaks, et konkreetset kasutaja ID ei peaks enam\n"
+"      kasutama; seda kasutatakse tavaliselt m�rkimaks vigast e-posti "
+"aadressi.\n"
+
+#: g10/helptext.c:280
+msgid ""
+"If you like, you can enter a text describing why you issue this\n"
+"revocation certificate.  Please keep this text concise.\n"
+"An empty line ends the text.\n"
+msgstr ""
+"Kui te soovite, v�ite n��d sisestada p�hjenduse, miks te\n"
+"soovite seda t�histamise sertifikaati esitada. Palun kirjutage\n"
+"l�hidalt. T�hi rida l�petab teksti.\n"
+
+#: g10/helptext.c:295
+msgid "No help available"
+msgstr "Abiinfo puudub"
+
+#: g10/helptext.c:303
+#, c-format
+msgid "No help available for `%s'"
+msgstr "`%s' kohta abiinfo puudub"
+
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "viga v�tmehoidla `%s' loomisel: %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "`%s' �iguste muutmine eba�nnestus: %s\n"
+
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "v�tmehoidla `%s' on loodud\n"
+
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "v�tmehoidla vahem�lu uuesti loomine eba�nnestus: %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "HOIATUS: on olemas 2 faili konfidentsiaalse infoga.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s ei ole muudetud\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s on uus\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Palun parandage see v�imalik turvaprobleem\n"
+
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "kontrollin v�tmehoidlat `%s'\n"
+
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "seni on kontrollitud %lu v�tit (%lu allkirja)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "kontrollitud %lu v�tit (%lu allkirja)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: v�tmehoidla on loodud\n"
diff --git a/po/fr.po b/po/fr.po
index 07e86f5a9..cd8d89c75 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -1,6 +1,6 @@
 # GnuPG French translation
-# Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
-# Ga�l Qu�ri <[email protected]>, 1998.
+# Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+# Ga�l Qu�ri <[email protected]>, 1998.
 #
 # Thanks to R�mi Guyomarch <[email protected]> and <[email protected]>
 # for pointing me out some errors.
@@ -9,303 +9,331 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: gnupg 1.0.1h\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 2000-06-28 18:41+02:00\n"
-"Last-Translator: Ga�l Qu�ri <[email protected]>\n"
+"Project-Id-Version: gnupg 1.0.6d\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-03-28 23:43+01:00\n"
+"Last-Translator: Ga�l Qu�ri <[email protected]>\n"
 "Language-Team: French <[email protected]>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=ISO-8859-1\n"
 "Content-Transfer-Encoding: 8-bit\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Avertissement: l'utilisation de la m�moire n'est pas s�re !\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "voir http://www.gnupg.org/fr/faq.html pour plus d'informations\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr ""
+"l'op�ration n'est pas possible tant que la m�moire s�re n'est pas\n"
+"initialis�e\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(vous avez peut-�tre utilis� un programme non adapt� � cette fin)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "oui"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "oO"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "non"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "quitter"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "qQ"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "erreur g�n�rale"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "type de paquet inconnu"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "version inconnue"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "algorithme � cl� publique inconnu"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "algorithme de hachage inconnu"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "mauvaise cl� publique"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "mauvaise cl� secr�te"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "mauvaise signature"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "somme de contr�le erron�e"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "mauvais mot de passe"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "cl� publique non trouv�e"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "algorithme de chiffrement inconnu"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "impossible d'ouvrir le porte-cl�s"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "paquet invalide"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "armure invalide"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "pas d'utilisateur de ce nom"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "la cl� secr�te n'est pas disponible"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "mauvaise cl� secr�te utilis�e"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "non support�"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "mauvaise cl�"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "erreur de lecture"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "erreur d'�criture"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "algorithme de compression inconnu"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "erreur d'ouverture de fichier"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "erreur de cr�ation de fichier"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "mot de passe invalide"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "algorithme � cl� publique non implant�"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "algorithme de chiffrement non implant�"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "classe de signature inconnue"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "erreur dans la base de confiance"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "mauvais entier en pr�cision multiple (MPI)"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "limite de ressources atteinte"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "porte-cl�s invalide"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "mauvais certificat"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "nom d'utilisateur malform�"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "erreur de fermeture de fichier"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "erreur pendant le changement de nom du fichier"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "erreur pendant la suppression du fichier"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "donn�es inattendues"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "conflit de dates"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "algorithme de cl�s publiques inutilisable"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "le fichier existe"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "cl� faible"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "argument invalide"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "mauvaise adresse (URI)"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "URI non support�e"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "erreur de r�seau"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "non chiffr�"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "non trait�"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "cl� publique inutilisable"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "cl� secr�te inutilisable"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "erreur du serveur de cl�s"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... c'est un bug (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "vous avez trouv� un bug... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "impossible d'ouvrir `%s': %s\n"
 
-#: cipher/random.c:325
+#: cipher/random.c:324
 #, c-format
 msgid "can't stat `%s': %s\n"
 msgstr "impossible d'acc�der � `%s': %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
 msgstr "`%s' n'est pas un fichier r�gulier - ignor�\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
 msgstr "note: le fichier `random_seed' est vide\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
 "avertissement: la taille du fichier `random_seed' est invalide.\n"
 "Celui-ci ne sera pas utilis�.\n"
 
-#: cipher/random.c:349
+#: cipher/random.c:348
 #, c-format
 msgid "can't read `%s': %s\n"
 msgstr "impossible de lire `%s': %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
 msgstr "note: le fichier `random_seed' n'a pas �t� mis � jour\n"
 
-#: cipher/random.c:407
+#: cipher/random.c:406
 #, c-format
 msgid "can't create `%s': %s\n"
 msgstr "impossible de cr�er `%s': %s\n"
 
-#: cipher/random.c:414
+#: cipher/random.c:413
 #, c-format
 msgid "can't write `%s': %s\n"
 msgstr "impossible d'�crire `%s': %s\n"
 
-#: cipher/random.c:417
+#: cipher/random.c:416
 #, c-format
 msgid "can't close `%s': %s\n"
 msgstr "impossible de fermer `%s': %s\n"
 
-#: cipher/random.c:428
-#, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
-"une quantit� de donn�es al�atoires trop importante a �t� demand�e.\n"
-"La limite est %d bits.\n"
-
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr ""
 "ATTENTION: utilisation d'un g�n�rateur de nombres al�atoires peu s�r !!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -319,7 +347,7 @@ msgstr ""
 "N'UTILISEZ PAS LES DONN�ES G�N�R�ES PAR CE PROGRAMME !!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -330,21 +358,7 @@ msgstr ""
 "Il n'y a pas assez d'octets al�atoires disponibles. Faites autre chose\n"
 "pour que l'OS puisse amasser plus d'entropie ! (il faut %d octets de plus)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Avertissement: l'utilisation de la m�moire n'est pas s�re !\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr ""
-"l'op�ration n'est pas possible tant que la m�moire s�re n'est pas\n"
-"initialis�e\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(vous avez peut-�tre utilis� un programme non adapt� � cette fin)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -352,139 +366,163 @@ msgstr ""
 "@Commandes:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[fichier]|faire une signature"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[fichier]|faire une signature en texte clair"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "faire une signature d�tach�e"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "chiffrer les donn�es"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "[fichier]|chiffrer les fichiers"
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "chiffrement sym�trique seulement"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "pas d'action"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "d�chiffrer les donn�es (d�faut)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[fichiers]|d�chiffrer les fichiers"
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "v�rifier une signature"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "lister les cl�s"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "lister les cl�s et les signatures"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "v�rifier les signatures des cl�s"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "lister les cl�s et les empreintes"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "lister les cl�s secr�tes"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "g�n�rer une nouvelle paire de cl�s"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
-msgstr "enlever la cl� du porte-cl�s public"
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
+msgstr "enlever les cl�s du porte-cl�s public"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
-msgstr "enlever la cl� du porte-cl�s secret"
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "enlever les cl�s du porte-cl�s secret"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "signer une cl�"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "signer une cl� localement"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "signer une cl� irr�vocablement"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "signer une cl� localement et irr�vocablement"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "signer ou �diter une cl�"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "g�n�rer un certificat de r�vocation"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "exporter les cl�s"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "exporter les cl�s vers un serveur de cl�s"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "importer les cl�s d'un serveur de cl�s"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "chercher les cl�s avec un serveur de cl�s"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "mettre � jour les cl�s depuis un serveur"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "importer/fusionner les cl�s"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "ne lister que les paquets"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "exporter les indices de confiance"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "importer les indices de confiance"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "mettre la base de confiance � jour"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NOMS]|v�rifier la base de confiance"
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "mise � jour inattendue de la base de confiance"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "r�parer une base de confiance corrompue"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "Enlever l'armure d'un fichier ou de stdin"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "Mettre une armure � un fichier ou � stdin"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|alg. [fich.]|indiquer les fonctions de hachage"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -494,156 +532,203 @@ msgstr ""
 "Options:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "cr�er une sortie ascii avec armure"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NOM|chiffrer pour NOM"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NOM|utiliser NOM comme r�cipient par d�faut"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "utiliser la cl� par d�f. comme r�cipient"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "utiliser ce nom pour signer ou d�chiffrer"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|niveau de compression N (0 d�sactive)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "utiliser le mode texte canonique"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "utiliser comme fichier de sortie"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "bavard"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "devenir beaucoup plus silencieux"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "ne pas utiliser du tout le terminal"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "forcer les signatures en v3"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "ne pas forcer les signatures en v3"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "forcer les signatures en v4"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "ne pas forcer les signatures en v4"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "toujours utiliser un sceau pour le chiffrement"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr ""
+"ne jamais utiliser de sceau pour le\n"
+"chiffrement"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "ne rien changer"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "utiliser gpg-agent"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "mode automatique: ne jamais rien demander"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "r�pondre oui � la plupart des questions"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "r�pondre non � la plupart des questions"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "ajouter ce porte-cl�s � la liste"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "ajouter ce porte-cl�s secret � la liste"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "indiquer o� est une cl� list�e"
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NOM|utiliser NOM comme cl� secr�te par d�faut"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|H�TE|utiliser ce serveur pour chercher des cl�s"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NOM|le terminal utilise la table de caract�res NOM"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "lire les options du fichier"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr "|FD|�crire l'�tat sur ce descripteur"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr ""
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[fichier]|�crire les informations d'�tat vers ce fichier"
 
-#: g10/gpg.c:297
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|IDCL�|donner une confiance ultime � cette cl�"
+
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|FICH|charger le module d'extension FICH"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "imiter le mode d�crit dans la RFC1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr "utiliser le comportement d�fini par OpenPGP"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr ""
+"utiliser le comportement de PGP 2.x\n"
+"pour toutes les options de paquets,\n"
+"de hachage et de chiffrement"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|coder les mots de passe suivant le mode N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr "|NOM|utiliser le hachage NOM pour les mots de passe"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr "|NOM|utiliser le chiffre NOM pour les mots de passe"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NOM|utiliser l'algorithme de chiffrement NOM"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NOM|utiliser la fonction de hachage NOM"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|utiliser l'algorithme de compression N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr "supprimer l'ident. des paquets chiffr�s"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Montrer les photos d'identit�"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "Ne pas montrer les photos d'identit�"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr ""
+"Choisir la ligne de commande servant �\n"
+"afficher les photos d'identit�"
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NOM=VALEUR|utiliser ces donn�es de notation"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
@@ -651,7 +736,7 @@ msgstr ""
 "@\n"
 "(Voir la page de manuel pour une liste compl�te des commandes et options)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -671,17 +756,17 @@ msgstr ""
 " --list-keys [utilisateur]    montrer les cl�s\n"
 " --fingerprint [utilisateur]  montrer les empreintes\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr ""
 "Signaler toutes anomalies � <[email protected]> (en anglais)\n"
 "et tout probl�me de traduction � <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Utilisation: gpg [options] [fichiers] (-h pour l'aide)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -691,7 +776,7 @@ msgstr ""
 "signer, v�rifier, chiffrer ou d�chiffrer\n"
 "l'op�ration par d�faut d�pend des donn�es entr�es\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -699,193 +784,255 @@ msgstr ""
 "\n"
 "Algorithmes support�s:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "utilisation: gpg [options] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "commandes en conflit\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "NOTE: pas de fichier d'options par d�faut `%s'\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "fichier d'options `%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "lire les options de `%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s n'est pas une table de caract�res valide\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "impossible d'interpr�ter l'URI du serveur de cl�s\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "AVERTISSEMENT: `%s' est un fichier vide\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "ATTENTION: Le programme peut cr�er un fichier �core� !\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "ATTENTION: %s remplace %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "NOTE: %s n'est pas pour une utilisation normale !\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s n'est pas permis avec %s !\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s n'a aucun sens avec %s !\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+"il n'est possible de faire une signature d�tach�e ou en texte clair\n"
+"qu'en mode --pgp2\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "vous ne pouvez pas signer et chiffrer en m�me temps en mode --pgp2\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+"vous devez utiliser des fichiers (et pas un tube) lorsque --pgp2\n"
+"est activ�.\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+"chiffrer un message en mode --pgp2 n�cessite l'algorithme de chiffrage IDEA\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "ce message ne sera pas forc�ment utilisable par PGP 2.x\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "l'algorithme de chiffrement s�lectionn� est invalide\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "la fonction de hachage s�lectionn�e est invalide\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "l'URL de politique donn�e est invalide\n"
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "l'URL de politique de signature donn�e est invalide\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "l'URL de politique de certification donn�e est invalide\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "l'algorithme de compression doit faire partie de l'intervalle %d..%d\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "�completes-needed� doit �tre sup�rieur � 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "�marginals-needed� doit �tre sup�rieur � 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "�max-cert-depth� doit �tre compris entre 1 et 255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "NOTE: le mode S2K simple (0) est fortement d�conseill�\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "mode S2K invalide; ce doit �tre 0, 1 ou 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "default-check-level invalide; ce doit �tre 0, 1, 2 ou 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "pr�f�rences invalides\n"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "impossible d'initialiser la base de confiance: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [nom du fichier]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [nom du fichier]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [nom du fichier]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [nom du fichier]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [nom du fichier]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [nom du fichier]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [nom du fichier]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [nom du fichier]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key utilisateur"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key utilisateur"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key utilisateur [commandes]"
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key utilisateur"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key utilisateur"
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key utilisateur"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key utilisateur"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key utilisateur [commandes]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "impossible d'ouvrir %s: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [utilisateur] [porte-cl�s]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "la suppression d'une armure a �chou�: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "la construction d'une armure a �chou�: %s \n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "algorithme de hachage `%s' invalide\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[nom du fichier]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
-msgstr "Continuez et tapez votre message...\n"
+msgstr "Vous pouvez taper votre message...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "impossible d'ouvrir `%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr ""
 "le premier caract�re du nom d'une notation doit �tre un lettre ou un trait\n"
 "de soulignement\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -894,251 +1041,228 @@ msgstr ""
 "des points ou des traits de soulignement et doit se terminer par un signe "
 "�gal\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr ""
 "les points dans le nom d'une notation doivent �tre entour�s d'autes "
 "caract�res\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "une valeur de notation ne doit utiliser aucun caract�re de contr�le\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "armure: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "en-t�te d'armure invalide: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "en-t�te d'armure: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "en-t�te de signature claire invalide\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "signatures en texte clair imbriqu�es\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "ligne �chapp�e par `-' invalide: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "armure inattendue:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "caract�re %02x invalide en base 64 ignor�\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "fin de fichier pr�matur�e (pas de CRC)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "fin de fichier pr�matur�e (dans le CRC)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "CRC d�form�\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "Erreur de CRC; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "fin de fichier pr�matur�e (dans la remorque)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "erreur dans la ligne de remorque\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr "Pour information voir http://www.gnupg.org"
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "aucune donn�e OpenPGP valide n'a �t� trouv�e.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "armure invalide: ligne plus longue que %d caract�res\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "caract�re cit�-imprimable (quoted-printable) dans l'armure provenant\n"
 "certainement d'un agent de transfert de messages bogu�\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "               Empreinte:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Empreinte:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
 msgstr "Aucune raison sp�cifi�e"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
 msgstr "La cl� a �t� remplac�e"
 
-#: g10/pkclist.c:121
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
 msgstr "La cl� a �t� compromise"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
 msgstr "La cl� n'est plus utilis�e"
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
 msgstr "Le nom d'utilisateur n'est plus valide"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
 msgstr "Cause de r�vocation: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
 msgstr "Commentaire de r�vocation: "
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMqQsS"
 
-#: g10/pkclist.c:308
+#: g10/pkclist.c:258
 #, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
-"Pas de confiance d�finie pour %lu:\n"
+"Pas de confiance d�finie pour :\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
-msgstr ""
-"� quel point avez-vous confiance en cet utilisateur pour v�rifier "
-"correctement\n"
-"les cl�s des autres utilisateurs (vous pouvez v�rifier son passeport, "
-"v�rifier\n"
-"les empreintes de diverses sources...) ?\n"
-"\n"
-" 1 = je ne sais pas\n"
-" 2 = je ne lui fais pas confiance\n"
-" 3 = je le crois marginalement\n"
-" 4 = je le crois totalement\n"
-" s = montrez-moi plus d'informations\n"
+msgstr ""
+"� quel point avez-vous confiance en cet utilisateur pour la v�rification\n"
+"des cl�s des autres utilisateurs (vous pouvez v�rifier son passeport,\n"
+"v�rifier les empreintes de diverses sources...) ?\n"
+
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = ne sait pas\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = je ne fais PAS confiance\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = je crois marginalement\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = je fais enti�rement confiance\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = je donne une confiance ultime\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = donnez-moi plus d'informations\n"
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = retour au menu principal\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = sauter cette cl�\n"
+
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = quitter\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Votre d�cision ? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Voulez-vous vraiment donner une confiance ultime � cette cl� ?"
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Certificats conduisant vers une cl� � confiance ultime:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"Impossible de trouver un chemin de confiance valide jusqu'� la cl�. Voyons\n"
-"si nous ne pouvons pas assigner quelques indices de confiance manquants.\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"Aucun chemin menant vers une de nos cl�s n'a �t� trouv�.\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Aucun certificat � confiance ind�finie n'a �t� trouv�.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Pas d'indice de confiance chang�.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "cl� %08lX: la cl� a �t� r�voqu�e !\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "Utiliser cette cl� quand m�me ? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "cl� %08lX: la sous-cl� a �t� r�voqu�e !\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: la cl� a expir�\n"
 
-#: g10/pkclist.c:519
+#: g10/pkclist.c:442
 #, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: pas d'information pour calculer une probabilit� de confiance\n"
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr "%08lX: Rien ne dit que la cl� appartient vraiment au propri�taire.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: Nous ne faisons PAS confiance � cette cl�\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1147,15 +1271,15 @@ msgstr ""
 "%08lX: Il n'est pas s�r que cette cl� appartient vraiment � son\n"
 "propri�taire mais elle est quand m�me accept�e\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Cette cl� appartient probablement � son propri�taire\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Cette cl� nous appartient\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1167,176 +1291,205 @@ msgstr ""
 "oui � la prochaine question\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "ATTENTION: Utilisation d'une cl� sans confiance !\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "ATTENTION: Cette cl� � �t� r�voqu�e par son propri�taire !\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "           Cela pourrait signifier que la signature est fausse.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "ATTENTION: Cette sous-cl� � �t� r�voqu�e par son propri�taire !\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Note: cette cl� a �t� d�sactiv�e.\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Note: Cette cl� a expir� !\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr ""
 "ATTENTION: Cette cl� n'est pas certifi�e avec une signature de confiance !\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr ""
 "           Rien ne dit que la signature appartient � son propri�taire.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "ATTENTION: Nous ne faisons PAS confiance � cette cl� !\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "           La signature est certainement FAUSSE.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "ATTENTION: Les signatures de cette cl� n'ont pas une confiance suffisante !\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr ""
 "            Il n'est pas s�r que la signature appartient � son "
 "propri�taire.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: ignor�: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: ignor�: cl� publique d�j� pr�sente\n"
 
-#: g10/pkclist.c:855
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr ""
+"Vous n'avez pas sp�cifi� de nom d'utilisateur. (vous pouvez\n"
+"utiliser �-r�)\n"
+"\n"
+
+#: g10/pkclist.c:762
 msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
 "\n"
+"Enter the user ID.  End with an empty line: "
 msgstr ""
-"Vous n'avez pas sp�cifi� de nom d'utilisateur. (vous pouvez utiliser �-r�)\n"
 "\n"
+"Entrez le nom d'utilisateur, en terminant par une ligne vide: "
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Entrez le nom d'utilisateur: "
-
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Pas d'utilisateur de ce nom.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr "ignor�: la cl� publique est d�j� le r�cipient par d�faut\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "La cl� publique est d�sactiv�e.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "ignor�: cl� publique configur�e par --encrypt-to\n"
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "ignor�: cl� publique d�j� activ�e\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "r�cipient par d�faut `%s' inconnu\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: erreur pendant la v�rification de la cl�: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: ignor�: la cl� publique est d�sactiv�e\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "pas de destinataire valide\n"
 
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "la pr�f�rence %c%lu n'est pas valide\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "pr�f�rence %c%lu dupliqu�e\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "trop de pr�f�rences `%c'\n"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "Caract�re invalide dans la cha�ne\n"
+
 # g10/keygen.c:123 ???
-#: g10/keygen.c:179
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "�criture de l'auto-signature\n"
 
 # g10/keygen.c:161 ???
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "�criture de la signature de liaison\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
 #, c-format
 msgid "keysize invalid; using %u bits\n"
 msgstr "Taille invalide; utilisation de %u bits\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
 #, c-format
 msgid "keysize rounded up to %u bits\n"
 msgstr "taille arrondie � %u bits\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "S�lectionnez le type de cl� d�sir�:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA et ElGamal (par d�faut)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (signature seule)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (chiffrement seul)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (signature et chiffrement)\n"
 
-#: g10/keygen.c:643
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (signature seule)\n"
+
+#: g10/keygen.c:786
 #, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) RSA (signature et chiffrement)\n"
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (chiffrement seul)\n"
 
-#: g10/keygen.c:647
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Votre choix ? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Voulez-vous vraiment cr�er une cl� de signature et de chiffrement ? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr ""
+"L'utilisation de cet algorithme est d�conseill� - faut-il quand-m�me\n"
+"cr�er la cl� ?"
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Choix invalide.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1349,22 +1502,22 @@ msgstr ""
 "          la taille par d�faut est 1024 bits\n"
 " la taille maximale conseill�e est 2048 bits\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Quelle taille de cl� d�sirez-vous ? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA permet seulement des tailles comprises entre 512 et 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "taille trop petite; 768 est la plus petite valeur permise.\n"
-
-#: g10/keygen.c:708
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
 msgstr "taille trop petite; 1024 est la plus petite valeur permise pour RSA.\n"
 
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr "taille trop petite; 768 est la plus petite valeur permise.\n"
+
 #. It is ridiculous and an annoyance to use larger key sizes!
 #. * GnuPG can handle much larger sizes; but it takes an eternity
 #. * to create such a key (but less than the time the Sirius
@@ -1373,12 +1526,12 @@ msgstr "taille trop petite; 1024 est la plus petite valeur permise pour RSA.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "taille trop importante; %d est la plus grande valeur permise.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1386,11 +1539,11 @@ msgstr ""
 "Les tailles sup�rieures � 2048 ne sont pas conseill�es car\n"
 "les calculs prennent VRAIMENT beaucoup de temps !\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Etes-vous s�r de vouloir cette taille ? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1398,21 +1551,17 @@ msgstr ""
 "D'accord, mais n'oubliez pas que les radiations de votre �cran et de votre\n"
 "clavier sont aussi tr�s vuln�rables aux attaques !\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Avez-vous r�ellement besoin d'une taille aussi grande ? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "La taille demand�e est %u bits\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "arrondie � %u bits\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1426,27 +1575,48 @@ msgstr ""
 "      <n>  = la cl� expire dans n jours\n"
 "      <n>w = la cl� expire dans n semaines\n"
 "      <n>m = la cl� expire dans n mois\n"
-"      <n>y = la cl� expire dans n ans\n"
+"      <n>y = la cl� expire dans n ann�es\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Sp�cifiez combien de temps la signature devrait �tre valide.\n"
+"         0 = la signature n'expire pas\n"
+"      <n>  = la signature expire dans n jours\n"
+"      <n>w = la signature expire dans n semaines\n"
+"      <n>m = la signature expire dans n mois\n"
+"      <n>y = la signature expire dans n ann�es\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "La cl� est valide pour ? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "La signature est valide pour ? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "valeur invalide\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "La cl� n'expire pas du tout\n"
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s n'expire pas du tout\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
+#: g10/keygen.c:992
 #, c-format
-msgid "Key expires at %s\n"
-msgstr "La cl� expire le %s\n"
+msgid "%s expires at %s\n"
+msgstr "%s expire le %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1454,11 +1624,11 @@ msgstr ""
 "Votre syst�me ne sait pas afficher les dates au-del� de 2038.\n"
 "Cependant la gestion des dates sera correcte jusqu'� 2106.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "Est-ce correct (o/n) ? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1474,44 +1644,44 @@ msgstr ""
 "   � Heinrich Heine (Der Dichter) <[email protected]> �\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Nom r�el: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Caract�re invalide dans le nom\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Le nom ne doit pas commencer par un chiffre\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Le nom doit faire au moins 5 caract�res de long\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Adresse e-mail: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Ce n'est pas une adresse e-mail valide\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Commentaire: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Caract�re invalide dans le commentaire\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Vous utilisez le jeu de caract�res '%s'.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1522,28 +1692,28 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr ""
 "Ne mettez pas d'adresse e-mail dans le nom r�el ou dans le commentaire\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnCcEeOoQq"
 
-#: g10/keygen.c:986
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
 msgstr "Changer le (N)om, le (C)ommentaire, l'(E)-mail ou (Q)uitter ? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "Changer le (N)om, le (C)ommentaire, l'(E)-mail ou (O)K/(Q)uitter ? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
 msgstr "Corrigez l'erreur d'abord\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1551,11 +1721,16 @@ msgstr ""
 "Vous avez besoin d'un mot de passe pour prot�ger votre cl� secr�te.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr "le mot de passe n'a pas �t� r�p�t� � l'identique; recommencez.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "le mot de passe n'a pas �t� correctement r�p�t� ; recommencez."
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1567,7 +1742,7 @@ msgstr ""
 "le d�sirez, en utilisant ce programme avec l'option � --edit-key �.\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1579,29 +1754,55 @@ msgstr ""
 "pendant la g�n�ration de nombres premiers; cela donne au g�n�rateur de\n"
 "nombres al�atoires une meilleure chance d'avoir assez d'entropie.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "La paire de cl�s DSA fera 1024 bits.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "La g�n�ration de cl� a �t� annul�e.\n"
 
-#: g10/keygen.c:1668
+#: g10/keygen.c:1883 g10/keygen.c:1963
 #, c-format
 msgid "writing public key to `%s'\n"
 msgstr "�criture de la cl� publique vers `%s'\n"
 
-#: g10/keygen.c:1669
+#: g10/keygen.c:1884 g10/keygen.c:1965
 #, c-format
 msgid "writing secret key to `%s'\n"
 msgstr "�criture de la cl� secr�te vers `%s'\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr ""
+"aucun portes-cl�s public n'a �t� trouv� avec des droits d'�criture : %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr ""
+"aucun portes-cl�s secret n'a �t� trouv� avec des droits d'�criture : %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "erreur durant l'�criture du porte-cl�s public `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "erreur durant l'�criture du porte-cl�s secret `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "les cl�s publique et secr�te ont �t� cr��es et sign�es.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "cl� marqu�e comme ayant une confiance ultime.\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
@@ -1610,13 +1811,13 @@ msgstr ""
 "utiliser la commande �--edit-key� pour g�n�rer une cl� secondaire �\n"
 "cette fin.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "La g�n�ration de cl� a �chou�: %s\n"
 
 # on s'amuse comme on peut...
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1624,7 +1825,7 @@ msgstr ""
 "la cl� a �t� cr��e %lu seconde dans le futur (rupture spatio-temporelle ou\n"
 "probl�me d'horloge)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1632,307 +1833,367 @@ msgstr ""
 "la cl� a �t� cr��e %lu secondes dans le futur (rupture spatio-temporelle ou\n"
 "probl�me d'horloge\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr ""
+"NOTE: cr�er des sous-cl�s pour des cl�s v3 n'est pas conforme � OpenPGP\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Cr�er vraiment ? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output n'est pas compatible avec cette commande\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' d�j� compress�\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: impossible d'ouvrir: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "erreur pendant la cr�ation du mot de passe: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: ATTENTION: fichier vide\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"le chiffrement RSA ne se fait qu'avec des cl�s de moins de 2048 bits\n"
+"en mode --pgp2\n"
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "lecture de `%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+"impossible d'utiliser le chiffre IDEA pour toutes les cl�s vers\n"
+"lesquelles vous chiffrez.\n"
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s chiffr� pour: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
+#: g10/delkey.c:69 g10/export.c:141
 #, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: utilisateur non trouv�: %s\n"
+msgid "key `%s' not found: %s\n"
+msgstr "cl� '%s' introuvable: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "erreur pendant la lecture du bloc de cl� : %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "cl� %08lX: ce n'est pas une cl� rfc2440 - ignor�e\n"
 
-#: g10/export.c:175
+#: g10/export.c:180
 #, c-format
 msgid "key %08lX: not protected - skipped\n"
 msgstr "cl� %08lX: non prot�g�e - ignor�e\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "cl� %08lX: cl� de style PGP 2.x - ignor�e\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "ATTENTION: rien n'a �t� export�\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "trop d'entr�es dans le cache pk - d�sactiv�\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "trop d'entr�es dans le cache unk - d�sactiv�\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[Nom utilisateur introuvable]"
+
+#: g10/getkey.c:1360
+#, fuzzy, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr "La cl� invalide %08lX a �t� rendu valide par --always-trust\n"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr ""
 "utilisation de la cl� secondaire %08lX � la place de la cl�\n"
 "principale %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr "cl� %08lX: cl� secr�te sans cl� publique - non prise en compte\n"
 
-#: g10/getkey.c:2513
-msgid "[User id not found]"
-msgstr "[Nom utilisateur introuvable]"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "un bloc de type %d a �t� ignor�\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu cl�s trait�es jusqu'ici\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "erreur pendant la lecture de `%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "       Quantit� totale trait�e: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "           nouvelles sous-cl�s: %lu\n"
+msgstr "       nouvelles cl�s ignor�es: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "        sans nom d'utilisateur: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "                      import�e: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "                     inchang�e: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "  nouveaux noms d'utilisateurs: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "           nouvelles sous-cl�s: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "          nouvelles signatures: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr " nouvelles r�vocations de cl�s: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "            cl�s secr�tes lues: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "       cl�s secr�tes import�es: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr "      cl�s secr�tes inchang�es: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "cl� %08lX: pas de nom d'utilisateur\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "cl� %08lX: utilisateur non sign� par lui-m�me accept�: '"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "cl� %08lX: pas de nom d'utilisateur valide\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "cela peut provenir d'une auto-signature manquante\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "cl� %08lX: cl� publique pas trouv�e: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "cl� %08lX: ce n'est pas une cl� rfc2440 - ignor�e\n"
+msgstr "cl� %08lX: nouvelle cl� - ignor�e\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "aucun porte-cl� n'a �t� trouv� avec des droits d'�criture : %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "�criture de `%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "erreur durant l'�criture du porte-cl�s `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "cl� %08lX: cl� publique import�e\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "cl� %08lX: ne ressemble pas � notre copie\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "cl� %08lX: impossible de trouver le bloc de cl�s original: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "cl� %08lX: impossible de lire le bloc de cl�s original: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "cl� %08lX: un nouvel utilisateur\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "cl� %08lX: %d nouveaux utilisateurs\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "cl� %08lX: une nouvelle signature\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "cl� %08lX: %d nouvelles signatures\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "cl� %08lX: une nouvelle sous-cl�\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "cl� %08lX: %d nouvelles sous-cl�s\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "cl� %08lX: n'a pas chang�\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "pas de porte-cl�s par d�faut: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "cl� %08lX: cl� secr�te import�e\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "cl� %08lX: d�j� dans le porte-cl�s secret\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "cl� %08lX: cl� secr�te pas trouv�e: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "cl� %08lX: pas de cl� publique - le certificat de r�vocation ne peut\n"
 "�tre appliqu�\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "cl� %08lX: certificat de r�vocation invalide: %s - rejet�\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "cl� %08lX: certificat de r�vocation import�\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "cl� %08lX: pas d'utilisateur pour la signature\n"
 
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
 msgstr "cl� %08lX: algorithme de cl� publique non support�\n"
 
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
 msgstr "cl� %08lX: auto-signature invalide\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "cl� %08lX: pas de sous-cl� pour relier la cl�\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "cl� %08lX: liaison avec la sous-cl� invalide\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "cl� %08lX: algorithme de cl� publique non support�\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "cl� %08lX: utilisateur non sign� par lui-m�me accept�: '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "cl� %08lX: liaison avec la sous-cl� invalide\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "cl� %08lX: utilisateur non pris en compte: '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "cl� %08lX: sous-cl� non prise en compte\n"
@@ -1941,93 +2202,200 @@ msgstr "cl� %08lX: sous-cl� non prise en compte\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr "cl� %08lX: signature non exportable (classe %02x) - ignor�e\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr "cl� %08lX: certificat de r�vocation au mauvais endroit - ignor�e\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "cl� %08lX: certificat de r�vocation invalide: %s - ignor�e\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "cl� %08lX: nom d'utilisateur en double fusionn�\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "cl� %08lX: certificat de r�vocation ajout�\n"
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1231
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "cl� %08lX: notre copie n'a pas d'auto-signature\n"
+msgid "key %08lX: direct key signature added\n"
+msgstr "cl� %08lX: ajout de la signature de cl� directe\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[r�vocation]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[auto-signature]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "une mauvaise signature\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d mauvaises signatures\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "une signature non v�rifi�e � cause d'une cl� manquante\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d signatures non v�rifi�es � cause de cl�s manquantes\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "une signature non v�rifi�e � cause d'une erreur\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d signatures non v�rifi�es � cause d'erreurs\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "un nom d'utilisateur sans auto-signature valide d�tect�\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr "%d nom d'utilisateurs sans auto-signature valide d�tect�\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
-#, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "D�j� sign� par la cl� %08lX\n"
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "Le nom d'utilisateur \"%s\" est r�voqu�.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+#, fuzzy
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Channel #bsdfr is +k, but has no key.  This server is broken"
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
 
-#: g10/keyedit.c:319
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, fuzzy, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"Votre signature actuelle sur \"%s\"\n"
+"est locale.\n"
+"\n"
+"Voulez vous la rendre compl�tement exportable ?\n"
+
+#: g10/keyedit.c:368
+#, fuzzy
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+"Votre signature actuelle sur \"%s\"\n"
+"est locale.\n"
+"\n"
+"Voulez vous la rendre compl�tement exportable ?\n"
+
+#: g10/keyedit.c:388
+#, fuzzy, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" a d�j� �t� %ssign� par la cl� %08lX\n"
+
+#: g10/keyedit.c:393
+#, fuzzy, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" a d�j� �t� %ssign� par la cl� %08lX\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Rien � signer avec la cl� %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "Cette cl� a expir� !"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Cette cl� va expirer le %s.\n"
+
+#: g10/keyedit.c:444
+#, fuzzy
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "Voulez-vous que votre signature expire en m�me temps ? (o/n) "
+
+#: g10/keyedit.c:477
+#, fuzzy
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+"il n'est possible de signer avec des cl�s de style PGP 2.x uniquement\n"
+"en mode --pgp2\n"
+
+#: g10/keyedit.c:479
+#, fuzzy
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "ce message ne sera pas forc�ment utilisable par PGP 2.x\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Avec quel soin avez-vous v�rifi� que la cl� que vous allez signer\n"
+"appartient r�ellement � la personne sus-nomm�e ? Si vous ne savez\n"
+"quoi r�pondre, entrez \"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Je ne r�pondrai pas.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) Je n'ai pas v�rifi� du tout.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) J'ai un peu v�rifi�.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) J'ai v�rifi� tr�s soigneusement.%s\n"
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2035,47 +2403,79 @@ msgstr ""
 "Etes-vous vraiment s�r(e) que vous voulez signer cette cl�\n"
 "avec la v�tre: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
 msgid ""
-"The signature will be marked as non-exportable.\n"
 "\n"
+"The signature will be marked as non-exportable.\n"
 msgstr ""
+"\n"
 "La signature sera marqu�e comme non-exportable.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"La signature sera marqu�e comme non-r�vocable.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"Je n'ai pas du tout v�rifi� cette cl�.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"J'ai un peu v�rifi� cette cl�.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
 "\n"
+"J'ai v�rifi� cette cl� avec grand soin.\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Signer r�ellement ? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "la signature a �chou�: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Cette cl� n'est pas prot�g�e.\n"
 
-#: g10/keyedit.c:426
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
 msgstr "Les parties secr�tes de la cl� principale ne sont pas disponibles.\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "La cl� est prot�g�e.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Impossible d'�diter cette cl�: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
 msgstr "Entrez le nouveau mot de passe pour cette cl� secr�te.\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2084,422 +2484,558 @@ msgstr ""
 "*mauvaise* id�e\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Voulez-vous vraiment faire cela ? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "replacer la signature d'une cl� � l'endroit correct\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "quitter ce menu"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "enregistrer"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "enregistrer et quitter"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "help"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "afficher cette aide"
 
 # g10/keyedit.c:556 ???
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "afficher l'empreinte"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "lister"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "lister la cl� et les noms d'utilisateurs"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "s�lectionner le nom d'utilisateur N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "cl�"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "s�lectionner la cl� secondaire N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "v�rifier"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "lister les signatures"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "signer"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "signer la cl�"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsigner"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "signer la cl� localement"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsigner"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "signer la cl� de fa�on non-r�vocable"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsigner"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "signer la cl� de fa�on locale et non-r�vocable"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "d�boguer"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "aj.ut"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "ajouter un utilisateur"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "aj.photo"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "ajouter une photo d'identit�"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "suppr.ut"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "enlever un utilisateur"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "suppr.photo"
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "aj.cl�"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "ajouter une cl� secondaire"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "suppr.cl�"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "enlever une cl� secondaire"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "suppr.sign"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "supprimer les signatures"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "changer la date d'expiration"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "principale"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "marquer le nom d'utilisateur comme principal"
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "changer"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "passer de la liste des cl�s secr�tes aux cl�s priv�es et inversement"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pr�f"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr "lister les pr�f�rences"
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "lister les pr�f�rences (expert)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "montr.pr�f"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "lister les pr�f�rences (bavard)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "mettre.pr�f"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "donner la liste de pr�f�rences"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "pr�f.m�j"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "pr�f�rences mises � jour"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "mot.pas"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "changer le mot de passe"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "confi."
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "changer la confiance"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "r�voquer les signatures"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "revcl�"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "r�voquer une cl� secondaire"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "d�sactiver"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "d�sactiver une cl�"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "activer"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "activer une cl�"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "montr.photo"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "montrer la photo d'identit�"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "impossible de faire cela en mode automatique\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "erreur pendant la lecture du bloc de cl� secr�te `%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "La cl� secr�te est disponible.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Commande> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "Il faut la cl� secr�te pour faire cela.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
 msgstr "Utilisez la commande �toggle� d'abord.\n"
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "La cl� est r�voqu�e.\n"
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Signer vraiment tous les utilisateurs ? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Aide: S�lectionner les utilisateurs � signer\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "la mise � jour de la base de confiance a �chou�: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "Cette commande n'est pas admise en mode %s.\n"
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Vous devez s�lectionner au moins un utilisateur.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Vous ne pouvez pas supprimer le dernier utilisateur !\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "Enlever r�ellement tous les utilisateurs s�lectionn�s ? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Enlever r�ellement cet utilisateur ? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Vous devez s�lectionner au moins une cl�.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "Voulez-vous vraiment supprimer les cl�s s�lectionn�es ? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "Voulez-vous vraiment supprimer cette cl� ? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "Voulez-vous vraiment r�voquer les cl�s s�lectionn�es ? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "Voulez-vous vraiment r�voquer cette cl� ? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "Enlever r�ellement les pr�f�rences des utilisateurs s�lectionn�s ? "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Faut-il vraiment mettre � jour les pr�f�rences ? "
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Enregistrer les changements? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Quitter sans enregistrer? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "la mise � jour a �chou�: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "la mise � jour de la cl� secr�te a �chou�: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "La cl� n'a pas chang� donc la mise � jour est inutile.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Commande invalide  (essayez �help�)\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "Cette cl� peut �tre r�voqu�e par la cl� %s %s%s\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (sensible)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  cr��e: %s expire: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " confiance: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Cette cl� a �t� d�sactiv�e"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "cl� %08lX: la sous-cl� a �t� r�voqu�e !\n"
+msgstr "rev! la sous-cl� a �t� r�voqu�e: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr " nouvelles r�vocations de cl�s: %lu\n"
+msgstr "rev- une r�vocation truqu�e a �t� trouv�e\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? probl�me de v�rification de la r�vocation: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"ATTENTION: Cette cl� poss�de d�j� une photo d'identit�.\n"
+"           Ajouter une autre photo d'identit� peut poser des\n"
+"           probl�mes avec certaines versions de PGP.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Channel #bsdfr is +k, but has no key.  This server is broken"
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "Vous ne pouvez avoir qu'une seule photo d'identit� par cl�.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"ATTENTION: C'est une cl� du style PGP2.  Ajouter une photo\n"
+"d'identit� peut emp�cher certaines versions de PGP d'accepter\n"
+"cette cl�\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
 msgstr ""
+"Vous ne pouvez pas ajouter de photo d'identit� � une cl� du style PGP2.\n"
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "Supprimer cette bonne signature ? (o/N/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "Supprimer cette signature invalide ? (o/N/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "Supprimer cette signature inconnue ? (o/N/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "Faut-il vraiment supprimer cette auto-signature ? (o/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "%d signature supprim�e.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "%d signatures supprim�es\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Rien n'a �t� supprim�.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Enlevez les s�lections des cl�s secr�tes.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Vous devez s�lectionner au plus une cl� secondaire.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "Changer la date d'expiration d'une cl� secondaire.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "Changer la date d'expiration de la cl� principale.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Vous ne pouvez pas changer la date d'expiration d'une cl� v3\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Pas de signature correspondante dans le porte-cl�s secret\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Vous devez s�lectionner exactement un utilisateur.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Pas d'utilisateur avec l'index %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Pas de cl� secondaire avec l'index %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "nom d'utilisateur: �"
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2508,245 +3044,380 @@ msgstr ""
 "�\n"
 "sign� avec votre cl� %08lX � %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, fuzzy, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"�\n"
+"sign� avec votre cl� %08lX � %s\n"
+
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Cette cl� va expirer le %s.\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Channel #bsdfr is +k, but has no key.  This server is broken"
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
 msgstr "G�n�rer un certificat de r�vocation pour cette signature ? (o/N)"
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Vous avez sign� ces noms d'utilisateurs:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
-#, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "   sign� par %08lX � %s\n"
+#: g10/keyedit.c:2504
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   sign� par %08lX � %s%s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   r�voqu� par %08lX � %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Vous �tes sur le point de r�voquer ces signatures:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   sign� par %08lX � %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
+
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
 msgstr "Faut-il vraiment g�n�rer les certificats de r�vocation ? (o/N)"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "pas de cl� secr�te\n"
 
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "armure invalide"
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
 
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "revcl�"
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Politique de signature: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "ATTENTION: des donn�es de notation invalides ont �t� d�tect�es\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Notation de signature: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "illisible par un humain"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "Porte-cl�s"
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
+#: g10/keylist.c:423 g10/mainproc.c:856
 #, c-format
 msgid " [expires: %s]"
 msgstr " [expire: %s]"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Empreinte:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "              Empreinte :"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr " Empreinte de la cl� ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "donn�es chiffr�es avec %s\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "chiffr� avec l'algorithme inconnu %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "la cl� publique est %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "donn�es chiffr�es par cl� publique: bonne cl� de chiffrement (DEK)\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "chiffr� avec une cl� de %u bits %s, ID %08lX, cr��e le %s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "chiffr� avec une cl� %s, %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "aucune cl� secr�te n'est disponible pour le d�chiffrement\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "le d�chiffrement par cl� publique a �chou�: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "on suppose des donn�es chiffr�es avec %s\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+"L'algorithme IDEA n'est pas disponible, avec un peu de chance %s marchera\n"
+"peut-�tre\n"
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "le d�chiffrement a r�ussi\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "ATTENTION: le message chiffr� a �t� manipul� !\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr "le d�chiffrement a �chou�: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr "NOTE: l'exp�diteur a demand� �pour vos yeux seulement�\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "nom de fichier original: '%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr "r�vocation autonome - utilisez �gpg --import� pour l'appliquer\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "ATTENTION: des donn�es de notation invalides ont �t� d�tect�es\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Notation: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Politique: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "v�rification de signature supprim�e\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "le traitement de ces signatures multiples est impossible\n"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Signature faite %.*s avec une cl� %s ID %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "MAUVAISE signature de \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Signature expir�e de \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Bonne signature de \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[incertain]"
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "              alias \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Impossible de v�rifier la signature: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "la signature n'est pas d�tach�e\n"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "signature autonome de classe 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "signature d'un ancien style (PGP 2.x)\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "paquet racine invalide d�tect� dans proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "impossible d'emp�cher la g�n�ration de fichiers �core�: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Les algorithmes exp�rimentaux ne devraient pas �tre utilis�s !\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
 msgstr ""
 "Cet algorithme de chiffrement est d�conseill�; utilisez-en un\n"
 "plus standard !\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Attention: propri�taire de %s \"%s\" peu s�r\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Attention: permissions de %s \"%s\" peu s�res\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "le module de chiffrement IDEA n'est pas pr�sent\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+"voir http://www.gnupg.org/fr/why-not-idea.html pour plus d'informations\n"
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "impossible de g�rer l'algorithme � cl� publique %d\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "un sous-paquet de type %d poss�de un bit critique\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
+msgstr "gpg-agent n'est pas disponible dans cette session\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "impossible d'obtenir le pid du client pour l'agent\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
 msgstr ""
+"impossible d'obtenir le descripteur de lecture du serveur\n"
+"pour l'agent\n"
 
-#: g10/passphrase.c:204
-msgid "malformed GPG_AGENT_INFO environment variable\n"
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
 msgstr ""
+"impossible d'obtenir le descripteur d'�criture du serveur pour l'agent\n"
+
+#: g10/passphrase.c:498
+msgid "malformed GPG_AGENT_INFO environment variable\n"
+msgstr "la variable d'environnement GPG_AGENT_INFO est mal d�finie\n"
+
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "le protocole gpg-agent version %d n'est pas support�\n"
 
-#: g10/hkp.c:158 g10/passphrase.c:223
+#: g10/hkp.c:147 g10/passphrase.c:532
 #, c-format
 msgid "can't connect to `%s': %s\n"
 msgstr "impossible de se connecter � `%s': %s\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "probl�me de communication avec ssh-agent\n"
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "probl�me avec l'agent - arr�t d'utilisation de l'agent\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (ID cl� principale %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
 "Vous avez besoin d'un mot de passe pour d�verrouiller la cl� secr�te pour\n"
-"l'utilisateur: \""
+"l'utilisateur:\n"
+"\"%.*s\"\n"
+"cl� %u bits %s, ID %08lX, cr��e %s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Entrez le mot de passe: "
+msgstr "Entrez le mot de passe\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "R�p�tez le mot de passe: "
+msgstr "R�p�tez le mot de passe\n"
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr ""
+msgstr "mot de passe trop long\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "r�ponse de l'agent invalide\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "annul� par l'utilisateur\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "probl�me avec l'agent : l'agent renvoie 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2756,20 +3427,20 @@ msgstr ""
 "Vous avez besoin d'un mot de passe pour d�verrouiller la cl� secr�te pour\n"
 "l'utilisateur: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "cl� de %u bits %s, ID %08lX, cr��e le %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "impossible de demander un mot de passe en mode automatique\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Entrez le mot de passe: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "R�p�tez le mot de passe: "
 
@@ -2779,150 +3450,200 @@ msgstr ""
 "les donn�es ne sont pas enregistr�es; utilisez l'option �--output� pour\n"
 "les enregistrer\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "erreur pendant la cr�ation de `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
 msgstr "Signature d�tach�e.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Entrez le nom du fichier de donn�es: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "lecture de l'entr�e standard...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "pas de donn�es sign�es\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "impossible d'ouvir les donn�es sign�es `%s'\n"
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "destinataire anonyme; essai de la cl� secr�te %08lX...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "d'accord, nous sommes le r�cipient anonyme.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "l'ancien codage de la cl� de chiffrement (DEK) n'est pas support�\n"
 
-#: g10/pubkey-enc.c:216
+#: g10/pubkey-enc.c:177
 #, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "l'algorithme de chiffrement %d est inconnu ou d�sactiv�\n"
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "l'algorithme de chiffrement %d%s est inconnu ou d�sactiv�\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr ""
 "NOTE: l'algorithme de chiffrement %d n'a pas �t� trouv� dans les "
 "pr�f�rences\n"
 
-#: g10/pubkey-enc.c:261
+#: g10/pubkey-enc.c:242
 #, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
 msgstr "NOTE: la cl� secr�te %08lX a expir� le %s\n"
 
-#: g10/hkp.c:62
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr "requ�te de la cl� %08lX de %s...\n"
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "requ�te de la cl� %08lX du serveur de cl�s HKP %s\n"
 
-#: g10/hkp.c:75
+#: g10/hkp.c:94
 #, c-format
 msgid "can't get key from keyserver: %s\n"
 msgstr "impossible d'obtenir les cl�s du serveur: %s\n"
 
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr "aucun serveur de cl�s n'est connu (utilisez l'option �--keyserver�)\n"
-
-#: g10/hkp.c:106
-#, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s: l'identification de la cl� est invalide\n"
-
-#: g10/hkp.c:182
+#: g10/hkp.c:171
 #, c-format
 msgid "error sending to `%s': %s\n"
 msgstr "erreur pendant l'envoi de `%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
 msgstr "l'envoi � `%s' s'est d�roul� avec succ�s (r�sultat=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
 msgstr "l'envoi � `%s' a �chou�: le r�sultat est %u\n"
 
-#: g10/seckey-cert.c:89
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "recherche de \"%s\" du serveur HKP %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "impossible de chercher une cl� dans le serveur : %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
 msgstr "les parties secr�tes ne sont pas disponibles\n"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
 #, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "l'algorithme de protection %d n'est pas support�\n"
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "l'algorithme de protection %d%s n'est pas support�\n"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr "Mot de passe invalide; r�essayez...\n"
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Mot de passe invalide ; r�essayez"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
+
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr "ATTENTION: Cl� faible d�tect�e - changez encore le mot de passe.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "Ceci est une cl� ElGamal g�n�r�e par PGP qui n'est PAS s�re pour les\n"
 "signatures !\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "la cl� publique est plus r�cente de %lu seconde que la signature\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "la cl� publique est plus r�cente de %lu secondes que la signature\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "NOTE: la cl� de signature a expir� le %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "NOTE: la cl� de signature %08lX a expir� le %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr ""
 "la signature est suppos�e �tre fausse car un bit critique est\n"
 "inconnu\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"AVERTISSEMENT: impossible de faire une expansion � base de %% de l'url\n"
+"de politique (trop grande). Utilisation de la version non expans�e.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "Impossible de v�rifier la signature cr��e: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "Signature %s de: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "AVERTISSEMENT: `%s' est un fichier vide\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"il n'est possible de signer avec des cl�s de style PGP 2.x uniquement\n"
+"en mode --pgp2\n"
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "impossible de cr�er %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "signature:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"il n'est possible de faire une signature en texte clair avec des cl�s\n"
+"de style PGP 2.x qu'en mode --pgp2\n"
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "ATTENTION: `%s' est un fichier vide\n"
+msgid "%s encryption will be used\n"
+msgstr "le chiffrement %s sera utilis�\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2934,435 +3655,210 @@ msgstr "impossible de traiter les lignes plus longues que %d caract�res\n"
 msgid "input line longer than %d characters\n"
 msgstr "la ligne d'entr�e est plus longue que %d caract�res\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "enregistrement de base de confiance %lu: lseek a �chou�: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr ""
 "enregistrement de la base de confiance %lu: l'�criture a �chou� (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "transaction de base de confiance trop volumineuse\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: impossible d'acc�der: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: le r�pertoire n'existe pas !\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
-#, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: impossible de cr�er: %s\n"
-
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
 msgid "%s: can't create lock\n"
 msgstr "%s: impossible de cr�er le verrouillage\n"
 
-#: g10/tdbio.c:473
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: impossible de cr�er le verrou\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: impossible de cr�er: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: impossible de cr�er un enregistrement de version: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: base de confiance invalide cr��e\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: base de confiance cr��e\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: base de confiance invalide\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: la cr�ation de la table de hachage a �chou�: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: erreur pendant la mise � jour de l'enregistrement de version: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: erreur pendant la lecture de l'enregistrement de version: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: erreur pendant l'�criture de l'enregistrement de version: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "base de confiance: �lseek()� a �chou�: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "base de confiance: la lecture a �chou� (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: ce n'est pas un fichier de base de confiance\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: enregistrement de version avec un num�ro %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: version %d du fichier invalide\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: erreur pendant la lecture de l'enregistrement libre: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr ""
 "%s: erreur pendant l'�criture de l'enregistrement de\n"
 "r�pertoire: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: n'a pu mettre un enregistrement � z�ro: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: impossible d'ajouter un enregistrement: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr "la base de confiance est corrompue; ex�cutez �gpg --fix-trustdb�.\n"
 
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr ""
-"enregistrement de confiance %lu, type de requ�te %d: la lecture a �chou�: "
-"%s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "enregistrement de confiance %lu, type %d: l'�criture a �chou�: %s\n"
-
-#: g10/trustdb.c:198
+#: g10/trustdb.c:200
 #, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "enregistrement de confiance %lu: la suppression a �chou�: %s\n"
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' n'est pas une identification de cl� longue valide\n"
 
-#: g10/trustdb.c:212
+#: g10/trustdb.c:235
 #, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "base de confiance: la synchronisation a �chou�: %s\n"
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "cl� %08lX: accept�e comme cl� de confiance.\n"
 
-#: g10/trustdb.c:377
+#: g10/trustdb.c:274
 #, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr ""
-"erreur pendant la lecture de l'enregistrement de r�pertoire pour\n"
-"le LID %lu: %s\n"
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "la cl� %08lX appara�t plusieurs fois dans la base de confiance\n"
 
-#: g10/trustdb.c:384
+#: g10/trustdb.c:290
 #, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: enregistrement de r�pertoire attendu, a re�u le type %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "pas de cl� principale pour le LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "erreur pendant la lecture de la cl� principale pour le LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record a �chou�: %s\n"
-
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "%s: l'identification de la cl� est invalide\n"
-
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "cl� %08lX: impossible de la mettre dans la base de confiance\n"
-
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "cl� %08lX: l'enregistrement de requ�te a �chou�\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "cl� %08lX: d�j� dans la table des cl�s certifi�es\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "cl� %08lX: accept�e comme cl� certifi�e.\n"
-
-#: g10/trustdb.c:547
-#, fuzzy, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "cl� %08lX: non prot�g�e - ignor�e\n"
-
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "NOTE: la cl� secr�te %08lX n'est PAS prot�g�e.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "cl� %08lX: les cl�s secr�te et publique ne correspondent pas\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "l'�num�ration des cl�s secr�tes a �chou�: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "cl� %08lX.%lu: bonne liaison avec la sous-cl�\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "cl� %08lX.%lu: liaison avec la sous-cl� invalide: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "cl� %08lX.%lu: r�vocation de cl� valide\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "cl� %08lX.%lu: r�vocation de sous-cl� invalide: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "cl� %08lX.%lu: r�vocation de sous-cl� valide\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Bonne auto-signature"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Auto-signature invalide"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr ""
-"La r�vocation valide de nom d'utilisateur a �t� ignor�e car l'auto-\n"
-"signature est plus r�cente"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "R�vocation de nom d'utilisateur valide"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "R�vocation de nom d'utilisateur invalide"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Certificat de r�vocation valide"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Bon certificat"
+msgstr "cl� %08lX: pas de cl� publique pour la cl� de confiance - ignor�e\n"
 
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "R�vocation de certificat invalide"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Certificat invalide"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
+#: g10/trustdb.c:332
 #, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr ""
-"l'enregistrement de signature %lu[%d] pointe vers un mauvais\n"
-"enregistrement de r�pertoire\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "certificat dupliqu� - supprim�"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir a �chou�: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: l'insertion a �chou�: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: l'insertion a �chou�: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: ins�r�\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "erreur pendant la lecture de l'enregistrement de r�pertoire: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu cl�s trait�es\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu cl�s avec erreurs\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu cl�s ins�r�es\n"
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "l'�num�ration des blocs de cl�s a �chou�: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: enregistrement de r�pertoire sans cl� - ignor�\n"
-
-#: g10/trustdb.c:1884
-#, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu � cause de nouvelles cl�s publiques\n"
-
-#: g10/trustdb.c:1886
-#, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu cl�s ignor�es\n"
-
-#: g10/trustdb.c:1890
-#, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu cl�s mises � jour\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Ooops, pas de cl�\n"
-
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Ooops, pas de nom d'utilisateur\n"
-
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
 msgstr ""
-"check_trust: la recherche d'enregistrement de r�pertoire a �chou�: %s\n"
+"enregistrement de confiance %lu, type de requ�te %d: la lecture a �chou�: %"
+"s\n"
 
-#: g10/trustdb.c:2406
+#: g10/trustdb.c:338
 #, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "cl� %08lX: l'insertion d'enregistrement de confiance a �chou�: %s\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "l'enregistrement de confiance %lu: n'est pas du type demand� %d\n"
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:353
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "cl� %08lX.%lu: ins�r�e dans la base de confiance\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "enregistrement de confiance %lu, type %d: l'�criture a �chou�: %s\n"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:368
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
-msgstr ""
-"cl� %08lX.%lu: cr��e dans le futur (voyage temporel ou\n"
-"probl�me d'horloge)\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "base de confiance: la synchronisation a �chou�: %s\n"
 
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "cl� %08lX.%lu: a expir� le %s\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "v�rification de la base de confiance inutile\n"
 
-#: g10/trustdb.c:2441
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "cl� %08lX.%lu: la v�rification de confiance a �chou�: %s\n"
+msgid "next trustdb check due at %s\n"
+msgstr "la prochaine v�rification de la base de confiance aura lieu le %s\n"
 
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "l'utilisateur '%s' n'a pas �t� trouv�: %s\n"
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "v�rifier la base de confiance\n"
 
-#: g10/trustdb.c:2594
+#: g10/trustdb.c:933
 #, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "probl�me de recherche de '%s' dans la base de confiance: %s\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "cl� publique %08lX non trouv�e : %s\n"
 
-#: g10/trustdb.c:2597
+#: g10/trustdb.c:1515
 #, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "l'utilisateur '%s' n'est pas dans la base de confiance - insertion\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "la cl� publique de la cl� de confiace ultime %08lX est introuvable\n"
 
-#: g10/trustdb.c:2600
+#: g10/trustdb.c:1593
 #, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "impossible d'ins�rer '%s' dans la base de confiance: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 msgstr ""
-"ATTENTION: les enregistrements de pr�f�rences longs ne sont pas encore\n"
-"support�s\n"
+"v�rification � la profondeur %d sign�=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3372,48 +3868,34 @@ msgstr ""
 "Rappelez-vous bien que le fichier de signature (.sig ou .asc)\n"
 "doit �tre le premier fichier indiqu� sur la ligne de commande.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr ""
 "la ligne d'entr�e %u est trop longue ou il manque un caract�re de saut\n"
 "de ligne\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: impossible de cr�er le porte-cl�s: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: porte-cl�s cr��\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
 msgstr ""
-"ATTENTION: 2 fichiers avec des informations confidentielles existent.\n"
+"la cl� n'est pas marqu�e comme non-s�re; on ne peut pas l'utiliser avec le\n"
+"pseudo-g�n�rateur de nombres al�atiores !\n"
 
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s est le fichier original\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "`%s' a �t� ignor�: dupliqu�\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
-#, c-format
-msgid "%s is the new one\n"
-msgstr "%s est le nouveau\n"
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "R�parez ce probl�me de s�curit� possible\n"
-
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "`%s' a �t� ignor�: %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "ignor�: cl� secr�te d�j� pr�sente\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3432,93 +3914,101 @@ msgstr "Le fichier `%s' existe. "
 msgid "Overwrite (y/N)? "
 msgstr "R��crire (o/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: suffixe inconnu\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Entrez le nouveau nom de fichier"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "�criture vers la sortie standard\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "les donn�es sign�es sont suppos�es �tre dans `%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: nouveau fichier d'options cr��\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: impossible de cr�er le r�pertoire: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: r�pertoire cr��\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr ""
 "vous devez red�marrer GnuPG pour qu'il puisse lire le nouveau\n"
 "fichier �options�\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "chiffr� avec l'algorithme inconnu %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "donn�es chiffr�es avec %s\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "ATTENTION: Le message a �t� chiffr� avec une cl� faible pendant le\n"
 "chiffrement sym�trique.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "probl�me de gestion des paquets chiffr�s\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "cl� faible g�n�r�e - nouvel essai\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "impossible d'�viter une cl� faible pour le chiffrement sym�trique:\n"
 "%d essais ont eu lieu !\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "il y a une cl� secr�te pour cette cl� publique !\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "utiliser l'option �--delete-secret-key� pour l'effacer d'abord.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr ""
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "impossible de faire cela en mode automatique sans �--yes�\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Enlever cette cl� du porte-cl�s ? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "C'est une cl� secr�te - faut-il vraiment l'effacer ? "
 
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "la suppression du bloc de cl�s a �chou� : %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "il y a une cl� secr�te pour la cl� publique \"%s\" !\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "utiliser l'option �--delete-secret-keys� pour l'effacer d'abord.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3531,21 +4021,33 @@ msgstr ""
 "certificats (cr�� implicitement)"
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Pour mettre en place le R�seau de confiance (Web of Trust), GnuPG a\n"
+"besoin de savoir en quelles cl�s votre confiance est ultime - ce sont\n"
+"en g�n�ral les cl�s dont vous avez acc�s � la cl� secr�te. R�pondez\n"
+"\"oui\" pour indiquer que votre confiance en cette cl� est ultime\n"
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr "Si vous voulez utiliser cette cl� r�voqu�e quand-m�me, r�pondez �oui�."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr "Si vous voulez utiliser cette cl� peu s�re quand-m�me, r�pondez �oui�."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr ""
 "Entrez le nom d'utilisateur de la personne � qui vous voulez envoyer\n"
 "le message."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3583,7 +4085,7 @@ msgstr ""
 "La premi�re cl� (cl� principale) doit toujours �tre capable de signer ;\n"
 "c'est pourquoi la cl� ElGamal de chiffrement seul est alors d�sactiv�e."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3593,16 +4095,16 @@ msgstr ""
 "conseill�es car tous les programmes ne les supportent pas et les\n"
 "signatures cr��es avec elles sont plut�t longues et tr�s lentes � v�rifier."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Entrez la taille de la cl�"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "R�pondez �oui� ou �non�"
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3614,19 +4116,19 @@ msgstr ""
 "mauvais - le syst�me essaierait d'interpr�ter la valeur donn�e comme un\n"
 "intervalle."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Entrez le nom du propri�taire de la cl�"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr "entrez une adresse e-mail optionnelle mais hautement recommand�e"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Entrez un commentaire optionnel"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3640,15 +4142,82 @@ msgstr ""
 "O pour continuer � g�n�rer la cl�.\n"
 "Q pour arr�ter de g�n�rer de cl�."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "R�pondez �oui� (ou simplement �o�) pour g�n�rer la sous-cl�"
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Quand vous signez un nom d'utilisateur d'une cl�, vous devriez d'abord\n"
+"v�rifier que la cl� appartient � la personne nomm�e. Il est utile que\n"
+"les autres personnes sachent avec quel soin vous l'avez v�rifi�.\n"
+"\n"
+"\"0\" signifie que vous n'avez pas d'opinon.\n"
+"\n"
+"\"1\" signifie que vous croyez que la cl� appartient � la personne qui\n"
+"dit la poss�der mais vous n'avez pas pu v�rifier du tout la cl�.\n"
+"C'est utile lorsque vous signez la cl� d'un pseudonyme.\n"
+"\n"
+"\"2\" signifie que vous avez un peu v�rifi� la cl�. Par exemple, cela\n"
+"pourrait �tre un v�rification de l'empreinte et du nom de\n"
+"l'utilisateur avec la photo.\n"
+"\n"
+"\"3\" signifie que vous avez compl�tement v�rifi� la cl�. Par exemple,\n"
+"cela pourrait �tre une v�rification de l'empreinte, du nom de\n"
+"l'utilisateur avec un document difficile � contrefaire (comme un\n"
+"passeport) et de son adresse e-mail (v�rifi� par un �change de\n"
+"courrier �lectronique).\n"
+"\n"
+"Notez bien que les exemples donn�s ci-dessus pour les niveaux 2 et\n"
+"3 ne sont *que* des exemples.\n"
+"C'est � vous de d�cider quelle valeur mettre quand vous signez\n"
+"les cl�s des autres personnes.\n"
+"\n"
+"Si vous ne savez pas quelle r�ponse est la bonne, r�pondez \"0\"."
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "R�pondez �oui� si vous voulez signer TOUS les noms d'utilisateurs"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3656,11 +4225,11 @@ msgstr ""
 "R�pondez �oui� si vous voulez vraiment supprimer ce nom\n"
 "d'utilisateur. Tous les certificats seront alors perdus en m�me temps !"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "R�pondez �oui� s'il faut vraiment supprimer la sous-cl�"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3671,7 +4240,7 @@ msgstr ""
 "�tablir une connection de confiance vers la cl� ou une autre cl� certifi�e\n"
 "par celle-l�."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3683,7 +4252,7 @@ msgstr ""
 "vous soyez s�r de quelle cl� a �t� utilis�e car cette cl� de signature\n"
 "peut �tablir une connection de confiance vers une autre cl� d�j� certifi�e."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
@@ -3691,7 +4260,7 @@ msgstr ""
 "Cette signature n'est pas valide. Vous devriez la supprimer de votre\n"
 "porte-cl�s."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3705,28 +4274,35 @@ msgstr ""
 "cette auto-signature est invalide pour une certaine raison et si une autre\n"
 "est disponible."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
+#, fuzzy
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
 msgstr ""
-"Entrez le mot de passe; c'est une phrase secr�te \n"
-"  Blurb, blurb,.... "
+"Changer les pr�f�rences de tous les noms d'utilisateurs (ou juste\n"
+"ceux qui sont s�lectionn�s) vers la liste actuelle. La date de toutes\n"
+"les auto-signatures seront avanc�es d'une seconde.\n"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Entrez le mot de passe ; c'est une phrase secr�te \n"
+
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr ""
 "R�p�tez le dernier mot de passe pour �tre s�r de ce que vous avez tap�."
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr "Donnez le nom du fichier auquel la signature se rapporte"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "R�pondez �oui� s'il faut vraiment r��crire le fichier"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3734,15 +4310,14 @@ msgstr ""
 "Entrez le nouveau nom de fichier. Si vous tapez simplement ENTR�E le\n"
 "fichier par d�faut (indiqu� entre crochets) sera utilis�."
 
-#: g10/helptext.c:229
-#, fuzzy
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3764,7 +4339,7 @@ msgstr ""
 "      utilis�. Cela sert g�n�ralement � indiquer qu'une adresse e-mail\n"
 "      est invalide.\n"
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
@@ -3774,54 +4349,111 @@ msgstr ""
 "avez �mis ce certificat de r�vocation. Essayez de garder ce texte concis.\n"
 "Une ligne vide d�limite la fin du texte.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Pas d'aide disponible"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Pas d'aide disponible pour `%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "probl�me lors de lecture du certificat: %s\n"
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "erreur durant la cr�ation du porte-cl�s `%s' : %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "le changement de permission de `%s' a �chou�: %s\n"
+
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "le porte-cl�s `%s` a �t� cr��\n"
+
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "la reconstruction du cache de porte-cl�s a �chou� : %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr ""
+"ATTENTION: 2 fichiers avec des informations confidentielles existent.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s est le fichier original\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s est le nouveau\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "R�parez ce probl�me de s�curit� possible\n"
+
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "v�rification du porte-cl�s `%s'\n"
+
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu cl�s trait�es jusqu'ici (%lu signatures)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu cl�s v�rifi�es (%lu signatures)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: porte-cl�s cr��\n"
+
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "�tes-vous s�r de vouloir le signer ?\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "les cl�s RSA ne peuvent �tre utilis�es dans cette version\n"
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr " �tes-vous s�r de vouloir la signer ?\n"
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Pas de cl� pour l'utilisateur\n"
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Signer r�ellement ? "
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Pas d'utilisateur pour la cl�\n"
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Avez-vous r�ellement besoin d'une taille aussi grande ? "
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "pas de porte-cl�s public par d�faut\n"
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "cl� %08lX: notre copie n'a pas d'auto-signature\n"
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "impossible de verrouiller le porte-cl�s `%s': %s\n"
+#~ msgid "   signed by %08lX at %s\n"
+#~ msgstr "   sign� par %08lX � %s\n"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "cl� %08lX: impossible de lire le bloc de cl�s original: %s\n"
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key utilisateur"
 
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: utilisateur non trouv�\n"
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key utilisateur"
 
-#~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
-#~ msgstr ""
-#~ "Les cl�s RSA sont d�conseill�es: consid�rez cr�er une nouvelle cl�\n"
-#~ "et l'utiliser dans l'avenir\n"
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key utilisateur"
 
-#~ msgid "not processed"
-#~ msgstr "non trait�"
+#~ msgid "Enter the user ID: "
+#~ msgstr "Entrez le nom d'utilisateur: "
 
-#~ msgid "assuming bad MDC due to an unknown critical bit\n"
-#~ msgstr ""
-#~ "le sceau (MDC) est suppos� �tre faux car un bit critique est inconnu\n"
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "ignor�: cl� publique configur�e par --encrypt-to\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+#~ msgid ""
+#~ "\n"
+#~ "WARNING: This is a PGP2-style key\n"
 #~ msgstr ""
-#~ "la cl� n'est pas marqu�e comme non-s�re; on ne peut pas l'utiliser avec le\n"
-#~ "pseudo-g�n�rateur de nombres al�atiores !\n"
+#~ "\n"
+#~ "ATTENTION: c'est une cl� de style PGP2\n"
diff --git a/po/gl.po b/po/gl.po
new file mode 100644
index 000000000..dfa05c70e
--- /dev/null
+++ b/po/gl.po
@@ -0,0 +1,4681 @@
+# Galician translation of GNUpg
+# Copyright (C) 2001 Free Software Foundation, Inc.
+# Jacobo Tarrio <[email protected]>, 2001.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: gnupg 1.0.6\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2001-07-11 18:17+0200\n"
+"Last-Translator: Jacobo Tarrio <[email protected]>\n"
+"Language-Team: Galician <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Aviso: ��sase unha zona insegura de memoria!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr ""
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "a operaci�n non � posible sen memoria inicializada como segura\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(pode que usara o programa equivocado para esta tarefa)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
+msgid "yes"
+msgstr "si"
+
+#: util/miscutil.c:297 util/miscutil.c:334
+msgid "yY"
+msgstr "sS"
+
+#: util/miscutil.c:298 util/miscutil.c:332
+msgid "no"
+msgstr "non"
+
+#: util/miscutil.c:299 util/miscutil.c:335
+msgid "nN"
+msgstr "nN"
+
+#: g10/keyedit.c:815 util/miscutil.c:333
+msgid "quit"
+msgstr "abandonar"
+
+#: util/miscutil.c:336
+msgid "qQ"
+msgstr "aA"
+
+#: util/errors.c:54
+msgid "general error"
+msgstr "erro xeral"
+
+#: util/errors.c:55
+msgid "unknown packet type"
+msgstr "tipo de paquete desco�ecido"
+
+#: util/errors.c:56
+msgid "unknown version"
+msgstr "versi�n desco�ecida"
+
+#: util/errors.c:57
+msgid "unknown pubkey algorithm"
+msgstr "algoritmo de chave p�blica desco�ecido"
+
+#: util/errors.c:58
+msgid "unknown digest algorithm"
+msgstr "algoritmo de resumo desco�ecido"
+
+#: util/errors.c:59
+msgid "bad public key"
+msgstr "chave p�blica err�nea"
+
+#: util/errors.c:60
+msgid "bad secret key"
+msgstr "chave secreta err�nea"
+
+#: util/errors.c:61
+msgid "bad signature"
+msgstr "sinatura err�nea"
+
+#: util/errors.c:62
+msgid "checksum error"
+msgstr "error de checksum"
+
+#: util/errors.c:63
+msgid "bad passphrase"
+msgstr "contrasinal err�neo"
+
+#: util/errors.c:64
+msgid "public key not found"
+msgstr "non se atopou a chave p�blica"
+
+#: util/errors.c:65
+msgid "unknown cipher algorithm"
+msgstr "algoritmo de cifrado desco�ecido"
+
+#: util/errors.c:66
+msgid "can't open the keyring"
+msgstr "non foi posible abri-lo chaveiro"
+
+#: util/errors.c:67
+msgid "invalid packet"
+msgstr "paquete non v�lido"
+
+#: util/errors.c:68
+msgid "invalid armor"
+msgstr "armadura non v�lida"
+
+#: util/errors.c:69
+msgid "no such user id"
+msgstr "non hai tal id de usuario"
+
+#: util/errors.c:70
+msgid "secret key not available"
+msgstr "a chave secreta non est� dispo�ible"
+
+#: util/errors.c:71
+msgid "wrong secret key used"
+msgstr "empregouse unha chave secreta err�nea"
+
+#: util/errors.c:72
+msgid "not supported"
+msgstr "non est� soportado"
+
+#: util/errors.c:73
+msgid "bad key"
+msgstr "chave incorrecta"
+
+#: util/errors.c:74
+msgid "file read error"
+msgstr "erro de lectura de ficheiro"
+
+#: util/errors.c:75
+msgid "file write error"
+msgstr "erro de escritura de ficheiro"
+
+#: util/errors.c:76
+msgid "unknown compress algorithm"
+msgstr "algoritmo de compresi�n desco�ecido"
+
+#: util/errors.c:77
+msgid "file open error"
+msgstr "erro de apertura de ficheiro"
+
+#: util/errors.c:78
+msgid "file create error"
+msgstr "erro de creaci�n de ficheiro"
+
+#: util/errors.c:79
+msgid "invalid passphrase"
+msgstr "contrasinal incorrecto"
+
+#: util/errors.c:80
+msgid "unimplemented pubkey algorithm"
+msgstr "algoritmo de chave p�blica non implementado"
+
+#: util/errors.c:81
+msgid "unimplemented cipher algorithm"
+msgstr "algoritmo de cifrado non implementado"
+
+#: util/errors.c:82
+msgid "unknown signature class"
+msgstr "clase de sinatura desco�ecida"
+
+#: util/errors.c:83
+msgid "trust database error"
+msgstr "erro da base de datos de confianza"
+
+#: util/errors.c:84
+msgid "bad MPI"
+msgstr "MPI err�neo"
+
+#: util/errors.c:85
+msgid "resource limit"
+msgstr "l�mite de recursos"
+
+#: util/errors.c:86
+msgid "invalid keyring"
+msgstr "chaveiro incorrecto"
+
+#: util/errors.c:87
+msgid "bad certificate"
+msgstr "certificado err�neo"
+
+#: util/errors.c:88
+msgid "malformed user id"
+msgstr "id de usuario mal formado"
+
+#: util/errors.c:89
+msgid "file close error"
+msgstr "erro de peche de ficheiro"
+
+#: util/errors.c:90
+msgid "file rename error"
+msgstr "erro de cambio de nome de ficheiro"
+
+#: util/errors.c:91
+msgid "file delete error"
+msgstr "erro de borrado de ficheiro"
+
+#: util/errors.c:92
+msgid "unexpected data"
+msgstr "datos inesperados"
+
+#: util/errors.c:93
+msgid "timestamp conflict"
+msgstr "conflicto de selo de data"
+
+#: util/errors.c:94
+msgid "unusable pubkey algorithm"
+msgstr "algoritmo de chave p�blica imposible de usar"
+
+#: util/errors.c:95
+msgid "file exists"
+msgstr "o ficheiro xa existe"
+
+#: util/errors.c:96
+msgid "weak key"
+msgstr "chave feble"
+
+#: util/errors.c:97
+msgid "invalid argument"
+msgstr "argumento non v�lido"
+
+#: util/errors.c:98
+msgid "bad URI"
+msgstr "URI incorrecto"
+
+#: util/errors.c:99
+msgid "unsupported URI"
+msgstr "URI non soportado"
+
+#: util/errors.c:100
+msgid "network error"
+msgstr "erro de rede"
+
+#: util/errors.c:102
+msgid "not encrypted"
+msgstr "non cifrado"
+
+#: util/errors.c:103
+msgid "not processed"
+msgstr "non procesado"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "chave p�blica non utilizable"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "chave secreta non utilizable"
+
+#: util/errors.c:107
+#, fuzzy
+msgid "keyserver error"
+msgstr "erro xeral"
+
+#: util/logger.c:249
+#, c-format
+msgid "... this is a bug (%s:%d:%s)\n"
+msgstr "... isto � un erro (%s:%d:%s)\n"
+
+#: util/logger.c:255
+#, c-format
+msgid "you found a bug ... (%s:%d)\n"
+msgstr "atopou un erro ... (%s:%d)\n"
+
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
+#, c-format
+msgid "can't open `%s': %s\n"
+msgstr "non se puido abrir `%s': %s\n"
+
+#: cipher/random.c:324
+#, c-format
+msgid "can't stat `%s': %s\n"
+msgstr "non se puido facer stat sobre `%s': %s\n"
+
+#: cipher/random.c:329
+#, c-format
+msgid "`%s' is not a regular file - ignored\n"
+msgstr "`%s' non � un ficheiro normal - ign�rase\n"
+
+#: cipher/random.c:334
+msgid "note: random_seed file is empty\n"
+msgstr "nota: o ficheiro random_seed est� baleiro\n"
+
+#: cipher/random.c:340
+msgid "warning: invalid size of random_seed file - not used\n"
+msgstr "aviso: tama�o de random_seed non v�lido - non se emprega\n"
+
+#: cipher/random.c:348
+#, c-format
+msgid "can't read `%s': %s\n"
+msgstr "non se pode ler de `%s': %s\n"
+
+#: cipher/random.c:386
+msgid "note: random_seed file not updated\n"
+msgstr "nota: o ficheiro random_seed non se actualiza\n"
+
+#: cipher/random.c:406
+#, c-format
+msgid "can't create `%s': %s\n"
+msgstr "non se pode crear `%s': %s\n"
+
+#: cipher/random.c:413
+#, c-format
+msgid "can't write `%s': %s\n"
+msgstr "non se pode escribir en `%s': %s\n"
+
+#: cipher/random.c:416
+#, c-format
+msgid "can't close `%s': %s\n"
+msgstr "non se pode pechar `%s': %s\n"
+
+#: cipher/random.c:662
+msgid "WARNING: using insecure random number generator!!\n"
+msgstr "AVISO: ��empr�gase un xerador de n�meros aleatorios inseguro!!\n"
+
+#: cipher/random.c:663
+msgid ""
+"The random number generator is only a kludge to let\n"
+"it run - it is in no way a strong RNG!\n"
+"\n"
+"DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
+"\n"
+msgstr ""
+"O xerador de n�meros aleatorios s� � un truco para poder\n"
+"executalo - �non � de ning�n xeito un xerador de n�meros\n"
+"aleatorios seguro!\n"
+"\n"
+"�NON USE NINGUN DATO XERADO POR ESTE PROGRAMA!\n"
+"\n"
+
+#: cipher/rndlinux.c:142
+#, c-format
+msgid ""
+"\n"
+"Not enough random bytes available.  Please do some other work to give\n"
+"the OS a chance to collect more entropy! (Need %d more bytes)\n"
+msgstr ""
+"\n"
+"Non hai suficientes bytes aleatorios dispo�ibles. Por favor, faga outro\n"
+"traballo para lle dar ao sistema operativo unha oportunidade de acumular\n"
+"m�is entrop�a (Prec�sanse %d bytes m�is)\n"
+
+#: g10/g10.c:287
+msgid ""
+"@Commands:\n"
+" "
+msgstr ""
+"@Comandos:\n"
+" "
+
+#: g10/g10.c:289
+msgid "|[file]|make a signature"
+msgstr "|[ficheiro]|facer unha sinatura"
+
+#: g10/g10.c:290
+msgid "|[file]|make a clear text signature"
+msgstr "|[ficheiro]|facer unha sinatura en texto claro"
+
+#: g10/g10.c:291
+msgid "make a detached signature"
+msgstr "facer unha sinatura separada"
+
+#: g10/g10.c:292
+msgid "encrypt data"
+msgstr "cifrar datos"
+
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr ""
+
+#: g10/g10.c:294
+msgid "encryption only with symmetric cipher"
+msgstr "cifrar s� con cifrado sim�trico"
+
+#: g10/g10.c:295
+msgid "store only"
+msgstr "s� armacenar"
+
+#: g10/g10.c:296
+msgid "decrypt data (default)"
+msgstr "descifrar datos (por defecto)"
+
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr ""
+
+#: g10/g10.c:298
+msgid "verify a signature"
+msgstr "verificar unha sinatura"
+
+#: g10/g10.c:300
+msgid "list keys"
+msgstr "ve-la lista de chaves"
+
+#: g10/g10.c:302
+msgid "list keys and signatures"
+msgstr "ve-la lista de chaves e sinaturas"
+
+#: g10/g10.c:303
+msgid "check key signatures"
+msgstr "verifica-las sinaturas das chaves"
+
+#: g10/g10.c:304
+msgid "list keys and fingerprints"
+msgstr "ve-la lista de chaves e pegadas dactilares"
+
+#: g10/g10.c:305
+msgid "list secret keys"
+msgstr "ve-la lista de chaves secretas"
+
+#: g10/g10.c:306
+msgid "generate a new key pair"
+msgstr "xerar un novo par de chaves"
+
+#: g10/g10.c:307
+#, fuzzy
+msgid "remove keys from the public keyring"
+msgstr "borrar unha chave do chaveiro p�blico"
+
+#: g10/g10.c:309
+#, fuzzy
+msgid "remove keys from the secret keyring"
+msgstr "borrar unha chave do chaveiro secreto"
+
+#: g10/g10.c:310
+msgid "sign a key"
+msgstr "asinar unha chave"
+
+#: g10/g10.c:311
+msgid "sign a key locally"
+msgstr "asinar unha chave localmente"
+
+#: g10/g10.c:312
+#, fuzzy
+msgid "sign a key non-revocably"
+msgstr "asinar unha chave localmente"
+
+#: g10/g10.c:313
+#, fuzzy
+msgid "sign a key locally and non-revocably"
+msgstr "asinar unha chave localmente"
+
+#: g10/g10.c:314
+msgid "sign or edit a key"
+msgstr "asinar ou editar unha chave"
+
+#: g10/g10.c:315
+msgid "generate a revocation certificate"
+msgstr "xerar un certificado de revocaci�n"
+
+#: g10/g10.c:316
+msgid "export keys"
+msgstr "exportar chaves"
+
+#: g10/g10.c:317
+msgid "export keys to a key server"
+msgstr "exportar chaves a un servidor de chaves"
+
+#: g10/g10.c:318
+msgid "import keys from a key server"
+msgstr "importar chaves dun servidor de chaves"
+
+#: g10/g10.c:320
+#, fuzzy
+msgid "search for keys on a key server"
+msgstr "exportar chaves a un servidor de chaves"
+
+#: g10/g10.c:322
+#, fuzzy
+msgid "update all keys from a keyserver"
+msgstr "importar chaves dun servidor de chaves"
+
+#: g10/g10.c:326
+msgid "import/merge keys"
+msgstr "importar/mesturar chaves"
+
+#: g10/g10.c:328
+msgid "list only the sequence of packets"
+msgstr "listar s� a secuencia de paquetes"
+
+#: g10/g10.c:330
+msgid "export the ownertrust values"
+msgstr "exporta-los valores de confianza no propietario"
+
+#: g10/g10.c:332
+msgid "import ownertrust values"
+msgstr "importa-los valores de confianza no propietario"
+
+#: g10/g10.c:334
+msgid "update the trust database"
+msgstr "actualiza-la base de datos de confianza"
+
+#: g10/g10.c:336
+#, fuzzy
+msgid "unattended trust database update"
+msgstr "actualiza-la base de datos de confianza"
+
+#: g10/g10.c:337
+msgid "fix a corrupted trust database"
+msgstr "ama�ar unha base de datos de confianza corrompida"
+
+#: g10/g10.c:338
+msgid "De-Armor a file or stdin"
+msgstr "Quita-la armadura a un ficheiro ou � entrada est�ndar"
+
+#: g10/g10.c:340
+msgid "En-Armor a file or stdin"
+msgstr "P�r armadura a un ficheiro ou � entrada est�ndar"
+
+#: g10/g10.c:342
+msgid "|algo [files]|print message digests"
+msgstr "|algo [ficheiros]|visualizar resumos de mensaxes"
+
+#: g10/g10.c:346
+msgid ""
+"@\n"
+"Options:\n"
+" "
+msgstr ""
+"@\n"
+"Opci�ns:\n"
+" "
+
+#: g10/g10.c:348
+msgid "create ascii armored output"
+msgstr "crear sa�da con armadura en ascii"
+
+#: g10/g10.c:350
+msgid "|NAME|encrypt for NAME"
+msgstr "|NOME|cifrar para NOME"
+
+#: g10/g10.c:353
+msgid "|NAME|use NAME as default recipient"
+msgstr "|NOME|empregar NOME como valor por defecto do destinatario"
+
+#: g10/g10.c:355
+msgid "use the default key as default recipient"
+msgstr "usa-la chave por defecto coma o destinatario por defecto"
+
+#: g10/g10.c:361
+msgid "use this user-id to sign or decrypt"
+msgstr "empregar este id de usuario para asinar ou descifrar"
+
+#: g10/g10.c:362
+msgid "|N|set compress level N (0 disables)"
+msgstr "|N|axusta-lo nivel de compresi�n a N (0 desactiva)"
+
+#: g10/g10.c:364
+msgid "use canonical text mode"
+msgstr "usar modo de texto can�nico"
+
+#: g10/g10.c:371
+msgid "use as output file"
+msgstr "usar coma ficheiro de sa�da"
+
+#: g10/g10.c:372
+msgid "verbose"
+msgstr "lareto"
+
+#: g10/g10.c:373
+msgid "be somewhat more quiet"
+msgstr "ser un pouqui�o m�is calado"
+
+#: g10/g10.c:374
+msgid "don't use the terminal at all"
+msgstr "non usa-la terminal en absoluto"
+
+#: g10/g10.c:375
+msgid "force v3 signatures"
+msgstr "forzar sinaturas v3"
+
+#: g10/g10.c:376
+#, fuzzy
+msgid "do not force v3 signatures"
+msgstr "forzar sinaturas v3"
+
+#: g10/g10.c:377
+#, fuzzy
+msgid "force v4 key signatures"
+msgstr "forzar sinaturas v3"
+
+#: g10/g10.c:378
+#, fuzzy
+msgid "do not force v4 key signatures"
+msgstr "forzar sinaturas v3"
+
+#: g10/g10.c:379
+msgid "always use a MDC for encryption"
+msgstr "sempre usar un MDC para cifrar"
+
+#: g10/g10.c:381
+#, fuzzy
+msgid "never use a MDC for encryption"
+msgstr "sempre usar un MDC para cifrar"
+
+#: g10/g10.c:383
+msgid "do not make any changes"
+msgstr "non facer ning�n cambio"
+
+#. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
+#: g10/g10.c:385
+msgid "use the gpg-agent"
+msgstr "emprega-lo gpg-agent"
+
+#: g10/g10.c:388
+msgid "batch mode: never ask"
+msgstr "modo por lotes: non preguntar nunca"
+
+#: g10/g10.c:389
+msgid "assume yes on most questions"
+msgstr "asumir `si' na maior�a das preguntas"
+
+#: g10/g10.c:390
+msgid "assume no on most questions"
+msgstr "asumir `non' na maior�a das preguntas"
+
+#: g10/g10.c:391
+msgid "add this keyring to the list of keyrings"
+msgstr "engadir este chaveiro � lista de chaveiros"
+
+#: g10/g10.c:392
+msgid "add this secret keyring to the list"
+msgstr "engadir este chaveiro secreto � lista"
+
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr ""
+
+#: g10/g10.c:394
+msgid "|NAME|use NAME as default secret key"
+msgstr "|NOME|empregar NOME coma chave secreta por defecto"
+
+#: g10/g10.c:395
+msgid "|HOST|use this keyserver to lookup keys"
+msgstr "|HOST|empregar este servidor de chaves para buscar chaves"
+
+#: g10/g10.c:397
+msgid "|NAME|set terminal charset to NAME"
+msgstr "|NAME|axusta-lo xogo de caracteres do terminal a NOME"
+
+#: g10/g10.c:398
+msgid "read options from file"
+msgstr "le-las opci�ns dun ficheiro"
+
+#: g10/g10.c:402
+msgid "|FD|write status info to this FD"
+msgstr "|DF|escribi-la informaci�n de estado a este DF"
+
+#: g10/g10.c:404
+#, fuzzy
+msgid "|[file]|write status info to file"
+msgstr "|DF|escribi-la informaci�n de estado a este DF"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|IDCHAVE|confiar absolutamente nesta chave"
+
+#: g10/g10.c:411
+msgid "|FILE|load extension module FILE"
+msgstr "|FICHEIRO|carga-lo m�dulo de extensi�n FICHEIRO"
+
+#: g10/g10.c:412
+msgid "emulate the mode described in RFC1991"
+msgstr "emula-lo modo descrito no RFC1991"
+
+#: g10/g10.c:413
+msgid "set all packet, cipher and digest options to OpenPGP behavior"
+msgstr ""
+"axustar t�dalas opci�ns de paquetes, cifrado e resumo ao comportamento "
+"OpenPGP"
+
+#: g10/g10.c:414
+#, fuzzy
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr ""
+"axustar t�dalas opci�ns de paquetes, cifrado e resumo ao comportamento "
+"OpenPGP"
+
+#: g10/g10.c:418
+msgid "|N|use passphrase mode N"
+msgstr "|N|emprega-lo modo de contrasinal N"
+
+#: g10/g10.c:420
+msgid "|NAME|use message digest algorithm NAME for passphrases"
+msgstr "|NOME|emprega-lo algoritmo para resumos NOME para os contrasinais"
+
+#: g10/g10.c:422
+msgid "|NAME|use cipher algorithm NAME for passphrases"
+msgstr "|NOME|emprega-lo algoritmo de cifrado NOME para os contrasinais"
+
+#: g10/g10.c:424
+msgid "|NAME|use cipher algorithm NAME"
+msgstr "|NOME|emprega-lo algoritmo de cifrado NOME"
+
+#: g10/g10.c:425
+msgid "|NAME|use message digest algorithm NAME"
+msgstr "|NOME|emprega-lo algoritmo de resumos de mensaxes NOME"
+
+#: g10/g10.c:426
+msgid "|N|use compress algorithm N"
+msgstr "|N|emprega-lo algoritmo de compresi�n N"
+
+#: g10/g10.c:427
+msgid "throw keyid field of encrypted packets"
+msgstr "descarta-lo campo de id de chave dos paquetes cifrados"
+
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr ""
+
+#: g10/g10.c:431
+msgid "|NAME=VALUE|use this notation data"
+msgstr "|NOME=VALOR|usar estes datos de notaci�n"
+
+#: g10/g10.c:434
+msgid ""
+"@\n"
+"(See the man page for a complete listing of all commands and options)\n"
+msgstr ""
+"@\n"
+"(Vexa a p�xina man para un listado completo de comandos e opci�ns)\n"
+
+#: g10/g10.c:437
+msgid ""
+"@\n"
+"Examples:\n"
+"\n"
+" -se -r Bob [file]          sign and encrypt for user Bob\n"
+" --clearsign [file]         make a clear text signature\n"
+" --detach-sign [file]       make a detached signature\n"
+" --list-keys [names]        show keys\n"
+" --fingerprint [names]      show fingerprints\n"
+msgstr ""
+"@\n"
+"Exemplos:\n"
+"\n"
+" -se -r Bob [ficheiro]      asinar e cifrar para o usuario Bob\n"
+" --clearsgn [ficheiro]      facer unha sinatura en texto claro\n"
+" --detach-sign [ficheiro]   facer unha sinatura separada\n"
+" --list-keys [nomes]        amosa-las chaves\n"
+" --fingerprint [nomes]      amosa-las pegadas dactilares\n"
+
+#: g10/g10.c:579
+msgid "Please report bugs to <[email protected]>.\n"
+msgstr ""
+"Por favor, informe dos erros no programa a <[email protected]>,\n"
+"e dos erros na traducci�n a <[email protected]>.\n"
+
+#: g10/g10.c:583
+msgid "Usage: gpg [options] [files] (-h for help)"
+msgstr "Uso: gpg [opci�ns] [ficheiros] (-h para ve-la axuda)"
+
+#: g10/g10.c:586
+msgid ""
+"Syntax: gpg [options] [files]\n"
+"sign, check, encrypt or decrypt\n"
+"default operation depends on the input data\n"
+msgstr ""
+"Sintaxe: gpg [opci�ns] [ficheiros]\n"
+"asinar, verificar, cifrar ou descifrar\n"
+"a operaci�n por defecto depende dos datos de entrada\n"
+
+#: g10/g10.c:597
+msgid ""
+"\n"
+"Supported algorithms:\n"
+msgstr ""
+"\n"
+"Algoritmos soportados:\n"
+
+#: g10/g10.c:671
+msgid "usage: gpg [options] "
+msgstr "uso: gpg [opci�ns] "
+
+#: g10/g10.c:728
+msgid "conflicting commands\n"
+msgstr "comandos conflictivos\n"
+
+#: g10/g10.c:903
+#, c-format
+msgid "NOTE: no default option file `%s'\n"
+msgstr "NOTA: non existe o ficheiro de opci�ns por defecto `%s'\n"
+
+#: g10/g10.c:907
+#, c-format
+msgid "option file `%s': %s\n"
+msgstr "ficheiro de opci�ns `%s': %s\n"
+
+#: g10/g10.c:914
+#, c-format
+msgid "reading options from `%s'\n"
+msgstr "lendo as opci�ns de `%s'\n"
+
+#: g10/g10.c:1197
+#, c-format
+msgid "%s is not a valid character set\n"
+msgstr "%s non � un xogo de caracteres v�lido\n"
+
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr ""
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "AVISO: `%s' � un ficheiro baleiro\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
+msgid "WARNING: program may create a core file!\n"
+msgstr "AVISO: �o programa pode crear un ficheiro 'core'!\n"
+
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr ""
+
+#: g10/g10.c:1358 g10/g10.c:1369
+#, c-format
+msgid "NOTE: %s is not for normal use!\n"
+msgstr "NOTA: �%s non � para uso normal!\n"
+
+#: g10/g10.c:1360 g10/g10.c:1380
+#, c-format
+msgid "%s not allowed with %s!\n"
+msgstr "�%s non se admite con %s!\n"
+
+#: g10/g10.c:1363
+#, c-format
+msgid "%s makes no sense with %s!\n"
+msgstr "�%s non ten sentido empreg�ndoo con %s!\n"
+
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr ""
+
+#: g10/g10.c:1470 g10/g10.c:1482
+msgid "selected cipher algorithm is invalid\n"
+msgstr "o algoritmo de cifrado seleccionado non � v�lido\n"
+
+#: g10/g10.c:1476 g10/g10.c:1488
+msgid "selected digest algorithm is invalid\n"
+msgstr "o algoritmo de resumo seleccionado non � v�lido\n"
+
+#: g10/g10.c:1492
+#, fuzzy
+msgid "the given signature policy URL is invalid\n"
+msgstr "o URL de normativa dado non � v�lido\n"
+
+#: g10/g10.c:1496
+#, fuzzy
+msgid "the given certification policy URL is invalid\n"
+msgstr "o URL de normativa dado non � v�lido\n"
+
+#: g10/g10.c:1499
+#, c-format
+msgid "compress algorithm must be in range %d..%d\n"
+msgstr "o algoritmo de compresi�n debe estar entre %d e %d\n"
+
+#: g10/g10.c:1501
+msgid "completes-needed must be greater than 0\n"
+msgstr "completes-needed debe ser superior a 0\n"
+
+#: g10/g10.c:1503
+msgid "marginals-needed must be greater than 1\n"
+msgstr "marginals-needed debe ser superior a 1\n"
+
+#: g10/g10.c:1505
+msgid "max-cert-depth must be in range 1 to 255\n"
+msgstr "max-cert-depth debe valer entre 1 e 255\n"
+
+#: g10/g10.c:1508
+msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
+msgstr "NOTA: desacons�llase encarecidamente o modo S2K simple (0)\n"
+
+#: g10/g10.c:1512
+msgid "invalid S2K mode; must be 0, 1 or 3\n"
+msgstr "modo S2K non v�lido; debe ser 0, 1 ou 3\n"
+
+#: g10/g10.c:1516
+#, fuzzy
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "modo S2K non v�lido; debe ser 0, 1 ou 3\n"
+
+#: g10/g10.c:1519
+#, fuzzy
+msgid "invalid preferences\n"
+msgstr "amosar preferencias"
+
+#: g10/g10.c:1613
+#, c-format
+msgid "failed to initialize the TrustDB: %s\n"
+msgstr "non se puido inicializa-la base de datos de confianzas: %s\n"
+
+#: g10/g10.c:1633
+msgid "--store [filename]"
+msgstr "--store [ficheiro]"
+
+#: g10/g10.c:1640
+msgid "--symmetric [filename]"
+msgstr "--symmetric [ficheiro]"
+
+#: g10/g10.c:1648
+msgid "--encrypt [filename]"
+msgstr "--encrypt [ficheiro]"
+
+#: g10/g10.c:1665
+msgid "--sign [filename]"
+msgstr "--sign [ficheiro]"
+
+#: g10/g10.c:1678
+msgid "--sign --encrypt [filename]"
+msgstr "--sign --encrypt [ficheiro]"
+
+#: g10/g10.c:1692
+#, fuzzy
+msgid "--sign --symmetric [filename]"
+msgstr "--symmetric [ficheiro]"
+
+#: g10/g10.c:1701
+msgid "--clearsign [filename]"
+msgstr "--clearsign [ficheiro]"
+
+#: g10/g10.c:1719
+msgid "--decrypt [filename]"
+msgstr "--decrypt [ficheiro]"
+
+#: g10/g10.c:1730
+msgid "--sign-key user-id"
+msgstr "--sign-key id-de-usuario"
+
+#: g10/g10.c:1738
+msgid "--lsign-key user-id"
+msgstr "--lsign-key id-de-usuario"
+
+#: g10/g10.c:1746
+#, fuzzy
+msgid "--nrsign-key user-id"
+msgstr "--sign-key id-de-usuario"
+
+#: g10/g10.c:1754
+#, fuzzy
+msgid "--nrlsign-key user-id"
+msgstr "--lsign-key id-de-usuario"
+
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key id-de-usuario [comandos]"
+
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
+#, c-format
+msgid "can't open %s: %s\n"
+msgstr "non se puido abrir %s: %s\n"
+
+#: g10/g10.c:1833
+msgid "-k[v][v][v][c] [user-id] [keyring]"
+msgstr "-k[v][v][v][c] [id-de-usuario] [chaveiro]"
+
+#: g10/g10.c:1916
+#, c-format
+msgid "dearmoring failed: %s\n"
+msgstr "non se puido quita-la armadura: %s\n"
+
+#: g10/g10.c:1924
+#, c-format
+msgid "enarmoring failed: %s\n"
+msgstr "non se puido po�e-la armadura: %s\n"
+
+#: g10/g10.c:2011
+#, c-format
+msgid "invalid hash algorithm `%s'\n"
+msgstr "algoritmo de hash non v�lido `%s'\n"
+
+#: g10/g10.c:2097
+msgid "[filename]"
+msgstr "[ficheiro]"
+
+#: g10/g10.c:2101
+msgid "Go ahead and type your message ...\n"
+msgstr "Escriba a s�a mensaxe ...\n"
+
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
+#, c-format
+msgid "can't open `%s'\n"
+msgstr "non se puido abrir `%s'\n"
+
+#: g10/g10.c:2313
+msgid ""
+"the first character of a notation name must be a letter or an underscore\n"
+msgstr ""
+"o primeiro car�cter dun nome de notaci�n debe ser unha letra ou gui�n baixo\n"
+
+#: g10/g10.c:2319
+msgid ""
+"a notation name must have only letters, digits, dots or underscores and end "
+"with an '='\n"
+msgstr ""
+"un nome de notaci�n s� debe ter letras, d�xitos, puntos ou gui�ns baixos e "
+"rematar con '='\n"
+
+#: g10/g10.c:2325
+msgid "dots in a notation name must be surrounded by other characters\n"
+msgstr ""
+"os puntos dun nome de notaci�n deben estar rodeados por outros caracteres\n"
+
+#: g10/g10.c:2333
+msgid "a notation value must not use any control characters\n"
+msgstr "un valor de notaci�n non pode empregar ning�n car�cter de control\n"
+
+#: g10/armor.c:314
+#, c-format
+msgid "armor: %s\n"
+msgstr "armadura: %s\n"
+
+#: g10/armor.c:343
+msgid "invalid armor header: "
+msgstr "cabeceira de armadura non v�lida: "
+
+#: g10/armor.c:350
+msgid "armor header: "
+msgstr "cabeceira de armadura: "
+
+#: g10/armor.c:361
+msgid "invalid clearsig header\n"
+msgstr "cabeceira de sinatura en claro non v�lida\n"
+
+#: g10/armor.c:413
+msgid "nested clear text signatures\n"
+msgstr "sinaturas en texto claro ani�adas\n"
+
+#: g10/armor.c:537
+msgid "invalid dash escaped line: "
+msgstr "li�a escapada cunha barra non v�lida: "
+
+#: g10/armor.c:549
+msgid "unexpected armor:"
+msgstr "armadura inesperada:"
+
+#: g10/armor.c:675 g10/armor.c:1242
+#, c-format
+msgid "invalid radix64 character %02x skipped\n"
+msgstr "car�cter radix64 non v�lido %02x omitido\n"
+
+#: g10/armor.c:718
+msgid "premature eof (no CRC)\n"
+msgstr "fin de ficheiro prematura (non hai CRC)\n"
+
+#: g10/armor.c:752
+msgid "premature eof (in CRC)\n"
+msgstr "fin de ficheiro prematura (no CRC)\n"
+
+#: g10/armor.c:756
+msgid "malformed CRC\n"
+msgstr "CRC mal formado\n"
+
+#: g10/armor.c:760 g10/armor.c:1279
+#, c-format
+msgid "CRC error; %06lx - %06lx\n"
+msgstr "Erro de CRC; %06lx - %06lx\n"
+
+#: g10/armor.c:780
+msgid "premature eof (in Trailer)\n"
+msgstr "fin de ficheiro prematura (nas li�as adicionais)\n"
+
+#: g10/armor.c:784
+msgid "error in trailer line\n"
+msgstr "error nunha li�a adicional\n"
+
+#: g10/armor.c:1057
+msgid "no valid OpenPGP data found.\n"
+msgstr "non se atoparon datos OpenPGP v�lidos.\n"
+
+#: g10/armor.c:1062
+#, c-format
+msgid "invalid armor: line longer than %d characters\n"
+msgstr "armadura incorrecta: li�a m�is longa ca %d caracteres\n"
+
+#: g10/armor.c:1066
+msgid ""
+"quoted printable character in armor - probably a buggy MTA has been used\n"
+msgstr ""
+"car�cter quoted-printable na armadura - seguramente empregouse un MTA con "
+"erros\n"
+
+#: g10/pkclist.c:61
+msgid "No reason specified"
+msgstr "Non se especificou un motivo"
+
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "A chave � obsoleta"
+
+#: g10/pkclist.c:65
+msgid "Key has been compromised"
+msgstr "Esta chave quedou descoberta"
+
+#: g10/pkclist.c:67
+msgid "Key is no longer used"
+msgstr "Xa non se emprega esta chave"
+
+#: g10/pkclist.c:69
+msgid "User ID is no longer valid"
+msgstr "O ID de usuario xa non � v�lido"
+
+#: g10/pkclist.c:73
+msgid "Reason for revocation: "
+msgstr "Motivo para a revocaci�n: "
+
+#: g10/pkclist.c:90
+msgid "Revocation comment: "
+msgstr "Comentario de revocaci�n: "
+
+#. a string with valid answers
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr ""
+
+#: g10/pkclist.c:258
+#, fuzzy, c-format
+msgid ""
+"No trust value assigned to:\n"
+"%4u%c/%08lX %s \""
+msgstr ""
+"Non se asignou un valor de confianza a %lu:\n"
+"%4u%c/%08lX %s \""
+
+#: g10/pkclist.c:270
+#, fuzzy
+msgid ""
+"Please decide how far you trust this user to correctly\n"
+"verify other users' keys (by looking at passports,\n"
+"checking fingerprints from different sources...)?\n"
+"\n"
+msgstr ""
+"Por favor, decida canto conf�a neste usuario para verificar\n"
+"correctamente as chaves de outros usuarios (mirando nos pasaportes,\n"
+"comprobando pegadas dactilares de varias fontes...).\n"
+"\n"
+" 1 = Non sei\n"
+" 2 = NON conf�o\n"
+" 3 = Conf�o un pouco\n"
+" 4 = Conf�o plenamente\n"
+" i = Por favor, am�seme m�is informaci�n\n"
+
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr ""
+
+#: g10/pkclist.c:274
+#, fuzzy, c-format
+msgid " %d = I do NOT trust\n"
+msgstr "%08lX: Esta chave NON � de confianza\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr ""
+
+#: g10/pkclist.c:276
+#, fuzzy, c-format
+msgid " %d = I trust fully\n"
+msgstr "%s: non � un ficheiro de base de datos de confianza\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr ""
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr ""
+
+#: g10/pkclist.c:281
+msgid " m = back to the main menu\n"
+msgstr " m = voltar ao men� principal\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr ""
+
+#: g10/pkclist.c:285
+msgid " q = quit\n"
+msgstr " s = sa�r\n"
+
+#: g10/pkclist.c:292
+msgid "Your decision? "
+msgstr "�A s�a decisi�n? "
+
+#: g10/pkclist.c:313
+#, fuzzy
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "�Seguro de que quere borrar esta chave? "
+
+#: g10/pkclist.c:325
+msgid "Certificates leading to an ultimately trusted key:\n"
+msgstr "Certificados que conducen a unha chave de confianza absoluta:\n"
+
+#: g10/pkclist.c:399
+#, c-format
+msgid "key %08lX: key has been revoked!\n"
+msgstr "chave %08lX: �esta chave est� revocada!\n"
+
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
+msgid "Use this key anyway? "
+msgstr "�Empregar esta chave de t�dolos xeitos?"
+
+#: g10/pkclist.c:411
+#, c-format
+msgid "key %08lX: subkey has been revoked!\n"
+msgstr "chave %08lX: �unha subchave est� revocada!\n"
+
+#: g10/pkclist.c:432
+#, c-format
+msgid "%08lX: key has expired\n"
+msgstr "%08lX: a chave caducou\n"
+
+#: g10/pkclist.c:442
+#, fuzzy, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"       Non hai indicaci�ns de que a sinatura pertenza ao seu propietario.\n"
+
+#: g10/pkclist.c:448
+#, c-format
+msgid "%08lX: We do NOT trust this key\n"
+msgstr "%08lX: Esta chave NON � de confianza\n"
+
+#: g10/pkclist.c:454
+#, c-format
+msgid ""
+"%08lX: It is not sure that this key really belongs to the owner\n"
+"but it is accepted anyway\n"
+msgstr ""
+"%08lX: Non � seguro que esta chave pertenza de verdade ao seu propietario\n"
+"pero ac�ptase de t�dolos xeitos\n"
+
+#: g10/pkclist.c:460
+msgid "This key probably belongs to the owner\n"
+msgstr "Esta chave probablemente pertenza ao propietario\n"
+
+#: g10/pkclist.c:465
+msgid "This key belongs to us\n"
+msgstr "Esta chave pert�ncenos a n�s\n"
+
+#: g10/pkclist.c:507
+msgid ""
+"It is NOT certain that the key belongs to its owner.\n"
+"If you *really* know what you are doing, you may answer\n"
+"the next question with yes\n"
+"\n"
+msgstr ""
+"NON � seguro que a chave pertenza ao seu propietario.\n"
+"Se *de verdade* sabe o que est� a facer, pode respostar �\n"
+"seguinte pregunta cun \"si\"\n"
+"\n"
+
+#: g10/pkclist.c:521 g10/pkclist.c:543
+msgid "WARNING: Using untrusted key!\n"
+msgstr "AVISO: �Empr�gase unha chave que non � de confianza!\n"
+
+#: g10/pkclist.c:562
+msgid "WARNING: This key has been revoked by its owner!\n"
+msgstr "AVISO: �Esta chave est� revocada polo propietario!\n"
+
+#: g10/pkclist.c:563
+msgid "         This could mean that the signature is forgery.\n"
+msgstr "       Isto pode significar que a sinatura est� falsificada.\n"
+
+#: g10/pkclist.c:569
+msgid "WARNING: This subkey has been revoked by its owner!\n"
+msgstr "AVISO: �Esta subchave est� revocada polo propietario!\n"
+
+#: g10/pkclist.c:574
+#, fuzzy
+msgid "Note: This key has been disabled.\n"
+msgstr "Esta chave est� desactivada"
+
+#: g10/pkclist.c:579
+msgid "Note: This key has expired!\n"
+msgstr "Nota: �Esta chave xa caducou!\n"
+
+#: g10/pkclist.c:590
+msgid "WARNING: This key is not certified with a trusted signature!\n"
+msgstr "AVISO: �Esta chave non est� certificada cunha sinatura de confianza!\n"
+
+#: g10/pkclist.c:592
+msgid ""
+"         There is no indication that the signature belongs to the owner.\n"
+msgstr ""
+"       Non hai indicaci�ns de que a sinatura pertenza ao seu propietario.\n"
+
+#: g10/pkclist.c:600
+msgid "WARNING: We do NOT trust this key!\n"
+msgstr "AVISO: �Esta chave NON � de confianza!\n"
+
+#: g10/pkclist.c:601
+msgid "         The signature is probably a FORGERY.\n"
+msgstr "       Probablemente, a sinatura estea FALSIFICADA.\n"
+
+#: g10/pkclist.c:609
+msgid ""
+"WARNING: This key is not certified with sufficiently trusted signatures!\n"
+msgstr ""
+"AVISO: �Esta chave non est� certificada con sinaturas de suficiente "
+"confianza!\n"
+
+#: g10/pkclist.c:611
+msgid "         It is not certain that the signature belongs to the owner.\n"
+msgstr "       Non � seguro que a sinatura pertenza ao seu propietario.\n"
+
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
+#, c-format
+msgid "%s: skipped: %s\n"
+msgstr "%s: omitido: %s\n"
+
+#: g10/pkclist.c:723 g10/pkclist.c:911
+#, c-format
+msgid "%s: skipped: public key already present\n"
+msgstr "%s: omitido: a chave p�blica xa est� presente\n"
+
+#: g10/pkclist.c:752
+#, fuzzy
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr ""
+"Non especificou un ID de usuario. (pode empregar \"-r\")\n"
+"\n"
+
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
+
+#: g10/pkclist.c:776
+msgid "No such user ID.\n"
+msgstr "Non hai tal ID de usuario.\n"
+
+#: g10/pkclist.c:781 g10/pkclist.c:857
+msgid "skipped: public key already set as default recipient\n"
+msgstr ""
+"omitido: a chave p�blica xa est� estabrecida coma destinatario por defecto\n"
+
+#: g10/pkclist.c:799
+msgid "Public key is disabled.\n"
+msgstr "A chave p�blica est� desactivada.\n"
+
+#: g10/pkclist.c:806
+#, fuzzy
+msgid "skipped: public key already set\n"
+msgstr "%s: omitido: a chave p�blica xa est� presente\n"
+
+#: g10/pkclist.c:849
+#, c-format
+msgid "unknown default recipient `%s'\n"
+msgstr "destinatario por defecto `%s' desco�ecido\n"
+
+#: g10/pkclist.c:893
+#, c-format
+msgid "%s: skipped: public key is disabled\n"
+msgstr "%s: omitido: a chave p�blica est� desactivada\n"
+
+#: g10/pkclist.c:943
+msgid "no valid addressees\n"
+msgstr "non hai enderezos v�lidos\n"
+
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr ""
+
+#: g10/keygen.c:187
+#, fuzzy, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "om�tese `%s': duplicada\n"
+
+#: g10/keygen.c:192
+#, fuzzy, c-format
+msgid "too many `%c' preferences\n"
+msgstr "amosar preferencias"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "Caracter non v�lido no nome\n"
+
+#: g10/keygen.c:399
+msgid "writing self signature\n"
+msgstr "escribindo a propia sinatura\n"
+
+#: g10/keygen.c:443
+msgid "writing key binding signature\n"
+msgstr "escribindo unha sinatura que liga a chave\n"
+
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
+msgid "keysize invalid; using %u bits\n"
+msgstr "tama�o de chave non v�lido; empregando %u bits\n"
+
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
+msgid "keysize rounded up to %u bits\n"
+msgstr "tama�o de chave redondeado a %u bits\n"
+
+#: g10/keygen.c:777
+msgid "Please select what kind of key you want:\n"
+msgstr "Por favor, seleccione o tipo de chave que quere:\n"
+
+#: g10/keygen.c:779
+#, c-format
+msgid "   (%d) DSA and ElGamal (default)\n"
+msgstr "   (%d) DSA e ElGamal (por defecto)\n"
+
+#: g10/keygen.c:780
+#, c-format
+msgid "   (%d) DSA (sign only)\n"
+msgstr "   (%d) DSA (s� asinar)\n"
+
+#: g10/keygen.c:782
+#, c-format
+msgid "   (%d) ElGamal (encrypt only)\n"
+msgstr "   (%d) ElGamal (s� cifrar)\n"
+
+#: g10/keygen.c:783
+#, c-format
+msgid "   (%d) ElGamal (sign and encrypt)\n"
+msgstr "   (%d) ElGamal (asinar e cifrar)\n"
+
+#: g10/keygen.c:784
+#, fuzzy, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) DSA (s� asinar)\n"
+
+#: g10/keygen.c:786
+#, fuzzy, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) ElGamal (s� cifrar)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
+msgid "Your selection? "
+msgstr "�A s�a selecci�n? "
+
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "Este algoritmo est� obsoleto - �crear de t�dolos xeitos? "
+
+#: g10/keyedit.c:529 g10/keygen.c:823
+msgid "Invalid selection.\n"
+msgstr "Selecci�n non v�lida.\n"
+
+#: g10/keygen.c:836
+#, c-format
+msgid ""
+"About to generate a new %s keypair.\n"
+"              minimum keysize is  768 bits\n"
+"              default keysize is 1024 bits\n"
+"    highest suggested keysize is 2048 bits\n"
+msgstr ""
+"Hase crear unh novo par de chaves %s.\n"
+"             tama�o de chave m�nimo:  768 bits\n"
+"        tama�o de chave por defecto: 1024 bits\n"
+" tama�o de chave m�ximo recomendado: 2048 bits\n"
+
+#: g10/keygen.c:845
+msgid "What keysize do you want? (1024) "
+msgstr "�Qu� tama�o de chave quere? (1024) "
+
+#: g10/keygen.c:850
+msgid "DSA only allows keysizes from 512 to 1024\n"
+msgstr "DSA s� admite tama�os entre 512 e 1024\n"
+
+#: g10/keygen.c:852
+msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr "chave pequena de m�is; 1024 � o menor valor admitido para RSA.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr "chave pequena de m�is; 768 � o menor valor admitido\n"
+
+#. It is ridiculous and an annoyance to use larger key sizes!
+#. * GnuPG can handle much larger sizes; but it takes an eternity
+#. * to create such a key (but less than the time the Sirius
+#. * Computer Corporation needs to process one of the usual
+#. * complaints) and {de,en}cryption although needs some time.
+#. * So, before you complain about this limitation, I suggest that
+#. * you start a discussion with Marvin about this theme and then
+#. * do whatever you want.
+#: g10/keygen.c:866
+#, c-format
+msgid "keysize too large; %d is largest value allowed.\n"
+msgstr "chave grande de m�is; %d � o maior tama�o admitido.\n"
+
+#: g10/keygen.c:871
+msgid ""
+"Keysizes larger than 2048 are not suggested because\n"
+"computations take REALLY long!\n"
+msgstr ""
+"�As chaves maiores de 2048 bits non se aconsellan porque\n"
+"os c�lculos levan MOITO tempo!\n"
+
+#: g10/keygen.c:874
+msgid "Are you sure that you want this keysize? "
+msgstr "�Est� seguro de que quere este tama�o de chave? "
+
+#: g10/keygen.c:875
+msgid ""
+"Okay, but keep in mind that your monitor and keyboard radiation is also very "
+"vulnerable to attacks!\n"
+msgstr ""
+"De acordo, �pero te�a en conta que a radiaci�n do monitor e o teclado tam�n "
+"son vulnerables a ataques!\n"
+
+#: g10/keygen.c:884
+#, c-format
+msgid "Requested keysize is %u bits\n"
+msgstr "O tama�o de chave requerido son %u bits\n"
+
+#: g10/keygen.c:887 g10/keygen.c:891
+#, c-format
+msgid "rounded up to %u bits\n"
+msgstr "redondeado a %u bits\n"
+
+#: g10/keygen.c:942
+msgid ""
+"Please specify how long the key should be valid.\n"
+"         0 = key does not expire\n"
+"      <n>  = key expires in n days\n"
+"      <n>w = key expires in n weeks\n"
+"      <n>m = key expires in n months\n"
+"      <n>y = key expires in n years\n"
+msgstr ""
+"Por favor, indique canto tempo deber�a ser v�lida a chave.\n"
+"         0 = a chave non caduca\n"
+"      <n>  = a chave caduca en n d�as\n"
+"      <n>w = a chave caduca en n semanas\n"
+"      <n>m = a chave caduca en n meses\n"
+"      <n>y = a chave caduca en n anos\n"
+
+#: g10/keygen.c:951
+#, fuzzy
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Por favor, indique canto tempo deber�a ser v�lida a chave.\n"
+"         0 = a chave non caduca\n"
+"      <n>  = a chave caduca en n d�as\n"
+"      <n>w = a chave caduca en n semanas\n"
+"      <n>m = a chave caduca en n meses\n"
+"      <n>y = a chave caduca en n anos\n"
+
+#: g10/keygen.c:973
+msgid "Key is valid for? (0) "
+msgstr "�Por canto tempo � v�lida a chave? (0) "
+
+#: g10/keygen.c:975
+#, fuzzy
+msgid "Signature is valid for? (0) "
+msgstr "�Por canto tempo � v�lida a chave? (0) "
+
+#: g10/keygen.c:980
+msgid "invalid value\n"
+msgstr "valor non v�lido\n"
+
+#: g10/keygen.c:985
+#, fuzzy, c-format
+msgid "%s does not expire at all\n"
+msgstr "A chave non caduca nunca\n"
+
+#. print the date when the key expires
+#: g10/keygen.c:992
+#, fuzzy, c-format
+msgid "%s expires at %s\n"
+msgstr "A chave caduca o %s\n"
+
+#: g10/keygen.c:998
+msgid ""
+"Your system can't display dates beyond 2038.\n"
+"However, it will be correctly handled up to 2106.\n"
+msgstr ""
+"O seu sistema non pode amosar datas m�is al� do 2038.\n"
+"A�nda as�, hase tratar correctamente ata o 2106.\n"
+
+#: g10/keygen.c:1003
+msgid "Is this correct (y/n)? "
+msgstr "�Isto � correcto? (s/n) "
+
+#: g10/keygen.c:1046
+msgid ""
+"\n"
+"You need a User-ID to identify your key; the software constructs the user "
+"id\n"
+"from Real Name, Comment and Email Address in this form:\n"
+"    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
+"\n"
+msgstr ""
+"\n"
+"Precisa un ID de usuario para identifica-la s�a chave; o software constr�e "
+"o\n"
+"id de usuario co Nome, un Comentario e un Enderezo de E-mail deste xeito:\n"
+"     \"Heinrich Heime (Der Dichter) <[email protected]>\"\n"
+"\n"
+
+#: g10/keygen.c:1058
+msgid "Real name: "
+msgstr "Nome: "
+
+#: g10/keygen.c:1066
+msgid "Invalid character in name\n"
+msgstr "Caracter non v�lido no nome\n"
+
+#: g10/keygen.c:1068
+msgid "Name may not start with a digit\n"
+msgstr "O nome non pode comezar cun d�xito\n"
+
+#: g10/keygen.c:1070
+msgid "Name must be at least 5 characters long\n"
+msgstr "O nome debe ter alomenos 5 caracteres\n"
+
+#: g10/keygen.c:1078
+msgid "Email address: "
+msgstr "Enderezo de E-mail: "
+
+#: g10/keygen.c:1089
+msgid "Not a valid email address\n"
+msgstr "Non � un enderezo de e-mail v�lido\n"
+
+#: g10/keygen.c:1097
+msgid "Comment: "
+msgstr "Comentario: "
+
+#: g10/keygen.c:1103
+msgid "Invalid character in comment\n"
+msgstr "Car�cter non v�lido no comentario\n"
+
+#: g10/keygen.c:1126
+#, c-format
+msgid "You are using the `%s' character set.\n"
+msgstr "Est� a usa-lo xogo de caracteres `%s'.\n"
+
+#: g10/keygen.c:1132
+#, c-format
+msgid ""
+"You selected this USER-ID:\n"
+"    \"%s\"\n"
+"\n"
+msgstr ""
+"Escolleu este ID de usuario:\n"
+"    \"%s\"\n"
+"\n"
+
+#: g10/keygen.c:1136
+msgid "Please don't put the email address into the real name or the comment\n"
+msgstr ""
+"Por favor, non po�a o enderezo de correo no nome real ou no comentario\n"
+
+#: g10/keygen.c:1141
+msgid "NnCcEeOoQq"
+msgstr "NnCcEeAaSs"
+
+#: g10/keygen.c:1151
+msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
+msgstr "�Cambia-lo (N)ome, (C)omentario, (E)-mail ou (S)a�r? "
+
+#: g10/keygen.c:1152
+msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
+msgstr "�Cambiar (N)ome, (C)omentario, (E)-mail ou (A)ceptar/(S)a�r? "
+
+#: g10/keygen.c:1171
+msgid "Please correct the error first\n"
+msgstr "Por favor, corrixa antes o erro\n"
+
+#: g10/keygen.c:1210
+msgid ""
+"You need a Passphrase to protect your secret key.\n"
+"\n"
+msgstr ""
+"Necesita un contrasinal para protexe-la s�a chave secreta.\n"
+"\n"
+
+#: g10/keyedit.c:701 g10/keygen.c:1218
+#, fuzzy
+msgid "passphrase not correctly repeated; try again"
+msgstr "o contrasinal non se repetiu correctamente; t�nteo de novo.\n"
+
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr ""
+
+#: g10/keygen.c:1225
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"I will do it anyway.  You can change your passphrase at any time,\n"
+"using this program with the option \"--edit-key\".\n"
+"\n"
+msgstr ""
+"Non quere empregar un contrasinal - �� unha idea *moi* mala!\n"
+"Hase facer as� de t�dolos xeitos; pode cambia-lo contrasinal en calquera\n"
+"momento, empregando este programa coa opci�n \"--edit-key\".\n"
+"\n"
+
+#: g10/keygen.c:1246
+msgid ""
+"We need to generate a lot of random bytes. It is a good idea to perform\n"
+"some other action (type on the keyboard, move the mouse, utilize the\n"
+"disks) during the prime generation; this gives the random number\n"
+"generator a better chance to gain enough entropy.\n"
+msgstr ""
+"C�mpre xerar unha morea de bytes aleatorios. E unha boa idea facer outras\n"
+"cousas (premer teclas no teclado, move-lo rato, usa-los discos duros)\n"
+"mentres se xeran os n�meros primos; isto proporci�nalle ao xerador de\n"
+"n�meros aleatorios unha opoertunidade de acumular entrop�a de abondo.\n"
+
+#: g10/keygen.c:1741
+msgid "DSA keypair will have 1024 bits.\n"
+msgstr "O par de chaves DSA ha ter 1024 bits.\n"
+
+#: g10/keygen.c:1795
+msgid "Key generation canceled.\n"
+msgstr "Cancelouse a xeraci�n de chaves.\n"
+
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
+msgid "writing public key to `%s'\n"
+msgstr "gravando a chave p�blica en `%s'\n"
+
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
+msgid "writing secret key to `%s'\n"
+msgstr "gravando a chave secreta en `%s'\n"
+
+#: g10/keygen.c:1952
+#, fuzzy, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "chave %08lX: chave p�blica non atopada: %s\n"
+
+#: g10/keygen.c:1958
+#, fuzzy, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "chave %08lX: chave secreta non atopada: %s\n"
+
+#: g10/keygen.c:1972
+#, fuzzy, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "erro escribindo no chaveiro `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, fuzzy, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "erro escribindo no chaveiro `%s': %s\n"
+
+#: g10/keygen.c:1999
+msgid "public and secret key created and signed.\n"
+msgstr "cre�ronse e asin�ronse as chaves p�blica e secreta.\n"
+
+#: g10/keygen.c:2000
+#, fuzzy
+msgid "key marked as ultimately trusted.\n"
+msgstr "Certificados que conducen a unha chave de confianza absoluta:\n"
+
+#: g10/keygen.c:2011
+msgid ""
+"Note that this key cannot be used for encryption.  You may want to use\n"
+"the command \"--edit-key\" to generate a secondary key for this purpose.\n"
+msgstr ""
+"Te�a en conta que non se pode empregar esta chave para cifrar. Pode que\n"
+"queira emprega-lo comando \"--edit-key\" para xerar unha chave secundaria\n"
+"con esa finalidade.\n"
+
+#: g10/keygen.c:2023 g10/keygen.c:2131
+#, c-format
+msgid "Key generation failed: %s\n"
+msgstr "A xeraci�n da chave fallou: %s\n"
+
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
+#, c-format
+msgid ""
+"key has been created %lu second in future (time warp or clock problem)\n"
+msgstr ""
+"creouse a chave %lu segundo no futuro (salto no tempo ou problemas co "
+"reloxo)\n"
+
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
+#, c-format
+msgid ""
+"key has been created %lu seconds in future (time warp or clock problem)\n"
+msgstr ""
+"creouse a chave %lu segundos no futuro (salto no tempo ou problemas co "
+"reloxo)\n"
+
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "NOTA: a creaci�n de subchaves para chaves v3 non cumpre OpenPGP\n"
+
+#: g10/keygen.c:2107
+msgid "Really create? "
+msgstr "�Crear realmente? "
+
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr ""
+
+#: g10/encode.c:92 g10/encode.c:296
+#, fuzzy, c-format
+msgid "`%s' already compressed\n"
+msgstr "%lu chaves procesadas\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
+#, c-format
+msgid "%s: can't open: %s\n"
+msgstr "%s: non se pode abrir: %s\n"
+
+#: g10/encode.c:122 g10/sign.c:959
+#, c-format
+msgid "error creating passphrase: %s\n"
+msgstr "erro ao crea-lo contrasinal: %s\n"
+
+#: g10/encode.c:185 g10/encode.c:383
+#, c-format
+msgid "%s: WARNING: empty file\n"
+msgstr "%s: AVISO: ficheiro baleiro\n"
+
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+
+#: g10/encode.c:313
+#, c-format
+msgid "reading from `%s'\n"
+msgstr "lendo de `%s'\n"
+
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+
+#: g10/encode.c:563
+#, c-format
+msgid "%s/%s encrypted for: %s\n"
+msgstr "%s/%s cifrado para: %s\n"
+
+#: g10/delkey.c:69 g10/export.c:141
+#, fuzzy, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "non se atopou o usuario '%s': %s\n"
+
+#: g10/delkey.c:77 g10/export.c:161
+#, fuzzy, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "erro lendo `%s': %s\n"
+
+#: g10/export.c:169
+#, c-format
+msgid "key %08lX: not a rfc2440 key - skipped\n"
+msgstr "chave %08lX: non � unha chave rfc2440 - omitida\n"
+
+#: g10/export.c:180
+#, c-format
+msgid "key %08lX: not protected - skipped\n"
+msgstr "chave %08lX: non est� protexida - omitida\n"
+
+#: g10/export.c:188
+#, fuzzy, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "chave %08lX: nova chave - omitida\n"
+
+#: g10/export.c:255
+msgid "WARNING: nothing exported\n"
+msgstr "AVISO: non se exportou nada\n"
+
+#: g10/getkey.c:151
+msgid "too many entries in pk cache - disabled\n"
+msgstr "demasiadas entradas na cach� de chaves p�blicas - desactivada\n"
+
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[Non se atopou o id de usuario]"
+
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+
+#: g10/getkey.c:1989
+#, c-format
+msgid "using secondary key %08lX instead of primary key %08lX\n"
+msgstr "empr�gase a chave secundaria %08lX no canto da primaria %08lX\n"
+
+#: g10/getkey.c:2036
+#, c-format
+msgid "key %08lX: secret key without public key - skipped\n"
+msgstr "chave %08lX: chave secreta sen chave p�blica - ignorada\n"
+
+#: g10/import.c:206
+#, c-format
+msgid "skipping block of type %d\n"
+msgstr "pasando por alto un bloque de tipo %d\n"
+
+#: g10/import.c:213
+#, c-format
+msgid "%lu keys so far processed\n"
+msgstr "%lu chaves procesadas hasta polo momento\n"
+
+#: g10/import.c:218
+#, c-format
+msgid "error reading `%s': %s\n"
+msgstr "erro lendo `%s': %s\n"
+
+#: g10/import.c:230
+#, c-format
+msgid "Total number processed: %lu\n"
+msgstr "N�mero total procesado: %lu\n"
+
+#: g10/import.c:232
+#, c-format
+msgid "      skipped new keys: %lu\n"
+msgstr "novas chaves omitidas: %lu\n"
+
+#: g10/import.c:235
+#, c-format
+msgid "          w/o user IDs: %lu\n"
+msgstr "   sin IDs de usuario: %lu\n"
+
+#: g10/import.c:237
+#, c-format
+msgid "              imported: %lu"
+msgstr "           importadas: %lu"
+
+#: g10/import.c:243
+#, c-format
+msgid "             unchanged: %lu\n"
+msgstr "          sin cambios: %lu\n"
+
+#: g10/import.c:245
+#, c-format
+msgid "          new user IDs: %lu\n"
+msgstr " novos IDs de usuario: %lu\n"
+
+#: g10/import.c:247
+#, c-format
+msgid "           new subkeys: %lu\n"
+msgstr "     novas sub-chaves: %lu\n"
+
+#: g10/import.c:249
+#, c-format
+msgid "        new signatures: %lu\n"
+msgstr "         novas sinaturas: %lu\n"
+
+#: g10/import.c:251
+#, c-format
+msgid "   new key revocations: %lu\n"
+msgstr " novas revocaci�ns de chaves: %lu\n"
+
+#: g10/import.c:253
+#, c-format
+msgid "      secret keys read: %lu\n"
+msgstr "chaves secretas lidas: %lu\n"
+
+#: g10/import.c:255
+#, c-format
+msgid "  secret keys imported: %lu\n"
+msgstr "chaves secretas importadas: %lu\n"
+
+#: g10/import.c:257
+#, c-format
+msgid " secret keys unchanged: %lu\n"
+msgstr "chaves secretas sin cambios: %lu\n"
+
+#: g10/import.c:438 g10/import.c:657
+#, c-format
+msgid "key %08lX: no user ID\n"
+msgstr "chave %08lX: non hai ID de usuario\n"
+
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "chave %08lX: aceptouse o ID de usuario sin sinatura propia '"
+
+#: g10/import.c:462
+#, c-format
+msgid "key %08lX: no valid user IDs\n"
+msgstr "chave %08lX: non hai IDs de usuario v�lidos\n"
+
+#: g10/import.c:464
+msgid "this may be caused by a missing self-signature\n"
+msgstr "isto pode ser causado por unha sinatura propia que falta\n"
+
+#: g10/import.c:474 g10/import.c:726
+#, c-format
+msgid "key %08lX: public key not found: %s\n"
+msgstr "chave %08lX: chave p�blica non atopada: %s\n"
+
+#: g10/import.c:479
+#, c-format
+msgid "key %08lX: new key - skipped\n"
+msgstr "chave %08lX: nova chave - omitida\n"
+
+#: g10/import.c:489
+#, fuzzy, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "erro escribindo no chaveiro `%s': %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
+#, c-format
+msgid "writing to `%s'\n"
+msgstr "escribindo a `%s'\n"
+
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
+msgstr "erro escribindo no chaveiro `%s': %s\n"
+
+#: g10/import.c:505
+#, c-format
+msgid "key %08lX: public key imported\n"
+msgstr "chave %08lX: chave p�blica importada\n"
+
+#: g10/import.c:524
+#, c-format
+msgid "key %08lX: doesn't match our copy\n"
+msgstr "chave %08lX: non coincide coa nosa copia\n"
+
+#: g10/import.c:542 g10/import.c:743
+#, c-format
+msgid "key %08lX: can't locate original keyblock: %s\n"
+msgstr ""
+"chave %08lX: non foi posible localiza-lo bloque de chaves original:\n"
+"%s\n"
+
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr ""
+"chave %08lX: non foi posible le-lo bloque de chaves original:\n"
+"%s\n"
+
+#: g10/import.c:579
+#, c-format
+msgid "key %08lX: 1 new user ID\n"
+msgstr "chave %08lX: 1 novo ID de usuario\n"
+
+#: g10/import.c:582
+#, c-format
+msgid "key %08lX: %d new user IDs\n"
+msgstr "chave %08lX: %d novos IDs de usuario\n"
+
+#: g10/import.c:585
+#, c-format
+msgid "key %08lX: 1 new signature\n"
+msgstr "chave %08lX: 1 nova sinatura\n"
+
+#: g10/import.c:588
+#, c-format
+msgid "key %08lX: %d new signatures\n"
+msgstr "chave %08lX: %d novas sinaturas\n"
+
+#: g10/import.c:591
+#, c-format
+msgid "key %08lX: 1 new subkey\n"
+msgstr "chave %08lX: 1 nova sub-chave\n"
+
+#: g10/import.c:594
+#, c-format
+msgid "key %08lX: %d new subkeys\n"
+msgstr "chave %08lX: %d novas sub-chaves\n"
+
+#: g10/import.c:604
+#, c-format
+msgid "key %08lX: not changed\n"
+msgstr "chave %08lX: sin cambios\n"
+
+#: g10/import.c:671
+#, fuzzy, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "non hai un chaveiro p�blico por defecto\n"
+
+#: g10/import.c:682
+#, c-format
+msgid "key %08lX: secret key imported\n"
+msgstr "chave %08lX: chave secreta importada\n"
+
+#. we can't merge secret keys
+#: g10/import.c:686
+#, c-format
+msgid "key %08lX: already in secret keyring\n"
+msgstr "chave %08lX: xa estaba no chaveiro secreto\n"
+
+#: g10/import.c:691
+#, c-format
+msgid "key %08lX: secret key not found: %s\n"
+msgstr "chave %08lX: chave secreta non atopada: %s\n"
+
+#: g10/import.c:720
+#, c-format
+msgid "key %08lX: no public key - can't apply revocation certificate\n"
+msgstr ""
+"chave %08lX: non hai chave p�blica - non se pode aplica-lo\n"
+"certificado de revocaci�n\n"
+
+#: g10/import.c:760
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
+msgstr ""
+"chave %08lX: certificado de revocaci�n incorrecto:\n"
+"%s - rechazado\n"
+
+#: g10/import.c:791
+#, c-format
+msgid "key %08lX: revocation certificate imported\n"
+msgstr "chave %08lX: certificado de revocaci�n importado\n"
+
+#: g10/import.c:826
+#, c-format
+msgid "key %08lX: no user ID for signature\n"
+msgstr "chave %08lX: non hai ID de usuario para a sinatura\n"
+
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr "chave %08lX: algoritmo de chave p�blica non soportado\n"
+
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "chave %08lX: sinatura propia incorrecta\n"
+
+#: g10/import.c:858
+#, c-format
+msgid "key %08lX: no subkey for key binding\n"
+msgstr "chave %08lX: non hai sub-chave para o enlace da chave\n"
+
+#: g10/import.c:868
+#, c-format
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "chave %08lX: algoritmo de chave p�blica non soportado\n"
+
+#: g10/import.c:869
+#, c-format
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "chave %08lX: enlace de sub-chave incorrecto\n"
+
+#: g10/import.c:899
+#, c-format
+msgid "key %08lX: skipped user ID '"
+msgstr "chave %08lX: pasado por alto o ID de usuario '"
+
+#: g10/import.c:922
+#, c-format
+msgid "key %08lX: skipped subkey\n"
+msgstr "chave %08lX: pasada por alto a sub-chave\n"
+
+#. here we violate the rfc a bit by still allowing
+#. * to import non-exportable signature when we have the
+#. * the secret key used to create this signature - it
+#. * seems that this makes sense
+#: g10/import.c:945
+#, c-format
+msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
+msgstr "chave %08lX: sinatura non exportable (clase %02x) - pasada por alto\n"
+
+#: g10/import.c:954
+#, c-format
+msgid "key %08lX: revocation certificate at wrong place - skipped\n"
+msgstr ""
+"chave %08lX: certificado de revocaci�n no lugar err�neo - pasada\n"
+"por alto\n"
+
+#: g10/import.c:971
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
+msgstr ""
+"chave %08lX: certificado de revocaci�n incorrecto:\n"
+"%s - pasado por alto\n"
+
+#: g10/import.c:1072
+#, c-format
+msgid "key %08lX: duplicated user ID detected - merged\n"
+msgstr "chave %08lX: ID de usuario duplicado detectado - mezclado\n"
+
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
+#, c-format
+msgid "key %08lX: revocation certificate added\n"
+msgstr "chave %08lX: certificado de revocaci�n engadido\n"
+
+#: g10/import.c:1231
+#, fuzzy, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "chave %08lX: %d novas sinaturas\n"
+
+#: g10/keyedit.c:142
+msgid "[revocation]"
+msgstr "[revocaci�n]"
+
+#: g10/keyedit.c:143
+msgid "[self-signature]"
+msgstr "[sinatura propia]"
+
+#: g10/keyedit.c:214 g10/keylist.c:139
+msgid "1 bad signature\n"
+msgstr "1 sinatura err�nea\n"
+
+#: g10/keyedit.c:216 g10/keylist.c:141
+#, c-format
+msgid "%d bad signatures\n"
+msgstr "%d sinaturas err�neas\n"
+
+#: g10/keyedit.c:218 g10/keylist.c:143
+msgid "1 signature not checked due to a missing key\n"
+msgstr "1 sinatura non verificada debido a unha chave que falta\n"
+
+#: g10/keyedit.c:220 g10/keylist.c:145
+#, c-format
+msgid "%d signatures not checked due to missing keys\n"
+msgstr "%d sinaturas non verificadas debido a chaves que faltan\n"
+
+#: g10/keyedit.c:222 g10/keylist.c:147
+msgid "1 signature not checked due to an error\n"
+msgstr "1 sinatura non verificada debido a un erro\n"
+
+#: g10/keyedit.c:224 g10/keylist.c:149
+#, c-format
+msgid "%d signatures not checked due to errors\n"
+msgstr "%d sinaturas non verificadas debido a erros\n"
+
+#: g10/keyedit.c:226
+msgid "1 user ID without valid self-signature detected\n"
+msgstr "detectado 1 ID de usuario sin sinatura propia v�lida\n"
+
+#: g10/keyedit.c:228
+#, c-format
+msgid "%d user IDs without valid self-signatures detected\n"
+msgstr "detectados %d IDs de usuario sin sinatura propia v�lida\n"
+
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "A chave est� protexida.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+#, fuzzy
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "�Est� seguro de que quere este tama�o de chave? "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+
+#: g10/keyedit.c:388
+#, fuzzy, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "Xa foi asinado pola chave %08lX\n"
+
+#: g10/keyedit.c:393
+#, fuzzy, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "Xa foi asinado pola chave %08lX\n"
+
+#: g10/keyedit.c:405
+#, c-format
+msgid "Nothing to sign with key %08lX\n"
+msgstr "Nada que asinar coa chave %08lX\n"
+
+#: g10/keyedit.c:420
+#, fuzzy
+msgid "This key has expired!"
+msgstr "Nota: �Esta chave xa caducou!\n"
+
+#: g10/keyedit.c:440
+#, fuzzy, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Esta chave non est� protexida.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr ""
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr ""
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:535
+msgid ""
+"Are you really sure that you want to sign this key\n"
+"with your key: \""
+msgstr ""
+"�Esta seguro de que quere asinar esta chave\n"
+"coa s�a chave: \""
+
+#: g10/keyedit.c:544
+#, fuzzy
+msgid ""
+"\n"
+"The signature will be marked as non-exportable.\n"
+msgstr ""
+"A sinatura ser� marcada como non exportable.\n"
+"\n"
+
+#: g10/keyedit.c:548
+#, fuzzy
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"A sinatura ser� marcada como non exportable.\n"
+"\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+
+#: g10/keyedit.c:569
+msgid "Really sign? "
+msgstr "�Asinar de verdade? "
+
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
+#, c-format
+msgid "signing failed: %s\n"
+msgstr "fallou a sinatura: %s\n"
+
+#: g10/keyedit.c:658
+msgid "This key is not protected.\n"
+msgstr "Esta chave non est� protexida.\n"
+
+#: g10/keyedit.c:662
+msgid "Secret parts of primary key are not available.\n"
+msgstr "as partes secretas da chave primaria non est�n dispo�ibles.\n"
+
+#: g10/keyedit.c:666
+msgid "Key is protected.\n"
+msgstr "A chave est� protexida.\n"
+
+#: g10/keyedit.c:686
+#, c-format
+msgid "Can't edit this key: %s\n"
+msgstr "Non se pode editar esta chave: %s\n"
+
+#: g10/keyedit.c:692
+msgid ""
+"Enter the new passphrase for this secret key.\n"
+"\n"
+msgstr ""
+"Introduza o novo contrasinal para esta chave secreta.\n"
+"\n"
+
+#: g10/keyedit.c:706
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"\n"
+msgstr ""
+"Non desexa un contrainal - �o que � unha *mala* idea!\n"
+"\n"
+
+#: g10/keyedit.c:709
+msgid "Do you really want to do this? "
+msgstr "�Seguro que quere facer esto? "
+
+#: g10/keyedit.c:773
+msgid "moving a key signature to the correct place\n"
+msgstr "movendo a sinatura dunha chave � seu sitio\n"
+
+#: g10/keyedit.c:815
+msgid "quit this menu"
+msgstr "sa�r deste men�"
+
+#: g10/keyedit.c:816
+msgid "q"
+msgstr "s"
+
+#: g10/keyedit.c:817
+msgid "save"
+msgstr "gardar"
+
+#: g10/keyedit.c:817
+msgid "save and quit"
+msgstr "gardar e sa�r"
+
+#: g10/keyedit.c:818
+msgid "help"
+msgstr "axuda"
+
+#: g10/keyedit.c:818
+msgid "show this help"
+msgstr "amosar esta axuda"
+
+#: g10/keyedit.c:820
+msgid "fpr"
+msgstr "fpr"
+
+#: g10/keyedit.c:820
+msgid "show fingerprint"
+msgstr "amosar fingerprint"
+
+#: g10/keyedit.c:821
+msgid "list"
+msgstr "listar"
+
+#: g10/keyedit.c:821
+msgid "list key and user IDs"
+msgstr "listar chave e IDs de usuario"
+
+#: g10/keyedit.c:822
+msgid "l"
+msgstr "l"
+
+#: g10/keyedit.c:823
+msgid "uid"
+msgstr "uid"
+
+#: g10/keyedit.c:823
+msgid "select user ID N"
+msgstr "selecciona-lo ID de usuario N"
+
+#: g10/keyedit.c:824
+msgid "key"
+msgstr "chave"
+
+#: g10/keyedit.c:824
+msgid "select secondary key N"
+msgstr "selecciona-la chave secundaria N"
+
+#: g10/keyedit.c:825
+msgid "check"
+msgstr "verificar"
+
+#: g10/keyedit.c:825
+msgid "list signatures"
+msgstr "listar sinaturas"
+
+#: g10/keyedit.c:826
+msgid "c"
+msgstr "v"
+
+#: g10/keyedit.c:827
+msgid "sign"
+msgstr "asinar"
+
+#: g10/keyedit.c:827
+msgid "sign the key"
+msgstr "sinatura-la chave"
+
+#: g10/keyedit.c:828
+msgid "s"
+msgstr "f"
+
+#: g10/keyedit.c:829
+msgid "lsign"
+msgstr "lsign"
+
+#: g10/keyedit.c:829
+msgid "sign the key locally"
+msgstr "sinatura-la chave localmente"
+
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "nrsign"
+msgstr "asinar"
+
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "sign the key non-revocably"
+msgstr "sinatura-la chave localmente"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "nrlsign"
+msgstr "lsign"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "sign the key locally and non-revocably"
+msgstr "sinatura-la chave localmente"
+
+#: g10/keyedit.c:832
+msgid "debug"
+msgstr "depurar"
+
+#: g10/keyedit.c:833
+msgid "adduid"
+msgstr "adduid"
+
+#: g10/keyedit.c:833
+msgid "add a user ID"
+msgstr "engadir un ID de usuario"
+
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr ""
+
+#: g10/keyedit.c:834
+#, fuzzy
+msgid "add a photo ID"
+msgstr "engadir un ID de usuario"
+
+#: g10/keyedit.c:835
+msgid "deluid"
+msgstr "deluid"
+
+#: g10/keyedit.c:835
+msgid "delete user ID"
+msgstr "borrar un ID de usuario"
+
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr ""
+
+#: g10/keyedit.c:838
+msgid "addkey"
+msgstr "addkey"
+
+#: g10/keyedit.c:838
+msgid "add a secondary key"
+msgstr "engadir unha chave secundaria"
+
+#: g10/keyedit.c:839
+msgid "delkey"
+msgstr "delkey"
+
+#: g10/keyedit.c:839
+msgid "delete a secondary key"
+msgstr "borrar unha chave secundaria"
+
+#: g10/keyedit.c:840
+msgid "delsig"
+msgstr "delsig"
+
+#: g10/keyedit.c:840
+msgid "delete signatures"
+msgstr "borrar sinaturas"
+
+#: g10/keyedit.c:841
+msgid "expire"
+msgstr "expire"
+
+#: g10/keyedit.c:841
+msgid "change the expire date"
+msgstr "cambia-la fecha de expiraci�n"
+
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr ""
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr ""
+
+#: g10/keyedit.c:843
+msgid "toggle"
+msgstr "toggle"
+
+#: g10/keyedit.c:843
+msgid "toggle between secret and public key listing"
+msgstr "cambiar entre o listado de chaves p�blicas e secretas"
+
+#: g10/keyedit.c:845
+msgid "t"
+msgstr "c"
+
+#: g10/keyedit.c:846
+msgid "pref"
+msgstr "pref"
+
+#: g10/keyedit.c:846
+#, fuzzy
+msgid "list preferences (expert)"
+msgstr "amosar preferencias"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "list preferences (verbose)"
+msgstr "amosar preferencias"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "setpref"
+msgstr "pref"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "set preference list"
+msgstr "amosar preferencias"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updpref"
+msgstr "pref"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updated preferences"
+msgstr "amosar preferencias"
+
+#: g10/keyedit.c:850
+msgid "passwd"
+msgstr "passwd"
+
+#: g10/keyedit.c:850
+msgid "change the passphrase"
+msgstr "cambia-lo contrasinal"
+
+#: g10/keyedit.c:851
+msgid "trust"
+msgstr "trust"
+
+#: g10/keyedit.c:851
+msgid "change the ownertrust"
+msgstr "cambia-la confianza sobre o dono"
+
+#: g10/keyedit.c:852
+msgid "revsig"
+msgstr "revsig"
+
+#: g10/keyedit.c:852
+msgid "revoke signatures"
+msgstr "revocar sinaturas"
+
+#: g10/keyedit.c:853
+msgid "revkey"
+msgstr "revkey"
+
+#: g10/keyedit.c:853
+msgid "revoke a secondary key"
+msgstr "revocar unha chave secundaria"
+
+#: g10/keyedit.c:854
+msgid "disable"
+msgstr "disable"
+
+#: g10/keyedit.c:854
+msgid "disable a key"
+msgstr "deshabilitar unha chave"
+
+#: g10/keyedit.c:855
+msgid "enable"
+msgstr "enable"
+
+#: g10/keyedit.c:855
+msgid "enable a key"
+msgstr "habilitar unha chave"
+
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr ""
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr ""
+
+#: g10/delkey.c:112 g10/keyedit.c:876
+msgid "can't do that in batchmode\n"
+msgstr "non se pode facer iso no modo por lotes\n"
+
+#: g10/keyedit.c:913
+#, fuzzy, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "erro lendo `%s': %s\n"
+
+#: g10/keyedit.c:931
+msgid "Secret key is available.\n"
+msgstr "A chave secreta est� disponible.\n"
+
+#: g10/keyedit.c:962
+msgid "Command> "
+msgstr "Comando> "
+
+#: g10/keyedit.c:994
+msgid "Need the secret key to do this.\n"
+msgstr "C�mpre a chave secreta para facer isto.\n"
+
+#: g10/keyedit.c:998
+msgid "Please use the command \"toggle\" first.\n"
+msgstr "Por favor, empregue o comando \"toggle\" antes.\n"
+
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "A chave est� protexida.\n"
+
+#: g10/keyedit.c:1066
+msgid "Really sign all user IDs? "
+msgstr "�Seguro de que quere asinar t�dolos IDs de usuario? "
+
+#: g10/keyedit.c:1067
+msgid "Hint: Select the user IDs to sign\n"
+msgstr "Pista: seleccione os IDs de usuario que desexa asinar\n"
+
+#: g10/keyedit.c:1092
+#, c-format
+msgid "This command is not allowed while in %s mode.\n"
+msgstr ""
+
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
+msgid "You must select at least one user ID.\n"
+msgstr "Debe seleccionar alomenos un ID de usuario.\n"
+
+#: g10/keyedit.c:1114
+msgid "You can't delete the last user ID!\n"
+msgstr "�Non pode borra-lo �ltimo ID de usuario!\n"
+
+#: g10/keyedit.c:1117
+msgid "Really remove all selected user IDs? "
+msgstr "�Seguro de que quere borrar t�dolos IDs de usuario seleccionados? "
+
+#: g10/keyedit.c:1118
+msgid "Really remove this user ID? "
+msgstr "�Seguro de que quere borrar este ID de usuario? "
+
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
+msgid "You must select at least one key.\n"
+msgstr "Debe seleccionar alomenos unha chave.\n"
+
+#: g10/keyedit.c:1160
+msgid "Do you really want to delete the selected keys? "
+msgstr "�Seguro de que quere borra-las chaves seleccionadas? "
+
+#: g10/keyedit.c:1161
+msgid "Do you really want to delete this key? "
+msgstr "�Seguro de que quere borrar esta chave? "
+
+#: g10/keyedit.c:1182
+msgid "Do you really want to revoke the selected keys? "
+msgstr "�Realmente quere revoca-las chaves seleccionadas? "
+
+#: g10/keyedit.c:1183
+msgid "Do you really want to revoke this key? "
+msgstr "�Realmente quere revocar esta chave? "
+
+#: g10/keyedit.c:1252
+#, fuzzy
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "�Seguro de que quere borrar t�dolos IDs de usuario seleccionados? "
+
+#: g10/keyedit.c:1254
+#, fuzzy
+msgid "Really update the preferences? "
+msgstr "�Realmente desexa crea-los certificados de revocaci�n? (y/N)"
+
+#: g10/keyedit.c:1292
+msgid "Save changes? "
+msgstr "�Garda-los cambios? "
+
+#: g10/keyedit.c:1295
+msgid "Quit without saving? "
+msgstr "�Sa�r sin gardar? "
+
+#: g10/keyedit.c:1306
+#, c-format
+msgid "update failed: %s\n"
+msgstr "a actualizaci�n fallou: %s\n"
+
+#: g10/keyedit.c:1313
+#, c-format
+msgid "update secret failed: %s\n"
+msgstr "o segredo da actualizaci�n fallou: %s\n"
+
+#: g10/keyedit.c:1320
+msgid "Key not changed so no update needed.\n"
+msgstr "A chave non cambiou, polo que non fai falla actualizar.\n"
+
+#: g10/keyedit.c:1332
+msgid "Invalid command  (try \"help\")\n"
+msgstr "Comando incorrecto (tente \"help\")\n"
+
+#: g10/keyedit.c:1489
+#, fuzzy, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "AVISO: �Esta chave est� revocada polo propietario!\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr ""
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
+#, c-format
+msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
+msgstr "Creouse %s%c %4u%c/%08lX : %s caduca: %s"
+
+#: g10/keyedit.c:1506
+#, c-format
+msgid " trust: %c/%c"
+msgstr " confianza: %c/%c"
+
+#: g10/keyedit.c:1510
+msgid "This key has been disabled"
+msgstr "Esta chave est� desactivada"
+
+#: g10/keyedit.c:1539
+#, c-format
+msgid "rev! subkey has been revoked: %s\n"
+msgstr "rev! revocouse a subchave: %s\n"
+
+#: g10/keyedit.c:1542
+msgid "rev- faked revocation found\n"
+msgstr "rev- atopouse unha revocaci�n falsa\n"
+
+#: g10/keyedit.c:1544
+#, c-format
+msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? problema ao comproba-la revocaci�n: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "�Est� seguro de que quere este tama�o de chave? "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1832
+msgid "Delete this good signature? (y/N/q)"
+msgstr "�Borrar esta sinatura correcta? (y/N/q)"
+
+#: g10/keyedit.c:1842
+msgid "Delete this invalid signature? (y/N/q)"
+msgstr "�Borrar esta sinatura incorrecta? (y/N/q)"
+
+#: g10/keyedit.c:1846
+msgid "Delete this unknown signature? (y/N/q)"
+msgstr "�Borrar esta sinatura desco�ecida? (y/N/q)"
+
+#: g10/keyedit.c:1852
+msgid "Really delete this self-signature? (y/N)"
+msgstr "�Realmente quere borrar esta sinatura propia? (y/N)"
+
+#: g10/keyedit.c:1866
+#, c-format
+msgid "Deleted %d signature.\n"
+msgstr "Borrada %d sinatura.\n"
+
+#: g10/keyedit.c:1867
+#, c-format
+msgid "Deleted %d signatures.\n"
+msgstr "Borradas %d sinaturas.\n"
+
+#: g10/keyedit.c:1870
+msgid "Nothing deleted.\n"
+msgstr "Non se borrou nada.\n"
+
+#: g10/keyedit.c:1943
+msgid "Please remove selections from the secret keys.\n"
+msgstr "Por favor, quite as selecci�ns das chaves secretas.\n"
+
+#: g10/keyedit.c:1949
+msgid "Please select at most one secondary key.\n"
+msgstr "Por favor, seleccione como m�ximo unha chave secundaria.\n"
+
+#: g10/keyedit.c:1953
+msgid "Changing expiration time for a secondary key.\n"
+msgstr "Cambiando a data de expiraci�n para a chave secundaria.\n"
+
+#: g10/keyedit.c:1955
+msgid "Changing expiration time for the primary key.\n"
+msgstr "Cambiando a data de expiraci�n da chave primaria.\n"
+
+#: g10/keyedit.c:1997
+msgid "You can't change the expiration date of a v3 key\n"
+msgstr "Non pode cambia-la data de expiraci�n dunha chave v3\n"
+
+#: g10/keyedit.c:2013
+msgid "No corresponding signature in secret ring\n"
+msgstr "Non hai unha sinatura correspondiente no chaveiro secreto\n"
+
+#: g10/keyedit.c:2096
+#, fuzzy
+msgid "Please select exactly one user ID.\n"
+msgstr "Debe seleccionar alomenos un ID de usuario.\n"
+
+#: g10/keyedit.c:2284
+#, c-format
+msgid "No user ID with index %d\n"
+msgstr "Non hai ID de usuario con �ndice %d\n"
+
+#: g10/keyedit.c:2330
+#, c-format
+msgid "No secondary key with index %d\n"
+msgstr "Non hai chave secundaria con �ndice %d\n"
+
+#: g10/keyedit.c:2444
+msgid "user ID: \""
+msgstr "ID de usuario: \""
+
+#: g10/keyedit.c:2449
+#, c-format
+msgid ""
+"\"\n"
+"signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"asinado coa s�a chave %08lX no %s\n"
+
+#: g10/keyedit.c:2452
+#, fuzzy, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"asinado coa s�a chave %08lX no %s\n"
+
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Sinatura %s de: %s\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "�Realmente quere revocar esta chave? "
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "�Crear un certificado de revocaci�n para esta sinatura? (y/N)"
+
+#. FIXME: detect duplicates here
+#: g10/keyedit.c:2490
+msgid "You have signed these user IDs:\n"
+msgstr "Firmou estes IDs de usuario: \n"
+
+#: g10/keyedit.c:2504
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "asinado por %08lX no %s\n"
+
+#: g10/keyedit.c:2512
+#, c-format
+msgid "   revoked by %08lX at %s\n"
+msgstr "revocada por %08lX no %s\n"
+
+#: g10/keyedit.c:2532
+msgid "You are about to revoke these signatures:\n"
+msgstr "Est� a punto de revocar estas sinaturas:\n"
+
+#: g10/keyedit.c:2542
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "asinado por %08lX no %s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
+
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "�Realmente desexa crea-los certificados de revocaci�n? (y/N)"
+
+#: g10/keyedit.c:2581
+msgid "no secret key\n"
+msgstr "non hai chave secreta\n"
+
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+#, fuzzy
+msgid "Signature policy: "
+msgstr "Sinatura %s de: %s\n"
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "AVISO: atop�ronse datos de notaci�n non v�lidos\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+#, fuzzy
+msgid "Signature notation: "
+msgstr "Notaci�n: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr ""
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr ""
+
+#. of subkey
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
+msgid " [expires: %s]"
+msgstr " [caduca: %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Pegada dactilar:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "         Pegada dactilar:"
+
+#: g10/keylist.c:899
+#, fuzzy
+msgid "     Key fingerprint ="
+msgstr "         Pegada dactilar:"
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "datos cifrados con %s\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "cifrado cun algoritmo desco�ecido %d\n"
+
+#: g10/mainproc.c:280
+#, c-format
+msgid "public key is %08lX\n"
+msgstr "a chave p�blica � %08lX\n"
+
+#: g10/mainproc.c:326
+msgid "public key encrypted data: good DEK\n"
+msgstr "datos cifrados coa chave p�blica: DEK correcto\n"
+
+#: g10/mainproc.c:378
+#, c-format
+msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
+msgstr "cifrado cunha chave de %u bits, %s, ID %08lX, creado o %s\n"
+
+#: g10/mainproc.c:388
+#, c-format
+msgid "encrypted with %s key, ID %08lX\n"
+msgstr "cifrado cunha chave %s, ID %08lX\n"
+
+#: g10/mainproc.c:402
+#, c-format
+msgid "public key decryption failed: %s\n"
+msgstr "fallou o descifrado de chave p�blica: %s\n"
+
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, fuzzy, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "datos cifrados con %s\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+
+#: g10/mainproc.c:466
+msgid "decryption okay\n"
+msgstr "descifrado correcto\n"
+
+#: g10/mainproc.c:471
+msgid "WARNING: encrypted message has been manipulated!\n"
+msgstr "AVISO: �a mensaxe cifrada foi manipulada!\n"
+
+#: g10/mainproc.c:476
+#, c-format
+msgid "decryption failed: %s\n"
+msgstr "o descifrado fallou: %s\n"
+
+#: g10/mainproc.c:495
+msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
+msgstr "NOTA: o remitente pediu \"confidencial\"\n"
+
+#: g10/mainproc.c:497
+#, c-format
+msgid "original file name='%.*s'\n"
+msgstr "nome do ficheiro orixinal='%.*s'\n"
+
+#: g10/mainproc.c:672
+msgid "standalone revocation - use \"gpg --import\" to apply\n"
+msgstr "revocaci�n independente - empregue \"gpg --import\" para aplicar\n"
+
+#: g10/mainproc.c:733
+msgid "Notation: "
+msgstr "Notaci�n: "
+
+#: g10/mainproc.c:745
+msgid "Policy: "
+msgstr "Normativa: "
+
+#: g10/mainproc.c:1198
+msgid "signature verification suppressed\n"
+msgstr "verificaci�n de sinatura suprimida\n"
+
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "non se poden manexar estas sinaturas m�ltiples\n"
+
+#: g10/mainproc.c:1261
+#, c-format
+msgid "Signature made %.*s using %s key ID %08lX\n"
+msgstr "Sinatura feita por %.*s usando %s de ID de chave %08lX\n"
+
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
+msgid "BAD signature from \""
+msgstr "Sinatura INCORRECTA de\""
+
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+#, fuzzy
+msgid "Expired signature from \""
+msgstr "Sinatura correcta de \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
+msgid "Good signature from \""
+msgstr "Sinatura correcta de \""
+
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr ""
+
+#: g10/mainproc.c:1351
+msgid "                aka \""
+msgstr "               aka \""
+
+#: g10/mainproc.c:1412
+#, c-format
+msgid "Can't check signature: %s\n"
+msgstr "Non foi posible verifica-la sinatura: %s\n"
+
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "non � unha sinatura separada\n"
+
+#: g10/mainproc.c:1508
+#, c-format
+msgid "standalone signature of class 0x%02x\n"
+msgstr "sinatura independiente de clase 0x%02x\n"
+
+#: g10/mainproc.c:1565
+msgid "old style (PGP 2.x) signature\n"
+msgstr "Sinatura � vello estilo (PGP 2.x)\n"
+
+#: g10/mainproc.c:1572
+msgid "invalid root packet detected in proc_tree()\n"
+msgstr "paquete ra�z incorrecto detectado en proc_tree()\n"
+
+#: g10/misc.c:101
+#, c-format
+msgid "can't disable core dumps: %s\n"
+msgstr "non � posible deshabilita-los volcados de 'core': %s\n"
+
+#: g10/misc.c:211
+msgid "Experimental algorithms should not be used!\n"
+msgstr "�Os algoritmos experimentais non deber�an ser usados!\n"
+
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+"este algoritmo de cifrado est� obsoleto; por favor, empregue un m�is "
+"est�ndar!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr ""
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+
+#: g10/parse-packet.c:119
+#, c-format
+msgid "can't handle public key algorithm %d\n"
+msgstr "non � posible manexa-lo algoritmo de chave p�blica %d\n"
+
+#: g10/parse-packet.c:1053
+#, c-format
+msgid "subpacket of type %d has critical bit set\n"
+msgstr "un subpaquete de tipo %d ten o bit cr�tico posto\n"
+
+#: g10/passphrase.c:442 g10/passphrase.c:489
+msgid "gpg-agent is not available in this session\n"
+msgstr "gpg-agent non est� dispo�ible nesta sesi�n\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:498
+msgid "malformed GPG_AGENT_INFO environment variable\n"
+msgstr "variable de ambiente GPG_AGENT_INFO mal formada\n"
+
+#: g10/passphrase.c:511
+#, fuzzy, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "o algoritmo de protecci�n %d non est� soportado\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
+msgid "can't connect to `%s': %s\n"
+msgstr "non se puido conectar a `%s': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr ""
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+#, fuzzy
+msgid "problem with the agent - disabling agent use\n"
+msgstr "problema co axente: o axente voltou coa resposta 0x%lx\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
+#, c-format
+msgid " (main key ID %08lX)"
+msgstr " (ID principal da chave %08lX)"
+
+#: g10/passphrase.c:641
+#, c-format
+msgid ""
+"You need a passphrase to unlock the secret key for user:\n"
+"\"%.*s\"\n"
+"%u-bit %s key, ID %08lX, created %s%s\n"
+msgstr ""
+"Precisa un contrasinal para desbloquea-la chave secreta do usuario:\n"
+"\"%.*s\"\n"
+"Chave de %u bits, %s, ID %08lX, creada o %s%s\n"
+
+#: g10/passphrase.c:662
+msgid "Enter passphrase\n"
+msgstr "Introduza o contrasinal\n"
+
+#: g10/passphrase.c:664
+msgid "Repeat passphrase\n"
+msgstr "Repita o contrasinal\n"
+
+#: g10/passphrase.c:705
+msgid "passphrase too long\n"
+msgstr "contrasinal demasiado longo\n"
+
+#: g10/passphrase.c:718
+msgid "invalid response from agent\n"
+msgstr "resposta do axente non v�lida\n"
+
+#: g10/passphrase.c:727 g10/passphrase.c:808
+msgid "cancelled by user\n"
+msgstr "cancelado polo usuario\n"
+
+#: g10/passphrase.c:729 g10/passphrase.c:890
+#, c-format
+msgid "problem with the agent: agent returns 0x%lx\n"
+msgstr "problema co axente: o axente voltou coa resposta 0x%lx\n"
+
+#: g10/passphrase.c:1003
+msgid ""
+"\n"
+"You need a passphrase to unlock the secret key for\n"
+"user: \""
+msgstr ""
+"\n"
+"Necesita un contrasinal para desbloquea-la chave secreta para\n"
+"o usuario \""
+
+#: g10/passphrase.c:1012
+#, c-format
+msgid "%u-bit %s key, ID %08lX, created %s"
+msgstr "%u-bits, chave %s, ID %08lX, creada %s"
+
+#: g10/passphrase.c:1063
+msgid "can't query password in batchmode\n"
+msgstr "non se pode consulta-lo contrasinal en modo de proceso por lotes\n"
+
+#: g10/passphrase.c:1067
+msgid "Enter passphrase: "
+msgstr "Introduza o contrasinal: "
+
+#: g10/passphrase.c:1071
+msgid "Repeat passphrase: "
+msgstr "Repita o contrasinal: "
+
+#: g10/plaintext.c:67
+msgid "data not saved; use option \"--output\" to save it\n"
+msgstr "os datos non foron gardados; use a opci�n \"--output\" para gardalos\n"
+
+#: g10/plaintext.c:108
+#, fuzzy, c-format
+msgid "error creating `%s': %s\n"
+msgstr "erro lendo `%s': %s\n"
+
+#: g10/plaintext.c:337
+msgid "Detached signature.\n"
+msgstr "Sinatura non adxunta.\n"
+
+#: g10/plaintext.c:341
+msgid "Please enter name of data file: "
+msgstr "Por favor, introduza o nome do ficheiro de datos: "
+
+#: g10/plaintext.c:362
+msgid "reading stdin ...\n"
+msgstr "lendo de stdin ...\n"
+
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "non hai datos asinados\n"
+
+#: g10/plaintext.c:404
+#, c-format
+msgid "can't open signed data `%s'\n"
+msgstr "non foi posible abri-los datos asinados `%s'\n"
+
+#: g10/pubkey-enc.c:100
+#, fuzzy, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
+msgstr "receptor an�nimo; tentando a chave secreta %08lX ...\n"
+
+#: g10/pubkey-enc.c:106
+msgid "okay, we are the anonymous recipient.\n"
+msgstr "Ok, n�s somo-lo receptor an�nimo.\n"
+
+#: g10/pubkey-enc.c:158
+msgid "old encoding of the DEK is not supported\n"
+msgstr "a codificaci�n vella do DEK non est� soportada\n"
+
+#: g10/pubkey-enc.c:177
+#, fuzzy, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "o algoritmo de cifrado %d � desco�ecido ou est� desactivado\n"
+
+#: g10/pubkey-enc.c:220
+#, c-format
+msgid "NOTE: cipher algorithm %d not found in preferences\n"
+msgstr "NOTA: o algoritmo de cifrado %d non foi atopado nas preferencias\n"
+
+#: g10/pubkey-enc.c:242
+#, c-format
+msgid "NOTE: secret key %08lX expired at %s\n"
+msgstr "NOTA: a chave secreta %08lX caducou o %s\n"
+
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
+#, fuzzy, c-format
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "solicitando a chave %08lX de %s ...\n"
+
+#: g10/hkp.c:94
+#, c-format
+msgid "can't get key from keyserver: %s\n"
+msgstr "non se pode obte-la chave do servidor de chaves: %s\n"
+
+#: g10/hkp.c:171
+#, c-format
+msgid "error sending to `%s': %s\n"
+msgstr "erro ao enviar a `%s': %s\n"
+
+#: g10/hkp.c:186
+#, c-format
+msgid "success sending to `%s' (status=%u)\n"
+msgstr "�xito ao enviar a `%s' (estado=%u)\n"
+
+#: g10/hkp.c:189
+#, c-format
+msgid "failed sending to `%s': status=%u\n"
+msgstr "fallo ao enviar a `%s': estado=%u\n"
+
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr ""
+
+#: g10/hkp.c:521
+#, fuzzy, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "non se pode obte-la chave do servidor de chaves: %s\n"
+
+#: g10/seckey-cert.c:53
+msgid "secret key parts are not available\n"
+msgstr "hai partes da chave secreta non dispo�ibles\n"
+
+#: g10/seckey-cert.c:59
+#, fuzzy, c-format
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "o algoritmo de protecci�n %d non est� soportado\n"
+
+#: g10/seckey-cert.c:215
+#, fuzzy
+msgid "Invalid passphrase; please try again"
+msgstr "Contrasinal non v�lido; por favor, t�nteo de novo ...\n"
+
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr ""
+
+#: g10/seckey-cert.c:273
+msgid "WARNING: Weak key detected - please change passphrase again.\n"
+msgstr ""
+"AVISO: Detectouse unha chave feble - por favor, cambie o contrasinal outra "
+"vez.\n"
+
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+
+#: g10/sig-check.c:205
+msgid ""
+"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
+msgstr ""
+"�esta � unha chave ElGamal xerada por PGP que non � segura para sinaturas!\n"
+
+#: g10/sig-check.c:213
+#, c-format
+msgid "public key is %lu second newer than the signature\n"
+msgstr "a chave p�blica � %lu segundo m�is nova c� sinatura\n"
+
+#: g10/sig-check.c:214
+#, c-format
+msgid "public key is %lu seconds newer than the signature\n"
+msgstr "a chave p�blica � %lu segundos m�is nova c� sinatura\n"
+
+#: g10/sig-check.c:237
+#, c-format
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "NOTA: a chave de sinatura %08lX caducou o %s\n"
+
+#: g10/sig-check.c:318
+msgid "assuming bad signature due to an unknown critical bit\n"
+msgstr ""
+"asumindo unha sinatura incorrecta debido a un bit cr�tico desco�ecido\n"
+
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "fallou a comprobaci�n da sinatura creada: %s\n"
+
+#: g10/sign.c:283
+#, c-format
+msgid "%s signature from: %s\n"
+msgstr "Sinatura %s de: %s\n"
+
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "AVISO: `%s' � un ficheiro baleiro\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:643 g10/sign.c:812
+#, c-format
+msgid "can't create %s: %s\n"
+msgstr "non foi posible crear %s: %s\n"
+
+#: g10/sign.c:704
+msgid "signing:"
+msgstr "asinando:"
+
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:953
+#, fuzzy, c-format
+msgid "%s encryption will be used\n"
+msgstr "o descifrado fallou: %s\n"
+
+#: g10/textfilter.c:134
+#, c-format
+msgid "can't handle text lines longer than %d characters\n"
+msgstr "non � posible manexar li�as de texto maiores que %d caracteres\n"
+
+#: g10/textfilter.c:231
+#, c-format
+msgid "input line longer than %d characters\n"
+msgstr "a li�a de entrada cont�n m�is de %d caracteres\n"
+
+#: g10/tdbio.c:121 g10/tdbio.c:1382
+#, c-format
+msgid "trustdb rec %lu: lseek failed: %s\n"
+msgstr "rexistro da base de datos de confianza %lu: lseek fallou: %s\n"
+
+#: g10/tdbio.c:127 g10/tdbio.c:1389
+#, c-format
+msgid "trustdb rec %lu: write failed (n=%d): %s\n"
+msgstr ""
+"rexistro da base de datos de confianza %lu: fallou a escritura (n=%d): %s\n"
+
+#: g10/tdbio.c:237
+msgid "trustdb transaction too large\n"
+msgstr "transacci�n da base de datos de confianza demasiado grande\n"
+
+#: g10/tdbio.c:454
+#, c-format
+msgid "%s: can't access: %s\n"
+msgstr "%s: non � posible acceder: %s\n"
+
+#: g10/tdbio.c:468
+#, c-format
+msgid "%s: directory does not exist!\n"
+msgstr "%s: �o directorio non existe!\n"
+
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
+#, c-format
+msgid "%s: can't create lock\n"
+msgstr "%s: non se pode crea-lo bloqueo\n"
+
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, fuzzy, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: non se pode crea-lo bloqueo\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: non se pode crear: %s\n"
+
+#: g10/tdbio.c:503
+#, c-format
+msgid "%s: failed to create version record: %s"
+msgstr "%s: non se puido crea-lo rexistro de versi�n: %s"
+
+#: g10/tdbio.c:507
+#, c-format
+msgid "%s: invalid trustdb created\n"
+msgstr "%s: creouse unha base de datos de confianza incorrecta\n"
+
+#: g10/tdbio.c:510
+#, c-format
+msgid "%s: trustdb created\n"
+msgstr "%s: creouse a base de datos de confianza\n"
+
+#: g10/tdbio.c:565
+#, c-format
+msgid "%s: invalid trustdb\n"
+msgstr "%s: base de datos de confianza non v�lida\n"
+
+#: g10/tdbio.c:597
+#, c-format
+msgid "%s: failed to create hashtable: %s\n"
+msgstr "%s: fallo ao crear unha t�boa hash: %s\n"
+
+#: g10/tdbio.c:605
+#, c-format
+msgid "%s: error updating version record: %s\n"
+msgstr "%s: erro ao actualiza-lo rexistro de versi�n: %s\n"
+
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
+#, c-format
+msgid "%s: error reading version record: %s\n"
+msgstr "%s: erro ao le-lo rexistro de versi�n: %s\n"
+
+#: g10/tdbio.c:634 g10/tdbio.c:680
+#, c-format
+msgid "%s: error writing version record: %s\n"
+msgstr "%s: erro ao escribi-lo rexistro de versi�n: %s\n"
+
+#: g10/tdbio.c:1119
+#, c-format
+msgid "trustdb: lseek failed: %s\n"
+msgstr "base de datos de confianza: lseek fallou: %s\n"
+
+#: g10/tdbio.c:1127
+#, c-format
+msgid "trustdb: read failed (n=%d): %s\n"
+msgstr "base de datos de confianza: fallou a lectura (n=%d): %s\n"
+
+#: g10/tdbio.c:1148
+#, c-format
+msgid "%s: not a trustdb file\n"
+msgstr "%s: non � un ficheiro de base de datos de confianza\n"
+
+#: g10/tdbio.c:1165
+#, c-format
+msgid "%s: version record with recnum %lu\n"
+msgstr "%s: rexistro de versi�n con n�mero de rexistro %lu\n"
+
+#: g10/tdbio.c:1170
+#, c-format
+msgid "%s: invalid file version %d\n"
+msgstr "%s: versi�n do ficheiro incorrecta %d\n"
+
+#: g10/tdbio.c:1348
+#, c-format
+msgid "%s: error reading free record: %s\n"
+msgstr "%s: erro ao ler un rexistro libre: %s\n"
+
+#: g10/tdbio.c:1356
+#, c-format
+msgid "%s: error writing dir record: %s\n"
+msgstr "%s: erro ao escribi-lo rexistro de directorios: %s\n"
+
+#: g10/tdbio.c:1366
+#, c-format
+msgid "%s: failed to zero a record: %s\n"
+msgstr "%s: non se puido p�r a cero un rexistro: %s\n"
+
+#: g10/tdbio.c:1396
+#, c-format
+msgid "%s: failed to append a record: %s\n"
+msgstr "%s: non se puido engadir un rexistro: %s\n"
+
+#: g10/tdbio.c:1441
+msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
+msgstr ""
+"a base de datos de confianza est� corrompida; execute \"gpg --fix-trustdb"
+"\".\n"
+
+#: g10/trustdb.c:200
+#, fuzzy, c-format
+msgid "`%s' is not a valid long keyID\n"
+msgstr "'%s' non � un ID longo de chave v�lido\n"
+
+#: g10/trustdb.c:235
+#, fuzzy, c-format
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "chave %08lX: aceptada como chave de confianza.\n"
+
+#: g10/trustdb.c:274
+#, fuzzy, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "chave %08lX: non se pode p�r na base de datos de confianza\n"
+
+#: g10/trustdb.c:290
+#, c-format
+msgid "key %08lX: no public key for trusted key - skipped\n"
+msgstr ""
+"chave %08lX: non hai unha chave p�blica para a chave de confianza - omitida\n"
+
+#: g10/trustdb.c:332
+#, c-format
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "rexistro de confianza %lu, tipo da petici�n %d: fallou a lectura: %s\n"
+
+#: g10/trustdb.c:338
+#, fuzzy, c-format
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "rexistro de confianza %lu: fallou o borrado: %s\n"
+
+#: g10/trustdb.c:353
+#, c-format
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "rexistro de confianza %lu, tipo %d: fallou a escritura: %s\n"
+
+#: g10/trustdb.c:368
+#, c-format
+msgid "trustdb: sync failed: %s\n"
+msgstr "base de datos de confianza: fallou a sincronizaci�n: %s\n"
+
+#: g10/trustdb.c:468
+#, fuzzy
+msgid "no need for a trustdb check\n"
+msgstr "%s: non � un ficheiro de base de datos de confianza\n"
+
+#: g10/trustdb.c:474 g10/trustdb.c:1641
+#, fuzzy, c-format
+msgid "next trustdb check due at %s\n"
+msgstr "rexistro da base de datos de confianza %lu: lseek fallou: %s\n"
+
+#: g10/trustdb.c:779
+#, fuzzy
+msgid "checking the trustdb\n"
+msgstr "cambia-la confianza sobre o dono"
+
+#: g10/trustdb.c:933
+#, fuzzy, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "non se atopou a chave p�blica"
+
+#: g10/trustdb.c:1515
+#, c-format
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr ""
+
+#: g10/trustdb.c:1593
+#, c-format
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr ""
+
+#: g10/verify.c:108
+msgid ""
+"the signature could not be verified.\n"
+"Please remember that the signature file (.sig or .asc)\n"
+"should be the first file given on the command line.\n"
+msgstr ""
+"non se puido verifica-la sinatura.\n"
+"Por favor, lembre que o ficheiro de sinatura (.sig ou .asc) deber�a\n"
+"se-lo primeiro ficheiro que se indique na li�a de comandos.\n"
+
+#: g10/verify.c:173
+#, c-format
+msgid "input line %u too long or missing LF\n"
+msgstr ""
+"a li�a de entrada %u � longa de m�is ou f�ltalle a marca de fin de li�a\n"
+
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"a chave non est� marcada coma insegura - non se pode empregar co xerador de "
+"n�meros aleatorios falso\n"
+
+#: g10/skclist.c:138
+#, c-format
+msgid "skipped `%s': duplicated\n"
+msgstr "om�tese `%s': duplicada\n"
+
+#: g10/skclist.c:145 g10/skclist.c:153
+#, c-format
+msgid "skipped `%s': %s\n"
+msgstr "om�tese `%s': %s\n"
+
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "om�tese: a chave secreta xa est� presente\n"
+
+#: g10/skclist.c:160
+#, c-format
+msgid ""
+"skipped `%s': this is a PGP generated ElGamal key which is not secure for "
+"signatures!\n"
+msgstr ""
+"ignorouse `%s': �esta � unha chave ElGamal xerada por PGP que non � segura "
+"para sinaturas!\n"
+
+#. do not overwrite
+#: g10/openfile.c:84
+#, c-format
+msgid "File `%s' exists. "
+msgstr "O ficheiro `%s' xa existe. "
+
+#: g10/openfile.c:86
+msgid "Overwrite (y/N)? "
+msgstr "�Sobrescribir? (s/N) "
+
+#: g10/openfile.c:119
+#, c-format
+msgid "%s: unknown suffix\n"
+msgstr "%s: sufixo desco�ecido\n"
+
+#: g10/openfile.c:141
+msgid "Enter new filename"
+msgstr "Introduza o novo nome de ficheiro"
+
+#: g10/openfile.c:184
+msgid "writing to stdout\n"
+msgstr "escribindo na sa�da est�ndar\n"
+
+#: g10/openfile.c:273
+#, c-format
+msgid "assuming signed data in `%s'\n"
+msgstr "suponse que hai datos asinados en `%s'\n"
+
+#: g10/openfile.c:323
+#, c-format
+msgid "%s: new options file created\n"
+msgstr "%s: creouse un novo ficheiro de opci�ns\n"
+
+#: g10/openfile.c:350
+#, c-format
+msgid "%s: can't create directory: %s\n"
+msgstr "%s: non foi posible crear un directorio: %s\n"
+
+#: g10/openfile.c:353
+#, c-format
+msgid "%s: directory created\n"
+msgstr "%s: directorio creado\n"
+
+#: g10/openfile.c:355
+msgid "you have to start GnuPG again, so it can read the new options file\n"
+msgstr ""
+"ten que iniciar GnuPG outra vez para que lea o novo ficheiro de opci�ns\n"
+
+#: g10/encr-data.c:91
+msgid ""
+"WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
+msgstr "AVISO: cifrouse a mensaxe cunha chave feble no cifrado sim�trico.\n"
+
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "problema ao manexa-lo paquete cifrado\n"
+
+#: g10/seskey.c:52
+msgid "weak key created - retrying\n"
+msgstr "creouse unha chave feble - volvendo a tentalo\n"
+
+#: g10/seskey.c:57
+#, c-format
+msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
+msgstr ""
+"non se pode evitar unha chave feble para o cifrado sim�trico; tentouse %d "
+"veces\n"
+
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr ""
+
+#: g10/delkey.c:116
+msgid "can't do that in batchmode without \"--yes\"\n"
+msgstr ""
+"iso non se pode facer no modo de procesamento por lotes sen \"--yes\"\n"
+
+#: g10/delkey.c:138
+msgid "Delete this key from the keyring? "
+msgstr "�Borrar esta chave do chaveiro? "
+
+#: g10/delkey.c:146
+msgid "This is a secret key! - really delete? "
+msgstr "�Esta � unha chave secreta! - �est� seguro de que quere borrala? "
+
+#: g10/delkey.c:156
+#, fuzzy, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "erro � enumera-los bloques de chaves: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, fuzzy, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "�hai unha chave secreta para esta chave p�blica!\n"
+
+#: g10/delkey.c:196
+#, fuzzy
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "empregue a opci�n \"--delete-secret-key\" para borrala primeiro.\n"
+
+#: g10/helptext.c:47
+msgid ""
+"It's up to you to assign a value here; this value will never be exported\n"
+"to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
+"to do with the (implicitly created) web-of-certificates."
+msgstr ""
+"A asignaci�n dun valor aqu� � cousa s�a; este valor nunca se ha exportar\n"
+"a ning�n terceiro. Prec�sase para implementa-la rede de confianza; non ten\n"
+"nada que ver coa rede de certificados."
+
+#: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+
+#: g10/helptext.c:60
+msgid "If you want to use this revoked key anyway, answer \"yes\"."
+msgstr "Se desexa empregar esta chave revocada, conteste \"si\"."
+
+#: g10/helptext.c:64
+msgid "If you want to use this untrusted key anyway, answer \"yes\"."
+msgstr "Se desexa empregar esta clave na que non se conf�a, conteste \"si\"."
+
+#: g10/helptext.c:68
+msgid ""
+"Enter the user ID of the addressee to whom you want to send the message."
+msgstr "Introduza o ID de usuario da persoa � que lle quere manda-la mensaxe."
+
+#: g10/helptext.c:72
+msgid ""
+"Select the algorithm to use.\n"
+"\n"
+"DSA (aka DSS) is the digital signature algorithm which can only be used\n"
+"for signatures.  This is the suggested algorithm because verification of\n"
+"DSA signatures are much faster than those of ElGamal.\n"
+"\n"
+"ElGamal is an algorithm which can be used for signatures and encryption.\n"
+"OpenPGP distinguishs between two flavors of this algorithms: an encrypt "
+"only\n"
+"and a sign+encrypt; actually it is the same, but some parameters must be\n"
+"selected in a special way to create a safe key for signatures: this program\n"
+"does this but other OpenPGP implementations are not required to understand\n"
+"the signature+encryption flavor.\n"
+"\n"
+"The first (primary) key must always be a key which is capable of signing;\n"
+"this is the reason why the encryption only ElGamal key is not available in\n"
+"this menu."
+msgstr ""
+"Seleccione o algoritmo a usar.\n"
+"\n"
+"DSA (tam�n chamado DSS) � un algoritmo de sinatura dixital, que s� se pode\n"
+"empregar para asinar. � o algoritmo aconsellado porque � moito m�is r�pido\n"
+"verificar unha sinatura DSA que unha sinatura ElGamal.\n"
+"\n"
+"ElGamal � un algoritmo que se pode empregar para asinar e cifrar. OpenPGP\n"
+"distingue entre d�as variantes do algoritmo: un que s� cifra e outro que\n"
+"asina e cifra; realmente � o mesmo, pero hai que escoller alg�ns par�metros\n"
+"dun xeito especial para crear unha clave que sexa segura para asinar: este\n"
+"programa faino, pero outras implementaci�ns de OpenPGP non te�en por que\n"
+"entende-la variante de asinado+cifrado.\n"
+"\n"
+"A primeira clave (a primaria) debe ser sempre unha clave capaz de asinar;\n"
+"este � o motivo polo que a clave ElGamal que s� cifra non est� dispo�ible\n"
+"neste men�."
+
+#: g10/helptext.c:92
+msgid ""
+"Although these keys are defined in RFC2440 they are not suggested\n"
+"because they are not supported by all programs and signatures created\n"
+"with them are quite large and very slow to verify."
+msgstr ""
+"A�nda que estas chaves est�n definidas no RFC2440, non se aconsellan\n"
+"porque non est�n soportadas por t�dolos programas, e as sinaturas\n"
+"creadas con elas son moi grandes e lentas de comprobar."
+
+#: g10/helptext.c:99
+msgid "Enter the size of the key"
+msgstr "Introduza o tama�o da chave"
+
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
+msgid "Answer \"yes\" or \"no\""
+msgstr "Conteste \"si\" ou \"non\""
+
+#: g10/helptext.c:113
+msgid ""
+"Enter the required value as shown in the prompt.\n"
+"It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
+"get a good error response - instead the system tries to interpret\n"
+"the given value as an interval."
+msgstr ""
+"Introduza o valor requerido tal como se amosa no indicativo.\n"
+"� posible introducir unha data ISO (AAA-MM-DD) pero non ha obter unha\n"
+"boa resposta de erro - no canto diso, o sistema ha tratar de interpreta-lo\n"
+"valor proporcionado coma se fora un intervalo."
+
+#: g10/helptext.c:125
+msgid "Enter the name of the key holder"
+msgstr "Introduza o nome do propietario da chave"
+
+#: g10/helptext.c:130
+msgid "please enter an optional but highly suggested email address"
+msgstr "por favor, introduza un enderezo de e-mail (opcional pero recomendado)"
+
+#: g10/helptext.c:134
+msgid "Please enter an optional comment"
+msgstr "Por favor, introduza un comentario (opcional)"
+
+#: g10/helptext.c:139
+msgid ""
+"N  to change the name.\n"
+"C  to change the comment.\n"
+"E  to change the email address.\n"
+"O  to continue with key generation.\n"
+"Q  to to quit the key generation."
+msgstr ""
+"N  para cambia-lo nome.\n"
+"C  para cambia-lo comentario.\n"
+"E  para cambia-lo enderezo de e-mail.\n"
+"O  para continuar coa xeraci�n da chave.\n"
+"S  para sa�r da xeraci�n da chave."
+
+#: g10/helptext.c:148
+msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
+msgstr "Conteste \"si\" (ou s� \"s\") se � correcto xerar esta subchave."
+
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+
+#: g10/helptext.c:194
+msgid "Answer \"yes\" is you want to sign ALL the user IDs"
+msgstr "Conteste \"si\" se quere asinar T�DOLOS IDs de usuario"
+
+#: g10/helptext.c:198
+msgid ""
+"Answer \"yes\" if you really want to delete this user ID.\n"
+"All certificates are then also lost!"
+msgstr ""
+"Conteste \"si\" se realmente desexa borrar este ID de usuario.\n"
+"�Tam�n se han perder t�dolos certificados!"
+
+#: g10/helptext.c:203
+msgid "Answer \"yes\" if it is okay to delete the subkey"
+msgstr "Conteste \"si\" se � correcto borrar esta subchave"
+
+#: g10/helptext.c:208
+msgid ""
+"This is a valid signature on the key; you normally don't want\n"
+"to delete this signature because it may be important to establish a\n"
+"trust connection to the key or another key certified by this key."
+msgstr ""
+"Esta � unha sinatura v�lida na chave; normalmente non ha borrar esta\n"
+"sinatura porque pode ser importante para estabrecer unha conexi�n de\n"
+"confianza na chave ou noutra chave certificada por esta chave."
+
+#: g10/helptext.c:213
+msgid ""
+"This signature can't be checked because you don't have the\n"
+"corresponding key.  You should postpone its deletion until you\n"
+"know which key was used because this signing key might establish\n"
+"a trust connection through another already certified key."
+msgstr ""
+"Non se pode verificar esta sinatura porque non pos�e a chave\n"
+"correspondente. Deber�a retrasa-lo borrado ata que saiba que chave\n"
+"se empregou porque esta chave de sinatura poder�a estabrecer unha\n"
+"conexi�n de confianza mediante outra chave xa certificada."
+
+#: g10/helptext.c:219
+msgid ""
+"The signature is not valid.  It does make sense to remove it from\n"
+"your keyring."
+msgstr "A sinatura non � correcta. Ten sentido borrala do chaveiro."
+
+#: g10/helptext.c:223
+msgid ""
+"This is a signature which binds the user ID to the key. It is\n"
+"usually not a good idea to remove such a signature.  Actually\n"
+"GnuPG might not be able to use this key anymore.  So do this\n"
+"only if this self-signature is for some reason not valid and\n"
+"a second one is available."
+msgstr ""
+"Esta � unha sinatura que liga o ID de usuario � chave. Normalmente\n"
+"non � unha boa idea borrar unha sinatura como esta. De feito,\n"
+"GnuPG pode non ser capaz de usar m�is esta chave. As� que faga isto\n"
+"s� se esta auto-sinatura non � correcta por algun motivo e hai\n"
+"unha segunda � s�a disposici�n."
+
+#: g10/helptext.c:231
+msgid ""
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+
+#: g10/helptext.c:238
+#, fuzzy
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr ""
+"Por favor, introduza o contrasinal; esta � unha frase secreta \n"
+"  Blurb, blurb ..."
+
+#: g10/helptext.c:244
+msgid "Please repeat the last passphrase, so you are sure what you typed in."
+msgstr ""
+"Por favor, repita o �ltimo contrasinal, para estar seguro do que tecleou."
+
+#: g10/helptext.c:248
+msgid "Give the name of the file to which the signature applies"
+msgstr "Introduza o nome do ficheiro ao que corresponde a sinatura"
+
+#: g10/helptext.c:253
+msgid "Answer \"yes\" if it is okay to overwrite the file"
+msgstr "Conteste \"si\" se � correcto sobrescribi-lo ficheiro"
+
+#: g10/helptext.c:258
+msgid ""
+"Please enter a new filename. If you just hit RETURN the default\n"
+"file (which is shown in brackets) will be used."
+msgstr ""
+"Por favor, introduza un novo nome de ficheiro. Se s� preme ENTER, hase\n"
+"emprega-lo ficheiro por defecto (que se amosa entre corchetes)."
+
+#: g10/helptext.c:264
+msgid ""
+"You should specify a reason for the certification.  Depending on the\n"
+"context you have the ability to choose from this list:\n"
+"  \"Key has been compromised\"\n"
+"      Use this if you have a reason to believe that unauthorized persons\n"
+"      got access to your secret key.\n"
+"  \"Key is superseded\"\n"
+"      Use this if you have replaced this key with a newer one.\n"
+"  \"Key is no longer used\"\n"
+"      Use this if you have retired this key.\n"
+"  \"User ID is no longer valid\"\n"
+"      Use this to state that the user ID should not longer be used;\n"
+"      this is normally used to mark an email address invalid.\n"
+msgstr ""
+"Deber�a especificar un motivo para o certificado. Dependendo do contexto\n"
+"pode escoller desta lista:\n"
+"  \"Descobreuse a chave\"\n"
+"     Empr�gueo se ten motivos para crer que algunha persoa non autorizada\n"
+"     obtivo acceso � s�a chave secreta.\n"
+"  \"A chave � obsoleta\"\n"
+"     Empr�gueo se cambiou esta chave cunha m�is recente.\n"
+"  \"Xa non se emprega a chave\"\n"
+"     Empr�gueo se retirou esta chave.\n"
+"  \"O ID de usuario xa non � v�lido\"\n"
+"     Empr�gueo para indicar que o ID de usuario xa non se deber�a empregar;\n"
+"     adoita empregarse para marcar un enderezo de correo non v�lido.\n"
+
+#: g10/helptext.c:280
+msgid ""
+"If you like, you can enter a text describing why you issue this\n"
+"revocation certificate.  Please keep this text concise.\n"
+"An empty line ends the text.\n"
+msgstr ""
+"Se quere, pode introducir un texto que describa por que emite este\n"
+"certificado de revocaci�n. Por favor, mante�a este texto breve.\n"
+"Unha li�a en branco remata o texto.\n"
+
+#: g10/helptext.c:295
+msgid "No help available"
+msgstr "Non hai axuda dispo�ible"
+
+#: g10/helptext.c:303
+#, c-format
+msgid "No help available for `%s'"
+msgstr "Non hai axuda dispo�ible para `%s'"
+
+#: g10/keydb.c:177
+#, fuzzy, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "erro escribindo no chaveiro `%s': %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr ""
+
+#: g10/keydb.c:197
+#, fuzzy, c-format
+msgid "keyring `%s' created\n"
+msgstr "%s: chaveiro creado\n"
+
+#: g10/keydb.c:587
+#, fuzzy, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "%s: fallo ao crear unha t�boa hash: %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "AVISO: existen dous ficheiros con informaci�n confidencial.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s � o que non cambiou\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s � o novo\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Por favor, ama�e este posible fallo de seguridade\n"
+
+#: g10/keyring.c:1337
+#, fuzzy, c-format
+msgid "checking keyring `%s'\n"
+msgstr "non foi posible bloquea-lo chaveiro `%s': %s\n"
+
+#: g10/keyring.c:1368
+#, fuzzy, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu chaves procesadas hasta polo momento\n"
+
+#: g10/keyring.c:1379
+#, fuzzy, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "ve-la lista de chaves e sinaturas"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: chaveiro creado\n"
+
+#, fuzzy
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "�Est� seguro de que quere este tama�o de chave? "
+
+#, fuzzy
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "�Est� seguro de que quere este tama�o de chave? "
+
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "�Asinar de verdade? "
+
+#~ msgid "too many random bits requested; the limit is %d\n"
+#~ msgstr "ped�ronse demasiados bits aleatorios; o l�mite � %d\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NOMES]|verifica-la base de datos de confianza"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key id-de-usuario"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key id de usuario"
+
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-key-and-public-key id-de-usuario"
+
+#~ msgid "For info see http://www.gnupg.org"
+#~ msgstr "Para obter m�is informaci�n vexa http://www.gnupg.org"
+
+#~ msgid "sSmMqQ"
+#~ msgstr "iImMsS"
+
+#~ msgid ""
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Non se puido atopar unha ruta de confianza v�lida ata a chave. Hase ver "
+#~ "se\n"
+#~ "se pode asignar alg�n valor de confianza non asignado.\n"
+
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Non se atopou unha ruta que conduza a unha das nosas chaves.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Non se atoparon certificados con confianza non definida.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Non se cambiou ning�n valor de confianza.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr ""
+#~ "%08lX: non hai informaci�n para calcular unha probabilidade de confianza\n"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Introduza o ID de usuario: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "omitida: a chave p�blica xa est� estabrecida con --encrypt-to\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: erro ao verifica-la chave: %s\n"
+
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) RSA (asinar e cifrar)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr "�Seguro que quere crear unha chave para asinar e cifrar? "
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "�Est� seguro de precisar un tama�o de chave tan grande? "
+
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: non se atopou o usuario: %s\n"
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "problema de lectura do certificado: %s\n"
+
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "demasiadas entradas na cach� de chaves desco�ecidas - desactivada\n"
+
+#~ msgid "secret key %08lX not imported (use %s to allow for it)\n"
+#~ msgstr ""
+#~ "non se importou a chave secreta %08lX (empregue %s para permitilo)\n"
+
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "chave %08lX: a nosa copia non ten sinatura propia\n"
+
+#~ msgid "%s: user not found\n"
+#~ msgstr "%s: usuario non atopado\n"
+
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr ""
+#~ "a actualizaci�n da base de datos de confianza fallou:\n"
+#~ "%s\n"
+
+#~ msgid "no keyserver known (use option --keyserver)\n"
+#~ msgstr ""
+#~ "non hai un servidor de chaves co�ecido (empregue a opci�n --keyserver)\n"
+
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s: non � un ID de chave v�lido\n"
+
+#~ msgid "assuming bad MDC due to an unknown critical bit\n"
+#~ msgstr "asumindo un MDC incorrecto debido a un bit cr�tico\n"
+
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "erro ao le-lo rexistro de directorio para o LID %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr ""
+#~ "lid %lu: esper�base un rexistro de directorio, obt�vose un tipo %d\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "non hai unha chave primaria para o LID %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr "erro ao le-la chave primaria para o LID %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: search_record fallou: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "chave %08lX: a consulta do rexistro fallou\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "chave %08lX: xa est� na tabla de chaves de confianza\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "NOTA: a chave secreta %08lX NON est� protexida.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
+#~ msgstr "chave %08lX: as chaves secreta e p�blica non coinciden\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "erro ao enumera-las chaves secretas: %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "chave %08lX.%lu: Ligadura de subchave correcta\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "chave %08lX.%lu: Ligadura de subchave non v�lida: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "chave %08lX.%lu: Revocaci�n de chave v�lida\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "chave %08lX.%lu: Revocaci�n de chave non v�lida: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "chave %08lX.%lu: Revocaci�n de subchave v�lida\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Auto-sinatura correcta"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Auto-sinatura non v�lida"
+
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
+#~ msgstr ""
+#~ "Om�tese unha revocaci�n de ID de usuario v�lida debido a unha auto-"
+#~ "sinatura m�is recente"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "Revocaci�n de ID de usuario v�lida"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Revocaci�n de ID de usuario non v�lida"
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "Revocaci�n de certificado v�lida"
+
+#~ msgid "Good certificate"
+#~ msgstr "Certificado correcto"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Revocaci�n de certificado non v�lida"
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Certificado non v�lido"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "o rexistro de sinatura %lu[%d] apunta a un rexistro incorrecto.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "certificado duplicado - borrado"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "tdbio_search_dir fallou: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lid ?: a inserci�n fallou: %s\n"
+
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lid %lu: a inserci�n fallou: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lid %lu: inserido\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "erro lendo o rexistro de directorio: %s\n"
+
+#~ msgid "\t%lu keys with errors\n"
+#~ msgstr "\t%lu chaves con erros\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "\t%lu chaves inseridas\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lid %lu: rexistro de directorio sen chave - ignorado\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "\t%lu debidos a novas chaves p�blicas\n"
+
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "\t%lu chaves omitidas\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "\t%lu chaves actualizadas\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Ooops, non hai chaves\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Ooops, non hai IDs de usuario\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr ""
+#~ "check_trust:\n"
+#~ "a b�squeda de rexistro de directorio fallou: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr ""
+#~ "chave %08lX:\n"
+#~ "a inserci�n na base de datos de confianza fallou: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "chave %08lX.%lu: inserida na base de datos de confianza\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+#~ msgstr ""
+#~ "chave %08lX.%lu: creada no futuro (salto no tempo ou problema de reloxo)\n"
+
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "chave %08lX.%lu: caducou o %s\n"
+
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "chave %08lX.%lu: a verificaci�n de confianza fallou: %s\n"
+
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr "problema ao buscar '%s' na base de datos de confianza: %s\n"
+
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr "o usuario '%s' non est� na base de datos de confianza - inserindo\n"
+
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "erro ao p�r '%s' na base de datos de confianza: %s\n"
+
+#~ msgid "WARNING: can't yet handle long pref records\n"
+#~ msgstr ""
+#~ "AVISO: a�nda non se poden manexar rexistros de preferencias longos\n"
+
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: non se pode crea-lo chaveiro: %s\n"
+
+#~ msgid "set debugging flags"
+#~ msgstr "axusta-los valores de depuraci�n"
+
+#~ msgid "enable full debugging"
+#~ msgstr "habilitar depuraci�n total"
+
+#~ msgid "do not write comment packets"
+#~ msgstr "non escribir paquetes de comentario"
+
+#~ msgid "(default is 1)"
+#~ msgstr "(por defecto � 1)"
+
+#~ msgid "(default is 3)"
+#~ msgstr "(por defecto � 3)"
+
+#~ msgid "   (%d) ElGamal in a v3 packet\n"
+#~ msgstr "   (%d) ElGamal nun paquete v3\n"
+
+#~ msgid "Key generation can only be used in interactive mode\n"
+#~ msgstr "A xeraci�n de chaves somentes pode ser usada no modo interactivo\n"
+
+#~ msgid "RSA key cannot be used in this version\n"
+#~ msgstr "A chave RSA non pode user usada nesta version\n"
+
+#~ msgid "No key for user ID\n"
+#~ msgstr "Non hay unha chave para o ID de usuario\n"
+
+#~ msgid "No user ID for key\n"
+#~ msgstr "Non hai un ID de usuario para a chave\n"
+
+#~ msgid "no secret key for decryption available\n"
+#~ msgstr "non hai chave secreta disponible para desencriptar\n"
+
+#~ msgid ""
+#~ "RSA keys are deprecated; please consider creating a new key and use this "
+#~ "key in the future\n"
+#~ msgstr ""
+#~ "As chaves RSA est�n obsoletas; por favor, considere a opci�n de crear "
+#~ "unha\n"
+#~ "chave nova e usa-la no futuro.\n"
diff --git a/po/id.po b/po/id.po
index ab6194b20..7d789aa23 100644
--- a/po/id.po
+++ b/po/id.po
@@ -1,301 +1,331 @@
-# GNU Privacy Guard 1.0.1 (Indonesian)
-# Copyright (C) 1999 Free Software Foundation, Inc.
-# Tedi Heriyanto <[email protected]>, 1999-2000.
+# Gnu Privacy Guard 1.0.7 (Indonesian)
+# Copyright (C) 1999, 2001, 2002 Free Software Foundation, Inc.
+# Tedi Heriyanto <[email protected]>, 2002.
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: GNU Privacy Guard 1.0.1\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 2000-02-06 18:04+07:00\n"
-"Last-Translator: Tedi Heriyanto <[email protected]>\n"
-"Language-Team: Indonesia <[email protected]>\n"
+"Project-Id-Version: GNUPG 1.0.7\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-20 21:26GMT+0700\n"
+"Last-Translator: Tedi Heriyanto <[email protected]>\n"
+"Language-Team: Indonesian <[email protected]>\n"
 "MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=iso-8859-1\n"
+"Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 0.9.5\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Peringatan: menggunakan memori yang tidak aman!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr ""
+"silakan lihat http://www.gnupg.org/faq.html untuk informasi lebih lanjut\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "operasi tidak mungkin tanpa menginisialisasi memori yang aman\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(anda mungkin menggunakan program yang salah untuk tugas ini)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "ya"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "yY"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "tidak"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "tT"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "keluar"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "kK"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "Kesalahan umum"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "tipe paket tidak dikenal"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "versi tidak dikenal"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "algoritma pubkey tidak dikenal"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "algoritma digest tidak dikenal"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "kunci publik yang buruk"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "kunci rahasia yang buruk"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "signature yang buruk"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "kesalahan checksum"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "passphrase yang buruk"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "kunci publik tidak ditemukan"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "algoritma cipher tidak dikenal"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "tidak dapat membuka keyring"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "paket tidak valid"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "armor tidak valid"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "tidak ada user id tsb"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
-msgstr "kunci rahasia tidak ada"
+msgstr "kunci rahasia tidak tersedia"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "digunakan kunci rahasia yang salah"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "tidak didukung"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "kunci yang buruk"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "kesalahan baca file"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "kesalahan tulis file"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "algoritma kompresi tidak dikenal"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "kesalahan buka file"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "kesalahan buat file"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "passphrase tidak valid"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "algoritma pubkey belum diimplementasikan"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "algoritma cipher belum diimplementasikan"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "kelas signature tidak dikenal"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "kesalahan database trust"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "MPI yang buruk"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "batasan sumber daya"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "keyring tidak valid"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "sertifikat yang buruk"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "user id yang tidak benar"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "kesalahan tutup file"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "kesalahan ganti nama file"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "kesalahan hapus file"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "data tidak terduga"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "konflik timestamp"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "algoritma pubkey tidak dapat digunakan"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "file ada"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "kunci lemah"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "argumen tidak valid"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "URI yang buruk"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "URI tidak didukung"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "kesalahan jaringan"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "tidak dienkripsi"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "tidak diproses"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "kunci publik tidak dapat dipakai"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "kunci rahasia tidak dapat dipakai"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "kesalahan keyserver"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... kesalahan (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "anda menemukan kesalahan ...(%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "tidak dapat membuka `%s': %s\n"
 
-#: cipher/random.c:325
-#, fuzzy, c-format
+#: cipher/random.c:324
+#, c-format
 msgid "can't stat `%s': %s\n"
-msgstr "tidak dapat membuka `%s': %s\n"
+msgstr "tidak dapat melakukan statistik `%s': %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
-msgstr ""
+msgstr "'%s' bukan file reguler - diabaikan\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
-msgstr ""
+msgstr "catatan: file random_seed kosong\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
-msgstr ""
+msgstr "peringatan: ukuran file random_seed tidak valid - tidak dipakai\n"
 
-#: cipher/random.c:349
-#, fuzzy, c-format
+#: cipher/random.c:348
+#, c-format
 msgid "can't read `%s': %s\n"
-msgstr "tidak dapat membuka `%s': %s\n"
+msgstr "tidak dapat membaca `%s': %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
-msgstr ""
+msgstr "catatan: file random_seed tidak diupdate\n"
 
-#: cipher/random.c:407
-#, fuzzy, c-format
+#: cipher/random.c:406
+#, c-format
 msgid "can't create `%s': %s\n"
 msgstr "tidak dapat membuat %s: %s\n"
 
-#: cipher/random.c:414
-#, fuzzy, c-format
+#: cipher/random.c:413
+#, c-format
 msgid "can't write `%s': %s\n"
-msgstr "tidak dapat membuka `%s': %s\n"
-
-#: cipher/random.c:417
-#, fuzzy, c-format
-msgid "can't close `%s': %s\n"
-msgstr "tidak dapat membuka `%s': %s\n"
+msgstr "tidak dapat menulis `%s': %s\n"
 
-#: cipher/random.c:428
+#: cipher/random.c:416
 #, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
+msgid "can't close `%s': %s\n"
+msgstr "tidak dapat menutup `%s': %s\n"
 
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr "PERINGATAN: menggunakan random number generator yang tidak aman!!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -309,7 +339,7 @@ msgstr ""
 "JANGAN MENGGUNAKAN DATA YANG DIHASILKAN PROGRAM INI!!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -320,160 +350,171 @@ msgstr ""
 "Tidak tersedia cukup byte random. Silakan melakukan aktivitas lain agar\n"
 "memungkinkan SO mengumpulkan lebih banyak entropi! (Perlu %d byte lagi)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Peringatan: menggunakan memori yang tidak aman!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "operasi tidak mungkin tanpa menginisialisasi memori yang aman\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(anda mungkin menggunakan program yang salah untuk tugas ini)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
 msgstr ""
 "@Perintah:\n"
-"  "
+" "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[file]|buat signature"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[file]|buat signature teks"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "buat detached signature"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "enkripsi data"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[files]|enkripsi file"
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "enkripsi hanya dengan symmetric cipher"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "hanya disimpan"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "dekripsi data (default)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[files]|dekripsi file"
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "verifikasi signature"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "tampilkan kunci"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "tampilkan kunci dan signature"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "periksa signature kunci"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "tampilkan kunci dan fingerprint"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "tampilkan kunci rahasia"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "buat sepasang kunci baru"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
 msgstr "hapus kunci dari keyring publik"
 
-#: g10/gpg.c:221
-#, fuzzy
-msgid "remove key from the secret keyring"
-msgstr "hapus kunci dari keyring publik"
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "hapus kunci dari keyring pribadi"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "tandai kunci"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "tandai kunci secara lokal"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "tandai kunci tidak dapat di-revoke"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "tandai kunci secara lokal dan tidak dapat di-revoke"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "tandai atau edit kunci"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "buat sertifikat revokasi"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "ekspor kunci"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "ekspor kunci ke key server"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "impor kunci dari key server"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "cari kunci di key server"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "update semua kunci dari keyserver"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "impor/gabung kunci"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "tampilkan hanya urutan paket"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "ekspor nilai ownertrust"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "impor nilai ownertrust"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "perbarui database trust"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NAMA]|periksa database trust"
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "perbarui database trust secara otomatis"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "perbaiki database trust yang terkorupsi"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "De-Armor file atau stdin"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "En-Armor file atau stdin"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [file]|cetak digest pesan"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -483,162 +524,204 @@ msgstr ""
 "Pilihan:\n"
 "  "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "ciptakan output ascii"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NAMA|enkripsi untuk NAMA"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NAMA|gunakan NAMA sebagai penerima baku"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "gunakan kunci baku sebagai penerima baku"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "gunakan id-user ini untuk menandai/dekripsi"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|set tingkat kompresi N (0 tidak ada)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "gunakan mode teks kanonikal"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "gunakan sebagai file output"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "detil"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "lebih diam"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "jangan menggunakan terminal"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "paksa signature v3"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "jangan paksa signature v3"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "paksa signature kunci v4"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "jangan paksa signature kunci v4"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "selalu gunakan MDC untuk enkripsi"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "jangan gunakan MDC untuk enkripsi"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "jangan buat perubahan"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "gunakan gpg-agent"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "mode batch: tanpa tanya"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "asumsikan ya untuk seluruh pertanyaan"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "asumsikan tidak untuk seluruh pertanyaan"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "tambah keyring ini ke daftar keyring"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "tambah keyring rahasia ini ke daftar"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "tampilkan keyring tempat kunci yang dipilih berada"
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NAMA|gunakan NAMA sebagai kunci rahasia baku"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|HOST|gunakan keyserver ini utk lihat kunci"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NAMA|set charset terminal ke NAMA"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "baca pilihan dari file"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr "|FD|tulis info status ke FD ini"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr ""
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[file]|tulis status info ke file"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|KEYID|sangat percayai kunci ini"
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|FILE|muat modul ekstensi FILE"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "emulasikan mode seperti dalam RFC1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
-msgstr "set pilihan paket, cipher, digest ke OpenPGP"
+msgstr "set pilihan semua paket, cipher, digest ke perilaku OpenPGP"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "set pilihan semua paket, cipher, digest ke perilaku PGP 2.x"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|gunakan passphrase mode N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr "|NAMA|gunakan algoritma digest NAMA utk passphrase"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr "|NAMA|gunakan algoritma cipher NAMA untuk passphrase"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NAMA|gunakan algoritma cipher NAMA"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NAMA|gunakan algoritma digest pesan NAMA"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|gunakan algoritma kompresi N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr "buang field keyid paket terenkripsi"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Tampilkan Photo IDs"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "Jangan tampilkan Photo IDs"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "Set perintah baris untuk melihat Photo IDs"
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
-msgstr "|NAMA=NILAI|gunakan notasi data ini"
+msgstr "|NAME=VALUE|gunakan notasi data ini"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
+"@\n"
+"(Lihat man page untuk daftar lengkap semua perintah dan option)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -658,15 +741,15 @@ msgstr ""
 " --list-keys [nama]      tampilkan kunci\n"
 " --fingerprint [nama]    tampilkan fingerprint\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr "Silakan laporkan kesalahan ke <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Pemakaian: gpg [pilihan] [file] (-h untuk bantuan)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -676,7 +759,7 @@ msgstr ""
 "tandai, cek, enkripsi atau dekripsi\n"
 "operasi baku tergantung pada data input\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -684,191 +767,254 @@ msgstr ""
 "\n"
 "Algoritma yang didukung:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "pemakaian: gpg [pilihan] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "perintah saling konflik\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "CATATAN: tidak ada file pilihan baku `%s'\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "file pilihan `%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "membaca pilihan dari `%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s bukanlah set karakter yang valid\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "tidak dapat memparsing URI keyserver\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "tidak dapat menset exec-path ke %s\n"
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "PERINGATAN: `%s' adalah option terdepresiasi\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "silakan gunakan \"--keyserver-options %s\"\n"
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "PERINGATAN: program mungkin membuat file core!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "PERINGATAN: %s menimpa %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "CATATAN: %s tidak untuk pemakaian normal!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s tidak dibolehkan dengan %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s tidak masuk akal dengan %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+"anda hanya dapat membuat signature detached atau clear saat dalam mode --"
+"pgp2\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+"anda tidak dapat menandai dan mengenkripsi pada saat bersamaan dalam mode --"
+"pgp2\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+"anda harus menggunakan file (dan bukan pipe) saat bekerja dengan opsi --"
+"pgpg2\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr "mengenkripsi pesan dalam mode --pgp2 membutuhkan cipher IDEA\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "pesan ini mungkin tidak dapat digunakan oleh PGP 2.x\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "algoritma cipher yang dipilih tidak valid\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "algoritma digest yang dipilih tidak valid\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "kebijakan URL yang diberikan tidak valid\n"
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "URL signature kebijakan yang diberikan tidak valid\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "URL sertifikasi kebijakan yang diberikan tidak valid\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "algoritma kompresi harus di antara %d..%d\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "completes-needed harus lebih dari 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "marginals-needed harus lebih dari 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "max-cert-depth harus di antara 1 hingga 255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "CATATAN: mode S2K sederhana (0) tidak dianjurkan\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "mode S2K yang tidak valid; harus 0, 1 atau 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "default-check-level tidak valid; harus 0, 1, 2, atau 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "preferensi tidak valid\n"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "gagal inisialisasi TrustDB: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [namafile]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [namafile]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [namafile]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [namafile]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [namafile]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [namafile]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [namafile]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [namafile]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key id-user"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key id-user"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key id-user [perintah]"
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key user-id"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key id-user"
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key user-id"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key id-user"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key id-user [perintah]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "tidak dapat membuka %s: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [id-user] [keyring]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "gagal dearmoring: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "gagal enarmoring: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "algoritma hash tidak valid `%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[namafile]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Teruskan dan ketikkan pesan anda ....\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "tidak dapat membuka `%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr "karakter pertama nama notasi harus huruf atau garis bawah\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -876,248 +1022,228 @@ msgstr ""
 "nama notasi hanya terdiri dari huruf, digit, titik atau garis bawah dan "
 "diakhiri dengan sebuah '='\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr "titik dalam nama notasi harus diapit oleh karakter lain\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "nilai notasi tidak boleh menggunakan karakter kendali\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "armor: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "header armor tidak valid: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "header armor: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "header clearsig tidak valid\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "signature teks bersarang\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "dash escaped line tidak valid: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "armor tidak terduga:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "karakter radix64 tidak valid %02x dilewati\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "eof prematur (tanpa CRC)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "eof prematur (dalam CRC)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "CRC tidak tepat\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "kesalahan CRC; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "eof prematur (dalam Trailer)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "kesalahan dalam garis trailer\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "tidak ditemukan data OpenPGP yang valid.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "armor tidak valid: baris melebihi %d karakter\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
-"karakter dapat dicetak dalam armor - mungkin kesalahan pada MTA telah "
-"dipakai\n"
-
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "            Fingerprint:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Fingerprint:"
+"karakter yang dapat dicetak dalam armor - mungkin telah digunakan MTA yang "
+"mengandung bug\n"
 
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
-msgstr ""
+msgstr "Tidak ada alasan diberikan"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
-msgstr "Kunci diproteksi.\n"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "Kunci dilampaui"
 
-#: g10/pkclist.c:121
-#, fuzzy
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
-msgstr "Kunci ini telah ditiadakan"
+msgstr "Kunci ini telah dikompromikan"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
-msgstr ""
+msgstr "Kunci tidak lagi digunakan"
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
-msgstr ""
+msgstr "ID User tidak lagi valid"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
-msgstr ""
+msgstr "Alasan pembatalan:"
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
-msgstr ""
+msgstr "Komentar pembatalan:"
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMqQsS"
 
-#: g10/pkclist.c:308
+#: g10/pkclist.c:258
 #, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
-"Tidak ada nilai trust untuk %lu:\n"
+"Tidak ada nilai trust untuk:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Silakan putuskan seberapa jauh anda percaya user ini untuk\n"
 "secara tepat memverifikasi kunci user lain (dengan melihat pada passpor,\n"
 "memeriksa fingerprint dari berbagai sumber...)?\n"
-" 1 = Tidak tahu\n"
-" 2 = Saya TIDAK percaya\n"
-" 3 = Saya cukup percaya\n"
-" 4 = Saya sangat percaya\n"
-" s = tampilkan lebih banyak informasi\n"
-" \n"
-
-#: g10/pkclist.c:329
+"\n"
+
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = Tidak tahu\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d: Saya TIDAK percaya\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = Saya cukup percaya\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = Saya sangat percaya\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = Saya sangat percaya sekali\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = beri saya informasi lebih banyak lagi\n"
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = kembali ke menu utama\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = lewati kunci ini\n"
+
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = berhenti\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Keputusan anda? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Anda ingin menset kunci ini menjadi sangat percaya sekali?"
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Sertifikat mengarahkan ke kunci terpercaya:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"Tidak dapat menemukan jalur trust yang valid ke kunci. Mari kita coba\n"
-"apakah dapat mengisi nilai trust pemilik yang hilang.\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"Tidak ditemukan jalur ke salah satu kunci.\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Tidak ditemukan sertifikat dengan trust tak terdefinisi.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Tidak ada perubahan nilai trust.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "kunci %08lX: kunci telah dibatalkan!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "Tetap gunakan kunci ini? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "kunci %08lX: subkey telah dibatalkan!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: kunci telah berakhir\n"
 
-#: g10/pkclist.c:519
+#: g10/pkclist.c:442
 #, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: tidak ada info untuk menghitung probabilitas trust\n"
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"%08lX: Tidak ada indikasi bahwa kunci ini benar-benar milik pemiliknya\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
-msgstr "%08lX: Kita tidak percaya kunci ini\n"
+msgstr "%08lX: Kita TIDAK percaya kunci ini\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1126,15 +1252,15 @@ msgstr ""
 "%08lX: Tidak pasti kunci ini milik pemiliknya\n"
 "tapi tetap diterima\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Kunci ini mungkin milik pemiliknya\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Kunci ini milik kita\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1142,172 +1268,198 @@ msgid ""
 "\n"
 msgstr ""
 "Tidak pasti bahwa kunci milik pemiliknya.\n"
-"Jika anda yakin tahu apa yang sedang anda lakukan, anda boleh menjawab\n"
+"Jika anda sangat tahu apa yang sedang anda lakukan, anda boleh menjawab\n"
 "pertanyaan berikut dengan ya\n"
+"\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "PERINGATAN: Menggunakan kunci tidak dipercaya!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "PERINGATAN: Kunci ini telah dibatalkan oleh pemiliknya!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
-msgstr "        Mungkin signature adalah palsu.\n"
+msgstr "        Hal ini dapat berarti bahwa signature adalah palsu.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "PERINGATAN: Subkey ini telah dibatalkan oleh pemiliknya!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Catatan: Kunci ini telah ditiadakan\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Catatan: Kunci ini telah berakhir!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr ""
 "PERINGATAN: Kunci ini tidak disertifikasi dengan sig yang terpercaya!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr "  Tidak ada indikasi signature milik pemilik.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "PERINGATAN: Kita tidak percaya kunci ini!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "        Signature mungkin palsu.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "PERINGATAN: Kunci tdk disertifikasi dg signature terpercaya yg cukup!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr "        Tidak pasti signature milik pemilik.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: dilewati: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: dilewati: kunci publik telah ada\n"
 
-#: g10/pkclist.c:855
-msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
-"\n"
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
 msgstr "Anda tidak menspesifikasikan ID user. (anda dapat gunakan \"-r\")\n"
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Masukkan ID user: "
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
+"\n"
+"Masukkan user ID.  Akhiri dengan baris kosong: "
 
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Tidak ada ID user tersebut.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr "dilewati: kunci publik telah diset sebagai penerima baku\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "Kunci publik dimatikan.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "dilewati: kunci publik telah diset dengan --encrypt-to\n"
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "dilewati: kunci publik telah diset\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "penerima baku tidak dikenal `%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: kesalahan memeriksa kunci: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: dilewati: kunci publik dimatikan\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "tidak ada alamat yang valid\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "preferensi %c%lu tidak valid\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "preferensi %c%lu ganda \n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "terlalu banyak preferensi `%c'\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "Karakter tidak valid dalam string preferensi\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "menulis self signature\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "menulis key binding signature\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
-#, fuzzy, c-format
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
 msgid "keysize invalid; using %u bits\n"
-msgstr "Keysize yang diminta adalah %u bit\n"
+msgstr "keysize tidak valid; menggunakan %u bit\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
-#, fuzzy, c-format
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
 msgid "keysize rounded up to %u bits\n"
-msgstr "dibulatkan hingga %u bit\n"
+msgstr "keysize dibulatkan hingga %u bit\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Silakan pilih kunci yang anda inginkan:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "  (%d) DSA dan ElGamal (baku)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "  (%d) DSA (hanya menandai)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "  (%d) ElGamal (hanya enkripsi)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "  (%d) ElGamal (tandai dan enkripsi)\n"
 
-#: g10/keygen.c:643
-#, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "  (%d) ElGamal (tandai dan enkripsi)\n"
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "  (%d) RSA (hanya menandai)\n"
+
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "  (%d) RSA (hanya enkripsi)\n"
 
-#: g10/keygen.c:647
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Pilihan anda? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Anda ingin membuat kunci sign dan enkripsi? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "Penggunaan algoritma ini didepresiasi - tetap ciptakan?"
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Pilihan tidak valid.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1320,21 +1472,21 @@ msgstr ""
 "       keysize default adalah 1024 bit\n"
 " keysize tertinggi dianjurkan 2048 bit\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Keysize yang anda inginkan? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA hanya membolehkan keysize dari 512 hingga 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "keysize terlalu kecil; 768 adalah nilai terendah yang diijinkan.\n"
-
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr ""
+"keysize terlalu kecil; 1024 adalah nilai terendah yang diijinkan untuk RSA.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
 msgstr "keysize terlalu kecil; 768 adalah nilai terendah yang diijinkan.\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
@@ -1345,12 +1497,12 @@ msgstr "keysize terlalu kecil; 768 adalah nilai terendah yang diijinkan.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "keysize terlalu besar; %d adalah nilai tertinggi yang diijinkan.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1358,11 +1510,11 @@ msgstr ""
 "Keysize lebih besar dari 2048 tidak dianjurkan karena\n"
 "komputasi akan sangat lama!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Apakah anda yakin memerlukan keysize ini? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1370,21 +1522,17 @@ msgstr ""
 "Oke, tetapi ingat bahwa radiasi monitor dan keyboard anda juga sangat mudah "
 "diserang!\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Apakah anda perlu keysize berukuran besar tersebut? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "Keysize yang diminta adalah %u bit\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "dibulatkan hingga %u bit\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1400,35 +1548,58 @@ msgstr ""
 "     <n>m = kunci berakhir dalam n bulan\n"
 "     <n>y = kunci berakhir dalam n tahun\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Silakan spesifikasikan lama signature tetap valid.\n"
+"       0  = signature tidak pernah berakhir\n"
+"     <n>  = signature berakhir dalam n hari\n"
+"     <n>w = signature berakhir dalam n minggu\n"
+"     <n>m = signature berakhir dalam n bulan\n"
+"     <n>y = signature berakhir dalam n tahun\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "Kunci valid untuk? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "Signature valid untuk? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "nilai yang tidak valid\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "Kunci tidak pernah berakhir\n"
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s tidak pernah berakhir\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
+#: g10/keygen.c:992
 #, c-format
-msgid "Key expires at %s\n"
-msgstr "Kunci berakhir pada %s\n"
+msgid "%s expires at %s\n"
+msgstr "%s berakhir pada %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
 msgstr ""
+"Sistem anda tidak dapat menampilkan tanggal melebihi 2038.\n"
+"Namun, ia dapat menanganinya secara benar hingga 2106.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "Benar (y/t)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1443,44 +1614,44 @@ msgstr ""
 "user-id dari Nama sebenarnya, Komentar dan Alamat email dalam bentuk:\n"
 "  \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Nama sebenarnya: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Karakter tidak valid dalam nama\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Nama tidak boleh dimulai dengan digit\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Nama harus berukuran minimum 5 karakter\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Alamat email: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Bukan alamat email yang valid\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Komentar: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Karakter tidak valid dalam komentar\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Anda menggunakan set karakter `%s'.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1490,28 +1661,27 @@ msgstr ""
 "Anda memilih USER-ID ini:\n"
 "   \"%s\"\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
-msgstr ""
+msgstr "Jangan menaruh alamat email ke dalam nama sebenarnya atau komentar\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnKkEeOoQq"
 
-#: g10/keygen.c:986
-#, fuzzy
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
-msgstr "Ganti (N)ama, (K)omentar, (E)mail atau (O)ke/(Q)uit? "
+msgstr "Ganti (N)ama, (K)omentar, (E)mail atau (Q)uit? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "Ganti (N)ama, (K)omentar, (E)mail atau (O)ke/(Q)uit? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
-msgstr ""
+msgstr "Silakan perbaiki kesalahan ini dulu\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1519,23 +1689,29 @@ msgstr ""
 "Anda perlu sebuah passphrase untuk melindungi kunci rahasia anda.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr "passphrase tidak diulang dengan benar; coba lagi.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "passphrase tidak diulang dengan benar; coba lagi"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
 "using this program with the option \"--edit-key\".\n"
 "\n"
 msgstr ""
-"Anda tidak ingin sebuah passphrase - ini mungkin ide yang buruk!\n"
+"Anda tidak ingin sebuah passphrase - ini mungkin ide yang *buruk*!\n"
 "Namun saya akan tetap lakukan. Anda dapat merubah passphrase anda setiap "
 "saat,\n"
 "menggunakan program ini dengan pilihan \"--edit-key\".\n"
+"\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1547,29 +1723,53 @@ msgstr ""
 "selama pembuatan prima; ini akan memberi random number generator kesempatan\n"
 "yang baik untuk memperoleh entropi.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "Keypair DSA akan memiliki 1024 bit.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Pembuatan kunci dibatalkan.\n"
 
-#: g10/keygen.c:1668
-#, fuzzy, c-format
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
 msgid "writing public key to `%s'\n"
-msgstr "menulis sertifikat publik ke `%s'\n"
+msgstr "menulis kunci publik ke `%s'\n"
 
-#: g10/keygen.c:1669
-#, fuzzy, c-format
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
 msgid "writing secret key to `%s'\n"
-msgstr "menulis sertifikat rahasia ke `%s'\n"
+msgstr "menulis kunci rahasia ke `%s'\n"
+
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "tidak ditemukan keyring publik yang dapat ditulisi: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "tidak ditemukan keyring rahasia yang dapat ditulisi: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "kesalahan menulis keyring publik `%s': %s\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "kesalahan menulis keyring rahasia `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "kunci publik dan rahasia dibuat dan ditandai.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "kunci ditandai sebagai sangat dipercaya.\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
@@ -1578,325 +1778,382 @@ msgstr ""
 "mungkin ingin menggunakan perintah \"--edit-key\" untuk membuat kunci kedua "
 "untuk tujuan ini.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "Pembuatan kunci gagal: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
 msgstr ""
 "kunci telah diciptakan dalam %lu detik mendatang (masalah waktu atau jam)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
 msgstr ""
 "kunci telah diciptakan dalam %lu detik mendatang (masalah waktu atau jam)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "CATATAN: membuat subkey bagi kunci-kunci v3 tidak OpenPGP compliant\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Ingin diciptakan? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output tidak berfungsi untuk perintah ini\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' sudah dikompresi\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
-msgstr "%s: tidak dapat dibuka: %s\n"
+msgstr "%s: tidak dapat membuka: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "kesalahan penciptaan passphrase: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: PERINGATAN: file kosong\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"anda hanya dapat mengenkripsi ke kunci RSA 2048 bit atau kurang dalam mode --"
+"pgp2\n"
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "Membaca dari `%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+"tidak dapat menggunakan cipher IDEA untuk semua kunci yang anda enkripsi.\n"
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s dienkripsi untuk: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
+#: g10/delkey.c:69 g10/export.c:141
 #, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: user tidak ditemukan: %s\n"
+msgid "key `%s' not found: %s\n"
+msgstr "kunci '%s' tidak ditemukan: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "gagal membaca keyblock: %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "kunci %08lX: bukan kunci rfc2440 - dilewati\n"
 
-#: g10/export.c:175
-#, fuzzy, c-format
+#: g10/export.c:180
+#, c-format
 msgid "key %08lX: not protected - skipped\n"
-msgstr "kunci %08lX: bukan kunci rfc2440 - dilewati\n"
+msgstr "kunci %08lX: tidak diproteksi - dilewati\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "kunci %08lX: kunci gaya PGP 2.x - dilewati\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "PERINGATAN: tidak ada yang diekspor\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "terlalu banyak masukan dalam pk cache - ditiadakan\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "terlalu banyak masukan di unk cache - ditiadakan\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[User id tidak ditemukan]"
+
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr "kunci tidak valid %08lX dibuat valid oleh --allow-non-selfsigned-uid\n"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
-msgstr "menggunakan kunci sekunder %08lX selain kunci primer %08lX\n"
+msgstr "menggunakan kunci sekunder %08lX bukannya kunci primer %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr "kunci %08lX: kunci rahasia tanpa kunci publik - dilewati\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: user tidak ditemukan\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "melewati blok tipe %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu kunci telah diproses\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "kesalahan membaca `%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "Jumlah yang telah diproses: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "          subkey baru: %lu\n"
+msgstr "        lewati kunci baru: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "         tanpa ID user: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "             diimpor: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "            tidak berubah: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "         ID user baru: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "          subkey baru: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "       signature baru: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "  pembatalan kunci baru: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "     kunci rahasia dibaca: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "  kunci rahasia diimpor: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
-msgstr " kunci rahasia tetap: %lu\n"
+msgstr " kunci rahasia tidak berubah: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "kunci %08lX: tidak ada ID user\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "kunci %08lX: menerima ID user '%s' yang tidak self-signed\n"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "kunci %08lX: tidak ada ID user yang valid\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "mungkin disebabkan oleh self-signature yang tidak ada\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "kunci %08lX: kunci publik tidak ditemukan: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "kunci %08lX: bukan kunci rfc2440 - dilewati\n"
+msgstr "kunci %08lX: kunci baru - dilewati\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "tidak ditemukan keyring yang dapat ditulisi: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "menulis ke `%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "kesalahan menulis keyring `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "kunci %08lX: kunci publik diimpor\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "kunci %08lX: tidak cocok dengan duplikat kami\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
-msgstr "kunci %08lX: tidak dapat mengalokasi keyblock orisinal: %s\n"
+msgstr "kunci %08lX: tidak dapat menemukan keyblock orisinal: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "kunci %08lX: tidak dapat membaca keyblok orisinal: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "kunci %08lX: 1 user ID baru\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "kunci %08lX: %d user ID baru\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "kunci %08lX: 1 signature baru\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "kunci %08lX: %d signature baru\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "kunci %08lX: 1 subkey baru\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "kunci %08lX: %d subkey baru\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "kunci %08lX: tidak berubah\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "tidak ada keyring rahasia baku: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "kunci %08lX: kunci rahasia diimpor\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "kunci %08lX: sudah ada di keyring rahasia\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "kunci %08lX: kunci rahasia tidak ditemukan: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "kunci %08lX: tdk ada kunci publik-tdk dpt mengaplikasikan sertifikat "
 "pembatalan\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "kunci %08lX: sertifikat pembatalan tidak valid: %s - ditolak\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "kunci %08lX: sertifikat pembatalan diimpor\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "kunci %08lX: tidak ada ID user untuk signature\n"
 
-#: g10/import.c:719 g10/import.c:743
+#: g10/import.c:839
 #, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
-msgstr "kunci %08lX: algoritma publik key tidak didukung\n"
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr "kunci %08lX: algoritma publik key tidak didukung pada user id \"%s\"\n"
 
-#: g10/import.c:720
+#: g10/import.c:841
 #, c-format
-msgid "key %08lX: invalid self-signature\n"
-msgstr "kunci %08lX: self-signature tidak valid\n"
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "kunci %08lX: self-signature tidak valid pada user id \"%s\"\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "kunci %08lX: tidak ada subkey untuk key binding\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "kunci %08lX: subkey binding tidak valid\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "kunci %08lX: algoritma publik key tidak didukung\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "kunci %08lX: menerima ID user yang tidak self-signed "
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "kunci %08lX: subkey binding tidak valid\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "kunci %08lX: melewati ID user "
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "kunci %08lX: melewati subkey\n"
@@ -1905,93 +2162,192 @@ msgstr "kunci %08lX: melewati subkey\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr "kunci %08lX: signature tidak dapat diekpor (kelas %02x) - dilewati\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr "kunci %08lX: sertifikat pembatalan di tempat yang salah - dilewati\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "kunci %08lX: sertifikat pembatalan tidak valid: %s - dilewati\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "kunci %08lX: terdeteksi ID user duplikat - digabungkan\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+"Peringatan: kunci %08lX mungkin dibatalkan: ambil kunci pembatalan %08lX\n"
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+"Peringatan: kunci %08lX mungkin dibatalkan: kunci pembatalan %08lX tidak "
+"ada.\n"
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "kunci %08lX: penambahan sertifikat pembatalan\n"
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1231
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "kunci %08lX: salinan kita tidak memiliki self-signature\n"
+msgid "key %08lX: direct key signature added\n"
+msgstr "kunci %08lX: signature kunci langsung ditambahkan\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[pembatalan]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[self-signature]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 signature yang buruk\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d signature yang buruk\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 signature tidak diperiksa karena tidak ada kunci\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d signature tidak diperiksa karena tidak ada kunci\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 signature tidak diperiksa karena kesalahan\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d signature tidak diperiksa karena ada kesalahan\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "terdeteksi 1 ID user tanpa self-signature yang valid\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr "terdeteksi ID %d user tanpa self-signature yang valid\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
 #, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "Sudah ditandai dengan kunci %08lX\n"
+msgid "User ID \"%s\" is revoked."
+msgstr "ID User \"%s\" dibatalkan."
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Anda tetap ingin menandatanganinya? (y/n) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr "  Tidak dapat menandatangani.\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"Signature anda saat ini pada \"%s\"\n"
+"adalah signature.lokal \n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr "Apakah anda ingin menjadikannya signature yang full exportable? (y/N)"
+
+#: g10/keyedit.c:388
+#, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" sudah ditandai secara lokal dengan kunci %08lX\n"
+
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" sudah ditandai dengan kunci %08lX\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Tidak ada yang ditandai dengan kunci %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "Kunci ini telah berakhir!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Kunci ini akan kadaluarsa pada %s \n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "Anda ingin signature anda kadaluarsa pada waktu yang sama? (Y/n) "
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+"Anda tidak boleh membuat tanda tangan OpenPGP pada kunci bergaya PGP 2.x "
+"saat dalam mode --pgp2\n"
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "Hal ini akan membuat kunci tidak bermanfaat dalam PGP 2.x\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Sudah seberapa teliti anda memverifikasi kunci yang akan anda gunakan untuk "
+"menandai benar benar milik\n"
+"orang tersebut?  Jika anda tidak tahu jawabannya. masukkan \"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Saya tidak akan menjawab.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) Saya belum memeriksanya.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) Saya telah melakukan pemeriksaan biasa.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) Saya telah melakukan pemeriksaan hati-hati.%s\n"
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -1999,42 +2355,73 @@ msgstr ""
 "Apakah anda yakin untuk menandai kunci ini \n"
 "dengan kunci anda: "
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
 msgid ""
-"The signature will be marked as non-exportable.\n"
 "\n"
+"The signature will be marked as non-exportable.\n"
 msgstr ""
+"\n"
 "Signature akan ditandai sebagai tidak dapat diekspor.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"Signature akan ditandai sebagai tidak dapat dibatalkan.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
 "\n"
+"Saya belum memeriksa kunci ini sama sekali.\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"Saya telah memeriksa kunci ini.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+"\n"
+"Saya telah memeriksa kunci ini dengan sangat hati-hati.\n"
+
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Ditandai? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "gagal menandai: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Kunci ini tidak diproteksi.\n"
 
-#: g10/keyedit.c:426
-#, fuzzy
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
-msgstr "kunci rahasia tidak ada"
+msgstr "Bagian rahasia kunci primer tidak tersedia.\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "Kunci diproteksi.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Tidak dapat mengedit kunci ini: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2042,7 +2429,7 @@ msgstr ""
 "Masukkan passphrase baru untuk kunci rahasia ini.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2050,665 +2437,928 @@ msgstr ""
 "Anda tidak ingin passphrase - bukan ide yang baik!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Apakah anda ingin melakukan hal ini? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "memindahkan signature kunci ke tempat yang tepat\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "berhenti dari menu ini"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "simpan"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "simpan dan berhenti"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "bantuan"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "tampilkan bantuan"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "tampilkan fingerprint"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "tampilkan"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "tampilkan kunci dan ID user"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "pilih ID user N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "kunci"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "pilih kunci sekunder N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "periksa"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "tampilkan signature"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "tandai"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "tandai kunci"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsign"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "tandai kunci secara lokal"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsign"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "tandai kunci sebagai tidak dapat dibatalkan"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsign"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "tandai kunci secara lokal dan tidak dapat dibatalkan"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "debug"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "adduid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "tambah sebuah ID user"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "addphoto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "tambah sebuah photo ID"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "deluid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "hapus ID user"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "delphoto"
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "addkey"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "tambah kunci sekunder"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "delkey"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "hapus kunci sekunder"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "delsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "hapus signature"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "ubah tanggal kadaluarsa"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "primer"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "tandai ID user sebagai primer"
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "toggle"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "ubah tampilan kunci rahasia dan publik"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr "tampilkan preferensi"
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "tampilkan preferensi (ahli)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "tampilkan preferensi (verbose)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "setpref"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "set daftar preferensi"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "updpref"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "perbarui preferensi"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "passwd"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "ubah passphrase"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "trust"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "ubah ownertrust"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "batalkan signature"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "revkey"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "batalkan kunci sekunder"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "disable"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "tiadakan kunci"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "enable"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "aktifkan kunci"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "showphoto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "tampilkan photo ID"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
-msgstr "tidak dapat dilakukan dalam mode batch\n"
+msgstr "tidak dapat melakukan hal itu dalam mode batch\n"
+
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "kesalahan membaca keyblock rahasia `%s': %s\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Kunci rahasia tersedia.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Perintah> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
-msgstr "Perlu kunci rahasia.\n"
+msgstr "Perlu kunci rahasia untuk melakukan hal ini.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
-msgstr ""
+msgstr "Silakan gunakan dulu perintah \"toogle\".\n"
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+msgid "Key is revoked."
+msgstr "Kunci dibatalkan."
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Tandai ID seluruh user? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Petunjuk: Pilih ID user untuk ditandai\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "gagal perbarui trustdb: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "Perintah ini tidak dibolehkan saat dalam mode %s.\n"
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Anda harus memilih minimum satu ID user.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Anda tidak dapat menghapus ID user terakhir!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "Hapus seluruh ID user terpilih? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Hapus ID user ini? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Anda harus memilih minimum satu kunci.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "Anda ingin menghapus kunci terpilih ini? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "Anda ingin menghapus kunci ini? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "Anda ingin membatalkan kunci terpilih ini? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "Anda ingin membatalkan kunci ini? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "Perbarui preferensi untuk user ID terpilih?"
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Update preferensi?"
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Simpan perubahan? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Berhenti tanpa menyimpan? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "gagal memperbarui: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "gagal perbarui rahasia: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "Kunci tidak berubah sehingga tidak perlu pembaharuan.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Perintah tidak valid (coba \"help\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "Kunci ini mungkin dibatalkan oleh %s kunci %s%s\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (sensitive)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  diciptakan: %s berakhir: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " trust: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Kunci ini telah ditiadakan"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "kunci %08lX: subkey telah dibatalkan!\n"
+msgstr "rev! subkey telah dibatalkan: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr "  pembatalan kunci baru: %lu\n"
+msgstr "rev - ditemukan pembatalan palsu\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? masalah memeriksa pembatalan: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+"Perhatikan bahwa validitas kunci yang ditunjukkan tidak perlu benar\n"
+"kecuali anda memulai kembali program.\n"
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
 msgstr ""
+"PERINGATAN: Kunci ini telah memiliki sebuah photo ID.\n"
+"         Menambahkan photo ID lain dapat membingungkan beberapa versi PGP.\n"
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Anda tetap ingin menambahkannya? (y/N) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "Anda hanya boleh memiliki satu photo ID untuk satu kunci. \n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"PERINGATAN: Ini adalah kunci bergaya PGP2.  Menambahkan sebuah photo ID "
+"dapat menyebabkan beberapa versi\n"
+"          PGP menolak kunci ini.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "Anda tidak boleh menambahkan sebuah photo ID ke kunci bergaya PGP2 \n"
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "Hapus signature baik ini? (y/T/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "Hapus signature tidak valid ini? (y/T/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "Hapus signature tidak dikenal ini? (y/T/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "Yakin ingin menghapus self-signature ini? (y/T)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "Menghapus %d signature.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "Menghapus %d signature.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Tidak ada yang dihapus.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Silakan hapus pilihan dari kunci rahasia.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Silakan pilih maksimum satu kunci sekunder.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "Merubah batas waktu untuk kunci sekunder.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "Merubah batas waktu untuk kunci primer.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Anda tidak dapat merubah batas waktu kunci v3\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Tidak ada signature koresponden di ring rahasia\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Anda harus memilih minimum satu ID user.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Tidak ada ID user dengan index %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Tidak ada kunci sekunder dengan index %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "ID user: "
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
 "signed with your key %08lX at %s\n"
-msgstr "ditandai dengan kunci anda %08lX pada %s\n"
+msgstr ""
+"\"\n"
+"ditandai dengan kunci anda %08lX pada %s\n"
+
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"ditandai secara lokal dengan kunci anda %08lX pada %s\n"
+
+#: g10/keyedit.c:2457
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Kunci ini kadaluarsa pada %s \n"
+
+#: g10/keyedit.c:2461
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Anda tetap ingin membatalkannya? (y/N) "
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
-msgstr "Membuat sertifikat pembatalan untuk signature ini? (y/N)"
+#: g10/keyedit.c:2465
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "Buat sertifikat pembatalan untuk signature ini? (y/N) "
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Anda telah menandai ID user ini:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
+#: g10/keyedit.c:2504
 #, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "   ditandai oleh %08lX pada %s\n"
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   ditandai oleh %08lX pada %s%s%s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   dibatalkan oleh %08lX pada %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Anda akan membatalkan signature ini:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
-msgstr "Ingin membuat sertifikat pembatalan? (y/T)"
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   ditandai oleh %08lX pada %s%s\n"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr " (non-exportable)"
+
+#: g10/keyedit.c:2551
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "Ingin membuat sertifikat pembatalan? (y/N)"
+
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "tidak ada kunci rahasia\n"
 
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "armor tidak valid"
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr "Menampilkan ID foto %s ukuran %ld untuk kunci 0x%08lX (uid %d)\n"
 
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "revkey"
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Kebijakan signature: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "PERINGATAN: ditemukan notasi data tidak valid\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Notasi signature: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "tidak dapat dibaca manusia"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "Keyring"
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
-#, fuzzy, c-format
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
 msgid " [expires: %s]"
-msgstr "Kunci berakhir pada %s\n"
+msgstr " [berakhir: %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Fingerprint:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "            Fingerprint:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "     Fingerprint kunci ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s data terenkripsi\n"
 
-#: g10/mainproc.c:212
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "dienkripsi dengan algoritma tidak dikenal %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "kunci publik adalah %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "data terenkripsi dengan kunci publik: DEK baik\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "dienkripsi dengan %u-bit kunci %s, ID %08lX, tercipta %s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "dienkripsi dengan kunci %s, ID %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "tidak tersedia kunci rahasia untuk dekripsi\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "gagal dekripsi kunci publik: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "asumsikan %s data terenkripsi\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr "Cipher IDEA tidak tersedia, secara optimis berusaha menggunakan %s\n"
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "dekripsi lancar\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "PERINGATAN: pesan terenkripsi telah dimanipulasi!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
-msgstr "gagal dekripsi: %s\n"
+msgstr "dekripsi gagal: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr "CATATAN: pengirim meminta \"for-your-eyes-only\"\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
-msgstr "nama file asli='%.*s'\n"
+msgstr "original file name='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
-msgstr ""
+msgstr "pembatalan mandiri - gunakan \"gpg --import\" untuk mengaplikasikan\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "PERINGATAN: ditemukan notasi data tidak valid\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Notasi: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Kebijakan: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
-msgstr "verifikasi signature tidak optimal\n"
+msgstr "verifikasi signature tidak diabaikan\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "tidak dapat menangani banyak signature ini\n"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Signature dibuat %.*s menggunakan kunci %s ID %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "signature BURUK dari \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Signature kadaluarsa dari \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Signature baik dari \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[uncertain]"
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "              alias \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Tidak dapat memeriksa signature: %s\n"
 
-#: g10/mainproc.c:1230
-#, fuzzy, c-format
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "bukan detached signature\n"
+
+#: g10/mainproc.c:1508
+#, c-format
 msgid "standalone signature of class 0x%02x\n"
-msgstr "kelas signature tidak dikenal"
+msgstr "kelas signature mandiri 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "signature model lama (PGP 2.X)\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "terdeteksi root paket tidak valid dalam proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "tidak dapat meniadakan core dump: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Algoritma eksperimental sebaiknya tidak dipakai!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
 msgstr ""
 "algoritma cipher ini didepresiasi; silakan gunakan yang lebih standar!\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Peringatan: kepemilikan tidak aman pada %s \"%s\"\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Peringatan: permisi tidak aman pada %s \"%s\"\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "plugin cipher IDEA tidak tersedia\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+"silakan lihat http://www.gnupg.org/why-not-idea.html untuk informasi lebih "
+"lanjut\n"
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "tidak dapat menangani algoritma kunci publik %d\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpaket tipe %d memiliki bit kritis terset\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
-msgstr ""
+msgstr "gpg-agent tidak tersedia untuk sesi ini\n"
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "tidak dapat menset pid client untuk agen\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "tidak dapat membuat server membaca FD untuk agen\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "tidak dapat membuat server menulis FD untuk agen\n"
+
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
-msgstr ""
+msgstr "variabel lingkungan GPG_AGENT_INFO salah bentuk\n"
+
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "protokol gpg-agent versi %d tidak didukung\n"
 
-#: g10/hkp.c:158 g10/passphrase.c:223
-#, fuzzy, c-format
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
 msgid "can't connect to `%s': %s\n"
-msgstr "tidak dapat membuka `%s': %s\n"
+msgstr "tidak dapat terkoneksi ke `%s': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "masalah komunikasi dengan gpg-agent\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "masalah dengan agen - tiadakan penggunaan agen\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (ID kunci utama %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
-"Anda perlu passphrase untuk membuka kunci rahasia untuk\n"
-"pemakai: \""
+"Anda perlu passphrase untuk membuka kunci rahasia untuk user:\n"
+"\"%.*s\"\n"
+"%u-bit %s key, ID %08lX, tercipta %s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Masukkan passphrase: "
+msgstr "Masukkan passphrase\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "Ulangi passphrase: "
-
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
+msgstr "Ulangi passphrase\n"
 
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr ""
+msgstr "passphrase terlalu panjang\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "respon tidak valid dari agen\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "dibatalkan oleh user\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "masalah dengan agen: agen mengembalikan 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2718,20 +3368,20 @@ msgstr ""
 "Anda perlu passphrase untuk membuka kunci rahasia untuk\n"
 "pemakai: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "%u-bit kunci %s, ID %08lX, tercipta %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "tidak dapat meminta password dalam mode batch\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Masukkan passphrase: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Ulangi passphrase: "
 
@@ -2739,147 +3389,194 @@ msgstr "Ulangi passphrase: "
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr "data tidak disimpan; gunakan pilihan \"--output\" untuk menyimpannya\n"
 
-#: g10/plaintext.c:324
-#, fuzzy
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "kesalahan penciptaan : `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
-msgstr "Menghapus %d signature.\n"
+msgstr "Menghapus signature.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Silakan masukkan nama file data: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "membaca stdin ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "tidak ada data tertandai\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "tidak dapat membuka data tertandai `%s'\n"
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "penerima anonim; mencoba kunci rahasia %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "baik, kita adalah penerima anonim.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "encoding lama DEK tidak didukung\n"
 
-#: g10/pubkey-enc.c:216
-#, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "algoritma proteksi %d tidak didukung\n"
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "algoritma cipher %d%s tidak dikenal atau ditiadakan\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr "CATATAN: algoritma cipher %d tidak ditemukan dalam preferensi\n"
 
-#: g10/pubkey-enc.c:261
-#, fuzzy, c-format
+#: g10/pubkey-enc.c:242
+#, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "CATATAN: kunci signature berakhir %s\n"
+msgstr "CATATAN: kunci pribadi %08lX berakhir pada %s\n"
 
-#: g10/hkp.c:62
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "meminta kunci %08lX dari keyserver HKP %s ...\n"
 
-#: g10/hkp.c:75
-#, fuzzy, c-format
+#: g10/hkp.c:94
+#, c-format
 msgid "can't get key from keyserver: %s\n"
-msgstr "impor kunci dari key server"
-
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
+msgstr "tidak dapat memperoleh kunci keyserver: %s\n"
 
-#: g10/hkp.c:106
-#, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s bukanlah set karakter yang valid\n"
-
-#: g10/hkp.c:182
-#, fuzzy, c-format
+#: g10/hkp.c:171
+#, c-format
 msgid "error sending to `%s': %s\n"
-msgstr "kesalahan membaca `%s': %s\n"
+msgstr "kesalahan mengirim ke `%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
-msgstr ""
+msgstr "success sending to `%s' (status=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
-msgstr ""
+msgstr "failed sending to `%s': status=%u\n"
 
-#: g10/seckey-cert.c:89
-#, fuzzy
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "mencari \"%s\" dari server HKP %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "tidak dapat mencari keyserver: %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
-msgstr "kunci rahasia tidak ada"
+msgstr "bagian kunci rahasia tidak tersedia\n"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
 #, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "algoritma proteksi %d tidak didukung\n"
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "algoritma proteksi %d%s tidak didukung\n"
+
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Passphrase tidak valid; silakan coba lagi"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr "Passphrase tidak valid; silakan coba lagi ...\n"
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
-msgstr "PERINGATAN: terdeteksi kunci lemah - silakan rubah passphrase lagi.\n"
+msgstr "PERINGATAN: terdeteksi kunci lemah - silakan ubah passphrase lagi.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr "membuat checksum 16-bit untuk perlindungan kunci pribadi\n"
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "ini adalah kunci ElGamal ciptaan PGP yang tidak aman untuk signature!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "kunci publik adalah %lu detik lebih baru daripada signature\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "kunci publik adalah %lu detik lebih baru daripada signature\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "CATATAN: kunci signature berakhir %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "CATATAN: kunci signature %08lX berakhir %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr "mengasumsikan signature buruk karena ada bit kritik tidak dikenal\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"PERINGATAN: tidak dapat melakukan %%-expand policy url (terlalu besar).  "
+"Menggunakan yang tidak expand.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "Gagal memeriksa signature yang dibuat: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "%s signature dari: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "PERINGATAN: `%s' adalah file kosong\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"anda hanya dapat menandai kunci bergaya PGP 2.x saat dalam mode --pgp2\n"
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "tidak dapat membuat %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "menandai:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"anda hanya dapat clearsign dengan kunci bergaya PGP 2.x saat dalam mode --"
+"pgp2\n"
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "PERINGATAN: `%s' adalah file kosong\n"
+msgid "%s encryption will be used\n"
+msgstr "%s enkripsi akan digunakan\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2891,465 +3588,239 @@ msgstr "tidak dapat menangani baris teks lebih dari %d karakter\n"
 msgid "input line longer than %d characters\n"
 msgstr "baris input lebih dari %d karakter\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: lseek gagal: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
-msgstr "trustdb rec %lu: gagal menulis (n=%d): %s\n"
+msgstr "trustdb rec %lu: write failed (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "transaksi trustdb terlalu besar\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
-msgstr "%s: tidak dapat akses: %s\n"
+msgstr "%s: tidak dapat mengakses: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: direktori tidak ada!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: tidak dapat membuat: %s\n"
+msgid "%s: can't create lock\n"
+msgstr "%s: tidak dapat membuat lock\n"
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:480 g10/tdbio.c:544
 #, c-format
-msgid "%s: can't create lock\n"
+msgid "%s: can't make lock\n"
 msgstr "%s: tidak dapat membuat lock\n"
 
-#: g10/tdbio.c:473
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: tidak dapat membuat: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: gagal membuat catatan versi: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: tercipta trustdb tidak valid\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: tercipta trustdb\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: trustdb tidak valid\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: gagal membuat hashtable: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: kesalahan memperbaharui catatan versi: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: kesalahan membaca catatan versi: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: kesalahan menulis catatan versi: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "trustdb: lseek gagal: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
-msgstr "trustdb: gagal membaca (n=%d): %s\n"
+msgstr "trustdb: read failed (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: bukan file trustdb\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: catatan versi dengan recnum %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: versi file %d tidak valid\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: kesalahan membaca record bebas: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: kesalahan menulis dir record: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: gagal mengosongkan record: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: gagal menambahkan record: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr "trustdb terkorupsi; silakan jalankan \"gpg --fix-trustdb\".\n"
 
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "trust record %lu, req tipe %d: gagal baca: %s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "trust record %lu, tipe %d: gagal menulis: %s\n"
-
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "trust record %lu: gagal menghapus: %s\n"
-
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "trustdb: gagal sync: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "gagal membaca dir record untuk LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: diharapkan dir record, didapat tipe %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "bukan kunci primer untuk LID %lu\n"
-
-#: g10/trustdb.c:394
+#: g10/trustdb.c:200
 #, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "gagal membaca kunci primer untuk LID %lu: %s\n"
+msgid "`%s' is not a valid long keyID\n"
+msgstr "'%s' bukanlah keyID panjang yang valid\n"
 
-#: g10/trustdb.c:433
+#: g10/trustdb.c:235
 #, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: gagal search_record: %s\n"
-
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "%s bukanlah set karakter yang valid\n"
-
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "kunci %08lX: tidak dapat meletakkan ke trustdb\n"
-
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "kunci %08lX: gagal query record\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "kunci %08lX: sudah ada dalam tabel kunci trustdb\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
+msgid "key %08lX: accepted as trusted key\n"
 msgstr "kunci %08lX: diterima sebagai kunci terpercaya.\n"
 
-#: g10/trustdb.c:547
-#, fuzzy, c-format
-msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "kunci %08lX: bukan kunci rfc2440 - dilewati\n"
-
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "CATATAN: kunci rahasia %08lX tidak diproteksi.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "kunci %08lX: kunci publik dan rahasia tidak cocok\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "gagal enumerasi kunci rahasia: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "kunci %08lX.%lu: binding subkey baik\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "kunci %08lX.%lu: binding subkey tidak valid: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "kunci %08lX.%lu: pembatalan kunci valid\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "kunci %08lX.%lu: pembatalan kunci tidak valid: %s\n"
-
-#: g10/trustdb.c:1029
+#: g10/trustdb.c:274
 #, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "kunci %08lX.%lu: pembatalan subkey valid\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Self-signature yang baik"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Self-signature tidak valid"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr ""
-"Pembatalan ID user valid dilewati karena ada self signature yang lebih baru"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Pembatalan ID user valid"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Pembatalan ID user tidak valid"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Pembatalan sertifikat valid"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Sertifikat yang baik"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Pembatalan sertifikat tidak valid"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Sertifikat tidak valid"
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "kunci %08lX muncul lebih dari satu kali dalam trustdb\n"
 
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
+#: g10/trustdb.c:290
 #, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "sig record %lu[%d] menunjuk ke record yang salah.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "sertifikat ganda - dihapus"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir gagal: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: gagal menyisipkan: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: gagal menyisipkan: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: menyisipkan\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "kesalahan membaca dir record: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu kunci diproses\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu kunci dengan kesalahan\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "%lu kunci disisipkan\n"
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "gagal enumerasi keyblok: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: dir record tanpa kunci - dilewati\n"
-
-#: g10/trustdb.c:1884
-#, fuzzy, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "kunci %08lX: %d subkey baru\n"
-
-#: g10/trustdb.c:1886
-#, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "%lu kunci dilewati\n"
+msgid "key %08lX: no public key for trusted key - skipped\n"
+msgstr "kunci %08lX: tidak ada kunci publik untuk trusted key- dilewati\n"
 
-#: g10/trustdb.c:1890
+#: g10/trustdb.c:332
 #, c-format
-msgid "\t%lu keys updated\n"
-msgstr "%lu kunci diperbaharui\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Ooops, tanpa kunci\n"
-
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Ooops, tanpa ID user\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "trust record %lu, req tipe %d: gagal baca: %s\n"
 
-#: g10/trustdb.c:2397
+#: g10/trustdb.c:338
 #, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: gagal mencari di record: %s\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "trust record %lu tidak dalam jenis yang diminta %d\n"
 
-#: g10/trustdb.c:2406
+#: g10/trustdb.c:353
 #, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "kunci %08lX: gagal menyisipkan record trust: %s\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "trust record %lu, tipe %d: gagal menulis: %s\n"
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:368
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "kunci %08lX.%lu: menyisipkan ke trustdb\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "trustdb: gagal sync: %s\n"
 
-#: g10/trustdb.c:2418
-#, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
-msgstr "kunci %08lX.%lu: tercipta di masa datang (masalah waktu atau jam)\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "tidak perlu memeriksa trustdb\n"
 
-#: g10/trustdb.c:2433
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "kunci %08lX.%lu: berakhir pada %s\n"
+msgid "next trustdb check due at %s\n"
+msgstr "pemeriksaan trustdb berikutnya pada %s\n"
 
-#: g10/trustdb.c:2441
-#, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "kunci %08lX.%lu: gagal periksa trust: %s\n"
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "memeriksa trustdb\n"
 
-#: g10/trustdb.c:2592
+#: g10/trustdb.c:933
 #, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "user '%s' tidak ditemukan: %s\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "kunci publik %08lX tidak ditemukan: %s\n"
 
-#: g10/trustdb.c:2594
+#: g10/trustdb.c:1515
 #, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "masalah menemukan '%s' dalam trustdb: %s\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "kunci publik yang sangat terpercaya %08lX tidak ditemukan\n"
 
-#: g10/trustdb.c:2597
+#: g10/trustdb.c:1593
 #, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "pemakai '%s' tidak ada di trustdb - menyisipkan\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "gagal menaruh '%s' ke dalam trustdb: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "PERINGATAN: belum dapat menangani record pref panjang\n"
-
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
 "should be the first file given on the command line.\n"
 msgstr ""
+"signature tidak dapat diverifikasi.\n"
+"Tolong ingat bahwa file signature (.sig atau .asc)\n"
+"haruslah file pertama yang diberikan pada perintah baris.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
-msgstr ""
-
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: tidak dapat membuat keyring: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: keyring tercipta\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "PERINGATAN: terdapat 2 file dengan informasi penting.\n"
+msgstr "baris input %u terlalu panjang atau hilang LF\n"
 
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s adalah yang tidak berubah\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"kunci tidak dianggap sebagai tidak aman - tidak dapat digunakan dengan RNG "
+"palsu!\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the new one\n"
-msgstr "%s adalah yang baru\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "lewati `%s': terduplikasi\n"
 
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Silakan perbaikan kemungkinan lubang keamanan\n"
-
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "melewati `%s': %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "dilewati: kunci pribadi telah ada\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3368,89 +3839,98 @@ msgstr "File `%s' ada. "
 msgid "Overwrite (y/N)? "
 msgstr "Ditimpa (y/T)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: suffix tidak dikenal\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Masukkan nama file baru"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "menulis ke stdout\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "mengasumsikan data bertanda dalam `%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: file pilihan baru tercipta\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: tidak dapat membuat direktori: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: direktori tercipta\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr ""
+"anda harus memulai GnuPG lagi, sehingga ia dapat membaca file option baru\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "dienkripsi dengan algoritma tidak dikenal %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "%s data terenkripsi\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "PERINGATAN: pesan dienkripsi dengan kunci lemah dalam cipher simetrik.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "masalah menangani paket terenkripsi\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "kunci lemah tercipta - mengulang\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "tidak dapat menghindari kunci lemah untuk cipher simetrik; mencoba %d kali!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "terdapat kunci rahasia untuk kunci publik ini!\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr "DSA membutuhkan penggunaan algoritma hash 160-bit\n"
 
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "gunakan pilihan \"--delete-secret-key\" untuk menghapusnya.\n"
-
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "tidak dapat dilakukan dalam mode batch tanpa \"--yes\"\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Menghapus kunci ini dari keyring? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "Ini adalah kunci rahasia! - Yakin dihapus? "
 
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "gagal menghapus keyblok: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr "informasi ownertrust dihapus\n"
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "terdapat kunci rahasia untuk kunci publik \"%s\"!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "gunakan pilihan \"--delete-secret-key\" untuk menghapusnya.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3464,19 +3944,31 @@ msgstr ""
 "kaitan dengan (membuat secara implisit) web-of-certificates."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Untuk membuat Web-of-Trust, GnuPG perlu tahu kunci mana yang\n"
+"sangat dipercaya - mereka biasanya adalah kunci yang anda punya\n"
+"akses ke kunci rahasia.  Jawab \"yes\" untuk menset kunci ini ke\n"
+"sangat dipercaya\n"
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
-msgstr "Jika anda tetap ingin menggunakan kunci yang dibatalkan, jawab \"ya\"."
+msgstr "Jika anda ingin menggunakan kunci yang dibatalkan, jawab \"ya\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr "Jika anda ingin menggunakan kunci tidak terpercaya ini, jawab \"ya\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr "Masukkan ID user penerima pesan."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3513,7 +4005,7 @@ msgstr ""
 "hal ini merupakan alasan mengapa kunci ElGamal hanya-enkripsi tidak ada\n"
 "di menu ini."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3521,18 +4013,18 @@ msgid ""
 msgstr ""
 "Meskipun kunci ini didefinisikan dalam RFC2440 mereka tidak disarankan\n"
 "karena belum didukung oleh seluruh program dan signature yang dibuat\n"
-"dengan mereka cukup besar dan sangat lambat untuk diverifikasi."
+"oleh mereka cukup besar dan sangat lambat untuk diverifikasi."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Masukkan ukuran kunci"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Jawab \"ya\" atau \"tidak\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3544,19 +4036,19 @@ msgstr ""
 "tidak akan mendapat respon kesalahan yang baik - sebaiknya sistem akan\n"
 "berusaha menginterprestasi nilai yang diberikan sebagai sebuah interval."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Masukkan nama pemegang kunci"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr "silakan masukkan alamat email (pilihan namun sangat dianjurkan)"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
-msgstr "Silakan masukkan komentar pilihan"
+msgstr "Silakan masukkan komentar tambahan"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3570,27 +4062,105 @@ msgstr ""
 "O  untuk melanjutkan dengan pembuatan kunci.\n"
 "K  untuk menghentikan pembuatan kunci."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Jawab \"ya\" (atau \"y\") jika telah siap membuat subkey."
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Ketika anda menandai user ID pada kunci, anda perlu memverifikasi bahwa "
+"kunci\n"
+"milik orang yang disebut dalam user ID.  Ini penting bagi orang lain untuk "
+"tahu\n"
+"seberapa cermat anda memverifikasi ini.\n"
+"\n"
+"\"0\" berarti anda tidak melakukan klaim tentang betapa cermat anda "
+"memverifikasi    kunci.\n"
+"\n"
+"\"1\" berarti anda percaya bahwa kunci dimiliki oleh orang yang mengklaim "
+"memilikinya\n"
+"    namun anda tidak dapat, atau tidak memverifikasi kunci sama sekali.  Hal "
+"ini bergunabagi\n"
+"    verifikasi \"persona\", yaitu anda menandai kunci user pseudonymous\n"
+"\n"
+"\"2\" berarti anda melakukan verifikasi kasual atas kunci.  Sebagai contoh, "
+"halini dapat\n"
+"    berarti bahwa anda memverifikasi fingerprint kunci dan memeriksa user ID "
+"pada kunci\n"
+"    dengan photo ID.\n"
+"\n"
+"\"3\" berarti anda melakukan verifikasi ekstensif atas kunci.  Sebagai "
+"contoh, hal ini\n"
+"    dapat berarti anda memverifikasi fingerprint kunci dengan pemilik kunci\n"
+"    secara personal, dan anda memeriksa, dengan menggunakan dokumen yang "
+"sulit dipalsukan yang memiliki\n"
+"    photo ID (seperti paspor) bahwa nama pemilik kunci cocok dengan\n"
+"    nama user ID kunci, dan bahwa anda telah memverifikasi (dengan "
+"pertukaran\n"
+"    email) bahwa alamat email pada kunci milik pemilik kunci.\n"
+"\n"
+"Contoh-contoh pada level 2 dan 3 hanyalah contoh.\n"
+"Pada akhirnya, terserah anda untuk memutuskan apa arti  \"kasual\" dan "
+"\"ekstensif\"\n"
+"bagi anda ketika menandai kunci lain.\n"
+"\n"
+"Jika anda tidak tahu jawaban yang tepat, jawab \"0\"."
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Jawab \"ya\" jika anda ingin menandai seluruh ID user"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
 msgstr ""
 "Jawab \"ya\" jika anda benar-benar ingin menghapus ID user ini.\n"
-"Seluruh sertifikat lalu akan hilang!"
+"Seluruh sertifikat juga akan hilang!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Jawab \"ya\" jika ingin menghapus subkey"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3600,7 +4170,7 @@ msgstr ""
 "signature ini karena mungkin penting membangun koneksi trust ke kunci atau\n"
 "ke kunci tersertifikasi lain dengan kunci ini."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3612,14 +4182,15 @@ msgstr ""
 "kunci yang digunakan karena kunci penanda ini mungkin membangun suatu\n"
 "koneksi trust melalui kunci yang telah tersertifikasi lain."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
 msgstr ""
-"Signature tidak valid. Masuk akal untuk menghapusnya dari keyring anda."
+"Signature tidak valid.  Adalah hal yang masuk akal untuk menghapusnya dari\n"
+"keyring anda"
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3633,29 +4204,34 @@ msgstr ""
 "ini bila self-signature untuk beberapa alasan tidak valid dan\n"
 "tersedia yang kedua."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
 msgstr ""
-"Silakan masukkan passphrase; ini kalimat rahasia\n"
-"   Blurb, blurb,...."
+"Rubah preferensi seluruh user ID (atau hanya yang terpilih)\n"
+"ke daftar preferensi saat ini.  Timestamp seluruh self-signature\n"
+"yang terpengaruh akan bertambah satu detik.\n"
+
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Silakan masukkan passphrase; ini kalimat rahasia\n"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr ""
 "Silakan ulangi passphrase terakhir, sehingga anda yakin yang anda ketikkan."
 
-#: g10/helptext.c:213
-#, fuzzy
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
-msgstr "Beri nama file untuk mengaplikasikan signature"
+msgstr "Beri nama file tempat berlakunya signature"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
-msgstr "Jawab \"ya\" jika ingin menimpa file"
+msgstr "Jawab \"ya\" jika tidak apa-apa menimpa file"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3663,14 +4239,14 @@ msgstr ""
 "Silakan masukan nama file baru. Jika anda hanya menekan RETURN nama\n"
 "file baku (yang diapit tanda kurung) akan dipakai."
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3678,83 +4254,94 @@ msgid ""
 "      Use this to state that the user ID should not longer be used;\n"
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
+"Anda harus menspesifikasikan alasan pembatalan. Semua ini tergantung\n"
+"konteks, anda dapat memilih dari daftar berikut:\n"
+" \"Key has been compromised\"\n"
+"      Gunakan ini jika anda punya alasan untuk percaya bahwa orang yang "
+"tidak berhak\n"
+"      memiliki akses ke kunci pribadi anda.\n"
+"  \"Key is superseded\"\n"
+"      Gunakan ini bila anda mengganti kunci anda dengan yang baru.\n"
+"  \"Key is no longer used\"\n"
+"      Gunakan ini bila anda telah mempensiunkan kunci ini.\n"
+"  \"User ID is no longer valid\"\n"
+"      Gunakan ini untuk menyatakan user ID tidak boleh digunakan lagi;\n"
+"      normalnya digunakan untuk menandai bahwa alamat email tidak valid "
+"lagi.\n"
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
+"Jika anda suka, anda dapat memasukkan teks menjelaskan mengapa anda\n"
+"mengeluarkan sertifikat pembatalan ini. Buatlah ringkas.\n"
+"Baris kosong mengakhiri teks.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Tidak tersedia bantuan"
 
-#: g10/helptext.c:268
-#, fuzzy, c-format
+#: g10/helptext.c:303
+#, c-format
 msgid "No help available for `%s'"
 msgstr "Tidak tersedia bantuan untuk `%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "masalah pembacaan sertifikat: %s\n"
-
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "Kunci RSA tidak dapat digunakan pada versi ini\n"
-
-#~ msgid "No key for user ID\n"
-#~ msgstr "Tidak ada kunci untuk ID user\n"
-
-#~ msgid "No user ID for key\n"
-#~ msgstr "Tidak ada ID user untuk kunci\n"
-
-#~ msgid "no default public keyring\n"
-#~ msgstr "tidak ada keyring publik baku\n"
-
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "tidak dapat mengunci keyring `%s': %s\n"
-
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "kunci %08lX: tidak dapat membaca keyblok orisinal: %s\n"
-
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: user tidak ditemukan\n"
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "kesalahan menulis keyring `%s': %s\n"
 
-#~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
-#~ msgstr ""
-#~ "Kunci RSA didepresiasi; silakan membuat kunci baru dan menggunakannya di "
-#~ "masa depan\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "merubah permisi `%s' gagal: %s\n"
 
-#, fuzzy
-#~ msgid "not processed"
-#~ msgstr "%lu kunci diproses\n"
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "%s: keyring tercipta\n"
 
-#~ msgid "assuming bad MDC due to an unknown critical bit\n"
-#~ msgstr "mengasumsikan MDC buruk karena ada bit kritis tidak dikenal\n"
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "gagal membuat kembali cache keyring: %s\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
-#~ msgstr ""
-#~ "kunci tidak dianggap sebagai tidak aman - tidak dapat digunakan dengan RNG "
-#~ "palsu!\n"
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "PERINGATAN: terdapat 2 file dengan informasi penting.\n"
 
-#~ msgid "set debugging flags"
-#~ msgstr "set flag debugging"
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s adalah yang tidak berubah\n"
 
-#~ msgid "enable full debugging"
-#~ msgstr "aktifkan full debugging"
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s adalah yang baru\n"
 
-#~ msgid "do not write comment packets"
-#~ msgstr "jangan menulis komentar paket"
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Silakan perbaiki kemungkinan lubang keamanan ini\n"
 
-#~ msgid "(default is 1)"
-#~ msgstr "(baku adalah 1)"
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "memeriksa keyring `%s'\n"
 
-#~ msgid "(default is 3)"
-#~ msgstr "(baku adalah 3)"
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu kunci telah diperiksa (%lu signature)\n"
 
-#~ msgid "   (%d) ElGamal in a v3 packet\n"
-#~ msgstr "  (%d) ElGamal dalam paket v3\n"
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu kunci telah diperiksa (%lu signature)\n"
 
-#~ msgid "Key generation can only be used in interactive mode\n"
-#~ msgstr "Pembuatan kunci hanya dapat digunakan dalam mode interaktif\n"
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: keyring tercipta\n"
diff --git a/po/it.po b/po/it.po
index ecc28271d..60264b7d7 100644
--- a/po/it.po
+++ b/po/it.po
@@ -1,302 +1,332 @@
 # GnuPG italian translation
-# Copyright (C) 1998, 1999 Free Software Foundation, Inc.
-# Marco d'Itri <[email protected]>, 1998, 1999.
+# Copyright (C) 1998, 1999, 2001, 2002 Free Software Foundation, Inc.
+# Marco d'Itri <[email protected]>, 1998, 1999, 2001, 2002.
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: gnupg-1.0.0h\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 1999-12-08 15:51+02:00\n"
+"Project-Id-Version: gnupg-1.0.7\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-21 21:54+0200\n"
 "Last-Translator: Marco d'Itri <[email protected]>\n"
 "Language-Team: Italian <[email protected]>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=iso-8859-1\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Attenzione: si sta usando memoria insicura!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "visitare http://www.gnupg.org/faq.html per ulteriori informazioni\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "l'operazione non � possibile senza memoria sicura inizializzata\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(potresti avere usato il programma sbagliato per questa funzione)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "s�"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "sS"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "no"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "quit"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "qQ"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "errore generale"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "pacchetto di tipo sconosciuto"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "versione sconosciuta"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "algoritmo della chiave pubblica sconosciuto"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "algoritmo del digest sconosciuto"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "chiave pubblica errata"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "chiave segreta errata"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "firma errata"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "codice di controllo errato"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "passphrase errata"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "chiave pubblica non trovata"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "algoritmo di cifratura sconosciuto"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "impossibile aprire il portachiavi"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "pacchetto non valido"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "armatura non valida"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "l'user id non esiste"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "la chiave segreta non � disponibile"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "� stata usata la chiave segreta sbagliata"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "non gestito"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "chiave sbagliata"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "errore durante la lettura del file"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "errore durante la scrittura del file"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "algoritmo di compressione sconosciuto"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "errore durante l'apertura del file"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "errore durante la creazione del file"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "passphrase non valida"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "algoritmo della chiave pubblica non implementato"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "algoritmo di cifratura non implementato"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "classe della firma sconosciuta"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "errore nel database della fiducia"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "MPI danneggiato"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "limite della risorsa"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "portachiavi non valido"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "certificato danneggiato"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "user id malformato"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "errore durante la chiusura del file"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "errore durante la rinominazione del file"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "errore durante la cancellazione del file"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "dati inattesi"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "date in conflitto"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "algoritmo della chiave pubblica non utilizzabile"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "il file esiste"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "chiave debole"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "argomento non valido"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "URI non valida"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "URI non gestito"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "errore di rete"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "non cifrato"
 
-#: util/logger.c:227
+# ??? (Md)
+#: util/errors.c:103
+msgid "not processed"
+msgstr "non esaminato"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "chiave pubblica inutilizzabile"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "chiave segreta inutilizzabile"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "errore del keyserver"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... questo � un bug (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "Hai trovato un bug... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "impossibile aprire `%s': %s\n"
 
-#: cipher/random.c:325
-#, fuzzy, c-format
+#: cipher/random.c:324
+#, c-format
 msgid "can't stat `%s': %s\n"
-msgstr "impossibile aprire `%s': %s\n"
+msgstr "impossibile eseguire stat su `%s': %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
-msgstr ""
+msgstr "`%s' non � un file regolare - ignorato\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
-msgstr ""
+msgstr "nota: il file random_seed � vuoto\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
+"attenzione: le dimensioni del file random_seed non sono valide - non usato\n"
 
-#: cipher/random.c:349
-#, fuzzy, c-format
+#: cipher/random.c:348
+#, c-format
 msgid "can't read `%s': %s\n"
-msgstr "impossibile aprire `%s': %s\n"
+msgstr "impossibile leggere `%s': %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
-msgstr ""
+msgstr "nota: il file random_seed non � stato aggiornato\n"
 
-#: cipher/random.c:407
-#, fuzzy, c-format
+#: cipher/random.c:406
+#, c-format
 msgid "can't create `%s': %s\n"
-msgstr "impossibile creare %s: %s\n"
+msgstr "impossibile creare `%s': %s\n"
 
-#: cipher/random.c:414
-#, fuzzy, c-format
+#: cipher/random.c:413
+#, c-format
 msgid "can't write `%s': %s\n"
-msgstr "impossibile aprire `%s': %s\n"
+msgstr "impossibile scrivere su `%s': %s\n"
 
-#: cipher/random.c:417
-#, fuzzy, c-format
-msgid "can't close `%s': %s\n"
-msgstr "impossibile aprire `%s': %s\n"
-
-#: cipher/random.c:428
+#: cipher/random.c:416
 #, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
+msgid "can't close `%s': %s\n"
+msgstr "impossibile chiudere `%s': %s\n"
 
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr ""
 "ATTENZIONE: si sta usando un generatore di numeri casuali non sicuro!!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -310,7 +340,7 @@ msgstr ""
 "NON USARE ALCUN DATO GENERATO DA QUESTO PROGRAMMA!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -322,19 +352,7 @@ msgstr ""
 "altra cosa per dare all'OS la possibilit� di raccogliere altra entropia!\n"
 "(Servono altri %d byte)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Attenzione: si sta usando memoria insicura!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "l'operazione non � possibile senza memoria sicura inizializzata\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(potresti avere usato il programma sbagliato per questa funzione)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -342,139 +360,163 @@ msgstr ""
 "@Comandi:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[file]|fai una firma"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[file]|fai una firma mantenendo il testo in chiaro"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "fai una firma separata"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "cifra dati"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[file]|cifra i file"
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "cifra solo con un cifrario simmetrico"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "immagazzina soltanto"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "decifra dati (predefinito)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[file]|decifra i file"
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "verifica una firma"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "elenca le chiavi"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "elenca le chiavi e le firme"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "controlla le firme delle chiavi"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "elenca le chiavi e le impronte digitali"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "elenca le chiavi segrete"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "genera una nuova coppia di chiavi"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
-msgstr "rimuove una chiave dal portachiavi pubblico"
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
+msgstr "rimuove le chiavi dal portachiavi pubblico"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
-msgstr "rimuove una chiave dal portachiavi privato"
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "rimuove le chiavi dal portachiavi privato"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "firma una chiave"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
-msgstr "firma localmente una chiave"
+msgstr "firma una chiave localmente"
+
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "firma una chiave irrevocabilmente"
 
-#: g10/gpg.c:224
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "firma una chiave localmente e irrevocabilmente"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "firma o modifica una chiave"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "genera un certificato di revoca"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "esporta delle chiavi"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "esporta le chiavi a un key server"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "importa le chiavi da un key server"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "cerca delle chiavi su un key server"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "aggiorna tutte le chiavi da un key server"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "importa/aggiungi delle chiavi"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "elenca solo la sequenza dei pacchetti"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "esporta i valori di fiducia"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "importa i valori di fiducia"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "aggiorna il database della fiducia"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NOMI]|controlla il database della fiducia"
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "aggiornamento non presidiato del database delle fiducia"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "ripara un database della fiducia rovinato"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "rimuovi l'armatura a un file o a stdin"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "crea l'armatura a un file o a stdin"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [files]|stampa tutti i message digests"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -484,164 +526,206 @@ msgstr ""
 "Opzioni:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "crea un output ascii con armatura"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NOME|cifra per NOME"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NOME|usa NOME come destinatario predefinito"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "usa la chiave predefinita come destinatario predefinito"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "usa questo user-id per firmare o decifrare"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|imposta il livello di compressione (0 disab.)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "usa il modo testo canonico"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "usa come file di output"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "prolisso"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "meno prolisso"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "non usa per niente il terminale"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "forza l'uso di firme v3"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "non forza l'uso di firme v3"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "forza l'uso di firme v4"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "non forza l'uso di firme v4"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "usa sempre un MDC per cifrare"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "non usa mai un MDC per cifrare"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "non fa cambiamenti"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "usa gpg-agent"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "modo batch: non fa domande"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "assumi \"s�\" per quasi tutte le domande"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "assumi \"no\" per quasi tutte le domande"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "aggiungi questo portachiavi alla lista"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "aggiungi questo portachiavi segreto alla lista"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "mostra in quali portachiavi sono contenute le chiavi elencate"
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NOME|usa NOME come chiave segreta predefinita"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|HOST|cerca le chiavi in questo keyserver"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
-msgstr "|NOME|imposta il set di caratteri del terminale NOME"
+msgstr "|NOME|imposta NOME come set di caratteri del terminale"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "leggi le opzioni dal file"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
-msgstr "|FD|scrivi le informazioni di stato su questo FD"
+msgstr "|FD|scrivi le informazioni di stato sul FD"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr ""
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[file]|scrivi le informazioni di stato nel file"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|KEYID|assegna fiducia definitiva a questa chiave"
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|FILE|carica il modulo di estensione FILE"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "emula il modo descritto in RFC 1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr ""
 "imposta tutte le opzioni di pacchetto,\n"
 "cifrario e digest per OpenPGP"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "imposta tutte le opzioni di pacchetto, cifrario e digest per PGP 2.x"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|usa il modo N per la passphrase"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr "|NOME|usa l'algoritmo di message digest NOME per le passphrase"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr "|NOME|usa l'alg. di cifratura NOME per le passphrase"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NOME|usa l'algoritmo di cifratura NOME"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NOME|usa l'algoritmo di message digest NOME"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|usa l'algoritmo di compressione N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr "elimina il campo keyid dei pacchetti cifrati"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Mostra le fotografie"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "Non mostra le fotografie"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "Imposta la riga di comando per vedere le fotografie"
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NOME=VALORE|usa questi dati per una nota"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
+"@\n"
+"(Vedi la man page per una lista completa di tutti i comandi e opzioni)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -661,15 +745,15 @@ msgstr ""
 " --list-keys [nomi]         mostra le chiavi\n"
 " --fingerprint [nomi]       mostra le impronte digitali\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr "Per favore segnala i bug a <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Uso: gpg [opzioni] [files] (-h per l'aiuto)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -679,7 +763,7 @@ msgstr ""
 "firma, controlla, cifra o decifra\n"
 "l'operazione predefinita dipende dai dati di input\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -687,193 +771,252 @@ msgstr ""
 "\n"
 "Algoritmi gestiti:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "uso: gpg [opzioni] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "comandi in conflitto\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "NOTA: manca il file `%s' con le opzioni predefinite\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "file con le opzioni `%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "lettura delle opzioni da `%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s non � un set di caratteri valido\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "impossibile fare il parsing dell'URI del keyserver\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "impossibile impostare exec-path a %s\n"
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "ATTENZIONE: %s � una opzione deprecata.\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "usa al suo posto \"--keyserver-options %s\"\n"
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "ATTENZIONE: il programma potrebbe creare un file core!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "ATTENZIONE: %s ha la precedenza su %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "NOTA: %s normalmente non deve essere usato!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "Non � permesso usare %s con %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "Non ha senso usare %s con %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr "nella modalit� --pgp2 puoi fare solo firme in chiaro o separate\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "nella modalit� --pgp2 non puoi firmare e cifrare contemporaneamente\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+"devi usare dei file (e non una pipe) quando lavori con --pgp2 attivo.\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+"nella modalit� --pgp2 � richiesto il cifrario IDEA per cifrare un messaggio\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "questo messaggio pu� non essere utilizzabile da PGP 2.x\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "l'algoritmo di cifratura selezionato non � valido\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "l'algoritmo di digest selezionato non � valido\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "L'URL della policy indicato non � valido\n"
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "l'URL della politica di firma indicato non � valido\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "l'URL della politica di certificazione indicato non � valido\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "l'algoritmo di compressione deve essere tra %d e %d\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "completes-needed deve essere maggiore di 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "marginals-needed deve essere maggiore di 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "max-cert-depth deve essere tra 1 e 255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "NOTA: l'uso del modo S2K semplice (0) � fortemente scoraggiato\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "modo S2K non valido; deve essere 0, 1 o 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "default-check-level non valido; deve essere 0, 1 o 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "preferenze non valide\n"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "inizializzazione del trustdb fallita: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [nomefile]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [nomefile]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [nomefile]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [nomefile]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [nomefile]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [nomefile]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [nomefile]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [nomefile]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key user-id"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key user-id"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key user-id [comandi]"
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key user-id"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key user-id"
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key user-id"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key user-id"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key user-id [comandi]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "impossibile aprire `%s': %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [user-id] [portachiavi]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "rimozione dell'armatura fallita: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "creazione dell'armatura fallita: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "algoritmo di hash non valido `%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[nomefile]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Vai avanti e scrivi il messaggio...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "impossibile aprire `%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr ""
 "il primo carattere del nome di una nota deve essere una lettera o un\n"
 "underscore\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -881,248 +1024,228 @@ msgstr ""
 "il nome di una nota deve essere formato solo da lettere, numeri, punti o\n"
 "underscore e deve finire con `='\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr "nel nome di una nota i punti devono avere altri caratteri intorno\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "il valore di una nota non deve usare caratteri di controllo\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "armatura: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "header dell'armatura non valido: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "header dell'armatura: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "header della firma in chiaro non valido\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "firme in chiaro annidate\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "riga protetta con il trattino non valida: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "armatura inaspettata:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "Carattere radix64 non valido %02x saltato\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "eof prematura (nessun CRC)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "eof prematura (nel CRC)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "CRC malformato\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "errore nel CRC; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "eof prematura (nella coda)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "errore nella riga della coda\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "Non sono stati trovati dati OpenPGP validi.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "armatura non valida: linea pi� lunga di %d caratteri\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "carattere quoted printable nell'armatura - probabilmente � stato usato\n"
 "un MTA buggato\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "       Impronta digitale:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Impronta digitale:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
-msgstr ""
+msgstr "Nessuna ragione specificata"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
-msgstr "La chiave � protetta.\n"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "Questa chiave � stata sostituita"
 
-#: g10/pkclist.c:121
-#, fuzzy
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
-msgstr "Questa chiave � stata disabilitata"
+msgstr "Questa chiave � stata compromessa"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
-msgstr ""
+msgstr "La chiave non � pi� usata"
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
-msgstr ""
+msgstr "L'user ID non � pi� valido"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
-msgstr ""
+msgstr "Ragione della revoca: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
-msgstr ""
+msgstr "Commento alla revoca: "
 
-# valid user replies (not including 1..4)
-# [Marco, you can change 'm' and 's' to whatever letters you like]
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMqQsS"
 
-#: g10/pkclist.c:308
+#: g10/pkclist.c:258
 #, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
-"Nessun valore di fiducia assegnato a %lu:\n"
+"Nessun valore di fiducia assegnato a:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
-msgstr ""
-"Per favore decidi quanto hai fiducia di questo utente perch� firmi\n"
-"correttamente le chiavi di altri utenti (guardando il loro passaporto,\n"
-"controllando le impronte digitali da diverse fonti ...)?\n"
+msgstr ""
+"Per favore decidi quanto hai fiducia che questo utente firmi correttamente\n"
+"le chiavi di altri utenti (guardando il loro passaporto, controllando le\n"
+"impronte digitali da diverse fonti...)?\n"
 "\n"
-" 1 = Non lo so\n"
-" 2 = NON mi fido\n"
-" 3 = Mi fido marginalmente\n"
-" 4 = Mi fido completamente\n"
-" s = mostrami ulteriori informazioni\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = Non lo so\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = NON mi fido\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = Mi fido marginalmente\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = Mi fido completamente\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = Mi fido definitivamente\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = mostrami ulteriori informazioni\n"
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = torna al men� principale\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = salta questa chiave\n"
+
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = abbandona\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Cosa hai deciso? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Vuoi davvero assegnare fiducia definitiva a questa chiave? "
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Certificati che portano a chiavi definitivamente affidabili:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"Impossibile trovare un percorso di fiducia valido fino alla chiave. Vediamo\n"
-"se possiamo assegnare qualche valore di fiducia del proprietario mancante.\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"Non � stato trovato alcun percorso che porti a una delle nostre chiavi.\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr "Non � stato trovato alcun certificato con fiducia non definita.\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Nessun valore di fiducia modificato.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "chiave %08lX: la chiave � stata revocata!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "Uso lo stesso questa chiave? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "chiave %08lX: la subchiave � stata revocata!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: la chiave � scaduta\n"
 
-#: g10/pkclist.c:519
+#: g10/pkclist.c:442
 #, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: mancano informazioni per calcolare una probabilit� di fiducia\n"
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"%08lX: Non ci sono indicazioni che la chiave appartenga al proprietario\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: NON ci fidiamo di questa chiave!\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1131,15 +1254,15 @@ msgstr ""
 "%08lX: Non � sicuro che questa chiave appartenga veramente al proprietario\n"
 "ma � accettata comunque\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Questa chiave probabilmente appartiene al proprietario\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Questa chiave ci appartiene\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1151,171 +1274,194 @@ msgstr ""
 "prossima domanda.\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "ATTENZIONE: uso di una chiave non fidata!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "ATTENZIONE: questa chiave � stata revocata dal suo proprietario!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "         Questo pu� significare che la firma � stata falsificata.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "ATTENZIONE: questa subchiave � stata revocata dal proprietario!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Nota: questa chiave � stata disabilitata.\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Nota: questa chiave � scaduta!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr "ATTENZIONE: questa chiave non � certificata con una firma fidata!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr ""
 "         Non ci sono indicazioni che la firma appartenga al proprietario.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "ATTENZIONE: NON ci fidiamo di questa chiave!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "          La firma � probabilmente un FALSO.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "ATTENZIONE: questa chiave non � certificata con firme abbastanza fidate!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr "         Non � sicuro che la firma appartenga al proprietario.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: saltata: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: saltato: chiave pubblica gi� presente\n"
 
-#: g10/pkclist.c:855
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr "Non hai specificato un user ID. (puoi usare \"-r\")\n"
+
+#: g10/pkclist.c:762
 msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
 "\n"
+"Enter the user ID.  End with an empty line: "
 msgstr ""
-"Non hai specificato un user ID. (puoi usare \"-r\")\n"
 "\n"
+"Inserisci l'user ID. Termina con una riga vuota: "
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Inserisci l'user ID: "
-
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "User ID inesistente.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr "saltato: chiave pubblica gi� impostata come destinatario predefinito\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "La chiave pubblica � disabilitata.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "saltato: chiave pubblica gi� impostata con --encrypt-to\n"
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "saltato: chiave pubblica gi� impostata\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "destinatario predefinito `%s' sconosciuto\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: errore nel controllare la chiave: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: saltato: chiave pubblica disabilitata\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "nessun indirizzo valido\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "la preferenza %c%lu non � valida\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "la preferenza %c%lu � doppia\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "ci sono troppe preferenze `%c'\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "carattere non valido nella stringa delle preferenze\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "scrittura della autofirma\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "scrittura della firma di collegamento alla chiave\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
-#, fuzzy, c-format
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
 msgid "keysize invalid; using %u bits\n"
-msgstr "La dimensione richiesta della chiave � %u bit\n"
+msgstr "dimensione della chiave non valida; uso %u bit\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
-#, fuzzy, c-format
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
 msgid "keysize rounded up to %u bits\n"
-msgstr "arrotondate a %u bit\n"
+msgstr "dimensioni della chiave arrotondate a %u bit\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Per favore scegli che tipo di chiave vuoi:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA e ElGamal (default)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (firma solo)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (cifra solo)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (firma e cifra)\n"
 
-#: g10/keygen.c:643
-#, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (firma e cifra)\n"
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (firma solo)\n"
 
-#: g10/keygen.c:647
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (cifra solo)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Cosa scegli? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Vuoi davvero creare una chiave di firma e cifratura? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "L'uso di questo algoritmo � deprecato - la creo comunque? "
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Scelta non valida.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1328,21 +1474,20 @@ msgstr ""
 "          la dimensione predefinita � 1024 bit\n"
 "  la dimensione massima consigliata � 2048 bit\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Di che dimensioni vuoi la chiave? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA permette solo chiavi di dimensioni tra 512 e 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "la chiave � troppo corta; 768 � il minimo valore permesso.\n"
-
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr "la chiave � troppo corta; 1024 � il minimo valore permesso per RSA.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
 msgstr "la chiave � troppo corta; 768 � il minimo valore permesso.\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
@@ -1353,12 +1498,12 @@ msgstr "la chiave � troppo corta; 768 � il minimo valore permesso.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "la chiave � troppo lunga; %d � il massimo valore permesso.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1366,11 +1511,11 @@ msgstr ""
 "Chiavi pi� lunghe di 2048 non sono consigliate perch� i calcoli sono\n"
 "VERAMENTE lunghi!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Sei sicuro di volere una chiave di queste dimensioni? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1378,21 +1523,17 @@ msgstr ""
 "Va bene, ma ricordati che anche le radiazioni emesse dal tuo monitor e dalla "
 "tua tastiera sono molto vulnerabili ad attacchi!\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Ti serve davvero una chiave cos� lunga? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "La dimensione richiesta della chiave � %u bit\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "arrotondate a %u bit\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1401,32 +1542,53 @@ msgid ""
 "      <n>m = key expires in n months\n"
 "      <n>y = key expires in n years\n"
 msgstr ""
-"Per favore specifica per quanto la chiave sar� valida.\n"
+"Per favore specifica per quanto tempo la chiave sar� valida.\n"
+"         0 = la chiave non scadr�\n"
+"      <n>  = la chiave scadr� dopo n giorni\n"
+"      <n>w = la chiave scadr� dopo n settimane\n"
+"      <n>m = la chiave scadr� dopo n mesi\n"
+"      <n>y = la chiave scadr� dopo n anni\n"
+
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Per favore specifica per quanto tempo la firma sar� valida.\n"
 "         0 = la chiave non scadr�\n"
 "      <n>  = la chiave scadr� dopo n giorni\n"
 "      <n>w = la chiave scadr� dopo n settimane\n"
 "      <n>m = la chiave scadr� dopo n mesi\n"
 "      <n>y = la chiave scadr� dopo n anni\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "Chiave valida per? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "Firma valida per? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "valore non valido\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "La chiave non scade\n"
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s non ha scadenza\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
+#: g10/keygen.c:992
 #, c-format
-msgid "Key expires at %s\n"
-msgstr "La chiave scadr� il %s\n"
+msgid "%s expires at %s\n"
+msgstr "%s scadr� il %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1434,11 +1596,11 @@ msgstr ""
 "Il tuo sistema non pu� mostrare date oltre il 2038.\n"
 "Comunque, sar� gestita correttamente fino al 2106.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "� giusto (s/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1454,44 +1616,44 @@ msgstr ""
 "    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Nome e Cognome: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Carattere non valido nel nome\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Il nome non pu� iniziare con una cifra\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Il nome deve essere lungo almeno 5 caratteri\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Indirizzo di Email: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "L'indirizzo di email non � valido\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Commento: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Carattere non valido nel commento\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Stai usando il set di caratteri `%s'.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1502,28 +1664,27 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
-msgstr ""
+msgstr "Per favore non mettere l'indirizzo di email nel nome o nel commento\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnCcEeOoQq"
 
-#: g10/keygen.c:986
-#, fuzzy
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
-msgstr "Modifica (N)ome, (C)ommento, (E)mail oppure (O)kay/(Q)uit? "
+msgstr "Modifica (N)ome, (C)ommento, (E)mail oppure (Q)uit? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "Modifica (N)ome, (C)ommento, (E)mail oppure (O)kay/(Q)uit? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
-msgstr ""
+msgstr "Per favore correggi prima l'errore\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1531,11 +1692,16 @@ msgstr ""
 "Ti serve una passphrase per proteggere la tua chiave segreta.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr "passphrase non ripetuta correttamente; riprova.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "passphrase non ripetuta correttamente; prova ancora"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1547,7 +1713,7 @@ msgstr ""
 "programma con l'opzione \"--edit-key\".\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1559,29 +1725,53 @@ msgstr ""
 "dischi) durante la generazione dei numeri primi; questo da al generatore di\n"
 "numeri casuali migliori possibilit� di raccogliere abbastanza entropia.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "La coppia DSA avr� 1024 bit.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Generazione della chiave annullata.\n"
 
-#: g10/keygen.c:1668
-#, fuzzy, c-format
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
 msgid "writing public key to `%s'\n"
-msgstr "scrittura del certificato pubblico in `%s'\n"
+msgstr "scrittura della chiave pubblica in `%s'\n"
 
-#: g10/keygen.c:1669
-#, fuzzy, c-format
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
 msgid "writing secret key to `%s'\n"
-msgstr "scrittura del certificato segreto in `%s'\n"
+msgstr "scrittura della chiave segreta in `%s'\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "non � stato trovato un portachiavi pubblico scrivibile: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "non � stato trovato un portachiavi segreto scrivibile: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "errore scrivendo il portachiavi pubblico `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "errore scrivendo il portachiavi segreto `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "chiavi pubbliche e segrete create e firmate.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "chiavi marcate definitivamente affidabili.\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
@@ -1590,12 +1780,12 @@ msgstr ""
 "il comando \"--edit-key\" per generare una chiave secondaria per questo "
 "scopo.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "Generazione della chiave fallita: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1603,7 +1793,7 @@ msgstr ""
 "la chiave � stata creata %lu secondo nel futuro (salto nel tempo o problema\n"
 "con l'orologio)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1611,306 +1801,365 @@ msgstr ""
 "la chiave � stata creata %lu secondi nel futuro (salto nel tempo o problema\n"
 "con l'orologio)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "NB: la creazione di sottochiavi per chiavi v3 non rispetta OpenPGP.\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Crea davvero? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output non funziona con questo comando\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' � gi� compresso\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: impossibile aprire: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "errore nella creazione della passhprase: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: ATTENZIONE: file vuoto\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"in modalit� --pgp2 puoi cifrare solo per chiavi RSA non pi� lunghe di 2048 "
+"bit\n"
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "lettura da `%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+"impossibile usare il cifrario IDEA con tutti i tipi di chiavi per cui\n"
+"stai cifrando.\n"
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s cifrato per: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
+#: g10/delkey.c:69 g10/export.c:141
 #, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: utente non trovato: %s\n"
+msgid "key `%s' not found: %s\n"
+msgstr "chiave `%s' non trovata: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "errore leggendo il keyblock: %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "chiave %08lX: chiave non rfc2440 - saltata\n"
 
-#: g10/export.c:175
-#, fuzzy, c-format
+#: g10/export.c:180
+#, c-format
 msgid "key %08lX: not protected - skipped\n"
-msgstr "chiave %08lX: chiave non rfc2440 - saltata\n"
+msgstr "chiave %08lX: non protetta - saltata\n"
+
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "chiave %08lX: chiave in stile PGP 2.x - saltata\n"
 
-#: g10/export.c:225
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "ATTENZIONE: non � stato esportato nulla\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "troppe voci nella pk cache - disabilitata\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "troppe voci nella unk cache - disabilitata\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[User ID non trovato]"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr "Chiave %08lX non valida resa valida da --allow-non-selfsigned-uid\n"
+
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "uso la chiave secondaria %08lX invece della chiave primaria %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr "chiave %08lX: chiave segreta senza chiave pubblica - saltata\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: utente non trovato\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "salto un blocco di tipo %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "Per ora sono state esaminate %lu chiavi\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "errore leggendo `%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "Numero totale esaminato: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "       nuove subchiavi: %lu\n"
+msgstr "  nuove chiavi saltate: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "         senza user ID: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "             importate: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "        non modificate: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "         nuovi user ID: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "       nuove subchiavi: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "           nuove firme: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "nuove revoche di chiavi: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "  chiavi segrete lette: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "chiavi segrete importate: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr "chiavi segrete non cambiate: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "chiave %08lX: nessun user ID\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "chiave %08lX: accettato l'user ID non autofirmato '%s'\n"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "chiave %08lX: nessun user ID valido\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "questo pu� essere causato da una autofirma mancante\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "chiave %08lX: chiave pubblica non trovata: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "chiave %08lX: chiave non rfc2440 - saltata\n"
+msgstr "chiave %08lX: nuova chiave - saltata\n"
+
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "non � stato trovato un portachiavi scrivibile: %s\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "scrittura in `%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "errore scrivendo il portachiavi `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "chiave %08lX: chiave pubblica importata\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "chiave %08lX: non corrisponde alla nostra copia\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "chiave %08lX: impossibile individuare il keyblock originale: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "chiave %08lX: impossibile leggere il keyblock originale: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "chiave %08lX: 1 nuovo user ID\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "chiave %08lX: %d nuovi user ID\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "chiave %08lX: una nuova firma\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "chiave %08lX: %d nuove firme\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "chiave %08lX: una nuova subchiave\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "chiave %08lX: %d nuove subchiavi\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "chiave %08lX: non cambiata\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "nessun portachiavi segreto predefinito: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "chiave %08lX: chiave segreta importata\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "chiave %08lX: gi� nel portachiavi segreto\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "chiave %08lX: chiave segreta non trovata: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "chiave %08lX: manca la chiave pubblica - impossibile applicare il\n"
 "certificato di revoca\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "chiave %08lX: certificato di revoca non valido: %s - rifiutato\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "chiave %08lX: certificato di revoca importato\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "chiave %08lX: nessun user ID per la firma\n"
 
-#: g10/import.c:719 g10/import.c:743
+#: g10/import.c:839
 #, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
-msgstr "chiave %08lX: algoritmo a chiave pubblica non gestito\n"
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr ""
+"chiave %08lX: algoritmo a chiave pubblica non gestito sull'user ID \"%s\"\n"
 
-#: g10/import.c:720
+#: g10/import.c:841
 #, c-format
-msgid "key %08lX: invalid self-signature\n"
-msgstr "chiave %08lX: autofirma non valida\n"
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "chiave %08lX: autofirma non valida sull'user ID \"%s\"\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "chiave %08lX: non ci sono subchiavi per il legame con la chiave\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "chiave %08lX: legame con la subchiave non valido:\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "chiave %08lX: algoritmo a chiave pubblica non gestito\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "chiave %08lX: accettato l'user ID non autofirmato '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "chiave %08lX: legame con la subchiave non valido:\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "chiave %08lX: saltato l'user ID '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "chiave %08lX: saltata la subchiave\n"
@@ -1919,93 +2168,193 @@ msgstr "chiave %08lX: saltata la subchiave\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr "chiave %08lX: firma non esportabile (classe %02x) - saltata\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr "chiave %08lX: certificato di revoca nel posto sbagliato - saltato\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "chiave %08lX: certificato di revoca non valido: %s - saltato\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "chiave %08lX: trovato un user ID duplicato - unito\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+"Attenzione: la chiave %08lX pu� essere stata revocata: scarico la chiave\n"
+"di revoca %08lX.\n"
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+"Attenzione: la chiave %08lX pu� essere stata revocata: la chiave di revoca\n"
+"%08lX non � presente.\n"
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "chiave %08lX: certificato di revoca aggiunto\n"
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1231
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "chiave %08lX: la nostra copia non ha autofirma\n"
+msgid "key %08lX: direct key signature added\n"
+msgstr "chiave %08lX: aggiunta una firma alla chiave diretta\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[revoca]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[autofirma]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "una firma non corretta\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d firme non corrette\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "una firma non controllata per mancanza della chiave\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d firme non controllate per mancanza delle chiavi\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "una firma non controllata a causa di un errore\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d firme non controllate a causa di errori\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "Trovato un user ID senza autofirma valida\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr "Trovati %d user ID senza autofirme valide\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
+#, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "L'user ID \"%s\" � stato revocato."
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Sei ancora sicuro di volerla firmare? (s/N) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr "  Impossibile firmarla.\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"La tua firma attuale su \"%s\"\n"
+"� una firma locale.\n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr "Vuoi trasformarla in una firma completa esportabile? (s/N) "
+
+#: g10/keyedit.c:388
 #, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "Gi� firmato dalla chiave %08lX\n"
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" era gi� stato firmato localmente dalla chiave %08lX\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" era gi� stato firmato dalla chiave %08lX\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Niente da firmare con la chiave %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "Questa chiave � scaduta!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Questa chiave scadr� il %s.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "Vuoi che la tua firma scada nello stesso momento? (S/n) "
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+"In modalit� -pgp2 non � possibile fare firme OpenPGP su chiavi in stile PGP "
+"2.x.\n"
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "Questo renderebbe la chiave non utilizzabile da PGP 2.x.\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Con quanta attenzione hai verificato che la chiave che stai per firmare\n"
+"appartiene veramente alla persona indicata sopra?\n"
+"Se non sai cosa rispondere digita \"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Preferisco non rispondere.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) Non l'ho controllata per niente.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) L'ho controllata superficialmente.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) L'ho controllata molto attentamente.%s\n"
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2013,42 +2362,73 @@ msgstr ""
 "Sei davvero sicuro di volere firmare questa chiave\n"
 "con la tua chiave: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr ""
 "\n"
+"La firma sar� marcata come non esportabile.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"La firma sar� marcata come irrevocabile.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
 msgstr ""
-"La firma sar� segnata come non esportabile.\n"
 "\n"
+"Non ho controllato per niente questa chiave.\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"Ho controllato questa chiave superficialmente.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+"\n"
+"Ho controllato questa chiave molto superficialmente.\n"
+
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Firmo davvero? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "firma fallita: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Questa chiave non � protetta.\n"
 
-#: g10/keyedit.c:426
-#, fuzzy
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
-msgstr "la chiave segreta non � disponibile"
+msgstr "Parti della chiave segreta non sono disponibili.\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "La chiave � protetta.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Impossibile modificare questa chiave: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2056,7 +2436,7 @@ msgstr ""
 "Inserisci la nuova passphrase per questa chiave segreta.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2064,667 +2444,931 @@ msgstr ""
 "Non vuoi una passphrase - questa � probabilmente una *cattiva* idea!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Vuoi veramente farlo?"
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "spostamento della firma di una chiave nel posto corretto\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "abbandona questo men�"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "save"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "salva ed esci"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "help"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "mostra questo aiuto"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "mostra le impronte digitali"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "list"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "elenca le chiavi e gli user ID"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "scegli l'user ID N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "key"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "scegli la chiave secondaria N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "check"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "elenca le firme"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "sign"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "firma la chiave"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsign"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "firma la chiave localmente"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsign"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "firma la chiave irrevocabilmente"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsign"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "firma la chiave localmente e irrevocabilmente"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "debug"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "adduid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "aggiungi un user ID"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "addphoto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "aggiungi un ID fotografico"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "deluid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "cancella un user ID"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "delphoto"
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "addkey"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "aggiungi una chiave secondaria"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "delkey"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "cancella una chiave secondaria"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "delsign"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "cancella le firme"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "cambia la data di scadenza"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "primary"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "imposta l'user ID come primario"
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "toggle"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "cambia tra visualizzare la chiave segreta e la chiave pubblica"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr "elenca le impostazioni"
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "elenca le preferenze (per esperti)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "elenca le preferenze (prolisso)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "setpref"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "imposta la lista di preferenze"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "updpref"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "preferenze aggiornate"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "passwd"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "cambia la passphrase"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "trust"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "cambia il valore di fiducia"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "revoca firme"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "revkey"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "revoca una chiave secondaria"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "disable"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "disabilita una chiave"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "abilita"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "abilita una chiave"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "showphoto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "mostra l'ID fotografico"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "impossibile fare questo in modo batch\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "errore leggendo il keyblock segreto `%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "� disponibile una chiave segreta.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Comando> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "Per fare questo serve la chiave segreta.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
-msgstr ""
+msgstr "Per favore usa prima il comando \"toggle\".\n"
+
+#: g10/keyedit.c:1047
+msgid "Key is revoked."
+msgstr "La chiave � stata revocata."
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Firmo davvero tutti gli user ID? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Suggerimento: seleziona gli user ID da firmare\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "aggiornamento del trustdb fallito: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "Questo comando non � permesso in modalit� %s.\n"
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Devi selezionare almeno un user ID.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Non puoi cancellare l'ultimo user ID!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "Tolgo davvero tutti gli user ID selezionati? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Tolgo davvero questo user ID? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Devi selezionare almeno una chiave.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "Vuoi davvero cancellare le chiavi selezionate? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "Vuoi davvero cancellare questa chiave? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "Vuoi davvero revocare le chiavi selezionate? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "Vuoi davvero revocare questa chiave? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "Aggiorno davvero le preferenze per gli user ID selezionati? "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Aggiorno davvero le preferenze? "
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Salvo i cambiamenti? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Esco senza salvare? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "aggiornamento fallito: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "aggiornamento della chiave segreta fallito: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "La chiave non � cambiata quindi non sono necessari aggiornamenti.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Comando non valido  (prova \"help\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "Questa chiave pu� essere revocata dalla chiave %s %s%s\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (sensibile)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  creata: %s scade: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " fiducia: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Questa chiave � stata disabilitata"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "chiave %08lX: la subchiave � stata revocata!\n"
+msgstr "rev! la subchiave � stata revocata: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr "nuove revoche di chiavi: %lu\n"
+msgstr "rev- trovata una revoca falsificata\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? problema controllando la revoca: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+"Nota che la validit� della firma indicata non sar� necessariamente corretta\n"
+"finch� non eseguirai di nuovo il programma.\n"
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"ATTENZIONE: Questa chiave ha gi� un ID fotografico.\n"
+"            Aggiungerne un altro pu� confondere alcune versioni di PGP.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Sei ancora sicuro di volerlo aggiungere? (s/N) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "� possibile avere un solo ID fotografico su ogni chiave.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
 msgstr ""
+"ATTENZIONE: Questa � una chiave in stile PGP2. Aggiungere un ID fotografico\n"
+"            pu� causare il rifiuto della chiave da parte di alcune versioni\n"
+"            di PGP.\n"
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr ""
+"Non � possibile aggiungere un ID fotografico a una chiave in stile PGP2.\n"
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "Cancellare questa firma corretta? (s/N/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "Cancellare questa firma non valida? (s/N/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "Cancellare questa firma sconosciuta? (s/N/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "Cancellare davvero questa autofirma? (s/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "Cancellata %d firma.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "Cancellate %d firme.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Non � stato cancellato nulla.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Togli le selezioni dalle chiavi segrete.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Seleziona al massimo una chiave secondaria.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "Cambio la data di scadenza per una chiave secondaria.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "Cambio la data di scadenza per la chiave primaria.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Non � possibile cambiare la data di scadenza di una chiave v3\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Manca la firma corrispondente nel portachiavi segreto\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Devi selezionare esattamente un user ID.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Nessun user ID con l'indice %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Nessuna chiave secondaria con l'indice %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "user ID: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
 "signed with your key %08lX at %s\n"
 msgstr ""
 "\"\n"
-"firmata con la tua chiave %08lX a %s\n"
+"firmata con la tua chiave %08lX il %s\n"
 "\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
-msgstr "Creare un certificato di revoca per questa firma? (s/N)"
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"firmata localmente con la tua chiave %08lX il %s\n"
+"\n"
+
+#: g10/keyedit.c:2457
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Questa chiave � scaduta il %s.\n"
+
+#: g10/keyedit.c:2461
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Sei ancora sicuro di volerlo aggiungere? (s/N) "
+
+#: g10/keyedit.c:2465
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "Creare un certificato di revoca per questa firma? (s/N) "
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Non puoi cancellare l'ultimo user ID!\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
+#: g10/keyedit.c:2504
 #, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "   firmata da %08lX il %s\n"
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   firmata da %08lX il %s%s%s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   revocata da %08lX il %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Stai per revocare queste firme:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
-msgstr "Creare davvero i certificati di revoca? (s/N)"
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   firmata da %08lX il %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr " (non esportabile)"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2551
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "Creare davvero i certificati di revoca? (s/N) "
+
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "manca la chiave segreta\n"
 
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "armatura non valida"
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+"Mostro %s ID fotografici di dimensioni %ld per la chaive 0x%08lX (uid %d)\n"
 
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "revkey"
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Politica di firma: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "ATTENZIONE: trovati dati di una nota non validi\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Annotazione della firma: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "non leggibile"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "Portachiavi"
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
-#, fuzzy, c-format
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
 msgid " [expires: %s]"
-msgstr "La chiave scadr� il %s\n"
+msgstr "[scadenza: %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Impronta digitale:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "       Impronta digitale:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "     Impronta digitale ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "dati cifrati con %s\n"
 
-#: g10/mainproc.c:212
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "cifrato con l'algoritmo sconosciuto %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "la chiave pubblica � %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "dati cifrati con la chiave pubblica: DEK corretto\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "cifrato con la chiave %2$s di %1$u bit, ID %3$08lX, creata il %4$s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "Cifrato con la chiave %s con ID %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "nessuna chiave disponibile per decifrare\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "decifratura della chiave pubblica fallita: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "suppongo che i dati siano cifrati con %s\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr "Cifrario IDEA non disponibile, ottimisticamente cerco di usare %s\n"
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "decifratura corretta\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "ATTENZIONE: il messaggio cifrato � stato manipolato!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr "decifratura fallita: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr "NOTA: il mittente ha richiesto \"solo-per-i-tuoi-occhi\"\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "nome del file originale='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr "revoca solitaria - usa \"gpg --import\" per applicarla\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "ATTENZIONE: trovati dati di una nota non validi\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Nota: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Policy: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "verifica della firma soppressa\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "impossibile gestire queste firme multiple\n"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Firma fatta %.*s usando la chiave %s con ID %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "Firma NON corretta da \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Firma scaduta da \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Firma valida da \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[incerta]"
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
-msgstr "    anche noto come \""
+msgstr "                alias \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Impossibile controllare la firma: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "non � una firma separata\n"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "firma solitaria di classe 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "firma vecchio stile (PGP 2.x)\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "individuato un pacchetto radice non valido in proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "impossibile disabilitare i core dump: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Gli algoritmi sperimentali non dovrebbero essere usati!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
 msgstr "questo algoritmo di cifratura � deprecato; usane uno pi� standard!\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Attenzione: proprietario \"%s\" di %s insicuro\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Attenzione: permessi \"%s\" di %s insicuri\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "il plugin per il cifrario IDEA non � presente\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+"per ulteriori informazioni si veda http://www.gnupg.org/it/why-not-idea."
+"html\n"
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "impossibile gestire l'algoritmo a chiave pubblica %d\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "il sottopacchetto di tipo %d ha un bit critico impostato\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
-msgstr ""
+msgstr "gpg-agent non � disponibile in questa sessione\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "impossibile impostare il pid del client dell'agent\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "impossibile ottenere il FD di lettura dell'agent\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "impossibile ottenere il FD di scrittura dell'agent\n"
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
-msgstr ""
+msgstr "variabile di ambiente GPG_AGENT_INFO malformata\n"
+
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "la versione %d del protocollo di gpg-agent non � gestita\n"
 
-#: g10/hkp.c:158 g10/passphrase.c:223
-#, fuzzy, c-format
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
 msgid "can't connect to `%s': %s\n"
-msgstr "impossibile aprire `%s': %s\n"
+msgstr "impossibile connettersi a `%s': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "problema di comunicazione con gpg-agent\n"
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "problema con l'agent - uso dell'agent disattivato\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (key ID principale %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
-"Ti serve una passphrase per sbloccare la chiave segreta\n"
-"dell'utente: \""
+"Ti serve una passphrase per sbloccare la chiave segreta dell'utente:\n"
+"\"%.*s\"\n"
+"%u-bit %s key, ID %08lX, created %s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Inserisci la passphrase: "
+msgstr "Inserisci la passphrase\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "Ripeti la passphrase: "
-
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
+msgstr "Ripeti la passphrase\n"
 
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr ""
+msgstr "passphrase troppo lunga\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "risposta non valida dall'agent\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "interrotto dall'utente\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "problema con l'agent: ha restituito 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2734,20 +3378,20 @@ msgstr ""
 "Ti serve una passphrase per sbloccare la chiave segreta\n"
 "dell'utente: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "chiave %2$s di %1$u bit, ID %3$08lX, creata il %4$s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "impossibile chiedere la password in modo batch\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Inserisci la passphrase: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Ripeti la passphrase: "
 
@@ -2756,150 +3400,198 @@ msgid "data not saved; use option \"--output\" to save it\n"
 msgstr ""
 "i dati non sono stati salvati; usa l'opzione \"--output\" per salvarli\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "errore creando `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
 msgstr "Firma separata.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Inserisci il nome del file di dati: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "viene letto stdin...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "non ci sono dati firmati\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "impossibile aprire i dati firmati `%s'\n"
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "destinatario anonimo; provo la chiave segreta %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "bene, siamo il destinatario anonimo.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "la vecchia codifica del DEK non � gestita\n"
 
-#: g10/pubkey-enc.c:216
-#, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "l'algoritmo di protezione %d non � gestito\n"
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "l'algoritmo di cifratura %d%s � sconosciuto o disattivato\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr ""
-"NOTA: l'algoritmo di cifratura %d non � stato trovato nelle impostazioni\n"
+"NOTA: l'algoritmo di cifratura %d non � stato trovato tra le preferenze\n"
 
-#: g10/pubkey-enc.c:261
-#, fuzzy, c-format
+#: g10/pubkey-enc.c:242
+#, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "NOTA: chiave per firmare scaduta il %s\n"
+msgstr "NOTA: chiave %08lX scaduta il %s\n"
 
-#: g10/hkp.c:62
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "richiedo la chiave %08lX dal keyserver HKP %s\n"
 
-#: g10/hkp.c:75
-#, fuzzy, c-format
+#: g10/hkp.c:94
+#, c-format
 msgid "can't get key from keyserver: %s\n"
-msgstr "importa le chiavi da un key server"
-
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
-
-#: g10/hkp.c:106
-#, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s non � un set di caratteri valido\n"
+msgstr "impossibile scaricare la chiave dal keyserver: %s\n"
 
-#: g10/hkp.c:182
-#, fuzzy, c-format
+#: g10/hkp.c:171
+#, c-format
 msgid "error sending to `%s': %s\n"
 msgstr "errore leggendo `%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
-msgstr ""
+msgstr "inviata con successo a `%s' (status=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
-msgstr ""
+msgstr "invio a `%s' fallito: status=%u\n"
 
-#: g10/seckey-cert.c:89
-#, fuzzy
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "cerco \"%s\" sul server HKP %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "impossibile cercare sul keyserver: %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
-msgstr "la chiave segreta non � disponibile"
+msgstr "parti della chiave segreta non sono disponibili\n"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
 #, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "l'algoritmo di protezione %d non � gestito\n"
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "l'algoritmo di protezione %d%s non � gestito\n"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr "Passphrase non valida; riprova...\n"
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Passphrase non valida; riprova"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
+
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr ""
 "ATTENZIONE: Individuata una chiave debole - per favore cambia ancora la\n"
 "passphrase.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+"genero il checksum a 16 bit deprecato per la protezione della chiave "
+"segreta\n"
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "questa � una chiave ElGamal generata da PGP e NON � sicura per le firme!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "la chiave pubblica � %lu secondo pi� recente della firma\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "la chiave pubblica � %lu secondi pi� recente della firma\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "NOTA: chiave per firmare scaduta il %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "NOTA: chiave per firmare %08lX scaduta il %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr ""
 "si suppone una firma non valida a causa di un bit critico sconosciuto\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"ATTENZIONE: Impossibile espandere i %% nell'URL (troppo lunga). Usata "
+"inespansa.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "controllo della firma creata fallito: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "Firma %s da: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "ATTENZIONE: `%s' � un file vuoto\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "In modalit� -pgp2 puoi firmare solo con chiavi in stile PGP 2.x\n"
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "impossibile creare %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "firma:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"In modalit� -pgp2 puoi firmare in chiaro solo con chiavi in stile PGP 2.x\n"
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "ATTENZIONE: `%s' � un file vuoto\n"
+msgid "%s encryption will be used\n"
+msgstr "sar� usato il cifrario %s\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2911,424 +3603,205 @@ msgstr "impossibile gestire linee di testo pi� lunghe di %d caratteri\n"
 msgid "input line longer than %d characters\n"
 msgstr "linea di input pi� lunga di %d caratteri\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: lseek fallita: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr "trustdb rec %lu: scrittura fallita (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "transazione del trustdb troppo grande\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: impossibile acedere a: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: la directory non esiste!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: impossibile creare: %s\n"
+msgid "%s: can't create lock\n"
+msgstr "%s: impossibile creare il lock\n"
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:480 g10/tdbio.c:544
 #, c-format
-msgid "%s: can't create lock\n"
+msgid "%s: can't make lock\n"
 msgstr "%s: impossibile creare il lock\n"
 
-#: g10/tdbio.c:473
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: impossibile creare: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: creazione del record della versione fallita: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: � stato creato un trustdb non valido\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: creato il trustdb\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: trustdb non valido\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: creazione della tabella hash fallita: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: errore durante l'aggiornamento del record di versione: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: errore durante la lettura del record di versione: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: errore durante la scrittura del record di versione: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "trustdb: lseek fallita: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "trustdb: read fallita (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: non � un file di trustdb\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: record di versione con recnum %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: versione %d del file non valida\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: errore durante la lettura del record libero: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: errore durante la scrittura del dir record: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: azzeramento di un record fallito: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: accodatura a un record fallita: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr "Il trustdb � danneggiato; eseguire \"gpg --fix-trust-db\".\n"
 
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "trust record %lu, tipo %d: read fallita: %s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "trust record %lu, req type %d: write fallita: %s\n"
-
-#: g10/trustdb.c:198
+#: g10/trustdb.c:200
 #, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "trust record %lu: delete fallita: %s\n"
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' non � un key ID lungo valido\n"
 
-#: g10/trustdb.c:212
+#: g10/trustdb.c:235
 #, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "trustdb: sync fallita: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "errore durante la lettura del dir record per il LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: atteso un dir record, trovato uno di tipo %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "manca una chiave primaria per il LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr ""
-"errore durante la lettura della chiave primaria per il\n"
-"LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record fallito: %s\n"
-
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "%s non � un set di caratteri valido\n"
-
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "chiave %08lX: impossibile metterla nel trustdb\n"
-
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "chiave %08lX: richiesta del record fallita\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "chiave %08lX: gi� nella tabella delle chiavi affidabili\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
+msgid "key %08lX: accepted as trusted key\n"
 msgstr "chiave %08lX: accettata come chiave affidabile\n"
 
-#: g10/trustdb.c:547
-#, fuzzy, c-format
-msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "chiave %08lX: chiave non rfc2440 - saltata\n"
-
-#: g10/trustdb.c:566
+#: g10/trustdb.c:274
 #, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "NOTA: la chiave segreta %08lX NON � protetta.\n"
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "chiave %08lX: appare nel trustdb pi� di una volta\n"
 
-#: g10/trustdb.c:585
+#: g10/trustdb.c:290
 #, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "chiave %08lX: le chiavi segreta e pubblica non corrispondono\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "enumerate secret keys fallito: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "chiave %08lX.%lu: Legame con la subchiave corretto\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "chiave %08lX.%lu: Legame con la subchiave non valido: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "chiave %08lX.%lu: Revoca della chiave valida\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "chiave %08lX.%lu: Revoca della chiave non valida: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "chiave %08lX.%lu: Revoca della subchiave valida\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Autofirma corretta"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Autofirma non valida"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
+msgid "key %08lX: no public key for trusted key - skipped\n"
 msgstr ""
-"Saltata una revoca dell'user ID valida a causa di una autofirma pi� recente"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Revoca dell'user ID valida"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Revoca dell'user ID non valida"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Revoca del certificato valida"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Certificato corretto"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Certificato di revoca non valido"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Certificato non valido"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "il sig recor di %lu[%d] punta al record sbagliato.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "certificato doppio - cancellato"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir fallita: %s\n"
+"chiave %08lX: manca la chiave pubblica della chiave fidata - ignorata\n"
 
-#: g10/trustdb.c:1795
+#: g10/trustdb.c:332
 #, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: inserimento fallito: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: inserimento fallito: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: inserito\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "errore durante la lettura del dir record: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu chiavi esaminate\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu chiavi con errori\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu chiavi inserite\n"
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "enumerate keyblocks fallito: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: dir record senza chiave - saltato\n"
-
-#: g10/trustdb.c:1884
-#, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu a causa di nuove chiavi pubbliche\n"
-
-#: g10/trustdb.c:1886
-#, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu chiavi saltate\n"
-
-#: g10/trustdb.c:1890
-#, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu chiavi aggiornate\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Ooops, mancano le chiavi\n"
-
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Ooops, mancano gli user ID\n"
-
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: ricerca del dir record fallita: %s\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "trust record %lu, tipo %d: read fallita: %s\n"
 
-#: g10/trustdb.c:2406
+#: g10/trustdb.c:338
 #, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "chiave %08lX: inserimento del record della fiducia fallito: %s\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "il trust record %lu non � del tipo richiesto %d\n"
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:353
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "chiave %08lX.%lu: inserita nel trustdb\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "trust record %lu, req type %d: write fallita: %s\n"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:368
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
-msgstr ""
-"chiave %08lX.%lu: creata nel futuro (salto nel tempo o problema\n"
-"con l'orologio)\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "trustdb: sync fallita: %s\n"
 
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "chiave %08lX.%lu: scaduta il %s\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "non � necessario un controllo del trustdb\n"
 
-#: g10/trustdb.c:2441
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "chiave %08lX.%lu: controllo della fiducia fallito: %s\n"
+msgid "next trustdb check due at %s\n"
+msgstr "il prossimoi controllo del trustdb sar� fatto il %s\n"
 
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "utente `%s' non trovato: %s\n"
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "controllo il trustdb\n"
 
-#: g10/trustdb.c:2594
+#: g10/trustdb.c:933
 #, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "problema cercando `%s' nel trustdb: %s\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "chiave pubblica %08lX non trovata: %s\n"
 
-#: g10/trustdb.c:2597
+#: g10/trustdb.c:1515
 #, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "l'utente `%s' non � nel trustdb - viene inserito\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "chiave pubblica definitivamente affidabile %08lX non trovata\n"
 
-#: g10/trustdb.c:2600
+#: g10/trustdb.c:1593
 #, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "impossibile mettere `%s' nel trustdb: %s\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr "controllo al livello %d firmato=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "ATTENZIONE: non � ancora possibile gestire record pref lunghi\n"
-
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3338,45 +3811,32 @@ msgstr ""
 "Ricorda che il file con la firma (.sig or .asc) deve\n"
 "essere il primo file indicato sulla riga di comando.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr "linea di input %u troppo lunga o LF mancante\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: impossibile creare il portachiavi: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: portachiavi creato\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "ATTENZIONE: esistono due file con informazioni confidenziali.\n"
-
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s � quello non modificato\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"la chiave non � indicata come insicura - impossibile usarla con il RNG "
+"finto!\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the new one\n"
-msgstr "%s � quello nuovo\n"
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Per favore risolvete questo possibile problema di sicurezza\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "saltata `%s': doppia\n"
 
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "saltata `%s': %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "saltata: chiave pubblica gi� presente\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3395,92 +3855,100 @@ msgstr "Il file `%s' esiste. "
 msgid "Overwrite (y/N)? "
 msgstr "Sovrascrivo (s/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: suffisso sconosciuto\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Inserire il nuovo nome del file"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "scrivo su stdout\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "suppongo che i dati firmati siano in `%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: creato un nuovo file delle opzioni\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: impossibile creare la directory: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: directory creata\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr ""
 "� necessario eseguire di nuovo GnuPG in modo che possa leggere il nuovo\n"
 "file delle opzioni\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "cifrato con l'algoritmo sconosciuto %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "dati cifrati con %s\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "ATTENZIONE: il messaggio era stato cifrato usando una chiave debole\n"
 "per il cifrario simmetrico\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "problema nella gestione del pacchetto cifrato\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "creata una chiave debole - riprovo\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "Impossibile evitare una chiave debole per il cifrario simmetrico;\n"
 "ho provato %d volte!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "c'� una chiave segreta per questa chiave pubblica!\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr "DSA richiede l'uso di un algoritmo di hashing con almeno 160 bit\n"
 
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "prima usa l'opzione \"--delete-secret-key\" per cancellarla.\n"
-
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "impossibile fare questo in modo batch senza \"--yes\"\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Vuoi cancellare questa chiave dal portachiavi? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
-msgstr "� una chaive segreta! - Vuoi cancellarla davvero? "
+msgstr "� una chiave segreta! - Vuoi cancellarla davvero? "
+
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "cancellazione del keyblock fallita: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr "informazioni di fiducia del possessore cancellate\n"
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "c'� una chiave segreta per la chiave pubblica \"%s\"!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "usa prima l'opzione \"--delete-secret-keys\" per cancellarla.\n"
 
 #: g10/helptext.c:47
 msgid ""
@@ -3493,19 +3961,32 @@ msgstr ""
 "con il web-of-certificates (creato implicitamente)."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Per costruire il Web-Of-Trust, GnuPG ha bisogno di sapere quali chiavi sono\n"
+"definitivamente affidabili - di solito quelle per cui hai accesso alla "
+"chiave\n"
+"segreta.\n"
+"Rispondi \"s�\" per impostare questa chiave come definitivamente affidabile\n"
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr "Se vuoi usare comunque questa chiave revocata, rispondi \"si\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr "Se vuoi usare comunque questa chiave non fidata, rispondi \"si\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr "Inserisci l'user ID del destinatario a cui vuoi mandare il messaggio."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3545,7 +4026,7 @@ msgstr ""
 "questo � il motivo per cui le chiavi ElGamal solo per cifrare non sono\n"
 "disponibili in questo men�."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3556,16 +4037,16 @@ msgstr ""
 "sono gestite da tutti i programmi e le firme create sono grandi e lunghe da\n"
 "verificare."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Inserisci le dimensioni della chiave"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Rispondi \"si\" o \"no\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3577,19 +4058,19 @@ msgstr ""
 "messaggio di errore corretto: il sistema cerca di interpretare il valore\n"
 "dato come un intervallo."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Inserisci il nome del proprietario della chiave"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr "Inserisci un indirizzo di email opzionale (ma fortemente suggerito)"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Inserisci un commento opzionale"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3603,15 +4084,94 @@ msgstr ""
 "O  per continuare con la generazione della chiave.\n"
 "Q  per abbandonare il processo di generazione della chiave."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Rispondi \"si\" (o \"y\") se va bene generare la subchiave."
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Quando firmi l'user ID di una chiave dovresti prima verificare che questa\n"
+"appartiene alla persona indicata nell'user ID. � utile agli altri sapere\n"
+"con quanta attenzione lo hai verificato.\n"
+"\n"
+"\"0\" significa che non fai particolari affermazioni sull'attenzione con "
+"cui\n"
+"    hai ferificato la chiave.\n"
+"\n"
+"\"1\" significa che credi che la chiave sia posseduta dalla persona che dice "
+"di\n"
+"    possederla, ma non hai o non hai potuto verificare per niente la "
+"chiave.\n"
+"\n"
+"\"2\" significa che hai fatto una verifica superficiale della chiave. Per "
+"esempio\n"
+"    potrebbe significare che hai verificato l'impronta digitale e "
+"confrontato\n"
+"    l'user ID della chiave con un documento di identit� con fotografia.\n"
+"\n"
+"\"3\" significa che hai fatto una verifica approfondita della chiave. Per "
+"esempio\n"
+"    potrebbe significare che hai verificato di persona l'impronta digitale "
+"con\n"
+"    il possessore della chiave e hai controllato, per esempio per mezzo di\n"
+"    un documento di identit� con fotografia difficile da falsificare (come\n"
+"    un passaporto), che il nome del proprietario della chiave corrisponde a\n"
+"    quello nell'user ID della chiave, e per finire che hai verificato\n"
+"    (scambiando dei messaggi) che l'indirizzo di email sulla chiave "
+"appartiene\n"
+"    al proprietario.\n"
+"\n"
+"Nota che gli esempi indicati per i livelli 2 e 3 sono *solo* esempi. Alla "
+"fine\n"
+"sta a te decidere cosa significano \"superficiale\" e \"approfondita\" "
+"quando\n"
+"firmi chiavi di altri.\n"
+"\n"
+"Se non sai cosa rispondere, rispondi \"0\"."
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Rispondi \"si\" se vuoi firmare TUTTI gli user ID"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3619,11 +4179,11 @@ msgstr ""
 "Rispondi \"si\" se vuoi davvero cancellare questo user ID.\n"
 "Tutti i certificati saranno persi!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Rispondi \"si\" se va bene cancellare la subchiave"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3634,7 +4194,7 @@ msgstr ""
 "questa firma perch� pu� essere importante per stabilire una connessione di\n"
 "fiducia alla chiave o a un'altra chiave certificata da questa chiave."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3648,13 +4208,13 @@ msgstr ""
 "usata perch� questa chiave potrebbe stabilire una connessione di fiducia\n"
 "attraverso una chiave gi� certificata."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
 msgstr "La firma non � valida. Ha senso rimuoverla dal tuo portachiavi."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3669,27 +4229,34 @@ msgstr ""
 "non\n"
 "� valida per qualche ragione e ne � disponibile un'altra."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
 msgstr ""
-"Inserisci la passphrase, cio� una frase segreta.\n"
-"  bla, bla, bla..."
+"Cambia le preferenze di tutti gli user ID (o solo di quelli selezionati) "
+"con\n"
+"la lista di preferenze corrente. L'orario di tutte le autofirme coinvolte\n"
+"sar� aumentato di un secondo.\n"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Inserisci la passphrase, cio� una frase segreta \n"
+
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr "Ripeti l'ultima passphrase per essere sicuro di cosa hai scritto."
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr "Inserisci il nome del file a cui si riferisce la firma."
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Rispondi \"si\" se va bene sovrascrivere il file."
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3697,14 +4264,14 @@ msgstr ""
 "Inserisci il nuovo nome del file. Se premi INVIO sar� usato il nome\n"
 "predefinito (quello indicato tra parentesi)."
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3712,85 +4279,364 @@ msgid ""
 "      Use this to state that the user ID should not longer be used;\n"
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
+"Dovresti specificare un motivo per questa certificazione. A seconda del\n"
+"contesto hai la possibilit� di scegliere tra questa lista:\n"
+"  \"Key has been compromised\"\n"
+"      Usa questo se hai un motivo per credere che una persona non "
+"autorizzata\n"
+"      abbia avuto accesso alla tua chiave segreta.\n"
+"  \"Key is superseded\"\n"
+"      Usa questo se hai sostituito questa chiave con una pi� recente.\n"
+"  \"Key is no longer used\"\n"
+"      Usa questo se hai mandato in pensione questa chiave.\n"
+"  \"User ID is no longer valid\"\n"
+"      Usa questo per affermare che l'user ID non dovrebbe pi� essere usato;\n"
+"      solitamente � usato per indicare un indirizzo di email non valido.\n"
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
+"Se vuoi, puoi digitare un testo che descrive perch� hai emesso\n"
+"questo certificato di revoca. Per favore sii conciso.\n"
+"Una riga vuota termina il testo.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Non � disponibile un aiuto"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Non � disponibile un aiuto per `%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "problema di lettura del certificato: %s\n"
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "errore creando il portachiavi `%s': %s\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "In questa versione non possono essere usate chiavi RSA\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "cabiamento dei permessi di `%s' fallito: %s\n"
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Non ci sono chiavi per questo user ID\n"
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "portachiavi `%s' creato\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Non ci sono user ID per questa chiave\n"
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "rebuild della cache del portachiavi fallito: %s\n"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "nessun portachiavi pubblico predefinito\n"
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "ATTENZIONE: esistono due file con informazioni confidenziali.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s � quello non modificato\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s � quello nuovo\n"
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "impossibile fare il lock del portachiavi `%s': %s\n"
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Per favore risolvete questo possibile problema di sicurezza\n"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "chiave %08lX: impossibile leggere il keyblock originale: %s\n"
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "controllo il portachiavi `%s'\n"
 
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: utente non trovato\n"
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "Per ora sono state controllate %lu chiavi (%lu firme)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "Sono state controllate %lu chiavi (%lu firme)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: portachiavi creato\n"
+
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "Sei ancora sicuro di volerla firmare?\n"
+
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "  Sei sicuro di volerla firmare comunque?\n"
+
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Firmo davvero? (s/N) "
+
+#~ msgid "too many random bits requested; the limit is %d\n"
+#~ msgstr "sono stati richiesti troppi bit casuali; il limite � %d\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NOMI]|controlla il database della fiducia"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key user-id"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key user-id"
+
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key user-id"
+
+#~ msgid "For info see http://www.gnupg.org"
+#~ msgstr "Per informazioni si veda http://www.gnupg.org"
+
+# valid user replies (not including 1..4)
+# [Marco, you can change 'm' and 's' to whatever letters you like]
+#~ msgid "sSmMqQ"
+#~ msgstr "sSmMqQ"
 
 #~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
 #~ msgstr ""
-#~ "Le chiavi RSA sono deprecate; per favore considera di creare una nuova "
-#~ "chiave\n"
-#~ "e usarla in futuro\n"
+#~ "Impossibile trovare un percorso di fiducia valido fino alla chiave. "
+#~ "Vediamo\n"
+#~ "se possiamo assegnare qualche valore di fiducia del proprietario "
+#~ "mancante.\n"
+#~ "\n"
 
-# ??? (Md)
-#~ msgid "not processed"
-#~ msgstr "non esaminato"
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Non � stato trovato alcun percorso che porti a una delle nostre chiavi.\n"
+
+#~ msgid ""
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
+#~ msgstr "Non � stato trovato alcun certificato con fiducia non definita.\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Nessun valore di fiducia modificato.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr ""
+#~ "%08lX: mancano informazioni per calcolare una probabilit� di fiducia\n"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Inserisci l'user ID: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "saltato: chiave pubblica gi� impostata con --encrypt-to\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: errore nel controllare la chiave: %s\n"
+
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) RSA (firma e cifra)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr "Vuoi davvero creare una chiave di firma e cifratura? "
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Ti serve davvero una chiave cos� lunga? "
+
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: utente non trovato: %s\n"
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "problema di lettura del certificato: %s\n"
+
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "troppe voci nella unk cache - disabilitata\n"
+
+#~ msgid "secret key %08lX not imported (use %s to allow for it)\n"
+#~ msgstr ""
+#~ "la chiave segreta %08lX non � stata importata (usa %s per permetterlo)\n"
+
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "chiave %08lX: la nostra copia non ha autofirma\n"
+
+#~ msgid "%s: user not found\n"
+#~ msgstr "%s: utente non trovato\n"
+
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr "aggiornamento del trustdb fallito: %s\n"
+
+#~ msgid "no keyserver known (use option --keyserver)\n"
+#~ msgstr "non conosco nessun keyserver (usa l'opzione --keyserver)\n"
+
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s: non � un key ID valido\n"
 
 #~ msgid "assuming bad MDC due to an unknown critical bit\n"
 #~ msgstr ""
 #~ "si suppone un MDC non valido a causa di un bit critico sconosciuto\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "errore durante la lettura del dir record per il LID %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr "lid %lu: atteso un dir record, trovato uno di tipo %d\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "manca una chiave primaria per il LID %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr ""
+#~ "errore durante la lettura della chiave primaria per il\n"
+#~ "LID %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: search_record fallito: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "chiave %08lX: richiesta del record fallita\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "chiave %08lX: gi� nella tabella delle chiavi affidabili\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "NOTA: la chiave segreta %08lX NON � protetta.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
+#~ msgstr "chiave %08lX: le chiavi segreta e pubblica non corrispondono\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "enumerate secret keys fallito: %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "chiave %08lX.%lu: Legame con la subchiave corretto\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "chiave %08lX.%lu: Legame con la subchiave non valido: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "chiave %08lX.%lu: Revoca della chiave valida\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "chiave %08lX.%lu: Revoca della chiave non valida: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "chiave %08lX.%lu: Revoca della subchiave valida\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Autofirma corretta"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Autofirma non valida"
+
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
+#~ msgstr ""
+#~ "Saltata una revoca dell'user ID valida a causa di una autofirma pi� "
+#~ "recente"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "Revoca dell'user ID valida"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Revoca dell'user ID non valida"
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "Revoca del certificato valida"
+
+#~ msgid "Good certificate"
+#~ msgstr "Certificato corretto"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Certificato di revoca non valido"
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Certificato non valido"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "il sig recor di %lu[%d] punta al record sbagliato.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "certificato doppio - cancellato"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "tdbio_search_dir fallita: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lid ?: inserimento fallito: %s\n"
+
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lid %lu: inserimento fallito: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lid %lu: inserito\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "errore durante la lettura del dir record: %s\n"
+
+#~ msgid "\t%lu keys with errors\n"
+#~ msgstr "\t%lu chiavi con errori\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "\t%lu chiavi inserite\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lid %lu: dir record senza chiave - saltato\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "\t%lu a causa di nuove chiavi pubbliche\n"
+
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "\t%lu chiavi saltate\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "\t%lu chiavi aggiornate\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Ooops, mancano le chiavi\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Ooops, mancano gli user ID\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr "check_trust: ricerca del dir record fallita: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr "chiave %08lX: inserimento del record della fiducia fallito: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "chiave %08lX.%lu: inserita nel trustdb\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
 #~ msgstr ""
-#~ "la chiave non � indicata come insicura - impossibile usarla con il RNG "
-#~ "finto!\n"
+#~ "chiave %08lX.%lu: creata nel futuro (salto nel tempo o problema\n"
+#~ "con l'orologio)\n"
 
-#~ msgid "set debugging flags"
-#~ msgstr "imposta i flag di debugging"
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "chiave %08lX.%lu: scaduta il %s\n"
 
-#~ msgid "enable full debugging"
-#~ msgstr "abilita il debugging completo"
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "chiave %08lX.%lu: controllo della fiducia fallito: %s\n"
 
-#~ msgid "do not write comment packets"
-#~ msgstr "non scrivere pacchetti di commento"
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr "problema cercando `%s' nel trustdb: %s\n"
 
-#~ msgid "(default is 1)"
-#~ msgstr "(predefinito � 1)"
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr "l'utente `%s' non � nel trustdb - viene inserito\n"
 
-#~ msgid "(default is 3)"
-#~ msgstr "(predefinito � 3)"
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "impossibile mettere `%s' nel trustdb: %s\n"
 
-#~ msgid "   (%d) ElGamal in a v3 packet\n"
-#~ msgstr "   (%d) ElGamal in un pacchetto v3\n"
+#~ msgid "WARNING: can't yet handle long pref records\n"
+#~ msgstr "ATTENZIONE: non � ancora possibile gestire record pref lunghi\n"
 
-#~ msgid "Key generation can only be used in interactive mode\n"
-#~ msgstr "Una chiave pu� essere generata solo in modo interattivo\n"
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: impossibile creare il portachiavi: %s\n"
diff --git a/po/ja.po b/po/ja.po
index d4666da01..35bf6bdfc 100644
--- a/po/ja.po
+++ b/po/ja.po
@@ -1,303 +1,332 @@
 # Japanese messages for GnuPG
-# Copyright (C) 1999 Free Software Foundation, Inc.
-# IIDA Yosiaki <[email protected]>, 1999-2000.
+# Copyright (C) 1999, 2000, 2002 Free Software Foundation, Inc.
+# IIDA Yosiaki <[email protected]>, 1999, 2000, 2002.
 # Yoshihiro Kajiki <[email protected]>, 1999.
+# This file is distributed under the same license as the GnuPG package.
 # Special thanks to "Takashi P.KATOH".
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: gnupg 1.0.0h\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 2000-02-16 20:10+09:00\n"
-"Last-Translator: IIDA Yosiaki <[email protected]>\n"
-"Language-Team: Japanese <[email protected]>\n"
+"Project-Id-Version: gnupg 1.0.6\n"
+"POT-Creation-Date: 2002-04-19 11:22+0200\n"
+"PO-Revision-Date: 2002-04-20 23:43+0900\n"
+"Last-Translator: IIDA Yosiaki <[email protected]>\n"
+"Language-Team: Japanese <[email protected]>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=EUC-JP\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "�ٹ�: ��Ф����꡼����Ѥ��Ƥ��ޤ�!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "�ܺ٤�http://www.gnupg.org/faq.html������������\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "������Ѥߤΰ����ʥ��꡼���ʤ����ˤϼ¹ԤǤ��ޤ���\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(������Ū�ˤϸ��ä��ץ��������Ѥ����ΤǤ��礦)\n"
+
+#: util/miscutil.c:297 util/miscutil.c:327
 msgid "yes"
 msgstr "yes"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:298 util/miscutil.c:330
 msgid "yY"
 msgstr "yY"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:299 util/miscutil.c:328
 msgid "no"
 msgstr "no"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:300 util/miscutil.c:331
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:810 util/miscutil.c:329
 msgid "quit"
 msgstr "quit"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:332
 msgid "qQ"
 msgstr "qQ"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "����Ū�ʥ��顼"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
-msgstr "�ѥ��åȥ����פ������Ǥ�"
+msgstr "̤�ΤΥѥ��åȡ������פǤ�"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
-msgstr "�С�����������Ǥ�"
+msgstr "̤�ΤΥС������Ǥ�"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
-msgstr "�������Υ��르�ꥺ�ब�����Ǥ�"
+msgstr "̤�Τθ��������르�ꥺ��Ǥ�"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
-msgstr "����Υ��르�ꥺ�ब�����Ǥ�"
+msgstr "̤�Τ����󥢥르�ꥺ��Ǥ�"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "�������������Ǥ�"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "��̩���������Ǥ�"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "��̾�������Ǥ�"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
-msgstr "�����å����२�顼"
+msgstr "�����å����ࡦ���顼"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
-msgstr "�ѥ��ե졼��������������ޤ���"
+msgstr "�ѥ��ե졼���������Ǥ�"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
-msgstr "���������ߤĤ���ޤ���"
+msgstr "�����������Ĥ���ޤ���"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
-msgstr "�Ź楢�르�ꥺ�ब�����Ǥ�"
+msgstr "̤�ΤΰŹ楢�르�ꥺ��Ǥ�"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
-msgstr "����󥰤������ޤ���"
+msgstr "���ؤ������ޤ���"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "̵���ʥѥ��åȤǤ�"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
-msgstr "̵�������äǤ�"
+msgstr "̵���������Ǥ�"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
-msgstr "���Υ桼�� ID �Ϥ���ޤ���"
+msgstr "���Υ桼����ID�Ϥ���ޤ���"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
-msgstr "��̩��������ޤ���"
+msgstr "��̩���������ޤ���"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
-msgstr "��������̩�����Ѥ����Ƥ��ޤ�"
+msgstr "���ä���̩�����Ѥ����Ƥ��ޤ�"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "���ݡ��Ȥ��Ƥ��ޤ���"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "���������Ǥ�"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
-msgstr "�ե�������ɤ߽Ф����顼"
+msgstr "�ե�������ɽФ����顼"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
-msgstr "�ե�����ؤν񤭹��ߥ��顼"
+msgstr "�ե�����ν���ߥ��顼"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
-msgstr "���̥��르�ꥺ�ब�����Ǥ�"
+msgstr "̤�Τΰ��̥��르�ꥺ��Ǥ�"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "�ե����뤬�����ޤ���"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
-msgstr "�ե����뤬�����Ǥ��ޤ���"
+msgstr "�ե�����κ������顼"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
-msgstr "�ѥ��ե졼�����ְ�äƤ��ޤ�"
+msgstr "�ѥ��ե졼����̵���Ǥ�"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
-msgstr "�������Υ��르�ꥺ�ब��������Ƥ��ޤ���"
+msgstr "̤�����θ��������르�ꥺ��Ǥ�"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
-msgstr "�Ź楢�르�ꥺ�ब��������Ƥ��ޤ���"
+msgstr "̤�����ΰŹ楢�르�ꥺ��Ǥ�"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
-msgstr "��̾�Υ��饹�������Ǥ�"
+msgstr "̤�Τν�̾���饹�Ǥ�"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "���ѥǡ����١����Υ��顼�Ǥ�"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
-msgstr "MPI �������Ǥ�"
+msgstr "������MPI�Ǥ�"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "�꥽�������³��Ǥ�"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
-msgstr "����󥰤�̵���Ǥ�"
+msgstr "���ؤ�̵���Ǥ�"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "�����������Ǥ�"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
-msgstr "�桼�� ID �ν񼰤�����������ޤ���"
+msgstr "�桼����ID�ν񼰤�����������ޤ���"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "�ե����뤬�Ĥ����ޤ���"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
-msgstr "�ե�����̾���ѹ����Ǥ��ޤ���"
+msgstr "�ե�����̾���ѹ����顼"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
-msgstr "�ե�����κ�����Ǥ��ޤ���"
+msgstr "�ե�����κ�����顼"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
-msgstr "ͽ������Ƥ��ʤ��ǡ����Ǥ�"
+msgstr "ͽ�����̥ǡ����Ǥ�"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "���դ����ͤ��Ƥ��ޤ�"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "���ѤǤ��ʤ����������르�ꥺ��Ǥ�"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "�ե����뤬����¸�ߤ��Ƥ��ޤ�"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "�夤���Ǥ�"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "̵���ʻ���Ǥ�"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
-msgstr "URI ���ְ�äƤ��ޤ�"
+msgstr "URI�������Ǥ�"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
-msgstr "���� URI �ϥ��ݡ��Ȥ��Ƥ��ޤ���"
+msgstr "����URI�ϥ��ݡ��Ȥ��Ƥ��ޤ���"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
-msgstr "�ͥåȥ�����顼"
+msgstr "�ͥåȥ�������顼"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "�Ź沽����Ƥ��ޤ���"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "̤����"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "���ѤǤ��ʤ��������Ǥ�"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "���ѤǤ��ʤ���̩���Ǥ�"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "�������С��Υ��顼"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... �Х��Ǥ� (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "�Х��򸫤Ĥ����褦�Ǥ� ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
-msgstr "`%s' �������ޤ���: %s\n"
+msgstr "`%s'�������ޤ���: %s\n"
 
-#: cipher/random.c:325
-#, fuzzy, c-format
+#: cipher/random.c:324
+#, c-format
 msgid "can't stat `%s': %s\n"
-msgstr "`%s' �������ޤ���: %s\n"
+msgstr "`%s'��Ĵ�٤뤳�Ȥ��Ǥ��ޤ���: %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
-msgstr ""
+msgstr "`%s' �����̤Υե�����ǤϤ���ޤ��� - ̵��\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
-msgstr ""
+msgstr "����: random_seed �ե�����϶��Ǥ�\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
-msgstr ""
+msgstr "�ٹ�: ̵���ʥ������� random_seed �ե����� - �Ȥ��ޤ���\n"
 
-#: cipher/random.c:349
-#, fuzzy, c-format
+#: cipher/random.c:348
+#, c-format
 msgid "can't read `%s': %s\n"
-msgstr "`%s' �������ޤ���: %s\n"
+msgstr "`%s'���ɤ�ޤ���: %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
-msgstr ""
+msgstr "����: random_seed �ե�����ι����򤷤ޤ���\n"
 
-#: cipher/random.c:407
-#, fuzzy, c-format
+#: cipher/random.c:406
+#, c-format
 msgid "can't create `%s': %s\n"
-msgstr "%s �������Ǥ��ޤ���: %s\n"
+msgstr "`%s'���Ǥ��ޤ���: %s\n"
 
-#: cipher/random.c:414
-#, fuzzy, c-format
+#: cipher/random.c:413
+#, c-format
 msgid "can't write `%s': %s\n"
-msgstr "`%s' �������ޤ���: %s\n"
-
-#: cipher/random.c:417
-#, fuzzy, c-format
-msgid "can't close `%s': %s\n"
-msgstr "`%s' �������ޤ���: %s\n"
+msgstr "`%s'�˽񤱤ޤ���: %s\n"
 
-#: cipher/random.c:428
+#: cipher/random.c:416
 #, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
+msgid "can't close `%s': %s\n"
+msgstr "`%s'���Ĥ����ޤ���: %s\n"
 
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
-msgstr "�ٹ�: �����Ǥʤ�����������֤��Ȥ��Ƥ��ޤ�!!\n"
+msgstr "�ٹ�: ��Ф���������Ҥ��Ȥ��Ƥ��ޤ�!!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -305,13 +334,13 @@ msgid ""
 "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
 "\n"
 msgstr ""
-"���� OS ����ܤ���Ƥ��뵿������������르�ꥺ��ϡ�\n"
-"�Ź��ѤȤ��Ƥ���Ŭ���Ǥ������Ǥ�����������Ǥ��ޤ���\n"
+"��ܤ���Ƥ�����������Ҥϡ��Ź��ѤȤ��ƤϤ����ޤĤǡ�\n"
+"����������Ǥ��ޤ���!\n"
 "\n"
-"���Υץ������ˤ���������줿�ǡ����ϰ��ڻ��Ѥ��ƤϤ����ޤ���!!\n"
+"���Υץ����������������ǡ�������ڻ��Ѥ��ƤϤ����ޤ���!!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -319,22 +348,10 @@ msgid ""
 "the OS a chance to collect more entropy! (Need %d more bytes)\n"
 msgstr ""
 "\n"
-"��ʬ��Ĺ��������������ޤ��󡣥���ȥ��ԡ������ä�����褦��\n"
-"OS ��������ѹ����Ƥ���������(%d bytes �ʾ�μ�����ɬ�פǤ�)\n"
-
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "�ٹ�: �����Ǥʤ����꡼����Ѥ��Ƥ��ޤ�!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "��������줿�����ʥ��꡼��̵�����ˤϼ¹ԤǤ��ޤ���\n"
+"��ʬ��Ĺ��������������ޤ���OS����ä��𻨤������\n"
+"�Ǥ���褦���������Ƥ�������! (����%d�Х��Ȥ���ޤ�)\n"
 
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(������Ū�ˤ���Ŭ�ڤʥץ��������Ѥ����ΤǤ��礦)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:281
 msgid ""
 "@Commands:\n"
 " "
@@ -342,139 +359,165 @@ msgstr ""
 "@���ޥ��:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:283
 msgid "|[file]|make a signature"
-msgstr "|[file]|��̾�����"
+msgstr "|[�ե�����]|��̾�����"
 
-#: g10/gpg.c:204
+#: g10/g10.c:284
 msgid "|[file]|make a clear text signature"
-msgstr "|[file]|���ꥢ��̾�����"
+msgstr "|[�ե�����]|���ꥢ��̾�����"
 
-#: g10/gpg.c:205
+#: g10/g10.c:285
 msgid "make a detached signature"
 msgstr "ʬΥ��̾�����"
 
-#: g10/gpg.c:206
+#: g10/g10.c:286
 msgid "encrypt data"
 msgstr "�ǡ�����Ź沽"
 
-#: g10/gpg.c:207
+#: g10/g10.c:287
+msgid "|[files]|encrypt files"
+msgstr "|[�ե����뷲]|�ե����뷲��Ź沽"
+
+#: g10/g10.c:288
 msgid "encryption only with symmetric cipher"
 msgstr "�Ź沽�ˤ��оΰŹ�ˡ�Τߤ����"
 
-#: g10/gpg.c:208
+#: g10/g10.c:289
 msgid "store only"
 msgstr "��¸�Τ�"
 
-#: g10/gpg.c:209
+#: g10/g10.c:290
 msgid "decrypt data (default)"
-msgstr "�ǡ��������� (�ǥե����)"
+msgstr "�ǡ��������� (����)"
+
+#: g10/g10.c:291
+msgid "|[files]|decrypt files"
+msgstr "|[�ե����뷲]|�ե����뷲������"
 
-#: g10/gpg.c:210
+#: g10/g10.c:292
 msgid "verify a signature"
 msgstr "��̾�򸡾�"
 
-#: g10/gpg.c:212
+#: g10/g10.c:294
 msgid "list keys"
 msgstr "�����"
 
-#: g10/gpg.c:214
+#: g10/g10.c:296
 msgid "list keys and signatures"
 msgstr "���Ƚ�̾�ΰ���"
 
-#: g10/gpg.c:215
+#: g10/g10.c:297
 msgid "check key signatures"
 msgstr "���ν�̾�򸡾�"
 
-#: g10/gpg.c:216
+#: g10/g10.c:298
 msgid "list keys and fingerprints"
 msgstr "���Ȼ���ΰ���"
 
-#: g10/gpg.c:217
+#: g10/g10.c:299
 msgid "list secret keys"
 msgstr "��̩���ΰ���"
 
-#: g10/gpg.c:218
+#: g10/g10.c:300
 msgid "generate a new key pair"
-msgstr "���������ڥ������"
+msgstr "��������������"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
-msgstr "��������󥰤��鸰����"
+#: g10/g10.c:301
+msgid "remove keys from the public keyring"
+msgstr "�������ؤ��鸰������"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
-msgstr "��̩����󥰤��鸰����"
+#: g10/g10.c:303
+msgid "remove keys from the secret keyring"
+msgstr "��̩���ؤ��鸰������"
 
-#: g10/gpg.c:222
+#: g10/g10.c:304
 msgid "sign a key"
 msgstr "���˽�̾"
 
-#: g10/gpg.c:223
+#: g10/g10.c:305
 msgid "sign a key locally"
-msgstr "��������ˤƸ��˽�̾"
+msgstr "��������Ū�˽�̾"
 
-#: g10/gpg.c:224
+#: g10/g10.c:306
+msgid "sign a key non-revocably"
+msgstr "�˴��Ǥ��ʤ��褦���˽�̾"
+
+#: g10/g10.c:307
+msgid "sign a key locally and non-revocably"
+msgstr "�˴��Ǥ��ʤ��褦��������Ū�˽�̾"
+
+#: g10/g10.c:308
 msgid "sign or edit a key"
-msgstr "���ؤν�̾�ޤ����Խ�"
+msgstr "���ؤν�̾���Խ�"
 
-#: g10/gpg.c:225
+#: g10/g10.c:309
 msgid "generate a revocation certificate"
-msgstr "�˴�����������"
+msgstr "�˴������������"
 
-#: g10/gpg.c:226
+#: g10/g10.c:310
 msgid "export keys"
 msgstr "����񤭽Ф�"
 
-#: g10/gpg.c:227
+#: g10/g10.c:311
 msgid "export keys to a key server"
-msgstr "�������Ф˸�����Ͽ"
+msgstr "�������С��˸���񤭽Ф�"
 
-#: g10/gpg.c:228
+#: g10/g10.c:312
 msgid "import keys from a key server"
 msgstr "�������С����鸰���ɤ߹���"
 
-#: g10/gpg.c:232
+#: g10/g10.c:314
+msgid "search for keys on a key server"
+msgstr "�������С��θ��򸡺�����"
+
+#: g10/g10.c:316
+msgid "update all keys from a keyserver"
+msgstr "�������С����鸰��������������"
+
+#: g10/g10.c:320
 msgid "import/merge keys"
-msgstr "�����ɤ߹���/�ޡ���"
+msgstr "�����ɹ���/ʻ��"
 
-#: g10/gpg.c:234
+#: g10/g10.c:322
 msgid "list only the sequence of packets"
 msgstr "�ѥ��å���Τߤΰ���"
 
-#: g10/gpg.c:236
+#: g10/g10.c:324
 msgid "export the ownertrust values"
 msgstr "��ͭ�Ԥ��Ѥ����ͤ�񤭽Ф�"
 
-#: g10/gpg.c:238
+#: g10/g10.c:326
 msgid "import ownertrust values"
 msgstr "��ͭ�Ԥ��Ѥ����ͤ��ɤ߹���"
 
-#: g10/gpg.c:240
+#: g10/g10.c:328
 msgid "update the trust database"
 msgstr "���ѥǡ����١����򹹿�"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NAMES]|���ѥǡ����١���������å�"
+#: g10/g10.c:330
+msgid "unattended trust database update"
+msgstr "�����Ƥ��Ƥʤ����ѥǡ����١����򹹿�"
 
-#: g10/gpg.c:243
+#: g10/g10.c:331
 msgid "fix a corrupted trust database"
 msgstr "���줿���ѥǡ����١�������"
 
-#: g10/gpg.c:244
+#: g10/g10.c:332
 msgid "De-Armor a file or stdin"
-msgstr "�ե�����ޤ���ɸ�����Ϥ����ý���"
+msgstr ""
+"�ե�����ޤ���ɸ�����Ϥ�\n"
+"��������"
 
-#: g10/gpg.c:246
+#: g10/g10.c:334
 msgid "En-Armor a file or stdin"
-msgstr "�ե�����ޤ���ɸ�����Ϥ����ò�"
+msgstr "�ե�����ޤ���ɸ�����Ϥ�������"
 
-#: g10/gpg.c:248
+#: g10/g10.c:336
 msgid "|algo [files]|print message digests"
-msgstr "|algo [files]|��������������"
+msgstr "|���르�ꥺ�� [�ե�����]|��å�������������"
 
-#: g10/gpg.c:253
+#: g10/g10.c:340
 msgid ""
 "@\n"
 "Options:\n"
@@ -484,162 +527,247 @@ msgstr ""
 "���ץ����:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:342
 msgid "create ascii armored output"
-msgstr "���������������������"
+msgstr "ASCII���������������"
 
-#: g10/gpg.c:257
+#: g10/g10.c:344
 msgid "|NAME|encrypt for NAME"
-msgstr "|NAME|NAME �Ѥ˰Ź沽"
+msgstr "|̾��|��̾�����Ѥ˰Ź沽"
 
-#: g10/gpg.c:260
+#: g10/g10.c:347
 msgid "|NAME|use NAME as default recipient"
-msgstr "|NAME|�ǥե���Ȥμ����ԤȤ��� NAME ���Ѥ���"
+msgstr ""
+"|̾��|����μ����ԤȤ���\n"
+"��̾���פ����"
 
-#: g10/gpg.c:262
+#: g10/g10.c:349
 msgid "use the default key as default recipient"
-msgstr "�ǥե���Ȥμ����ԤȤ��ƥǥե���Ȥθ����Ѥ���"
+msgstr "����μ����Ԥ˴���θ������"
 
-#: g10/gpg.c:266
+#: g10/g10.c:355
 msgid "use this user-id to sign or decrypt"
-msgstr "��̾������� ���� user-id ���Ѥ���"
+msgstr ""
+"��̾������ˤ��Υ桼����id\n"
+"�����"
 
-#: g10/gpg.c:267
+#: g10/g10.c:356
 msgid "|N|set compress level N (0 disables)"
-msgstr "|N|���̥�٥�� N �����ꤹ�� (0 ���󰵽�)"
+msgstr ""
+"|N|���̥�٥��N������\n"
+"(0���󰵽�)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:358
 msgid "use canonical text mode"
-msgstr "ɸ��ƥ����ȥ⡼�ɤ��Ѥ���"
+msgstr "����ƥ����ȡ��⡼�ɤ����"
 
-#: g10/gpg.c:270
+#: g10/g10.c:365
 msgid "use as output file"
-msgstr "���ϥե�����Ȥ����Ѥ���"
+msgstr "���ϥե�����Ȥ��ƻ���"
 
-#: g10/gpg.c:271
+#: g10/g10.c:366
 msgid "verbose"
 msgstr "��Ĺ"
 
-#: g10/gpg.c:272
+#: g10/g10.c:367
 msgid "be somewhat more quiet"
 msgstr "����Ť�"
 
-#: g10/gpg.c:273
+#: g10/g10.c:368
 msgid "don't use the terminal at all"
-msgstr "ü������Ѥ��ʤ�"
+msgstr "ü�����Ի���"
 
-#: g10/gpg.c:274
+#: g10/g10.c:369
 msgid "force v3 signatures"
-msgstr "����Ū�� v3 ��̾����"
+msgstr "����Ū��v3��̾"
+
+#: g10/g10.c:370
+msgid "do not force v3 signatures"
+msgstr "v3��̾�������ʤ�"
+
+#: g10/g10.c:371
+msgid "force v4 key signatures"
+msgstr "����Ū��v4��̾"
+
+#: g10/g10.c:372
+msgid "do not force v4 key signatures"
+msgstr "v4��̾�������ʤ�"
 
-#: g10/gpg.c:275
+#: g10/g10.c:373
 msgid "always use a MDC for encryption"
-msgstr "�Ź沽�ˤϾ�� MDC �����"
+msgstr "�Ź沽�ˤϾ��MDC�����"
 
-#: g10/gpg.c:276
+#: g10/g10.c:375
+msgid "never use a MDC for encryption"
+msgstr "�Ź沽�ˤ����Ф�MDC����Ѥ��ʤ�"
+
+#: g10/g10.c:377
 msgid "do not make any changes"
-msgstr "���Ƥ��ѹ����Ѥ��ʤ�"
+msgstr "̵�ѹ�"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:379
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "gpg����������Ȥ����"
 
-#: g10/gpg.c:279
+#: g10/g10.c:382
 msgid "batch mode: never ask"
-msgstr "�Хå��⡼��: �䤤��碌��Ԥ�ʤ�"
+msgstr "�Хå����⡼��: ��ǧ��ά"
 
-#: g10/gpg.c:280
+#: g10/g10.c:383
 msgid "assume yes on most questions"
-msgstr "���Ƥμ���� yes �ȸ��ʤ�"
+msgstr ""
+"�����Ƥ��μ����������yes\n"
+"�Ȥߤʤ�"
 
-#: g10/gpg.c:281
+#: g10/g10.c:384
 msgid "assume no on most questions"
-msgstr "���Ƥμ���� no �ȸ��ʤ�"
+msgstr ""
+"�����Ƥ��μ����������no\n"
+"�Ȥߤʤ�"
 
-#: g10/gpg.c:282
+#: g10/g10.c:385
 msgid "add this keyring to the list of keyrings"
-msgstr "����󥰤ΰ����� ���θ���ä���"
+msgstr "���ؤΰ����ˤ��θ��ؤ��ɲ�"
 
-#: g10/gpg.c:283
+#: g10/g10.c:386
 msgid "add this secret keyring to the list"
-msgstr "������ ������̩����󥰤�ä���"
+msgstr "�����ˤ�����̩���ؤ��ɲ�"
 
-#: g10/gpg.c:284
+#: g10/g10.c:387
+msgid "show which keyring a listed key is on"
+msgstr "�����θ������븰�ؤ�ɽ��"
+
+#: g10/g10.c:388
 msgid "|NAME|use NAME as default secret key"
-msgstr "|NAME|�ǥե���Ȥ���̩���Ȥ��� NAME ���Ѥ���"
+msgstr ""
+"|̾��|�������̩���Ȥ���\n"
+"��̾���פ����"
 
-#: g10/gpg.c:285
+#: g10/g10.c:389
 msgid "|HOST|use this keyserver to lookup keys"
-msgstr "|HOST|���θ����� ���θ������Ф��Ѥ���"
+msgstr "|�ۥ���|���θ����ˤ��θ������С������"
 
-#: g10/gpg.c:286
+#: g10/g10.c:391
 msgid "|NAME|set terminal charset to NAME"
-msgstr "|NAME|ü����ʸ�������ɤ� NAME �����ꤹ��"
+msgstr ""
+"|CHARSET̾|ü����charset���CHARSET̾��\n"
+"������"
 
-#: g10/gpg.c:287
+#: g10/g10.c:392
 msgid "read options from file"
-msgstr "�ե����뤫�饪�ץ������ɤ߹���"
+msgstr ""
+"�ե����뤫�饪�ץ�����\n"
+"�ɤ߹���"
 
-#: g10/gpg.c:291
+#: g10/g10.c:396
 msgid "|FD|write status info to this FD"
-msgstr "|FD|���� FD �˾��֤�񤭽Ф�"
+msgstr ""
+"|�ե����뵭�һ�|���Υե����뵭�һҤ˾��֤�\n"
+"�񤭽Ф�"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
+#: g10/g10.c:398
+msgid "|[file]|write status info to file"
 msgstr ""
+"|�ե�����|���ơ����������ե������\n"
+"�񤭽Ф�"
+
+#: g10/g10.c:404
+msgid "|KEYID|ultimately trust this key"
+msgstr "|��ID|���θ�����Ū�˿��Ѥ���"
 
-#: g10/gpg.c:297
+#: g10/g10.c:405
 msgid "|FILE|load extension module FILE"
-msgstr "|FILE|��ĥ�⥸�塼�� FILE ���ɤߤ���"
+msgstr ""
+"|�ե�����|��ĥ�⥸�塼��Υե������\n"
+"�ɤ߹���"
 
-#: g10/gpg.c:298
+#: g10/g10.c:406
 msgid "emulate the mode described in RFC1991"
-msgstr "RFC1991 �˵��Ҥ��줿�⡼�ɤ��Ѥ���"
+msgstr ""
+"RFC1991�˵��Ҥ��줿�⡼�ɤ�\n"
+"����"
 
-#: g10/gpg.c:299
+#: g10/g10.c:407
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
-msgstr "���ƤΥѥ��åȤȰŹ�Ƚ�̾�Υ��ץ����� OpenPGP �ο��������"
+msgstr ""
+"�ѥ��åȤȰŹ�Ƚ�̾�Υ��ץ���\n"
+"�������OpenPGP��������"
+
+#: g10/g10.c:408
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr ""
+"�ѥ��åȤȰŹ������Υ��ץ���\n"
+"�������PGP 2.x��������"
 
-#: g10/gpg.c:300
+#: g10/g10.c:412
 msgid "|N|use passphrase mode N"
-msgstr "|N|�ѥ��ե졼���⡼�� N ���Ѥ���"
+msgstr "|N|�ѥ��ե졼�����⡼��N�����"
 
-#: g10/gpg.c:302
+#: g10/g10.c:414
 msgid "|NAME|use message digest algorithm NAME for passphrases"
-msgstr "|NAME|�ѥ��ե졼���˥�å��������󥢥르�ꥺ�� NAME ���Ѥ���"
+msgstr ""
+"|̾��|�ѥ��ե졼���ˡ�̾���פΥ��\n"
+"���������󥢥르�ꥺ������"
 
-#: g10/gpg.c:304
+#: g10/g10.c:416
 msgid "|NAME|use cipher algorithm NAME for passphrases"
-msgstr "|NAME|�ѥ��ե졼���˰Ź楢�르�ꥺ�� NAME ���Ѥ���"
+msgstr ""
+"|̾��|�ѥ��ե졼���ˡ�̾���פΰŹ�\n"
+"���르�ꥺ������"
 
-#: g10/gpg.c:305
+#: g10/g10.c:418
 msgid "|NAME|use cipher algorithm NAME"
-msgstr "|NAME|�Ź楢�르�ꥺ�� NAME ���Ѥ���"
+msgstr ""
+"|̾��|��̾���פΰŹ楢�르�ꥺ���\n"
+"����"
 
-#: g10/gpg.c:306
+#: g10/g10.c:419
 msgid "|NAME|use message digest algorithm NAME"
-msgstr "|NAME|��å��������󥢥르�ꥺ�� NAME ���Ѥ���"
+msgstr ""
+"|̾��|��̾���פΥ�å���������\n"
+"���르�ꥺ������"
 
-#: g10/gpg.c:307
+#: g10/g10.c:420
 msgid "|N|use compress algorithm N"
-msgstr "|NAME|���̥��르�ꥺ�� NAME ���Ѥ���"
+msgstr ""
+"|̾��|��̾���פΰ��̥��르�ꥺ���\n"
+"����"
 
-#: g10/gpg.c:308
+#: g10/g10.c:421
 msgid "throw keyid field of encrypted packets"
-msgstr "�Ź�ѥ��åȤθ� ID �ե�����ɤ����Ф���"
+msgstr ""
+"�Ź�ѥ��åȤθ�ID�ե������\n"
+"������"
+
+#: g10/g10.c:422
+msgid "Show Photo IDs"
+msgstr "�ե���ID��ɽ��"
+
+#: g10/g10.c:423
+msgid "Don't show Photo IDs"
+msgstr "�ե���ID��ɽ�����ʤ�"
 
-#: g10/gpg.c:309
+#: g10/g10.c:424
+msgid "Set command line to view Photo IDs"
+msgstr ""
+"�ե���ID��������륳�ޥ�ɹ�\n"
+"������"
+
+#: g10/g10.c:425
 msgid "|NAME=VALUE|use this notation data"
-msgstr "|NAME=VALUE|��������ǡ������Ѥ���"
+msgstr "|̾��=��|��������ǡ��������"
 
-#: g10/gpg.c:312
+#: g10/g10.c:428
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
+"@\n"
+"(���ޥ�ɤȥ��ץ���������ΰ����ϡ�\n"
+"�ޥ˥奢�롦�ڡ���������������)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:431
 msgid ""
 "@\n"
 "Examples:\n"
@@ -653,31 +781,31 @@ msgstr ""
 "@\n"
 "��:\n"
 "\n"
-" -se -r Bob [file]          �桼�� Bob �ؤν�̾�ȰŹ沽\n"
-" --clearsign [file]         ���ꥢ��̾������\n"
-" --detach-sign [file]       ʬΥ��̾������\n"
-" --list-keys [names]        ����ɽ��\n"
-" --fingerprint [names]      �����ɽ��\n"
+" -se -r Bob [�ե�����]      �桼����Bob�ؤν�̾�ȰŹ沽\n"
+" --clearsign [�ե�����]     ���ꥢ��̾������\n"
+" --detach-sign [�ե�����]   ʬΥ��̾������\n"
+" --list-keys [̾��]         ����ɽ��\n"
+" --fingerprint [̾��]       �����ɽ��\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:567
 msgid "Please report bugs to <[email protected]>.\n"
-msgstr "�Х��򸫤Ĥ����� <[email protected]> �ޤǥ�ݡ��Ȥ����äƲ�������\n"
+msgstr "�Х��򸫤Ĥ����� <[email protected]> �ޤǤ���𤯤�������\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:571
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "�Ȥ���: gpg [���ץ����] [�ե�����] (�إ�פ� -h)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:574
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
 "default operation depends on the input data\n"
 msgstr ""
-"��: gpg [options] [files]\n"
-"��̾�����ڡ��Ź沽���ޤ��� ����\n"
-"�ǥե���Ȥ�ư������ϥǡ����˰�¸\n"
+"��: gpg [���ץ����] [�ե�����]\n"
+"��̾�����ڡ��Ź沽������\n"
+"�����ư��ϡ����ϥǡ����˰�¸\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:585
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -685,627 +813,687 @@ msgstr ""
 "\n"
 "���ݡ��Ȥ��Ƥ��륢�르�ꥺ��:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:659
 msgid "usage: gpg [options] "
-msgstr "�Ȥ���: gpg [options] "
+msgstr "�Ȥ���: gpg [���ץ����] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:716
 msgid "conflicting commands\n"
 msgstr "���ޥ�ɤξ���\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:891
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
-msgstr "����: �ǥե���ȥ��ץ����ե����� `%s' ������ޤ���\n"
+msgstr "����: ����Υ��ץ���󡦥ե�����`%s'������ޤ���\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:895
 #, c-format
 msgid "option file `%s': %s\n"
-msgstr "���ץ����ե����� `%s': %s\n"
+msgstr "���ץ���󡦥ե�����`%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:902
 #, c-format
 msgid "reading options from `%s'\n"
-msgstr "`%s' ���饪�ץ������ɤ߹��ߤޤ�\n"
+msgstr "`%s'���饪�ץ������ɤ߹��ߤޤ�\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1185
 #, c-format
 msgid "%s is not a valid character set\n"
-msgstr "%s ��������ʸ�������ɤǤϤ���ޤ���\n"
+msgstr "%s��������ʸ������ǤϤ���ޤ���\n"
+
+#: g10/g10.c:1202
+msgid "could not parse keyserver URI\n"
+msgstr "�������С���URI�������ǽ\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1216
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "exec-path��%s��������ǽ\n"
+
+#: g10/g10.c:1239 g10/g10.c:1255
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "�ٹ�: %s��ȿ�Ф���Ƥ��륪�ץ����Ǥ���\n"
+
+#: g10/g10.c:1241 g10/g10.c:1258
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "\"--keyserver-options %s\"������˻ȤäƤ�������\n"
+
+#: g10/g10.c:1329
 msgid "WARNING: program may create a core file!\n"
-msgstr "�ٹ�: �ץ������ϥ����ե������������ޤ�!\n"
+msgstr "�ٹ�: �ץ������Υ������ե����뤬�Ǥ��뤳�Ȥ�����ޤ�!\n"
+
+#: g10/g10.c:1333
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "�ٹ�: %s��%s���ͥ��\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1340 g10/g10.c:1351
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
-msgstr "����: %s ���̾���Ѥ��ޤ���!\n"
+msgstr "����: ����%s���Ѥ��ޤ���!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1342 g10/g10.c:1362
 #, c-format
 msgid "%s not allowed with %s!\n"
-msgstr "%s �� %s �ȶ����Ѥ��뤳�ȤϤǤ��ޤ���!\n"
+msgstr "%s��%s�ȤȤ���Ѥ��뤳�ȤϤǤ��ޤ���!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1345
 #, c-format
 msgid "%s makes no sense with %s!\n"
-msgstr "%s �� %s �ȶ����Ѥ��Ƥ��̣������ޤ���!\n"
+msgstr "%s��%s�ȤȤ���Ѥ��Ƥ�̵��̣�Ǥ�!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1371
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr "--pgp2�⡼�ɤǤ�ʬΥ��̾�����ꥢ��̾���������Ǥ��ޤ���\n"
+
+#: g10/g10.c:1377
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "--pgp2�⡼�ɤǤϽ�̾�ȰŹ��Ʊ���ˤǤ��ޤ���\n"
+
+#: g10/g10.c:1383
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr "--pgp2����ꤷ���顢(�ѥ��פǤʤ�) �ե��������ꤻ�ͤФʤ�ޤ���\n"
+
+#: g10/g10.c:1396
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr "--pgp2�⡼�ɤΥ�å������Ź沽�Ǥ�IDEA�Ź椬�׵ᤵ��ޤ� \n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1410 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "���Υ�å�������PGP 2.x�Ǥϻ��ѤǤ��ʤ����⤷��ޤ���\n"
+
+#: g10/g10.c:1451 g10/g10.c:1463
 msgid "selected cipher algorithm is invalid\n"
 msgstr "���򤵤줿�Ź楢�르�ꥺ���̵���Ǥ�\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1457 g10/g10.c:1469
 msgid "selected digest algorithm is invalid\n"
 msgstr "���򤵤줿���󥢥르�ꥺ���̵���Ǥ�\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "Ϳ����줿�ݥꥷ�� URL ��̵���Ǥ�\n"
+#: g10/g10.c:1473
+msgid "the given signature policy URL is invalid\n"
+msgstr "��������줿��̾�ݥꥷ��URL��̵���Ǥ�\n"
+
+#: g10/g10.c:1477
+msgid "the given certification policy URL is invalid\n"
+msgstr "��������줿������ݥꥷ��URL��̵���Ǥ�\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1480
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
-msgstr "���̥��르�ꥺ��� %d..%d ���ϰϤǤʤ���Фʤ�ޤ���\n"
+msgstr "���̥��르�ꥺ���%d..%d���ϰϤǤʤ���Фʤ�ޤ���\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1482
 msgid "completes-needed must be greater than 0\n"
-msgstr "completes-needed �� 0 ����礭���ͤ�ɬ�פǤ�\n"
+msgstr "completes-needed�������ͤ�ɬ�פǤ�\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1484
 msgid "marginals-needed must be greater than 1\n"
-msgstr "marginals-needed �� 1 ����礭���ͤ�ɬ�פǤ�\n"
+msgstr "marginals-needed��1����礭���ͤ�ɬ�פǤ�\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1486
 msgid "max-cert-depth must be in range 1 to 255\n"
-msgstr "max-cert-depth �� 1 ���� 255 ���ϰϤǤʤ���Фʤ�ޤ���\n"
+msgstr "max-cert-depth��1����255���ϰϤǤʤ���Фʤ�ޤ���\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1489
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
-msgstr "����: ñ��� S2K �⡼�� (0) �λ��Ѥˤ϶���ȿ�Ф��ޤ�\n"
+msgstr "����: ñ���S2K�⡼��(0)�λ��Ѥˤ϶���ȿ�Ф��ޤ�\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1493
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
-msgstr "̵���� S2K �⡼�ɡ�0, 1 �ޤ��� 3 �Ǥʤ���Фʤ�ޤ���\n"
+msgstr "̵����S2K�⡼�ɡ�0��1��3�Ǥʤ���Фʤ�ޤ���\n"
+
+#: g10/g10.c:1497
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "̵����default-check-level��0��1��2��3�Ǥʤ���Фʤ�ޤ���\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1500
+msgid "invalid preferences\n"
+msgstr "̵����ͥ����\n"
+
+#: g10/g10.c:1594
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "���ѥǡ����١����ν�����˼��Ԥ��ޤ���: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1614
 msgid "--store [filename]"
 msgstr "--store [�ե�����̾]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1621
 msgid "--symmetric [filename]"
 msgstr "--symmetric [�ե�����̾]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1629
 msgid "--encrypt [filename]"
 msgstr "--encrypt [�ե�����̾]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1646
 msgid "--sign [filename]"
 msgstr "--sign [�ե�����̾]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1659
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [�ե�����̾]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1673
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [�ե�����̾]"
+
+#: g10/g10.c:1682
 msgid "--clearsign [filename]"
 msgstr "--clearsign [�ե�����̾]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1700
 msgid "--decrypt [filename]"
 msgstr "--decrypt [�ե�����̾]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1711
 msgid "--sign-key user-id"
-msgstr "--sign-key user-id"
+msgstr "--sign-key �桼����id"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1719
 msgid "--lsign-key user-id"
-msgstr "--lsign-key user-id"
+msgstr "--lsign-key �桼����id"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key user-id [���ޥ��]"
+#: g10/g10.c:1727
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key �桼����id"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key user-id"
+#: g10/g10.c:1735
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key �桼����id"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key user-id"
+#: g10/g10.c:1743
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key �桼����id [���ޥ��]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1799 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
-msgstr "%s �������ޤ���: %s\n"
+msgstr "%s�������ޤ���: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1814
 msgid "-k[v][v][v][c] [user-id] [keyring]"
-msgstr "-k[v][v][v][c] [user-id] [�����]"
+msgstr "-k[v][v][v][c] [�桼����id] [����]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1897
 #, c-format
 msgid "dearmoring failed: %s\n"
-msgstr "���ý���˼���: %s\n"
+msgstr "��������˼��Ԥ��ޤ���: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1905
 #, c-format
 msgid "enarmoring failed: %s\n"
-msgstr "���ò��˼���: %s\n"
+msgstr "�����˼��Ԥ��ޤ���: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:1992
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
-msgstr "�ϥå��奢�르�ꥺ�� `%s' ��̵���Ǥ�\n"
+msgstr "̵���ʥϥå��塦���르�ꥺ��`%s'�Ǥ�\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2078
 msgid "[filename]"
 msgstr "[�ե�����̾]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2082
 msgid "Go ahead and type your message ...\n"
-msgstr "���Ϥ��ޤ�����å������򥿥��פ��Ʋ����� ...\n"
+msgstr "���Ϥ��ޤ�����å������򥿥��פ��Ƥ������� ...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2085 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
-msgstr "`%s' �������ޤ���\n"
+msgstr "`%s'�������ޤ���\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2294
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr "����̾����Ƭ��ʸ�����������������(_)�Ǥʤ���Фʤ�ޤ���\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2300
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
 msgstr ""
-"����̾�ˤ�ʸ�����������ɥåȡ��������������(_)�Τߤ��Ѥ���'=' "
-"��ȼ��ʤ���Фʤ�ޤ���\n"
+"����̾�ˤ�ʸ�����������ɥåȡ���������������Τߤ��Ѥ���\n"
+"'='�ǽ����ʤ���Фʤ�ޤ���\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2306
 msgid "dots in a notation name must be surrounded by other characters\n"
-msgstr "����̾�ΥɥåȤ�¾��ʸ���ǰϤޤ�ʤ���Фʤ�ޤ���\n"
+msgstr "����̾�ΥɥåȤ�¾��ʸ���ǰϤޤʤ���Фʤ�ޤ���\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2314
 msgid "a notation value must not use any control characters\n"
 msgstr "����̾���ͤ�����ʸ�����Ѥ��ƤϤ����ޤ���\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
-msgstr "����: %s\n"
+msgstr "����: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
-msgstr "̵�������åإå�: "
+msgstr "̵���������إå���: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
-msgstr "���åإå�: "
+msgstr "�����إå���: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
-msgstr "̵���ʥ��ꥢ��̾�إå�\n"
+msgstr "̵���ʥ��ꥢ��̾�إå���\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
-msgstr "�ͥ��Ȥ��줿���ꥢ��̾\n"
+msgstr "����ҤΥ��ꥢ��̾\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "̵���ʥ��å���ǥ��������פ��줿��: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
-msgstr "ͽ�����ʤ�����:"
+msgstr "ͽ����������:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
-msgstr "̵���� radix64 ʸ�� %02x �򥹥��åפ��ޤ�\n"
+msgstr "̵����64��ʸ��%02x��ȤФ��ޤ�\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
-msgstr "eof ���᤹���ޤ� (CRC ������ޤ���)\n"
+msgstr "�ե������������᤹���ޤ� (CRC������ޤ���)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
-msgstr "eof ���᤹���ޤ� (CRC ����ˤ���ޤ�)\n"
+msgstr "�ե������������᤹���ޤ� (CRC����ˤ���ޤ�)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
-msgstr "CRC �ν񼰤�����������ޤ���\n"
+msgstr "CRC�ν񼰤�����������ޤ���\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
-msgstr "CRC ���顼; %06lx - %06lx\n"
+msgstr "CRC���顼��%06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
-msgstr "eof ���᤹���ޤ� (Trailer ����ˤ���ޤ�)\n"
+msgstr "�ե������������᤹���ޤ� (����������ˤ���ޤ�)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
-msgstr "Trailer �Ԥ˥��顼������ޤ�\n"
+msgstr "�����ιԤ˥��顼������ޤ�\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
-msgstr "ͭ���� OpenPGP �ǡ��������Ĥ���ޤ���\n"
+msgstr "ͭ����OpenPGP�ǡ��������Ĥ���ޤ���\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
-msgstr "̵��������: �Ԥ�Ĺ���� %d ʸ����ۤ��Ƥ��ޤ�\n"
+msgstr "̵��������: �Ԥ�Ĺ����%dʸ����Ķ���Ƥ��ޤ�\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
-"���ä���� quoted printable ʸ��������ޤ��������餯�Х��Τ��� MTA "
-"�����Ѥ��줿�ΤǤ��礦\n"
-
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "             ����:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "����:"
+"��������� quoted printable ʸ��������ޤ��������餯�Х��Τ���\n"
+"MTA����Ѥ����ΤǤ��礦\n"
 
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
-msgstr ""
+msgstr "��ͳ�ϻ��ꤵ��Ƥ��ޤ���"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
-msgstr "�����ݸ��Ƥ��ޤ���\n"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "�����Ȥ꤫��äƤ��ޤ�"
 
-#: g10/pkclist.c:121
-#, fuzzy
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
-msgstr "���θ��ϻ����ԲĤ����ꤵ��Ƥ��ޤ�"
+msgstr "�����ѥ����ޤ���"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
-msgstr ""
+msgstr "���Ϥ⤦�Ȥ��Ƥ��ޤ���"
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
-msgstr ""
+msgstr "�桼����ID���⤦ͭ���Ǥ���ޤ���"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
-msgstr ""
+msgstr "�˴���ͳ: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
-msgstr ""
+msgstr "Ŭ��: "
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMqQsS"
 
-#: g10/pkclist.c:308
+#: g10/pkclist.c:258
 #, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
-"%lu �˿����٤����ꤵ��Ƥ��ޤ���:\n"
+"�����٤����ꤵ��Ƥ��ޤ���:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
-msgstr ""
-"¾�Υ桼���θ������������ڤ��뤿��ˡ����Υ桼���ο����٤���Ʋ�����\n"
-"(�ѥ��ݡ��Ȥ򸫤��Ƥ��ä��ꡢ¾������������Ⱦȹ礷����...)?\n"
+msgstr ""
+"¾�Υ桼�����θ������������ڤ��뤿��ˡ����Υ桼�����ο����٤����\n"
+"��������(�ѥ��ݡ��Ȥ򸫤��Ƥ��ä��ꡢ¾������������Ⱦȹ礷����...)?\n"
 "\n"
-" 1 = ̤��\n"
-" 2 = ���Ѥ��ʤ�\n"
-" 3 = �������ٿ��Ѥ���\n"
-" 4 = �����˿��Ѥ���\n"
-" s = ���ܤ�������򸫤�\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = ̤��\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = ���Ѥ� �ʤ�\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = �������ٿ��Ѥ���\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = �����˿��Ѥ���\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = ����Ū�˿��Ѥ���\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = ���ܤ�������򸫤�\n"
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
-msgstr " m = �ᥤ���˥塼�����\n"
+msgstr " m = �᡼�󡦥�˥塼�����\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = ���θ��ϤȤФ�\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = ��λ\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "���ʤ��η����? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "�����ˤ��θ�������Ū�˿��Ѥ��ޤ���? "
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "����Ū�˿��Ѥ������ؤξ�����:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"���ؤ�ͭ���ʿ��ѤΥѥ������Ĥ���ޤ��󡣷礱�Ƥ���ͤο����٤�\n"
-"����Ǥ��ʤ����ɤ�����Ĵ�٤ޤ��礦��\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"�桹�θ��ػ��ѥ�������ޤ���\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"�����٤�̤����ξ�����Ϥ���ޤ���\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"�����٤��ѹ��Ϥ���ޤ���\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
-msgstr "�� %08lX: �����˴��ѤߤǤ�!\n"
+msgstr "��%08lX: �����˴��ѤߤǤ�!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
-msgstr "����Ǥ� ���θ���Ȥ��ޤ���? "
+msgstr "����Ǥ⤳�θ���Ȥ��ޤ���? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
-msgstr "�� %08lX: �������˴��ѤߤǤ�!\n"
+msgstr "��%08lX: �������˴��ѤߤǤ�!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
-msgstr "�� %08lX: ���ϴ����ڤ�Ǥ�!\n"
+msgstr "��%08lX: ���ϴ����ڤ�Ǥ�\n"
 
-#: g10/pkclist.c:519
+#: g10/pkclist.c:442
 #, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: �����٤�׻�������󤬤���ޤ���\n"
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr "%08lX: ���θ����ܿͤΤ�Τ��ɤ����θ��ڼ��ʤ�����ޤ���\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
-msgstr "%08lX: ���θ��Ͽ��ѤǤ��ޤ���\n"
+msgstr "%08lX: ���θ��Ͽ��ѤǤ��� ����\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
 "but it is accepted anyway\n"
-msgstr "%08lX: ���θ��ϼºݤ��ܿͤΤ�Τ��������Ǥ���������Ǥ��������ޤ�\n"
+msgstr ""
+"%08lX: ���θ��ϼºݤ��ܿͤΤ�Τ��������Ǥ�����\n"
+"���������������ޤ�\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "���θ��Ϥ��֤��ܿͤΤ�ΤǤ�\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "���θ��ϲ桹�Τ�ΤǤ�\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
 "the next question with yes\n"
 "\n"
 msgstr ""
-"���θ����ܿͤΤ�Τ��ɤ����ο��Ǥ��ޤ���\n"
+"���θ����ܿͤΤ�Τ��ɤ����ο��Ǥ��� ����\n"
 "������Ԥ����Ȥ� *�μ¤�* ���򤷤Ƥ��ʤ����ˤϡ�\n"
-"���μ���ˤ� no �������Ƥ���������\n"
+"���μ���ˤ�no�������Ƥ���������\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "�ٹ�: ���ѤǤ��ʤ������Ѥ��Ƥ��ޤ�!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "�ٹ�: ���θ����ܿͤˤ�ä��˴�����Ƥ��ޤ�!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
-msgstr "         ��̾�ϵ�ʪ���Ȼפ��ޤ���\n"
+msgstr "      ��̾����ʪ�ʤ��Ȥ⤢�롢�Ȥ������ȤǤ���\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "�ٹ�: �����������ܿͤˤ�ä��˴�����Ƥ��ޤ�!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "����: ���θ��ϻ��Ѷػߤ����ꤵ��Ƥ��ޤ���\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "����: ���θ��ϴ����ڤ�Ǥ�!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
-msgstr "�ٹ�: ���θ��Ͽ��ѤǤ����̾�ˤ�äƾ�������Ƥ��ޤ���!\n"
+msgstr "�ٹ�: ���θ��Ͽ��ѤǤ����̾�Ǿ�������Ƥ��ޤ���!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
-msgstr "         ���ν�̾���ܿͤΤ�Τ��ɤ����θ��ڼ��ʤ�����ޤ���\n"
+msgstr "      ���ν�̾���ܿͤΤ�Τ��ɤ����θ��ڼ��ʤ�����ޤ���\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
-msgstr "�ٹ�: ���θ��Ͽ��ѤǤ��ޤ���!\n"
+msgstr "�ٹ�: ���θ��Ͽ��ѤǤ��� ����!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
-msgstr "         ���ν�̾�Ϥ����餯 ��ʪ �Ǥ���\n"
+msgstr "      ���ν�̾�Ϥ����餯 ��ʪ �Ǥ���\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
-msgstr "�ٹ�: ���θ��Ͻ�ʬ�˿��ѤǤ����̾�ˤ�äƾ�������Ƥ��ޤ���!\n"
+msgstr "�ٹ�: ���θ��Ͻ�ʬ�˿��ѤǤ����̾�Ǿ�������Ƥ��ޤ���!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
-msgstr "         ���ν�̾���ܿͤΤ�Τ��ɤ����ο��Ǥ��ޤ���\n"
+msgstr "      ���ν�̾���ܿͤΤ�Τ��ɤ����ο��Ǥ��ޤ���\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: �����å�: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: �����å�: �������ϴ��ˤ���ޤ�\n"
 
-#: g10/pkclist.c:855
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr "�桼����ID����ꤷ�Ƥ��ޤ��� (��-r�פ��Ѥ��ޤ��礦) ��\n"
+
+#: g10/pkclist.c:762
 msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
 "\n"
-msgstr "�桼�� ID �����ꤵ��Ƥ��ޤ���(\"-r\" ���Ѥ����Ǥ��礦)��\n"
-
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "�桼�� ID ������: "
+"Enter the user ID.  End with an empty line: "
+msgstr "\n�桼����ID�����ϡ����Ԥǽ�λ: "
 
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
-msgstr "���Υ桼�� ID �Ϥ���ޤ���\n"
+msgstr "���Υ桼����ID�Ϥ���ޤ���\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
-msgstr "�����å�: �������ϥǥե���Ȥμ����Ԥ����ꤵ��Ƥ��ޤ�\n"
+msgstr "�����å�: �������ϴ���μ����ԤȤ�������ѤߤǤ�\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
-msgstr "��������̵�뤷�ޤ�����\n"
+msgstr "�������ϻ��ѶػߤǤ���\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "�����å�: �������ϴ��� --encrypt-to �ˤ����ꤵ��Ƥ��ޤ�\n"
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "�����å�: ������������ѤߤǤ�\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
-msgstr "�ǥե���Ȥμ����� `%s' �����Ĥ���ޤ���\n"
-
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: ���Υ��顼: %s\n"
+msgstr "����μ�����`%s'�����Ĥ���ޤ���\n"
 
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
-msgstr "%s: �����å�: ��������̵�뤷�ޤ���\n"
+msgstr "%s: �����å�: �������ϻ��ѶػߤǤ�\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "ͭ���ʥ��ɥ쥹������ޤ���\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "����%c%lu��ͭ���ǤϤ���ޤ���\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "����%c%lu�ν�ʣ\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "¿������`%c'����\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "����ʸ�����̵����ʸ��������ޤ�\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "���ʽ�̾��񤭹��ߤޤ�\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "��̾���б����븰��񤭹��ߤޤ�\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
-#, fuzzy, c-format
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
 msgid "keysize invalid; using %u bits\n"
-msgstr "�׵ᤵ�줿���������� %u �ӥå�\n"
+msgstr "̵���ʸ���������%u�ӥåȤˤ��ޤ�\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
-#, fuzzy, c-format
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
 msgid "keysize rounded up to %u bits\n"
-msgstr "%u �ӥåȤ˴ݤ�ޤ�\n"
+msgstr "����������%u�ӥåȤ˴ݤ�ޤ�\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
-msgstr "���μ�������򤷤Ʋ�����:\n"
+msgstr "�����ʸ��μ�������򤷤Ƥ�������:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
-msgstr "   (%d) DSA �� ElGamal (�ǥե����)\n"
+msgstr "   (%d) DSA��ElGamal (����)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (��̾�Τ�)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (�Ź沽�Τ�)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (��̾�ȰŹ沽)\n"
 
-#: g10/keygen.c:643
-#, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (��̾�ȰŹ沽)\n"
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (��̾�Τ�)\n"
+
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (�Ź沽�Τ�)\n"
 
-#: g10/keygen.c:647
+#: g10/keyedit.c:508 g10/keygen.c:789
 msgid "Your selection? "
-msgstr "�ɤ�����Ӥޤ���? "
+msgstr "�ɤ�ˤ��ޤ���? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "�����˽�̾�ȰŹ��Ѥθ�����ޤ���? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "���Υ��르�ꥺ���ȿ�Ф���Ƥ��ޤ� - ����Ǥ���ޤ���? "
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:521 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "̵��������Ǥ���\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1313,27 +1501,26 @@ msgid ""
 "              default keysize is 1024 bits\n"
 "    highest suggested keysize is 2048 bits\n"
 msgstr ""
-"������ %s ���ڥ��������ˤĤ���\n"
-"             �Ǿ��θ��������� is  768 �ӥå�\n"
-"          �ǥե���Ȥθ��������� 1024 �ӥå�\n"
-"                ����θ��������� 2048 �ӥå�\n"
+"������%s���Ф��������ޤ���\n"
+"             �Ǿ��θ�Ĺ��  768 �ӥå�\n"
+"             ����θ�Ĺ�� 1024 �ӥå�\n"
+"         ����ο侩��Ĺ�� 2048 �ӥå�\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
-msgstr "�ɤθ������������򤷤ޤ���? (1024) "
+msgstr "�ɤθ�Ĺ�ˤ��ޤ���? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
-msgstr "DSA �θ��������� 512 ���� 1024 �ޤǤǤ�\n"
-
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "�������������������ޤ�; 768 ���Ǿ��Ǥ���\n"
+msgstr "DSA�θ�Ĺ��512����1024�ޤǤǤ�\n"
 
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
-msgstr "�������������������ޤ�; 768 ���Ǿ��Ǥ���\n"
+msgstr "��Ĺ�����������ޤ���RSA�ϺǾ��Ǥ�1024�Ǥ���\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr "��Ĺ�����������ޤ����Ǿ��Ǥ�768�Ǥ���\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
 #. * GnuPG can handle much larger sizes; but it takes an eternity
@@ -1343,46 +1530,42 @@ msgstr "�������������������ޤ�; 768 ���Ǿ��Ǥ���\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
-msgstr "�����������礭�����ޤ�; %d ������Ǥ���\n"
+msgstr "��Ĺ���礭�����ޤ���%d������Ǥ���\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
 msgstr ""
-"2048 �ʾ�θ��������ϡ��׻����֤� ���� Ĺ���ʤ�Τ�\n"
+"2048����礭�ʸ�Ĺ�ϡ��׻����֤� ���� Ĺ���ʤ�Τ�\n"
 "�侩���ޤ���!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
-msgstr "���θ����������������ɤ��Ǥ���? "
+msgstr "���θ�Ĺ�������ˤ����Ǥ���? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
 msgstr ""
-"�狼��ޤ����������������ʤ��Υ�˥����䥭���ܡ������Ϥϡ�������Ф��� "
-"�������餱�Ǥ��뤳�Ȥ򿴤�α��Ƥ����Ʋ�����!\n"
-
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "���ʤ��������ˤ��Τ褦��Ĺ������ɬ�פǤ���? "
+"�狼��ޤ����������������ʤ��Υ�˥����䥭���ܡ������Ϥϡ�\n"
+"����ˤ��������ȼ�Ǥ��뤳�Ȥ򿴤�α��Ƥ����Ƥ�������!\n"
 
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
-msgstr "�׵ᤵ�줿���������� %u �ӥå�\n"
+msgstr "�׵ᤵ�줿��Ĺ��%u�ӥå�\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
-msgstr "%u �ӥåȤ˴ݤ�ޤ�\n"
+msgstr "%u�ӥåȤ˴ݤ�ޤ�\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1391,32 +1574,53 @@ msgid ""
 "      <n>m = key expires in n months\n"
 "      <n>y = key expires in n years\n"
 msgstr ""
-"���δ��¤���Ʋ�����\n"
+"���δ��¤���Ƥ���������\n"
+"         0 = ̵����\n"
+"      <n>  = ͭ������ n ����\n"
+"      <n>w = ͭ������ n ����\n"
+"      <n>m = ͭ������ n �����\n"
+"      <n>y = ͭ������ n ǯ��\n"
+
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"��̾�δ��¤���Ƥ���������\n"
 "         0 = ̵����\n"
-"      <n>  = ͭ������ n ��\n"
+"      <n>  = ͭ������ n ����\n"
 "      <n>w = ͭ������ n ����\n"
-"      <n>m = ͭ������ n ��\n"
-"      <n>y = ͭ������ n ǯ\n"
+"      <n>m = ͭ������ n �����\n"
+"      <n>y = ͭ������ n ǯ��\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
-msgstr "����ͭ������? (0)"
+msgstr "����ͭ�����֤�? (0)"
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "��̾��ͭ�����֤�? (0)"
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "̵������\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "����̵���¤Ǥ�\n"
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s��̵���¤Ǥ�\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
+#: g10/keygen.c:992
 #, c-format
-msgid "Key expires at %s\n"
-msgstr "���� %s �ˤƴ����ڤ�ˤʤ�ޤ�\n"
+msgid "%s expires at %s\n"
+msgstr "%s��%s�ˤƴ����ڤ�ˤʤ�ޤ�\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1424,11 +1628,11 @@ msgstr ""
 "���Υ����ƥ�Ǥϡ�2038ǯ�ʹߤ����դ�ɽ���Ǥ��ޤ��󤬡�\n"
 "2106ǯ�ޤǤʤ������������Ǥ��ޤ���\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
-msgstr "������ɤ��Ǥ��� (y/n)? "
+msgstr "����Ǥ����Ǥ��� (y/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1438,1871 +1642,2155 @@ msgid ""
 "\n"
 msgstr ""
 "\n"
-"���ʤ��θ����̤��뤿��� �桼�� ID ��ɬ�פǤ���\n"
-"���Υ��եȤ���̾�����ᡢ�Żҥ᡼�륢�ɥ쥹���顢���ν񼰤ǥ桼�� ID "
-"��������ޤ�:\n"
+"���ʤ��θ���Ʊ�ꤹ�뤿��˥桼����ID��ɬ�פǤ���\n"
+"���Υ��եȤ���̾�������ȡ��Żҥ᡼�롦���ɥ쥹����\n"
+"���ν񼰤ǥ桼����ID�������ޤ�:\n"
 "    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "��̾: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "̾����̵����ʸ��������ޤ�\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
-msgstr "̾���Ͽ����ǻϤޤäƤϤ����ޤ���\n"
+msgstr "̾��������ǻϤ�ƤϤ����ޤ���\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
-msgstr "̾���� 5 ʸ���ʾ�Ǥʤ���Фʤ�ޤ���\n"
+msgstr "̾����5ʸ���ʾ�Ǥʤ���Фʤ�ޤ���\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
-msgstr "�Żҥ᡼�륢�ɥ쥹: "
+msgstr "�Żҥ᡼�롦���ɥ쥹: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
-msgstr "ͭ�����Żҥ᡼�륢�ɥ쥹�ǤϤ���ޤ���\n"
+msgstr "ͭ�����Żҥ᡼�롦���ɥ쥹�ǤϤ���ޤ���\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
-msgstr "����: "
+msgstr "������: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
-msgstr "�����̵����ʸ��������ޤ�\n"
+msgstr "�����Ȥ�̵����ʸ��������ޤ�\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
-msgstr "���ʤ���ʸ�������� `%s' ��ȤäƤ��ޤ���\n"
+msgstr "���ʤ���ʸ������`%s'��ȤäƤ��ޤ���\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
 "    \"%s\"\n"
 "\n"
 msgstr ""
-"���Υ桼�� ID �����ꤷ�ޤ���:\n"
+"���Υ桼����ID�����ꤷ�ޤ���:\n"
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
-msgstr ""
+msgstr "�Żҥ᡼��Υ��ɥ쥹����̾�䥳���Ȥ�����ʤ��褦��\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnCcEeOoQq"
 
-#: g10/keygen.c:986
-#, fuzzy
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
-msgstr "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
+msgstr "̾��(N)��������(C)���Żҥ᡼��(E)���ѹ����ޤ��Ͻ�λ(Q)? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
-msgstr "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
+msgstr "̾��(N)��������(C)���Żҥ᡼��(E)���ѹ����ޤ���OK(O)����λ(Q)? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
-msgstr ""
+msgstr "�ޤ����顼�������Ƥ�������\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
 msgstr ""
-"��̩�����ݸ�뤿��˥ѥ��ե졼����ɬ�פǤ���\n"
+"��̩�����ݸ�뤿��˥ѥ��ե졼��������ޤ���\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr "�ѥ��ե졼�����ۤʤ�ޤ����⤦�������ꤷ�Ʋ�������\n"
+#: g10/keyedit.c:696 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "�ѥ��ե졼��������ȷ����֤��Ƥ��ޤ��󡣺����Ϥ��Ƥ�������"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
 "using this program with the option \"--edit-key\".\n"
 "\n"
 msgstr ""
-"�ѥ��ե졼������ɬ�פʤ褦�Ǥ���������ϰ����ͤ��Ǥ�!\n"
-"³�Ԥ��ޤ����ѥ��ե졼���ϡ����Υץ������� \"--edit-key\" \n"
-"���ץ����ˤ�äơ����ĤǤ��ѹ��Ǥ��ޤ���\n"
+"�ѥ��ե졼������ɬ�פʤ褦�Ǥ����������餯����Ϥ����ʹͤ��Ǥ�\n"
+"����ޤ���! ��������³�Ԥ��ޤ����ѥ��ե졼���ϡ����Υץ������\n"
+"�Ρ�--edit-key�ץ��ץ����Ǥ��ĤǤ��ѹ��Ǥ��ޤ���\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
 "disks) during the prime generation; this gives the random number\n"
 "generator a better chance to gain enough entropy.\n"
 msgstr ""
-"������Ĺ��������������ޤ��������ܡ��ɤ��ǤĤȤ����ޥ�����ư�����Ȥ���\n"
-"�ǥ������˥�����������ʤɤ�¾�ι�ư��Ʊ���˹Ԥ��ȡ�����������֤ˤ�\n"
-"�𻨤����礭���ɤ�������������䤹���ʤ�ޤ��Τǡ������ᤷ�ޤ���\n"
+"������Ĺ��������������ޤ��������ܡ��ɤ��ǤĤȤ����ޥ�����ư����\n"
+"�Ȥ����ǥ������˥�����������Ȥ���¾�Τ��Ȥ򤹤�ȡ���������Ҥ�\n"
+"�𻨤����礭�ʤ���������������䤹���ʤ�Τǡ������ᤷ�ޤ���\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
-msgstr "DSA ���ڥ��� 1024 �ӥåȤˤʤ�ޤ�\n"
+msgstr "DSA���Ф�1024�ӥåȤˤʤ�ޤ���\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "������������ߤ���ޤ�����\n"
 
-#: g10/keygen.c:1668
-#, fuzzy, c-format
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
 msgid "writing public key to `%s'\n"
-msgstr "`%s' �ؤθ����������񤭹��ߤޤ�\n"
+msgstr "`%s'�ظ�������񤭹��ߤޤ�\n"
 
-#: g10/keygen.c:1669
-#, fuzzy, c-format
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
 msgid "writing secret key to `%s'\n"
-msgstr "`%s' �ؤ���̩�������񤭹��ߤޤ�\n"
+msgstr "`%s'����̩����񤭹��ߤޤ�\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "����߲�ǽ�ʸ������ؤ����Ĥ���ޤ���: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "����߲�ǽ����̩���ؤ����Ĥ���ޤ���: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "��������`%s'�ν���ߥ��顼: %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "��̩����`%s'�ν���ߥ��顼: %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
-msgstr "����������̩�����������졢��̾����ޤ�����\n"
+msgstr "����������̩�����ꡢ��̾���ޤ�����\n"
+
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "����Ū�˿��Ѥ������Ȥ��Ƶ�Ͽ���ޤ�����\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2009
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
 msgstr ""
 "���θ��ϰŹ沽�ˤϻ��ѤǤ��ʤ����Ȥ����դ��Ƥ����������Ź沽��Ԥ��ˤϡ�\n"
-"\"--edit-key\" ���ޥ�ɤ��Ѥ���������������Ƥ���������\n"
+"��--edit-key�ץ��ޥ�ɤ��Ѥ����������������Ƥ���������\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2021 g10/keygen.c:2127
 #, c-format
 msgid "Key generation failed: %s\n"
-msgstr "���κ����˼���: %s\n"
+msgstr "���������˼��Ԥ��ޤ���: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2065 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
-msgstr "���� %lu ��̤��˺�������ޤ��� (����ι�Ԥ����פΤ��뤤�Ǥ��礦)\n"
+msgstr "����%lu��̤��ˤǤ��ޤ��� (����ι�Ԥ����פΤ��뤤�Ǥ��礦)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2067 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
-msgstr "���� %lu ��̤��˺�������ޤ��� (����ι�Ԥ����פΤ��뤤�Ǥ��礦)\n"
+msgstr "����%lu��̤��ˤǤ��ޤ��� (����ι�Ԥ����פΤ��뤤�Ǥ��礦)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2076
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "����: v3���������κ����ϡ�OpenPGP��Ŭ�礷�ޤ���\n"
+
+#: g10/keygen.c:2103
 msgid "Really create? "
-msgstr "�����˺������ޤ���? "
+msgstr "�����˺��ޤ���? "
+
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "���Υ��ޥ�ɤ�--output�ϵ�ǽ���ޤ���\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s'�ϴ��˰��̺ѤߤǤ�\n"
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: �����ޤ���: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
-msgstr "�ѥ��ե졼���������˼���: %s\n"
+msgstr "�ѥ��ե졼���κ������顼: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: �ٹ�: ���Υե�����Ǥ�\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr "--pgp2�⡼�ɤǤ�2048�ӥåȰʲ���RSA���ǰŹ沽�����Ǥ��ޤ���\n"
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
-msgstr "`%s' �����ɤ߹��ߤޤ�\n"
+msgstr "`%s'�����ɤ߹��ߤޤ�\n"
+
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr "�Ź沽���褦�Ȥ��Ƥ��븰������IDEA�Ź��Ȥ��ޤ���\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
-msgstr "%s/%s �Ź沽 ������: %s\n"
+msgstr "%s/%s�Ź沽 ������: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
+#: g10/delkey.c:69 g10/export.c:141
 #, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: �桼�������Ĥ���ޤ���: %s\n"
+msgid "key `%s' not found: %s\n"
+msgstr "��`%s'�����Ĥ���ޤ���: %s\n"
+
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "���֥��å����ɹ��ߥ��顼: %s\n"
 
-#: g10/export.c:164
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
-msgstr "�� %08lX: rfc2440 �θ��ǤϤ���ޤ��� - �����åפ��ޤ�\n"
+msgstr "�� %08lX: rfc2440�θ��ǤϤ���ޤ��� - �����å�\n"
 
-#: g10/export.c:175
-#, fuzzy, c-format
+#: g10/export.c:180
+#, c-format
 msgid "key %08lX: not protected - skipped\n"
-msgstr "�� %08lX: rfc2440 �θ��ǤϤ���ޤ��� - �����åפ��ޤ�\n"
+msgstr "�� %08lX: �ݸ��Ƥ��ޤ��� - �����å�\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "�� %08lX: PGP 2.x�����θ��Ǥ� - �����å�\n"
+
+#: g10/export.c:254
 msgid "WARNING: nothing exported\n"
 msgstr "�ٹ�: ����񤭽Ф��Ƥ��ޤ���\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
-msgstr "pk ����å���Υ���ȥ꡼��¿�����ޤ� - ̵��\n"
+msgstr "pk����å���Υ���ȥ꡼��¿�����ޤ� - ���Ѷػ�\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "unk ����å���Υ���ȥ꡼��¿�����ޤ� - ̵��\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2271
+msgid "[User id not found]"
+msgstr "[�桼����id�����Ĥ���ޤ���]"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr "--allow-non-selfsigned-uid��ͭ���ˤ��줿̵���ʸ�%08lX�Ǥ�\n"
+
+#: g10/getkey.c:1988
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
-msgstr "���� %08lX ����Ѥ��ޤ� - �縰 %08lX ������\n"
+msgstr "����%08lX��縰%08lX�����Ѥ��ޤ�\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2035
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
-msgstr "�� %08lX: �������Τʤ���̩���Ǥ��������å�\n"
-
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: �桼�������Ĥ���ޤ���\n"
+msgstr "��%08lX: �������Τʤ���̩���Ǥ��������å�\n"
 
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
-msgstr "������ %d �Υ֥��å��򥹥��åפ��ޤ�\n"
+msgstr "������%d�Υ֥��å��򥹥��åפ��ޤ�\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
-msgstr "%lu ���ޤǽ���\n"
+msgstr "%lu���ޤǽ���\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
-msgstr "`%s' ���ɤ߹��ߤ˼���: %s\n"
+msgstr "`%s'���ɹ��ߥ��顼: %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
-msgstr "��������: %lu\n"
+msgstr "         ��������: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "            ����������: %lu\n"
+msgstr " �����åפ�����������: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
-msgstr "         �桼�� ID �ʤ�: %lu\n"
+msgstr "       �桼����ID�ʤ�: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
-msgstr "              �ɤ߹���: %lu"
+msgstr "               �ɹ���: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
-msgstr "              �ѹ��ʤ�: %lu\n"
+msgstr "             �ѹ��ʤ�: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
-msgstr "       �����ʥ桼�� ID: %lu\n"
+msgstr "     �������桼����ID: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
-msgstr "            ����������: %lu\n"
+msgstr "           ����������: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
-msgstr "            �����ʽ�̾: %lu\n"
+msgstr "           ��������̾: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
-msgstr "        �����ʸ����˴�: %lu\n"
+msgstr "       �����������˴�: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
-msgstr "      ��̩�����ɤ߽Ф�: %lu\n"
+msgstr "       ��̩�����ɽФ�: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
-msgstr "      ��̩�����ɤ߹���: %lu\n"
+msgstr "       ��̩�����ɹ���: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
-msgstr "      �ѹ���̵����̩��: %lu\n"
+msgstr "       ̵�ѹ�����̩��: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:654
 #, c-format
 msgid "key %08lX: no user ID\n"
-msgstr "�� %08lX: �桼�� ID ������ޤ���\n"
+msgstr "��%08lX: �桼����ID������ޤ���\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "��%08lX: ��������̤���ʽ�̾�Υ桼����ID '%s'\n"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
-msgstr "�� %08lX: ���ѤǤ���桼�� ID ������ޤ���\n"
+msgstr "��%08lX: ���ѤǤ���桼����ID������ޤ���\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
-msgstr "���ʽ�̾������Ƥ��ʤ�����Ǥ��礦\n"
+msgstr "���ʽ�̾�Τʤ������Ǥ��礦\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:475 g10/import.c:723
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
-msgstr "�� %08lX: �����������Ĥ���ޤ���: %s\n"
+msgstr "��%08lX: �����������Ĥ���ޤ���: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:480
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "�� %08lX: rfc2440 �θ��ǤϤ���ޤ��� - �����åפ��ޤ�\n"
+msgstr "�� %08lX: ���������Ǥ� - �����å�\n"
+
+#: g10/import.c:490
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "����߲�ǽ�ʸ��ؤ����Ĥ���ޤ���: %s\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:495 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
-msgstr "`%s' �ؤν񤭽Ф�\n"
+msgstr "`%s'�ؤν�Ф�\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
-msgstr "����� `%s' �ν񤭹��ߤ˼���: %s\n"
+#: g10/import.c:498 g10/import.c:569 g10/import.c:674 g10/import.c:783
+#, c-format
+msgid "error writing keyring `%s': %s\n"
+msgstr "����`%s'�ν���ߥ��顼: %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:503
 #, c-format
 msgid "key %08lX: public key imported\n"
-msgstr "�� %08lX: ���������ɤ߹��ߤޤ���\n"
+msgstr "��%08lX: ���������ɤ߹��ߤޤ���\n"
 
-#: g10/import.c:453
+#: g10/import.c:522
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
-msgstr "�� %08lX: �桹����ͭ���븰�Ȱۤʤ�ޤ�\n"
+msgstr "��%08lX: �������ʣ���ȹ礤�ޤ���\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:540 g10/import.c:740
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
-msgstr "�� %08lX: ���ꥸ�ʥ�θ��֥��å��˰��֤Ǥ��ޤ���: %s\n"
+msgstr "��%08lX: ���θ��֥��å��˰��֤Ť��Ǥ��ޤ���: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:547 g10/import.c:746
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "��%08lX: ���θ��֥��å����ɤ߹���ޤ���: %s\n"
+
+#: g10/import.c:574
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
-msgstr "�� %08lX: �����ʥ桼�� ID �� 1 ��\n"
+msgstr "��%08lX: �������桼����ID��1��\n"
 
-#: g10/import.c:487
+#: g10/import.c:577
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
-msgstr "�� %08lX: �����ʥ桼�� ID �� %d ��\n"
+msgstr "��%08lX: �������桼����ID��%d��\n"
 
-#: g10/import.c:490
+#: g10/import.c:580
 #, c-format
 msgid "key %08lX: 1 new signature\n"
-msgstr "�� %08lX: �����ʽ�̾�� 1 ��\n"
+msgstr "��%08lX: ��������̾��1��\n"
 
-#: g10/import.c:493
+#: g10/import.c:583
 #, c-format
 msgid "key %08lX: %d new signatures\n"
-msgstr "�� %08lX: �����ʽ�̾�� %d ��\n"
+msgstr "��%08lX: ��������̾��%d��\n"
 
-#: g10/import.c:496
+#: g10/import.c:586
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
-msgstr "�� %08lX: ������������ 1 ��\n"
+msgstr "��%08lX: ������������1��\n"
 
-#: g10/import.c:499
+#: g10/import.c:589
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
-msgstr "�� %08lX: ������������ %d ��\n"
+msgstr "��%08lX: ������������%d��\n"
 
-#: g10/import.c:509
+#: g10/import.c:599
 #, c-format
 msgid "key %08lX: not changed\n"
-msgstr "�� %08lX: �ѹ��ʤ�\n"
+msgstr "��%08lX: �ѹ��ʤ�\n"
+
+#: g10/import.c:668
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "�������̩���ؤ�����ޤ���: %s\n"
 
-#: g10/import.c:581
+#: g10/import.c:679
 #, c-format
 msgid "key %08lX: secret key imported\n"
-msgstr "�� %08lX: ��̩�����ɤ߹��ߤޤ���\n"
+msgstr "��%08lX: ��̩�����ɤ߹��ߤޤ���\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:683
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
-msgstr "�� %08lX: ������̩����󥰤ˤ���ޤ�\n"
+msgstr "��%08lX: ������̩���ؤˤ���ޤ�\n"
 
-#: g10/import.c:590
+#: g10/import.c:688
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
-msgstr "�� %08lX: ��̩�������Ĥ���ޤ���: %s\n"
+msgstr "��%08lX: ��̩�������Ĥ���ޤ���: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:717
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
-msgstr "�� %08lX: ������������ޤ��� - �˴��������Ŭ�Ѥ��Ǥ��ޤ���\n"
+msgstr "��%08lX: ������������ޤ��� - �˴��������Ŭ�ѤǤ��ޤ���\n"
 
-#: g10/import.c:643
+#: g10/import.c:757
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
-msgstr "�� %08lX: ̵�����˴�������: %s - ���ݤ��ޤ���\n"
+msgstr "��%08lX: ̵�����˴�������: %s - ����\n"
 
-#: g10/import.c:670
+#: g10/import.c:788
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
-msgstr "�� %08lX: �˴���������ɤ߹��ߤޤ���\n"
+msgstr "��%08lX: �˴���������ɤ߹��ߤޤ���\n"
 
-#: g10/import.c:712
+#: g10/import.c:823
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
-msgstr "�� %08lX: ��̾���б�����桼�� ID ������ޤ���\n"
+msgstr "��%08lX: ��̾���б�����桼����ID������ޤ���\n"
 
-#: g10/import.c:719 g10/import.c:743
+#: g10/import.c:836
 #, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
-msgstr "�� %08lX: ���ݡ��Ȥ��Ƥ��ʤ����������르�ꥺ��Ǥ�\n"
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr "��%08lX: �桼����id \"%s\" �Υ��ݡ��Ȥ��Ƥ��ʤ����������르�ꥺ��Ǥ�\n"
 
-#: g10/import.c:720
+#: g10/import.c:838
 #, c-format
-msgid "key %08lX: invalid self-signature\n"
-msgstr "�� %08lX: ���ʽ�̾��̵���Ǥ�\n"
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "��%08lX: �桼����id \"%s\" �μ��ʽ�̾��̵���Ǥ�\n"
 
-#: g10/import.c:735
+#: g10/import.c:855
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
-msgstr "�� %08lX: �����б���������������ޤ���\n"
+msgstr "��%08lX: �����б���������������ޤ���\n"
 
-#: g10/import.c:744
+#: g10/import.c:865
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "�� %08lX: ̵�����������б��Ǥ�\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "��%08lX: ���ݡ��Ȥ��Ƥ��ʤ����������르�ꥺ��Ǥ�\n"
 
-#: g10/import.c:771
+#: g10/import.c:866
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "�� %08lX: �������줿���ʽ�̾����Ƥ��ʤ��桼�� ID '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "��%08lX: ̵�����������б��Ǥ�\n"
 
-#: g10/import.c:800
+#: g10/import.c:896
 #, c-format
 msgid "key %08lX: skipped user ID '"
-msgstr "�� %08lX: �����åפ����桼�� ID '"
+msgstr "��%08lX: �����åפ����桼����ID '"
 
-#: g10/import.c:823
+#: g10/import.c:919
 #, c-format
 msgid "key %08lX: skipped subkey\n"
-msgstr "�� %08lX: �����åפ�������\n"
+msgstr "��%08lX: �����åפ�������\n"
 
 #. here we violate the rfc a bit by still allowing
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:942
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
-msgstr "�� %08lX: �񤭽Ф��ԲĤʽ�̾ (class %02x) - �����å�\n"
+msgstr "��%08lX: ��Ф��ԲĤʽ�̾ (���饹%02x) - �����å�\n"
 
-#: g10/import.c:857
+#: g10/import.c:951
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
-msgstr "�� %08lX: �˴������񤬴ְ�ä����ꤵ��Ƥ��ޤ� - �����å�\n"
+msgstr "��%08lX: �˴������񤬸��ä����ꤵ��Ƥ��ޤ� - �����å�\n"
 
-#: g10/import.c:865
+#: g10/import.c:968
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
-msgstr "�� %08lX: ̵�����˴�������: %s - �����å�\n"
+msgstr "��%08lX: ̵�����˴�������: %s - �����å�\n"
 
-#: g10/import.c:965
+#: g10/import.c:1069
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
-msgstr "�� %08lX: ��ʣ�����桼�� ID �θ��� - �ɲ�\n"
+msgstr "��%08lX: ��ʣ�����桼����ID�θ��� - ʻ��\n"
+
+#: g10/import.c:1128
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr "�ٹ�: ��%08lX���˴����줿�褦�Ǥ�: �˴���%08lX�ΰ����Ф�\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1142
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr "�ٹ�: ��%08lX���˴����줿�褦�Ǥ�: �˴���%08lX���Ժߡ�\n"
+
+#: g10/import.c:1198
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
-msgstr "�� %08lX: �˴���������ɲ�\n"
+msgstr "��%08lX: �˴���������ɲ�\n"
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1228
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "�� %08lX: �桹�Υ��ԡ��ˤϼ��ʽ�̾������ޤ���\n"
+msgid "key %08lX: direct key signature added\n"
+msgstr "��%08lX: ľ�ܸ���̾���ɲ�\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:140
 msgid "[revocation]"
 msgstr "[�˴�]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:141
 msgid "[self-signature]"
 msgstr "[���ʽ�̾]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:212
 msgid "1 bad signature\n"
-msgstr "̵���ʽ�̾ 1 ��\n"
+msgstr "̵���ʽ�̾1��\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:214
 #, c-format
 msgid "%d bad signatures\n"
-msgstr "̵���ʽ�̾ %d ��\n"
+msgstr "̵���ʽ�̾%d��\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:216
 msgid "1 signature not checked due to a missing key\n"
-msgstr "����̵���Τ� 1 �Ĥν�̾�ϸ��ڤǤ��ޤ���\n"
+msgstr "�����ʤ�����1�Ĥν�̾�򸡾ڤ��ޤ���\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:218
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
-msgstr "����̵���Τ� %d �Ĥν�̾�ϸ��ڤǤ��ޤ���\n"
+msgstr "�����ʤ�����%d�Ĥν�̾�򸡾ڤ��ޤ���\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:220
 msgid "1 signature not checked due to an error\n"
-msgstr "����̵���Τ� 1 �Ĥν�̾�ϸ��ڤǤ��ޤ���\n"
+msgstr "���顼�Τ���1�Ĥν�̾�򸡾ڤ��ޤ���\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:222
 #, c-format
 msgid "%d signatures not checked due to errors\n"
-msgstr "%d �Ĥν�̾�ϥ��顼�ˤ�긡�ڤ���ޤ���\n"
+msgstr "���顼�Τ���%d�Ĥν�̾�򸡾ڤ��ޤ���\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:224
 msgid "1 user ID without valid self-signature detected\n"
-msgstr "ͭ���ʼ��ʽ�̾��̵���桼�� ID �� 1 �Ĥ���ޤ�\n"
+msgstr "ͭ���ʼ��ʽ�̾�Τʤ��桼����ID��1�ĸ���\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:226
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
-msgstr "ͭ���ʼ��ʽ�̾��̵���桼�� ID �� %d �Ĥ���ޤ�\n"
+msgstr "ͭ���ʼ��ʽ�̾�Τʤ��桼����ID��%d�ĸ���\n"
+
+#: g10/keyedit.c:333
+#, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "�桼����ID \"%s\" ���˴�����Ƥ��ޤ���"
+
+#: g10/keyedit.c:341 g10/keyedit.c:424 g10/keyedit.c:476 g10/keyedit.c:1048
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "����Ǥ⤳�θ��˽�̾�������Ǥ���? (y/N) "
+
+#: g10/keyedit.c:348 g10/keyedit.c:430 g10/keyedit.c:1054
+msgid "  Unable to sign.\n"
+msgstr "  ��̾��ǽ��\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:362
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"\"%s\" �ˤ������뺣�Τ��ʤ��ν�̾��\n"
+"������̾�Ǥ���\n"
+
+#: g10/keyedit.c:366
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr "��Ф���ǽ�ʽ�̾�˳ʾ夲�������Ǥ���? (y/N) "
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:386
 #, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "�� %08lX �ˤ�äƴ��˽�̾����Ƥ��ޤ�\n"
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" �ϸ�%08lX�Ǥ⤦������̾���Ƥ���ޤ�\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:391
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" �ϸ�%08lX�Ǥ⤦��̾���Ƥ���ޤ�\n"
+
+#: g10/keyedit.c:403
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
-msgstr "�� %08lX �ˤ�äƽ�̾�����ΤϤ���ޤ���\n"
+msgstr "��%08lX�ǽ�̾�����ΤϤ���ޤ���\n"
+
+#: g10/keyedit.c:418
+msgid "This key has expired!"
+msgstr "���θ��ϴ����ڤ�Ǥ�!"
+
+#: g10/keyedit.c:436
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "���θ���%s�Ǵ��¤��ڤ�ޤ���\n"
+
+#: g10/keyedit.c:440
+msgid "Do you want your signature to expire at the same time? (y/N) "
+msgstr "Ʊ���˽�̾������ڤ�ˤ������Ǥ���? (y/N) "
+
+#: g10/keyedit.c:469
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr "--pgp2�⡼�ɤǤ�PGP 2.x����OpenPGP��̾���Ǥ��ʤ����⤷��ޤ���\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:471
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "���θ���PGP 2.x�ǻ��ѤǤ��ʤ��ʤ�ޤ���\n"
+
+#: g10/keyedit.c:492
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"��̾���褦�Ȥ��Ƥ��븰���ºݤ˾嵭��̾���οͤΤ�Τ��ɤ������ɤ�����\n"
+"���դ��Ƹ��ڤ��ޤ�����? �����狼��ʤ����\"0\"�����Ϥ��Ƥ���������\n"
+
+#: g10/keyedit.c:496
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) �����ޤ���%s\n"
+
+#: g10/keyedit.c:498
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) ��������ǧ���Ƥ��ޤ���%s\n"
+
+#: g10/keyedit.c:500
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) �������ǧ���ޤ�����%s\n"
+
+#: g10/keyedit.c:502
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) ���ʤ����դ��Ƴ�ǧ���ޤ�����%s\n"
+
+#: g10/keyedit.c:527
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
-msgstr "������ ���θ��ˤ��ʤ��θ��ǽ�̾�����ɤ��Ǥ���: \""
+msgstr "�����ˤ��θ��ˤ��ʤ��θ��ǽ�̾���Ƥ褤�Ǥ���: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:536
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr "\n��̾�Ͻ�Ф��ԲĤ����ꤵ��ޤ���\n"
+
+#: g10/keyedit.c:540
+msgid ""
 "\n"
-msgstr ""
-"��̾�Ͻ񤭽Ф��ԲĤ����ꤵ��ޤ���\n"
+"The signature will be marked as non-revocable.\n"
+msgstr "\n��̾���˴��ԲĤ����ꤵ��ޤ���\n"
+
+#: g10/keyedit.c:545
+msgid ""
 "\n"
+"I have not checked this key at all.\n"
+msgstr "\n���θ�����������ǧ���Ƥ��ޤ���\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:549
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr "\n���θ��ϰ������ǧ���ޤ�����\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr "\n���θ��ϡ����ʤ����դ��Ƴ�ǧ���ޤ�����\n"
+
+#: g10/keyedit.c:561
 msgid "Really sign? "
 msgstr "�����˽�̾���ޤ���? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:594 g10/keyedit.c:2570 g10/keyedit.c:2632 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "��̾�˼��Ԥ��ޤ���: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:653
 msgid "This key is not protected.\n"
 msgstr "���θ����ݸ��Ƥ��ޤ���\n"
 
-#: g10/keyedit.c:426
-#, fuzzy
+#: g10/keyedit.c:657
 msgid "Secret parts of primary key are not available.\n"
-msgstr "��̩��������ޤ���"
+msgstr "�縰����̩��ʬ�������ޤ���\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:661
 msgid "Key is protected.\n"
 msgstr "�����ݸ��Ƥ��ޤ���\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:681
 #, c-format
 msgid "Can't edit this key: %s\n"
-msgstr "���θ����Խ����뤳�ȤϤǤ��ޤ���: %s\n"
+msgstr "���θ����Խ��Ǥ��ޤ���: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:687
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
 msgstr ""
-"������̩�����Ф��뿷�����ѥ��ե졼�������Ϥ��Ʋ�������\n"
+"������̩���ο������ѥ��ե졼�������Ϥ��Ƥ���������\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:701
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
 msgstr ""
-"�ѥ��ե졼������ɬ�פʤ褦�Ǥ���������ϰ����ͤ��Ǥ�!\n"
+"�ѥ��ե졼������ɬ�פʤ褦�Ǥ�����\n"
+"�����餯����Ϥ����ʹͤ��ǤϤ���ޤ���!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:704
 msgid "Do you really want to do this? "
 msgstr "�����˼¹Ԥ��ޤ���? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:768
 msgid "moving a key signature to the correct place\n"
 msgstr "���ν�̾�����������˰�ư���ޤ�\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:810
 msgid "quit this menu"
 msgstr "���Υ�˥塼��λ"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:811
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:812
 msgid "save"
 msgstr "save"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:812
 msgid "save and quit"
 msgstr "��¸���ƽ�λ"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:813
 msgid "help"
 msgstr "help"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:813
 msgid "show this help"
 msgstr "���Υإ�פ򸫤�"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:815
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:815
 msgid "show fingerprint"
 msgstr "����򸫤�"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:816
 msgid "list"
 msgstr "list"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:816
 msgid "list key and user IDs"
-msgstr "���ȥ桼�� ID �ΰ���"
+msgstr "���ȥ桼����ID�ΰ���"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:817
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:818
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:818
 msgid "select user ID N"
-msgstr "�桼�� ID N ������"
+msgstr "�桼����ID N������"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:819
 msgid "key"
 msgstr "key"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:819
 msgid "select secondary key N"
-msgstr "���� N ������"
+msgstr "����N������"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:820
 msgid "check"
 msgstr "check"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:820
 msgid "list signatures"
 msgstr "��̾�ΰ���"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:821
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:822
 msgid "sign"
 msgstr "sign"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:822
 msgid "sign the key"
 msgstr "���ؽ�̾"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:823
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:824
 msgid "lsign"
 msgstr "lsign"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:824
 msgid "sign the key locally"
-msgstr "���˽񤭽Ф��ԲĤʽ�̾"
+msgstr "��������Ū�˽�̾"
+
+#: g10/keyedit.c:825
+msgid "nrsign"
+msgstr "nrsign"
+
+#: g10/keyedit.c:825
+msgid "sign the key non-revocably"
+msgstr "�˴��Ǥ��ʤ��褦���ؽ�̾"
+
+#: g10/keyedit.c:826
+msgid "nrlsign"
+msgstr "nrlsign"
+
+#: g10/keyedit.c:826
+msgid "sign the key locally and non-revocably"
+msgstr "�˴��Ǥ��ʤ��褦��������Ū�˽�̾"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:827
 msgid "debug"
 msgstr "debug"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:828
 msgid "adduid"
 msgstr "adduid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:828
 msgid "add a user ID"
-msgstr "�桼�� ID ���ɲ�"
+msgstr "�桼����ID���ɲ�"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:829
+msgid "addphoto"
+msgstr "addphoto"
+
+#: g10/keyedit.c:829
+msgid "add a photo ID"
+msgstr "�ե���ID���ɲ�"
+
+#: g10/keyedit.c:830
 msgid "deluid"
 msgstr "deluid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:830
 msgid "delete user ID"
-msgstr "�桼�� ID �ξõ�"
+msgstr "�桼����ID�κ��"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:832
+msgid "delphoto"
+msgstr "delphoto"
+
+#: g10/keyedit.c:833
 msgid "addkey"
 msgstr "addkey"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:833
 msgid "add a secondary key"
 msgstr "�������ɲ�"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:834
 msgid "delkey"
 msgstr "delkey"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:834
 msgid "delete a secondary key"
 msgstr "������"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:835
 msgid "delsig"
 msgstr "delsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:835
 msgid "delete signatures"
 msgstr "��̾�κ��"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:836
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:836
 msgid "change the expire date"
 msgstr "ͭ�����¤��ѹ�"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:837
+msgid "primary"
+msgstr "primary"
+
+#: g10/keyedit.c:837
+msgid "flag user ID as primary"
+msgstr "�桼����ID���ˤ���"
+
+#: g10/keyedit.c:838
 msgid "toggle"
 msgstr "toggle"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:838
 msgid "toggle between secret and public key listing"
-msgstr "��̩���ȸ������������ڤ��ؤ�"
+msgstr "��̩���ȸ������ΰ��������ؤ�"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:840
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:841
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr "ͥ���̤ΰ���"
+#: g10/keyedit.c:841
+msgid "list preferences (expert)"
+msgstr "�����ΰ��� (�������ѡ���)"
+
+#: g10/keyedit.c:842
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:842
+msgid "list preferences (verbose)"
+msgstr "�����ΰ��� (��Ĺ)"
+
+#: g10/keyedit.c:843
+msgid "setpref"
+msgstr "setpref"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:843
+msgid "set preference list"
+msgstr "�������������"
+
+#: g10/keyedit.c:844
+msgid "updpref"
+msgstr "updpref"
+
+#: g10/keyedit.c:844
+msgid "updated preferences"
+msgstr "�����ΰ����򹹿�"
+
+#: g10/keyedit.c:845
 msgid "passwd"
 msgstr "passwd"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:845
 msgid "change the passphrase"
 msgstr "�ѥ��ե졼�����ѹ�"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:846
 msgid "trust"
 msgstr "trust"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:846
 msgid "change the ownertrust"
-msgstr "���ʽ�̾���ѹ�"
+msgstr "��ͭ�Կ��Ѥ��ѹ�"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:847
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:847
 msgid "revoke signatures"
 msgstr "��̾���˴�"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:848
 msgid "revkey"
 msgstr "revkey"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:848
 msgid "revoke a secondary key"
 msgstr "�������˴�"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:849
 msgid "disable"
 msgstr "disable"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:849
 msgid "disable a key"
-msgstr "��������ԲĤˤ���"
+msgstr "���λ��Ѥ�ػߤ���"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:850
 msgid "enable"
 msgstr "enable"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:850
 msgid "enable a key"
-msgstr "������ѲĤˤ���"
+msgstr "���λ��Ѥ���Ĥ���"
+
+#: g10/keyedit.c:851
+msgid "showphoto"
+msgstr "showphoto"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:851
+msgid "show photo ID"
+msgstr "�ե���ID��ɽ��"
+
+#: g10/delkey.c:112 g10/keyedit.c:871
 msgid "can't do that in batchmode\n"
-msgstr "����ϥХå��⡼�ɤǤϼ¹ԤǤ��ޤ���\n"
+msgstr "����ϥХå��⡼�ɤǤϤǤ��ޤ���\n"
+
+#: g10/keyedit.c:908
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "��̩���֥��å�`%s'���ɹ��ߥ��顼: %s\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:926
 msgid "Secret key is available.\n"
-msgstr "��̩�������ѤǤ��ޤ�\n"
+msgstr "��̩�������ѤǤ��ޤ���\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:957
 msgid "Command> "
 msgstr "���ޥ��> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:989
 msgid "Need the secret key to do this.\n"
-msgstr "�����¹Ԥ���ˤ���̩����ɬ�פǤ���\n"
+msgstr "���μ¹Ԥˤ���̩��������ޤ���\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:993
 msgid "Please use the command \"toggle\" first.\n"
-msgstr ""
+msgstr "�ޤ���toggle�ץ��ޥ�ɤ�ȤäƤ�������\n"
+
+#: g10/keyedit.c:1042
+msgid "Key is revoked."
+msgstr "�����˴�����Ƥ��ޤ���"
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1061
 msgid "Really sign all user IDs? "
-msgstr "���ƤΥ桼�� ID �� ������ ��̾���ޤ���? "
+msgstr "���������桼����ID�˽�̾���ޤ���? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1062
 msgid "Hint: Select the user IDs to sign\n"
-msgstr "�ҥ��: ��̾����桼�� ID  ������\n"
+msgstr "����: �ޤ���̾����桼����ID�����򤷤ޤ�\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1087
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "���ѥǡ����١����ι����˼��Ԥ��ޤ���: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "%s�⡼�ɤǤ��Υ��ޥ�ɤ��Ѥ��뤳�ȤϤǤ��ޤ���\n"
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1107 g10/keyedit.c:1128
 msgid "You must select at least one user ID.\n"
-msgstr "���ʤ��Ȥ� 1 �ĤΥ桼�� ID �����򤷤Ʋ�������\n"
+msgstr "�桼����ID�򾯤ʤ��Ȥ�ҤȤ����򤷤Ƥ���������\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1109
 msgid "You can't delete the last user ID!\n"
-msgstr "�Ǹ�桼�� ID �ν�̾�Ϻ���Ǥ��ޤ���\n"
+msgstr "�Ǹ�Υ桼����ID�Ϻ���Ǥ��ޤ���!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1112
 msgid "Really remove all selected user IDs? "
-msgstr "���򤷤��桼�� ID �� ������ ������ޤ���? "
+msgstr "���򤷤����桼����ID�������˺�����ޤ���? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1113
 msgid "Really remove this user ID? "
-msgstr "���Υ桼�� ID �� ������ ������ޤ���? "
+msgstr "���Υ桼����ID�������˺�����ޤ���? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1151 g10/keyedit.c:1173
 msgid "You must select at least one key.\n"
-msgstr "���ʤ��Ȥ� 1 �Ĥθ������򤷤Ʋ�������\n"
+msgstr "���򾯤ʤ��Ȥ�ҤȤ����򤷤Ƥ���������\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1155
 msgid "Do you really want to delete the selected keys? "
-msgstr "���򤷤����� ������ ������ޤ���? "
+msgstr "���򤷤����������˺�����ޤ���? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1156
 msgid "Do you really want to delete this key? "
-msgstr "���θ��� ������ ������ޤ���? "
+msgstr "���θ��������˺�����ޤ���? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1177
 msgid "Do you really want to revoke the selected keys? "
-msgstr "���򤷤����� ������ �˴����ޤ���? "
+msgstr "���򤷤������������˴����ޤ���? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1178
 msgid "Do you really want to revoke this key? "
-msgstr "���θ��� ������ �˴����ޤ���? "
+msgstr "���θ����������˴����ޤ���? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1244
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "���򤷤��桼����ID�������������˹������ޤ���? "
+
+#: g10/keyedit.c:1246
+msgid "Really update the preferences? "
+msgstr "�����������˹������ޤ���? "
+
+#: g10/keyedit.c:1284
 msgid "Save changes? "
 msgstr "�ѹ�����¸���ޤ���? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1287
 msgid "Quit without saving? "
 msgstr "��¸�����˽�λ���ޤ���? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1298
 #, c-format
 msgid "update failed: %s\n"
-msgstr "�����˼���: %s\n"
+msgstr "�����˼��Ԥ��ޤ���: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1305
 #, c-format
 msgid "update secret failed: %s\n"
-msgstr "��̩���ι����˼���: %s\n"
+msgstr "��̩���ι����˼��Ԥ��ޤ���: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1312
 msgid "Key not changed so no update needed.\n"
-msgstr "�����ѹ�����Ƥ��ޤ���Τǹ�������ɬ�פϤ���ޤ���\n"
+msgstr "����̵�ѹ��ʤΤǹ����Ϥ���ޤ���\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1323
 msgid "Invalid command  (try \"help\")\n"
-msgstr "̵���ʥ��ޥ�� (\"help\" �򸫤�)\n"
+msgstr "̵���ʥ��ޥ�� (��help�פ򻲾�)\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1480
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "���θ���%s��%s%s�ˤ�ä��˴����줿�褦�Ǥ�\n"
+
+#: g10/keyedit.c:1483
+msgid " (sensitive)"
+msgstr " (�ǥꥱ����)"
+
+#: g10/keyedit.c:1488 g10/keyedit.c:1514
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  ����: %s ����: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1497
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " trust: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1501
 msgid "This key has been disabled"
-msgstr "���θ��ϻ����ԲĤ����ꤵ��Ƥ��ޤ�"
+msgstr "���θ��ϻ��Ѷػߤ����ꤵ��Ƥ��ޤ�"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1530
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "�� %08lX: �������˴��ѤߤǤ�!\n"
+msgstr "rev! �������˴��ѤߤǤ�: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1533
 msgid "rev- faked revocation found\n"
-msgstr "        �����ʸ����˴�: %lu\n"
+msgstr "rev- �Ǥä��������˴���ȯ��\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1535
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? �˴���ǧ�㳲: %s\n"
+
+#: g10/keyedit.c:1565
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+"�ץ�������Ƶ�ư����ޤǡ�ɽ�����줿����ͭ�������������ʤ����⤷��ʤ���\n"
+"�Ȥ������Ȥ�ǰƬ���֤��Ƥ���������\n"
+
+#: g10/keyedit.c:1651
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
 msgstr ""
+"�ٹ�: ���θ��ˤϤ⤦�ե���ID������ޤ���\n"
+"      �㤦�ե���ID���ɲä���ȡ��������Ǥ�PGP�Ϻ��𤹤뤫�⤷��ޤ���\n"
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1655 g10/keyedit.c:1682
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "����Ǥ��ɲä������Ǥ���? (y/N) "
+
+#: g10/keyedit.c:1663
+msgid "You may only have one photo ID on a key.\n"
+msgstr "1�ܤθ��ˤϥե���ID��ҤȤ��դ���������Ǥ���\n"
+
+#: g10/keyedit.c:1677
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"�ٹ�: �����PGP2�����θ��Ǥ����ե���ID���ɲäǡ��������Ǥ�PGP�ϡ�\n"
+"      ���θ�����ݤ��뤫�⤷��ޤ���\n"
+
+#: g10/keyedit.c:1688
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "PGP2�����θ��ˤϥե���ID���ɲäǤ��ʤ����⤷��ޤ���\n"
+
+#: g10/keyedit.c:1819
 msgid "Delete this good signature? (y/N/q)"
 msgstr "������������̾�������ޤ���? (y/N/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1823
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "����̵���ʽ�̾�������ޤ���? (y/N/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1827
 msgid "Delete this unknown signature? (y/N/q)"
-msgstr "���������ʽ�̾�������ޤ���? (y/N/q)"
+msgstr "����̤�Τν�̾�������ޤ���? (y/N/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1833
 msgid "Really delete this self-signature? (y/N)"
-msgstr "���μ��ʽ�̾�� ������ ������ޤ���? (y/N)"
+msgstr "���μ��ʽ�̾�������˺�����ޤ���? (y/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1847
 #, c-format
 msgid "Deleted %d signature.\n"
-msgstr "%d �Ĥν�̾�������ޤ�����\n"
+msgstr "%d�Ĥν�̾�������ޤ�����\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1848
 #, c-format
 msgid "Deleted %d signatures.\n"
-msgstr "%d �Ĥν�̾�������ޤ�����\n"
+msgstr "%d�Ĥν�̾�������ޤ�����\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1851
 msgid "Nothing deleted.\n"
 msgstr "���������Ƥ��ޤ���\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1920
 msgid "Please remove selections from the secret keys.\n"
-msgstr "��̩��������������Ʋ�������\n"
+msgstr "��̩���������Ȥ��Ƥ���������\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1926
 msgid "Please select at most one secondary key.\n"
-msgstr "¿���Ƥ� 1 �Ĥ����������򤷤Ʋ�������\n"
+msgstr "�⡹1�Ĥ����������򤷤Ƥ���������\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1930
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "������ͭ�����¤��ѹ����ޤ���\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1932
 msgid "Changing expiration time for the primary key.\n"
 msgstr "�縰��ͭ�����¤��ѹ����ޤ���\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1974
 msgid "You can't change the expiration date of a v3 key\n"
-msgstr "v3 ����ͭ�����¤��ѹ����뤳�Ȥ��Ǥ��ޤ�\n"
+msgstr "v3����ͭ�����¤��ѹ��Ǥ��ޤ���\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:1990
 msgid "No corresponding signature in secret ring\n"
-msgstr "��̩����󥰤��б������̾������ޤ���\n"
+msgstr "��̩���ؤ��б������̾������ޤ���\n"
+
+#: g10/keyedit.c:2072
+msgid "Please select exactly one user ID.\n"
+msgstr "�桼����ID�򤭤ä���ҤȤ����򤷤Ƥ���������\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2260
 #, c-format
 msgid "No user ID with index %d\n"
-msgstr "%d �֤Υ桼�� ID �Ϥ���ޤ���\n"
+msgstr "%d�֤Υ桼����ID�Ϥ���ޤ���\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2306
 #, c-format
 msgid "No secondary key with index %d\n"
-msgstr "%d �֤������Ϥ���ޤ���\n"
+msgstr "%d�֤������Ϥ���ޤ���\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2420
 msgid "user ID: \""
-msgstr "�桼�� ID: \""
+msgstr "�桼����ID: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2425
 #, c-format
 msgid ""
 "\"\n"
 "signed with your key %08lX at %s\n"
 msgstr ""
 "\"\n"
-"���ʤ��θ� %08lX �� %s �˽�̾����Ƥ��ޤ�\n"
+"���ʤ��θ�%08lX��%s�˽�̾����Ƥ��ޤ�\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
-msgstr "���ν�̾���Ф����˴��������������ޤ���? (y/N)"
+#: g10/keyedit.c:2428
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"���ʤ��θ�%08lX��%s������Ū�˽�̾����Ƥ��ޤ�\n"
+
+#: g10/keyedit.c:2433
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "���ν�̾��%s�Ǵ����ڤ�Ǥ���\n"
+
+#: g10/keyedit.c:2437
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "����Ǥ��˴��������Ǥ���? (y/N) "
+
+#: g10/keyedit.c:2441
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "���ν�̾�ˤ��������˴����������ޤ���? (y/N) "
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2467
 msgid "You have signed these user IDs:\n"
-msgstr "�����Υ桼�� ID �˽�̾���ޤ���:\n"
+msgstr "�����Υ桼����ID�˽�̾���ޤ���:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
+#: g10/keyedit.c:2481
 #, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "   %08lX �ˤ�ä� %s �˽�̾����Ƥ��ޤ�\n"
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   %08lX��%s%s%s�˽�̾����Ƥ��ޤ�\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2489
 #, c-format
 msgid "   revoked by %08lX at %s\n"
-msgstr "   %08lX �ˤ�ä� %s ���˴�����Ƥ��ޤ�\n"
+msgstr "   %08lX��%s���˴�����Ƥ��ޤ�\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2509
 msgid "You are about to revoke these signatures:\n"
-msgstr "���ʤ��Ϥ����ν�̾���˴����뤫�¤äƤ��ޤ�:\n"
+msgstr "�����ν�̾���˴����褦�Ȥ��Ƥ��ޤ�:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
-msgstr "�˴�������� ������ �������ޤ���? (y/N)"
+#: g10/keyedit.c:2519
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   %08lX��%s%s�˽�̾����Ƥ��ޤ�\n"
+
+#: g10/keyedit.c:2521
+msgid " (non-exportable)"
+msgstr " (��Ф��Բ�)"
+
+#: g10/keyedit.c:2528
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "�˴�������������˺��ޤ���? (y/N) "
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2558
 msgid "no secret key\n"
 msgstr "��̩��������ޤ���\n"
 
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "̵�������äǤ�"
+#: g10/keyedit.c:2710
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr "%s�򥵥���%ld�θ�0x%08lX (uid %d) �Υե���ID�Ȥ���ɽ��\n"
 
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "revkey"
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:82
+msgid "Signature policy: "
+msgstr "��̾�ݥꥷ��: "
+
+#: g10/keylist.c:107 g10/keylist.c:127 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "�ٹ�: ̵��������ǡ���������ޤ�\n"
+
+#. This is UTF8
+#: g10/keylist.c:115
+msgid "Signature notation: "
+msgstr "��̾����: "
+
+#: g10/keylist.c:122
+msgid "not human readable"
+msgstr "�ͤˤ��ɤ�ޤ���"
+
+#: g10/keylist.c:187
+msgid "Keyring"
+msgstr "����"
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
-#, fuzzy, c-format
+#: g10/keylist.c:387 g10/mainproc.c:856
+#, c-format
 msgid " [expires: %s]"
-msgstr "���� %s �ˤƴ����ڤ�ˤʤ�ޤ�\n"
+msgstr " [ͭ������: %s]"
+
+#: g10/keylist.c:852
+msgid "Fingerprint:"
+msgstr "����:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:858
+msgid "             Fingerprint:"
+msgstr "                    ����:"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:862
+msgid "     Key fingerprint ="
+msgstr "                ���� ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s�Ź沽���줿�ǡ���\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "̤�ΤΥ��르�ꥺ��ˤ��Ź� %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
-msgstr "�������� %08lX �Ǥ�\n"
+msgstr "��������%08lX�Ǥ�\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
-msgstr "�������ǰŹ沽���줿�ǡ���: ������ DEK �Ǥ�\n"
+msgstr "�������ǰŹ沽���줿�ǡ���: ������DEK�Ǥ�\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
-msgstr "%u �ӥå� %s ��, ID %08lX �ˤ�äưŹ沽����ޤ��� %s\n"
+msgstr "%u-�ӥå�%s��, ID %08lX�ǰŹ沽%s�ˤǤ��ޤ���\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
-msgstr "%s ��, ID %08lX �ˤ�äưŹ沽����ޤ���\n"
-
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "�����ɬ�פ���̩��������ޤ���\n"
+msgstr "%s��, ID %08lX�ǰŹ沽����ޤ���\n"
 
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
-msgstr "������������˼���: %s\n"
+msgstr "������������˼��Ԥ��ޤ���: %s\n"
+
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "%s�Ź沽���줿�ǡ�������\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr "IDEA�Ź��������ǽ�ʤΤǡ���ŷŪ�Ǥ���%s�����Ѥ��褦�Ȥ��Ƥ��ޤ�\n"
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "���������\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "�ٹ�: �Ź沽���줿��å������ϲ��⤵��Ƥ��ޤ�!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
-msgstr "����˼���: %s\n"
+msgstr "����˼��Ԥ��ޤ���: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
-msgstr "����: �����Ԥϡ��ɤ߽�������������פ褦�˵��Ƥ��ޤ�\n"
+msgstr "����: �����Ԥϡ����ˤ���פ褦�˵��Ƥ��ޤ�\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "���Υե�����̾='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr "��Ω�˴�����gpg --import�פ�Ȥä�Ŭ�Ѥ��Ƥ�������\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "�ٹ�: ̵��������ǡ���������ޤ�\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "����: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "�ݥꥷ��: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
-msgstr "��̾�θ��ڤ��Ǥ��ޤ���\n"
+msgstr "��̾�θ��ڤ��ά\n"
+
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "����¿�Ž�̾�ϼ�갷���ޤ���\n"
 
-#: g10/mainproc.c:1080
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
-msgstr "%.*s �� %s �� ID %08lX �ˤ���̾\n"
+msgstr "%.*s ��%s��ID %08lX�ˤ���̾\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
-msgstr "�����ʽ�̾: \""
+msgstr "������ ��̾: \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "�����ڤ�ν�̾: \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "��������̾: \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[�Գ���]"
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
-msgstr "                ��̾ \""
+msgstr "       ��̾ \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
-msgstr "��̾�θ��ڤ��Ǥ��ޤ���: %s\n"
+msgstr "��̾�򸡾ڤǤ��ޤ���: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "ʬΥ��̾�Ǥ���ޤ���\n"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "���饹0x%02x����Ω��̾\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
-msgstr "�Ť����� (PGP 2.x) �ˤ���̾\n"
+msgstr "�Ť����� (PGP 2.x) �ν�̾\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
-msgstr "proc_tree() �����̵���ʥѥ��åȤ����Ф���ޤ���\n"
+msgstr "proc_tree() �����̵���ʥѥ��åȤ򸡽Ф��ޤ���\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
-msgstr "��������פ�̵���ˤǤ��ޤ���: %s\n"
+msgstr "����������פ�̵���ˤǤ��ޤ���: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "�¸���Υ��르�ꥺ��ϻ��Ѥ��٤��ǤϤ���ޤ���!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
-msgstr "���ΰŹ楢�르�ꥺ���ȿ�Ф���Ƥ��ޤ�������Ū����ˡ���Ѥ��Ʋ�����!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+"���ΰŹ楢�르�ꥺ���ȿ�Ф���Ƥ��ޤ���\n"
+"��ä�ɸ��Ū�ʥ��르�ꥺ����Ѥ��Ƥ�������!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "�ٹ�: %s \"%s\" �ΰ����Ǥʤ���ͭ��\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "�ٹ�: %s \"%s\" �ΰ����Ǥʤ�����\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "IDEA�Ź�Υץ饰���󤬤���ޤ���\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr "�ܺ٤ϡ�http://www.gnupg.org/why-not-idea.html������������\n"
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
-msgstr "�������Υ��르�ꥺ�� %d �ϻ��ѤǤ��ޤ���\n"
+msgstr "�������Υ��르�ꥺ��%d�ϻ��ѤǤ��ޤ���\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
-msgstr "subpacket of type %d has critical bit set\n"
+msgstr "������%d�β��̥ѥ��åȤ˥���ƥ����롦�ӥåȤ�ȯ��\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:330 g10/passphrase.c:377
 msgid "gpg-agent is not available in this session\n"
-msgstr ""
+msgstr "���Υ��å�����gpg����������Ȥ�̵���Ǥ�\n"
+
+#: g10/passphrase.c:338
+msgid "can't set client pid for the agent\n"
+msgstr "����������ȤΥ��饤�����pid������Ǥ��ޤ���\n"
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:346
+msgid "can't get server read FD for the agent\n"
+msgstr "������������ѤΥ����С��ɽФ�FD������Ǥ��ޤ���\n"
+
+#: g10/passphrase.c:353
+msgid "can't get server write FD for the agent\n"
+msgstr "������������ѤΥ����С������FD������Ǥ��ޤ���\n"
+
+#: g10/passphrase.c:386
 msgid "malformed GPG_AGENT_INFO environment variable\n"
-msgstr ""
+msgstr "GPG_AGENT_INFO�Ķ��ѿ��ν񼰤�����������ޤ���\n"
+
+#: g10/passphrase.c:399
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "gpg-agent�ץ��ȥ��롦�С������%d�ϥ��ݡ��Ȥ��Ƥ��ޤ���\n"
 
-#: g10/hkp.c:158 g10/passphrase.c:223
-#, fuzzy, c-format
+#: g10/hkp.c:148 g10/passphrase.c:420
+#, c-format
 msgid "can't connect to `%s': %s\n"
-msgstr "`%s' �������ޤ���: %s\n"
+msgstr "`%s'����³�Ǥ��ޤ���: %s\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:442
+msgid "communication problem with gpg-agent\n"
+msgstr "gpg-agent�Ȥ��̿��㳲\n"
+
+#: g10/passphrase.c:511 g10/passphrase.c:897
 #, c-format
 msgid " (main key ID %08lX)"
-msgstr " (�縰 ID %08lX)"
+msgstr " (�縰ID %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:521
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
-"���Υ桼���Υ��å���������ˤϥѥ��ե졼����ɬ�פǤ�\n"
-"�桼��: \""
+"���Υ桼��������̩���Υ��å���������ˤϥѥ��ե졼��������ޤ�:\n"
+"\"%.*s\"\n"
+"%u�ӥå�%s��, ID %08lX�������դ�%s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:542
 msgid "Enter passphrase\n"
-msgstr "�ѥ��ե졼��������: "
+msgstr "�ѥ��ե졼��������\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:544
 msgid "Repeat passphrase\n"
-msgstr "�ѥ��ե졼���������: "
+msgstr "�ѥ��ե졼���������\n"
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
+#: g10/passphrase.c:585
 msgid "passphrase too long\n"
-msgstr ""
+msgstr "�ѥ��ե졼����Ĺ�᤮�ޤ�\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:598
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "����������Ȥ����̵���ʱ���\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:607 g10/passphrase.c:688
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "�桼�����ˤ���ä�\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:609 g10/passphrase.c:770
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "����������Ȥ˾㳲: ����������Ȥ�0x%lx���ֵ�\n"
+
+#: g10/passphrase.c:691 g10/passphrase.c:799
+msgid "problem with the agent - disabling agent use\n"
+msgstr "����������Ȥ˾㳲: ��������������Ѷػ�\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:883
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
 "user: \""
 msgstr ""
 "\n"
-"���Υ桼���Υ��å���������ˤϥѥ��ե졼����ɬ�פǤ�\n"
-"�桼��: \""
+"���Υ桼��������̩���Υ��å���������ˤ�\n"
+"�ѥ��ե졼��������ޤ�: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:892
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
-msgstr "%u �ӥå� %s ��, ID %08lX ����������ޤ��� %s"
+msgstr "%u�ӥå�%s��, ID %08lX�������դ�%s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:943
 msgid "can't query password in batchmode\n"
-msgstr "�Хå��⡼�ɤǤϥѥ���ɤ��䤤��碌���Ǥ��ޤ���\n"
+msgstr "�Хå��⡼�ɤǤϥѥ���ɤ���礻���Ǥ��ޤ���\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:947
 msgid "Enter passphrase: "
 msgstr "�ѥ��ե졼��������: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:951
 msgid "Repeat passphrase: "
 msgstr "�ѥ��ե졼���������: "
 
 #: g10/plaintext.c:67
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr ""
-"�ǡ�������¸����Ƥ��ޤ�����¸����ˤ� \"--output\" "
-"���ץ�������Ѥ��Ʋ�������\n"
+"�ǡ�������¸����Ƥ��ޤ���\n"
+"��¸����ˤϡ�--output�ץ��ץ�������Ѥ��Ƥ�������\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "`%s'�κ������顼: %s\n"
+
+#: g10/plaintext.c:336
 msgid "Detached signature.\n"
 msgstr "ʬΥ��̾��\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:340
 msgid "Please enter name of data file: "
-msgstr "�ǡ����ե������̾��������: "
+msgstr "�ǡ������ե������̾��������: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:361
 msgid "reading stdin ...\n"
-msgstr "ɸ�����Ϥ���ɤ߹����� ...\n"
+msgstr "ɸ�����Ϥ���ɹ����� ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:395
+msgid "no signed data\n"
+msgstr "��̾���줿�ǡ���������ޤ���\n"
+
+#: g10/plaintext.c:403
 #, c-format
 msgid "can't open signed data `%s'\n"
-msgstr "��̾���줿�ǡ��� `%s' �������ޤ���\n"
+msgstr "��̾���줿�ǡ���`%s'�������ޤ���\n"
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
-msgstr "������μ������ѤǤ�����̩�� %08lX ���Ѥ��ޤ� ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
+msgstr "ƿ̾�μ������ѤǤ�����̩��%08lX���Ѥ��ޤ� ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
-msgstr "��λ��������μ������ѤǤ���\n"
+msgstr "��λ��ƿ̾�μ������ѤǤ���\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
-msgstr "DEK �ˤ��켰�ΰŹ�ϥ��ݡ��Ȥ��Ƥ��ޤ���\n"
+msgstr "DEK�ˤ��켰�ΰŹ�ϥ��ݡ��Ȥ��Ƥ��ޤ���\n"
 
-#: g10/pubkey-enc.c:216
-#, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "�ݸ�르�ꥺ�� %d �ϥ��ݡ��Ȥ��Ƥ��ޤ���\n"
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "�ݸ�르�ꥺ��%d%s��̤�Τ������ԲĤǤ�\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
-msgstr "����: �Ź楢�르�ꥺ�� %d ��ͥ�������äƤ��ޤ���\n"
+msgstr "����: �Ź楢�르�ꥺ��%d��ͥ�������äƤ��ޤ���\n"
 
-#: g10/pubkey-enc.c:261
-#, fuzzy, c-format
+#: g10/pubkey-enc.c:242
+#, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "����: ��̾�θ��ϴ����ڤ�Ǥ� %s\n"
+msgstr "����: ��̩��%08lX��%s�Ǵ����ڤ�Ǥ�\n"
 
-#: g10/hkp.c:62
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "��%08lX��HKP�������С�%s���׵�\n"
 
-#: g10/hkp.c:75
-#, fuzzy, c-format
+#: g10/hkp.c:94
+#, c-format
 msgid "can't get key from keyserver: %s\n"
-msgstr "�������С����鸰���ɤ߹���"
-
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
+msgstr "�������С����鸰���ɤ߹���ޤ���: %s\n"
 
-#: g10/hkp.c:106
-#, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s ��������ʸ�������ɤǤϤ���ޤ���\n"
-
-#: g10/hkp.c:182
-#, fuzzy, c-format
+#: g10/hkp.c:172
+#, c-format
 msgid "error sending to `%s': %s\n"
-msgstr "`%s' ���ɤ߹��ߤ˼���: %s\n"
+msgstr "`%s'�ؤ��������顼: %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:187
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
-msgstr ""
+msgstr "`%s'�ؤ����������� (����=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:190
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
-msgstr ""
+msgstr "`%s'�ؤ������˼��Ԥ��ޤ���: ����=%u\n"
+
+#: g10/hkp.c:472
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "\"%s\"��HKP�����С�%s���鸡��\n"
+
+#: g10/hkp.c:522
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "�������С��򸡺��Ǥ��ޤ���: %s\n"
 
-#: g10/seckey-cert.c:89
-#, fuzzy
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
-msgstr "��̩��������ޤ���"
+msgstr "��̩��ʬ�������ޤ���\n"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
 #, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "�ݸ�르�ꥺ�� %d �ϥ��ݡ��Ȥ��Ƥ��ޤ���\n"
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "�ݸ�르�ꥺ��%d%s�ϥ��ݡ��Ȥ��Ƥ��ޤ���\n"
+
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "̵���ʥѥ��ե졼���Ǥ��������Ϥ��Ƥ�������"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr "̵���ʥѥ��ե졼���Ǥ��������Ϥ��Ʋ����� ...\n"
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
-msgstr "�ٹ�: �夤�������Ф���ޤ������ѥ��ե졼�����ѹ����Ʋ�������\n"
+msgstr "�ٹ�: �夤���򸡽Ф��ޤ������ѥ��ե졼�����ѹ����Ƥ���������\n"
+
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr "ȿ�Ф��줿16�ӥåȤΥ����å��������̩�����ݸ������\n"
 
-#: g10/sig-check.c:279
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
-"����� PGP �ˤ�äƺ������줿 ElGamal "
-"���Ǥ������θ��Ͻ�̾���Ѥ���ˤϰ����ǤϤ���ޤ���!\n"
+"�����PGP����������ElGamal���Ǥ���\n"
+"��̾���Ѥ���ˤϡ����θ��ϰ����Ǥ� �ʤ� �Ǥ�!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
-msgstr "�������Ͻ�̾���� %lu �ø�˺�������Ƥ��ޤ�\n"
+msgstr "�������Ͻ�̾����%lu�ø�˺�������Ƥ��ޤ�\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
-msgstr "�������Ͻ�̾���� %lu �ø�˺�������Ƥ��ޤ�\n"
+msgstr "�������Ͻ�̾����%lu�ø�˺�������Ƥ��ޤ�\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "����: ��̾�θ��ϴ����ڤ�Ǥ� %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "����: ��̾��%08lX�ϴ����ڤ�Ǥ�%s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
-msgstr "�����ʥ���ƥ�����ӥåȤ����ä��Τǡ���̾���������ȸ��ʤ��ޤ�\n"
+msgstr "̤�ΤΥ���ƥ����롦�ӥåȤ����ä��Τǡ���̾���������Ȥߤʤ��ޤ�\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr "�ٹ�: �ݥꥷ��url��%%��ĥ��ǽ (�礭����)��̤��ĥ����ѡ�\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "�������줿��̾�θ��ڤ˼���: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
-msgstr "%s ��̾����̾��: %s\n"
+msgstr "%s��̾����̾��: %s\n"
+
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "�ٹ�: `%s'�϶��Υե�����Ǥ�\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "--pgp2�⡼�ɤǤ�PGP 2.x�����θ��ǽ�̾�Ǥ�������Ǥ�\n"
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
-msgstr "%s �������Ǥ��ޤ���: %s\n"
+msgstr "%s������Ǥ��ޤ���: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "��̾:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "--pgp2�⡼�ɤǤ�PGP 2.x�����θ��ǥ��ꥢ��̾�����Ǥ��ޤ���\n"
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "�ٹ�: `%s' �϶��Υե�����Ǥ�\n"
+msgid "%s encryption will be used\n"
+msgstr "%s�Ź沽����Ѥ��ޤ�\n"
 
 #: g10/textfilter.c:134
 #, c-format
 msgid "can't handle text lines longer than %d characters\n"
-msgstr "%d ʸ���ʾ��Ĺ���Υƥ����ȹԤϻ��ѤǤ��ޤ���\n"
+msgstr "%dʸ���ʾ��Ĺ���Υƥ����ȹԤϻ��ѤǤ��ޤ���\n"
 
 #: g10/textfilter.c:231
 #, c-format
 msgid "input line longer than %d characters\n"
-msgstr "���ϹԤ�Ĺ���� %d ʸ����ۤ��Ƥ��ޤ�\n"
+msgstr "���ϹԤ�Ĺ����%dʸ����Ķ���Ƥ��ޤ�\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
-msgstr "���ѥǡ����١��� �쥳���� %lu: �������˼���: %s\n"
+msgstr "���ѥǡ����١��� �쥳����%lu: �������˼��Ԥ��ޤ���: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
-msgstr "���ѥǡ����١��� �쥳���� %lu: �񤭹��ߤ˼��� (n=%d): %s\n"
+msgstr "���ѥǡ����١��� �쥳����%lu: ����ߤ˼��� (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
-msgstr "���ѥǡ����١��� �ȥ�󥶥�������礭�����ޤ�\n"
+msgstr "���ѥǡ����١����Υȥ�󥶥�������礭�����ޤ�\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: ���������Ǥ��ޤ���: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: ���񤬤���ޤ���!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: �����Ǥ��ޤ���: %s\n"
+msgid "%s: can't create lock\n"
+msgstr "%s: ���å����Ǥ��ޤ���\n"
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:480 g10/tdbio.c:544
 #, c-format
-msgid "%s: can't create lock\n"
-msgstr "%s: ���å��������Ǥ��ޤ���\n"
+msgid "%s: can't make lock\n"
+msgstr "%s: ���å����Ǥ��ޤ���\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: �����Ǥ��ޤ���: %s\n"
 
-#: g10/tdbio.c:473
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
-msgstr "%s: �С������쥳���ɤκ����˼���: %s"
+msgstr "%s: �С�����󡦥쥳���ɤκ����˼��Ԥ��ޤ���: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: ̵���ʿ��ѥǡ����١��������\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
-msgstr "%s: ���ѥǡ����١�����������ޤ���\n"
+msgstr "%s: ���ѥǡ����١������Ǥ��ޤ���\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: ̵���ʿ��ѥǡ����١���\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
-msgstr "%s: �ϥå���ɽ�κ����˼���: %s\n"
+msgstr "%s: �ϥå���ɽ�κ����˼��Ԥ��ޤ���: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
-msgstr "%s: �С������쥳���ɤι������顼: %s\n"
+msgstr "%s: �С�����󡦥쥳���ɤι������顼: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
-msgstr "%s: �С������쥳���ɤ��ɤ߽Ф����顼: %s\n"
+msgstr "%s: �С�����󡦥쥳���ɤ��ɽФ����顼: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
-msgstr "%s: �С������쥳���ɤν񤭹��ߥ��顼: %s\n"
+msgstr "%s: �С�����󡦥쥳���ɤν���ߥ��顼: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
-msgstr "���ѥǡ����١���: �������˼���: %s\n"
+msgstr "���ѥǡ����١���: �������˼��Ԥ��ޤ���: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
-msgstr "���ѥǡ����١���: �ɤ߽Ф��˼��� (n=%d): %s\n"
+msgstr "���ѥǡ����١���: �ɽФ��˼��� (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
-msgstr "%s: ���ѥǡ����١����ե�����ǤϤ���ޤ���\n"
+msgstr "%s: ���ѥǡ����١������ե�����ǤϤ���ޤ���\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
-msgstr "%s: �쥳�����ֹ� %lu �֤ΥС������쥳����\n"
+msgstr "%s: �쥳�����ֹ�%lu�֤ΥС�����󡦥쥳����\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
-msgstr "%s: ̵���ʥե�����С������ %d\n"
+msgstr "%s: ̵���ʥե����롦�С������%d\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
-msgstr "%s: �����쥳���ɤ��ɤ߽Ф����顼: %s\n"
+msgstr "%s: �����쥳���ɤ��ɽФ����顼: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
-msgstr "%s: �����쥳���ɤν񤭹��ߥ��顼: %s\n"
+msgstr "%s: �ǥ��쥯�ȥ꡼���쥳���ɤν���ߥ��顼: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
-msgstr "%s: �쥳���ɤν�����˼���: %s\n"
+msgstr "%s: �쥳���ɤν�����˼��Ԥ��ޤ���: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
-msgstr "%s: �쥳���ɤν�����˼���: %s\n"
+msgstr "%s: �쥳���ɤ��ɲä˼��Ԥ��ޤ���: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr ""
-"���ѥǡ����١���������Ƥ��ޤ���\"gpg --fix-trustdb\" ��¹Ԥ��Ʋ�������\n"
+"���ѥǡ����١���������Ƥ��ޤ�����gpg --fix-trustdb�פ�¹Ԥ��Ƥ���������\n"
 
-#: g10/trustdb.c:169
+#: g10/trustdb.c:200
 #, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "���ѥ쥳���� %lu, �ꥯ�����ȥ����� %d: �ɤ߽Ф��˼���: %s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "���ѥ쥳���� %lu, ������ %d: �񤭹��ߤ˼���: %s\n"
-
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "���ѥ쥳���� %lu: ����˼���: %s\n"
-
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "���ѥǡ����١���: Ʊ���˼���: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "LID %lu �Υǥ��쥯�ȥ�쥳���ɤ��ɤ߽Ф����顼: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: ���Ԥ��줿�ǥ��쥯�ȥ�쥳���ɡ������� %d\n"
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' ���������緿��ID�Ǥ���ޤ���\n"
 
-#: g10/trustdb.c:389
+#: g10/trustdb.c:235
 #, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "LID %lu �μ縰������ޤ���\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "LID %lu �μ縰���ɤ߽Ф����顼: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record �˼���: %s\n"
-
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "%s ��������ʸ�������ɤǤϤ���ޤ���\n"
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "��%08lX: ���Ѥ��븰�Ȥ��Ƽ������ޤ���\n"
 
-#: g10/trustdb.c:502
+#: g10/trustdb.c:274
 #, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "�� %08lX: ���ѥǡ����١�������Ͽ�Ǥ��ޤ���\n"
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "��%08lX�����ѥǡ����١�����ʣ������ޤ�\n"
 
-#: g10/trustdb.c:508
+#: g10/trustdb.c:290
 #, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "�� %08lX: �����꡼�쥳���ɤ˼���\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "�� %08lX: ���˿��Ѥ��븰��ɽ�ˤ���ޤ�\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "�� %08lX: ���Ѥ��븰�Ȥ��Ƽ�������ޤ�����\n"
-
-#: g10/trustdb.c:547
-#, fuzzy, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "�� %08lX: rfc2440 �θ��ǤϤ���ޤ��� - �����åפ��ޤ�\n"
+msgstr "�� %08lX: ���Ѥ��븰�θ�����������ޤ��� - �����å�\n"
 
-#: g10/trustdb.c:566
+#: g10/trustdb.c:332
 #, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "����: ��̩�� %08lX ���ݸ��Ƥ��ޤ���\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "�� %08lX: ��̩���ȸ��������б����Ƥ��ޤ���\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "��̩���ΰ����˼���: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "�� %08lX.%lu: �������б���ͭ���Ǥ�\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "�� %08lX.%lu: �������б���̵���Ǥ�: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "�� %08lX.%lu: ͭ���ʸ����ѻ�\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "�� %08lX.%lu: ̵���ʸ����˴�: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "�� %08lX.%lu: ͭ�����������˴�\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "ͭ���ʼ��ʽ�̾"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "̵���ʼ��ʽ�̾"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr "���������ʽ�̾����Ƥ���Τǡ�ͭ���ʥ桼�� ID ���˴��ϹԤ��ޤ���"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "ͭ���ʥ桼�� ID ���˴�"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "̵���ʥ桼�� ID ���˴�"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "ͭ���ʾ�������˴�"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "ͭ���ʾ�����"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "̵���ʾ�������˴�"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "̵���ʾ�����"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "��̾�쥳���� %lu[%d] �ϸ��ä��쥳���ɤ�ؤ��Ƥ��ޤ���\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "��ʣ���������� - ������ޤ���"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir �˼���: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: �����˼���: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: �����˼���: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: �������ޤ���\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "�ǥ��쥯�ȥ�쥳���ɤ��ɤ߽Ф����顼: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu ����������ޤ���\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu ���ˤϥ��顼������ޤ�\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu �����������ޤ���\n"
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "���֥��å��ΰ����˼���: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: ���ʤ��Υǥ��쥯�ȥ�쥳���� - �����å�\n"
-
-#: g10/trustdb.c:1884
-#, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu �����ʸ�����\n"
-
-#: g10/trustdb.c:1886
-#, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu ���򥹥��åפ��ޤ���\n"
-
-#: g10/trustdb.c:1890
-#, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu ���򹹿����ޤ���\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "���äȡ���������ޤ���\n"
-
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "���äȡ��桼�� ID ������ޤ���\n"
-
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: �ǥ��쥯�ȥ�쥳���ɤθ����˼���: %s\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "���ѥ쥳����%lu, �ꥯ�����ȡ�������%d: �ɽФ��˼��Ԥ��ޤ���: %s\n"
 
-#: g10/trustdb.c:2406
+#: g10/trustdb.c:338
 #, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "�� %08lX: ���ѥ쥳���ɤ������˼���: %s\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "���ѥ쥳����%lu���׵ᤵ�줿��%d�ǤϤ���ޤ���\n"
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:353
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "�� %08lX.%lu: ���ѥ쥳���ɤ��������ޤ���\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "���ѥ쥳����%lu, ������%d: ����ߤ˼��Ԥ��ޤ���: %s\n"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:368
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
-msgstr ""
-"�� %08lX.%lu: ̤��˺�������Ƥ��ޤ� (����ι�Ԥ����פΤ��뤤�Ǥ��礦)\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "���ѥǡ����١���: Ʊ���˼��Ԥ��ޤ���: %s\n"
 
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "�� %08lX.%lu: %s �Ǵ����ڤ�Ǥ�\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "���ѥǡ����١����θ��ڤ����פǤ�\n"
 
-#: g10/trustdb.c:2441
+#: g10/trustdb.c:474 g10/trustdb.c:1638
 #, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "�� %08lX.%lu: ���Ѥθ��ڤ˼���: %s\n"
+msgid "next trustdb check due at %s\n"
+msgstr "���ѥǡ����١����μ���θ��ڤ�%s�Ǥ�\n"
 
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "�桼�� '%s' �����Ĥ���ޤ���: %s\n"
+#: g10/trustdb.c:776
+msgid "checking the trustdb\n"
+msgstr "���ѥǡ����١����θ���\n"
 
-#: g10/trustdb.c:2594
+#: g10/trustdb.c:930
 #, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "���ѥǡ����١������� '%s' �θ����˾㳲: %s\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "������%08lX�����Ĥ���ޤ���: %s\n"
 
-#: g10/trustdb.c:2597
+#: g10/trustdb.c:1512
 #, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "�桼�� '%s' �Ͽ��ѥǡ����١�������Ͽ����Ƥ��ޤ��� - �������ޤ���\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "����Ū�˿��Ѥ��븰%08lX�θ����������Ĥ���ޤ���\n"
 
-#: g10/trustdb.c:2600
+#: g10/trustdb.c:1590
 #, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "'%s' �ο��ѥǡ����١����ؤ���Ͽ�˼���: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "�ٹ�: �ޤ� long pref �쥳���ɤϼ�갷���ޤ���\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr "����%d�Ǹ��ڡ���̾�Ѥ�=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3312,144 +3800,138 @@ msgstr ""
 "(.sig��.asc)�����ޥ�ɹԤκǽ�Ǥʤ����\n"
 "�ʤ�ʤ����Ȥ�ǰƬ�ˤ����Ƥ���������\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
-msgstr "���Ϥ�%u���ܤ�Ĺ�᤮�뤫��LF���ʤ��褦�Ǥ�\n"
+msgstr "���Ϥ�%u���ܤ�Ĺ�����뤫��LF���ʤ��褦�Ǥ�\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: ����󥰤�����Ǥ��ޤ���: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: ����󥰤�������ޤ���\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "�ٹ�: ���Ѿ������ä� 2 �ĤΥե����뤬¸�ߤ��ޤ���\n"
-
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s ���ѹ�����Ƥ��ʤ����Ǥ�\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"��Ф��Ƥ⤤���ե饰�����ˤ����ꤵ��Ƥ��ޤ���\n"
+"��ʪ��������ҤȤϤ��ä���˻Ȥ��ޤ���!\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the new one\n"
-msgstr "%s �Ͽ��������Ǥ�\n"
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "���ΰ�����η�٤������Ʋ�����\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "`%s'�򥹥��å�: ��ʣ\n"
 
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
-msgstr "`%s' �򥹥��å�: %s\n"
+msgstr "`%s'�򥹥��å�: %s\n"
+
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "�����å�: ��̩���ϴ��ˤ���ޤ�\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
 "signatures!\n"
 msgstr ""
-"`%s' �򥹥��å�: ����� PGP ���������� ElGamal "
-"���Ǥ������θ��Ͻ�̾���Ѥ���ˤϰ����ǤϤ���ޤ���!\n"
+"`%s'�򥹥��å�: �����PGP����������ElGamal���Ǥ���\n"
+"��̾���Ѥ���ˤϡ������ǤϤ���ޤ���!\n"
 
 #. do not overwrite
 #: g10/openfile.c:84
 #, c-format
 msgid "File `%s' exists. "
-msgstr "�ե����� `%s' �ϴ���¸�ߤ��ޤ���"
+msgstr "�ե�����`%s'�ϴ���¸�ߤ��ޤ���"
 
 #: g10/openfile.c:86
 msgid "Overwrite (y/N)? "
 msgstr "��񤭤��ޤ��� (y/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
-msgstr "%s: �����ʳ�ĥ��\n"
+msgstr "%s: ̤�Τγ�ĥ��\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
-msgstr "�������ե�����̾�����Ϥ��Ʋ�����"
+msgstr "�������ե�����̾�����Ϥ��Ƥ�������"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "ɸ����Ϥ˽񤭽Ф��ޤ�\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
-msgstr "��̾���줿�ǡ����� `%s' �ˤ�������ꤷ�ޤ�\n"
+msgstr "��̾���줿�ǡ�����`%s'�ˤ�������ꤷ�ޤ�\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
-msgstr "%s: ���������ץ����ե������������ޤ���\n"
+msgstr "%s: ���������ץ���󡦥ե����뤬�Ǥ��ޤ���\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
-msgstr "%s: ���񤬺����Ǥ��ޤ���: %s\n"
+msgstr "%s: ���񤬤Ǥ��ޤ���: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
-msgstr "%s: �����������ޤ���\n"
+msgstr "%s: ���񤬤Ǥ��ޤ���\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr "���ץ���󡦥ե�������ɤ�ľ���褦��GnuPG��Ƶ�ư���Ƥ�������\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "�����ʥ��르�ꥺ��ˤ��Ź� %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "%s �Ź沽���줿�ǡ���\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
-msgstr "�ٹ�: ��å��������оΰŹ�ˡ�μ夤���ˤ��Ź沽����Ƥ��ޤ���\n"
+msgstr "�ٹ�: ��å��������оΰŹ�ˡ�μ夤���ǰŹ沽����Ƥ��ޤ���\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "�Ź�ѥ��åȤμ�갷���Ǿ㳲\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
-msgstr "�夤������������ޤ��� - �Ƽ¹Ԥ��ޤ�\n"
+msgstr "�夤�����Ǥ��ޤ��� - �Ƽ¹�\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
-msgstr "�оΰŹ�ˡ�μ夤������򤹤뤳�Ȥ��Ǥ��ޤ���%d ���ߤޤ���!\n"
+msgstr "�оΰŹ�ˡ�μ夤������򤹤뤳�Ȥ��Ǥ��ޤ���%d���ߤޤ���!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "���θ������ΰ٤���̩��������ޤ�!\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr "DSA�Ǥ�160�ӥåȤΥϥå��塦���르�ꥺ��λ��Ѥ�ɬ�פǤ�\n"
 
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr ""
-"�ޤ������������ˤ� \"--delete-secret-key\" ���ץ���� ���Ѥ��Ʋ�������\n"
-
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
-msgstr "\"--yes\" ��ȼ��ʤ��Хå��⡼�ɤǤϼ¹ԤǤ��ޤ���\n"
+msgstr "��--yes�פΤʤ��Хå��⡼�ɤǤϤǤ��ޤ���\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
-msgstr "���θ��򸰥�󥰤��������ޤ���? "
+msgstr "���θ����ؤ��������ޤ���? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
-msgstr "��̩��������ޤ�! - ������ ������ޤ���? "
+msgstr "�������̩���Ǥ�! �����˺�����ޤ���? "
+
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "���֥��å��κ���˼��Ԥ��ޤ���: %s\n"
+
+#: g10/delkey.c:161
+msgid "ownertrust information cleared\n"
+msgstr "��ͭ�Կ��Ѿ���򥯥ꥢ���ޤ���\n"
+
+#: g10/delkey.c:189
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "���θ������ˤ���������̩�� \"%s\" ������ޤ�!\n"
+
+#: g10/delkey.c:191
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "�ޤ���--delete-secret-keys�ץ��ץ����Ǥ���������Ƥ���������\n"
 
 #: g10/helptext.c:47
 msgid ""
@@ -3457,24 +3939,36 @@ msgid ""
 "to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
 "to do with the (implicitly created) web-of-certificates."
 msgstr ""
-"���������ꤷ���ͤϡ��礭�����ޤ��������ͤϷ褷���軰�Ԥˤ��󶡤���ޤ���\n"
-"�����Ԥ��ˤϡ��桹�� web-of-trust ���������ɬ�פ�����ޤ�����\n"
-"(����Ū�˺������줿) web-of-certificates ��̵���Ƥϲ���Ǥ��ޤ���"
+"�����ͤ�����ϡ����ʤ�����Ǥ��������ͤϡ��軰�Ԥ˷褷\n"
+"���󶡤���ޤ��󡣤���ϡ�web-of-trust �μ�����ɬ�פǡ�\n"
+"(����Ū�ˤǤ���) web-of-certificates �Ȥ�̵�ط��Ǥ���"
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Web-of-Trust���ۤ��뤿��GnuPG�ϡ��ɤθ�������Ū�˿��Ѥ���\n"
+"�Τ����Τ�ɬ�פ�����ޤ�������ϤդĤ�����̩���˥��������Ǥ�\n"
+"�븰�Τ��ȤǤ������θ�������Ū�˿��Ѥ��뤳�Ȥˤ���ʤ顢\n"
+"\"yes\"�Ȥ�����������������\n"
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
-msgstr "�����˴����줿����Ȥ������ʤ���С�\"no\" �������Ʋ�������"
+msgstr "�����˴����줿����Ȥ������ʤ���С���no�פ������Ƥ���������"
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
-msgstr "���ο��ѤǤ��ʤ�����Ȥ������ʤ���С�\"no\" �������Ʋ�������"
+msgstr "���ο��ѤǤ��ʤ�����Ȥ������ʤ���С���no�פ������Ƥ���������"
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
-msgstr "��å�������������ꥢ�ɥ쥹�Υ桼�� ID �����Ϥ��Ʋ�������"
+msgstr "��å�������������ꥢ�ɥ쥹�Υ桼����ID�����Ϥ��Ƥ���������"
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3494,67 +3988,66 @@ msgid ""
 "this is the reason why the encryption only ElGamal key is not available in\n"
 "this menu."
 msgstr ""
-"���Ѥ��륢�르�ꥺ�������\n"
+"���Ѥ��륢�르�ꥺ������򤷤Ƥ���������\n"
 "\n"
-"DSA (��̾ DSS) �ϡ���̾�ˤΤ��Ѥ��뤳�Ȥ��Ǥ����Żҽ�̾���르�ꥺ��Ǥ���\n"
-"DSA ��̾�� ElGamal ˡ�����®�˸��ڤǤ���Τǡ�����Ͽ侩���륢�르�ꥺ��\n"
-"�Ǥ���\n"
+"DSA (��̾DSS) �ϡ���̾�ˤΤ��Ѥ��뤳�Ȥ��Ǥ����Żҽ�̾���르��\n"
+"����Ǥ���DSA��̾��ElGamalˡ�����®�˸��ڤǤ���Τǡ������\n"
+"�侩���륢�르�ꥺ��Ǥ���\n"
 "\n"
-"ElGamal �ϡ���̾�ȰŹ沽���Ѥ��뤳�Ȥ��Ǥ��륢�르�ꥺ��Ǥ���\n"
-"OpenPGP "
-"�Ǥϡ����Υ��르�ꥺ��ΡְŹ沽�Τߡפȡֽ�̾+�Ź沽�פΣ��Ĥ���ˡ��\n"
-"���̤��Ƥ��ޤ������ºݤˤ�Ʊ���Ǥ�������������̾�Ѥΰ����ʸ�����������ˤ�\n"
-"�����Ĥ����ѿ������̤���ˡ�����򤷤ʤ���Фʤ�ޤ��󡣤��Υץ������Ǥϡ�\n"
-"����ϲ�ǽ�Ǥ�����OpenPGP "
-"��¾�μ����Ǥϡֽ�̾+�Ź沽�פ���ˡ���ᤷ�ޤ���\n"
+"ElGamal�ϡ���̾�ȰŹ沽���Ѥ��뤳�Ȥ��Ǥ��륢�르�ꥺ��Ǥ���\n"
+"OpenPGP�Ǥϡ����Υ��르�ꥺ��ΡְŹ沽�Τߡפȡֽ�̾+�Ź沽��\n"
+"��2�Ĥ���ˡ����̤��Ƥ��ޤ������ºݤˤ�Ʊ���Ǥ�������������̾��\n"
+"�ΰ����ʸ�����ˤϰ������ѿ������̤���ˡ�����򤷤ʤ���Фʤ�\n"
+"�ޤ��󡣤��Υץ������ǤϤ��줬��ǽ�Ǥ�����¾��OpenPGP�μ�����\n"
+"�ϡ��ֽ�̾+�Ź沽�פ���ˡ���ᤷ�ʤ����⤷��ޤ���\n"
 "\n"
-"�ǽ�θ�(�縰)�Ͻ�̾�˻��ѤǤ��븰�Ǥʤ���Фʤ�ޤ���\n"
-"���Τ��Ȥ��ְŹ沽�Τߡפ� ElGamal ���������Υ�˥塼��̵�����Ȥ���ͳ�Ǥ���"
+"�ǽ�θ�(�縰)�ϡ���̾�˻��ѤǤ��븰�Ǥʤ���Фʤ�ޤ��󡣤��줬\n"
+"���Υ�˥塼�ˡְŹ沽�Τߡפ�ElGamal���Τʤ���ͳ�Ǥ���"
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
 "with them are quite large and very slow to verify."
 msgstr ""
-"�����θ��� RFC2440 ���������Ƥ��ޤ������侩���ޤ���\n"
-"���Τʤ顢���������ƤΥץ������ˤ�äƥ��ݡ��Ȥ���Ƥ��ʤ���\n"
-"����������̾������Ĺ���ơ����ڤˤ���֤������뤿��Ǥ���"
+"�����θ���RFC2440���������Ƥ��ޤ������侩���ޤ���\n"
+"�ʤ��ʤ顢�����򥵥ݡ��Ȥ��Ƥ��ʤ��ץ�����ब���ꡢ\n"
+"����������̾������Ĺ���ơ����ڤˤ���֤������뤿��Ǥ���"
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
-msgstr "����Ĺ�������Ϥ��Ʋ�����"
+msgstr "����Ĺ�������Ϥ��Ƥ�������"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
-msgstr "\"yes\" �ޤ��� \"no\" �������Ʋ�����"
+msgstr "��yes�פ���no�פ������Ƥ�������"
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
 "get a good error response - instead the system tries to interpret\n"
 "the given value as an interval."
 msgstr ""
-"�ץ���ץȤ˼������񼰤��ͤ����Ϥ��Ʋ�������\n"
-"ISO �����դν� (YYYY-MM-DD) �Ǥ����ϤǤ��ޤ��������������顼��\n"
-"ɽ������ʤ��Ǥ��礦 - ��������ˡ������ƥ�������ͤ�ֳ֤��Ѵ�����\n"
+"�ץ���ץȤ˼����񼰤��ͤ����Ϥ��Ƥ���������\n"
+"ISO�����դν� (YYYY-MM-DD) �Ǥ����ϤǤ��ޤ��������������顼��\n"
+"ɽ������ʤ��Ǥ��礦��������ꡢ�����ƥ�������ͤ���֤��Ѵ�����\n"
 "�褦�˻�ߤޤ���"
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
-msgstr "���ۥ����̾�������Ϥ��Ʋ�����"
+msgstr "���ۥ����̾�������Ϥ��Ƥ�������"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
-msgstr "���ץ����Ǥ������Żҥ᡼�륢�ɥ쥹�����Ϥ��뤳�Ȥ򶯤��侩���ޤ�"
+msgstr "���ץ����Ǥ������Żҥ᡼��Υ��ɥ쥹�����Ϥ��뤳�Ȥ򶯤��侩���ޤ�"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
-msgstr "���ץ����Υ����Ȥ����Ϥ��Ʋ�����"
+msgstr "���ץ����Υ����Ȥ����Ϥ��Ƥ�������"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3562,43 +4055,112 @@ msgid ""
 "O  to continue with key generation.\n"
 "Q  to to quit the key generation."
 msgstr ""
-"N  ̾�����ѹ�\n"
-"C  �����Ȥ��ѹ�\n"
-"E  �Żҥ᡼�륢�ɥ쥹���ѹ�\n"
-"O  ����������³��\n"
-"Q  �������������"
+"N  ̾�����ѹ���\n"
+"C  �����Ȥ��ѹ���\n"
+"E  �Żҥ᡼��Υ��ɥ쥹���ѹ���\n"
+"O  ����������³�ԡ�\n"
+"Q  ������������ߡ�"
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
-msgstr "���������������硢\"yes\" (�ޤ��ϡ�ñ�� \"y\") �������Ʋ�������"
+msgstr "���������������硢��yes��(�ޤ��ϡ�ñ�ˡ�y��) �������Ƥ���������"
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"���Υ桼����ID�˽�̾����Ȥ��ϡ����Υ桼����ID��̾���οͤ���\n"
+"���ͭ���Ƥ��롢�Ȥ������Ȥ��ǧ����٤��Ǥ������ʤ����ɤ���\n"
+"�����տ�����ǧ�����Τ���¾�οͤ������Τ餻��ȡ������Ǥ���\n"
+"\n"
+"\"0\" �ϡ����ʤ����ɤ��������տ�����ǧ�����Τ����ä˼�ĥ����\n"
+"    ���Ȥ�����̣�Ǥ���\n"
+"\n"
+"\"1\" �ϡ����ν�ͭ�Ԥȼ�ĥ���Ƥ���ͤ����θ����ͭ���Ƥ��롢��\n"
+"    ���ʤ��Ͽ����ƤϤ����ΤΡ���ǧ���������Ƥʤ��ä����ޤ�\n"
+"    �ϤǤ��ʤ��ä����Ȥ�����̣�Ǥ�������ϡ��ڥ�͡����Ȥ�\n"
+"    �桼�����θ��˽�̾������Ρ��֥ڥ륽�ʡ׳�ǧ�������Ǥ���\n"
+"\n"
+"\"2\" �ϡ����ʤ���������γ�ǧ�򤷤����Ȥ�����̣�Ǥ������Ȥ���\n"
+"    ���λ���򸡾ڤ����ե���ID�ˤ������Ƹ��Υ桼����ID���ǧ\n"
+"    ������礬�����Ǥ���\n"
+"\n"
+"\"3\" �ϡ����ʤ������ϰϤˤ錄�기�򸡾ڤ������Ȥ�����̣�Ǥ���\n"
+"    ���Ȥ��С����ν�ͭ���ܿͤȸ��λ���򸡾ڤ���(�ѥ��ݡ���\n"
+"    �Τ褦��) ��¤�Τ�Ĥ��������ե���ID�Ĥ��μ��ʤǡ����ν�\n"
+"    ͭ�Ԥ�̾���������Υ桼����ID��̾���Ȱ��פ��뤳�Ȥ��ǧ��\n"
+"    �ơ�(�Żҥ᡼��θ򴹤ʤɤ�) �����Żҥ᡼�롦���ɥ쥹��\n"
+"    ���ν�ͭ�Ԥ�°���Ƥ��뤳�Ȥ򸡾ڤ�����礬�����Ǥ���\n"
+"\n"
+"�嵭2��3����ϡ�*ñ�ʤ�*��ˤ����ʤ����Ȥ������Ȥ�ǰƬ���֤�\n"
+"�Ƥ���������¾�θ��˽�̾����ݡ��ְ���פ�ֹ��ϰϡפ������\n"
+"̣���뤫��ǽ�Ū�˷���Τϡ����ʤ��Ǥ���\n"
+"\n"
+"���������Τ狼��ʤ����ϡ���0�פ������Ƥ���������"
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
-msgstr "���Ƥ� �桼�� ID �˽�̾��������С�\"yes\" �������Ʋ�����"
+msgstr "���Ƥ� �桼����ID�˽�̾��������С���yes�פ������Ƥ�������"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
 msgstr ""
-"�����Υ桼�� ID �� ������ �����������С�\"yes\" "
-"�������Ʋ��������Ƥξ������Ʊ���˺������ޤ�!"
+"�����Υ桼����ID�������˺����������С���yes�פ������Ƥ���������\n"
+"�����������Ʊ���˺�����ޤ�!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
-msgstr "�����������������硢\"yes\" �������Ʋ�����"
+msgstr "�����������������硢��yes�פ������Ƥ�������"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
 "trust connection to the key or another key certified by this key."
 msgstr ""
-"����ϸ����Ф���ͭ���ʽ�̾�Ǥ����̾�Ϥ��ν�̾�Ϻ���������ʤ��Ǥ��礦��\n"
-"���Τʤ顢���ν�̾�ϡ����ؤο��Ѥ��ؤκ����䡢���θ��ˤ������ˤȤä�\n"
-"���פ�����Ǥ���"
+"����ϸ��ˤ�������ͭ���ʽ�̾�Ǥ������̤��ν�̾��������٤���\n"
+"�Ϥʤ��Ǥ��礦���ʤ��ʤ顢���ν�̾�ϡ����ؤο��Ѥ��ؤκ����䡢\n"
+"���θ��ˤ������ˤȤäƽ��פ�����Ǥ���"
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3606,19 +4168,19 @@ msgid ""
 "a trust connection through another already certified key."
 msgstr ""
 "���ν�̾�Ȱ��פ��븰����ͭ���Ƥ��ʤ��Τǡ����ν�̾�ϸ��ڤǤ��ޤ���\n"
-"���ʤ��Ϥ��θ������Ѥ����ޤǤϡ����ν�̾�κ������α����٤��Ǥ���\n"
-"���Τʤ顢���ν�̾�θ��ϡ�¾�ξ������줿���ˤ�äƿ��Ѥ��ؤ�������뤫��\n"
-"�Τ�ʤ�����Ǥ���"
+"���θ������Ѥ����ޤǤϡ����ʤ��Ϥ��ν�̾�κ������α����٤��Ǥ���\n"
+"�ʤ��ʤ顢���ν�̾�θ��ϡ�¾�ξ������줿���ǿ��Ѥ��ؤ�������뤫��\n"
+"����ʤ�����Ǥ���"
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
 msgstr ""
-"���ν�̾��ͭ���ǤϤ���ޤ��󡣤��Τ��Ȥϡ����ʤ��θ���󥰤��������٤���\n"
-"�Ȥ������Ȥ��̣���Ƥ��ޤ���"
+"���ν�̾��ͭ���ǤϤ���ޤ��󡣤��Τ��Ȥϡ����ʤ��θ��ؤ��������٤���\n"
+"�Ȥ�����̣�Ǥ���"
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3626,47 +4188,52 @@ msgid ""
 "only if this self-signature is for some reason not valid and\n"
 "a second one is available."
 msgstr ""
-"����ϡ����Υ桼�� ID ���б�������̾�Ǥ����̾���ν�̾��������Τ�\n"
-"�ɤ��ͤ��ǤϤ���ޤ��󡣼ºݤˤϡ�GnuPG �Ϥ�Ϥ䤳�θ���Ȥ��ʤ��Τ���\n"
-"�Τ�ޤ��󡣤�äơ����μ��ʽ�̾�����餫����ͳ�ˤ��̵���Ǥ��äơ�\n"
-"���ؤȤʤ븰��������ˤΤߡ������¹Ԥ��Ʋ�������"
+"����ϡ����Υ桼����ID���б�������̾�Ǥ����̾���ν�̾��������Τ�\n"
+"�����ͤ��ǤϤ���ޤ��󡣼ºݤˤϡ�GnuPG�Ϥ�Ϥ䤳�θ���Ȥ��ʤ��Τ���\n"
+"����ޤ��󡣤�äơ����μ��ʽ�̾�����餫����ͳ�ˤ��̵���Ǥ��äơ�\n"
+"���ؤȤʤ븰��������ˤΤߡ������¹Ԥ��Ƥ���������"
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
 msgstr ""
-"�ѥ��ե졼�������Ϥ��Ʋ��������������̩��ʸ�ϤΤ��ȤǤ���\n"
-"  �ۥ��ۥ�.... "
+"���� (�ޤ������򤷤�) �桼����ID�������򡢸��ߤ������������ѹ�\n"
+"���ޤ����ط����뼫�ʽ�̾�Υ����ॹ����פϡ�1�ä����ߤޤ���\n"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "�ѥ��ե졼�������Ϥ��Ƥ����������������̩��ʸ�ϤΤ��ȤǤ� \n"
+
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
-msgstr "���Ϥ����ե졼�����ǧ���뤿��ˡ��ѥ��ե졼��������Ϥ��Ʋ�������"
+msgstr "���Ϥ����ѥ��ե졼���γ�ǧ�Τ��ᡢ�����Ϥ��Ƥ���������"
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
-msgstr "��̾��Ԥ��ե������̾���򵭽Ҥ��Ʋ�����"
+msgstr "��̾��Ԥ��ե������̾������ꤷ�Ƥ�������"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
-msgstr "��񤭤��Ƥ��ɤ���С�\"yes\" �������Ʋ�����"
+msgstr "��񤭤��Ƥ褱��С���yes�פ������Ƥ�������"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
 msgstr ""
-"�������ե�����̾�����Ϥ��Ʋ�������ñ�˥꥿���󥭡��򲡤��ȡ�\n"
-"�ǥե���ȤΥե�����̾ (��̤ǰϤޤ줿���) �����Ѥ���ޤ�"
+"�������ե�����̾�����Ϥ��Ƥ���������ñ�˥꥿���󡦥����򲡤��ȡ�\n"
+"(��̤ǰϤ��) ����Υե�����̾����Ѥ��ޤ���"
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3674,83 +4241,346 @@ msgid ""
 "      Use this to state that the user ID should not longer be used;\n"
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
-
-#: g10/helptext.c:245
+"���������ͳ����ꤹ��ɬ�פ�����ޤ�������ط��ˤ���ޤ�����\n"
+"�ʲ��������֤��Ȥ��Ǥ��ޤ���\n"
+"  �ָ����ѥ����ޤ�����\n"
+"      ǧ�ڤ���Ƥ��ʤ��ͤ���̩���ؤΥ����������������ȿ�����\n"
+"      ��­����ͳ�Τ���Ȥ��ˡ������Ȥ��ޤ���\n"
+"  �ָ����Ȥ꤫��äƤ��ޤ���\n"
+"      ���θ���ʬ�ǿ��������ȤȤ꤫�����Ȥ��˻Ȥ��ޤ���\n"
+"  �ָ��Ϥ⤦�Ȥ��Ƥ��ޤ����\n"
+"      ���θ���Ȥ��Τ��᤿�Ȥ��˻Ȥ��ޤ���\n"
+"  �֥桼����ID���⤦ͭ���Ǥ���ޤ����\n"
+"      �⤦���Υ桼����ID�ϻȤ��٤��Ǥʤ����Ȥ����Ȥ��˻Ȥ�\n"
+"      �ޤ�����������̡��Żҥ᡼��Υ��ɥ쥹��̵���ˤʤä���\n"
+"      ���˻Ȥ��ޤ���\n"
+
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
+"�⤷������������С��ʤ��˴��������ȯ�Ԥ���Τ������������\n"
+"�����Ȥ����Ϥ��뤳�Ȥ��Ǥ��ޤ����ƥ����Ȥϴʷ�ˤ��Ƥ���������\n"
+"���Ԥǽ����ˤʤ�ޤ���\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "�إ�פϤ���ޤ���"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
-msgstr "`%s' �ؤΥإ�פϤ���ޤ���"
+msgstr "`%s'�Υإ�פϤ���ޤ���"
+
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "����`%s'�κ������顼: %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "`%s' �ؤε��Ĥ��ѹ��˼���: %s\n"
+
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "���� `%s' ���Ǥ��ޤ���\n"
+
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "���إ���å���κƹ��ۤ˼��Ԥ��ޤ���: %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "�ٹ�: ���Ѿ�����ä�2�ĤΥե����뤬¸�ߤ��ޤ���\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s���ѹ��Τʤ����Ǥ�\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s�Ͽ��������Ǥ�\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "���ΰ�����η�٤������Ƥ�������\n"
+
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "����`%s'�򸡾ڤ��Ƥ��ޤ�\n"
+
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "����ޤǤ�%lu�Ĥθ��ޤǸ��� (%lu�Ĥν�̾)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu�Ĥθ��ޤǸ��� (%lu�Ĥν�̾)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: ���ؤ��Ǥ��ޤ���\n"
+
+msgid "too many random bits requested; the limit is %d\n"
+msgstr "�����ࡦ�ӥåȤ򤿤������׵ᤷ�᤮�Ǥ����³��� %d\n"
+
+msgid "|[NAMES]|check the trust database"
+msgstr "|[̾��]|���ѥǡ����١���������å�"
+
+msgid "--delete-secret-key user-id"
+msgstr "--delete-secret-key �桼����id"
+
+msgid "--delete-key user-id"
+msgstr "--delete-key �桼����id"
+
+msgid "--delete-secret-and-public-key user-id"
+msgstr "--delete-secret-and-public-key �桼����id"
+
+msgid "For info see http://www.gnupg.org"
+msgstr "KUWASIKU WA http://www.gnupg.org/ WO GORANKUDASAI"
+
+msgid "sSmMqQ"
+msgstr "sSmMqQ"
+
+msgid ""
+"Could not find a valid trust path to the key.  Let's see whether we\n"
+"can assign some missing owner trust values.\n"
+"\n"
+msgstr ""
+"���ؤ�ͭ���ʿ��Ѥη�ϩ�����Ĥ���ޤ���\n"
+"���ʤ��ͤο����٤�����Ǥ��ʤ����ɤ�����Ĵ�٤ޤ��礦��\n"
+"\n"
+
+msgid ""
+"No path leading to one of our keys found.\n"
+"\n"
+msgstr ""
+"������θ��ػ���ϩ������ޤ���\n"
+"\n"
+
+msgid ""
+"No certificates with undefined trust found.\n"
+"\n"
+msgstr ""
+"�����٤�̤����ξ�����Ϥ���ޤ���\n"
+"\n"
+
+msgid ""
+"No trust values changed.\n"
+"\n"
+msgstr ""
+"�����٤��ѹ��Ϥ���ޤ���\n"
+"\n"
+
+msgid "%08lX: no info to calculate a trust probability\n"
+msgstr "%08lX: �����٤�׻�������󤬤���ޤ���\n"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "��������ɤ߹��ߤ˼���: %s\n"
+msgid "Enter the user ID: "
+msgstr "�桼����ID������: "
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "���ΥС������Ǥ� RSA �����ϻȤ��ޤ���\n"
+msgid "skipped: public key already set with --encrypt-to\n"
+msgstr "�����å�: �������ϴ��� --encrypt-to ������ѤߤǤ�\n"
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "�桼�� ID �θ�������ޤ���\n"
+msgid "%s: error checking key: %s\n"
+msgstr "%s: ���θ��ڥ��顼: %s\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "���Υ桼�� ID ������ޤ���\n"
+msgid "   (%d) RSA (sign and encrypt)\n"
+msgstr "   (%d) RSA (��̾�ȰŹ沽)\n"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "�ǥե���Ȥθ�������󥰤�����ޤ���\n"
+msgid "Do you really want to create a sign and encrypt key? "
+msgstr "�����˽�̾�ȰŹ��Ѥθ�����ޤ���? "
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "����� `%s' �Υ��å����Ǥ��ޤ���: %s\n"
+msgid "Do you really need such a large keysize? "
+msgstr "����ʤ�Ĺ�����������ˤ���ޤ���? "
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "�� %08lX: ���ꥸ�ʥ�θ��֥��å����ɤ�ޤ���: %s\n"
+msgid "%s: user not found: %s\n"
+msgstr "%s: �桼���������Ĥ���ޤ���: %s\n"
 
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: �桼�������Ĥ���ޤ���\n"
+msgid "certificate read problem: %s\n"
+msgstr "��������ɹ��߾㳲: %s\n"
 
-#~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
-#~ msgstr ""
-#~ "RSA "
-#~ "����ȿ�Ф���Ƥ��ޤ�������������������ƺ���Ϥ��θ����Ѥ��뤳�Ȥ�Ƥ���Ƥ��"
-#~ "�����\n"
+msgid "too many entries in unk cache - disabled\n"
+msgstr "unk����å���Υ���ȥ꡼��¿�����ޤ� - ���Ѷػ�\n"
 
-#~ msgid "not processed"
-#~ msgstr "̤����"
+msgid "secret key %08lX not imported (use %s to allow for it)\n"
+msgstr "��̩��%08lX���ɤ߹��ޤ�ޤ��� (ͭ���ˤ���ˤ�%s��Ȥ��ޤ�)\n"
 
-#~ msgid "assuming bad MDC due to an unknown critical bit\n"
-#~ msgstr "�����ʥ���ƥ�����ӥåȤ����ä��Τǡ�MDC ���������ȸ��ʤ��ޤ�\n"
+msgid "key %08lX: our copy has no self-signature\n"
+msgstr "��%08lX: �������ʣ���ˤϼ��ʽ�̾������ޤ���\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
-#~ msgstr ""
-#~ "���ˤϰ����Ǥʤ��ե饰�����ꤵ��Ƥ��ޤ��� - "
-#~ "��ʪ����������֤ˤ��ɲäǤ��ޤ���!\n"
+msgid "%s: user not found\n"
+msgstr "%s: �桼���������Ĥ���ޤ���\n"
 
-#~ msgid "set debugging flags"
-#~ msgstr "�ǥХå��ե饰�򥻥åȤ���"
+msgid "update of trustdb failed: %s\n"
+msgstr "���ѥǡ����١����ι����˼��Ԥ��ޤ���: %s\n"
 
-#~ msgid "enable full debugging"
-#~ msgstr "���ƤΥǥХå���ͭ���ˤ���"
+msgid "no keyserver known (use option --keyserver)\n"
+msgstr ""
+"���Τθ������С��Ϥ���ޤ��� (--keyserver���ץ�����Ȥ��ޤ��礦)\n"
 
-#~ msgid "do not write comment packets"
-#~ msgstr "�����ȥѥ��åȤ�񤭽Ф��ʤ�"
+msgid "%s: not a valid key ID\n"
+msgstr "%s: ��������ID�Ǥ���ޤ���\n"
 
-#~ msgid "(default is 1)"
-#~ msgstr "(�ǥե���Ȥ� 1)"
+msgid "assuming bad MDC due to an unknown critical bit\n"
+msgstr "̤�ΤΥ���ƥ����롦�ӥåȤ����ä��Τǡ�������MDC�Ȥߤʤ��ޤ�\n"
 
-#~ msgid "(default is 3)"
-#~ msgstr "(�ǥե���Ȥ� 3)"
+msgid "error reading dir record for LID %lu: %s\n"
+msgstr "LID %lu�Υǥ��쥯�ȥ꡼���쥳���ɤ��ɽФ����顼: %s\n"
 
-#~ msgid "   (%d) ElGamal in a v3 packet\n"
-#~ msgstr "   (%d) ElGamal in a v3 packet\n"
+msgid "lid %lu: expected dir record, got type %d\n"
+msgstr "lid %lu: ���Ԥ��줿�ǥ��쥯�ȥ꡼���쥳���ɡ�������%d\n"
+
+msgid "no primary key for LID %lu\n"
+msgstr "LID %lu�μ縰������ޤ���\n"
+
+msgid "error reading primary key for LID %lu: %s\n"
+msgstr "LID %lu�μ縰���ɽФ����顼: %s\n"
+
+msgid "get_dir_record: search_record failed: %s\n"
+msgstr "get_dir_record: search_record �˼��Ԥ��ޤ���: %s\n"
+
+msgid "key %08lX: query record failed\n"
+msgstr "��%08lX: �쥳���ɤ���礻�˼���\n"
+
+msgid "key %08lX: already in trusted key table\n"
+msgstr "��%08lX: ���˿��Ѥ��븰��ɽ�ˤ���ޤ�\n"
+
+msgid "NOTE: secret key %08lX is NOT protected.\n"
+msgstr "����: ��̩��%08lX���ݸ��Ƥ��� ����\n"
+
+msgid "key %08lX: secret and public key don't match\n"
+msgstr "��%08lX: ��̩���ȸ��������б����Ƥ��ޤ���\n"
+
+msgid "enumerate secret keys failed: %s\n"
+msgstr "��̩�������˼��Ԥ��ޤ���: %s\n"
+
+msgid "key %08lX.%lu: Good subkey binding\n"
+msgstr "��%08lX.%lu: �������б���ͭ���Ǥ�\n"
+
+msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+msgstr "��%08lX.%lu: �������б���̵���Ǥ�: %s\n"
+
+msgid "key %08lX.%lu: Valid key revocation\n"
+msgstr "��%08lX.%lu: ͭ���ʸ����˴�\n"
+
+msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+msgstr "��%08lX.%lu: ̵���ʸ����˴�: %s\n"
+
+msgid "key %08lX.%lu: Valid subkey revocation\n"
+msgstr "��%08lX.%lu: ͭ�����������˴�\n"
+
+msgid "Good self-signature"
+msgstr "ͭ���ʼ��ʽ�̾"
+
+msgid "Invalid self-signature"
+msgstr "̵���ʼ��ʽ�̾"
+
+msgid "Valid user ID revocation skipped due to a newer self signature"
+msgstr "���������ʽ�̾����Ƥ���Τǡ�ͭ���ʥ桼����ID���˴��ϹԤ��ޤ���"
+
+msgid "Valid user ID revocation"
+msgstr "ͭ���ʥ桼����ID���˴�"
+
+msgid "Invalid user ID revocation"
+msgstr "̵���ʥ桼����ID���˴�"
+
+msgid "Valid certificate revocation"
+msgstr "ͭ���ʾ�������˴�"
+
+msgid "Good certificate"
+msgstr "ͭ���ʾ�����"
 
-#~ msgid "Key generation can only be used in interactive mode\n"
-#~ msgstr "���κ��������å⡼�ɤǤ����¹ԤǤ��ޤ���\n"
+msgid "Invalid certificate revocation"
+msgstr "̵���ʾ�������˴�"
+
+msgid "Invalid certificate"
+msgstr "̵���ʾ�����"
+
+msgid "sig record %lu[%d] points to wrong record.\n"
+msgstr "��̾�쥳����%lu[%d] �ϸ��ä��쥳���ɤ�ؤ��Ƥ��ޤ���\n"
+
+msgid "duplicated certificate - deleted"
+msgstr "��ʣ���������� - ���"
+
+msgid "tdbio_search_dir failed: %s\n"
+msgstr "tdbio_search_dir �˼��Ԥ��ޤ���: %s\n"
+
+msgid "lid ?: insert failed: %s\n"
+msgstr "lid ?: �����˼��Ԥ��ޤ���: %s\n"
+
+msgid "lid %lu: insert failed: %s\n"
+msgstr "lid %lu: �����˼��Ԥ��ޤ���: %s\n"
+
+msgid "lid %lu: inserted\n"
+msgstr "lid %lu: �������ޤ���\n"
+
+msgid "error reading dir record: %s\n"
+msgstr "�ǥ��쥯�ȥ꡼���쥳���ɤ��ɽФ����顼: %s\n"
+
+msgid "\t%lu keys with errors\n"
+msgstr "\t%lu���ˤϥ��顼������ޤ�\n"
+
+msgid "\t%lu keys inserted\n"
+msgstr "\t%lu�����������ޤ���\n"
+
+msgid "lid %lu: dir record w/o key - skipped\n"
+msgstr "lid %lu: ���ʤ��Υǥ��쥯�ȥ꡼���쥳���� - �����å�\n"
+
+msgid "\t%lu due to new pubkeys\n"
+msgstr "\t%lu������������\n"
+
+msgid "\t%lu keys skipped\n"
+msgstr "\t%lu���򥹥��åפ��ޤ���\n"
+
+msgid "\t%lu keys updated\n"
+msgstr "\t%lu���򹹿����ޤ���\n"
+
+msgid "Ooops, no keys\n"
+msgstr "���äȡ���������ޤ���\n"
+
+msgid "Ooops, no user IDs\n"
+msgstr "���äȡ��桼����ID������ޤ���\n"
+
+msgid "check_trust: search dir record failed: %s\n"
+msgstr "check_trust: �ǥ��쥯�ȥ꡼���쥳���ɤθ����˼��Ԥ��ޤ���: %s\n"
+
+msgid "key %08lX: insert trust record failed: %s\n"
+msgstr "��%08lX: ���ѥ쥳���ɤ������˼��Ԥ��ޤ���: %s\n"
+
+msgid "key %08lX.%lu: inserted into trustdb\n"
+msgstr "��%08lX.%lu: ���ѥ쥳���ɤ��������ޤ���\n"
+
+msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgstr "��%08lX.%lu: ̤��ˤǤ��Ƥ��ޤ� (����ι�Ԥ����פΤ��뤤�Ǥ��礦)\n"
+
+msgid "key %08lX.%lu: expired at %s\n"
+msgstr "��%08lX.%lu: %s�Ǵ����ڤ�Ǥ�\n"
+
+msgid "key %08lX.%lu: trust check failed: %s\n"
+msgstr "��%08lX.%lu: ���Ѥθ��ڤ˼��Ԥ��ޤ���: %s\n"
+
+msgid "problem finding '%s' in trustdb: %s\n"
+msgstr "���ѥǡ����١�������'%s'�θ����˾㳲: %s\n"
+
+msgid "user '%s' not in trustdb - inserting\n"
+msgstr "�桼����'%s'�Ͽ��ѥǡ����١�������Ͽ����Ƥ��ޤ��� - ����\n"
+
+msgid "failed to put '%s' into trustdb: %s\n"
+msgstr "'%s'�ο��ѥǡ����١����ؤ���Ͽ�˼��Ԥ��ޤ���: %s\n"
+
+msgid "WARNING: can't yet handle long pref records\n"
+msgstr "�ٹ�: �ޤ� long pref �쥳���ɤϼ�갷���ޤ���\n"
+
+msgid "%s: can't create keyring: %s\n"
+msgstr "%s: ���ؤ��Ǥ��ޤ���: %s\n"
diff --git a/po/nl.po b/po/nl.po
index 62f04e114..5de11eab1 100644
--- a/po/nl.po
+++ b/po/nl.po
@@ -5,7 +5,7 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: gnupg 1.0.0h\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
 "PO-Revision-Date: 2000-02-20 21:30+01:00\n"
 "Last-Translator: Ivo Timmermans <[email protected]>\n"
 "Language-Team: Dutch <[email protected]>\n"
@@ -13,289 +13,318 @@ msgstr ""
 "Content-Type: text/plain; charset=iso-8859-1\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Let op: er wordt onveilig geheugen gebruikt!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr ""
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "bewerking is niet mogelijk zonder initialisatie van veilig geheugen\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(misschien heb je hiervoor het verkeerde programma gebruikt)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "ja"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "yYjJ"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "nee"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "einde"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "qQeE"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "algemene fout"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "onbekend pakket type"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "onbekende versie"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "onbekend publieke sleutel algoritme"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "onbekend verteeralgoritme"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "foutieve publieke sleutel"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "foutieve geheime sleutel"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "foutieve ondertekening"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "verkeerd controlegetal"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "verkeerde sleuteltekst"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "publieke sleutel niet gevonden"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "onbekend versleutelalgoritme"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "kan de sleutelbos niet openen"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "ongeldig pakket"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "ongeldige versleuteling"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "niet-bestaand gebruikersnummer"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "geheime sleutel niet beschikbaar"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "verkeerde geheime sleutel gebruikt"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "niet ondersteund"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "foutieve sleutel"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "leesfout op bestand"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "schrijffout op bestand"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "onbekend compressiealgoritme"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "fout bij openen bestand"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "fout bij aanmaken bestand"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "ongeldige sleuteltekst"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "publieke sleutel algoritme niet ge�mplementeerd"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "encryptie-algoritme niet ge�mplementeerd"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "onbekende klasse van ondertekeningen"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "fout in de vertrouwensrelatiedatabase"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "foutieve MPI"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "hulpbronlimiet"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "ongeldige sleutelbos"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "foutief certificaat"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "ongeldige gebruikersidentificatie"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "fout bij het sluiten van het bestand"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "fout bij het hernoemen van het bestand"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "fout bij het verwijderen van het bestand"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "onverwachte gegevens"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "tijden komen niet overeen"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "onbruikbaar publieke sleutel-algoritme"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "bestand bestaat al"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "onveilige sleutel"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "ongeldig argument"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "foutieve URI"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "URI wordt niet ondersteund"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "netwerkfout"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "niet versleuteld"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "niet behandeld"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "foutieve publieke sleutel"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "foutieve geheime sleutel"
+
+#: util/errors.c:107
+#, fuzzy
+msgid "keyserver error"
+msgstr "algemene fout"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... dit is een programmeerfout (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "u heeft een fout in het programma gevonden ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "kan `%s' niet openen: %s\n"
 
-#: cipher/random.c:325
+#: cipher/random.c:324
 #, fuzzy, c-format
 msgid "can't stat `%s': %s\n"
 msgstr "kan `%s' niet openen: %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
 msgstr ""
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
 msgstr ""
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
 
-#: cipher/random.c:349
+#: cipher/random.c:348
 #, fuzzy, c-format
 msgid "can't read `%s': %s\n"
 msgstr "kan `%s' niet openen: %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
 msgstr ""
 
-#: cipher/random.c:407
+#: cipher/random.c:406
 #, fuzzy, c-format
 msgid "can't create `%s': %s\n"
 msgstr "kan %s niet aanmaken: %s\n"
 
-#: cipher/random.c:414
+#: cipher/random.c:413
 #, fuzzy, c-format
 msgid "can't write `%s': %s\n"
 msgstr "kan `%s' niet openen: %s\n"
 
-#: cipher/random.c:417
+#: cipher/random.c:416
 #, fuzzy, c-format
 msgid "can't close `%s': %s\n"
 msgstr "kan `%s' niet openen: %s\n"
 
-#: cipher/random.c:428
-#, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
-
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr "LET OP: de willekeurige getallengenerator is niet veilig!!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -309,7 +338,7 @@ msgstr ""
 "Gebruik geen enkele gegevens die door dit programma gegenereerd zijn!!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -321,19 +350,7 @@ msgstr ""
 "om het besturingssysteem de kans te geven om meer entropie te\n"
 "verzamelen! (Nog %d bytes nodig)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Let op: er wordt onveilig geheugen gebruikt!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "bewerking is niet mogelijk zonder initialisatie van veilig geheugen\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(misschien heb je hiervoor het verkeerde programma gebruikt)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -341,139 +358,170 @@ msgstr ""
 "@Opdrachten:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[bestand]|maak een ondertekening"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[bestand]|maak een niet versleutelde ondertekening"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "maak een losstaande ondertekening"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "versleutel gegevens"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr ""
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "versleutel slechts met een symmetrische versleutelmethode"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "alleen bewaren"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "gegevens decoderen (standaard)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr ""
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "ondertekening controleren"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "lijst van sleutels genereren"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "sleutels en ondertekeningen opnoemen"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "sleutelverificaties controleren"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "sleutels en vingerafdrukken opnoemen"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "geheime sleutels opnoemen"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "nieuw sleutelpaar genereren"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
+#: g10/g10.c:307
+#, fuzzy
+msgid "remove keys from the public keyring"
 msgstr "sleutel weghalen uit de publieke sleutelbos"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
+#: g10/g10.c:309
+#, fuzzy
+msgid "remove keys from the secret keyring"
 msgstr "sleutel weghalen uit de geheime sleutelbos"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "onderteken een sleutel"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "onderteken een sleutel lokaal"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+#, fuzzy
+msgid "sign a key non-revocably"
+msgstr "onderteken een sleutel lokaal"
+
+#: g10/g10.c:313
+#, fuzzy
+msgid "sign a key locally and non-revocably"
+msgstr "onderteken een sleutel lokaal"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "onderteken of bewerk een sleutel"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "genereer een terugtrekkings-certificaat"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "exporteer sleutels"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "exporteer sleutels naar een sleutelserver"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "importeer sleutels van een sleutelserver"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+#, fuzzy
+msgid "search for keys on a key server"
+msgstr "exporteer sleutels naar een sleutelserver"
+
+#: g10/g10.c:322
+#, fuzzy
+msgid "update all keys from a keyserver"
+msgstr "importeer sleutels van een sleutelserver"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "sleutels importeren/samenvoegen"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "noem alleen de volgorde van pakketten"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "exporteer het vertrouwen in de eigenaars"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "importeer het vertrouwen in de eigenaars"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "werk de vertrouwensdatabase bij"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NAMEN]|controleer de vertrouwensdatabase"
+#: g10/g10.c:336
+#, fuzzy
+msgid "unattended trust database update"
+msgstr "werk de vertrouwensdatabase bij"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "repareer een beschadigde vertrouwensdatabase"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "Verwijder de beveiliging op bestand of standaard invoer"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "Voeg beveiliging toe aan bestad of standaard invoer"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [bestanden]|geef controlegetal van berichten weer"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -483,163 +531,209 @@ msgstr ""
 "Opties:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "genereer beveiliging in ASCII"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NAAM|versleutel voor NAAM"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NAAM|gebruik NAAM als standaard ontvanger"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "gebruik de standaard sleutel als standaard ontvanger"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr ""
 "gebruik deze gebruikersidentificatie om te ondertekenen of te decoderen"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|stel compressieniveau in op N (uitzetten met 0)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "gebruik de verkorte tekstmodus"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "gebruik als uitvoerbestand"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "geef meer informatie"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "wees iets stiller"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "gebruik de terminal helemaal niet"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "forcees v3 ondertekening"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+#, fuzzy
+msgid "do not force v3 signatures"
+msgstr "forcees v3 ondertekening"
+
+#: g10/g10.c:377
+#, fuzzy
+msgid "force v4 key signatures"
+msgstr "forcees v3 ondertekening"
+
+#: g10/g10.c:378
+#, fuzzy
+msgid "do not force v4 key signatures"
+msgstr "forcees v3 ondertekening"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "gebruik altijd een MDC voor versleuteling"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+#, fuzzy
+msgid "never use a MDC for encryption"
+msgstr "gebruik altijd een MDC voor versleuteling"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "maak geen enkele verandering"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
 msgstr ""
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "doorlopende modus: vraag nooit"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "veronderstel ja als antwoord op de meeste vragen"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "veronderstel nee als antwoord op de meeste vragen"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "voeg deze sleutelbos toe aan de lijst van sleutelbossen"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "voeg deze geheime sleutelbos toe aan de lijst"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr ""
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NAAM|gebruik NAAM als standaard geheime sleutel"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|SERVER|gebruik deze sleutelserver om sleutels op te zoeken"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NAAM|zet tekenverzameling van terminal op NAAM"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "lees opties uit bestand"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr "|BB|schrijf status naar deze bestandsbeschrijver"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
+#: g10/g10.c:404
+#, fuzzy
+msgid "|[file]|write status info to file"
+msgstr "|BB|schrijf status naar deze bestandsbeschrijver"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
 msgstr ""
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|BESTAND|laad extensiemodule BESTAND"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "doe als RFC1991 voorschrijft"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr "zet alle pakket-, versleutel- en controle-opties naar OpenPGP gedrag"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+#, fuzzy
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "zet alle pakket-, versleutel- en controle-opties naar OpenPGP gedrag"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|gebruik sleuteltekst modus N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr "|NAAM|gebruik berichtsamenvattingsalgoritme NAAM voor sleutelteksten"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr "|NAAM|gebruik versleutelalgoritme NAAM voor sleutelteksten"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NAAM|gebruik versleutelalgoritme NAAM"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NAAM|gebruik berichtsamenvattingsalgoritme NAAM"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|gebruik compressiealgoritme N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr "plaats geen sleutelidentificatieveld in versleutelde pakketten"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr ""
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NAAM=WAARDE|gebruik deze notitiegegevens"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -659,17 +753,17 @@ msgstr ""
 " --list-keys [namen]         toon sleutels\n"
 " --fingerprints [namen]      toon vingerafdrukken\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr ""
 "Meld fouten in het programma a.u.b. aan <[email protected]>;\n"
 "fouten in de vertaling aan <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Gebruik: gpg [opties] [bestanden] (-h voor hulp)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -679,7 +773,7 @@ msgstr ""
 "onderteken, controleer, versleutel of decodeer de ingevoerde gegevens\n"
 "standaardactie hangt af van de gegevens\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -687,193 +781,257 @@ msgstr ""
 "\n"
 "Ondersteunde algoritmes:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "gebruik: gpg [opties] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "tegenstrijdige commando's\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "LET OP: geen bestand `%s' met standaardopties\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "optiebestand `%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "opties inlezen van `%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s is een onbekende tekenverzameling\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr ""
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "LET OP: `%s' is een leeg bestand\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "LET OP: programma zou een geheugendump kunnen maken!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr ""
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "LET OP: %s is niet voor gewoon gebruik!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s is niet toegestaan met deze %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s heeft geen betekenis met %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr ""
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "geselecteerd versleutelalgoritme is ongeldig\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "geselecteerd controle-algoritme is ongeldig\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
+#: g10/g10.c:1492
+#, fuzzy
+msgid "the given signature policy URL is invalid\n"
 msgstr "de gegeven beleids-URL is ongeldig\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1496
+#, fuzzy
+msgid "the given certification policy URL is invalid\n"
+msgstr "de gegeven beleids-URL is ongeldig\n"
+
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "compressie-algoritme moet in het bereik %d..%d liggen\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "completes-needed(?) moet groter zijn dan 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "marginals-needed(?) moet groter zijn dan 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "max-cert-depth moet tussen de 1 en de 255 (inclusief) liggen\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "LET OP: simpele S2K mode (0) wordt met klem afgeraden\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "ongeldige S2K modus; moet 0, 1 of 3 zijn\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+#, fuzzy
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "ongeldige S2K modus; moet 0, 1 of 3 zijn\n"
+
+#: g10/g10.c:1519
+#, fuzzy
+msgid "invalid preferences\n"
+msgstr "toon voorkeuren"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "fout bij het initialiseren van de vertrouwensdatabase: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [bestandsnaam]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [bestandsnaam]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [bestandsnaam]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [bestandsnaam]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [bestandsnaam]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+#, fuzzy
+msgid "--sign --symmetric [filename]"
+msgstr "--symmetric [bestandsnaam]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [bestandsnaam]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [bestandsnaam]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key gebruikersidentificatie"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key gebruikers-identificatie"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key gebruikersidentificatie [opdrachten]"
+#: g10/g10.c:1746
+#, fuzzy
+msgid "--nrsign-key user-id"
+msgstr "--sign-key gebruikersidentificatie"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key gebruikersidentificatie"
+#: g10/g10.c:1754
+#, fuzzy
+msgid "--nrlsign-key user-id"
+msgstr "--sign-key gebruikersidentificatie"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key gebruikersidentificatie"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key gebruikersidentificatie [opdrachten]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "kan %s niet openen: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [gebruikersidentificatie] [sleutelbos]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "opheffen van beveiliging mislukt: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "beveiligen mislukt: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "ongeldig frommelalgoritme `%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[bestandsnaam]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Gaat uw gang, type het bericht ...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "kan `%s' niet openen\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr ""
 "het eerste teken van een notitienaam moet een letter of laag liggend steepje "
 "zijn\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -881,160 +1039,142 @@ msgstr ""
 "een notitienaam mag alleen letters, cijfers, punten of underscores bevatten "
 "en eindig met een =\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr "punten in notitienamen moeten omgeven zijn door andere tekens\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "een notitienaam mag geen controletekens bevatten\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "beveiliging: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "ongeldige beveiliginsinformatie: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "beveiligingsinformatie"
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "ongeldige informatie over leesbare ondertekening\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "geneste leesbare ondertekeningen\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "ongeldige regel met streepjes: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "onverwachte beveiliging:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "ongeldig wortel64 teken %02x overgeslagen\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "voortijdig einde (geen controlesom)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "voortijdig einde (in controlesom)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "verkeerde controlesom\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "fout in controlesom; %06lx - %06lx\n"
 
 # fixme
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "voortijdig einde (in trailer)\n"
 
 # fixme
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "fout in de trailer regel\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "geen geldige OpenPGP gegevens gevonden.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "ongeldige beveiliging: regel langer dan %d tekens\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "aangehaald gewoon teken in beveiliging - waaschijnlijk is er een foutief "
 "mailbezorgprogramma gebruikt\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "            Vingerafdruk:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Vingerafdruk:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
 msgstr ""
 
-#: g10/pkclist.c:119
+#: g10/pkclist.c:63
 #, fuzzy
-msgid "Key is superseeded"
+msgid "Key is superseded"
 msgstr "Sleutel is beveiligd.\n"
 
-#: g10/pkclist.c:121
+#: g10/pkclist.c:65
 #, fuzzy
 msgid "Key has been compromised"
 msgstr "Deze sleutel is niet beschikbaar"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
 msgstr ""
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
 msgstr ""
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
 msgstr ""
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
 msgstr ""
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr ""
 
-#: g10/pkclist.c:308
-#, c-format
+#: g10/pkclist.c:258
+#, fuzzy, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
 "Geen vertrouwenswaarde toegekend aan %lu:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
+#, fuzzy
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Geef aan hoezeer je deze gebruiker vertrouwt om de sleutels van andere\n"
 "gebruikers correct te verifieren (door naar paspoorten of\n"
@@ -1046,86 +1186,92 @@ msgstr ""
 " 4 = Ik vertrouw hem volledig\n"
 " s = Geef wat meer informatie\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr ""
+
+#: g10/pkclist.c:274
+#, fuzzy, c-format
+msgid " %d = I do NOT trust\n"
+msgstr "%08lx: We vertrouwen deze sleutel NIET\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr ""
+
+#: g10/pkclist.c:276
+#, fuzzy, c-format
+msgid " %d = I trust fully\n"
+msgstr "%s: is geen vertrouwensdatabasebestand\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr ""
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr ""
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = terug naar hoofdmenu\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr ""
+
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = be�indigen\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Uw keuze? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+#, fuzzy
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Wilt u deze sleutel echt verwijderen? "
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Certificaten die leiden tot een volledig betrouwbare sleutel:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"Kon geen pad vinden dat leidt tot vertrouwen van de sleutel.  Laten we\n"
-"eens proberen of we wat missende waarden kunnen invullen.\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"Geen pad gevonden dat leidt naar een van onze sleutels.\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Geen certificaten gevonden zonder betrouwbaarheidswaarden.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Betrouwbaarheidswaarden zijn niet veranderd.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "sleutel %08lx: sleutel is teruggeroepen!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "Deze sleutel toch gebruiken? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "sleutel %08lx: subsleutel is teruggeroepen!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lx: sleutel is verlopen\n"
 
-#: g10/pkclist.c:519
-#, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lx: geen informatie om een betrouwbaarheidskans te berekenen\n"
+#: g10/pkclist.c:442
+#, fuzzy, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"         Er is geen indicatie dat deze ondertekening van de eigenaar is.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lx: We vertrouwen deze sleutel NIET\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1134,15 +1280,15 @@ msgstr ""
 "%08lx: Het is niet helemaal zeker dat deze sleutel echt aan de\n"
 "eigenaar toebehoort, maar ik accepteer hem toch\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Deze sleutel behoort waarschijnlijk toe aan de eigenaar\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Deze sleutel is van ons\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1154,179 +1300,206 @@ msgstr ""
 "beantwoorden met ja\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "LET OP: Ik gebruik een onbetrouwbare sleutel!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "LET OP: Deze sleutel is ingetrokken door de eigenaar!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr ""
 "         Dit zou kunnen betekenen dat de ondertekening een vervalsing is.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "LET OP: Deze subsleutel is ingetrokken door de eigenaar!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+#, fuzzy
+msgid "Note: This key has been disabled.\n"
+msgstr "Deze sleutel is niet beschikbaar"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Let op: Deze sleutel is verlopen!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr ""
 "LET OP: Deze sleutel is niet getekend met een betrouwbare ondertekening!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr ""
 "         Er is geen indicatie dat deze ondertekening van de eigenaar is.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "LET OP: We vertrouwen NIET op deze sleutel!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "         De sleutel is waarschijnlijk VERVALST.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "LET OP: Deze sleutel is niet getekend met genoeg betrouwbare "
 "ondertekeningen!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr ""
 "        Het is niet zeker dat deze ondertekening toebehoort aan de "
 "eigenaar.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: overgeslagen: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: overgeslagen: openbare sleutel is al aanwezig\n"
 
-#: g10/pkclist.c:855
-msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
-"\n"
+#: g10/pkclist.c:752
+#, fuzzy
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
 msgstr ""
 "Je gaf geen gebruikersidentificatie op. (je kunt \"-r\" gebruiken)\n"
 "\n"
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Geef de gebruikersidentificatie: "
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
 
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Gebruiker bestaat niet.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr ""
 "overgeslagen: openbare sleutel is al ingesteld als de standaard ontvanger\n"
 
 # fixme
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "Openbare sleutel is niet toegankelijk.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "overgeslagen: openbare sleutel is al ingesteld met --encrypt-to\n"
+#: g10/pkclist.c:806
+#, fuzzy
+msgid "skipped: public key already set\n"
+msgstr "%s: overgeslagen: openbare sleutel is al aanwezig\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "onbekende standaard ontvanger `%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: fout tijdens controleren van de sleutel: %s\n"
-
 # fixme
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: overgeslagen: openbare sleutel is niet toegankelijk\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "geen geldige adressen\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr ""
+
+#: g10/keygen.c:187
+#, fuzzy, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "`%s' overgeslagen: dubbel\n"
+
+#: g10/keygen.c:192
+#, fuzzy, c-format
+msgid "too many `%c' preferences\n"
+msgstr "toon voorkeuren"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "Ongeldig teken in naam\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "zelfondertekening wegschrijven\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "schrijven van sleutelbindingsondertekening\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
 #, fuzzy, c-format
 msgid "keysize invalid; using %u bits\n"
 msgstr "Gevraagde sleutellengte is %u bits\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
 #, fuzzy, c-format
 msgid "keysize rounded up to %u bits\n"
 msgstr "afgerond naar %u bits\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Selecteer aub wat voor sleutel u wilt:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA en ElGamal (standaard)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (alleen ondertekenen)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (alleen versleutelen)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (ondertekenen en versleutelen)\n"
 
-#: g10/keygen.c:643
+#: g10/keygen.c:784
 #, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (ondertekenen en versleutelen)\n"
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) DSA (alleen ondertekenen)\n"
 
-#: g10/keygen.c:647
+#: g10/keygen.c:786
+#, fuzzy, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) ElGamal (alleen versleutelen)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Uw keuze? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Wilt u echt een sleutel maken om mee te ondertekenen en versleutelen? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr ""
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Ongeldige keuze.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1339,23 +1512,23 @@ msgstr ""
 "                standaard sleutellengte is 1024 bits\n"
 "     hoogste aan te raden sleutellengte is 2048 bits\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Hoe lang wil je de sleutel maken? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA staat alleen sleutellengtes toe van 512 tot 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "sleutel te kort; 768 is de kleinste toegestane waarde.\n"
-
-#: g10/keygen.c:708
+#: g10/keygen.c:852
 #, fuzzy
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
 msgstr "sleutel te kort; 768 is de kleinste toegestane waarde.\n"
 
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr "sleutel te kort; 768 is de kleinste toegestane waarde.\n"
+
 #. It is ridiculous and an annoyance to use larger key sizes!
 #. * GnuPG can handle much larger sizes; but it takes an eternity
 #. * to create such a key (but less than the time the Sirius
@@ -1364,12 +1537,12 @@ msgstr "sleutel te kort; 768 is de kleinste toegestane waarde.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "sleutel te lang; %d is de maximumlengte.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1377,11 +1550,11 @@ msgstr ""
 "Sleutels langer dan 2048 worden afgeraden omdat berekeningen dan ERG\n"
 "lang duren!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Weet je zeker dat je deze sleutellengte wilt gebruiken? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1389,21 +1562,17 @@ msgstr ""
 "Okee, maar houd er rekening mee dat straling van monitor en toetsenbord ook "
 "erg vatbaar zijn voor aanvallen!\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Heb je echt een sleutel nodig die zo lang is? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "Gevraagde sleutellengte is %u bits\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "afgerond naar %u bits\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1419,26 +1588,49 @@ msgstr ""
 "    <n>m = sleutel verloopt over n maanden\n"
 "    <n>y = sleutel verloopt over n jaar\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+#, fuzzy
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Geef aub aan hoe lang de sleutel geldig mag blijven.\n"
+"       0 = sleutel verloopt nooit\n"
+"    <n>  = sleutel verloopt over n dagen\n"
+"    <n>w = sleutel verloopt over n weken\n"
+"    <n>m = sleutel verloopt over n maanden\n"
+"    <n>y = sleutel verloopt over n jaar\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "Sleutel is geldig gedurende? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+#, fuzzy
+msgid "Signature is valid for? (0) "
+msgstr "Sleutel is geldig gedurende? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "ongeldige waarde\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
+#: g10/keygen.c:985
+#, fuzzy, c-format
+msgid "%s does not expire at all\n"
 msgstr "Sleutel verloopt nooit\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
-#, c-format
-msgid "Key expires at %s\n"
+#: g10/keygen.c:992
+#, fuzzy, c-format
+msgid "%s expires at %s\n"
 msgstr "Sleutel verloopt op %s\n"
 
 # fixme
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1446,11 +1638,11 @@ msgstr ""
 "Uw systeem kan geen data weergeven van na 2038.\n"
 "Desondanks wordt het goed behandeld tot 2106.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "Klopt dit (j/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1466,44 +1658,44 @@ msgstr ""
 "    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Echte naam: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Ongeldig teken in naam\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Naam mag niet beginnen met een cijfer\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Naam moet ten minste 5 tekens lang zijn\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Email Adres: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Ongeldig email adres\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Kommentaar: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Ongeldig teken in kommentaar\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Je gebruik tekenverzameling `%s'.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1514,28 +1706,28 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr ""
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnKkEeOoEe"
 
-#: g10/keygen.c:986
+#: g10/keygen.c:1151
 #, fuzzy
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
 msgstr "Verander (N)aam, (K)ommentaar, (E)mail of (O)kee/ei(N)de? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "Verander (N)aam, (K)ommentaar, (E)mail of (O)kee/ei(N)de? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
 msgstr ""
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1543,11 +1735,17 @@ msgstr ""
 "Je hebt een sleuteltekst nodig om je geheime sleutel te bewaken.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+#, fuzzy
+msgid "passphrase not correctly repeated; try again"
 msgstr "sleuteltekst is niet goed herhaald; probeer het opnieuw.\n"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr ""
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1559,7 +1757,7 @@ msgstr ""
 "nog aanpassen, gebruik dit programma met de optie \"--edit-key\".\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1572,29 +1770,54 @@ msgstr ""
 "dit geeft de generator een grotere kans om genoeg entropie te\n"
 "verzamelen.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "DSA sleutelpaar zal 1024 bits lang zijn.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Sleutelgeneratie afgebroken.\n"
 
-#: g10/keygen.c:1668
+#: g10/keygen.c:1883 g10/keygen.c:1963
 #, fuzzy, c-format
 msgid "writing public key to `%s'\n"
 msgstr "Openbaar certificaat wordt geschreven naar `%s'\n"
 
-#: g10/keygen.c:1669
+#: g10/keygen.c:1884 g10/keygen.c:1965
 #, fuzzy, c-format
 msgid "writing secret key to `%s'\n"
 msgstr "Geheim certificaat wordt weggeschreven naar `%s'\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, fuzzy, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "sleutel %08lX: openbare sleutel niet gevonden: %s\n"
+
+#: g10/keygen.c:1958
+#, fuzzy, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "sleutel %08lX: geheime sleutel niet gevonden: %s\n"
+
+#: g10/keygen.c:1972
+#, fuzzy, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "fout bij schrijven van de sleutelbos `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, fuzzy, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "fout bij schrijven van de sleutelbos `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "openbare en geheime sleutels zijn gemaakt en getekend.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+#, fuzzy
+msgid "key marked as ultimately trusted.\n"
+msgstr "Certificaten die leiden tot een volledig betrouwbare sleutel:\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
@@ -1603,12 +1826,12 @@ msgstr ""
 "U wilt misschien het commando \"--edit-key\" gebruiken om een tweede\n"
 "sleutel te maken hiervoor.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "Sleutelgeneratie is mislukt: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1616,7 +1839,7 @@ msgstr ""
 "Sleutel is %lu seconden in de toekomst gemaakt (tijdsverschuiving of\n"
 "klokprobleem)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1624,309 +1847,364 @@ msgstr ""
 "sleutel is %lu seconden in de toekomst gemaakt (tijdsverschuiving of\n"
 "klokprobleem)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr ""
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Echt maken? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr ""
+
+#: g10/encode.c:92 g10/encode.c:296
+#, fuzzy, c-format
+msgid "`%s' already compressed\n"
+msgstr "%lu sleutels verwerkt\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: kon niet openen: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "fout tijdens aanmake sleuteltekst: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: LET OP: leeg bestand\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "lezen uit `%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s versleuteld voor: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
-#, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: gebruiker niet gevonden: %s\n"
+#: g10/delkey.c:69 g10/export.c:141
+#, fuzzy, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "gebruiker `%s' niet gevonden: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, fuzzy, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "fout bij lezen `%s': %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "sleutel %08lx: geen sleutel volgens rfc2240 - overgeslagen\n"
 
-#: g10/export.c:175
+#: g10/export.c:180
 #, fuzzy, c-format
 msgid "key %08lX: not protected - skipped\n"
 msgstr "sleutel %08lx: geen sleutel volgens rfc2240 - overgeslagen\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, fuzzy, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "sleutel %08lx: geen sleutel volgens rfc2240 - overgeslagen\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "LET OP: er is niets ge�xporteerd\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "te veel ingangen in de pk cache - uitgezet\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "te veel ingangen in de unk cache - uitgezet\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+#, fuzzy
+msgid "[User id not found]"
+msgstr "[gebruiker niet gevonden]"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "gebruik secundaire sleutel %08lx in plaats van de primaire %08lx\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr ""
 "sleutel %08lX: geheime sleutel zonder openbare sleutel - overgeslagen\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: gebruiker niet gevonden\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "blok van type %d wordt overgeslagen\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu sleutels zijn tot nu toe behandeld\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "fout bij lezen `%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "Totaal aantal behandeld: %lu\n"
 
-#: g10/import.c:206
+#: g10/import.c:232
 #, fuzzy, c-format
 msgid "      skipped new keys: %lu\n"
 msgstr "nieuwe subsleutels: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "          zonder identificatie: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "ge�mporteerd: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "onveranderd: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "nieuwe gebruikers: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "nieuwe subsleutels: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "nieuwe ondertekeningen: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "nieuwe sleutelterugtrekkingen: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "geheime sleutels gelezen: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "geheime sleutels ge�mporteerd: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr "onveranderde geheime sleutels: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "sleutel %08lX: geen gebruikersidentificatie\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr ""
+"sleutel %08lX: niet zelfondertekende gebruikersidentificatie geaccepteerd '"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "sleutel %08lX: geen geldige gebruikersidentificaties\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr ""
 "dit zou veroorzaakt kunnen worden door een ontbrekende zelf-ondertkening\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "sleutel %08lX: openbare sleutel niet gevonden: %s\n"
 
-#: g10/import.c:421
+#: g10/import.c:479
 #, fuzzy, c-format
 msgid "key %08lX: new key - skipped\n"
 msgstr "sleutel %08lx: geen sleutel volgens rfc2240 - overgeslagen\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, fuzzy, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "fout bij schrijven van de sleutelbos `%s': %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "schrijven naar `%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "fout bij schrijven van de sleutelbos `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "sleutel %08lX: openbare sleutel ge�mporteerd\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "sleutel %08lX: komt niet overeen met onze kopie\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "sleutel %08lX: kan originele sleutelblok niet vinden: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "sleutel %08lX: kan origineel sleutelblok niet lezen: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "sleutel %08lX: 1 nieuwe gebruiker\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "sleutel %08lX: %d nieuwe gebruikers\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "sleutel %08lX: 1 nieuwe ondertekening\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "sleutel %08lX: %d nieuwe ondertekeningen\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "sleutel %08lX: 1 nieuwe subsleutel\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "sleutel %08lX: %d nieuwe subsleutels\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "sleutel %08lX: niet veranderd\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, fuzzy, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "geen standaard openbare sleutelbos\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "sleutel %08lX: geheime sleutel ge�mporteerd\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "sleutel %08lX: reeds aanwezig in de geheime sleutelbos\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "sleutel %08lX: geheime sleutel niet gevonden: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "sleutel %08lX: geen openbare sleutel - kan terugtrekkingscertificaat niet "
 "toepassen\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "sleutel %08lX: ongeldig terugtrekkingscertificaat: %s - afgewezen\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "sleutel %08lX: terugtrekkingscertificaat ge�mporteerd\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "sleutel %08lX: geen gebruikersidentificatie voor ondertekening\n"
 
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
 msgstr "sleutel %08lX: openbaar sleutel algoritme niet ondersteund\n"
 
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
 msgstr "sleutel %08lX: ongeldige eigen ondertekening\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "sleutel %08lX: geen subsleutel voor sleutelbinding\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "sleutel %08lX: ongeldige subsleutelbinding\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "sleutel %08lX: openbaar sleutel algoritme niet ondersteund\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr ""
-"sleutel %08lX: niet zelfondertekende gebruikersidentificatie geaccepteerd '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "sleutel %08lX: ongeldige subsleutelbinding\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "sleutel %08lX: gebruikersidentificatie overgeslagen '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "sleutel %08lX: subsleutel overgeslagen\n"
@@ -1935,99 +2213,190 @@ msgstr "sleutel %08lX: subsleutel overgeslagen\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr ""
 "sleutel %08lX: niet exporteerbare ondertekening (klasse %02x) - "
 "overgeslagen\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr ""
 "sleutel %08lX: terugtrekkingscertificaat op de verkeerde plek - "
 "overgeslagen\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "sleutel %08lX: ongeldig terugtrekkingscertificaat: %s - overgeslagen\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr ""
 "sleutel %08lX: dubbele gebruikersidentificatie gevonden - samengevoegd\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "sleutel %08lX: terugtrekkingscertificaat toegevoegd\n"
 
-#: g10/import.c:1130 g10/import.c:1183
-#, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "sleutel %08lX: onze versie heeft geen zelfondertekening\n"
+#: g10/import.c:1231
+#, fuzzy, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "sleutel %08lX: %d nieuwe ondertekeningen\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[terugtrekking]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[zelfondertekening]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 ongeldige ondertekening\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d ongeldige ondertekeningen\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 ondertekening niet gecontroleerd wegens een ontbrekende sleutel\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d ondertekeningen niet gecontroleerd wegens ontbrekende sleutels\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 ondertekening niet gecontroleerd wegens een fout\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d ondertekeningen niet gecontroleerd wegens fouten\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "1 gebruikersidentificatie gevonden zonder geldige zelfondertekening\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr ""
 "%d gebruikersidentificaties gevonden zonder geldige zelfondertekening\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "Sleutel is beveiligd.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+#, fuzzy
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Weet je zeker dat je deze sleutellengte wilt gebruiken? "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
 #, c-format
-msgid "Already signed by key %08lX\n"
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+
+#: g10/keyedit.c:388
+#, fuzzy, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
 msgstr "Reeds ondertekend met sleutel %08lx\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:393
+#, fuzzy, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "Reeds ondertekend met sleutel %08lx\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Niets te tekenen met sleutel %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+#, fuzzy
+msgid "This key has expired!"
+msgstr "Let op: Deze sleutel is verlopen!\n"
+
+#: g10/keyedit.c:440
+#, fuzzy, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Deze sleutel is niet beveiligd.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr ""
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr ""
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2035,42 +2404,70 @@ msgstr ""
 "Bent u er echt zeker van dat u deze sleutel wilt tekenen\n"
 "met uw sleutel: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
+#, fuzzy
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr ""
+"Deze ondertekening zal gemarkeerd worden als niet exporteerbaar.\n"
 "\n"
+
+#: g10/keyedit.c:548
+#, fuzzy
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
 msgstr ""
 "Deze ondertekening zal gemarkeerd worden als niet exporteerbaar.\n"
 "\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Echt tekenen? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "ondertekening mislukt: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Deze sleutel is niet beveiligd.\n"
 
-#: g10/keyedit.c:426
+#: g10/keyedit.c:662
 #, fuzzy
 msgid "Secret parts of primary key are not available.\n"
 msgstr "geheime sleutel niet beschikbaar"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "Sleutel is beveiligd.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Kan deze sleutel niet bewerken: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2078,7 +2475,7 @@ msgstr ""
 "Geef de sleuteltekst voor deze geheime sleutel.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2086,421 +2483,566 @@ msgstr ""
 "U wilt geen sleuteltekst - dit is waaschijnlijk een *slecht* idee!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Wilt u dit echt? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "sleutelondertekening naar de juiste plaats schuiven\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "be�indig dit menu"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "bewaar"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "opslaan en be�indigen"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "hulp"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "geef deze hulp"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "toon vingerafdruk"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "lijst"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "lijst van sleutel- en gebruikersidentificaties"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "gebruikersidentificatie"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "selecteer gebruikersidentificatie N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "sleutel"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "selecteer subsleutel N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "controleer"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "toon ondertekeningen"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "onderteken"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "onderteken de sleutel"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lteken"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "teken de sleutel lokaal"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "nrsign"
+msgstr "onderteken"
+
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "sign the key non-revocably"
+msgstr "teken de sleutel lokaal"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "nrlsign"
+msgstr "onderteken"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "sign the key locally and non-revocably"
+msgstr "teken de sleutel lokaal"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "debug"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "adduid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "voeg een gebruikersidentificatie toe"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr ""
+
+#: g10/keyedit.c:834
+#, fuzzy
+msgid "add a photo ID"
+msgstr "voeg een gebruikersidentificatie toe"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "deluid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "verwijder gebruikersidentificatie"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr ""
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "addkey"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "voeg een secundaire sleutel toe"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "delkey"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "verwijder een secundaire sleutel"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "delsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "verwijder ondertekeningen"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "verander de vervaldatum"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr ""
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr ""
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "wissel"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "wissel tussen geheime en openbare sleutels"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
+#: g10/keyedit.c:846
+#, fuzzy
+msgid "list preferences (expert)"
 msgstr "toon voorkeuren"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "list preferences (verbose)"
+msgstr "toon voorkeuren"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "setpref"
+msgstr "pref"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "set preference list"
+msgstr "toon voorkeuren"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updpref"
+msgstr "pref"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updated preferences"
+msgstr "toon voorkeuren"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "passwd"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "verander de sleuteltekst"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "trust"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "verander het vertrouwen in de eigenaar"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "roep ondertekeningen terug"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "revkey"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "trek secundaire sleutel in"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "disable"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "sta het gebruik van een sleutel niet toe"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "enable"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "sta gebruik van een sleutel toe"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr ""
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr ""
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "kan dat niet doen in lopende band-modus\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, fuzzy, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "fout bij lezen `%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Geheime sleutel is beschikbaar.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Commando> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "Ik heb de geheime sleutel nodig om dat te doen.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
 msgstr ""
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "Sleutel is beveiligd.\n"
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Echt alle gebruikers tekenen? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Hint: Selecteer de gebruikersidentificaties om te tekenen\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "bijwerken van de vertrouwensdatabase ging niet goed: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr ""
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "U moet op zijn minst een gebruikersidentificatie opgeven.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "U kunt de laatste gebruiker niet verwijderen!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "Al deze gebruikers echt verwijderen? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Deze gebruiker echt verwijderen? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "U moet op zijn minst een sleutel selecteren.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "Wilt u echt alle geselecteerde sleutels verwijderen? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "Wilt u deze sleutel echt verwijderen? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "Wilt u echt alle geselecteerde sleutels intrekken? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "Wilt u deze sleutel echt intrekken? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+#, fuzzy
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "Al deze gebruikers echt verwijderen? "
+
+#: g10/keyedit.c:1254
+#, fuzzy
+msgid "Really update the preferences? "
+msgstr "Echt deze terugtrekkingscertificaten aanmaken? (j/N)"
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Veranderingen bewaren? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Be�indigen zonder te bewaren? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "bijwerken ging niet: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "bijwerken van de geheime sleutel mislukte: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "sleutel is niet veranderd en hoeft dus niet bijgewerkt te worden.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Foutief commando (probeer \"help\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, fuzzy, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "LET OP: Deze sleutel is ingetrokken door de eigenaar!\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr ""
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
 msgstr ""
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
 msgstr ""
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Deze sleutel is niet beschikbaar"
 
-#: g10/keyedit.c:1116
+#: g10/keyedit.c:1539
 #, fuzzy, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "sleutel %08lx: subsleutel is teruggeroepen!\n"
+msgstr "rev! subsleutel is teruggeroepen: %s\n"
 
-#: g10/keyedit.c:1119
+#: g10/keyedit.c:1542
 #, fuzzy
 msgid "rev- faked revocation found\n"
-msgstr "nieuwe sleutelterugtrekkingen: %lu\n"
+msgstr "rev- vervalste sleutelterugtrekking gevonden\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
 msgstr ""
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Weet je zeker dat je deze sleutellengte wilt gebruiken? "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "Verwijder deze goede ondertekening? (j/N/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "Verwijder deze ongeldige ondertekening? (j/N/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "Verwijder deze onbekende ondertekening? (j/N/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "Deze zelfondertekening echt verwijderen? (j/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "%d ondertekening verwijderd.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "%d ondertekeningen verwijderd.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Niets verwijderd.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Haal a.u.b. de selecties weg voor de geheime sleutels.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Selecteer a.u.b. maximaal ��n secundaire sleutel.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "Vervaldatum voor secundaire sleutel instellen.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "Vervaldatum voor primaire sleutel instellen.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "U kunt de vervaldatum van een v3 sleutel niet wijzigen\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Geen overeenkomende ondertekening in de geheime sleutelbos\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+#, fuzzy
+msgid "Please select exactly one user ID.\n"
+msgstr "U moet op zijn minst een gebruikersidentificatie opgeven.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Geen gebruikersidentificatie met index %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Geen secundaire sleutel met index %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "gebruikersidentificatie: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2509,202 +3051,343 @@ msgstr ""
 "\"\n"
 "tekende met uw sleutel %08lX op %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, fuzzy, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"tekende met uw sleutel %08lX op %s\n"
+
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Deze sleutel is niet beveiligd.\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Weet je zeker dat je deze sleutellengte wilt gebruiken? "
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
 msgstr "Terugtrekkingscertificaat maken voor deze ondertekening? (j/N)"
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "U heeft deze gebruikers ondertekend:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
-#, c-format
-msgid "   signed by %08lX at %s\n"
+#: g10/keyedit.c:2504
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s%s\n"
 msgstr "   getekend door %08lX op %s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   ingetrokken door %08lX op %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "U staat op het punt om deze ondertekeningen in te trekken:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2542
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   getekend door %08lX op %s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
+
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
 msgstr "Echt deze terugtrekkingscertificaten aanmaken? (j/N)"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "geen geheime sleutel\n"
 
-#: g10/keylist.c:158
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
 #, fuzzy
-msgid "invalid"
-msgstr "ongeldige versleuteling"
+msgid "Signature policy: "
+msgstr "%s ondertekening van: %s\n"
 
-#: g10/keylist.c:178
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "LET OP: ongeldige aantekeningen gevonden\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
 #, fuzzy
-msgid "revoked"
-msgstr "revkey"
+msgid "Signature notation: "
+msgstr "Aantekening: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr ""
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr ""
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
+#: g10/keylist.c:423 g10/mainproc.c:856
 #, fuzzy, c-format
 msgid " [expires: %s]"
 msgstr "Sleutel verloopt op %s\n"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Vingerafdruk:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "            Vingerafdruk:"
+
+#: g10/keylist.c:899
+#, fuzzy
+msgid "     Key fingerprint ="
+msgstr "            Vingerafdruk:"
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s versleutelde gegevens\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "versleuteld met onbekend algoritme %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "openbare sleutel is %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "gegevens versleuteld met een openbare sleutel: goede DEK\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "versleuteld met %u-bit %s sleutel, nummer %08lX, gemaakt op %s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "versleuteld met %s sleutel, nummer %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "geheime sleutel voor ontsleuteling is niet beschikbaar\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "openbare sleutel-ontsleuteling ging niet: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, fuzzy, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "%s versleutelde gegevens\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "ontsleutelen ging goed\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "LET OP: het versleutelde bericht is veranderd!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr "ontsleuteling mislukte: %s\n"
 
 # Dit kan wel Engels blijven.. toch?
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr "LET OP: afzender vroeg om \"for-your-eyes-only\"\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "originele bestandsnaam='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr "alleenstaande intrekking - gebruik \"gpg --import\" om uit te voeren\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "LET OP: ongeldige aantekeningen gevonden\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Aantekening: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Beleid: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "controle van de ondertekening overgeslagen\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+#, fuzzy
+msgid "can't handle these multiple signatures\n"
+msgstr "maak een losstaande ondertekening"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Ondertekening gemaakt op %.*s met %s sleutel nummer %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "FOUTE ondertekening van \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+#, fuzzy
+msgid "Expired signature from \""
+msgstr "Correcte ondertekening van \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Correcte ondertekening van \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr ""
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "              alias \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Kan ondertekening niet controleren: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+#, fuzzy
+msgid "not a detached signature\n"
+msgstr "maak een losstaande ondertekening"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "losstaande ondertekening van type 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "oude stijl (PGP 2.x) ondertekening\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "ongeldig hoofdpakket gevonden in proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "kan geheugendumps niet uitzetten: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Experimentele algoritmes dienen niet gebruikt te worden!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+#, fuzzy
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
 msgstr "dit versleutelalgoritme is verouderd; gebruik een meer algemene!\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr ""
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "kan openbare sleutel-algoritme %d niet behandelen\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpakket type %d heeft kritische bit gezet\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
 msgstr ""
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
 msgstr ""
 
-#: g10/hkp.c:158 g10/passphrase.c:223
+#: g10/passphrase.c:511
+#, fuzzy, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "beschermingsalgoritme %d wordt niet ondersteund\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
 #, c-format
 msgid "can't connect to `%s': %s\n"
 msgstr "kan geen verbinding maken met `%s': %s\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr ""
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr ""
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (hoofdsleutelnummer %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:641
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -2713,40 +3396,37 @@ msgid ""
 msgstr ""
 "\n"
 "U heeft een sleuteltekst nodig om de beveiliging voor de geheime\n"
-"sleutel voor gebruiker op te heffen: \""
+"sleutel op te heffen voor gebruiker \"%.*s\"\n"
+"%u-bit %s sleutel, ID %08lX, gemaakt op %s%s\n"
 
-#: g10/passphrase.c:315
+#: g10/passphrase.c:662
 #, fuzzy
 msgid "Enter passphrase\n"
 msgstr "Geef de sleuteltekst: "
 
-#: g10/passphrase.c:317
+#: g10/passphrase.c:664
 #, fuzzy
 msgid "Repeat passphrase\n"
 msgstr "Herhaal de sleuteltekst: "
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
 msgstr ""
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
 msgstr ""
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
 msgstr ""
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
 msgstr ""
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2756,20 +3436,20 @@ msgstr ""
 "U heeft een sleuteltekst nodig om de beveiliging voor de geheime\n"
 "sleutel voor gebruiker op te heffen: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "%u-bit %s sleutel, nummer %08lX, gemaakt op %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "kan niet om wachtwoord vragen in lopende band-modus\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Geef de sleuteltekst: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Herhaal de sleuteltekst: "
 
@@ -2778,149 +3458,195 @@ msgid "data not saved; use option \"--output\" to save it\n"
 msgstr ""
 "gegevens niet bewaard; gebruik de optie \"--output\" om het op te slaan in\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, fuzzy, c-format
+msgid "error creating `%s': %s\n"
+msgstr "fout bij lezen `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
 msgstr "Losstaande ondertekening.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Geef de naam van het gegevensbestand: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "lezen uit standaard invoer ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+#, fuzzy
+msgid "no signed data\n"
+msgstr "geen ondertekende gegevens\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "kan ondertekende gegevens `%s' niet openen\n"
 
-#: g10/pubkey-enc.c:135
-#, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+#: g10/pubkey-enc.c:100
+#, fuzzy, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "anonieme ontvanger; ik probeer geheime sleutel %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "okee, wij zijn de anonieme ontvanger.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "oude codering van de DEK wordt niet ondersteund.\n"
 
-#: g10/pubkey-enc.c:216
+#: g10/pubkey-enc.c:177
 #, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
+msgid "cipher algorithm %d%s is unknown or disabled\n"
 msgstr "beschermingsalgoritme %d wordt niet ondersteund\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr "LET OP: versleutelalgoritme %d niet gevonden in de voorkeuren\n"
 
-#: g10/pubkey-enc.c:261
+#: g10/pubkey-enc.c:242
 #, fuzzy, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "LET OP: sleutel voor ondertekening is vervallen op %s\n"
+msgstr "LET OP: geheime sleutel %08lX is vervallen op %s\n"
 
-#: g10/hkp.c:62
-#, c-format
-msgid "requesting key %08lX from %s ...\n"
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
+#, fuzzy, c-format
+msgid "requesting key %08lX from HKP keyserver %s\n"
 msgstr "opvragen van sleutel %08lX van %s ...\n"
 
-#: g10/hkp.c:75
+#: g10/hkp.c:94
 #, c-format
 msgid "can't get key from keyserver: %s\n"
 msgstr "kan de sleutel niet opvragen van de server: %s\n"
 
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr "geen sleutelserver bekend (gebruik de optie --keyserver)\n"
-
-#: g10/hkp.c:106
-#, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s: ongeldig sleutelnummer\n"
-
-#: g10/hkp.c:182
+#: g10/hkp.c:171
 #, c-format
 msgid "error sending to `%s': %s\n"
 msgstr "fout bij versturen naar `%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
 msgstr "versturen naar `%s' gelukt (status=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
 msgstr "fout bij versturen naar `%s': status=%u\n"
 
-#: g10/seckey-cert.c:89
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr ""
+
+#: g10/hkp.c:521
+#, fuzzy, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "kan de sleutel niet opvragen van de server: %s\n"
+
+#: g10/seckey-cert.c:53
 #, fuzzy
 msgid "secret key parts are not available\n"
 msgstr "geheime sleutel niet beschikbaar"
 
-#: g10/seckey-cert.c:95
-#, c-format
-msgid "protection algorithm %d is not supported\n"
+#: g10/seckey-cert.c:59
+#, fuzzy, c-format
+msgid "protection algorithm %d%s is not supported\n"
 msgstr "beschermingsalgoritme %d wordt niet ondersteund\n"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
+#: g10/seckey-cert.c:215
+#, fuzzy
+msgid "Invalid passphrase; please try again"
 msgstr "Foutieve sleuteltekst; probeer a.u.b. opnieuw ...\n"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr ""
+
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr ""
 "LET OP: Kwetsbare sleutel gevonden - verander a.u.b. de sleuteltekst "
 "opnieuw.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "dit is een ElGamal sleutel van PGP, die NIET veilig is voor "
 "ondertekeningen!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "openbare sleutel is %lu seconde nieuwer dan de ondertekening\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "openbare sleutel is %lu seconden nieuwer dan de ondertekening\n"
 
-#: g10/sig-check.c:306
-#, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "LET OP: sleutel voor ondertekening is vervallen op %s\n"
+#: g10/sig-check.c:237
+#, fuzzy, c-format
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "LET OP: sleutel voor ondertekening %08lX is vervallen op %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr "foutieve ondertekening aangenomen wegens een onbekende kritische bit\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+
+#: g10/sign.c:274
+#, fuzzy, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "Kan ondertekening niet controleren: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "%s ondertekening van: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "LET OP: `%s' is een leeg bestand\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "kan %s niet aanmaken: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "ondertekenen:"
 
-#: g10/sign.c:583
-#, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "LET OP: `%s' is een leeg bestand\n"
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:953
+#, fuzzy, c-format
+msgid "%s encryption will be used\n"
+msgstr "ontsleuteling mislukte: %s\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2933,426 +3659,209 @@ msgid "input line longer than %d characters\n"
 msgstr "invoerregel langer dan %d tekens\n"
 
 # Untranslated.
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: lseed failed: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr "trustdb rec %lu: write failed (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "transactie naar vertrouwensdatabase te groot\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: kan er niet bij: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: map bestaat niet!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
-#, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: kan hem niet aanmaken: %s\n"
-
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
 msgid "%s: can't create lock\n"
 msgstr "%s: kan hem niet vergrendelen\n"
 
-#: g10/tdbio.c:473
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, fuzzy, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: kan hem niet vergrendelen\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: kan hem niet aanmaken: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: aanmaken van versieveld lukte niet: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: foutieve vertrouwensdatabase aangemaakt\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: vertrouwensdatabase aangemaakt\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: ongeldige vertrouwensdatabase\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: kon frommeltabel niet aanmaken: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: fout bij het bijwerken van versieveld: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: fout bij het lezen van het versieveld: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: fout bij het schrijven van het versieveld: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "vertrouwensdatabase: lseek mislukte: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "vertrouwensdatabase: lezen mislukte (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: is geen vertrouwensdatabasebestand\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: versieveld met recnr %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: ongeldige bestandsversie %d\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: fout bij het lezen van een beschikbaar veld: %s\n"
 
 # dir?
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: fout bij het schrijven van indexveld: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: veld met nullen vullen lukte niet: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: kon geen veld toevoegen: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr ""
 "de vertrouwensdatabase is beschadigd; draai a.u.b. \"gpg --fix-trustdb\".\n"
 
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "vertrouwensveld %lu, req type %d: lezen mislukte: %s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "vertrouwensveld %lu, type %d: schrijven mislukte: %s\n"
-
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "vertrouwensveld %lu: verwijderen mislukte: %s\n"
-
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "vertrouwensdatabase: synchronisatie mislukte: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "fout tijdens lezen van indexveld voor LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: verwachtte indexveld, kreeg type %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "geen pimaire sleutel voor LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "fout tijdens het lezen van primaire sleutel voor LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record mislukte: %s\n"
-
-#: g10/trustdb.c:474
+#: g10/trustdb.c:200
 #, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
+msgid "`%s' is not a valid long keyID\n"
 msgstr "%s: ongeldig sleutelnummer\n"
 
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "sleutel %08lX: kan niet toevoegen aan de vertrouwensdatabase\n"
-
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "sleutel %08lX: opvragen van veld mislukte\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "sleutel %08lX: reeds aanwezig in de betrouwbare sleutel-tabel\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
+#: g10/trustdb.c:235
+#, fuzzy, c-format
+msgid "key %08lX: accepted as trusted key\n"
 msgstr "sleutel %08lX: geaccepteerd als een betrouwbare sleutel.\n"
 
-#: g10/trustdb.c:547
+#: g10/trustdb.c:274
+#, fuzzy, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "sleutel %08lX: kan niet toevoegen aan de vertrouwensdatabase\n"
+
+#: g10/trustdb.c:290
 #, fuzzy, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
 msgstr "sleutel %08lx: geen sleutel volgens rfc2240 - overgeslagen\n"
 
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "LET OP: geheime sleutel %08lX is NIET beveiligd.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "sleutel %08lX: geheime en openbare sleutel horen niet bij elkaar\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "nummeren van de geheime sleutels mislukte: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "sleutel %08lX.%lu: Goede subsleutelbinding\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "sleutel %08lX.%lu: Foutieve subsleutelbinding: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "sleutel %08lX.%lu: Geldige sleutelterugtrekking\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "sleutel %08lX.%lu: Ongeldige sleutelterugtrekking: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "sleutel %08lX.%lu: Geldige subsleutelterugtrekking\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Correcte zelfondertekening"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Ongeldige zelfondertekening"
-
-# User ID onvertaald
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr ""
-"Geldig terugtrekkingscertificaat overgeslagen wegens een nieuwere "
-"zelfondertekening"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Geldig terugtrekkingscertificaat voor gebruiker"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Ongeldig terugtrekkingscertificaat voor gebruiker"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Geldige terugtrekking van certificaat"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Correct certificaat"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Ongeldige terugtrekking van certificaat"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Ongeldig certificaat"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "ondert. veld %lu[%d] wijst naar een verkeerd veld.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "dubbel certificaat - verwijderd"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir mislukte: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: invoegen mislukte: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: invoegen mislukte: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: ingevoegd\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "fout bij het lezen van indexveld: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu sleutels verwerkt\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "        %lu sleutels met fouten\n"
-
-#: g10/trustdb.c:1823
+#: g10/trustdb.c:332
 #, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "        %lu sleutels ingevoegd\n"
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "nummeren van de sleutelblokken mislukte: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: indexveld zonder sleutel - overgeslagen\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "vertrouwensveld %lu, req type %d: lezen mislukte: %s\n"
 
-#: g10/trustdb.c:1884
-#, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "        %lu vanwege nieuwe openbare sleutels\n"
+#: g10/trustdb.c:338
+#, fuzzy, c-format
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "vertrouwensveld %lu: verwijderen mislukte: %s\n"
 
-#: g10/trustdb.c:1886
+#: g10/trustdb.c:353
 #, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "        %lu sleutels overgeslagen\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "vertrouwensveld %lu, type %d: schrijven mislukte: %s\n"
 
-#: g10/trustdb.c:1890
+#: g10/trustdb.c:368
 #, c-format
-msgid "\t%lu keys updated\n"
-msgstr "        %lu sleutels bijgewerkt\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Ooeeps, geen sleutels\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "vertrouwensdatabase: synchronisatie mislukte: %s\n"
 
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Ooeeps, geen gebruikersidentificaties\n"
+#: g10/trustdb.c:468
+#, fuzzy
+msgid "no need for a trustdb check\n"
+msgstr "%s: is geen vertrouwensdatabasebestand\n"
 
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: zoeken naar indexveld mislukte: %s\n"
+# Untranslated.
+#: g10/trustdb.c:474 g10/trustdb.c:1641
+#, fuzzy, c-format
+msgid "next trustdb check due at %s\n"
+msgstr "trustdb rec %lu: lseed failed: %s\n"
 
-#: g10/trustdb.c:2406
-#, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "sleutel %08lX: invoegen van vertrouwensveld mislukte: %s\n"
+#: g10/trustdb.c:779
+#, fuzzy
+msgid "checking the trustdb\n"
+msgstr "verander het vertrouwen in de eigenaar"
 
-#: g10/trustdb.c:2410
-#, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "sleutel %08lX.%lu: ingevoegd in de vertrouwensdatabase\n"
+#: g10/trustdb.c:933
+#, fuzzy, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "publieke sleutel niet gevonden"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:1515
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
 msgstr ""
-"sleutel %08lX.%lu: aangemaakt in de toekomst (tijdsverschuiving of "
-"klokprobleem)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "sleutel %08lX.%lu: vervallen op %s\n"
-
-#: g10/trustdb.c:2441
-#, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "sleutel %08lX.%lu: betrouwbaarheidscontrole mislukt: %s\n"
-
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "gebruiker `%s' niet gevonden: %s\n"
 
-#: g10/trustdb.c:2594
+#: g10/trustdb.c:1593
 #, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "kon `%s' niet opzoeken in de vertrouwensdatabase: %s\n"
-
-#: g10/trustdb.c:2597
-#, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "gebruiker '%s' komt niet voor in de vertrouwensdatabase - invoegen\n"
-
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "kon '%s' niet invoegen in de vertrouwensdatabase: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "LET OP: kan nog geen lange voorkeursblokken verwerken\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr ""
 
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3362,45 +3871,33 @@ msgstr ""
 "Onthoud dat het bestand met de ondertekening (.sig of .asc) het eerste\n"
 "bestand van de commandoregel moet zijn.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr "invoerregel %u is te lang, of ontbrekende LF\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: kan sleutelbos niet aanmaken: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: sleutelbos aangemaakt\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "LET OP: er zijn 2 bestanden met vertrouwelijke informatie.\n"
-
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s is de onveranderde\n"
-
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
-#, c-format
-msgid "%s is the new one\n"
-msgstr "%s is de nieuwe\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"sleutel is niet als onveilig gemarkeerd - kan hem niet gebruiken met nep-"
+"RNG!\n"
 
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Dicht dit mogelijke beveiligingsgat\n"
+#: g10/skclist.c:138
+#, fuzzy, c-format
+msgid "skipped `%s': duplicated\n"
+msgstr "`%s' overgeslagen: dubbel\n"
 
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "`%s' overgeslagen: %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+#, fuzzy
+msgid "skipped: secret key already present\n"
+msgstr "overgeslagen: geheime sleutel is al aanwezig\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3419,93 +3916,103 @@ msgstr "Bestand `%s' bestaat al. "
 msgid "Overwrite (y/N)? "
 msgstr "Overschrijven (j/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: onbekend achtervoegsel\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Geef een nieuwe bestandsnaam"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "naar standaard uitvoer schrijven\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "ik neem aan dat de getekende gegevens zich in `%s' bevinden\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: nieuw optiebestand aangemaakt\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: kan map niet aamaken: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: map aangemaakt\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr ""
 "u moet GnuPG opnieuw starten, zodat het het nieuwe optiebestand kan inlezen\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "versleuteld met onbekend algoritme %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "%s versleutelde gegevens\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "LET OP: dit bericht werd versleuteld met een zwakke sleutel in het\n"
 "symmetrische versleutelalgoritme.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+#, fuzzy
+msgid "problem handling encrypted packet\n"
+msgstr "plaats geen sleutelidentificatieveld in versleutelde pakketten"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "zwakke sleutel gemaakt - ik probeer het opnieuw\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "kon het aanmaken van een zwakke sleutel voor het symmetrische\n"
 "algoritme niet voorkomen; ik heb het %d keer geprobeerd!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "er is een geheime sleutel voor deze openbare sleutel!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr ""
-"gebruik eerst de optie \"--delete-secret-key\" om hem te verwijderen.\n"
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "kan dat niet doen in lopende band-mode zonder \"--yes\"\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Deze sleutel van de sleutelbos verwijderen? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "Dit is een geheime sleutel! - echt verwijderen? "
 
+#: g10/delkey.c:156
+#, fuzzy, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "nummeren van de sleutelblokken mislukte: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, fuzzy, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "er is een geheime sleutel voor deze openbare sleutel!\n"
+
+#: g10/delkey.c:196
+#, fuzzy
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr ""
+"gebruik eerst de optie \"--delete-secret-key\" om hem te verwijderen.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3518,20 +4025,28 @@ msgstr ""
 "netwerk-van-certificaten (dat automatisch gemaakt wordt)."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr "Als u dit desondanks toch wilt intrekken, antwoord dan \"ja\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr ""
 "Als u deze onbetrouwbare sleutel toch wilt gebruiken, antwoord dan \"ja\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr "Geef de identificatie van de ontvangende gebruiker."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3570,7 +4085,7 @@ msgstr ""
 "ondertekend kan worden; om deze reden is de ElGamal sleutel voor\n"
 "alleen versleutelen niet aanwezig in dit menu."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3581,16 +4096,16 @@ msgstr ""
 "ondertekeningen die ermee gemaakt zijn, zijn behoorlijk groot en traag\n"
 "te verifi�ren."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Geef de sleutelgrootte"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Antwoord met \"ja\" of \"nee\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3602,19 +4117,19 @@ msgstr ""
 "dan geen goede foutafhandeling krijgen, inplaats daarvan zal het\n"
 "systeem deze waarde proberen te interpreteren als een interval."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Geef de naam van de eigenaar van de sleutel"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr "geef a.u.b. een optioneel maar aan te raden e-mail adres."
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Geef eventueel een kanttekening"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3628,15 +4143,56 @@ msgstr ""
 "O  om door te gaan met de sleutelgeneratie.\n"
 "Q  om te stoppen met de sleutelgeneratie."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Antwoord met \"ja\" (of alleen \"j\") om een subsleutel aan te maken."
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Antwoord met \"ja\" als u ALLE gebruikersidentificaties wilt tekenen"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3644,11 +4200,11 @@ msgstr ""
 "Antwoord \"ja\" indien u deze gebruiker echt wilt verwijderen.\n"
 "Alle certificaten gaan dan ook verloren!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Antwoord met \"ja\" als het goed is om de subsleutel te verwijderen"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3659,7 +4215,7 @@ msgstr ""
 "relatie met deze of een andere sleutel verstoort, die getekend is met\n"
 "deze sleutel."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3672,7 +4228,7 @@ msgstr ""
 "ondertekenen met deze sleutel misschien een vertrouwensband kan\n"
 "scheppen met een andere, al getekende, sleutel."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
@@ -3680,7 +4236,7 @@ msgstr ""
 "De ondertekening is ongeldig.  Het is zinnig om deze uit de sleutelbos\n"
 "te verwijderen."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3694,29 +4250,35 @@ msgstr ""
 "hierna te gebruiken. Dus doe dit alleen als de zelfondertekening om de\n"
 "een of andere reden niet geldig is, en een tweede beschikbaar is."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+
+#: g10/helptext.c:238
+#, fuzzy
+msgid "Please enter the passhrase; this is a secret sentence \n"
 msgstr ""
 "Geef a.u.b. een sleuteltekst; dit is een geheime zin\n"
 "  blabla, blablabla, ..."
 
-#: g10/helptext.c:209
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr ""
 "Herhaal a.u.b. de voorgaande sleuteltekst, zodat u zeker weet wat u ingetypt "
 "heeft."
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr "Geef de naam van het bestand waaraan de ondertekening toebehoort"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Antwoord \"ja\" als het goed is om het bestand te overschrijven"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3724,14 +4286,14 @@ msgstr ""
 "Geef a.u.b. een nieuwe bestansnaam. Als u op RETURN drukt, wordt de\n"
 "standaard bestandsnaam (tussen blokhaken weergegeven) gebruikt."
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3740,25 +4302,375 @@ msgid ""
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Geen hulp beschikbaar"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Geen hulp beschikbaar voor `%s'"
 
+#: g10/keydb.c:177
+#, fuzzy, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "fout bij schrijven van de sleutelbos `%s': %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr ""
+
+#: g10/keydb.c:197
+#, fuzzy, c-format
+msgid "keyring `%s' created\n"
+msgstr "%s: sleutelbos aangemaakt\n"
+
+#: g10/keydb.c:587
+#, fuzzy, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "%s: kon frommeltabel niet aanmaken: %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "LET OP: er zijn 2 bestanden met vertrouwelijke informatie.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s is de onveranderde\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s is de nieuwe\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Dicht dit mogelijke beveiligingsgat\n"
+
+#: g10/keyring.c:1337
+#, fuzzy, c-format
+msgid "checking keyring `%s'\n"
+msgstr "fout bij schrijven van de sleutelbos `%s': %s\n"
+
+#: g10/keyring.c:1368
+#, fuzzy, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu sleutels zijn tot nu toe behandeld\n"
+
+#: g10/keyring.c:1379
+#, fuzzy, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "sleutels en ondertekeningen opnoemen"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: sleutelbos aangemaakt\n"
+
+#, fuzzy
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "Weet je zeker dat je deze sleutellengte wilt gebruiken? "
+
+#, fuzzy
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "Weet je zeker dat je deze sleutellengte wilt gebruiken? "
+
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Echt tekenen? "
+
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "sleutel %08lX: onze versie heeft geen zelfondertekening\n"
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Heb je echt een sleutel nodig die zo lang is? "
+
+#~ msgid "   signed by %08lX at %s\n"
+#~ msgstr "   getekend door %08lX op %s\n"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key gebruikersidentificatie"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key gebruikersidentificatie"
+
+#, fuzzy
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key gebruikersidentificatie"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Geef de gebruikersidentificatie: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "overgeslagen: openbare sleutel is al ingesteld met --encrypt-to\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "\n"
+#~ "WARNING: This is a PGP2-style key\n"
+#~ msgstr "LET OP: `%s' is een leeg bestand\n"
+
+#~ msgid "sSmMqQ"
+#~ msgstr "sSmMqQ"
+
+#~ msgid "no keyserver known (use option --keyserver)\n"
+#~ msgstr "geen sleutelserver bekend (gebruik de optie --keyserver)\n"
+
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s: ongeldig sleutelnummer\n"
+
+#, fuzzy
+#~ msgid "duplicate (short) key ID %08lX\n"
+#~ msgstr "openbare sleutel is %08lX\n"
+
+#, fuzzy
+#~ msgid "%lu key(s) to refresh\n"
+#~ msgstr "        %lu sleutels met fouten\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NAMEN]|controleer de vertrouwensdatabase"
+
+#~ msgid ""
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kon geen pad vinden dat leidt tot vertrouwen van de sleutel.  Laten we\n"
+#~ "eens proberen of we wat missende waarden kunnen invullen.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Geen pad gevonden dat leidt naar een van onze sleutels.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Geen certificaten gevonden zonder betrouwbaarheidswaarden.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Betrouwbaarheidswaarden zijn niet veranderd.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr "%08lx: geen informatie om een betrouwbaarheidskans te berekenen\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: fout tijdens controleren van de sleutel: %s\n"
+
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "te veel ingangen in de unk cache - uitgezet\n"
+
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr "bijwerken van de vertrouwensdatabase ging niet goed: %s\n"
+
+#~ msgid "assuming bad MDC due to an unknown critical bit\n"
+#~ msgstr "foutieve MDC aangenomen wegens een onbekende kritische bit\n"
+
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "fout tijdens lezen van indexveld voor LID %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr "lid %lu: verwachtte indexveld, kreeg type %d\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "geen pimaire sleutel voor LID %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr "fout tijdens het lezen van primaire sleutel voor LID %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: search_record mislukte: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "sleutel %08lX: opvragen van veld mislukte\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "sleutel %08lX: reeds aanwezig in de betrouwbare sleutel-tabel\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "LET OP: geheime sleutel %08lX is NIET beveiligd.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
+#~ msgstr "sleutel %08lX: geheime en openbare sleutel horen niet bij elkaar\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "nummeren van de geheime sleutels mislukte: %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "sleutel %08lX.%lu: Goede subsleutelbinding\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "sleutel %08lX.%lu: Foutieve subsleutelbinding: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "sleutel %08lX.%lu: Geldige sleutelterugtrekking\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "sleutel %08lX.%lu: Ongeldige sleutelterugtrekking: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "sleutel %08lX.%lu: Geldige subsleutelterugtrekking\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Correcte zelfondertekening"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Ongeldige zelfondertekening"
+
+# User ID onvertaald
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
+#~ msgstr ""
+#~ "Geldig terugtrekkingscertificaat overgeslagen wegens een nieuwere "
+#~ "zelfondertekening"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "Geldig terugtrekkingscertificaat voor gebruiker"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Ongeldig terugtrekkingscertificaat voor gebruiker"
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "Geldige terugtrekking van certificaat"
+
+#~ msgid "Good certificate"
+#~ msgstr "Correct certificaat"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Ongeldige terugtrekking van certificaat"
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Ongeldig certificaat"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "ondert. veld %lu[%d] wijst naar een verkeerd veld.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "dubbel certificaat - verwijderd"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "tdbio_search_dir mislukte: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lid ?: invoegen mislukte: %s\n"
+
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lid %lu: invoegen mislukte: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lid %lu: ingevoegd\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "fout bij het lezen van indexveld: %s\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "        %lu sleutels ingevoegd\n"
+
+#~ msgid "enumerate keyblocks failed: %s\n"
+#~ msgstr "nummeren van de sleutelblokken mislukte: %s\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lid %lu: indexveld zonder sleutel - overgeslagen\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "        %lu vanwege nieuwe openbare sleutels\n"
+
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "        %lu sleutels overgeslagen\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "        %lu sleutels bijgewerkt\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Ooeeps, geen sleutels\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Ooeeps, geen gebruikersidentificaties\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr "check_trust: zoeken naar indexveld mislukte: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr "sleutel %08lX: invoegen van vertrouwensveld mislukte: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "sleutel %08lX.%lu: ingevoegd in de vertrouwensdatabase\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+#~ msgstr ""
+#~ "sleutel %08lX.%lu: aangemaakt in de toekomst (tijdsverschuiving of "
+#~ "klokprobleem)\n"
+
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "sleutel %08lX.%lu: vervallen op %s\n"
+
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "sleutel %08lX.%lu: betrouwbaarheidscontrole mislukt: %s\n"
+
+#~ msgid "user '%s' not found: %s\n"
+#~ msgstr "gebruiker `%s' niet gevonden: %s\n"
+
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr "kon `%s' niet opzoeken in de vertrouwensdatabase: %s\n"
+
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr ""
+#~ "gebruiker '%s' komt niet voor in de vertrouwensdatabase - invoegen\n"
+
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "kon '%s' niet invoegen in de vertrouwensdatabase: %s\n"
+
+#, fuzzy
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) ElGamal (ondertekenen en versleutelen)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr ""
+#~ "Wilt u echt een sleutel maken om mee te ondertekenen en versleutelen? "
+
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: gebruiker niet gevonden: %s\n"
+
 #~ msgid "certificate read problem: %s\n"
 #~ msgstr "leesprobleem voor certificaat: %s\n"
 
+#~ msgid "can't lock keyring `%s': %s\n"
+#~ msgstr "kan sleutelbos `%s' niet vergrendelen: %s\n"
+
+#~ msgid "%s: user not found\n"
+#~ msgstr "%s: gebruiker niet gevonden\n"
+
+#~ msgid "WARNING: can't yet handle long pref records\n"
+#~ msgstr "LET OP: kan nog geen lange voorkeursblokken verwerken\n"
+
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: kan sleutelbos niet aanmaken: %s\n"
+
+#, fuzzy
+#~ msgid "invalid"
+#~ msgstr "ongeldige versleuteling"
+
+#, fuzzy
+#~ msgid "revoked"
+#~ msgstr "revkey"
+
 #~ msgid "RSA key cannot be used in this version\n"
 #~ msgstr "RSA sleutel kan niet gebruikt worden in deze versie\n"
 
@@ -3768,36 +4680,16 @@ msgstr "Geen hulp beschikbaar voor `%s'"
 #~ msgid "No user ID for key\n"
 #~ msgstr "Geen gebruikersidentificatie voor sleutel\n"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "geen standaard openbare sleutelbos\n"
-
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "kan sleutelbos `%s' niet vergrendelen: %s\n"
-
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "sleutel %08lX: kan origineel sleutelblok niet lezen: %s\n"
-
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: gebruiker niet gevonden\n"
+#~ msgid "no secret key for decryption available\n"
+#~ msgstr "geheime sleutel voor ontsleuteling is niet beschikbaar\n"
 
 #~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
+#~ "RSA keys are deprecated; please consider creating a new key and use this "
+#~ "key in the future\n"
 #~ msgstr ""
 #~ "RSA sleutels zijn verouderd; overweeg a.u.b. het aanmaken van een\n"
 #~ "nieuwe sleutel om in de toekomst te gebruiken\n"
 
-#~ msgid "not processed"
-#~ msgstr "niet behandeld"
-
-#~ msgid "assuming bad MDC due to an unknown critical bit\n"
-#~ msgstr "foutieve MDC aangenomen wegens een onbekende kritische bit\n"
-
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
-#~ msgstr ""
-#~ "sleutel is niet als onveilig gemarkeerd - kan hem niet gebruiken met "
-#~ "nep-RNG!\n"
-
 #~ msgid "set debugging flags"
 #~ msgstr "zet afluistervlaggen"
 
diff --git a/po/pl.po b/po/pl.po
index ab47df1fb..1465feeed 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -1,313 +1,342 @@
 # Gnu Privacy Guard.
-# Copyright (C) 1998, 1999 Free Software Foundation, Inc.
-# Janusz A. Urbanowicz <[email protected]>, 1998, 1999.
+# Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+# Janusz A. Urbanowicz <[email protected]>, 1999, 2000, 2001, 2002.
 #
-# To be included in GnuPG 1.0.1
+# To be included in GnuPG 1.0.7
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: gnupg 1.0.0h\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 1999-12-05 21:29+01:00\n"
+"Project-Id-Version: gnupg-1.0.6\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-28 02:44+02:00\n"
 "Last-Translator: Janusz A. Urbanowicz <[email protected]>\n"
 "Language-Team: Polish <[email protected]>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=ISO-8859-2\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Xgettext-Options: --default-domain=gnupg --directory=.. --add-comments "
-"--keyword=_ --keyword=N_ --files-from=./POTFILES.in\n"
+"Xgettext-Options: --default-domain=gnupg --directory=.. --add-comments --"
+"keyword=_ --keyword=N_ --files-from=./POTFILES.in\n"
 "Files: util/secmem.c util/argparse.c cipher/random.c cipher/rand-dummy.c "
 "cipher/rand-unix.c cipher/rand-w32.c g10/g10.c g10/pkclist.c g10/keygen.c "
-"g10/decrypt.c g10/encode.c g10/import.c g10/keyedit.c g10/keylist.c "
-"g10/mainproc.c g10/passphrase.c g10/plaintext.c g10/pref.c g10/seckey-cert.c "
-"g10/sig-check.c g10/sign.c g10/trustdb.c g10/verify.c g10/status.c "
-"g10/pubkey-enc.c\n"
+"g10/decrypt.c g10/encode.c g10/import.c g10/keyedit.c g10/keylist.c g10/"
+"mainproc.c g10/passphrase.c g10/plaintext.c g10/pref.c g10/seckey-cert.c g10/"
+"sig-check.c g10/sign.c g10/trustdb.c g10/verify.c g10/status.c g10/pubkey-"
+"enc.c\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Ostrze�enie: u�ywana pami�� nie jest pami�ci� bezpieczn�!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "obja�nienie mo�na przeczyta� tutaj: http://www.gnupg.org/faq.html\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "operacja niemo�liwa do wykonania bez dost�pnej pami�ci bezpiecznej\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(prawdopodobnie u�ywany program jest niew�a�ciwy dlatego zadania)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "tak"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "tT"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "nie"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "wyj�cie"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "wW"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "b��d og�lny"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "nieznany rodzaj pakietu"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "nieznana wersja"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "nieznany algorytm klucza publicznego"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "nieznany algorytm skr�tu"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "niepoprawny klucz publiczny"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "niepoprawny klucz tajny"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "niepoprawny podpis"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "b��d sumy kontrolnej"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
-msgstr "niepoprawne wyra�enie przej�ciowe"
+msgstr "niepoprawne d�ugie has�o."
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
-msgstr "nie odnaleziono klucza publicznego"
+msgstr "brak klucza publicznego."
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "nieznany algorytm szyfruj�cy"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "otwarcie zbioru kluczy jest niemo�liwe"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "niepoprawny pakiet"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
-msgstr "b��d w opakowaniu ASCII"
+msgstr "b��d w opakowaniu ASCII."
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "brak takiego identyfikatora u�ytkownika."
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
-msgstr "klucz tajny nie jest dost�pny"
+msgstr "brak klucza tajnego."
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
-msgstr "u�yty zosta� niew�a�ciwy klucz tajny"
+msgstr "zosta� u�yty niew�a�ciwy klucz tajny"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "nie jest obs�ugiwany"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
-msgstr "niepoprawny klucz"
+msgstr "niepoprawny klucz."
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
-msgstr "b��d przy odczycie pliku"
+msgstr "b��d przy odczycie pliku."
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
-msgstr "b��d przy zapisie pliku"
+msgstr "b��d przy zapisie pliku."
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "nieznany algorytm kompresji"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
-msgstr "b��d przy otwieraniu pliku"
+msgstr "b��d przy otwieraniu pliku."
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "b��d przy tworzeniu pliku"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
-msgstr "niepoprawne wyra�enie przej�ciowe"
+msgstr "niepoprawne d�ugie has�o"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "algorytm szyfrowania z kluczem publicznym nie jest zaimplementowany"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "algorytm szyfruj�cy nie jest zaimplementowany"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "nieznana klasa podpisu"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
-msgstr "b��d w bazie zaufania"
+msgstr "b��d w bazie zaufania."
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "b��d MPI"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "ograniczenie zasob�w"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "b��d w zbiorze kluczy"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "niepoprawny certyfikat"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
-msgstr "b��d formatu indentyfikatora u�ytkownika"
+msgstr "b��d formatu identyfikatora u�ytkownika"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "b��d przy zamykaniu pliku"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "b��d przy zmianie nazwy pliku"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "b��d przy usuwaniu pliku"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
-msgstr "nieoczekiwane dane"
+msgstr "nieoczekiowane dane"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "konflikt znacznik�w czasu"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "nieu�yteczny algorytm z kluczem publicznym"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "plik ju� istnieje"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "klucz s�aby"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "b��dny argument"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "niepoprawny URI"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
-msgstr "URI nie obs�ugiwanego typu"
+msgstr "URI nie jest obs�ugiwany"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "b��d sieci"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
-msgstr "nie jest zaszyfrowany"
+msgstr "nie zaszyfrowany"
+
+#: util/errors.c:103
+msgid "not processed"
+msgstr "nie zosta� przetworzony"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "bezu�yteczny klucz publiczny"
 
-#: util/logger.c:227
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "bezu�yteczny klucz tajny"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "b��d serwera kluczy"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... to jest b��d w programie (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "znalaz�e�(a�) b��d w programie ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "nie mo�na otworzy� %s: %s\n"
 
-#: cipher/random.c:325
-#, fuzzy, c-format
+#: cipher/random.c:324
+#, c-format
 msgid "can't stat `%s': %s\n"
-msgstr "nie mo�na otworzy� %s: %s\n"
+msgstr "nie mo�na sprawdzi� %s: %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
-msgstr ""
+msgstr "'%s' nie jest zwyk�ym plikiem - zostaje pomini�ty\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
-msgstr ""
+msgstr "uwaga: plik random_seed jest pusty\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
+"ostrze�enie: plik random_seed ma niew�a�ciwy rozmiar - nie zostanie u�yty\n"
 
-#: cipher/random.c:349
-#, fuzzy, c-format
+#: cipher/random.c:348
+#, c-format
 msgid "can't read `%s': %s\n"
-msgstr "nie mo�na otworzy� %s: %s\n"
+msgstr "nie mo�na odczyta� %s: %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
-msgstr ""
+msgstr "uwaga: plik random_seed nie jest uaktualniony\n"
 
-#: cipher/random.c:407
-#, fuzzy, c-format
+#: cipher/random.c:406
+#, c-format
 msgid "can't create `%s': %s\n"
 msgstr "nie mo�na stworzy� %s: %s\n"
 
-#: cipher/random.c:414
-#, fuzzy, c-format
+#: cipher/random.c:413
+#, c-format
 msgid "can't write `%s': %s\n"
-msgstr "nie mo�na otworzy� %s: %s\n"
-
-#: cipher/random.c:417
-#, fuzzy, c-format
-msgid "can't close `%s': %s\n"
-msgstr "nie mo�na otworzy� %s: %s\n"
+msgstr "nie mo�na zapisa� %s: %s\n"
 
-#: cipher/random.c:428
+#: cipher/random.c:416
 #, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
+msgid "can't close `%s': %s\n"
+msgstr "nie mo�na zamkn�� %s: %s\n"
 
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr ""
 "OSTRZE�ENIE: u�ywany generator liczb losowych\n"
 "nie jest kryptograficznie bezpieczny!!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -321,7 +350,7 @@ msgstr ""
 "JAKIEKOLWIEK DANE GENEROWANE PRZEZ TEN PROGRAM NIE NADAJ� SI� DO \n"
 "NORMALNEGO U�YTKU I NIE ZAPEWNIAJ� BEZPIECZE�STWA!!\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -333,19 +362,7 @@ msgstr ""
 "Prosz� kontynuowa� inne dzia�ania aby system m�g� zebra� odpowiedni�\n"
 "ilo�� entropii do ich wygenerowania (brakuje %d bajt�w).\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Ostrze�enie: u�ywana pami�� nie jest pami�ci� bezpieczn�!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "operacja niemo�liwa do wykonania bez dost�pnej pami�ci bezpiecznej\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(prawdopodobnie u�ywany program jest niew�a�ciwy dla tego zadania)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -353,139 +370,167 @@ msgstr ""
 "@Polecenia:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[plik]|z�o�enie podpisu"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[plik]|z�o�enie podpisu na czytelnym dokumencie"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
-msgstr "sporz�dzenie podpisu oddzielonego od dokumentu"
+msgstr "z�o�enie podpisu oddzielonego od dokumentu"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "szyfrowanie danych"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[pliki]|szyfrowanie plik�w"
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "szyfrowanie tylko szyfrem symetrycznym"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
-msgstr "tylko zapis do pliku"
+msgstr "tylko zapis danych w formacie OpenPGP"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "odszyfrowywanie danych (domy�lnie)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[pliki]|odszyfrowywanie plik�w"
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "sprawdzenie podpisu"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "lista kluczy"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "lista kluczy i podpis�w"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "sprawdzenie podpis�w kluczy"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "lista kluczy i ich odcisk�w"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "lista kluczy tajnych"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
-msgstr "generacja nowej pary klucza"
+msgstr "generacja nowej pary kluczy"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
 msgstr "usuni�cie klucza ze zbioru kluczy publicznych"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
 msgstr "usuni�cie klucza ze zbioru kluczy tajnych"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "z�o�enie podpisu na kluczu"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
-msgstr "z�o�enie lokalnego podpisu na kluczu"
+msgstr "z�o�enie prywatnego podpisu na kluczu"
+
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr ""
+"z�o�enie na kluczu podpisu nie podlegaj�cego \n"
+"uniewa�nieniu"
 
-#: g10/gpg.c:224
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr ""
+"z�o�enie na kluczu podpisu prywatnego,\n"
+"nie podlegaj�cego uniewa�nieniu"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "podpisanie lub modyfikacja klucza"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "tworzenie certyfikatu uniewa�nienia klucza"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "eksport kluczy do pliku"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "eksport kluczy do serwera kluczy"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "import kluczy z serwera kluczy"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "szukanie kluczy na serwerze"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "od�wie�enie kluczy z serwera"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
-msgstr "import/do��czanie kluczy"
+msgstr "import/do��czenie kluczy"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "wypisane sekwencji pakiet�w"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "eksport warto�ci zaufania"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "wczytanie warto��i zaufania"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "uaktualnienie bazy zaufania"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NAZWY]|sprawdzenie bazy zaufania"
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "automatyczne uaktualnienie bazy zaufania"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "naprawa uszkodzonej bazy zaufania"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "zdj�cie opakowania ASCII pliku lub potoku"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "opakowanie ASCII pliku lub potoku"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [pliki]|skr�ty wiadomo�ci"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -495,162 +540,204 @@ msgstr ""
 "Opcje:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
-msgstr "plik wynikowy b�dzie w opakowaniu ASCII"
+msgstr "plik wynikowy w opakowaniu ASCII"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
-msgstr "|NAZWA|szyfrowanie dla adresata NAZWA"
+msgstr "|NAZWA|szyfrowanie dla odbiorcy NAZWA"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NAZWA|u�ycie NAZWA jako domy�lnego adresata"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "domy�lny klucz jest domy�lnym adresatem"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "identyfikator do podpisania lub odszyfrowania"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|poziom kompresji N (0 - brak)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "kanoniczny format tekstowy"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "plik wyj�ciowy"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "z informacjami dodatkowymi"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "mniej komunikat�ww"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "bez odwo�a� do terminala"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "wymuszenie trzeciej wersji formatu podpis�w"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "bez wymuszania trzeciej wersji formatu podpis�w"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "wymuszenie czwartej wersji formatu podpis�w"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "bez wymuszania czwartej wersji formatu podpis�w"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "do szyfrowania b�dzie u�ywany MDC"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "do szyfrowania nie zostanie u�yty MDC"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "pozostawienie bez zmian"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "wykorzystanie gpg-agenta"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "tryb wsadowy: �adnych pyta�"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "automatyczna odpowied� tak na wi�kszo�� pyta�"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "automatyczna odpowied� nie na wi�kszo�� pyta�"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "doda� zbi�r kluczy do listy u�ywanych"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "doda� zbi�r kluczy tajnych do listy"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "okazanie, w kt�rym zbiorze kluczy znajduje si� dany klucz"
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NAZWA|u�ycie NAZWA jako domy�lnego klucza tajnego"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|HOST|serwer kluczy w kt�rym b�d� poszukiwane"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NAZWA|zestaw znak�w terminala NAZWA"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "wczytanie opcji z pliku"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr "|FD|zapisa� opis stanu do FD"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr "|KLUCZ|ca�kowite zaufanie dla tego klucza"
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[plik]|zapisa� opis stanu do pliku"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|KLUCZ|klucz ca�kowicie zaufany"
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|PLIK|�adowanie modu�u rozszerzenia z PLIK"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "emulacja trybu opisanego w RFC1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
-msgstr "zgodno�� ustawie� pakiet�w, szyfr�w i skr�t�w z OpenPGP"
+msgstr "tryb zgodno�ci formatu pakiet�w, szyfr�w i skr�t�w z OpenPGP"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "tryb zgodno�ci format�w, szyfr�w i skr�t�w z PGP 2.x"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
-msgstr "|N|N-ty tryb wprowadzania wyra�enia przej�ciowego"
+msgstr "|N|N-ty tryb obliczania has�a"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
-msgstr "|ALG|algorytm obliczania skr�t�w wiadomo�ci ALG"
+msgstr "|ALG|algorytm skr�tu dla has�a ALG"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr "|ALG|algorytmu szyfruj�cy ALG dla has�a"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NAZWA|algorytm szyfruj�cy NAZWA"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NAZWA|algorytm obliczania skr�t�w wiadomo�ci NAZWA"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|algorytm kompresji N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
-msgstr "usuni�cie identyfikator�w kluczy z pakiet�w"
+msgstr "usuni�cie numer�w kluczy adresat�w z zaszyfrowanych pakiet�w"
+
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "okazanie identyfikatora - zdj�cia u�ytkownika"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "bez pokazywania zdj��"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "polecenie wywo�ania przegl�darki do zdj��"
 
-#: g10/gpg.c:309
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NAZWA=TRE��|adnotacje"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
+"@\n"
+"(Pe�n� list� polece� i opcji mo�na znale�� w podr�czniku systemowym.)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -671,15 +758,15 @@ msgstr ""
 " --list-keys [nazwy]        pokazuje klucze\n"
 " --fingerprint [nazwy]      pokazuje odciski kluczy\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr "B��dy prosimy zg�asza� na adres <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Wywo�anie: gpg [opcje] [pliki] (-h podaje pomoc)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -689,7 +776,7 @@ msgstr ""
 "podpisywanie, sprawdzanie podpis�w, szyfrowanie, deszyfrowanie\n"
 "domy�lnie wykonywana operacja zale�y od danych wej�ciowych\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -697,638 +784,694 @@ msgstr ""
 "\n"
 "Obs�ugiwane algorytmy:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "wywo�anie: gpg [opcje]"
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "sprzeczne polecenia\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "UWAGA: brak domy�lnego pliku opcji '%s'\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "plik opcji '%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "odczyt opcji z '%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s nie jest poprawn� nazw� zestawu znak�w\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "niezrozuma�y URI serwera kluczy\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "nie mo�na ustawi� �cie�ki program�w wykonywalnych na %s\n"
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "OSTRZE�ENIE: '%s' jest przestarza�� opcj�.\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "nale�y u�y� opcji \"--keyserver-options %s\"\n"
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "OSTRZE�ENIE: program mo�e stworzy� plik zrzutu pami�ci!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "OSTRZE�ENIE: %s powoduje obej�cie %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "UWAGA: %s nie jest do normalnego u�ytku!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
-msgstr "%s jest niedozwolony z %s!\n"
+msgstr "Nie wolno u�ywa� %s z %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s nie ma sensu z %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+"w trybie --pgp2 mo�na sk�ada� tylko podpisy oddzielne lub do��czone do "
+"tekstu\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "w trybie --pgp2 nie mo�na jednocze�nie szyfrowa� i podpisywa�\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr "w trybie --pgp2 trzeba u�ywa� plik�w a nie potok�w.\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr "szyfrowanie wiadomo�ci w trybie --pgp2 wymaga modu�u szyfru IDEA\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "tej wiadomo�ci mo�e nie da� si� odczyta� za pomoc� PGP 2.x\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "wybrany algorytm szyfruj�cy jest niepoprawny\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "wybrany algorytm geenracji skr�t�w wiadomo�ci jest niepoprawny\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "podany URL regulaminu jest niepoprawny\n"
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "podany URL regulaminu podpis�w jest niepoprawny\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "podany URL regulaminu certyfikacji jest niepoprawny\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "ustawienie algortytmu kompresji musi pochodzi� z zakresu %d..%d\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "warto�� completes-needed musi by� wi�ksza od 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "warto�� marginals-needed musi by� wi�ksza od 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "warto�� max-cert-depth musi mie�ci� si� w zakresie od 1 do 255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "UWAGA: prosty tryb S2K (0) jest stanowczo odradzany\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "niepoprawny tryb S2K; musi mie� warto�� 0, 1 lub 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr ""
+"niew�a�ciwy domy�lny poziom sprawdzania; musi mie� warto�� 0, 1 lub 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "niew�a�ciwe ustawienia\n"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "inicjowanie Bazy Zaufania nie powiod�o si�: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [plik]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [plik]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [plik]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [plik]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [plik]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [plik]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
-msgstr "--clearsign [plik]"
+msgstr "--clearsign [plik]\""
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [plik]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key nazwa u�ytkownika"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key nazwa u�ytkownika"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key nazwa u�ytkownika [polecenia]"
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key nazwa u�ytkownika"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key nazwa u�ytkownika"
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrsign-key nazwa u�ytkownika"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key nazwa u�ytkownika"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key nazwa u�ytkownika [polecenia]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "nie mo�na otworzy� %s: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [identyfikator] [zbi�r kluczy]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
-msgstr "usuni�cie opakowania ASCII nie powiod�o si�: %s\n"
+msgstr "zdj�cie opakowania ASCII nie powiod�o si�: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "opakowywanie ASCII nie powiod�o si�: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
-msgstr "niew�a�ciwy algorytm skr�tu '%s'\n"
+msgstr "niew�a�ciwy algorytm skr�tu ,%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[nazwa pliku]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Wpisz tutaj swoj� wiadomo�� ...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
-msgstr "nie mo�na otworzy� '%s'\n"
+msgstr "nie mo�na otworzy� ,%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
-msgstr "adnotacja musi zaczyna� si� od litery lub podkre�lenia\n"
+msgstr "adnotacja musi zaczyna� si� od podkre�lenia lub litery\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
 msgstr ""
 "nazwa adnotacji mo�e zawiera� tylko litery, cyfry, kropki,\n"
-"podkre�lenia, i musi ko�czy� si� '='\n"
+"podkre�lenia, i musi ko�czy� si� ,='\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr "kropki w adnotacji musz� znajdowa� si� pomi�dzy innymi znakami\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "warto�� adnotacji nie mo�e zawiera� znak�w steruj�cych\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "opakowanie: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "niepoprawny nag��wek opakowania: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "nag��wek opakowania: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "niew�a�ciwy nag��wek czytelnego podpisanego dokumentu\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "zagnie�d�one podpisy na czytelnym dokumencie\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "niepoprawne oznaczenie linii minusami: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "nieoczekiwane opakowanie:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "niew�a�ciwy znak formatu radix64 %02x zosta� pomini�ty\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "przewczesny koniec pliku (brak CRC)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "przedwczesny koniec pliku (w CRC)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "b��d formatu CRC\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "B��d sumy CRC; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
-msgstr "przedwczesny koniec pliku (w zako�czeniu)\n"
+msgstr "przedwczesny koniec pliku (w linii ko�cz�cej)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "b��d w linii ko�cz�cej\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "nie odnaleziono poprawnych danych w formacie OpenPGP.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "b��d opakowania: linia d�u�sza ni� %d znak�w\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "znak kodowania quoted-printable w opakowaniu ASCII - prawdopodobnie\n"
 "przek�amanie wprowadzone przez program transportowy poczty\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "                  Odcisk:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Odcisk klucza:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
-msgstr ""
+msgstr "Nie podano przyczyny"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
-msgstr "Klucz jest chroniony.\n"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "Klucz zosta� zast�piony"
 
-#: g10/pkclist.c:121
-#, fuzzy
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
-msgstr "Ten klucz zosta� wy��czony z u�ycia"
+msgstr "Klucz zosta� skompromitowany"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
-msgstr ""
+msgstr "Klucz nie jest ju� u�ywany"
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
-msgstr ""
+msgstr "Identyfikator u�ytkownika przesta� by� poprawny"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
-msgstr ""
+msgstr "Pow�d uniewa�nienia: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
-msgstr ""
+msgstr "Komentarz do uniewa�nienia: "
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "iIpPwW"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMwWpP"
 
-#: g10/pkclist.c:308
+#: g10/pkclist.c:258
 #, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
-"Brak warto�ci zaufania dla %lu:\n"
+"Brak warto�ci zaufania dla:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Zastan�w si� jak bardzo ufasz temu u�ytkownikowi w kwestii sprawdzania\n"
 "to�samo�ci innych w�a�cicieli kluczy (czy sprawdzi on odciski klucza \n"
-"pobrane z r�nych �r�de�, dokumenty potwierdzaj�ce to�samo�� w�a�ciciela\n"
-"klucza itd.)?\n"
-"\n"
-" 1 = Nie wiem.\n"
-" 2 = NIE ufam mu w tej kwestii.\n"
-" 3 = Ufam marginalnie.\n"
-" 4 = W pe�ni mu ufam.\n"
-" i = potrzebuj� wi�cej informacji\n"
+"pobrane z r�nych �r�de�, dokumenty potwierdzaj�ce to�samo��, itd.)?\n"
+
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = nie wiem\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = NIE ufam mu\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = mam ograniczone zaufanie\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = mam pe�ne zaufanie\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = ufam absolutnie\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = potrzebuj� wi�cej informacji\n"
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
-msgstr " p = powr�t do g��wnego menu\n"
+msgstr " m = powr�t do g��wnego menu\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " p = pomini�cie klucza\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:285
 msgid " q = quit\n"
-msgstr "w = wyj�cie\n"
+msgstr " w = wyj�cie\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Twoja decyzja? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Czy na pewno chcesz przypisa� absolutne zaufanie temu kluczowi? "
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Certyfikaty prowadz�ce do ostatecznie zaufanego klucza:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"Niemo�liwe jest znalezienie poprawnej scie�ki zaufania do tego klucza.\n"
-"Sprawd�my czy mo�na przypisa� brakuj�ce warto�ci zaufania.\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"Brak �cie�ki prowadz�cej do kt�rego� z naszych kluczy.\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Brak certyfikat�w o niezdefiniowanym poziomie zaufania.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Parametry zaufania nie zosta�y zmienione.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "klucz %08lX: klucz zosta� uniewa�niony!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
-msgstr "U�y� tego klucza mimo wszystko? "
+msgstr "U�y� tego klucza pomimo to? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "klucz %08lX: podklucz zosta� uniewa�niony!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: data wa�no�ci klucza up�yn�a\n"
 
-#: g10/pkclist.c:519
+#: g10/pkclist.c:442
 #, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: brak informacji aby obliczy� prawdopodobie�stwo zaufania\n"
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr "%08lX: Nie ma pewno�ci co do to�samo�ci w�a�ciciela klucza.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: NIE UFAMY temu kluczowi\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
 "but it is accepted anyway\n"
 msgstr ""
-"%08lX: Nie ma pewno��i �e ten klucz faktycznie nale�y do odoby podaj�cej\n"
-"si� za jego w�a�ciciela, ale jest akceptowalny.\n"
+"%08lX: Nie ma pewne, do do kogo nale�y ten klucz, ale jest akceptowalny.\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
-msgstr ""
-"Ten klucz prawdopodobnie nale�y do osoby podaj�cej si� za jego w�a�ciciela.\n"
+msgstr "Ten klucz prawdopodobnie nale�y do tej osoby.\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Ten klucz nale�y do nas\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
 "the next question with yes\n"
 "\n"
 msgstr ""
-"NIE MA pewno�ci �e ten klucz nale�y do osoby kt�ra podaje si� za jego\n"
-"w�a�ciciela. Je�li nie masz co do tego �adnych w�tpliwo�ci i *naprawd�*\n"
-"wiesz co robisz mo�esz odpowiedzie� \"tak\" na nast�pne pytanie.\n"
+"NIE MA pewno�ci, do kogo nale�y ten klucz. Je�li nie masz co do\n"
+"tego �adnych w�tpliwo�ci i *naprawd�* wiesz co robisz mo�esz\n"
+"odpowiedzie� \"tak\" na nast�pne pytanie.\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "OSTRZE�ENIE: u�ywany jest klucz nie obdarzony zaufaniem!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "OSTRZE�ENIE: Ten klucz zosta� uniewa�niony przez w�a�ciciela!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "             To mo�e oznacza� �e podpis jest fa�szerstwem.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "OSTRZE�ENIE: Ten podklucz zosta� uniewa�niony przez w�a�ciciela!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Uwaga: Ten klucz zosta� wy��czony z u�ytku\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Uwaga: Data wa�no�ci tego klucza up�yn�a!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr "OSTRZE�ENIE: Ten klucz nie jest po�wiadczony zaufanym podpisem!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr ""
-"             Nic nie wskazuje na to �e ten podpis z�o�y� w�a�ciciel klucza.\n"
+"             Nie ma pewno�ci co do to�samo�ci osoby kt�ra z�o�y�a podpis.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "OSTRZE�ENIE: NIE UFAMY temu kluczowi!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "             Ten podpis prawdopodobnie jest FA�SZERSTWEM.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
-"OSTRZE�ENIE: Ten klucz nie jest po�wiadczony wystarczaj�co zaufanymi "
-"podpisami!\n"
+"OSTRZE�ENIE: Tego klucza nie po�wiadczaj� wystarczaj�c zaufane podpisy!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr ""
-"             Nie ma pewno�ci �e ten podpis zosta� z�o�ony przez "
-"w�a�ciciela.\n"
+"             Nie ma pewno�ci co do to�samo�ci osoby kt�ra z�o�y�a ten "
+"podpis.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: pomini�ty: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
-msgstr "%s: pomini�ty: klucz publiczny ju� znajduje si� w bazie\n"
+msgstr "%s: pomini�ty: zosta� ju� wybrany\n"
+
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr "Nie zosta� podany identyfikatora u�ytkownika (np za pomoc� ,,-r'')\n"
 
-#: g10/pkclist.c:855
+#: g10/pkclist.c:762
 msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
 "\n"
+"Enter the user ID.  End with an empty line: "
 msgstr ""
-"Nie poda�e�(a�) identyfikatora u�ytkownika (user ID).\n"
-"Mo�na to zrobi� za pomoc� opcji \"-r\".\n"
-
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Wprowad� identyfikator u�ytkownika (user ID): "
+"\n"
+"Identyfikator u�ytkownika (pusta linia oznacza koniec): "
 
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Brak takiego identyfikatora u�ytkownika.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr "pomini�ty: klucz publiczny ju� jest domy�lnym adresatem\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "Klucz publiczny wy��czony z uzycia.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "pomini�ty: klucz publiczny ju� wybrany w --encrypt-to\n"
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "pomini�ty: zosta� ju� wybrany\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "nieznany domy�lny adresat '%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: b��d podczas sprawdzania klucza: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: pomini�ty: klucz publiczny wy��czony z u�ycia\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
-msgstr "brak poprawnych adres�w\n"
+msgstr "brak poprawnych adresat�w\n"
+
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "ustawienie %c%lu jest niepoprawne\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "ustawienie %c%lu powtarza si�\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "zbyt wiele `%c' ustawie�\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "niew�a�ciwy znak w tek�cie ustawie�\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "zapis podpisu klucza nim samym\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "zapis podpisu wi���cego klucz\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
-#, fuzzy, c-format
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
 msgid "keysize invalid; using %u bits\n"
-msgstr "��dana d�ugo�� klucza to %u bity.\n"
+msgstr "niew�a�ciwa d�ugo�� klucza; wykorzystano %u bit�w\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
-#, fuzzy, c-format
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
 msgid "keysize rounded up to %u bits\n"
-msgstr "zaokr�glono do %u bit�w\n"
+msgstr "rozmair klucza zaokr�glony do %u bit�w\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Prosz� wybra� rodzaj klucza:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) Para kluczy dla algorytm�w DSA i ElGamala (domy�lne)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (tylko do podpisywania)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
-msgstr "   (%d) Klucz dla algorytmu ElGamala (tylko do szyfrowanie)\n"
+msgstr "   (%d) Klucz dla algorytmu ElGamala (tylko do szyfrowania)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) Klucz dla algorytmu ElGamala (do szyfrowania i podpisywania)\n"
 
-#: g10/keygen.c:643
-#, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) Klucz dla algorytmu ElGamala (do szyfrowania i podpisywania)\n"
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (tylko do podpisywania)\n"
 
-#: g10/keygen.c:647
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (tylko do szyfrowania)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Tw�j wyb�r? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Czy na pewno chcesz stworzy� klucz do szyfrowania i podpisywania? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "U�ywanie tego algorytmu jest odradzane - tworzy� mimo to? "
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Niew�a�ciwy wyb�r.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1341,21 +1484,21 @@ msgstr ""
 "               domy�lny rozmiar klucza wynosi 1024 bity\n"
 "  najwi�kszy sugerowany rozmiar klucza wynosi 2048 bit�w\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Jakiej d�ugo�ci klucz wygenerowa�? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "Klucz dla DSA musi mie� d�ugo�� pomi�dzy 512 i 1024 bitow.\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "D�ugo�� klucza zbyt ma�a; minimalna dopuszczona wynosi 768 bit�w.\n"
-
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr ""
+"D�ugo�� klucza zbyt ma�a; minimalna dopuszczalna dla RSA wynosi 1024 bity.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
 msgstr "D�ugo�� klucza zbyt ma�a; minimalna dopuszczona wynosi 768 bit�w.\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
@@ -1366,12 +1509,12 @@ msgstr "D�ugo�� klucza zbyt ma�a; minimalna dopuszczona wynosi 768 bit�w.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "zbyt du�y rozmiar klucza, ograniczenie wynosi %d.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1379,11 +1522,11 @@ msgstr ""
 "Klucze d�u�sze ni� 2048 bit�w s� odradzane, poniewa� obliczenia\n"
 "trwaj� wtedy BARDZO d�ugo!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Na pewno wygenerowa� klucz takiej d�ugo�ci? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1391,21 +1534,17 @@ msgstr ""
 "Nale�y tak�e pami�ta� o tym, �e informacje mog� by� te� wykradzione z\n"
 "komputera przez pods�uch emisji elektromagnetycznej klawiatury i monitora!\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Czy naprawd� potrzebujesz takiego d�ugiego klucza? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "��dana d�ugo�� klucza to %u bity.\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "zaokr�glono do %u bit�w\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1421,37 +1560,58 @@ msgstr ""
 "      <n>m = termin wa�no�ci klucza up�ywa za n miesi�cy\n"
 "      <n>y = termin wa�no�ci klucza up�ywa za n lat\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Okres wa�no��i podpisu.\n"
+"         0 = klucz nie ma okre�lonego terminu wa�no�ci\n"
+"      <n>  = termin wa�no�ci podpisu up�ywa za n dni\n"
+"      <n>w = termin wa�no�ci podpisu up�ywa za n tygodni\n"
+"      <n>m = termin wa�no�ci podpisu up�ywa za n miesi�cy\n"
+"      <n>y = termin wa�no�ci podpisu up�ywa za n lat\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "Okres wa�no�ci klucza ? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "Okres wa�no�ci podpisu? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "niepoprawna warto��\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "Klucz nie ma daty wa�no�ci (nie traci wa�no�ci z up�ywem czasu).\n"
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s nie ma daty wa�no�ci (nie traci wa�no�ci z up�ywem czasu).\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
+#: g10/keygen.c:992
 #, c-format
-msgid "Key expires at %s\n"
-msgstr "Data wa�no�ci klucza: %s\n"
+msgid "%s expires at %s\n"
+msgstr "%s traci wa�no��: %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
 msgstr ""
-"Tw�j system nie potrafi poprawnie wy�wietla� dat po roku 2036.\n"
-"Jednak�e poprawnie obs�ugiwane s� daty do roku 2106.\n"
+"Tw�j system nie potrafi pokaza� daty po roku 2038.\n"
+"Niemniej daty do roku 2106 b�d� poprawnie obs�ugiwane.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "Dane poprawne (t/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1464,47 +1624,47 @@ msgstr ""
 "Musisz okre�li� identyfikator u�ytkownika aby mo�na by�o rozpozna� tw�j\n"
 "klucz; program z�o�y go z twojego imienia i nazwiska, komentarza i adresu\n"
 "poczty elektronicznej. B�dzie on mia� tak� posta�:\n"
-"    \"Tadeusz �ele�ski (Boy) <[email protected]>\"\n"
+"    \"Tadeusz �ele�ski (Boy) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Imi� i nazwisko: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Niew�a�ciwy znak w imieniu lub nazwisku\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Imi� lub nazwisko nie mo�e zaczyna� si� od cyfry\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Imi� i nazwisko musz� mie� conajmniej 5 znak�w d�ugo�ci.\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Adres poczty elektronicznej: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
-msgstr "to nie jest poprawny adres poczty elektronicznej\n"
+msgstr "To nie jest poprawny adres poczty elektronicznej\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Komentarz: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Niew�a�ciwy znak w komentarzu\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "U�ywasz zestawu znak�w %s.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1515,58 +1675,61 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr ""
+"Nie nalezy umieszcza� adresu poczty elektronicznej w polu nazwiska czy\n"
+"komentarza.\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "IiKkEeDdWw"
 
-#: g10/keygen.c:986
-#, fuzzy
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
 msgstr ""
 "Zmieni� (I)mi�/nazwisko, (K)omentarz, adres (E)mail, \n"
-"przej�� (D)alej czy (W)yj�� z programu? "
+"czy (W)yj��? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr ""
 "Zmieni� (I)mi�/nazwisko, (K)omentarz, adres (E)mail, \n"
-"przej�� (D)alej czy (W)yj�� z programu? "
+"przej�� (D)alej czy (W)yj�� z programu ? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
-msgstr ""
+msgstr "Najpierw trzeba poprawi� ten b��d\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
 msgstr ""
-"Musisz poda� wyra�enie przej�ciowe (has�o) aby ochroni� sw�j klucz tajny.\n"
+"Musisz poda� d�ugie, skomplikowane has�o aby ochroni� sw�j klucz tajny.\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr ""
-"Powt�rzone wyra�enie przej�ciowe nie zgadza si� z podanym w pierwszej "
-"pr�bie;\n"
-"spr�buj jeszcze raz.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "has�o nie zosta�o poprawnie powt�rzone; jeszcze jedna pr�ba"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
 "using this program with the option \"--edit-key\".\n"
 "\n"
 msgstr ""
-"Nie chcesz poda� wyra�enia przej�ciowego (has�a) - to *z�y* pomys�!\n"
-"W ka�dej chwili mo�esz ustawi� wyra�enie przej�ciowe u�ywaj�c tego programu\n"
-"i opcji \"--edit-key\".\n"
+"Nie chcesz poda� has�a - to *z�y* pomys�!\n"
+"W ka�dej chwili mo�esz ustawi� has�o u�ywaj�c tego programu i opcji\n"
+"\"--edit-key\".\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1576,54 +1739,78 @@ msgstr ""
 "Musimy wygenerowa� du�o losowych bajt�w. Dobrym pomys�em podczas "
 "generowania\n"
 "liczb pierszych jest wykonanywanie w tym czasie innych dzia�a� (pisanie na\n"
-"klawiaturzeze, poruszanie myszk�, odwo�anie si� do dysk�w); dzi�ki temu\n"
-"generator liczb losowych ma mo�liwo�� zebrania odpowiedniej ilo�ci entropii. "
-"\n"
+"klawiaturze, poruszanie myszk�, odwo�anie si� do dysk�w); dzi�ki temu\n"
+"generator liczb losowych ma mo�liwo�� zebrania odpowiedniej ilo�ci "
+"entropii.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "Para kluczy dla DSA b�dzie mia�a 1024 bity d�ugo�ci.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Procedura generacji klucza zosta�a anulowana.\n"
 
-#: g10/keygen.c:1668
-#, fuzzy, c-format
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
 msgid "writing public key to `%s'\n"
-msgstr "zapis certyfikatu publicznego w '%s'\n"
+msgstr "zapisuj� klucz publiczny w '%s'\n"
 
-#: g10/keygen.c:1669
-#, fuzzy, c-format
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
 msgid "writing secret key to `%s'\n"
-msgstr "zapis tajnego certyfikatu w '%s'\n"
+msgstr "zapisuj� klucz tajny w '%s'\n"
+
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "brak zapisywalnego zbioru kluczy publicznych: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "brak zapisywalnego zbioru kluczy tajnych: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "b��d podczas zapisu zbioru kluczy publicznych `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "b��d podczas zapisu zbioru kluczy tajnych `%s': %s\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
-msgstr "klucze publiczny i tajny zosta�y stworzone i podpisane.\n"
+msgstr "klucz publiczny i prywatny (tajny) zosta�y utworzone i podpisane.\n"
+
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "klucz zosta� oznaczony jako obdarzony absolutnym zaufaniem.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
 msgstr ""
-"Ten klucz nie mo�e by� wykorzystany do szyfrowania. Komend� \"--edit-key\" \n"
+"Ten klucz nie mo�e by� wykorzystany do szyfrowania. Komend� \"--edit-key\"\n"
 "mo�na doda� do niego podklucz u�ywany do szyfrowania.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "Generacja klucza nie powiod�a si�: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
 msgstr ""
-"klucz zosta� stworzony %lu sekund w przysz�o�ci (zaburzenia\n"
+"klucz zosta� stworzony %lu sekund� w przysz�o�ci (zaburzenia\n"
 "czasoprzestrzeni, lub �le ustawiony zegar systemowy)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1631,309 +1818,366 @@ msgstr ""
 "klucz zosta� stworzony %lu sekund w przysz�o�ci (zaburzenia\n"
 "czasoprzestrzeni, lub �le ustawiony zegar systemowy)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr ""
+"UWAGA: tworzenie podkluczy dla kluczy wersji 3 jest niezgodne z OpenPGP.\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
-msgstr "Na pewno generowa�? "
+msgstr "Na pewno utworzy�? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "opcja --output nie dzia�a z tym poleceniem\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' ju� jest spakowany\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: nie mo�na otworzy�: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
-msgstr "b��d podczs tworzenia wyra�enia przej�ciowego (has�a): %s\n"
+msgstr "b��d podczas tworzenia has�a: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: OSTRZE�ENIE: plik jest pusty\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"w trybie --pgp2 mo�na szyfrowa� dla kluczy RSA kr�tszych od 2048 bit�w\n"
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "odczyt z '%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+"nie mo�na u�y� szyfru IDEA z wszystkimi kluczami dla kt�rych szyfrujesz.\n"
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s zaszyfrowany dla: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
+#: g10/delkey.c:69 g10/export.c:141
+#, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "klucz `%s' nie zosta� odaleziony: %s\n"
+
+#: g10/delkey.c:77 g10/export.c:161
 #, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: nie znaleziono u�ytkownika: %s\n"
+msgid "error reading keyblock: %s\n"
+msgstr "b��d odczytu bloku kluczy: %s\n"
 
-#: g10/export.c:164
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "klucz %08lX: nie jest w formacie RFC 2440 - pomini�ty\n"
 
-#: g10/export.c:175
-#, fuzzy, c-format
+#: g10/export.c:180
+#, c-format
 msgid "key %08lX: not protected - skipped\n"
-msgstr "klucz %08lX: nie jest w formacie RFC 2440 - pomini�ty\n"
+msgstr "klucz %08lX: nie jest chroniony - pomini�ty\n"
+
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "klucz %08lX: klucz PGP 2.x - pomini�ty\n"
 
-#: g10/export.c:225
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "OSTRZE�ENIE: nic nie zosta�o wyeksportowane!\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "zbyt wiele wpis�w w buforze kluczy publicznych - wy��czony\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "zbyt wiele wpis�w w buforze nieznanych kluczy - wy��czony\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[brak identyfikatora u�ytkownika]"
+
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+"Niepoprawny klucz %08lX uznany za poprawny przez --allow non-selfsigned-"
+"uid.\n"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "u�ywany jest podklucz %08lX zamiast klucza g��wnego %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr "klucz %08lX: klucz tajny bez klucza jawnego - pomini�ty\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: nie znaleziono u�ytkownika\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "blok typu %d zostaje pomini�ty\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu kluczy przetworzonych do tej chwili\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "b��d odczytu '%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "Og�em przetworzonych kluczy: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "            nowych podkluczy: %lu\n"
+msgstr "   pomini�tych nowych kluczy: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "          bez identyfikatora: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "         do��czono do zbioru: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "                   bez zmian: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "      nowych identyfikator�w: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "            nowych podkluczy: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "             nowych podpis�w: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "   nowych uniewa�nie� kluczy: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "   tajnych kluczy wczytanych: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "     tajnych kluczy dodanych: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr "    tajnych kluczy bez zmian: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "klucz %08lX: brak identyfikatora u�ytkownika\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "klucz %08lX: przyj�to identyfikator nie podpisany nim samym '%s'\n"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "klucz %08lX: brak poprawnych identyfikator�w u�ytkownika\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "to mo�e by� spowodowane brakiem podpisu w�a�ciciela klucza\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "klucz %08lX: brak klucza publicznego: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "klucz %08lX: nie jest w formacie RFC 2440 - pomini�ty\n"
+msgstr "klucz %08lX: nowy klucz - pomini�ty\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "brak zapisywalnego zbioru kluczy: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "zapis do '%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
-msgstr "b��d zapisu zbioru kluczy '%': %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
+msgstr "b��d zapisu zbioru kluczy '%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
-msgstr "klucz %08lX: klucz publiczny do��czony do zbioru\n"
+msgstr "klucz %08lX: klucz publiczny wczytano do zbioru\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "klucz %08lX: nie zgadza si� z lokalnie posiadan� kopi�\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "klucz %08lX: brak oryginalnego bloku klucza; %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "klucz %08lX: nie mo�na odczyta� oryginalnego bloku klucza; %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "klucz %08lX: 1 nowy identyfikator u�ytkownika\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "klucz %08lX: %d nowych identyfikator�w u�ytkownika\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "klucz %08lX: 1 nowy podpis\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "klucz %08lX: %d nowych podpis�w\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "klucz %08lX: 1 nowy podklucz\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "klucz %08lX: %d nowych podkluczy\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "klucz %08lX: bez zmian\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "brak domy�lego zbioru kluczy tajnych: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "Klucz %08lX: klucz tajny wczytany do zbioru\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "Klucz %08lX: ten klucz ju� znajduje si� w zbiorze\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "klucz %08lX: brak klucza tajnego: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "klucz %08lX: brak klucza publicznego - wczytany certyfikat \n"
 "uniwa�nienia nie mo�e by� zastosowany\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
-msgstr ""
-"klucz %08lX: niepoprawny certyfikat uniewa�nienia:\n"
-"%s - odrzucony\n"
+msgstr "klucz %08lX: niepoprawny certyfikat uniewa�nienia: %s - odrzucony\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "klucz %08lX: wczytany certyfikat uniewa�nienia\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "klucz %08lX: brak identyfikatora u�ytkownika do podpisu\n"
 
-#: g10/import.c:719 g10/import.c:743
+#: g10/import.c:839
 #, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
-msgstr ""
-"klucz %08lX: nie obs�ugiwany algorytm szyfrowania z kluczem publicznym\n"
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr "klucz %08lX: algorytm klucza publicznego \"%s\" nie jest obs�ugiwany\n"
 
-#: g10/import.c:720
+#: g10/import.c:841
 #, c-format
-msgid "key %08lX: invalid self-signature\n"
-msgstr "klucz %08lX: niepoprawny podpis w�a�ciciela klucza\n"
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "klucz %08lX: niepoprawny podpis na identyfikatorze \"%s\"\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "klucz %08lX: brak podklucza do dowi�zania\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "klucz %08lX: niepoprawne dowi�zanie podklucza\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr ""
+"klucz %08lX: nie obs�ugiwany algorytm szyfrowania z kluczem publicznym\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "klucz %08lX: przyj�to identyfikator nie podpisany nim samym '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "klucz %08lX: niepoprawne dowi�zanie podklucza\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "klucz %08lX: pomini�to identyfikator u�ytkownika '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "klucz %08lX: podklucz pomini�ty\n"
@@ -1942,570 +2186,837 @@ msgstr "klucz %08lX: podklucz pomini�ty\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr "klucz %08lX: podpis nieeksportowalny (klasa %02x) - pomini�ty\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr ""
 "klucz %08lX: certyfikat uniewa�nienia umieszczony w niew�a�ciwym \n"
 "miejscu - zosta� pomini�ty\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "klucz %08lX: niepoprawny certyfikat uniewa�nienia: %s - pomini�ty\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "key %08lX: powt�rzony identyfikator u�ytkownika - do��czony\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+"Ostrze�enie: klucz %08lX m�g� zosta� uniewazniony:\n"
+"             zapytanie o uniewa�niaj�cy klucz %08lX w serwerze kluczy\n"
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+"Ostrze�enie: klucz %08lX m�g� zosta� uniewa�niony:\n"
+"             brak uniewa�niaj�cego klucza %08lX.\n"
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "klucz %08lX: dodany certyfikat uniewa�nienia\n"
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1231
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "klucz %08lX: dost�pna kopia nie jest podpisana ni� sam�\n"
+msgid "key %08lX: direct key signature added\n"
+msgstr "klucz %08lX: dodano bezpo�redni podpis\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[uniewa�nienie]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[podpis klucza nim samym]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 niepoprawny podpis\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d niepoprawnych podpis�w\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 podpis nie zosta� sprawdzony z powodu braku klucza\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d podpis�w nie zosta�o sprawdzonych z powodu braku kluczy\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 podpis nie zosta� sprawdzony z powodu b��du\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d podpis�w nie sprawdzonych z powodu b��d�w\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "wykryto 1 identyfikator u�ytkownika bez podpisu w�a�ciciela klucza\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr ""
 "wykryto %d identyfikator�w u�ytkownika bez podpis�w w�a�ciciela klucza\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
+#, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "Identyfikator u�ytkownika \"%s\" zosta� uniewa�niony."
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Czy na pewno chcesz podpisa�? (t/N) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr " Nie da si� z�o�y� podpisu.\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"Tw�j podpis na \"%s\"\n"
+"jest podpisem prywatnym (lokalnym).\n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+"Czy chcesz zamieni� go na pe�ny, publiczny, eksportowalny podpis? (t/N) "
+
+#: g10/keyedit.c:388
 #, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "Ju� podpisano kluczem %08lX.\n"
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" jest ju� lokalnie podpisany kluczem %08lX\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" jest ju� podpisany kluczem %08lX\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Nie ma nic do podpisania kluczem %08lX.\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "Data wa�no�ci tego klucza up�yn�a!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Wa�no�� tego klucza wygasa %s.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr ""
+"Czy chcesz �eby wa�no�� Twojego podpisu wygasa�a w tej samej chwili? (T/n) "
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr "W trybie --pgp2 nie mo�na podpisywa� w formacie OpenPGP.\n"
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "To uczyni ten klucz nieuzytecznym dla PGP 2.x.\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Jak dok�adnie zosta�a przez Ciebie sprawdzona to�samo�� tej osoby?\n"
+"Je�li nie wiesz co odpowiedzie�, podaj \"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Nie odpowiem na to pytanie. %s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) W og�le nie.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) Pobie�nie.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) Bardzo dok�adnie.%s\n"
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
 msgstr ""
-"Czy jeste� naprawd� pewien �e chcesz podpisa� ten klucz\n"
+"Czy jeste� naprawd� pewien �e chcesz podpisa� ten klucz \n"
 "swoim kluczem: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr ""
+"\n"
+"Podpis zostanie oznaczony jako nieeksportowalny (prywatny).\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"Podpis zostanie oznaczony jako nie podlegaj�cy uniewa�nieniu.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"To�samo�� u�ytkownika nie zosta�a w og�le sprawdzona.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"To�samo�� u�ytkownika zosta�a sprawdzona pobie�nie.\n"
+
+#: g10/keyedit.c:561
+msgid ""
 "\n"
+"I have checked this key very carefully.\n"
 msgstr ""
-"Podpis zostanie oznaczony jako nieeksportowalny.\n"
 "\n"
+"To�samo�� u�ytkownika zosta�a dok�adnie sprawdzona.\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:569
 msgid "Really sign? "
-msgstr "Na pewno podpisa�? "
+msgstr "Czy na pewno podpisa�? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "z�o�enie podpisu nie powiod�o si�: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Ten klucz nie jest chroniony.\n"
 
-#: g10/keyedit.c:426
-#, fuzzy
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
-msgstr "klucz tajny nie jest dost�pny"
+msgstr "Cz�� tajna g��wnego klucza jest niedost�pna.\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "Klucz jest chroniony.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Tego klucza nie mo�na edytowa�: %s.\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
 msgstr ""
-"Wprowad� nowe wyra�enie przej�ciowe (has�o) dla tego klucza tajnego.\n"
+"Wprowad� nowe d�ugie has�o dla tego klucza tajnego.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
 msgstr ""
-"Nie chcesz poda� wyra�enia przej�ciowego (has�a) - to *z�y* pomys�!\n"
+"Nie chcesz has�a - to *z�y* pomys�!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Czy na pewno chcesz to zrobi�? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
-msgstr "przeniesienie podpis klucza na w�a�ciwe miejsce\n"
+msgstr "przenosz� podpis klucza na w�a�ciwe miejsce\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "wyj�cie z tego menu"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "w"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "zapis"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "zapis zmian i wyj�cie"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "pomoc"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "ten tekst pomocy"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "odc"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "okazanie odcisku klucza"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "lista"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "lista kluczy i identyfikator�w u�ytkownik�w"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "id"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "wyb�r identyfikatora u�ytkownika N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "klucz"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "wyb�r podklucza N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "lista"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "lista podpis�w"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "l"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "podpis"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "z�o�enie podpisu na kluczu"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "p"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lpodpis"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "z�o�enie lokalnego podpisu na kluczu"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nupodpis"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "z�o�enie na kluczu podpisu nie podlegaj�cego uniewa�nieniu"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nulpodpis"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "z�o�enie na kluczu lokalnego podpisu nie podlegaj�cego uniewa�nieniu"
+
+#: g10/keyedit.c:832
 msgid "debug"
-msgstr "�ledzenie"
+msgstr "�ledzenia"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "dodid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "dodanie nowego identyfikatora u�ytkownika do klucza"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "dodfoto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "dodanie zdj�cia u�ytkownika do klucza"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "usid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "usuni�cie identyfikatora u�ytkownika z klucza"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "usfoto"
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "dodkl"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "dodanie podklucza"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "uskl"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "usuni�cie podklucza"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
-msgstr "lpodpis"
+msgstr "uspod"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
-msgstr "lista podpis�w"
+msgstr "usuni�cie podpis�w"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "data"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "zmiana daty wa�no�ci klucza"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "g��wny"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "oznaczenie identyfikatora u�ytkownika jako g��wnego"
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "prze�"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "prze��czenie pomi�dzy list� kluczy publicznych i tajnych"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "p"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "opcje"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr "lista opcji"
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "ustawienia (zaawansowane)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "opcje"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "rozbudowana lista ustawie�"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "ustaw"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "ustawienie opcji klucza"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "aktopc"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "aktualizacja ustawie� klucza"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "has�o"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
-msgstr "zmiana wyra�enia przej�ciowego (has�a)"
+msgstr "zmiana has�a klucza"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "zaufanie"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "zmiana zaufania w�a�ciciela"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "unpod"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "uniewa�nienie podpisu"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "unpkl"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "uniewa�nienie podklucza"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "wy�kl"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "wy��czy� klucz z u�ycia"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "w�kl"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "w��czy� klucz do u�ycia"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "foto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "okazanie identyfikatora - zdj�cia"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "nie dzia�a w trybie wsadowym\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "b��d odczytu bloku klucza tajnego '%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Dost�pny jest klucz tajny.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Polecenie> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "Do wykonania tej operacji potrzebny jest klucz tajny.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
-msgstr ""
+msgstr "Najpierw trzeba u�y� polecenia \"prze�\".\n"
+
+#: g10/keyedit.c:1047
+msgid "Key is revoked."
+msgstr "Klucz uniewa�niony."
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Podpisa� wszystkie identyfikatory u�ytkownika na tym kluczu? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Podpowied�: wybierz identyfikatory u�ytkownika do podpisania.\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "naniesienie poprawek bazy zaufania nie powiod�o si�: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "To polecenie nie jest dost�pne w trybie %s.\n"
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Musisz wybra� co najmniej jeden identyfikator u�ytkownika.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Nie mo�esz usun�� ostatniego identyfikatora u�ytkownika!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "Czy na pewno usun�� wszystkie wybrane identyfikatory u�ytkownika? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Czy na pewno usun�� ten identyfikator u�ytkownika? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Musisz wybra� co najmniej jeden klucz.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "Czy na pewno chcesz usun�� wybrane klucze? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "Czy na pewno chcesz usun�� ten klucz? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "Czy na pewno chcesz uniewa�ni� wybrane klucze? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "Czy na pewno chcesz uniewa�ni� ten klucz? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr ""
+"Czy na pewno zaktualizowa� ustawienia klucza dla wybranych identyfikator�w? "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Czy na pewno usaktualni� ustawienia? "
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Zapisa� zmiany? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Wyj�� bez zapisania zmian? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "naniesienie poprawek nie powiod�o si�: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "naniesienie poprawek na kluczu tajnym nie powiod�o si�: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr ""
-"Klucz nie zosta� zmieniony wi�c nanoszenie poprawek nie jest konieczne.\n"
+"Klucz nie zosta� zmieniony wi�c naniesienie poprawek nie jest konieczne.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
-msgstr "Niepoprawne polecenie  (spr�buj \"help\")\n"
+msgstr "Niepoprawna komenda  (spr�buj \"help\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "Klucz mo�e zosta� uniewa�niony przez klucz %s %s%s.\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (poufne)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  utworzony: %s, wa�ny do: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " zaufanie: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
-msgstr "Ten klucz zosta� wy��czony z u�ycia"
+msgstr "Ten klucz zosta� wy��czony z u�ytku"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "klucz %08lX: podklucz zosta� uniewa�niony!\n"
+msgstr "podklucz zosta� uniewa�niony: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr "   nowych uniewa�nie� kluczy: %lu\n"
+msgstr "fa�szywy certyfikat uniewa�nienia\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "problem przy sprawdzaniu uniewa�nienia: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
 msgstr ""
+"Pokazana warto�� wiarygodno�ci klucza mo�e by� niepoprawna dop�ki program "
+"nie\n"
+"zostanie uruchomiony ponownie.\n"
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"OSTRZE�ENIE: Do tego klucza dodano ju� zdj�cie u�ytkownika.\n"
+"             Dodanie drugiego spowoduje, �e niekt�re wersje PGP przestan�\n"
+"             rozumie� ten klucz.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Czy dalej chcesz je doda�? (t/N) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "Do klucza mo�na do��czy� tylko jedno zdj�cie.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"OSTRZE�ENIE: To jest klucz PGP wersji 2. Dodanie zdj�cia spowoduje, �e "
+"niekt�re \n"
+"             wersje przestan� go rozumie�.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "Do klucza dla wersji 2 PGP nie mo�na doda� zdj�cia.\n"
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
-msgstr "Usun�� ten poprawny podpis? (t/N/w)"
+msgstr "Usun�� ten poprawny podpis? (t/N/w) "
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
-msgstr "Usun�� ten niepoprawny podpis? (t/N/w)"
+msgstr "Usun�� ten niepoprawny podpis? (t/N/w) "
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
-msgstr "Usun�� ten nieznany podpis? (t/N/w)"
+msgstr "Usun�� ten nieznany podpis? (t/N/w) "
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
-msgstr "Na pewno usun�� ten podpis klucza nim samym? (t/N)"
+msgstr "Na pewno usun�� ten podpis klucza nim samym? (t/N) "
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "%d podpis usuni�ty.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "%d podpis�w usuni�tych.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Nic nie zosta�o usuni�te.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Prosz� usun�� znacznik wyboru z kluczy tajnych.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
-msgstr "Prosz� wybra� najwy�ej jeden podklucz.\n"
+msgstr "Prosz� wybra� tylko jeden podklucz.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "Zmiana daty wa�no�ci podklucza.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "Zmiana daty wa�no�ci g��wnego klucza.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Nie mo�na zmieni� daty wa�no�ci klucza w wersji 3.\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Brak odpowiadaj�cego podpisu w zbiorze kluczy tajnych\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Prosz� wybra� dok�adnie jeden identyfikator u�ytkownika.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Brak identyfikatora u�ytkownika o numerze %d.\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
-msgstr "Brak podklucza o indeksie %d\n"
+msgstr "Brak podklucza o numerze %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "Identyfikator u�ytkownika: "
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2514,427 +3025,589 @@ msgstr ""
 "\"\n"
 "podpisano Twoim kluczem %08lX w %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
-msgstr "Stworzy� certyfikat uniewa�nienia tego podpisu? (t/N)"
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"lokalnie podpisano Twoim kluczem %08lX w %s\n"
+
+#: g10/keyedit.c:2457
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Wa�no�� tego klucza wygas�a %s.\n"
+
+#: g10/keyedit.c:2461
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Czy dalej chcesz go uniewa�ni�? (t/N) "
+
+#: g10/keyedit.c:2465
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr "Stworzy� certyfikat uniewa�nienia tego podpisu? (t/N) "
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
-msgstr "Te identyfikatory s� podpisane przez ciebie:\n"
+msgstr "Te identyfikatory u�ytkownik�w s� podpisane przez Ciebie:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
+#: g10/keyedit.c:2504
 #, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "   podpisany kluczem %08lX w %s\n"
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "podpisany przez %08lX w %s%s%s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
-msgstr "uniewa�niony kluczem %08lX w %s\n"
+msgstr "uniewa�niony przez %08lX w %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Czy na pewno chcesz uniewa�ni� te podpisy:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
-msgstr "Na pewno utworzy� certyfikaty uniewa�nienia ? (t/N)"
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "podpisany przez %08lX w %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr " (podpis nieeksportowalny) "
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2551
+msgid "Really create the revocation certificates? (y/N) "
+msgstr "Na pewno utworzy� certyfikaty uniewa�nienia ? (t/N) "
+
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "brak klucza tajnego\n"
 
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "b��d w opakowaniu ASCII"
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr "Zdj�cie w formacie %s, rozmiar %ld bajt�w, klucz 0x%08lX (id %d).\n"
 
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "unpkl"
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Regulamin podpisu: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "OSTRZE�ENIE: niepoprawne dane w adnotacji\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Adnotacje podpisu: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "nieczytelne dla cz�owieka"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "Zbi�r kluczy"
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
-#, fuzzy, c-format
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
 msgid " [expires: %s]"
-msgstr "Data wa�no�ci klucza: %s\n"
+msgstr " [wygasa :%s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Odcisk klucza:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "                  Odcisk:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "     Odcisk klucza ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "dane zaszyfrowano za pomoc� %s\n"
 
-#: g10/mainproc.c:212
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "dane zaszyfrowano nieznanym algorytmem numer %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "klucz publiczny %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "dane zaszyfrowane kluczem publicznym: poprawny klucz sesyjny\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
-msgstr "d�ugo�� %u bit�w, typ %s, klucz %08lX, stworzony %s\n"
+msgstr "Zaszyfrowano %u-bitowym kluczem %s, numer %08lX, stworzonym %s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
-msgstr "zaszyfrowane kluczem %s, o identyfikatorze %08lX\n"
+msgstr "Zaszyfrowano kluczem %s, o numerze %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "odszyfrowuj�cy klucz tajny do jest niedost�pny\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "b��d odszyfrowywania kluczem publicznym: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "przyjmuj�c �e dane zosta�y zaszyfrowane za pomoc� %s\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr "szyfr IDEA nie jest dost�pny, %s zostanie wykorzystany zamiast niego\n"
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
-msgstr "odszyfrowane poprawnie\n"
+msgstr "odszyfrowanie poprawne\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
-msgstr "OSTRZE�ENIE: dokonano manipulacji zaszyfrowan� wiadomo�ci�!\n"
+msgstr "OSTRZE�ENIE: zaszyfrowana wiadomo�� by�a manipulowana!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr "b��d odszyfrowywania: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
-msgstr "UWAGA: nadawca zaznaczy� �e wiadomo�� nie powinna by� zapisywana!\n"
+msgstr "UWAGA: nadawca zaznaczy� �e wiadomo�� nie powinna by� zapisywana\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "pierwotna nazwa pliku='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr ""
-"oddzielony certyfikat uniewa�nienia - wywo�aj \"gpg --import\" aby go u�y�\n"
+"osobny certyfikat uniewa�nienia - u�yj ,,gpg --import'' aby go przyj��\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "OSTRZE�ENIE: niepoprawne dane w adnotacji\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Adnotacja: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Regulamin: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "wymuszono pomini�cie sprawdzenia podpisu\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "nie mo�na obs�uzy� tych wielokrotnych podpis�w\n"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
-msgstr ""
-"Podpis z�o�ony %.*s za pomoc� %s,\n"
-"z u�yciem klucza o identyfikatorze %08lX\n"
+msgstr "Podpisano w %.*s kluczem %s o numerze %08lX.\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "NIEPOPRAWNY podpis z�o�ony przez \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Przeterminowany podpis z�o�ony przez \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Poprawny podpis z�o�ony przez \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[niepewne]"
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "                        alias \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Nie mo�na sprawdzi� podpisu: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "nie jest oddzielonym podpisem.\n"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
-msgstr "oddzielony podpis klasy 0x%02x\n"
+msgstr "oddzielony podpis klasy 0x%02x.\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
-msgstr "podpis starego typu (PGP 2.x)\n"
+msgstr "podpis starego typu (PGP 2.x).\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "wykryto niepoprawny pakiet pierwotny w proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "nie mo�na wy��czy� zrzut�w pami�ci: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Nie nale�y u�ywa� algorytm�w do�wiadczalnych!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
 msgstr ""
-"ten algorytm szyfruj�cy jest odradzany; prosz� u�ywa� bardziej "
-"standardowych!\n"
+"u�ywanie tego szyfru jest odradzane; nale�y u�ywa� standardowych szyfr�w!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Ostrze�enie: niebezpieczne prawa w�asno�ci do %s \"%s\".\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Ostrze�enie: niebezpieczne prawa dost�pu do %s \"%s\".\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "modu� szyfru IDEA nie jest dost�pny\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr "wi�cej informacji jest tutaj: http://www.gnupg.org/why-not-idea.html\n"
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
-msgstr "algorytm klucza publicznego niemo�liwy do obs�u�enia: %d\n"
+msgstr "nie mo�na obs�u�y� tego algorytmu klucza publicznego: %d\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "podpakiet typu %d ma ustawiony krytyczny bit\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
-msgstr ""
+msgstr "gpg-agent nie jest dost�pny w tej sesji\n"
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "nie mo�na ustawi� numeru procesu klienckiego agenta\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "serwer nie chce czyta� deskryptora dla agenta\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "serwer nie chce pisa� deskryptora dla agenta\n"
+
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
-msgstr ""
+msgstr "z�y format zmiennej GPG_AGENT_INFO\n"
 
-#: g10/hkp.c:158 g10/passphrase.c:223
-#, fuzzy, c-format
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "wersja %d protoko�u agenta nie jest obs�ugiwana\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
 msgid "can't connect to `%s': %s\n"
-msgstr "nie mo�na otworzy� %s: %s\n"
+msgstr "nie mo�na si� po��czy� z ,,%s'': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "problem z porozumiewaniem si� z gpg-agentem\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "problem z agentem - zostaje wy��czony\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
-msgstr ""
-" \n"
-"(identyfikator g��wnego klucza %08lX)"
+msgstr " (podklucz %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
-"Musisz poda� wyra�enie przej�ciowe (has�o) aby uaktywni� klucz tajny\n"
-"dla u�ytkownika: \""
+"Musisz poda� has�o aby odbezpieczy� klucz tajny u�ytkownika:\n"
+"\"%.*s\".\n"
+"Klucz o d�ugo�ci %u bit�w, typ %s, numer %08lX, stworzony %s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Wyra�enie przej�ciowe: "
+msgstr "Has�o\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "Powt�rzone wyra�enie przej�ciowe: "
+msgstr "Powt�rzone has�o\n"
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
-#, fuzzy
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr "linia za d�uga\n"
+msgstr "has�o zbyt d�ugie\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "b��dna odpowied� agenta\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "anulowano przez u�ytkownika\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "problem agenta: zwr�ci� 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
 "user: \""
 msgstr ""
 "\n"
-"Musisz poda� wyra�enie przej�ciowe (has�o) aby uaktywni� klucz tajny\n"
-"dla u�ytkownika: \""
+"Musisz poda� has�o aby odbezpieczy� klucz tajny u�ytkownika:\n"
+"\""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
-msgstr "d�ugo�� %u bit�w, typ %s, klucz %08lX, stworzony %s"
+msgstr "d�ugo�� %u bit�w, typ %s, numer %08lX, stworzony %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "pytanie o has�o nie dzia�a w trybie wsadowym\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
-msgstr "Wyra�enie przej�ciowe: "
+msgstr "Podaj has�o: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
-msgstr "Powt�rzone wyra�enie przej�ciowe: "
+msgstr "Powt�rz has�o: "
 
 #: g10/plaintext.c:67
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr ""
-"dane nie zosta�y zapisane; nale�y u�y� opcji \"--output\" aby je zapisa�\n"
+"dane nie zosta�y zapisane; aby to zrobi�, nale�y u�y� opcji \"--output\"\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "b��d tworzenia `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
-msgstr "Podpis oddzielony.\n"
+msgstr "Podpis oddzielony od danych.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Nazwa pliku danych: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
-msgstr "odczyt ze strumienia standardowego wej�cia...\n"
+msgstr "czytam strumie� standardowego wej�cia\n"
+
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "brak podpisanych danych\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "nie mo�na otworzy� podpisanego pliku '%s'\n"
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
-msgstr "adresat anonimowy; pr�ba klucza tajnego %08lX ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
+msgstr "adresat anonimowy; sprawdzanie %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "OK, to my jeste�my adresatem anonimowym.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "stary, nie obs�ugiwany algorytm szyfrowania klucza sesyjnego\n"
 
-#: g10/pubkey-enc.c:216
-#, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "%d - algorytm ochrony nie obs�ugiwany\n"
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "algorytm szyfruj�cy %d%s jest nieznany, b�d� te� zosta� wy��czony\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr "UWAGA: brak algorytmu szyfruj�cego %d w ustawieniach\n"
 
-#: g10/pubkey-enc.c:261
-#, fuzzy, c-format
+#: g10/pubkey-enc.c:242
+#, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "UWAGA: klucz podpisuj�cy przekroczy� dat� wa�no�ci %s\n"
+msgstr "UWAGA: wa�no�� klucza tajnego %08lX wygas�a %s\n"
 
-#: g10/hkp.c:62
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "zapytanie o klucz %08lX w serwerze HKP %s\n"
 
-#: g10/hkp.c:75
-#, fuzzy, c-format
+#: g10/hkp.c:94
+#, c-format
 msgid "can't get key from keyserver: %s\n"
-msgstr "niemo�liwy jest zapis do zbioru kluczy: %s\n"
-
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
-
-#: g10/hkp.c:106
-#, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "'%s\" nie jest w�a�ciwym identyfikatorem klucza\n"
+msgstr "nie mo�na pobra� klucza z serwera: %s\n"
 
-#: g10/hkp.c:182
-#, fuzzy, c-format
+#: g10/hkp.c:171
+#, c-format
 msgid "error sending to `%s': %s\n"
-msgstr "b��d odczytu '%s': %s\n"
+msgstr "b��d przy wysy�aniu do '%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
-msgstr ""
+msgstr "wysy�anie do '%s' powiod�o si� (status=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
-msgstr ""
+msgstr "wysy�anie do '%s' nie powiod�o si� (status=%u)\n"
 
-#: g10/seckey-cert.c:89
-#, fuzzy
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "zapytanie o \"%s\" w serwerze HKP %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "nie mo�na przeszuka� serwera: %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
-msgstr "klucz tajny nie jest dost�pny"
+msgstr "tajne cz�ci klucza s� niedost�pne\n"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
 #, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "%d - algorytm ochrony nie obs�ugiwany\n"
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "algorytm ochrony %d%s nie jest obs�ugiwany\n"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr ""
-"Niepoprawne wyra�enie przej�ciowe (has�o); prosz� spr�bowa� ponownie ...\n"
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Niepoprawne has�o; prosz� spr�bowa� ponownie"
+
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr ""
-"OSTRZE�ENIE: Wykryto klucz s�aby algorytmu - nale�y ponownie zmieni� \n"
-"             wyra�enie przej�ciowe (has�o).\n"
+"OSTRZE�ENIE: Wykryto klucz s�aby algorytmu - nale�y ponownie zmieni� has�o.\n"
+
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+"tworzenie przestarza�ej 16-bitowej sumy kontrolnej dla ochrony klucza\n"
 
-#: g10/sig-check.c:279
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "Klucz algorytmu ElGamala wygenerowany przez PGP - podpisy nim sk�adane\n"
 "nie zapewniaj� bezpiecze�stwa!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "klucz publiczny jest o %lu sekund m�odszy od podpisu\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "klucz publiczny jest o %lu sekund m�odszy od podpisu\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "UWAGA: klucz podpisuj�cy przekroczy� dat� wa�no�ci %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "UWAGA: klucz podpisuj�cy %08lX przekroczy� dat� wa�no�ci %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr ""
 "przyj�to niewa�no�� podpisu z powodu ustawienia nieznanego bitu krytycznego\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"OSTRZE�ENIE: nie mo�na rozkodowa� urla regulaminu, pozostanie zakodowany.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "sprawdzenie z�o�onego podpisu nie powiod�o si�: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "%s podpis z�o�ony przez: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "OSTRZE�ENIE: plik '%s' jest pusty\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "w trybie --pgp2 mo�na podpisywa� tylko za pomoc� kluczy z wersji 2.x\n"
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
-msgstr "nie mo�na stworzy� %s: %s\n"
+msgstr "nie mo�na utworzy� %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "podpis:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "w trybie --pgp2 mo�na podpisywa� tylko za pomoc� kluczy z wersji 2.x\n"
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "OSTRZE�ENIE: plik '%s' jest pusty\n"
+msgid "%s encryption will be used\n"
+msgstr "zostanie u�yty szyfr %s\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2946,473 +3619,243 @@ msgstr "nie mo�na obs�u�y� linii tekstu d�u�szej ni� %d znak�w\n"
 msgid "input line longer than %d characters\n"
 msgstr "linia d�u�sza ni� %d znak�w\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "baza zaufania, wpis %lu: lseek() nie powiod�a si�: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr "baza zaufania, wpis %lu: zapis nie powi�d� si� (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "zbyt du�e zlecenie dla bazy zaufania\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: dost�p niemo�liwy: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: katalog nie istnieje!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: nie mo�na utworzy�: %s\n"
+msgid "%s: can't create lock\n"
+msgstr "%s: nie mo�na utworzy� blokady\n"
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:480 g10/tdbio.c:544
 #, c-format
-msgid "%s: can't create lock\n"
+msgid "%s: can't make lock\n"
 msgstr "%s: nie mo�na utworzy� blokady\n"
 
-#: g10/tdbio.c:473
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: nie mo�na utworzy�: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
-msgstr "%s: utworzenie zapisu o wersji nie powiod�o si�: %s"
+msgstr "%s: stworzenie zapisu o wersji nie powiod�o si�: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
-msgstr "%s: utworzono niepoprawny plik bazy zaufania\n"
+msgstr "%s: stworzony niepoprawny plik bazy zaufania\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: baza zaufania utworzona\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: niepoprawny plik bazy zaufania\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: tworzenie tablicy skr�t�w nie powiod�o si�: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: b��d przy uaktualnianiu numeru wersji: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: b��d odczytu numeru wersji: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: b��d zapisu numeru wersji: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "baza zaufania: procedura lseek() zawiod�a: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "baza zaufania: procedura read() (n=%d) zawiod�a: %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
-msgstr "%s: nie jest plikiem bazy zaufania\n"
+msgstr "%s: to nie jest plik bazy zaufania\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: wpis wersji z numerem %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: niew�a�ciwa wersja pliku %d\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
-msgstr "%s: b��d odczytu wolnego wpisu: %s\n"
+msgstr "%s: b��d odczytu pustego wpisu: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: b��d zapisu wpisu katalogowego: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: zerowanie rekordu nie powiod�o si�: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: dopisanie rekordu nie powiod�o si�: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr ""
-"Baza zaufania jest uszkodzona; prosz� uruchomi� \"gpgm --fix-trust-db\".\n"
+"Baza zaufania jest uszkodzona; prosz� uruchomi� \"gpg --fix-trustdb\".\n"
 
-#: g10/trustdb.c:169
+#: g10/trustdb.c:200
 #, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "wpis zaufania %lu, typ zapytania %d: odczyt nie powi�d� si�: %s\n"
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' nie jest poprawnym d�ugim numerem klucza\n"
 
-#: g10/trustdb.c:184
+#: g10/trustdb.c:235
 #, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "wpis zaufania %lu, typ zapytania %d: zapis nie powi�d� si�: %s\n"
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "klucz %08lX: zaakceptowany jako klucz zaufany\n"
 
-#: g10/trustdb.c:198
+#: g10/trustdb.c:274
 #, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "wpis zaufania %lu: usuni�cie nie powiod�o si� %s\n"
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "klucz %08lX jest wpisany wi�cej ni� raz w bazie zaufania\n"
 
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "baza zaufania: synchronizacja nie powiod�a si� %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "b��d odczytu wpisu katalogowego dla LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: oczekiwany wpis katalogowy, napotkano typ %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "brak klucza g��wnego dla LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "b��d odczytu g��wnego klucza dla LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: funkcja search_record zawiod�a: %s\n"
-
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "'%s\" nie jest w�a�ciwym identyfikatorem klucza\n"
-
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "klucz %08lX: wpisanie do bazy zaufania niemo�liwe\n"
-
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "klucz %08lX: wyszukanie zapisu nie powiod�o si�\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "klucz %08lX: ju� znajduje si� w tablicy kluczy zaufanych\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "Klucz %08lX: zaakceptowany jako klucz zaufany.\n"
-
-#: g10/trustdb.c:547
+#: g10/trustdb.c:290
 #, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
 msgstr ""
-"klucz %08lX: brak klucza publicznego dla klucza zaufanego - pomini�ty\n"
-
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "UWAGA: klucz tajny %08lX NIE jest chroniony.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "klucz %08lX: klucz tajny nie pasuje do klucza jawnego\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "wyliczenie kluczy tajnych nie powiod�o si� %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "klucz %08lX.%lu Dobre dowi�zanie podklucza\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "klucz %08lX.%lu: Niepoprawne dowi�zanie podklucza %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "klucz %08lX.%lu: Poprawne uniewa�nienie klucza\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "klucz %08lX.%lu: Niew�a�ciwe uniewa�nienie klucza: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "klucz %08lX.%lu: Poprawne uniewa�nienie podklucza\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Poprawny podpis klucza nim samym"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Niepoprawny podpis klucza nim samym"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr ""
-"Poprawne uniewa�nienie identyfikatora u�ytkownika pomini�te z powodu\n"
-"nowszego podpisu tym samym kluczem"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Poprawne uniewa�nienie identyfikatora u�ytkownika"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Niepoprawne uniewa�nienie identyfikatora u�ytkownika"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Poprawne uniewa�nienie certyfikatu"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Poprawny certyfikat"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Niepoprawne uniewa�nienie certyfikatu"
+"klucz %08lX: brak klucza publicznego dla zaufanego klucza - pomini�ty\n"
 
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Niepoprawny certyfikat"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "zapis o podpisach %lu[%d] wskazuje na z�y wpis.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "podw�jny certyfikat - usuni�ty"
-
-#: g10/trustdb.c:1661
+#: g10/trustdb.c:332
 #, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "Procedura tdbio_search_dir nie powiod�a si�: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: wpisanie nie powiod�o si�: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: wpisanie nie powiod�o si�: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: wpisany\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "b��d podczas odczytu wpisu katalogowego: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu kluczy przetworzonych\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu kluczy z b��dami\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu kluczy wpisanych\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "wpis zaufania %lu, typ zapytania %d: odczyt nie powi�d� si�: %s\n"
 
-#: g10/trustdb.c:1826
+#: g10/trustdb.c:338
 #, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "wyliczenie blok�w kluczy nie powiod�o si�: %s\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "wpis zaufania %lu jest typu innego ni� poszukiwany %d\n"
 
-#: g10/trustdb.c:1874
+#: g10/trustdb.c:353
 #, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: wpis katalogowy bez bloku klucza - pomini�ty\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "wpis zaufania %lu, typ zapytania %d: zapis nie powi�d� si�: %s\n"
 
-#: g10/trustdb.c:1884
+#: g10/trustdb.c:368
 #, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu z powodu nowych kluczy publicznych\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "baza zaufania: synchronizacja nie powiod�a si� %s\n"
 
-#: g10/trustdb.c:1886
-#, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu kluczy pomini�tych\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "sprawdzanie bazy jest niepotrzebne\n"
 
-#: g10/trustdb.c:1890
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu kluczy uaktualnionych\n"
+msgid "next trustdb check due at %s\n"
+msgstr "nast�pne sprawdzanie bazy odb�dzie si� %s\n"
 
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Oops, brak kluczy\n"
-
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Oops, brak identyfikator�w u�ytkownik�w\n"
-
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: poszukiwanie wpisu katalogowego nie powiod�o si�: %s\n"
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "sprawdzanie bazy zaufania\n"
 
-#: g10/trustdb.c:2406
+#: g10/trustdb.c:933
 #, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "klucz %08lX: wprowadzenie wpisu zaufania nie powiod�o si�: %s\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "klucz publiczny %08lX nie odnaleziony: %s\n"
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:1515
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "Klucz %08lX.%lu: wprowadzony do bazy zaufania\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "klucz publiczny absolutnie zaufanego klucza %08lX nie odnaleziony\n"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:1593
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 msgstr ""
-"Klucz %08lX.%lu: stworzony w przysz�o�ci (zaburzenia czasoprzestrzeni,\n"
-"lub �le ustawiony zegar systemowy)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "klucz %08lX.%lu: okres wa�no�ci up�yn�� %s\n"
-
-#: g10/trustdb.c:2441
-#, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "klucz %08lX.%lu: b��d przy sprawdzaniu zaufania: %s\n"
-
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "u�ytkownik '%s' nie odnaleziony: %s\n"
+"sprawdzanie na g��boko�ci %d podpis�w =%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%"
+"d)\n"
 
-#: g10/trustdb.c:2594
-#, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "problem podczas szukania '%s' w bazie zaufania: %s\n"
-
-#: g10/trustdb.c:2597
-#, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "brak u�ytkownika '%s' w bazie zaufania - dodano\n"
-
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "umieszczenie '%s' w bazie zaufania nie powiod�o si�: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "OSTRZE�ENIE: d�ugie wpisy ustawie� jeszcze nie s� obs�ugiwane.\n"
-
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
 "should be the first file given on the command line.\n"
 msgstr ""
-"podpis niemo�liwy do sprawdzenia.\n"
-"Nale�y pami�ta� aby plik zawieraj�cy podpis (.sig lub .asc)<\n"
-"by� pierwszym plikiem podanym w linii polece�.\n"
+"nie mo�na sprawdzi� podpisu.\n"
+"Nale�y pami�ta� o podawaniu pliku podpisu (.sig lub .asc) jako pierwszego\n"
+"argumentu linii polece�.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
-msgstr "linia wej�ciowa %u jest zbyt d�uga lub brakuje jej zako�czenia\n"
-
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: stworzenie zbioru kluczy jest niemo�liwe: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: zbi�r kluczy utworzony\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "OSTRZE�ENIE: Istniej� dwa pliki z poufnymi informacjami.\n"
+msgstr "linia wej�cia %u zbyt d�uga lub brak znaku LF\n"
 
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s pozosta� bez zmian\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"klucz nie jest oznaczony jako niepewny - nie mo�na go u�y� z atrap� \n"
+"generatora liczb losowych!\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the new one\n"
-msgstr "%s zosta� utworzony\n"
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Prosz� usun�� to naruszenie zasad bezpiecze�stwa.\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "pomini�ty '%s': duplikat\n"
 
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "pomini�ty '%s': %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "pomini�ty: klucz tajny ju� znajduje si� w bazie\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3431,89 +3874,98 @@ msgstr "Plik '%s' ju� istnieje. "
 msgid "Overwrite (y/N)? "
 msgstr "Nadpisa� (t/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: nieznana ko�c�wka\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Nazwa pliku"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "zapisywanie na wyj�cie standardowe\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "przyj�to obecno�� podpisanych danych w '%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: stworzono nowy plik ustawie�\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: nie mo�na utworzy� katalogu: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: katalog utworzony\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
-msgstr "musisz uruchomi� GnuPG od nowa aby wczyta� nowe ustawienia\n"
-
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "zaszyfrowane nieznanym algorytmem %d\n"
+msgstr "aby u�y� nowego pliku ustawie�, nale�y od nowa uruchomi� GnuPG\n"
 
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "%s zaszyfrowane dane\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "OSTRZE�ENIE: wiadomo�� by�a szyfrowana s�abym kluczem szyfru symetrycznego.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "problem podczas obr�bki pakietu szyfrowego\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "wygenerowano s�aby klucz - operacja zostaje powt�rzona\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "brak mo�liwo�ci generacji dobrego klucza dla szyfru symetrycznego;\n"
 "operacja by�a powtarzana %d razy!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "dla tego klucza publicznego istnieje klucz tajny!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "nale�y najpierw go usun�� opcj� \"--delete-secret-key\".\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr ""
+"Algorytm DSA wymaga u�ycia algorytmu skr�tu daj�cego 160-bitowy wynik.\n"
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
-msgstr "nie dzia�a w trybie wsadowym bez opcji \"--yes\"\n"
+msgstr "bez opcji \"--yes\" nie dzia�a w trybie wsadowym\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Usun�� ten klucz ze zbioru? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
-msgstr "To jest klucz tajny - czy na pewno go usun��? "
+msgstr "To jest klucz tajny! - czy na pewno go usun��? "
+
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "usuni�cie bloku klucza nie powiod�o si�: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr "informacja o zaufaniu dla w�a�ciciela klucza zosta�a wymazana\n"
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "dla klucza publicznegi ,,%s'' jest klucz tajny!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "aby go usun�� nalezy najpierw u�y� opcji \"--delete-secret-key\".\n"
 
 #: g10/helptext.c:47
 msgid ""
@@ -3522,27 +3974,40 @@ msgid ""
 "to do with the (implicitly created) web-of-certificates."
 msgstr ""
 "Te wartosci u�ytkownik przydziela wg swojego uznania; nie b�d� nigdy\n"
-"eksportowane poza ten system. Potrzebne s� one do zbudowania paj�czyny\n"
+"eksportowane poza ten system. Potrzebne s� one do zbudowania sieci\n"
 "zaufania, i nie ma to nic wsp�lnego z tworzon� automatycznie sieci�\n"
 "certyfikat�w."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Aby zbudowa� Sie� Zaufania, GnuPG potrzebuje zna� klucze do kt�rych\n"
+"masz absolutne zaufanie. Zwykle s� to klucze do kt�rych masz klucze\n"
+"tajne. Odpowiedz \"tak\", je�li chcesz okre�li� ten klucz jako klucz\n"
+"do kt�rego masz absolutne zaufanie.\n"
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr ""
-"Je�li mimo wszystko chcesz u�y� tego uniewa�nionego klucza, odpowiedz "
-"\"tak\"."
+"Je�li mimo wszystko chcesz u�y� tego uniewa�nionego klucza, odpowiedz \"tak"
+"\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr ""
-"Je�li mimo wszystko chcesz u�y� tego nie zaufanego klucza, odpowiedz \"tak\"."
+"Je�li mimo wszystko chcesz u�y� tego klucza, klucza, co do kt�rego nie ma\n"
+"�adnej pewno�ci do kogo nale�y, odpowiedz \"tak\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
-msgstr "Podaj nazwy u�ytkownika adresat�w tej wiadomo�ci."
+msgstr "Podaj adresat�w tej wiadomo�ci."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3564,68 +4029,68 @@ msgid ""
 msgstr ""
 "Wyb�r algorytmu.\n"
 "\n"
-"DSA (zwany te� DSS) to algorytm podpisu cyfrowego, i tylko do sk�adania\n"
-"podpis�w mo�e on by� u�ywany. Jest to preferowany algorytm poniewa� "
-"sk�adane\n"
-"nim podpisy sprawdza si� du�o szybciej ni� te sk�adane algorytmem ElGamala.\n"
+"DSA (zwany te� DSS) to algorytm podpisu cyfrowego i tylko do sk�adania\n"
+"podpis�w mo�e by� u�ywany. Jest to preferowany algorytm poniewa�\n"
+"sk�adane nim podpisy sprawdza si� du�o szybciej ni� te sk�adane\n"
+"algorytmem ElGamala.\n"
 "\n"
-"Algorytm ElGamala mo�e by� u�ywany zar�wno do podpis�w jak i do "
-"szyfrowania.\n"
-"Standard OpenPGP rozr�nia dwa typy tego algorytmu - tylko do szyfrowania,\n"
-"oraz do szyfrowania i podpisywania. Faktycznie algorytm pozostaje bez zmian\n"
-"ale pewne parametry musz� by� odpowiednio dobrane aby stworzy� klucz kt�rym\n"
-"mo�na sk�ada� bezpieczne podpisy. Ten program obs�uguje oba typy ale inne\n"
-"implementacje nie musz� rozumie� kluczy do podpis�w i szyfrowania\n"
+"Algorytm ElGamala mo�e by� u�ywany zar�wno do podpis�w jak i do\n"
+"szyfrowania.  Standard OpenPGP rozr�nia dwa typy tego algorytmu -\n"
+"tylko do szyfrowania, oraz do szyfrowania i podpisywania. Faktycznie\n"
+"algorytm pozostaje bez zmian ale pewne parametry musz� by� odpowiednio\n"
+"dobrane aby stworzy� klucz kt�rym mo�na sk�ada� bezpieczne\n"
+"podpisy. Ten program obs�uguje oba typy ale inne implementacje nnie\n"
+"musz� rozumie� kluczy do podpis�w i szyfrowania\n"
 "\n"
-"G��wny klucz musi by� kluczem podpisuj�cym, jest to powodem dla kt�rego w "
-"tym\n"
-"menu nie ma mo�no�ci wyboru klucza ElGamala do szyfrowania."
+"G��wny klucz musi by� kluczem podpisuj�cym, jest to powodem dla\n"
+"kt�rego w tym menu nie ma mo�no�ci wyboru klucza ElGamala do\n"
+"szyfrowania."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
 "with them are quite large and very slow to verify."
 msgstr ""
-"Ten typ klucza jest zdefiniowany w RFC2440, jednak�e jest on odradzany gdy�\n"
-"nie jest obs�ugiwany przez wszystkie programy, a podpisy nim sk�adane s� "
-"du�e\n"
-"i ich sprawdzanie trwa d�ugo."
+"Ten typ klucza jest zdefiniowany w RFC2440, jednak�e jest on odradzany\n"
+"gdy� nie jest obs�ugiwany przez wszystkie programy, a podpisy nim\n"
+"sk�adane s� du�e i ich sprawdzanie trwa d�ugo."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Wprowad� rozmiar klucza"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
-msgstr "Odpowiedz \"tak\" lub \"nie\"."
+msgstr "Odpowied� \"tak\" lub \"nie\"."
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
 "get a good error response - instead the system tries to interpret\n"
 "the given value as an interval."
 msgstr ""
-"Wprowad� ��dan� warto�� (jak w znaku zach�ty). Mo�na tu poda� dat� w\n"
-"formacie ISO (RRRR-MM-DD) ale nie da to w�a�ciwej obs�ugi b��d�w - system\n"
-"pr�buje interpretowa� podan� warto�� jako okres."
+"Wprowad� ��dan� warto�� (jak w znaku zach�ty).  \n"
+"Mo�na tu poda� dat� w formacie ISO (RRRR-MM-DD) ale nie da to\n"
+"w�a�ciwej obs�ugi b��d�w - system pr�buje interpretowa� podan� warto��\n"
+"jako okres."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Nazwa w�a�ciciela klucza."
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
-msgstr "prosz� wprowadzi� opcjonalny ale mocno doradzany adres e-mail"
+msgstr "prosz� wprowadzi� opcjonalny ale wysoce doradzany adres e-mail"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Prosz� wprowadzi� opcjonalny komentarz"
 
 # OSTRZE�ENIE: nic nie zosta�o wyeksportowane!
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3639,17 +4104,86 @@ msgstr ""
 "O aby kontynuowa� tworzenie klucza.\n"
 "Q aby zrezygnowa� z tworzenia klucza."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Je�li ma zosta� wygenerowany podklucz, nale�y odpowiedzie� \"tak\"."
 
-#: g10/helptext.c:164
-msgid "Answer \"yes\" is you want to sign ALL the user IDs"
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
 msgstr ""
-"Aby podpisa� WSZYSTKIE identyfikatory u�ytkownika nale�y odpowiedzie� "
-"\"tak\"."
+"Przy podpisywaniu identyfikatora u�ytkownika na kluczu nale�y sprawdzi�, \n"
+"czy to�samo�� u�ytkownika odpowiada temu, co jest wpisane w "
+"identyfikatorze.\n"
+"Innym u�ytkownikom przyda si� informacja, jak dog��bnie zosta�o to przez\n"
+"Ciebie sprawdzone.\n"
+"\n"
+"\"0\" oznacza, �e nie podajesz �adnych informacji na temat tego jak "
+"dog��bnie\n"
+"    sprawdzi�a�/e� to�samo�� u�ytkownika.\n"
+"\n"
+"\"1\" oznacza, �e masz przekonanie, �e to�samo�� u�ytkownka odpowiada\n"
+"    identyfikatorowi klucza, ale nie by�o mo�liwo�ci sprawdzenia tego.\n"
+"    Taka sytuacja wyst�puje te� kiedy podpisujesz identyfikator b�d�cy\n"
+"    pseudonimem.\n"
+"\n"
+"\"2\" oznacza, �e to�samo�� u�ytkownika zosta�� przez Ciebie potwierdzona\n"
+"    pobie�nie - sprawdzili�cie odcisk klucza, sprawdzi�a�/e� to�samo��\n"
+"    na okazanym dokumencie ze zdj�ciem.\n"
+"\n"
+"\"3\" to dog��bna weryfikacja to�samo�ci. Na przyk�ad sprawdzenie odcisku \n"
+"    klucza, sprawdzenie to�samo�ci z okazanego oficjalnego dokumentu ze\n"
+"    zdj�ciem (np paszportu) i weryfikacja poprawno�ci adresu poczty\n"
+"    elektronicznej przez wymian� poczty z tym adresem.\n"
+"\n"
+"Zauwa�, �e podane powy�ej przyk�ady dla poziom�w \"2\" i \"3\" to *tylko*\n"
+"przyk�ady. Do Ciebie nale�y decyzja co oznacza \"pobie�ny\" i \"dog��bny\" "
+"w\n"
+"kontek�cie po�wiadczania i podpisywania kluczy.\n"
+"\n"
+"Je�li nie wiesz co odpowiedzie�, podaj \"0\"."
+
+#: g10/helptext.c:194
+msgid "Answer \"yes\" is you want to sign ALL the user IDs"
+msgstr "Odpowiedz \"tak\", aby podpisa� WSZYSTKIE identyfikatory u�ytkownika."
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3657,11 +4191,11 @@ msgstr ""
 "Aby skasowa� ten identyfikator u�ytkownika (co wi��e si� ze utrat�\n"
 "wszystkich jego po�wiadcze�!) nale�y odpowiedzie� \"tak\"."
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Aby skasowa� podklucz nale�y odpowiedzie� \"tak\"."
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3671,26 +4205,26 @@ msgstr ""
 "poniewa� mo�e by� wa�ny dla zestawienia po�aczenia zaufania do klucza\n"
 "kt�rym go z�o�ono lub do innego klucza nim po�wiadczonego."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
 "know which key was used because this signing key might establish\n"
 "a trust connection through another already certified key."
 msgstr ""
-"Ten podpis nie mo�e zosta� potwierdzony poniewa� nie masz\n"
+"Ten podpis nie mo�e zosta� potwierdzony poniewa� nie ma\n"
 "odpowiadaj�cego mu klucza publicznego. Nale�y od�o�y� usuni�cie tego\n"
-"podpisu do czasu, kiedy oka�e si� kt�ry klucz zosta� u�yty, poniewa� w\n"
-"momencie uzyskania tego klucza mo�e pojawi� si� �cie�ka zaufania\n"
+"podpisu do czasu, kiedy oka�e si� kt�ry klucz zosta� u�yty, poniewa�\n"
+"w momencie uzyskania tego klucza mo�e pojawi� si� �cie�ka zaufania\n"
 "pomi�dzy tym a innym, ju� po�wiadczonym kluczem."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
-msgstr "Ten podpis jest niepoprawny. Ma sens usuni�cie go z bazy kluczy."
+msgstr "Ten podpis jest niepoprawny. Mo�na usuni�� go z bazy kluczy."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3704,42 +4238,47 @@ msgstr ""
 "klucza nim samym z jakich� przyczyn nie jest poprawny, i klucz jest\n"
 "drugi raz podpisany w ten sam spos�b."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
 msgstr ""
-"Podaj wyra�enie przej�ciowe (d�ugie, skomplikowane has�o)\n"
-"  Bla, bla, bla...."
+"Przestawienie wszystkich (lub tylko wybranych) identyfikator�w na aktualne\n"
+"ustawienia. Data na odpowiednich podpisach zostane przesuni�ta do przodu o\n"
+"jedn� sekund�. \n"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Podaj d�ugie, skomplikowane has�o, np ca�e zdanie.\n"
+
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
-msgstr ""
-"Prosz� powr�trzy� wyra�enie przej�ciowe, aby upewni� si� �e nie by�o pomy�ki."
+msgstr "Prosz� powr�trzy� has�o, aby upewni� si� �e nie by�o pomy�ki."
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
-msgstr "Nazwa pliku kt�rego dotyczy podpis"
+msgstr "Podaj nazw� pliku kt�rego dotyczy ten podpis"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
-msgstr "Je�li mo�na nadpisa� ten plik, nale�y napisa� \"tak\""
+msgstr "Je�li mo�na nadpisa� ten plik, nale�y odpowiedzie� ,,tak''"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
 msgstr ""
 "Nazwa pliku. Naci�ni�cie ENTER potwierdzi nazw� domy�ln� (w nawiasach)."
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3747,74 +4286,401 @@ msgid ""
 "      Use this to state that the user ID should not longer be used;\n"
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
-
-#: g10/helptext.c:245
+"Nalezy poda� pow�d uniewa�nienia klucza. W zale�no�ci od kontekstu mo�na\n"
+"go wybra� z listy:\n"
+"  \"Klucz zosta� skompromitowany\"\n"
+"      Masz powody uwa�a� �e tw�j klucz tajny dosta� si� w niepowo�ane r�ce.\n"
+"  \"Klucz zosta� zast�piony\"\n"
+"      Klucz zosta� zast�piony nowym.\n"
+"  \"Klucz nie jest ju� u�ywany\"\n"
+"      Klucz zosta� wycofany z u�ycia.\n"
+"  \"Identyfikator u�ytkownika przesta� by� poprawny\"\n"
+"      Identyfikator u�ytkownika (najcz�ciej adres e-mail przesta� by� \n"
+"      poprawny.\n"
+
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
+"Je�li chcesz, mo�esz poda� opis powodu wystawienia certyfikatu\n"
+"uniewa�nienia. Opis powinien byc zwi�z�y. \n"
+"Pusta linia ko�czy wprowadzanie tekstu.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Pomoc niedost�pna"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Brak pomocy o '%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "b��d przy odczycie certyfikatu: %s\n"
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "b��d tworzenia zbioru kluczy `%s': %s\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "W tej wersji nie mo�na u�ywa� kluczy RSA\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "zmiana uprawnie� do `%s' nie powiod�a si�: %s\n"
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Brak klucza z takim identyfikatorem u�ytkownika.\n"
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "zbi�r kluczy `%s' utworzony\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Brak identyfikatora u�ytkownika dla klucza.\n"
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "nie powiod�a si� odbudowa bufora bazy: %s\n"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "brak domy�lnego zbioru kluczy publicznych\n"
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "OSTRZE�ENIE: Istniej� dwa pliki z poufnymi informacjami.\n"
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "nie mo�na zablokowa� zbioru kluczy publicznych '%s': %s\n"
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s pozosta� bez zmian\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s zosta� utworzony\n"
 
-#~ msgid "error writing keyring `%s': %s\n"
-#~ msgstr "b��d zapisu zbioru kluczy '%s': %s\n"
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Prosz� usun�� to naruszenie zasad bezpiecze�stwa\n"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "klucz %08lX: nie mo�na odczyta� oryginalnego bloku klucza; %s\n"
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "sprawdzanie zbioru kluczy `%s'\n"
 
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: nie znaleziono u�ytkownika\n"
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu kluczy do tej chwili (%lu podpis�w)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu kluczy (%lu podpis�w)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: zbi�r kluczy utworzony\n"
+
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "Czy na pewno chcesz to podpisa�?\n"
+
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "  Czy na pewno chcesz go podpisa�?\n"
+
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Czy na pewno podpisa�? (t/N) "
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Czy naprawd� potrzebujesz takiego d�ugiego klucza? "
+
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "klucz %08lX: dost�pna kopia nie jest podpisana ni� sam�\n"
+
+#~ msgid "   signed by %08lX at %s\n"
+#~ msgstr "podpisany przez %08lX w %s\n"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key nazwa u�ytkownika"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key nazwa u�ytkownika"
+
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key key nazwa u�ytkownika"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Podaj identyfikator u�ytkownika (user ID): "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "pomini�ty: klucz publiczny ju� wybrany w --encrypt-to\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "WARNING: This is a PGP2-style key\n"
+#~ msgstr ""
+#~ "\n"
+#~ "OSTRZE�ENIE: Klucz z PGP wersji 2.\n"
+
+#~ msgid "sSmMqQ"
+#~ msgstr "iIpPwW"
+
+#~ msgid "no keyserver known (use option --keyserver)\n"
+#~ msgstr "brak znanyk serwer�w kluczy (u�yj opcji --keyserver)\n"
+
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s: nie jest poprawnym identyfikatorem klucza\n"
+
+#~ msgid "duplicate (short) key ID %08lX\n"
+#~ msgstr "skr�cony numer klucza si� powtarza %08lX\n"
+
+#~ msgid "%lu key(s) to refresh\n"
+#~ msgstr "%lu klucz(y) do od�wie�enia\n"
+
+#~ msgid "too many random bits requested; the limit is %d\n"
+#~ msgstr "��danie zbyt wielu losowych bit�w; ograniczenie wynosi %d\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NAZWY]|sprawdzenie bazy zaufania"
+
+#~ msgid "For info see http://www.gnupg.org"
+#~ msgstr "Dalsze informacje znajduj� si� na http://www.gnupg.org/"
+
+#~ msgid ""
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Niemo�liwe jest znalezienie poprawnej scie�ki zaufania do tego klucza.\n"
+#~ "Sprawd�my czy mo�na przypisa� brakuj�ce warto�ci zaufania.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Brak �cie�ki prowadz�cej do kt�rego� z naszych kluczy.\n"
+#~ "\n"
 
 #~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
 #~ msgstr ""
-#~ "Klucze RSA s� odradzane; prosz� rozwa�y� przej�cie na inne algorytmy po\n"
-#~ "wygenerowaniu odpowiednich kluczy.\n"
+#~ "Brak certyfikat�w o niezdefiniowanym poziomie zaufania.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Parametry zaufania nie zosta�y zmienione.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr "%08lX: brak informacji aby obliczy� prawdopodobie�stwo zaufania\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: b��d podczas sprawdzania klucza: %s\n"
+
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) Klucz dla algorytmu RSA (do szyfrowania i podpisywania)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr "Czy na pewno chcesz stworzy� klucz do szyfrowania i podpisywania? "
 
-#~ msgid "not processed"
-#~ msgstr "nie przetworzony"
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: nie znaleziono u�ytkownika %s\n"
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "b��d przy odczycie certyfikatu: %s\n"
+
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "zbyt wiele wpis�w w buforze nieznanych kluczy - wy��czony\n"
+
+#~ msgid "no default public keyring\n"
+#~ msgstr "brak domy�lnego zbioru kluczy publicznych\n"
+
+#~ msgid "secret key %08lX not imported (use %s to allow for it)\n"
+#~ msgstr "klucz tajny %08lX nie zosta� wczytany (aby to zrobi� u�yj %s)\n"
+
+#~ msgid "%s: user not found\n"
+#~ msgstr "%s: nie znaleziono u�ytkownika\n"
+
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr "naniesienie poprawek bazy zaufania nie powiod�o si�: %s\n"
 
 #~ msgid "assuming bad MDC due to an unknown critical bit\n"
 #~ msgstr ""
-#~ "przyj�to niepoprawno�� MDC z powonu ustawienia nieznanego bitu krytycznego\n"
+#~ "przyj�to niepoprawno�� MDC z powonu ustawienia nieznanego bitu "
+#~ "krytycznego\n"
+
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "b��d odczytu wpisu katalogowego dla LID %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr "lid %lu: oczekiwany wpis katalogowy, napotkano typ %d\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "brak klucza g��wnego dla LID %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr "b��d odczytu g��wnego klucza dla LID %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: funkcja search_record zawiod�a: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "klucz %08lX: wyszukanie zapisu nie powiod�o si�\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "klucz %08lX: ju� znajduje si� w tablicy kluczy zaufanych\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "UWAGA: klucz tajny %08lX NIE jest chroniony.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
+#~ msgstr "klucz %08lX: klucz tajny nie pasuje do klucza jawnego\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "wyliczenie kluczy tajnych nie powiod�o si� %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "klucz %08lX.%lu Dobre dowi�zanie podklucza\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "klucz %08lX.%lu: Niepoprawne dowi�zanie podklucza %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "klucz %08lX.%lu: Poprawne uniewa�nienie klucza\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "klucz %08lX.%lu: Niew�a�ciwe uniewa�nienie klucza: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "klucz %08lX.%lu: Poprawne uniewa�nienie podklucza\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Poprawny podpis klucza nim samym"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Niepoprawny podpis klucza nim samym"
+
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
+#~ msgstr ""
+#~ "Poprawne uniewa�nienie identyfikatora u�ytkownika pomini�te z powodu\n"
+#~ "nowszego podpisu tym samym kluczem"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "Poprawne uniewa�nienie identyfikatora u�ytkownika"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Niepoprawne uniewa�nienie identyfikatora u�ytkownika"
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "Poprawne uniewa�nienie certyfikatu"
+
+#~ msgid "Good certificate"
+#~ msgstr "Poprawny certyfikat"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Niepoprawne uniewa�nienie certyfikatu"
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Niepoprawny certyfikat"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "zapis o podpisach %lu[%d] wskazuje na z�y wpis.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "podw�jny certyfikat - usuni�ty"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "Procedura tdbio_search_dir nie powiod�a si�: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lid ?: wpisanie nie powiod�o si�: %s\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lid %lu: wpisanie nie powiod�o si�: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lid %lu: wpisany\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "b��d podczas odczytu wpisu katalogowego: %s\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "\t%lu kluczy wpisanych\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lid %lu: wpis katalogowy bez bloku klucza - pomini�ty\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "        %lu z powodu nowych podkluczy\n"
+
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "\t%lu kluczy pomini�tych\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "\t%lu kluczy uaktualnionych\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Oops, brak kluczy\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Oops, brak identyfikator�w u�ytkownik�w\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr "check_trust: poszukiwanie wpisu katalogowego nie powiod�o si�: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr "klucz %08lX: wprowadzenie wpisu zaufania nie powiod�o si�: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "Klucz %08lX.%lu: wprowadzony do bazy zaufania\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
 #~ msgstr ""
-#~ "klucz nie jest oznaczony jako niepewny - nie mo�na go u�y� z atrap�\n"
-#~ "generatora liczb losowych!\n"
+#~ "Klucz %08lX.%lu: stworzony w przysz�o�ci (zaburzenia czasoprzestrzeni,\n"
+#~ "lub �le ustawiony zegar systemowy)\n"
+
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "klucz %08lX.%lu: okres wa�no�ci up�yn�� %s\n"
+
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "klucz %08lX.%lu: b��d przy sprawdzaniu zaufania: %s\n"
+
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr "problem podczas szukania '%s' w bazie zaufania: %s\n"
+
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr "brak u�ytkownika '%s' w bazie zaufania - dodano\n"
+
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "umieszczenie '%s' w Bazie Zaufania nie powiod�o si�: %s\n"
+
+#~ msgid "WARNING: can't yet handle long pref records\n"
+#~ msgstr "OSTRZE�ENIE: d�ugie wpisy ustawie� jeszcze nie s� obs�ugiwane.\n"
+
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: stworzenie zbioru kluczy jest niemo�liwe: %s\n"
+
+#~ msgid "RSA key cannot be used in this version\n"
+#~ msgstr "W tej wersji nie mo�na u�ywa� kluczy RSA\n"
+
+#~ msgid "No key for user ID\n"
+#~ msgstr "Brak klucza z takim identyfikatorem u�ytkownika.\n"
+
+#~ msgid "No user ID for key\n"
+#~ msgstr "Brak identyfikatora u�ytkownika dla klucza.\n"
+
+#~ msgid "invalid"
+#~ msgstr "niepoprawny"
+
+#~ msgid "revoked"
+#~ msgstr "uniewa�niony"
+
+#~ msgid "no secret key for decryption available\n"
+#~ msgstr "odszyfrowuj�cy klucz tajny do jest niedost�pny\n"
 
 #~ msgid "set debugging flags"
 #~ msgstr "ustawienie opcji �ledzenia wykonania programu"
 
 #~ msgid "enable full debugging"
-#~ msgstr "w��czenie pe�nego �ledzenia programu"
+#~ msgstr "umo�liwienie pe�nego �ledzenia programu"
 
 #~ msgid "do not write comment packets"
 #~ msgstr "nie zapisywa� pakiet�w z komentarzem"
@@ -3827,17 +4693,29 @@ msgstr "Brak pomocy o '%s'"
 
 #~ msgid "   (%d) ElGamal in a v3 packet\n"
 #~ msgstr ""
-#~ "   (%d) Klucz dla algorytmu ElGamala w pakiecie w trzeciej wersji formatu\n"
+#~ "   (%d) Klucz dla algorytmu ElGamala w pakiecie w trzeciej wersji "
+#~ "formatu\n"
 
 #~ msgid "Key generation can only be used in interactive mode\n"
 #~ msgstr "Generacj� klucza mo�na wykonywa� tylko w trybie interaktywnym\n"
 
+#~ msgid ""
+#~ "RSA keys are deprecated; please consider creating a new key and use this "
+#~ "key in the future\n"
+#~ msgstr ""
+#~ "Odradza si� stosowanie kluczy RSA; prosz� rozwa�y� przej�cie na inne "
+#~ "algorytmy\n"
+#~ "po wygenerowaniu odpowiednich kluczy.\n"
+
 #~ msgid "print all message digests"
 #~ msgstr "wszystkie skr�ty wiadomo�ci"
 
 #~ msgid "can't lock keyring `%': %s\n"
 #~ msgstr "nie mo�na zablokowa� zbioru kluczy publicznych: %s\n"
 
+#~ msgid "error writing keyring `%': %s\n"
+#~ msgstr "b��d zapisu zbioru kluczy '%': %s\n"
+
 #~ msgid "NOTE: sig rec %lu[%d] in hintlist of %lu but marked as checked\n"
 #~ msgstr ""
 #~ "UWAGA: wpis podpisu %lu[%d] znajduje si� w li�cie domy�lnej %lu,\n"
@@ -3878,9 +4756,6 @@ msgstr "Brak pomocy o '%s'"
 #~ msgid "lid %lu: can't get keyblock: %s\n"
 #~ msgstr "lid %lu: pobranie bloku klucza niemo�liwe: %s\n"
 
-#~ msgid "Too many preferences"
-#~ msgstr "Zbyt wiele ustawie�."
-
 #~ msgid "Too many preference items"
 #~ msgstr "Zbyt wiele pozycji w ustawieniach"
 
@@ -3947,14 +4822,17 @@ msgstr "Brak pomocy o '%s'"
 #~ "stosowa�\n"
 #~ "zar�wno do szyfrowania jak i do tworzenia podpis�w cyfrowych\n"
 #~ "W standardzie OpenPGP algorytm ElGamala wyst�puje w dw�ch wersjach:\n"
-#~ "obs�uguj�cej podpisywanie, oraz obs�uguj�cej podpisywanie i szyfrowanie; z\n"
+#~ "obs�uguj�cej podpisywanie, oraz obs�uguj�cej podpisywanie i szyfrowanie; "
+#~ "z\n"
 #~ "technicznego punktu widzenia algorytm dzia�a tak samo, ale pewne "
 #~ "wsp�czynniki\n"
 #~ "musz� by� dobrane tak aby klucz nadawa� si� do sk�adania bezpiecznych\n"
-#~ "podpis�w. Ten program obs�uguje obie wersje, ale inne implementacje OpenPGP\n"
+#~ "podpis�w. Ten program obs�uguje obie wersje, ale inne implementacje "
+#~ "OpenPGP\n"
 #~ "nie musz� rozumie� obs�ugiwa� klucza przeznaczonego jednocze�nie do\n"
 #~ "podpisywania i szyfrowania.\n"
-#~ "G��wny klucz musi by� zawsze kluczem s�u��cym umo�liwiaj�cym podpisywanie,\n"
+#~ "G��wny klucz musi by� zawsze kluczem s�u��cym umo�liwiaj�cym "
+#~ "podpisywanie,\n"
 #~ "dlatego te� ten program nie obs�uguje osobnych kluczy ElGamala s�u��cych "
 #~ "tylko\n"
 #~ "do szyfrowania."
@@ -4026,7 +4904,8 @@ msgstr "Brak pomocy o '%s'"
 
 #~ msgid "keyedit.remove.uid.okay"
 #~ msgstr ""
-#~ "Odpowiedz \"tak\" je�li na pewno chcesz skasowa� ten identyfikator klucza.\n"
+#~ "Odpowiedz \"tak\" je�li na pewno chcesz skasowa� ten identyfikator "
+#~ "klucza.\n"
 #~ "Utracisz wszystkie podpisy innych u�ytkownik�w z�o�one na tym "
 #~ "identyfikatorze!"
 
@@ -4060,12 +4939,6 @@ msgstr "Brak pomocy o '%s'"
 #~ msgid "can't write keyblock: %s\n"
 #~ msgstr "nie mog� zapisa� bloku klucza: %s\n"
 
-#~ msgid "can't lock secret keyring: %s\n"
-#~ msgstr "nie mog� zablokowa� zbioru kluczy tajnych: %s\n"
-
-#~ msgid "can't write keyring: %s\n"
-#~ msgstr "niemo�liwy jest zapis zbioru kluczy: %s\n"
-
 #~ msgid "encrypted message is valid\n"
 #~ msgstr "zaszyfrowana wiadomo�� jest poprawna\n"
 
@@ -4100,9 +4973,6 @@ msgstr "Brak pomocy o '%s'"
 #~ msgid "lid %lu: read pref record failed: %s\n"
 #~ msgstr "lid %lu: odczyt wpisu ustawie� nie powi�d� si�: %s\n"
 
-#~ msgid "lid %lu: read sig record failed: %s\n"
-#~ msgstr "lid %lu: odczyt wpisu o podpisach nie powi�d� si�: %s\n"
-
 #~ msgid "user '%s' read problem: %s\n"
 #~ msgstr "u�ytkownik '%s' b��d przy odczycie: %s\n"
 
@@ -4140,9 +5010,6 @@ msgstr "Brak pomocy o '%s'"
 #~ msgid "Oops: key is now in trustdb???\n"
 #~ msgstr "Oops: klucz ju� jest w bazie zaufania???\n"
 
-#~ msgid "insert trust record failed: %s\n"
-#~ msgstr "wstawienie wpisu zaufania nie powiod�o si�: %s\n"
-
 #~ msgid "Hmmm, public key lost?"
 #~ msgstr "Hmmm, klucz publiczny utracony?"
 
diff --git a/po/pt_PT.po b/po/pt.po
index b129dbfc5..a0e82191a 100644
--- a/po/pt_PT.po
+++ b/po/pt.po
@@ -1,304 +1,333 @@
-# PT_pt messages for gnupg
-# Pedro Morais <[email protected]>
+# pt messages for gnupg
+# Copyright (C) 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+# Pedro Morais <[email protected]>
 #
-# Based on PT_br work done by:
-# Thiago Jung Bauermann <[email protected]>, 1999.
-# Rafael Caetano dos Santos <[email protected]>.
+# Based on pt_PT work done by:
+# Thiago Jung Bauermann <[email protected]>
+# Rafael Caetano dos Santos <[email protected]>
 msgid ""
 msgstr ""
 "Project-Id-Version: gnupg\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 1999-09-09 20:28+0000\n"
-"Last-Translator: Pedro Morais <[email protected]>\n"
-"Language-Team: pt\n"
-"MIME-Version:\n"
-"Content-Type:\n"
-"Content-Transfer-Encoding:\n"
-
-#: util/miscutil.c:278 util/miscutil.c:307
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-03-05 16:05+0000\n"
+"Last-Translator: Pedro Morais <[email protected]>\n"
+"Language-Team: pt <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Aviso: a utilizar mem�ria insegura!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr "por favor veja http://www.gnupg.org/faq.html para mais informa��es\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "a opera��o n�o � poss�vel sem mem�ria segura inicializada\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(voc� pode ter usado o programa errado para esta tarefa)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "sim"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "sS"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "n�o"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-# INICIO MENU
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "sair"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "qQ"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "erro geral"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "formato de pacote desconhecido"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "vers�o desconhecida"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "algoritmo de chave p�blica desconhecido"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "algoritmo de \"digest\" desconhecido"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "chave p�blica incorrecta"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "chave secreta incorrecta"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "assinatura incorrecta"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "erro de \"checksum\""
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "frase secreta incorrecta"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "chave p�blica n�o encontrada"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "algoritmo de criptografia desconhecido"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "n�o � poss�vel abrir o porta-chaves"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "pacote inv�lido"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "armadura inv�lida"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "identificador de utilizador inexistente"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "chave secreta n�o dispon�vel"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "chave secreta incorrecta"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "n�o suportado"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "chave incorrecta"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "erro de leitura"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "erro de escrita"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "algoritmo de compress�o desconhecido"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "erro na abertura do ficheiro"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "erro na cria��o do ficheiro"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "frase-secreta inv�lida"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "algoritmo de chave p�blica n�o implementado"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "algoritmo de criptografia n�o implementado"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "classe de assinatura desconhecida"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "erro na base de dados de confian�a"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "MPI incorreto"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "limite de recursos"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "porta-chaves inv�lido"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "certificado incorrecto"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "identificador de utilizador malformado"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "erro ao fechar ficheiro"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "erro na renomea��o do ficheiro"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "erro na remo��o do ficheiro"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "dados inesperados"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "conflito de \"timestamp\""
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "algoritmo de chave p�blica inutiliz�vel"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "o ficheiro j� existe"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "chave fraca"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "argumento inv�lido"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "URI incorrecto"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "URI n�o suportado"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "erro na rede"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
-msgstr "n�o encriptado"
+msgstr "n�o cifrado"
+
+#: util/errors.c:103
+msgid "not processed"
+msgstr "n�o processado"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "chave p�blica n�o utiliz�vel"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "chave secreta n�o utiliz�vel"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "erro do servidor de chaves"
 
-#: util/logger.c:227
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... isto � um bug (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "voc� encontrou um bug ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "imposs�vel abrir `%s': %s\n"
 
-#: cipher/random.c:325
-#, fuzzy, c-format
+#: cipher/random.c:324
+#, c-format
 msgid "can't stat `%s': %s\n"
-msgstr "imposs�vel abrir `%s': %s\n"
+msgstr "imposs�vel 'stat' a `%s': %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
-msgstr ""
+msgstr "`%s' n�o � um ficheiro normal - ignorado\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
-msgstr ""
+msgstr "nota: random_seed est� vazia\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
+"aviso: o ficheiro random_seed tem um tamanho inv�lido - n�o utilizado\n"
 
-#: cipher/random.c:349
-#, fuzzy, c-format
+#: cipher/random.c:348
+#, c-format
 msgid "can't read `%s': %s\n"
-msgstr "imposs�vel abrir `%s': %s\n"
+msgstr "imposs�vel ler `%s': %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
-msgstr ""
+msgstr "nota: ficheiro random_seed n�o actualizado\n"
 
-#: cipher/random.c:407
-#, fuzzy, c-format
+#: cipher/random.c:406
+#, c-format
 msgid "can't create `%s': %s\n"
-msgstr "imposs�vel criar %s: %s\n"
+msgstr "imposs�vel criar `%s': %s\n"
 
-#: cipher/random.c:414
-#, fuzzy, c-format
+#: cipher/random.c:413
+#, c-format
 msgid "can't write `%s': %s\n"
-msgstr "imposs�vel abrir `%s': %s\n"
-
-#: cipher/random.c:417
-#, fuzzy, c-format
-msgid "can't close `%s': %s\n"
-msgstr "imposs�vel abrir `%s': %s\n"
+msgstr "imposs�vel escrever `%s': %s\n"
 
-#: cipher/random.c:428
+#: cipher/random.c:416
 #, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
+msgid "can't close `%s': %s\n"
+msgstr "imposs�vel fechar `%s': %s\n"
 
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr "AVISO: a utilizar gerador de n�meros aleat�rios inseguro!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -312,7 +341,7 @@ msgstr ""
 "N�O USE NENHUM DADO GERADO POR ESTE PROGRAMA!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -323,19 +352,7 @@ msgstr ""
 "N�o h� bytes aleat�rios suficientes. Por favor, fa�a outro trabalho para\n"
 "que o sistema possa recolher mais entropia! (S�o necess�rios mais %d bytes)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Aviso: a utilizar mem�ria insegura!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "a opera��o n�o � poss�vel sem mem�ria segura inicializada\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(voc� pode ter usado o programa errado para esta tarefa)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -343,140 +360,163 @@ msgstr ""
 "@Comandos:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[ficheiro]|fazer uma assinatura"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[ficheiro]|fazer uma assinatura em texto puro"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "fazer uma assinatura separada"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
-msgstr "encriptar dados"
+msgstr "cifrar dados"
+
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[ficheiros]|cifrar ficheiros"
 
-#: g10/gpg.c:207
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
-msgstr "encriptar apenas com cifra sim�trica"
+msgstr "cifrar apenas com cifra sim�trica"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "apenas armazenar"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
-msgstr "desencriptar dados (ac��o por omiss�o)"
+msgstr "decifrar dados (ac��o por omiss�o)"
+
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[ficheiros]|decifrar ficheiros"
 
-#: g10/gpg.c:210
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "verificar uma assinatura"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "listar as chaves"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "listar as chaves e as assinaturas"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "verificar as assinaturas das chaves"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "listar as chaves e as impress�es digitais"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "listar as chaves secretas"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "gerar um novo par de chaves"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
-msgstr "remover a chave do porta-chaves p�blico"
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
+msgstr "remover chaves do porta-chaves p�blico"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
-msgstr "remover a chave do porta-chaves secreto"
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "remover chaves do porta-chaves secreto"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "assinar uma chave"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "assinar uma chave localmente"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "assinar uma chave de forma n�o revoc�vel"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "assinar uma chave localmente e de forma n�o revoc�vel"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "assinar ou editar uma chave"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "gerar um certificado de revoga��o"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "exportar chaves"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
-msgstr "exportar chaves para um servidor"
+msgstr "exportar chaves para um servidor de chaves"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
-msgstr "importar chaves de um servidor"
+msgstr "importar chaves de um servidor de chaves"
+
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "procurar chaves num servidor de chaves"
 
-#: g10/gpg.c:232
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "actualizar todas as chaves a partir de um servidor de chaves"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "importar/fundir chaves"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "listar apenas as sequ�ncias de pacotes"
 
-# ownertrust ???
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "exportar os valores de confian�a"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "importar os valores de confian�a"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "actualizar a base de dados de confian�a"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NOMES]|verificar a base de dados de confian�a"
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "actualizar automaticamente a base de dados de confian�a"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "consertar uma base de dados de confian�a"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "retirar armadura de um ficheiro ou do \"stdin\""
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "criar armadura para um ficheiro ou \"stdin\""
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [ficheiros]|imprimir \"digests\" de mensagens"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -486,179 +526,222 @@ msgstr ""
 "Op��es:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "criar sa�da com armadura ascii"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
-msgstr "|NOME|encriptar para NOME"
+msgstr "|NOME|cifrar para NOME"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
-msgstr "|NOME|usar NOME como destinat�rio padr�o"
+msgstr "|NOME|usar NOME como destinat�rio por omiss�o"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
-msgstr "usar a chave padr�o como destinat�rio padr�o"
+msgstr "usar a chave por omiss�o como destinat�rio por omiss�o"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr ""
 "usar este identificador de utilizador para\n"
-"assinar ou desencriptar"
+"assinar ou decifrar"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr ""
 "|N|estabelecer n�vel de compress�o N\n"
 "(0 desactiva)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "usar modo de texto can�nico"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "usar como ficheiro de sa�da"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "detalhado"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "ser mais silencioso"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "nunca usar o terminal"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "for�ar assinaturas v3"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "n�o for�ar assinaturas v3"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "for�ar assinaturas v4"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "n�o for�ar assinaturas v4"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
-msgstr "sempre usar um MDC para encriptar"
+msgstr "sempre usar um MDC para cifrar"
+
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "nunca usar um MDC para cifrar"
 
-#: g10/gpg.c:276
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "n�o fazer altera��es"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "utilizar o gpg-agent"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "modo n�o-interactivo: nunca perguntar"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "assumir sim para a maioria das perguntas"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "assumir n�o para a maioria das perguntas"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr ""
 "adicionar este porta-chaves\n"
 "� lista de porta-chaves"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "adicionar este porta-chaves secreto � lista"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "mostrar em que porta-chave a chave est�"
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NOME|usar NOME como chave secreta por omiss�o"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|ENDERE�O|usar este servidor para buscar chaves"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr ""
 "|NOME|definir mapa de caracteres do terminal como\n"
 "NOME"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "ler op��es do ficheiro"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr ""
 "|DF|escrever informa��es de estado para o\n"
 "descritor de ficheiro DF"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr ""
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[ficheiro]|escrever ifnroam��es de estado para o ficheiro"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|KEYID|confiar totalmente nesta chave"
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|FICHEIRO|carregar m�dulo de extens�o FICHEIRO"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "emular o modo descrito no RFC1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr ""
-"configurar todas as op��es de pacote,\n"
-"criptografia e \"digest\" para comportamento\n"
-"OpenPGP"
+"configurar todas as op��es de pacote, cifragem e \"digest\"\n"
+"para comportamento OpenPGP"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr ""
+"configurar todas as op��es de pacote, cifragem e \"digest\"\n"
+"para comportamento PGP 2.x"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|usar mode de frase secreta N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr ""
 "|NOME|usar algoritmo de \"digest\" de mensagens NOME\n"
 "para frases secretas"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr ""
 "|NOME|usar algoritmo de criptografia NOME para\n"
 "frases secretas"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NOME|usar algoritmo de criptografia NOME"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NOME|usar algoritmo de \"digest\" de mensagens NOME"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|usar algoritmo de compress�o N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
-msgstr "eliminar campo keyid dos pacotes encriptados"
+msgstr "eliminar campo keyid dos pacotes cifrados"
+
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Mostrar IDs Fotogr�ficos"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "N�o mostrar IDs Fotogr�ficos"
 
-#: g10/gpg.c:309
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "Configurar linha de comandos para ver fotografias"
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NOME=VALOR|usar estes dados de nota��o"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
+"@\n"
+"(Veja a p�gina man para uma lista completa de comandos e op��es)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -672,31 +755,31 @@ msgstr ""
 "@\n"
 "Exemplos:\n"
 "\n"
-" -se -r Bob [ficheiro]      assinar e encriptar para o utilizador Bob\n"
+" -se -r Bob [ficheiro]      assinar e cifrar para o utilizador Bob\n"
 " --clearsign [ficheiro]     criar uma assinatura em texto puro\n"
 " --detach-sign [ficheiro]   criar uma assinatura separada\n"
 " --list-keys [nomes]        mostrar chaves\n"
 " --fingerprint [nomes]      mostrar impress�es digitais\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr "Por favor comunique bugs para <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Uso: gpg [op��es] [ficheiros] (-h para ajuda)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
 "default operation depends on the input data\n"
 msgstr ""
 "Sintaxe: gpg [op��es] [ficheiros]\n"
-"assina, verifica, encripta ou desencripta\n"
+"assina, verifica, cifra ou decifra\n"
 "a opera��o por omiss�o depende dos dados de entrada\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -704,194 +787,251 @@ msgstr ""
 "\n"
 "Algoritmos suportados:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "uso: gpg [op��es] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "comandos em conflito\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "NOTA: ficheiro de op��es por omiss�o `%s' inexistente\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "ficheiro de op��es `%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "a ler op��es de `%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s n�o � um conjunto de caracteres v�lido\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "n�o consegui processar a URI do servidor de chaves\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "AVISO: `%s' � um ficheiro vazio\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "AVISO: O programa pode criar um ficheiro core!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "AVISO: %s sobrep�e %s\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "NOTA: %s n�o � para uso normal!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s n�o � permitido com %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s n�o faz sentido com %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr "s� pode fazer assinaturas separadas ou em texto puro no modo --pgp2\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "n�o pode assinar e cifrar ao mesmo tempo no modo --pgp2\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+"deve utilizar ficheiros (e n�o um 'pipe') quando trabalho no modo --pgp2.\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr "cifrar uma mensagem no modo --pgp2 necessita da cifra IDEA\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "esta mensagem poder� n�o ser utiliz�vel pelo PGP 2.x\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "o algoritmo de cifragem selecionado n�o � v�lido\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "o algoritmo de \"digest\" selecionado n�o � v�lido\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr "a URL de pol�tica dada � inv�lida\n"
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "a URL de pol�tica de assinatura dada � inv�lida\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "a URL de pol�tica de certifica��o dada � inv�lida\n"
+
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "o algoritmo de compress�o deve estar na faixa %d..%d\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "completes-needed deve ser maior que 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "marginals-needed deve ser maior que 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "max-cert-depth deve estar na entre 1 e 255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "NOTA: o modo S2K simples (0) n�o � recomend�vel\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "modo S2K inv�lido: deve ser 0, 1 ou 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "n�vel de verifica��o por omiss�o inv�lido: deve ser 0, 1, 2 ou 3\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "prefer�ncias inv�lidas\n"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "falha ao inicializar a base de dados de confian�a: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [nome_do_ficheiro]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [nome_do_ficheiro]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [nome_do_ficheiro]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [nome_do_ficheiro]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [nome_do_ficheiro]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [nome_do_ficheiro]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [nome_do_ficheiro]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [nome_do_ficheiro]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key id-utilizador"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key id-utilizador"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key id-utilizador [comandos]"
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key id-utilizador"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key id-utilizador"
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key id-utilizador"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key id-utilizador"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key id-utilizador [comandos]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "imposs�vel abrir %s: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [id-utilizador] [porta-chaves]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "retirada de armadura falhou: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "cria��o de armadura falhou: %s\n"
 
-# "hash" poderia ser "espalhamento", mas n�o fica claro
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
-msgstr "algoritmo de hash inv�lido `%s'\n"
+msgstr "algoritmo de dispers�o inv�lido `%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[nome_do_ficheiro]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Digite a sua mensagem ...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "imposs�vel abrir `%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr ""
 "o primeiro caracter de um nome de nota��o deve ser uma letra ou um "
 "sublinhado\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -899,250 +1039,229 @@ msgstr ""
 "um nome de nota��o deve ter apenas letras, d�gitos, pontos ou sublinhados e "
 "terminar com '='\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr ""
 "pontos num nome de nota��o devem estar cercados por outros caracteres\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "um valor de nota��o n�o deve usar caracteres de controle\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "armadura: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "cabe�alho de armadura inv�lido: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "cabe�alho de armadura: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "cabe�alho de assinatura em texto puro inv�lido\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "assinaturas em texto puro aninhadas\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "linha com h�fen inv�lida: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "armadura inesperada:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "caracter radix64 inv�lido %02x ignorado\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "fim de ficheiro prematuro (sem CRC)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "fim de ficheiro prematuro (no CRC)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "CRC malformado\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "erro de CRC; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "fim de ficheiro prematuro (no \"Trailer\")\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
-msgstr "erro na linha \"trailer\"\n"
-
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
+msgstr "erro na �ltima linha\n"
 
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "nenhum dado OpenPGP v�lido encontrado.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "armadura inv�lida: linha maior que %d caracteres\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "caracter \"quoted printable\" na armadura - provavelmente um MTA com bugs "
 "foi usado\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "       Impress�o digital:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Impress�o digital:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
-msgstr ""
+msgstr "Nenhum motivo especificado"
 
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
-msgstr "A chave � protegida.\n"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "A chave foi substitu�da"
 
-#: g10/pkclist.c:121
-#, fuzzy
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
-msgstr "Esta chave foi desactivada"
+msgstr "A chave foi comprometida"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
-msgstr ""
+msgstr "A chave j� n�o � utilizada"
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
-msgstr ""
+msgstr "O identificador do utilizador j� n�o � v�lido"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
-msgstr ""
+msgstr "Motivo da revoca��o: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
-msgstr ""
+msgstr "Coment�rio da revoca��o: "
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "iImMqQsS"
 
-#: g10/pkclist.c:308
+#: g10/pkclist.c:258
 #, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
-"Nenhum valor de confian�a designado para %lu:\n"
+"Nenhum valor de confian�a designado para:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Por favor decida quanto confia neste utilizador para\n"
 "verificar correctamente as chaves de outros utilizadores\n"
 "(vendo passaportes, verificando impress�es digitais...)?\n"
 "\n"
-" 1 = N�o sei\n"
-" 2 = Eu N�O confio\n"
-" 3 = Eu confio moderadamente\n"
-" 4 = Eu confio completamente\n"
-" s = Mostrar mais informa��es\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = N�o sei\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = Eu N�O confio\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = Confio moderadamente\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = Confio plenamente\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = Confio de forma total\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " i = mostrar mais informa��es\n"
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
-msgstr " m = volta ao menu principal\n"
+msgstr " m = voltar ao menu principal\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " s = saltar esta chave\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = sair\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Decis�o? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Tem a certeza que quer confiar totalmente nesta chave?"
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Certificados que levam a uma chave confiada plenamente:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"N�o foi poss�vel encontrar uma rota de confian�a v�lida para a chave.\n"
-"Vamos ver se � poss�vel designar alguns valores de confian�a ausentes.\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"Nenhuma rota encontrada que leve a uma de nossas chaves.\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Nenhum certificado com confian�a indefinida encontrado.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Nenhum valor de confian�a modificado.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "chave %08lX: a chave foi revogada!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "Usar esta chave de qualquer modo? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "chave %08lX: a subchave foi revogada!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: a chave expirou\n"
 
-#: g10/pkclist.c:519
+#: g10/pkclist.c:442
 #, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: sem informa��o para calcular probabilidade de confian�a\n"
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"%08lx: N�o h� indica��o de que a assinatura pertence realmente ao dono.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: N�s N�O confiamos nesta chave\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1151,15 +1270,15 @@ msgstr ""
 "%08lX: N�o se tem certeza de que esta chave realmente pertence ao dono,\n"
 "mas � aceite de qualquer modo\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Esta chave provavelmente pertence ao dono\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Esta chave pertence-nos\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1171,172 +1290,195 @@ msgstr ""
 "sim � pr�xima pergunta\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
-msgstr "AVISO: Utilizando chave n�o confi�vel!\n"
+msgstr "AVISO: A utilizar uma chave que n�o � de confian�a!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "AVISO: Esta chave foi revogada pelo seu dono!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "         Isto pode significar que a assinatura � falsificada.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "AVISO: Esta subchave foi revogada pelo seu dono!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Nota: Esta chave foi desactivada.\n"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Nota: Esta chave expirou!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr "AVISO: Esta chave n�o est� certificada com uma assinatura confi�vel!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr "         N�o h� indica��o de que a assinatura pertence ao dono.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "AVISO: N�s N�O confiamos nesta chave!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "         A assinatura � provavelmente uma FALSIFICA��O.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "AVISO: Esta chave n�o est� certificada com assinaturas suficientemente\n"
 "       confi�veis!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr "         N�o se tem certeza de que a assinatura pertence ao dono.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: ignorado: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: ignorado: a chave p�blica j� est� presente\n"
 
-#: g10/pkclist.c:855
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr "N�o especificou um identificador de utilizador. (pode usar \"-r\")\n"
+
+#: g10/pkclist.c:762
 msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
 "\n"
+"Enter the user ID.  End with an empty line: "
 msgstr ""
-"Voc� n�o especificou um identificador de utilizador. (pode-se usar \"-r\")\n"
 "\n"
+"Insira o identificador do utilizador. Termine com uma linha vazia: "
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Digite o identificador de utilizador: "
-
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Identificador de utilizador inexistente.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr "ignorado: chave p�blica j� colocada como destinat�rio por omiss�o\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "A chave p�blica est� desativada.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "ignorado: a chave p�blica j� colocada com --encrypt-to\n"
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "ignorado: a chave p�blica j� est� presente\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
-msgstr "destinat�rio padr�o desconhecido `%s'\n"
+msgstr "destinat�rio por omiss�o desconhecido `%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: erro na verifica��o da chave: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: ignorado: a chave p�blica est� desactivada\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "nenhum endere�o v�lido\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "prefer�ncia %c%lu n�o � v�lida\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "prefer�ncia %c%lu duplicada\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "demasiadas prefer�ncias `%c'\n"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "caracter inv�lido na cadeia de caract�res\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "escrevendo auto-assinatura\n"
 
-# key binding ???
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "escrevendo assinatura ligada a uma chave\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
-#, fuzzy, c-format
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
 msgid "keysize invalid; using %u bits\n"
-msgstr "O tamanho de chave pedido � %u bits\n"
+msgstr "tamanho de chave inv�lido; a utilizar %u bits\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
-#, fuzzy, c-format
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
 msgid "keysize rounded up to %u bits\n"
-msgstr "arredondado para %u bits\n"
+msgstr "tamanho da chave arredondado para %u bits\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Por favor selecione o tipo de chave desejado:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA e ElGamal (por omiss�o)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (apenas assinatura)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
-msgstr "   (%d) ElGamal (apenas encrip��o)\n"
+msgstr "   (%d) ElGamal (apenas cifragem)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (assinatura e encripta��o)\n"
+msgstr "   (%d) ElGamal (assinatura e cifragem)\n"
 
-#: g10/keygen.c:643
-#, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (assinatura e encripta��o)\n"
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (apenas assinatura)\n"
 
-#: g10/keygen.c:647
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (apenas cifragem)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Op��o? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Voc� quer realmente criar uma chave para assinatura e criptografia? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "A utiliza��o destes algoritmos est� desactualizada - criar na mesma?"
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Op��o inv�lida.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1349,21 +1491,20 @@ msgstr ""
 "         tamanho por omiss�o � 1024 bits\n"
 "     tamanho m�ximo sugerido � 2048 bits\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Qual o tamanho de chave desejado? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA permite apenas tamanhos de 512 a 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "tamanho muito pequeno; 768 � o valor m�nimo permitido.\n"
-
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr "tamanho muito pequeno; 1024 � o valor m�nimo permitido para RSA.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
 msgstr "tamanho muito pequeno; 768 � o valor m�nimo permitido.\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
@@ -1374,12 +1515,12 @@ msgstr "tamanho muito pequeno; 768 � o valor m�nimo permitido.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "tamanho muito grande; %d � o valor m�ximo permitido.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1387,11 +1528,11 @@ msgstr ""
 "Tamanhos de chave maiores que 2048 n�o s�o recomendados\n"
 "porque o tempo de computa��o � REALMENTE longo!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Voc� tem certeza de que quer este tamanho de chave? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1399,21 +1540,17 @@ msgstr ""
 "Tudo bem, mas n�o se esque�a que a radia��o do seu monitor e teclado tamb�m "
 "� extremamente vulner�vel a ataques!\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Voc� precisa realmente de uma chave t�o grande? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "O tamanho de chave pedido � %u bits\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "arredondado para %u bits\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1429,25 +1566,46 @@ msgstr ""
 "      <n>m = chave expira em n meses\n"
 "      <n>y = chave expira em n anos\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Por favor especifique por quanto tempo a assinatura deve ser v�lida.\n"
+"         0 = assinatura n�o expira\n"
+"      <n>  = assinatura expira em n dias\n"
+"      <n>w = assinatura expira em n semanas\n"
+"      <n>m = assinatura expira em n meses\n"
+"      <n>y = assinatura expira em n anos\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "A chave � valida por? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "A assinatura � valida por? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "valor inv�lido\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "A chave n�o expira nunca\n"
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "A %s n�o expira nunca\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
+#: g10/keygen.c:992
 #, c-format
-msgid "Key expires at %s\n"
-msgstr "A chave expira em %s\n"
+msgid "%s expires at %s\n"
+msgstr "%s expira em %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1455,11 +1613,11 @@ msgstr ""
 "O seu sistema n�o consegue mostrar datas para al�m de 2038.\n"
 "No entanto, estas v�o ser tratadas correctamente at� 2106.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "Est� correto (s/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1476,44 +1634,44 @@ msgstr ""
 "    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Nome completo: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Caracter inv�lido no nome\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "O nome n�o pode come�ar com um d�gito\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "O nome deve ter pelo menos 5 caracteres\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Endere�o de correio eletr�nico: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Endere�o eletr�nico inv�lido\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Coment�rio: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Caracter inv�lido no coment�rio\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Voc� est� usando o conjunto de caracteres `%s'.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1524,28 +1682,29 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr ""
+"Por favor n�o coloque o endere�o de email no nome verdadeiro ou no "
+"coment�rio\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnCcEeOoSs"
 
-#: g10/keygen.c:986
-#, fuzzy
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
-msgstr "Mudar (N)ome, (C)oment�rio, (E)ndere�o ou (O)k/(S)air? "
+msgstr "Mudar (N)ome, (C)oment�rio, (E)mail ou (S)air? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "Mudar (N)ome, (C)oment�rio, (E)ndere�o ou (O)k/(S)air? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
-msgstr ""
+msgstr "Por favor corrija primeiro o erro\n"
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1553,11 +1712,16 @@ msgstr ""
 "Voc� precisa de uma frase secreta para proteger a sua chave.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr "a frase secreta n�o foi repetida corretamente; tente outra vez.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr "a frase secreta n�o foi repetida corretamente; tente outra vez"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1569,7 +1733,7 @@ msgstr ""
 "qualquer hora, usando este programa com a op��o \"--edit-key\".\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1581,42 +1745,66 @@ msgstr ""
 "gera��o dos n�meros primos; isso d� ao gerador de n�meros aleat�rios\n"
 "uma hip�tese maior de ganhar entropia suficiente.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "O par de chaves DSA ter� 1024 bits.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Gera��o de chave cancelada.\n"
 
-#: g10/keygen.c:1668
-#, fuzzy, c-format
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
 msgid "writing public key to `%s'\n"
-msgstr "escrevendo certificado p�blico para `%s'\n"
+msgstr "a escrever chave p�blica para `%s'\n"
 
-#: g10/keygen.c:1669
-#, fuzzy, c-format
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
 msgid "writing secret key to `%s'\n"
-msgstr "escrevendo certificado privado para `%s'\n"
+msgstr "a escrever chave privada para `%s'\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "nenhum porta-chaves p�blico com permiss�es de escrita encontrado: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "nenhum porta-chaves secreto com permiss�es de escrita encontrado: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "erro ao escrever no porta-chaves p�blico `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "erro ao escrever no porta-chaves secreto `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "chaves p�blica e privada criadas e assinadas.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "chave marcada como de confian�a absoluta\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
 msgstr ""
-"Note que esta chave n�o pode ser usada para encripta��o. Voc� pode usar\n"
+"Note que esta chave n�o pode ser usada para cifragem. Voc� pode usar\n"
 "o comando \"--edit-key\" para gerar uma chave secund�ria para esse fim.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "A gera��o de chaves falhou: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1624,7 +1812,7 @@ msgstr ""
 "a chave foi criada %lu segundo no futuro\n"
 "(viagem no tempo ou problema no rel�gio)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1632,306 +1820,362 @@ msgstr ""
 "a chave foi criada %lu segundos no futuro\n"
 "(viagem no tempo ou problema no rel�gio)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "NOTA: a cria��o de sub-chave para chaves v3 n�o respeito o OpenPGP\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Realmente criar? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output n�o funciona para este comando\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "%s' j� comprimido\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: imposs�vel abrir: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "erro na cria��o da frase secreta: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: AVISO: ficheiro vazio\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr "no modo --pgp2 s� pode cifrar com chaves RSA de 2048 bits ou menos\n"
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "lendo de `%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+"imposs�vel utilizar a cifra IDEA para todas as chaves para que est� a "
+"cifrar.\n"
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
-msgstr "%s/%s encriptado para: %s\n"
+msgstr "%s/%s cifrado para: %s\n"
+
+#: g10/delkey.c:69 g10/export.c:141
+#, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "chave `%s' n�o encontrada: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
+#: g10/delkey.c:77 g10/export.c:161
 #, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: utilizador n�o encontrado: %s\n"
+msgid "error reading keyblock: %s\n"
+msgstr "erro na leitura do bloco de chave: %s\n"
 
-#: g10/export.c:164
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "chave %08lX: n�o � uma chave rfc2440 - ignorada\n"
 
-#: g10/export.c:175
-#, fuzzy, c-format
+#: g10/export.c:180
+#, c-format
 msgid "key %08lX: not protected - skipped\n"
-msgstr "chave %08lX: n�o � uma chave rfc2440 - ignorada\n"
+msgstr "chave %08lX: n�o est� protegida - ignorada\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "chave %08lX: tipo PGP 2.x - ignorada\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "AVISO: nada exportado\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "entradas demais no cache pk - desactivado\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "entradas demais no cache unk - desactivado\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[Utilizador n�o encontrado]"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1360
+#, fuzzy, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr "Chave inv�lida %08lX tornada v�lida por --always-trust\n"
+
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "usando chave secund�ria %08lX ao inv�s de chave prim�ria %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr "chave %08lX: chave secreta sem chave p�blica - ignorada\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: utilizador n�o encontrado\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "ignorando bloco do tipo %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu chaves processadas at� agora\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "erro na leitura de `%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "N�mero total processado: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "           novas subchaves: %lu\n"
+msgstr "      ignorei novas chaves: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "          sem IDs de utilizadores: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "              importados: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "             n�o modificados: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "          novos IDs de utilizadores: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "           novas subchaves: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "        novas assinaturas: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "   novas revoga��es de chaves: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "      chaves secretas lidas: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "  chaves secretas importadas: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr " chaves secretas n�o modificadas: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "chave %08lX: sem ID de utilizador\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "chave %08lX: aceite ID de utilizador sem auto-assinatura '"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "chave %08lX: sem IDs de utilizadores v�lidos\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "isto pode ser causado por falta de auto-assinatura\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "chave %08lX: chave p�blica n�o encontrada: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "chave %08lX: n�o � uma chave rfc2440 - ignorada\n"
+msgstr "chave %08lX: chave nova - ignorada\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "n�o foi encontrada nenhum porta-chaves onde escrever: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "a escrever para `%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "erro na escrita do porta-chaves `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "chave %08lX: chave p�blica importada\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "chave %08lX: n�o corresponde � nossa c�pia\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "chave %08lX: imposs�vel localizar bloco de chaves original: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "chave %08lX: imposs�vel ler bloco de chaves original: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "chave %8lX: 1 novo ID de utilizador\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "chave %08lX: %d novos IDs de utilizadores\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "chave %08lX: 1 nova assinatura\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "chave %08lX: %d novas assinaturas\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "chave %08lX: 1 nova subchave\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "chave %08lX: %d novas subchaves\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "chave %08lX: n�o modificada\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "sem porta-chaves p�blico por omiss�o: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "chave %08lX: chave secreta importada\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "chave %08lX: j� est� no porta-chaves secreto\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "chave %08lX: chave secreta n�o encontrada: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "chave %08lX: sem chave p�blica - imposs�vel aplicar certificado\n"
 "de revoga��o\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "chave %08lX: certificado de revoga��o inv�lido: %s - rejeitado\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "chave %08lX: certificado de revoga��o importado\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "chave %08lX: nenhum ID de utilizador para assinatura\n"
 
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
 msgstr "chave %08lX: algoritmo de chave p�blica n�o suportado\n"
 
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
 msgstr "chave %08lX: auto-assinatura inv�lida\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "chave %08lX: sem subchave para liga��o de chaves\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "chave %08lX: liga��o de subchave inv�lida\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "chave %08lX: algoritmo de chave p�blica n�o suportado\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "chave %08lX: aceite ID de utilizador sem auto-assinatura '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "chave %08lX: liga��o de subchave inv�lida\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "chave %08lX: ignorado ID de utilizador '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "chave %08lX: subchave ignorada\n"
@@ -1940,93 +2184,189 @@ msgstr "chave %08lX: subchave ignorada\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr "chave %08lX: assinatura n�o export�vel (classe %02x) - ignorada\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr "chave %08lX: certificado de revoga��o no local errado - ignorado\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "chave %08lX: certificado de revoga��o inv�lido: %s - ignorado\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "chave %08lX: detectado ID de utilizador duplicado - fundido\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "chave %08lX: certificado de revoga��o adicionado\n"
 
-#: g10/import.c:1130 g10/import.c:1183
+#: g10/import.c:1231
 #, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "chave %08lX: a nossa c�pia n�o tem auto-assinatura\n"
+msgid "key %08lX: direct key signature added\n"
+msgstr "chave %08lX: assinatura directa de chave adicionada\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[revoga��o]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[auto-assinatura]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 assinatura incorrecta\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d assinaturas incorrectas\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 assinatura n�o verificada por falta de chave\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d assinaturas n�o verificadas por falta de chaves\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 assinatura n�o verificada devido a um erro\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d assinaturas n�o verificadas devido a erros\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "1 ID de utilizador sem auto-assinatura v�lida detectado\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr "%d IDs de utilizadores sem auto-assinaturas v�lidas detectados\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "Identificador do utilizador \"%s\" est� revocado.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Voc� tem certeza de que quer adicion�-la de qualquer forma? (y/N) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
 #, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "J� assinado pela chave %08lX\n"
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"A sua assinatura actual em \"%s\"\n"
+"� uma assinatura local.\n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr "Quer promov�-la a uma assinatura export�vel? "
+
+#: g10/keyedit.c:388
+#, fuzzy, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" j� foi %sassinado pela chave %08lX\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:393
+#, fuzzy, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" j� foi %sassinado pela chave %08lX\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Nada para assinar com a chave %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "Esta chave expirou!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Esta chave vai expirar em %s.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "Quer que a sua assinatura expire na mesma altura? (S/n) "
+
+#: g10/keyedit.c:477
+#, fuzzy
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr "s� pode assinar com chaves do tipo PGP 2.x no modo --pgp2\n"
+
+#: g10/keyedit.c:479
+#, fuzzy
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "esta mensagem poder� n�o ser utiliz�vel pelo PGP 2.x\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Com que cuidado � que verificou que chave que est� prestes a assinar "
+"pertence\n"
+"� pessoa correcta? Se n�o sabe o que responder, escolha \"0\".\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) N�o vou responder.%s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) N�o verifiquei.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) Verifiquei por alto.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) Verifiquei com bastante cuidado.%s\n"
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2034,42 +2374,73 @@ msgstr ""
 "Voc� tem certeza de que quer assinar esta chave com\n"
 "a sua chave: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
 msgid ""
-"The signature will be marked as non-exportable.\n"
 "\n"
+"The signature will be marked as non-exportable.\n"
 msgstr ""
+"\n"
 "A assinatura ser� marcada como n�o-export�vel.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"A assinatura ser� marcada como n�o-revoc�vel.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"N�o verifiquei esta chave.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"Verifiquei por alto esta chave.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
 "\n"
+"Verifiquei esta chave com muito cuidado.\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Realmente assinar? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "assinatura falhou: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Esta chave n�o � protegida.\n"
 
-#: g10/keyedit.c:426
-#, fuzzy
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
-msgstr "chave secreta n�o dispon�vel"
+msgstr "Componentes secretas da chave prim�ria n�o dispon�veis.\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "A chave � protegida.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Imposs�vel editar esta chave: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2077,7 +2448,7 @@ msgstr ""
 "Digite a nova frase para esta chave secreta.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2085,422 +2456,556 @@ msgstr ""
 "Voc� n�o quer uma frase secreta - provavelmente isto � uma *m�* id�ia!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Voc� quer realmente fazer isso? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "a mover a assinatura da chave para o local correcto\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "sair deste menu"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "save"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "gravar e sair"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "help"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "mostra esta ajuda"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "mostra impress�o digital"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "list"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "lista chave e identificadores de utilizadores"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "seleciona ID de utilizador N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "key"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "seleciona chave secund�ria N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "check"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "lista assinaturas"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "sign"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "assina a chave"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsign"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "assina a chave localmente"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "nrsign"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "assina a chave de forma n�o-revog�vel"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "nrlsign"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "assinar a chave localmente e de forma n�o revog�vel"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "debug"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "adduid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "adiciona um novo ID de utilizador"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "addphoto"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "adiciona um identificador fotogr�fico"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "deluid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "remove ID de utilizador"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "delphoto"
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "addkey"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "adiciona nova chave secund�ria"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "delkey"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "remove uma chave secund�ria"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "delsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "remove assinaturas"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "muda a data de validade"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "primary"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "seleccionar o identificador do utilizador como prim�rio"
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "toggle"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "alterna entre listagem de chave secreta e p�blica"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr "lista prefer�ncias"
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "lista prefer�ncias (perito)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "lista prefer�ncias (detalhadamente)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "setpref"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "configurar lista de prefer�ncias"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "updpref"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "prefer�ncias actualizadas"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "passwd"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "muda a frase secreta"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "trust"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "muda os valores de confian�a"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "revoga assinaturas"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "revkey"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "revoga uma chave secund�ria"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "disable"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "desactiva uma chave"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "enable"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "activa uma chave"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "showphoto"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "mostrar identificador fotogr�fico"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "imposs�vel fazer isso em modo n�o-interativo\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "erro na leitura do bloco de chave secreto `%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Chave secreta dispon�vel.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Comando> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "A chave secreta � necess�ria para fazer isto.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
-msgstr ""
+msgstr "Por favor utilize o comando \"toggle\" primeiro.\n"
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "A chave est� revogada.\n"
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Realmente assinar todos os IDs de utilizador? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Sugest�o: Selecione os IDs de utilizador para assinar\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "actualiza��o da base de dados de confian�a falhou: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "Este comando n�o � permitido no modo %s.\n"
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Voc� precisa selecionar pelo menos um ID de utilizador.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Voc� n�o pode remover o �ltimo ID de utilizador!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "Realmente remover todos os IDs de utilizador seleccionados? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Realmente remover este ID de utilizador? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Voc� deve selecionar pelo menos uma chave.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "Voc� quer realmente remover as chaves selecionadas? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "Voc� quer realmente remover esta chave? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "Voc� quer realmente revogar as chaves selecionadas? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "Voc� quer realmente revogar esta chave? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr ""
+"Realmente actualizar as prefer�ncias para os utilizadores seleccionados?"
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Realmente actualizar as prefer�ncias?"
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Gravar altera��es? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Sair sem gravar? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "actualiza��o falhou: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "actualiza��o da chave secreta falhou: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "Chave n�o alterada, nenhuma actualiza��o � necess�ria.\n"
 
-# help ou ajuda ???
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Comando inv�lido (tente \"help\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "Esta chave pode ser revogada pela chave %s %s%s\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (sens�vel)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  criada: %s expira: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " confian�a: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Esta chave foi desactivada"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "chave %08lX: a subchave foi revogada!\n"
+msgstr "rev! subchave foi revogada: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr "   novas revoga��es de chaves: %lu\n"
+msgstr "rev- revoga��o falsa encontrada\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? problema ao verificar revoga��o: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
 msgstr ""
+"AVISO: Esta chave j� tem um identificador fotogr�fico.\n"
+"       Se adicionar outro pode confundir algumas vers�o do PGP.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Voc� tem certeza de que quer adicion�-la de qualquer forma? (y/n) "
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "S� pode ter um identificador fotogr�fico por chave.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"AVISO: Esta chave � do tipo PGP2. Se adicionar um identificador fotogr�fico\n"
+"       algumas vers�o do PGP podem rejeit�-la.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr ""
+"N�o pode adicionar um identificador fotogr�fico a uma chave tipo PGP2.\n"
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "Apagar esta assinatura v�lida? (s/N/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "Apagar esta assinatura inv�lida? (s/N/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "Apagar esta assinatura desconhecida? (s/N/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "Realmente remover esta auto-assinatura? (s/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "%d assinatura removida.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "%d assinaturas removidas.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Nada removido.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Por favor remova as selec��es das chaves secretas.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Por favor seleccione no m�ximo uma chave secund�ria.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "A modificar a data de validade para uma chave secund�ria.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "Modificar a data de validade para uma chave prim�ria.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Voc� n�o pode modificar a data de validade de uma chave v3\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Nenhuma assinatura correspondente no porta-chaves secreto\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Seleccione exactamente um identificador de utilizador.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Nenhum ID de utilizador com �ndice %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Nenhuma chave secund�ria com �ndice %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "ID de utilizador: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2509,245 +3014,375 @@ msgstr ""
 "\"\n"
 "assinado com sua chave %08lX em %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, fuzzy, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"assinado com sua chave %08lX em %s\n"
+
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Esta chave vai expirar em %s.\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Voc� tem certeza de que quer adicion�-la de qualquer forma? (y/n) "
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
 msgstr "Gerar um certificado de revoga��o para esta assinatura? (s/N)"
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Assinou estes identificadores de utilizadores:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
-#, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "   assinado por %08lX em %s\n"
+#: g10/keyedit.c:2504
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   assinado por %08lX em %s%s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   revogado por %08lX em %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Est� prestes a revogar estas assinaturas:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   assinado por %08lX em %s%s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
+
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
 msgstr "Realmente gerar os certificados de revoga��o? (s/N)"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "nenhuma chave secreta\n"
 
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "armadura inv�lida"
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
 
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "revkey"
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "Politica de assinatura: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "AVISO: dados de nota��o inv�lidos encontrados\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "Nota��o da assinatura: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "n�o � leg�vel por humanos"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "Porta-chaves"
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
-#, fuzzy, c-format
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
 msgid " [expires: %s]"
-msgstr "A chave expira em %s\n"
+msgstr "[expira: %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Impress�o digital:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "       Impress�o digital:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "  Impress�o da chave ="
 
-#: g10/mainproc.c:212
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "dados cifrados com %s\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "cifrado com algoritmo desconhecido %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "a chave p�blica � %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
-msgstr "dados encriptados com chave p�blica: DEK v�lido\n"
+msgstr "dados cifrados com chave p�blica: DEK v�lido\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
-msgstr "encriptado com chave %u-bit %s, ID %08lX, criada em %s\n"
+msgstr "cifrado com chave %u-bit %s, ID %08lX, criada em %s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
-msgstr "encriptado com chave %s, ID %08lX\n"
-
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "nenhuma chave secreta para desencripta��o dispon�vel\n"
+msgstr "cifrado com chave %s, ID %08lX\n"
 
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
-msgstr "desencripta��o de chave p�blica falhou: %s\n"
+msgstr "decifragem de chave p�blica falhou: %s\n"
+
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "a assumir dados cifrados %s\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr "Cifra IDEO n�o dispon�vel, a tentar utilizar %s em substitui��o\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
-msgstr "desencripta��o correcta\n"
+msgstr "decifragem correcta\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
-msgstr "CUIDADO: a mensagem encriptada foi manipulada!\n"
+msgstr "CUIDADO: a mensagem cifrada foi manipulada!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
-msgstr "desencripta��o falhou: %s\n"
+msgstr "decifragem falhou: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr "NOTA: o remetente solicitou \"apenas-para-seus-olhos\"\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "nome do ficheiro original='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr "revoca��o solit�ria - utilize \"gpg --import\" para aplicar\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "AVISO: dados de nota��o inv�lidos encontrados\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Nota��o: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Pol�tica: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "verifica��o de assinatura suprimida\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "n�o consigo tratar estas assinaturas m�ltiplas\n"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Assinatura feita em %.*s usando %s, ID da chave %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "Assinatura INCORRECTA de \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Assinatura expirada de \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
-msgstr "Assinatura correta de \""
+msgstr "Assinatura correcta de \""
+
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[incerto]"
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "                   ou \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Imposs�vel verificar assinatura: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "n�o � uma assinatura separada\n"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "assinatura de classe 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "formato de assinatura antigo (PGP2.x)\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "pacote raiz inv�lido detectado em proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "imposs�vel desactivar core dumps: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Algoritmos experimentais n�o devem ser usados!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
 msgstr ""
-"este algoritmo de criptografia n�o � recomendado;\n"
-"por favor use um algoritmo mais standard!\n"
+"este algoritmo de criptografia est� desctualizado; por favor use um "
+"algoritmo mais standard!x\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:378
+#, fuzzy, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Aviso: dono pouco seguro em %s \"%s\"\n"
+
+#: g10/misc.c:410
+#, fuzzy, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Aviso: permiss�es pouco seguras em %s \"%s\"\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "o 'plugin' com a cifra IDEA n�o est� presente\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr "veja http://www.gnupg.org/why-not-idea.html para mais informa��es\n"
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "imposs�vel manipular algoritmo de chave p�blica %d\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpacote do tipo %d tem bit cr�tico ligado\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
-msgstr ""
+msgstr "o gpg-agent n�o est� dispon�vel nesta sess�o\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "n�o consegui colocar o pid do cliente no agente\n"
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "n�o consigo obter FD de leitura no servidor para o agente\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "n�o consigo obter FD de escrita no servidor para o agente\n"
+
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
-msgstr ""
+msgstr "vari�vel de ambiente GPG_AGENT_INFO inv�lida\n"
 
-#: g10/hkp.c:158 g10/passphrase.c:223
-#, fuzzy, c-format
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "a vers�o %d do protocolo gpg-agent n�o � suportada\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
 msgid "can't connect to `%s': %s\n"
-msgstr "imposs�vel abrir `%s': %s\n"
+msgstr "imposs�vel ligar a `%s': %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "problemas na comunica��o com o gpg-agent\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "problema com o agente - a desactivar a utiliza��o deste\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (ID principal da chave %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
+"Precisa de uma frase secreta para desbloquear a chave secreta do "
+"utilizador:\n"
 "\n"
-"Voc� precisa de uma frase secreta para desbloquear a chave secreta do\n"
-"utilizador: \""
+"\"%.*s\"\n"
+"chave %u bits %s, ID %08lx, criada %s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Digite a frase secreta: "
+msgstr "Insira a frase secreta\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "Repita a frase secreta: "
+msgstr "Repita a frase secreta\n"
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr ""
+msgstr "frase secreta demasiado longa\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "resposta do agente inv�lida\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "cancelado pelo utilizador\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "problema com o agente: o agente returnou 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2757,20 +3392,20 @@ msgstr ""
 "Voc� precisa de uma frase secreta para desbloquear a chave secreta do\n"
 "utilizador: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "chave de %u-bit/%s, ID %08lX, criada em %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "imposs�vel pedir senha em modo n�o-interactivo\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Digite a frase secreta: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Repita a frase secreta: "
 
@@ -2778,147 +3413,192 @@ msgstr "Repita a frase secreta: "
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr "dados n�o gravados; use a op��o \"--output\" para grav�-los\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "erro ao criar `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
-msgstr "Assinatura desacoplada.\n"
+msgstr "Assinatura separada.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Por favor digite o nome do ficheiro de dados: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "lendo do \"stdin\" ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "n�o h� dados assinados\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "imposs�vel abrir dados assinados `%s'\n"
 
-#: g10/pubkey-enc.c:135
+#: g10/pubkey-enc.c:100
 #, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "destinat�rio an�nimo; a tentar chave secreta %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "certo, n�s somos o destinat�rio an�nimo.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "codifica��o antiga do DEK n�o suportada\n"
 
-#: g10/pubkey-enc.c:216
-#, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "algoritmo de protec��o %d n�o � suportado\n"
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "algoritmo de cifra %d%s � desconhecido ou foi desactivado\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr "NOTA: algoritmo de cifragem %d n�o encontrado nas prefer�ncias\n"
 
-#: g10/pubkey-enc.c:261
-#, fuzzy, c-format
+#: g10/pubkey-enc.c:242
+#, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "NOTA: chave de assinatura expirou %s\n"
+msgstr "NOTA: chave secreta %08lX expirou em %s\n"
 
-#: g10/hkp.c:62
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "a pedir chave %08lX do servidor de chaves HKP %s\n"
 
-#: g10/hkp.c:75
-#, fuzzy, c-format
+#: g10/hkp.c:94
+#, c-format
 msgid "can't get key from keyserver: %s\n"
-msgstr "importar chaves de um servidor"
-
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
+msgstr "n�o consigo obter chave do servidor: %s\n"
 
-#: g10/hkp.c:106
-#, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s n�o � um conjunto de caracteres v�lido\n"
-
-#: g10/hkp.c:182
-#, fuzzy, c-format
+#: g10/hkp.c:171
+#, c-format
 msgid "error sending to `%s': %s\n"
-msgstr "erro na leitura de `%s': %s\n"
+msgstr "erro ao enviar para `%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
-msgstr ""
+msgstr "sucesso ao enviar para `%s' (estado=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
-msgstr ""
+msgstr "erro ao enviar para `%s': estado=%u\n"
 
-#: g10/seckey-cert.c:89
-#, fuzzy
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "a procurar por \"%s\" no servidor HKP %s\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "n�o consigo procurar no servidor de chaves: %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
-msgstr "chave secreta n�o dispon�vel"
+msgstr "partes da chave secreta n�o dispon�veis\n"
 
-#: g10/seckey-cert.c:95
+#: g10/seckey-cert.c:59
 #, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "algoritmo de protec��o %d n�o � suportado\n"
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "algoritmo de protec��o %d%s n�o � suportado\n"
+
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Frase secreta inv�lida; por favor tente novamente"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr "Frase secreta inv�lida; por favor tente novamente ...\n"
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr ""
 "AVISO: Chave fraca detectada - por favor mude a frase secreta novamente.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "esta � uma chave ElGamal gerada pelo PGP que N�O � segura para assinaturas!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "a chave p�blica � %lu segundo mais nova que a assinatura\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "a chave p�blica � %lu segundos mais nova que a assinatura\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "NOTA: chave de assinatura expirou %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "NOTA: chave de assinatura %08lx expirou %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr "assumindo assinatura incorrecta devido a um bit cr�tico desconhecido\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"AVISO: imposs�vel expandir-%% a url de pol�tica (demasiado grande).\n"
+"A utilizar n�o expandida.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "verifica��o da assinatura criada falhou: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "assinatura %s de: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "AVISO: `%s' � um ficheiro vazio\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "s� pode assinar com chaves do tipo PGP 2.x no modo --pgp2\n"
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "imposs�vel criar %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "a assinar:"
 
-#: g10/sign.c:583
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "s� pode assinar � vista com chaves do tipo PGP 2.x no modo --pgp2\n"
+
+#: g10/sign.c:953
 #, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "AVISO: `%s' � um ficheiro vazio\n"
+msgid "%s encryption will be used\n"
+msgstr "ser� utilizada a cifragem %s\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2930,424 +3610,210 @@ msgstr "imposs�vel manipular linhas de texto maiores que %d caracteres\n"
 msgid "input line longer than %d characters\n"
 msgstr "linha de entrada maior que %d caracteres\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "base de dados de confian�a rec %lu: lseek falhou: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr "base de dados de confian�a rec %lu: escrita falhou (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "transa��o de base de dados de confian�a muito grande\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: imposs�vel aceder: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: diretoria inexistente!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: imposs�vel criar: %s\n"
+msgid "%s: can't create lock\n"
+msgstr "%s: imposs�vel criar tranca\n"
 
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:480 g10/tdbio.c:544
 #, c-format
-msgid "%s: can't create lock\n"
+msgid "%s: can't make lock\n"
 msgstr "%s: imposs�vel criar tranca\n"
 
-#: g10/tdbio.c:473
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: imposs�vel criar: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: falha ao criar registo de vers�o: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: base de dados de confian�a inv�lida criada\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: base de dados de confian�a criada\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: base de dados de confian�a inv�lida\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
-msgstr "%s: falha ao criar tabela de \"hash\": %s\n"
+msgstr "%s: falha ao criar tabela de dispers�o: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: erro a actualizar registo de vers�o: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: erro ao ler registo de vers�o: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: erro ao escrever registo de vers�o: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "base de dados de confian�a: lseek falhou: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "base de dados de confian�a: leitura falhou (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: n�o � um base de dados de confian�a\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: registo de vers�o com recnum %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: vers�o de ficheiro inv�lida %d\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: erro ao ler registo livre: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: erro ao escrever registo de diret�rio: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: falha ao zerar um registo: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: falha ao anexar um registo: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr ""
 "A base de dados de confian�a est� danificada; por favor execute\n"
 "\"gpg --fix-trustdb\".\n"
 
-#: g10/trustdb.c:169
+#: g10/trustdb.c:200
 #, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "registo de confian�a %lu, tipo req %d: falha na leitura: %s\n"
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' n�o � um identificador longo de chave v�lido\n"
 
-#: g10/trustdb.c:184
+#: g10/trustdb.c:235
 #, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "registo de confian�a %lu, tipo %d: escrita falhou: %s\n"
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "chave %08lX: aceite como chave de confian�a\n"
 
-#: g10/trustdb.c:198
+#: g10/trustdb.c:274
 #, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "registo de confian�a %lu: remo��o falhou: %s\n"
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "chave %08lX ocrreu mais do que uma vez na base de dados de confian�a\n"
 
-#: g10/trustdb.c:212
+#: g10/trustdb.c:290
 #, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "base de dados de confian�a: sincroniza��o falhou: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "erro lendo registo de direct�rio para LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: registo de direct�rio esperado, tipo %d recebido\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "nenhuma chave prim�ria para LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "erro ao ler chave prim�ria para LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record falhou: %s\n"
-
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "%s n�o � um conjunto de caracteres v�lido\n"
-
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "chave %08lX: imposs�vel coloc�-la na base de dados de confian�a\n"
-
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "chave %08lX: pedido de registo falhou\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "chave %08lX: j� est� na tabela de chaves confi�veis\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "chave %08lX: aceite como chave confi�vel.\n"
-
-#: g10/trustdb.c:547
-#, fuzzy, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "chave %08lX: n�o � uma chave rfc2440 - ignorada\n"
-
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "NOTA: a chave secreta %08lX N�O est� protegida.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "chave %08lX: chaves secreta e p�blica n�o s�o correspondentes\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "enumera��o de chaves secretas falhou: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "chave %08lX.%lu: Liga��o de subchave v�lida\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "chave %08lX.%lu: Liga��o de subchave inv�lida: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "chave %08lX.%lu: Revoga��o de chave v�lida\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "chave %08lX.%lu: Revoga��o de chave inv�lida: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "chave %08lX.%lu: Revoga��o de subchave v�lida\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Auto-assinatura v�lida"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Auto-assinatura inv�lida"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
 msgstr ""
-"Revoga��o v�lida de ID de utilizador ignorada devido a nova auto-assinatura"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Revoga��o de ID de utilizador v�lida"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Revoga��o de ID de utilizador inv�lida"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Certificado de revoga��o v�lido"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Certificado correcto"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Certificado de revoga��o inv�lido"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Certificado inv�lido"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "registo de assinatura %lu[%d] aponta para registo errado.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "certificado duplicado - removido"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir falhou: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: inser��o falhou: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: inser��o falhou: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: inserido\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "erro ao ler registo de direct�rio: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu chaves processadas\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu chaves com erros\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu chaves inseridas\n"
-
-#: g10/trustdb.c:1826
-#, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "enumera��o de blocos de chaves falhou: %s\n"
+"chave %08lX: nenhuma chave p�blica para chave de confian�a - ignorada\n"
+"\n"
 
-#: g10/trustdb.c:1874
+#: g10/trustdb.c:332
 #, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: registo de direct�rio sem chave - ignorado\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "registo de confian�a %lu, tipo req %d: falha na leitura: %s\n"
 
-#: g10/trustdb.c:1884
+#: g10/trustdb.c:338
 #, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu devido a novas chaves p�blicas\n"
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "registo de confian�a %lu n�o � do tipo pedido %d\n"
 
-#: g10/trustdb.c:1886
+#: g10/trustdb.c:353
 #, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu chaves ignoradas\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "registo de confian�a %lu, tipo %d: escrita falhou: %s\n"
 
-#: g10/trustdb.c:1890
+#: g10/trustdb.c:368
 #, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu chaves actualizadas\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Ooops, nenhuma chave\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "base de dados de confian�a: sincroniza��o falhou: %s\n"
 
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Ooops, nenhum ID de utilizador\n"
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "n�o � necess�ria uma verifica��o da base de dados de confian�a\n"
 
-#: g10/trustdb.c:2397
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: busca de registo de direct�rio falhou: %s\n"
+msgid "next trustdb check due at %s\n"
+msgstr "proxima verifica��o da base de dados de confian�a a %s\n"
 
-#: g10/trustdb.c:2406
-#, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "chave %08lX: inser��o de registo de confian�a falhou: %s\n"
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "a verificar a base de dados de confian�a\n"
 
-#: g10/trustdb.c:2410
+#: g10/trustdb.c:933
 #, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "chave %08lX.%lu: inserida na base de dados de confian�a\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "chave p�blica %08lX n�o encontrada: %s\n"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:1515
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
 msgstr ""
-"chave %08lX.%lu: criada no futuro (viagem no tempo ou problema no relogio)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "chave %08lX.%lu: expirou em %s\n"
-
-#: g10/trustdb.c:2441
-#, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "chave %08lX.%lu: verifica��o de confian�a falhou: %s\n"
+"chave p�blica da chave absolutamente de confian�a %08lX n�o encontrada\n"
 
-#: g10/trustdb.c:2592
+#: g10/trustdb.c:1593
 #, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "utilizador `%s' n�o encontrado: %s\n"
-
-#: g10/trustdb.c:2594
-#, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "problemas na procura de `%s' na base de dados de confian�a: %s\n"
-
-#: g10/trustdb.c:2597
-#, c-format
-msgid "user '%s' not in trustdb - inserting\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 msgstr ""
-"utilizador `%s' n�o encontrado na base de dados de confian�a - a inserir\n"
-
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "falha ao colocar `%s' na base de dados de confian�a: %s\n"
+"a verificar � profundidade %d assinado=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "AVISO: ainda � imposs�vel manipular registos de prefer�ncias longos\n"
-
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3357,45 +3823,31 @@ msgstr ""
 "N�o se esque�a que o ficheiro com a assinatura (.sig ou .asc)\n"
 "deve ser o primeiro a ser dado na linha de comando.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr "linha de entrada %u demasiado longa ou falta o LF\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: imposs�vel criar porta-chaves: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: porta-chaves criado\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "AVISO: existem 2 ficheiros com informa��es confidenciais.\n"
-
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s � o n�o modificado\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"a chave n�o est� marcada insegura - imposs�vel us�-la com o RNG falso!\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the new one\n"
-msgstr "%s � o novo\n"
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Por favor conserte esta poss�vel falha de seguran�a\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "ignorado `%s': duplicada\n"
 
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "ignorado `%s': %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "ignorado: a chave secreta j� est� presente\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3414,91 +3866,98 @@ msgstr "Arquivo `%s' j� existe. "
 msgid "Overwrite (y/N)? "
 msgstr "Escrever por cima (s/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: sufixo desconhecido\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Digite novo nome de ficheiro"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "a escrever em \"stdout\"\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "a assumir dados assinados em `%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: novo ficheiro de op��es criado\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: imposs�vel criar directoria: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: directoria criada\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr "vai ter de reiniciar o GnuPG, para poder ler as novas op��es\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "encriptado com algoritmo desconhecido %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "dados encriptados com %s\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
-"AVISO: A mensagem foi encriptada com uma chave fraca na criptografia\n"
-"sim�trica.\n"
+"AVISO: A mensagem foi cifrada com uma chave fraca na cifragem sim�trica.\n"
+
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "problema ao tratar pacote cifrado\n"
 
-#: g10/seskey.c:61
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "chave fraca criada - tentando novamente\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "imposs�vel evitar chave fraca para criptografia sim�trica;\n"
 "tentei %d vezes!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "h� uma chave secreta para esta chave p�blica!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "utilize a op��o \"--delete-secret-key\" para a apagar primeiro.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr ""
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "imposs�vel fazer isso em modo n�o-interactivo sem utilizar \"--yes\"\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Remover esta chave do porta-chaves?"
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "Esta chave � secreta! - apagar de qualquer modo? "
 
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "remo��o do bloco de chave falhou: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "h� uma chave secreta para a chave p�blica \"%s\"!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "utilize a op��o \"--delete-secret-keys\" para a apagar primeiro.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3510,22 +3969,36 @@ msgstr ""
 "nada a ver com a rede de certificados (implicitamente criada)."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Para construir a Teia-de-Confian�a ('Web-of-Trust'), o GnuPG precisa de\n"
+"saber quais s�o as chaves em que deposita confian�a absoluta - normalmente\n"
+"estas s�o as chaves a que tem acesso � chave privada.  Responda \"sim\" "
+"para\n"
+"que esta chave seja de confian�a absoluta.\n"
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr "Se voc� quiser usar esta chave revogada assim mesmo, responda \"sim\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr ""
-"Se voc� quiser usar esta chave n�o confi�vel assim mesmo, responda \"sim\"."
+"Se voc� quiser usar esta chave, n�o de confian�a, assim mesmo, responda \"sim"
+"\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr ""
 "Digite o ID de utilizador do destinat�rio para quem quer enviar a\n"
 "mensagem."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3551,19 +4024,19 @@ msgstr ""
 "para assinaturas. Este � o algoritmo recomendado porque a verifica��o de\n"
 "assinaturas DSA � muito mais r�pida que a verifica��o de ElGamal.\n"
 "\n"
-"ElGamal � um algoritmo que pode ser usado para assinatura e encripta��o.\n"
-"O OpenPGP distingue dois tipos deste algoritmo: um apenas para encripta��o\n"
-"e outro para assinatura+encripta��o; na verdade s�o iguais, mas alguns\n"
+"ElGamal � um algoritmo que pode ser usado para assinatura e cifragem.\n"
+"O OpenPGP distingue dois tipos deste algoritmo: um apenas para cifragem\n"
+"e outro para assinatura+cifragem; na verdade s�o iguais, mas alguns\n"
 "par�metros precisam ser escolhidos de modo especial para criar uma chave\n"
 "segura para assinatura: este programa faz isso, mas algumas outras\n"
 "implementa��es do OpenPGP n�o v�o necessariamente entender o tipo\n"
-"assinatura+encripta��o.\n"
+"assinatura+cifragem.\n"
 "\n"
 "A  chave prim�ria precisa sempre ser uma chave capaz de fazer assinaturas;\n"
-"este � o motivo pelo qual a chave ElGamal apenas para encripta��o n�o est�\n"
+"este � o motivo pelo qual a chave ElGamal apenas para cifragem n�o est�\n"
 "dispon�vel neste menu."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3574,16 +4047,16 @@ msgstr ""
 "porque n�o s�o suportadas por todos os programas e assinaturas criadas com\n"
 "elas s�o grandes e sua verifica��o � lenta."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Insira o tamanho da chave"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Responda \"sim\" ou \"n�o\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3595,19 +4068,19 @@ msgstr ""
 "reac��o a erros - o sistema tentar� interpretar o valor dado como um "
 "intervalo."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Digite o nome do possuidor da chave"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr "por favor digite um endere�o de email (opcional mas recomendado)"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Por favor digite um coment�rio (opcional)"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3617,19 +4090,91 @@ msgid ""
 msgstr ""
 "N  para mudar o nome.\n"
 "C  para mudar o coment�rio.\n"
-"E  para mudar o endere�o de correio eletr�nico.\n"
+"E  para mudar o endere�o de email\n"
 "O  para continuar a gera��o da chave.\n"
 "S  para interromper a gera��o da chave."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Responda \"sim\" (ou apenas \"s\") se quiser gerar a subchave."
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Quando assina uma chave de identifica��o de um utilizador, deve primeiro\n"
+"verificar que a chave pertence realmente � pessoa em quest�o. � �til para\n"
+"terceiros saberem com que cuidado � que efectuou esta verifica��o.\n"
+"\n"
+"\"0\" significa que n�o deseja declarar a forma com verificou a chave\n"
+"\n"
+"\"1\" significa que acredita que a chave pertence � pessoa em quest�o, mas\n"
+"    n�o conseguiu ou n�o tentou verificar. Este grau � �til para quando\n"
+"    assina a chave de uma utilizador pseudo-an�nimo.\n"
+"\n"
+"\"2\" significa que efectuou uma verifica��o normal da chave. Por exemplo,\n"
+"    isto pode significar que verificou a impress�o digital da chave e\n"
+"    verificou o identificador de utilizador da chave contra uma "
+"identifica��o\n"
+"    fotogr�fica.\n"
+"\n"
+"\"3\" significa que efectuou uma verifica��o exaustiva da chave. Por "
+"exemplo,\n"
+"    isto pode significar que efectuou a verifica��o pessoalmente, e que \n"
+"    utilizou um documento, com fotografia, dif�cil de falsificar \n"
+"    (como por exemplo um passaporte) que o nome do dono da chave � o\n"
+"    mesmo do que o identificador da chave, e que, finalmente, verificou\n"
+"    (atrav�s de troca de e-mail) que o endere�o de email da chave pertence\n"
+"    ao done da chave.\n"
+"\n"
+"Aten��o: os exemplos dados para os n�veis 2 e 3 s�o *apenas* exemplos.\n"
+"Compete-lhe a si decidir o que considera, ao assinar chaves, uma "
+"verifica��o\n"
+"\"normal\" e uma verifica��o \"exaustiva\".\n"
+"\n"
+"Se n�o sabe qual � a resposta correcta, responda \"0\"."
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Responda \"sim\" se quiser assinar TODOS os IDs de utilizador"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3637,11 +4182,11 @@ msgstr ""
 "Responda \"sim\" se quiser realmente remover este ID de utilizador.\n"
 "Todos os certificados tamb�m ser�o perdidos!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Responda \"sim\" se quiser remover a subchave"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3651,7 +4196,7 @@ msgstr ""
 "remover esta assinatura porque ela pode ser importante para estabelecer\n"
 "uma conex�o de confian�a � chave ou a outra chave certificada por esta."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3663,13 +4208,13 @@ msgstr ""
 "porque a chave desta assinatura pode estabelecer uma conex�o de confian�a\n"
 "atrav�s de outra chave j� certificada."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
 msgstr "A assinatura n�o � v�lida. Faz sentido remov�-la do seu porta-chaves."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3682,25 +4227,35 @@ msgstr ""
 "n�o consiga mais usar esta chave. Fa�a isto apenas se por alguma\n"
 "raz�o esta auto-assinatura n�o for v�lida e h� uma segunda dispon�vel."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
+#, fuzzy
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
-msgstr "Por favor digite a FRASE secreta"
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+"Muda as prefer�ncias de todos os identificadores de utilizadores\n"
+"(ou apenas dos seleccionados) para a lista actual de prefer�ncias.\n"
+"O 'timestamp' de todas as auto-assinaturas afectuadas ser� avan�ado\n"
+"em um segundo.\n"
+
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Por favor digite a frase secreta \n"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr "Por favor repita a frase secreta, para ter certeza do que digitou."
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr "D� o nome para o ficheiro ao qual a assinatura se aplica"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Responda \"sim\" se quiser escrever por cima do ficheiro"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3709,14 +4264,14 @@ msgstr ""
 "RETURN\n"
 "o ficheiro por omiss�o (que � mostrado entre par�nteses) ser� utilizado."
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3724,81 +4279,112 @@ msgid ""
 "      Use this to state that the user ID should not longer be used;\n"
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
-
-#: g10/helptext.c:245
+"Deve especificar uma raz�o para a emiss�o do certificado. Dependendo no\n"
+"contexto, pode escolher as seguintes op��es desta lista:\n"
+"  \"A chave foi comprometida\"\n"
+"     Utilize esta op��o se tem raz�es para acreditar que indiv�duos n�o\n"
+"     autorizados obtiveram acesso � sua chave secreta.\n"
+"  \"A chave foi substituida\"\n"
+"     Utilize esta op��o se substituiu esta chave com uma mais recente.\n"
+"  \"A chave j� n�o � utilizada\"\n"
+"     Utilize esta op��o se j� n�o utiliza a chave.\n"
+"  \"O identificador do utilizador j� n�o � v�lido\"\n"
+"     Utilize esta op��o para comunicar que o identificador do utilizador\n"
+"     n�o deve ser mais utilizado; normalmente utilizada para indicar\n"
+"     que um endere�o de email � inv�lido.\n"
+
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
+"Se desejar, pode inserir uma texto descrevendo a raz�o pela qual criou\n"
+"este certificado de revoga��o. Por favor mantenha este texto conciso.\n"
+"Uma linha vazia termina o texto.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Nenhuma ajuda dispon�vel"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Nenhuma ajuda dispon�vel para `%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "erro de leitura do certificado: %s\n"
-
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "chave RSA n�o pode ser usada nesta vers�o\n"
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "erro ao criar porta-chaves `%s': %s\n"
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Nenhuma chave para identificador de utilizador\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "a mudan�a de permiss�es de `%s' falhou: %s\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Nenhum identificador de utilizador para chave\n"
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "porta-chaves `%s' criado\n"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "sem porta-chaves p�blico padr�o\n"
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "falha ao criar 'cache' do porta-chaves: %s\n"
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "imposs�vel trancar porta-chaves `%s': %s\n"
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "AVISO: existem 2 ficheiros com informa��es confidenciais.\n"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "chave %08lX: imposs�vel ler bloco de chaves original: %s\n"
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s � o n�o modificado\n"
 
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: utilizador n�o encontrado\n"
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s � o novo\n"
 
-#~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
-#~ msgstr ""
-#~ "Chaves RSA n�o s�o recomend�veis; por favor considere criar uma nova chave e "
-#~ "us�-la no futuro\n"
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Por favor conserte esta poss�vel falha de seguran�a\n"
 
-#~ msgid "not processed"
-#~ msgstr "n�o processado"
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "a verificar o porta chaves `%s'\n"
 
-#~ msgid "assuming bad MDC due to an unknown critical bit\n"
-#~ msgstr "assumindo MDC incorrecto devido a um bit cr�tico desconhecido\n"
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu chaves verificadas at� agora (%lu assinaturas)\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
-#~ msgstr ""
-#~ "a chave n�o est� marcada insegura - imposs�vel us�-la com o RNG falso!\n"
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu chave verificadas (%lu assinaturas)\n"
 
-#~ msgid "set debugging flags"
-#~ msgstr "definir par�metros de depura��o"
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: porta-chaves criado\n"
 
-#~ msgid "enable full debugging"
-#~ msgstr "habilitar depura��o completa"
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "Voc� tem certeza de que quer assin�-la?\n"
 
-#~ msgid "do not write comment packets"
-#~ msgstr "n�o escrever pacotes de coment�rio"
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "  Voc� tem a certeza que quer mesmo assim assin�-la?\n"
 
-#~ msgid "(default is 1)"
-#~ msgstr "(por omiss�o 1)"
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Realmente assinar? "
 
-#~ msgid "(default is 3)"
-#~ msgstr "(por omiss�o 3)"
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "chave %08lX: a nossa c�pia n�o tem auto-assinatura\n"
 
-#~ msgid "   (%d) ElGamal in a v3 packet\n"
-#~ msgstr "   (%d) ElGamal num pacote v3\n"
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Voc� precisa realmente de uma chave t�o grande? "
 
-#~ msgid "Key generation can only be used in interactive mode\n"
-#~ msgstr "A gera��o de chaves s� pode ser feita em modo interactivo\n"
+#~ msgid "   signed by %08lX at %s\n"
+#~ msgstr "   assinado por %08lX em %s\n"
diff --git a/po/pt_BR.po b/po/pt_BR.po
index 4f941c835..7f934a872 100644
--- a/po/pt_BR.po
+++ b/po/pt_BR.po
@@ -1,307 +1,339 @@
-# Portuguese messages for gnupg
+# Portuguese (Brazilian) messages for gnupg
+# Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 # Thiago Jung Bauermann <[email protected]>, 1999.
 # Revised by Rafael Caetano dos Santos <[email protected]>.
 # I tried to make this one close to es_ES by Urko Lusa
 #
+# Rafael Caetano dos Santos <[email protected]> used to be 
+# the last translator but he can't continue his work.
+#
 msgid ""
 msgstr ""
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"Content-Type: text/plain; charset=iso-8859-1\n"
-"Date: 1998-11-20 23:46:36-0200\n"
-"From: Thiago Jung Bauermann <[email protected]>\n"
-"Xgettext-Options: --default-domain=gnupg --directory=.. --add-comments "
-"--keyword=_ --keyword=N_ --files-from=./POTFILES.in\n"
-"Files: util/secmem.c util/argparse.c cipher/random.c cipher/rand-dummy.c "
-"cipher/rand-unix.c cipher/rand-w32.c g10/g10.c g10/pkclist.c g10/keygen.c "
-"g10/decrypt.c g10/encode.c g10/import.c g10/keyedit.c g10/keylist.c "
-"g10/mainproc.c g10/passphrase.c g10/plaintext.c g10/pref.c g10/seckey-cert.c "
-"g10/sig-check.c g10/sign.c g10/trustdb.c g10/verify.c\n"
+"Project-Id-Version: GNU gnupg 1.0\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 1998-11-20 23:46:36-0200\n"
+"Last-Translator:\n"
+"Language-Team: ?\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Aviso: usando mem�ria insegura!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr ""
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "a opera��o n�o � poss�vel sem mem�ria segura inicializada\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(voc� pode ter usado o programa errado para esta tarefa)\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "sim"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "sS"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "n�o"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
 # INICIO MENU
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "sair"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "qQ"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "erro geral"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "formato de pacote desconhecido"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "vers�o desconhecida"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "algoritmo de chave p�blica desconhecido"
 
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "algoritmo de \"digest\" desconhecido"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "chave p�blica incorreta"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "chave secreta incorreta"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "assinatura incorreta"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "erro de \"checksum\""
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "frase secreta incorreta"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "chave p�blica n�o encontrada"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "algoritmo de criptografia desconhecido"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "n�o � poss�vel abrir o chaveiro"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "pacote inv�lido"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "armadura inv�lida"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "identificador de usu�rio inexistente"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "chave secreta n�o dispon�vel"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "chave secreta incorreta"
 
 # suportado ???
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "n�o suportado"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "chave incorreta"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "erro de leitura"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "erro de escrita"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "algoritmo de compress�o desconhecido"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "erro na abertura de arquivo"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "erro na cria��o de arquivo"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "frase secreta inv�lida"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "algoritmo de chave p�blica n�o implementado"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "algoritmo de criptografia n�o implementado"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "classe de assinatura desconhecida"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "erro no banco de dados de confiabilidade"
 
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "MPI incorreto"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "limite de recurso"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "chaveiro inv�lido"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "certificado incorreto"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "identificador de usu�rio malformado"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "erro no fechamento de arquivo"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "erro na renomea��o de arquivo"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "erro na remo��o de arquivo"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "dados inesperados"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "conflito de \"timestamp\""
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "algoritmo de chave p�blica inutiliz�vel"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "o arquivo j� existe"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "chave fraca"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "argumento inv�lido"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "URI incorreto"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "URI n�o suportado"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "erro na rede"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "n�o criptografado"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "n�o processado(s)"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+#, fuzzy
+msgid "unusable public key"
+msgstr "chave p�blica incorreta"
+
+#: util/errors.c:106
+#, fuzzy
+msgid "unusable secret key"
+msgstr "chave secreta incorreta"
+
+#: util/errors.c:107
+#, fuzzy
+msgid "keyserver error"
+msgstr "erro geral"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
 msgstr "... isto � um bug (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
 msgstr "voc� encontrou um bug ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "imposs�vel abrir `%s': %s\n"
 
-#: cipher/random.c:325
+#: cipher/random.c:324
 #, fuzzy, c-format
 msgid "can't stat `%s': %s\n"
 msgstr "imposs�vel abrir `%s': %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
 msgstr ""
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
 msgstr ""
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr ""
 
-#: cipher/random.c:349
+#: cipher/random.c:348
 #, fuzzy, c-format
 msgid "can't read `%s': %s\n"
 msgstr "imposs�vel abrir `%s': %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
 msgstr ""
 
-#: cipher/random.c:407
+#: cipher/random.c:406
 #, fuzzy, c-format
 msgid "can't create `%s': %s\n"
 msgstr "imposs�vel criar %s: %s\n"
 
-#: cipher/random.c:414
+#: cipher/random.c:413
 #, fuzzy, c-format
 msgid "can't write `%s': %s\n"
 msgstr "imposs�vel abrir `%s': %s\n"
 
-#: cipher/random.c:417
+#: cipher/random.c:416
 #, fuzzy, c-format
 msgid "can't close `%s': %s\n"
 msgstr "imposs�vel abrir `%s': %s\n"
 
-#: cipher/random.c:428
-#, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
-
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr "AVISO: usando gerador de n�meros aleat�rios inseguro!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -315,7 +347,7 @@ msgstr ""
 "N�O USE NENHUM DADO GERADO POR ESTE PROGRAMA!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -327,19 +359,7 @@ msgstr ""
 "para que o sistema possa coletar mais entropia!\n"
 "(S�o necess�rios mais %d bytes)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Aviso: usando mem�ria insegura!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "a opera��o n�o � poss�vel sem mem�ria segura inicializada\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(voc� pode ter usado o programa errado para esta tarefa)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -347,144 +367,175 @@ msgstr ""
 "@Comandos:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[arquivo]|fazer uma assinatura"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[arquivo]|fazer uma assinatura em texto puro"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "fazer uma assinatura separada"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "criptografar dados"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr ""
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr ""
 "criptografar apenas com criptografia\n"
 "sim�trica"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "apenas armazenar"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "descriptografar dados (padr�o)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr ""
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "verificar uma assinatura"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "listar as chaves"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "listar as chaves e as assinaturas"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "verificar as assinaturas das chaves"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "listar as chaves e as impress�es digitais"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "listar as chaves secretas"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "gerar um novo par de chaves"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
+#: g10/g10.c:307
+#, fuzzy
+msgid "remove keys from the public keyring"
 msgstr "remover a chave do chaveiro p�blico"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
+#: g10/g10.c:309
+#, fuzzy
+msgid "remove keys from the secret keyring"
 msgstr "remover a chave do chaveiro secreto"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "assinar uma chave"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "assinar uma chave localmente"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+#, fuzzy
+msgid "sign a key non-revocably"
+msgstr "assinar uma chave localmente"
+
+#: g10/g10.c:313
+#, fuzzy
+msgid "sign a key locally and non-revocably"
+msgstr "assinar uma chave localmente"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "assinar ou editar uma chave"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "gerar um certificado de revoga��o"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "exportar chaves"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "exportar chaves para um servidor"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "importar chaves de um servidor"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+#, fuzzy
+msgid "search for keys on a key server"
+msgstr "exportar chaves para um servidor"
+
+#: g10/g10.c:322
+#, fuzzy
+msgid "update all keys from a keyserver"
+msgstr "importar chaves de um servidor"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "importar/fundir chaves"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "listar apenas as seq��ncias de pacotes"
 
 # ownertrust ???
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "exportar os valores de confian�a"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "importar os valores de confian�a"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "atualizar o banco de dados de confiabilidade"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NOMES]|verificar o banco de dados de confiabilidade"
+#: g10/g10.c:336
+#, fuzzy
+msgid "unattended trust database update"
+msgstr "atualizar o banco de dados de confiabilidade"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr ""
 "consertar um banco de dados de confiabilidade\n"
 "danificado"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "retirar a armadura de um arquivo ou de \"stdin\""
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "criar armadura para um arquivo ou \"stdin\""
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [arquivos]|imprimir \"digests\" de mensagens"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -494,179 +545,230 @@ msgstr ""
 "Op��es:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "criar sa�da com armadura ascii"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NOME|criptografar para NOME"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NOME|usar NOME como destinat�rio padr�o"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "usar a chave padr�o como destinat�rio padr�o"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr ""
 "usar este identificador de usu�rio para\n"
 "assinar ou descriptografar"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr ""
 "|N|estabelecer n�vel de compress�o N\n"
 "(0 desabilita)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "usar modo de texto can�nico"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "usar como arquivo de sa�da"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "detalhado"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "ser mais silencioso"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "nunca usar o terminal"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "for�ar assinaturas v3"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+#, fuzzy
+msgid "do not force v3 signatures"
+msgstr "for�ar assinaturas v3"
+
+#: g10/g10.c:377
+#, fuzzy
+msgid "force v4 key signatures"
+msgstr "for�ar assinaturas v3"
+
+#: g10/g10.c:378
+#, fuzzy
+msgid "do not force v4 key signatures"
+msgstr "for�ar assinaturas v3"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "sempre usar um MDC para criptografar"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+#, fuzzy
+msgid "never use a MDC for encryption"
+msgstr "sempre usar um MDC para criptografar"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "n�o fazer altera��es"
 
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
 msgstr ""
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "modo n�o-interativo: nunca perguntar"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "assumir sim para a maioria das perguntas"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "assumir n�o para a maioria das perguntas"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "adicionar este chaveiro � lista de chaveiros"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "adicionar este chaveiro secreto � lista"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr ""
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NOME|usar NOME como chave secreta padr�o"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|ENDERE�O|usar este servidor para buscar chaves"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr ""
 "|NOME|definir mapa de caracteres do terminal como\n"
 "NOME"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "ler op��es do arquivo"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr ""
 "|DA|escrever informa��es de estado para o\n"
 "descritor de arquivo DA"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
+#: g10/g10.c:404
+#, fuzzy
+msgid "|[file]|write status info to file"
+msgstr ""
+"|DA|escrever informa��es de estado para o\n"
+"descritor de arquivo DA"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
 msgstr ""
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|ARQUIVO|carregar m�dulo de extens�o ARQUIVO"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "emular o modo descrito no RFC1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr ""
 "configurar todas as op��es de pacote,\n"
 "criptografia e \"digest\" para comportamento\n"
 "OpenPGP"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+#, fuzzy
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr ""
+"configurar todas as op��es de pacote,\n"
+"criptografia e \"digest\" para comportamento\n"
+"OpenPGP"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|usar frase secreta modo N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr ""
 "|NOME|usar algoritmo de \"digest\" de mensagens NOME\n"
 "para frases secretas"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr ""
 "|NOME|usar algoritmo de criptografia NOME para\n"
 "frases secretas"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NOME|usar algoritmo de criptografia NOME"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NOME|usar algoritmo de \"digest\" de mensagens NOME"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|usar algoritmo de compress�o N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr ""
 "eliminar o campo keyid dos pacotes\n"
 "criptografados"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr ""
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NOME=VALOR|usar estes dados de nota��o"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
 msgstr ""
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -686,15 +788,15 @@ msgstr ""
 " --list-keys [nomes]        mostrar chaves\n"
 " --fingerprint [nomes]      mostrar impress�es digitais\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr "Por favor comunique bugs para <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Uso: gpg [op��es] [arquivos] (-h para ajuda)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -704,7 +806,7 @@ msgstr ""
 "assina, verifica, criptografa ou descriptografa\n"
 "a opera��o padr�o depende dos dados de entrada\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -712,194 +814,258 @@ msgstr ""
 "\n"
 "Algoritmos suportados:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "uso: gpg [op��es] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "comandos conflitantes\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
 msgstr "NOTA: arquivo de op��es padr�o `%s' inexistente\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "arquivo de op��es `%s': %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "lendo op��es de `%s'\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s n�o � um conjunto de caracteres v�lido\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr ""
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "AVISO: `%s' � um arquivo vazio\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "AVISO: O programa pode criar um arquivo core!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr ""
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
 msgstr "NOTA: %s n�o � para uso normal!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s n�o � permitido com %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "%s n�o faz sentido com %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr ""
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "o algoritmo de criptografia selecionado n�o � v�lido\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "o algoritmo de \"digest\" selecionado n�o � v�lido\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
+#: g10/g10.c:1492
+#, fuzzy
+msgid "the given signature policy URL is invalid\n"
+msgstr "a URL de pol�tica dada � inv�lida\n"
+
+#: g10/g10.c:1496
+#, fuzzy
+msgid "the given certification policy URL is invalid\n"
 msgstr "a URL de pol�tica dada � inv�lida\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "o algoritmo de compress�o deve estar na faixa %d..%d\n"
 
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "completes-needed deve ser maior que 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "marginals-needed deve ser maior que 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "max-cert-depth deve estar na entre 1 e 255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
 msgstr "NOTA: o modo S2K simples (0) n�o � recomend�vel\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "modo S2K inv�lido: deve ser 0, 1 ou 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+#, fuzzy
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "modo S2K inv�lido: deve ser 0, 1 ou 3\n"
+
+#: g10/g10.c:1519
+#, fuzzy
+msgid "invalid preferences\n"
+msgstr "lista prefer�ncias"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "falha ao inicializar o banco de dados de confiabilidade: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [nome_do_arquivo]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [nome_do_arquivo]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [nome_do_arquivo]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [nome_do_arquivo]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [nome_do_arquivo]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+#, fuzzy
+msgid "--sign --symmetric [filename]"
+msgstr "--symmetric [nome_do_arquivo]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [nome_do_arquivo]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [nome_do_arquivo]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key id-usu�rio"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key id-usu�rio"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key id-usu�rio [comandos]"
+#: g10/g10.c:1746
+#, fuzzy
+msgid "--nrsign-key user-id"
+msgstr "--sign-key id-usu�rio"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key id-usu�rio"
+#: g10/g10.c:1754
+#, fuzzy
+msgid "--nrlsign-key user-id"
+msgstr "--sign-key id-usu�rio"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key id-usu�rio"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key id-usu�rio [comandos]"
 
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "imposs�vel abrir %s: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [id-usu�rio] [chaveiro]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "retirada de armadura falhou: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "cria��o de armadura falhou: %s\n"
 
 # "hash" poderia ser "espalhamento", mas n�o fica claro
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "algoritmo de hash inv�lido `%s'\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[nome_do_arquivo]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "V� em frente e digite sua mensagem ...\n"
 
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "imposs�vel abrir `%s'\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr ""
 "o primeiro caractere de um nome de nota��o deve ser uma letra ou um "
 "sublinhado\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -907,159 +1073,141 @@ msgstr ""
 "um nome de nota��o deve ter apenas letras, d�gitos, pontos ou sublinhados e "
 "terminar com '='\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr ""
 "pontos em um nome de nota��o devem estar cercados por outros caracteres\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "um valor de nota��o n�o deve usar caracteres de controle\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "armadura: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "cabe�alho de armadura inv�lido: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "cabe�alho de armadura: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "cabe�alho de assinatura em texto puro inv�lido\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "assinaturas em texto puro aninhadas\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "linha com h�fen inv�lida: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "armadura inesperada:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "caractere radix64 inv�lido %02x ignorado\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "fim de arquivo prematuro (sem CRC)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "fim de arquivo prematuro (no CRC)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "CRC malformado\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "erro de CRC; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "fim de arquivo prematuro (no \"Trailer\")\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "erro na linha \"trailer\"\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "nenhum dado OpenPGP v�lido encontrado.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "armadura inv�lida: linha maior que %d caracteres\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "caractere \"quoted printable\" na armadura  - provavelmente um MTA com bugs "
 "foi usado\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "       Impress�o digital:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Impress�o digital:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
 msgstr ""
 
-#: g10/pkclist.c:119
+#: g10/pkclist.c:63
 #, fuzzy
-msgid "Key is superseeded"
+msgid "Key is superseded"
 msgstr "A chave � protegida.\n"
 
-#: g10/pkclist.c:121
+#: g10/pkclist.c:65
 #, fuzzy
 msgid "Key has been compromised"
 msgstr "Esta chave foi desativada"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
 msgstr ""
 
-#: g10/pkclist.c:125
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
 msgstr ""
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
 msgstr ""
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
 msgstr ""
 
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr ""
 
-#: g10/pkclist.c:308
-#, c-format
+#: g10/pkclist.c:258
+#, fuzzy, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
 "Nenhum valor de confian�a designado para %lu:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
+#, fuzzy
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Por favor decida quanto voc� confia neste usu�rio para\n"
 "verificar corretamente as chaves de outros usu�rios\n"
@@ -1072,84 +1220,91 @@ msgstr ""
 " 4 = Eu confio completamente\n"
 " s = Mostrar mais informa��es\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr ""
+
+#: g10/pkclist.c:274
+#, fuzzy, c-format
+msgid " %d = I do NOT trust\n"
+msgstr "%08lX: N�s N�O confiamos nesta chave\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr ""
+
+#: g10/pkclist.c:276
+#, fuzzy, c-format
+msgid " %d = I trust fully\n"
+msgstr "%s: n�o � um banco de dados de confiabilidade\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr ""
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr ""
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = voltar ao menu principal\n"
 
-#: g10/pkclist.c:331
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr ""
+
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = sair\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Sua decis�o? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+#, fuzzy
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Voc� realmente quer remover esta chave? "
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Certificados que levam a uma chave confiada plenamente:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"N�o foi poss�vel encontrar uma rota de confian�a v�lida para a chave.\n"
-"Vamos ver se � poss�vel designar alguns valores de confian�a ausentes.\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr "Nenhuma rota encontrada que leve a uma de nossas chaves.\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Nenhum certificado com confian�a indefinida encontrado.\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Nenhum valor de confian�a modificado.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "chave %08lX: a chave foi revogada!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "Usa esta chave de qualquer modo? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "chave %08lX: a subchave foi revogada!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: a chave expirou\n"
 
-#: g10/pkclist.c:519
-#, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: sem informa��o para calcular probabilidade de confian�a\n"
+#: g10/pkclist.c:442
+#, fuzzy, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr "       N�o h� indica��o de que a assinatura pertence ao dono.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: N�s N�O confiamos nesta chave\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1158,15 +1313,15 @@ msgstr ""
 "%08lX: N�o se tem certeza de que esta chave realmente pertence ao dono,\n"
 "mas � aceita de qualquer modo\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Esta chave provavelmente pertence ao dono\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Esta chave pertence a n�s\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1178,172 +1333,200 @@ msgstr ""
 "sim � pr�xima pergunta\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "AVISO: Usando chave n�o confi�vel!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "AVISO: Esta chave foi revogada pelo seu dono!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "       Isto pode significar que a assinatura � falsificada.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "AVISO: Esta subchave foi revogada pelo seu dono!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+#, fuzzy
+msgid "Note: This key has been disabled.\n"
+msgstr "Esta chave foi desativada"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Nota: Esta chave expirou!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr "AVISO: Esta chave n�o est� certificada com uma assinatura confi�vel!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr "       N�o h� indica��o de que a assinatura pertence ao dono.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "AVISO: N�s N�O confiamos nesta chave!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "       A assinatura � provavelmente uma FALSIFICA��O.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "AVISO: Esta chave n�o est� certificada com assinaturas suficientemente\n"
 "       confi�veis!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr "       N�o se tem certeza de que a assinatura pertence ao dono.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: ignorado: %s\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: ignorado: a chave p�blica j� est� presente\n"
 
-#: g10/pkclist.c:855
-msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
-"\n"
+#: g10/pkclist.c:752
+#, fuzzy
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
 msgstr ""
 "Voc� n�o especificou um identificador de usu�rio. (pode-se usar \"-r\")\n"
 "\n"
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Digite o identificador de usu�rio: "
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
 
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Identificador de usu�rio inexistente.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr "ignorado: chave p�blica j� marcada como destinat�rio padr�o\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "A chave p�blica est� desativada.\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "ignorado: chave p�blica j� marcada com --encrypt-to\n"
+#: g10/pkclist.c:806
+#, fuzzy
+msgid "skipped: public key already set\n"
+msgstr "%s: ignorado: a chave p�blica j� est� presente\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "destinat�rio padr�o desconhecido `%s'\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: erro na verifica��o da chave: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: ignorado: a chave p�blica est� desativada\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "nenhum endere�o v�lido\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr ""
+
+#: g10/keygen.c:187
+#, fuzzy, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "ignorado `%s': duplicado\n"
+
+# muitas ou demais ???
+#: g10/keygen.c:192
+#, fuzzy, c-format
+msgid "too many `%c' preferences\n"
+msgstr "Prefer�ncias demais"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "Caractere inv�lido no nome\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "escrevendo auto-assinatura\n"
 
 # key binding ???
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "escrevendo assinatura ligada a uma chave\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
 #, fuzzy, c-format
 msgid "keysize invalid; using %u bits\n"
 msgstr "O tamanho de chave pedido � %u bits\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
 #, fuzzy, c-format
 msgid "keysize rounded up to %u bits\n"
 msgstr "arredondado para %u bits\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "Por favor selecione o tipo de chave desejado:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA e ElGamal (padr�o)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (apenas assinatura)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (apenas criptografia)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (assinatura e criptografia)\n"
 
-#: g10/keygen.c:643
+#: g10/keygen.c:784
 #, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (assinatura e criptografia)\n"
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) DSA (apenas assinatura)\n"
 
-#: g10/keygen.c:647
+#: g10/keygen.c:786
+#, fuzzy, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) ElGamal (apenas criptografia)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Sua op��o? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Voc� realmente quer criar uma chave para assinatura e criptografia? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr ""
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Op��o inv�lida.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1356,23 +1539,23 @@ msgstr ""
 "              tamanho padr�o � 1024 bits\n"
 "     tamanho m�ximo sugerido � 2048 bits\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Que tamanho de chave voc� quer? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA permite apenas tamanhos de 512 a 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "tamanho muito pequeno; 768 � o valor m�nimo permitido.\n"
-
-#: g10/keygen.c:708
+#: g10/keygen.c:852
 #, fuzzy
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
 msgstr "tamanho muito pequeno; 768 � o valor m�nimo permitido.\n"
 
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr "tamanho muito pequeno; 768 � o valor m�nimo permitido.\n"
+
 #. It is ridiculous and an annoyance to use larger key sizes!
 #. * GnuPG can handle much larger sizes; but it takes an eternity
 #. * to create such a key (but less than the time the Sirius
@@ -1381,12 +1564,12 @@ msgstr "tamanho muito pequeno; 768 � o valor m�nimo permitido.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "tamanho muito grande; %d � o valor m�ximo permitido.\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1394,11 +1577,11 @@ msgstr ""
 "Tamanhos de chave maiores que 2048 n�o s�o recomendados\n"
 "porque o tempo de computa��o � REALMENTE longo!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "Voc� tem certeza de que quer este tamanho de chave? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1406,21 +1589,17 @@ msgstr ""
 "Tudo bem, mas tenha em mente que a radia��o de seu monitor e teclado tamb�m "
 "� vulner�vel a ataques!\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Voc� realmente precisa de uma chave t�o grande? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "O tamanho de chave pedido � %u bits\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "arredondado para %u bits\n"
 
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1436,25 +1615,48 @@ msgstr ""
 "      <n>m = chave expira em n meses\n"
 "      <n>y = chave expira em n anos\n"
 
-#: g10/keygen.c:812
+#: g10/keygen.c:951
+#, fuzzy
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Por favor especifique por quanto tempo a chave deve ser v�lida.\n"
+"         0 = chave n�o expira\n"
+"      <n>  = chave expira em n dias\n"
+"      <n>w = chave expira em n semanas\n"
+"      <n>m = chave expira em n meses\n"
+"      <n>y = chave expira em n anos\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "A chave � valida por? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+#, fuzzy
+msgid "Signature is valid for? (0) "
+msgstr "A chave � valida por? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "valor inv�lido\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
+#: g10/keygen.c:985
+#, fuzzy, c-format
+msgid "%s does not expire at all\n"
 msgstr "A chave n�o expira nunca\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
-#, c-format
-msgid "Key expires at %s\n"
+#: g10/keygen.c:992
+#, fuzzy, c-format
+msgid "%s expires at %s\n"
 msgstr "A chave expira em %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1462,11 +1664,11 @@ msgstr ""
 "Seu sistema n�o consegue mostrar datas al�m de 2038.\n"
 "Apesar disso, elas ser�o corretamente manipuladas at� 2106.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "Est� correto (s/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1482,44 +1684,44 @@ msgstr ""
 "    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Nome completo: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Caractere inv�lido no nome\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "O nome n�o pode come�ar com um d�gito\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "O nome deve ter pelo menos 5 caracteres\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Endere�o de correio eletr�nico: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Endere�o eletr�nico inv�lido\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Coment�rio: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Caractere inv�lido no coment�rio\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Voc� est� usando o conjunto de caracteres `%s'.\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1530,28 +1732,28 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr ""
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnCcEeOoSs"
 
-#: g10/keygen.c:986
+#: g10/keygen.c:1151
 #, fuzzy
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
 msgstr "Muda (N)ome, (C)oment�rio, (E)ndere�o ou (O)k/(S)air? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "Muda (N)ome, (C)oment�rio, (E)ndere�o ou (O)k/(S)air? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
 msgstr ""
 
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1559,11 +1761,17 @@ msgstr ""
 "Voc� precisa de uma frase secreta para proteger sua chave.\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+#, fuzzy
+msgid "passphrase not correctly repeated; try again"
 msgstr "A frase secreta n�o foi repetida corretamente; tente outra vez.\n"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr ""
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1575,7 +1783,7 @@ msgstr ""
 "qualquer hora, usando este programa com a op��o \"--edit-key\".\n"
 "\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1587,29 +1795,54 @@ msgstr ""
 "gera��o dos n�meros primos; isso d� ao gerador de n�meros aleat�rios\n"
 "uma chance melhor de conseguir entropia suficiente.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "O par de chaves DSA ter� 1024 bits.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Gera��o de chave cancelada.\n"
 
-#: g10/keygen.c:1668
+#: g10/keygen.c:1883 g10/keygen.c:1963
 #, fuzzy, c-format
 msgid "writing public key to `%s'\n"
 msgstr "escrevendo certificado p�blico para `%s'\n"
 
-#: g10/keygen.c:1669
+#: g10/keygen.c:1884 g10/keygen.c:1965
 #, fuzzy, c-format
 msgid "writing secret key to `%s'\n"
 msgstr "escrevendo certificado privado para `%s'\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, fuzzy, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "chave %08lX: chave p�blica n�o encontrada: %s\n"
+
+#: g10/keygen.c:1958
+#, fuzzy, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "imposs�vel bloquear chaveiro secreto: %s\n"
+
+#: g10/keygen.c:1972
+#, fuzzy, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "erro na escrita do chaveiro `%s': %s\n"
+
+#: g10/keygen.c:1979
+#, fuzzy, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "erro na escrita do chaveiro `%s': %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "chaves p�blica e privada criadas e assinadas.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+#, fuzzy
+msgid "key marked as ultimately trusted.\n"
+msgstr "Certificados que levam a uma chave confiada plenamente:\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
@@ -1617,12 +1850,12 @@ msgstr ""
 "Note que esta chave n�o pode ser usada para criptografia. Voc� pode usar\n"
 "o comando \"--edit-key\" para gerar uma chave secund�ria para esse fim.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "A gera��o de chaves falhou: %s\n"
 
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1630,7 +1863,7 @@ msgstr ""
 "a chave foi criada %lu segundo no futuro\n"
 "(viagem no tempo ou problema no rel�gio)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1638,306 +1871,361 @@ msgstr ""
 "a chave foi criada %lu segundos no futuro\n"
 "(viagem no tempo ou problema no rel�gio)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr ""
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Realmente criar? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr ""
+
+#: g10/encode.c:92 g10/encode.c:296
+#, fuzzy, c-format
+msgid "`%s' already compressed\n"
+msgstr "%lu chaves processadas\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: imposs�vel abrir: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "erro na cria��o da frase secreta: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: AVISO: arquivo vazio\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "lendo de `%s'\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s criptografado para: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
-#, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: usu�rio n�o encontrado: %s\n"
+#: g10/delkey.c:69 g10/export.c:141
+#, fuzzy, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "usu�rio `%s' n�o encontrado: %s\n"
 
-#: g10/export.c:164
+#: g10/delkey.c:77 g10/export.c:161
+#, fuzzy, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "erro na leitura de `%s': %s\n"
+
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "chave %08lX: n�o � uma chave rfc2440 - ignorada\n"
 
-#: g10/export.c:175
+#: g10/export.c:180
 #, fuzzy, c-format
 msgid "key %08lX: not protected - skipped\n"
 msgstr "chave %08lX: n�o � uma chave rfc2440 - ignorada\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, fuzzy, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "chave %08lX: n�o � uma chave rfc2440 - ignorada\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "AVISO: nada exportado\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "entradas demais no cache pk - desativado\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "entradas demais no cache unk - desativado\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+#, fuzzy
+msgid "[User id not found]"
+msgstr "[usu�rio n�o encontrado]"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "usando chave secund�ria %08lX ao inv�s de chave prim�ria %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr "chave %08lX: chave secreta sem chave p�blica - ignorada\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: usu�rio n�o encontrado\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "ignorando bloco do tipo %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "%lu chaves processadas at� agora\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "erro na leitura de `%s': %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "N�mero total processado: %lu\n"
 
-#: g10/import.c:206
+#: g10/import.c:232
 #, fuzzy, c-format
 msgid "      skipped new keys: %lu\n"
 msgstr "           novas subchaves: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "          sem IDs de usu�rios: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "              importados: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "             n�o modificados: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "          novos IDs de usu�rios: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "           novas subchaves: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "        novas assinaturas: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "   novas revoga��es de chaves: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "      chaves secretas lidas: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "  chaves secretas importadas: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr " chaves secretas n�o modificadas: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "chave %08lX: sem ID de usu�rio\n"
 
-#: g10/import.c:403
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "chave %08lX: aceito ID de usu�rio sem auto-assinatura '"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "chave %08lX: sem IDs de usu�rios v�lidos\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "isto pode ser causado por falta de auto-assinatura\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "chave %08lX: chave p�blica n�o encontrada: %s\n"
 
-#: g10/import.c:421
+#: g10/import.c:479
 #, fuzzy, c-format
 msgid "key %08lX: new key - skipped\n"
 msgstr "chave %08lX: n�o � uma chave rfc2440 - ignorada\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:489
+#, fuzzy, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "imposs�vel escrever chaveiro: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "escrevendo para `%s'\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
-msgstr "erro na escrita do chaveiro `%': %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
+msgstr "erro na escrita do chaveiro `%s': %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "chave %08lX: chave p�blica importada\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "chave %08lX: n�o corresponde � nossa c�pia\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "chave %08lX: imposs�vel localizar bloco de chaves original: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "chave %08lX: imposs�vel ler bloco de chaves original: %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "chave %8lX: 1 novo ID de usu�rio\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "chave %08lX: %d novos IDs de usu�rios\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "chave %08lX: 1 nova assinatura\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "chave %08lX: %d novas assinaturas\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "chave %08lX: 1 nova subchave\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "chave %08lX: %d novas subchaves\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "chave %08lX: n�o modificada\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, fuzzy, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "imposs�vel bloquear chaveiro secreto: %s\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "chave %08lX: chave secreta importada\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "chave %08lX: j� est� no chaveiro secreto\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "chave %08lX: chave secreta n�o encontrada: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "chave %08lX: sem chave p�blica - imposs�vel aplicar certificado\n"
 "de revoga��o\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "chave %08lX: certificado de revoga��o inv�lido: %s - rejeitado\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "chave %08lX: certificado de revoga��o importado\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "chave %08lX: nenhum ID de usu�rio para assinatura\n"
 
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
 msgstr "chave %08lX: algoritmo de chave p�blica n�o suportado\n"
 
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
 msgstr "chave %08lX: auto-assinatura inv�lida\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "chave %08lX: sem subchave para liga��o de chaves\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "chave %08lX: liga��o de subchave inv�lida\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "chave %08lX: algoritmo de chave p�blica n�o suportado\n"
 
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "chave %08lX: aceito ID de usu�rio sem auto-assinatura '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "chave %08lX: liga��o de subchave inv�lida\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "chave %08lX: ignorado ID de usu�rio '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "chave %08lX: subchave ignorada\n"
@@ -1946,93 +2234,184 @@ msgstr "chave %08lX: subchave ignorada\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr "chave %08lX: assinatura n�o export�vel (classe %02x) - ignorada\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr "chave %08lX: certificado de revoga��o no local errado - ignorada\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "chave %08lX: certificado de revoga��o inv�lido: %s - ignorada\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "chave %08lX: detectado ID de usu�rio duplicado - unido\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "chave %08lX: certificado de revoga��o adicionado\n"
 
-#: g10/import.c:1130 g10/import.c:1183
-#, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "chave %08lX: nossa c�pia n�o tem auto-assinatura\n"
+#: g10/import.c:1231
+#, fuzzy, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "chave %08lX: %d novas assinaturas\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[revoga��o]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[auto-assinatura]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 assinatura incorreta\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d assinaturas incorretas\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 assinatura n�o verificada por falta de chave\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d assinaturas n�o verificadas por falta de chaves\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 assinatura n�o verificada devido a um erro\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d assinaturas n�o verificadas devido a erros\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "1 ID de usu�rio sem auto-assinatura v�lida detectado\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr "%d IDs de usu�rios sem auto-assinaturas v�lidas detectados\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "A chave � protegida.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+#, fuzzy
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Voc� tem certeza de que quer este tamanho de chave? "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
 #, c-format
-msgid "Already signed by key %08lX\n"
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+
+#: g10/keyedit.c:388
+#, fuzzy, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "J� assinado pela chave %08lX\n"
+
+#: g10/keyedit.c:393
+#, fuzzy, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
 msgstr "J� assinado pela chave %08lX\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Nada para assinar com a chave %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+#, fuzzy
+msgid "This key has expired!"
+msgstr "Nota: Esta chave expirou!\n"
+
+#: g10/keyedit.c:440
+#, fuzzy, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Esta chave n�o � protegida.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr ""
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr ""
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2040,42 +2419,70 @@ msgstr ""
 "Voc� tem certeza de que quer assinar esta chave com\n"
 "sua chave: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
+#, fuzzy
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr ""
+"A assinatura ser� marcada como n�o-export�vel.\n"
 "\n"
+
+#: g10/keyedit.c:548
+#, fuzzy
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
 msgstr ""
 "A assinatura ser� marcada como n�o-export�vel.\n"
 "\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Realmente assinar? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "assinatura falhou: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Esta chave n�o � protegida.\n"
 
-#: g10/keyedit.c:426
+#: g10/keyedit.c:662
 #, fuzzy
 msgid "Secret parts of primary key are not available.\n"
 msgstr "chave secreta n�o dispon�vel"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "A chave � protegida.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Imposs�vel editar esta chave: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2083,7 +2490,7 @@ msgstr ""
 "Digite a nova frase para esta chave secreta.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2091,422 +2498,567 @@ msgstr ""
 "Voc� n�o quer uma frase secreta - provavelmente isto � uma *m�* id�ia!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Voc� realmente quer fazer isso? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "movendo a assinatura da chave para o local correto\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "sair deste menu"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "save"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "gravar e sair"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "help"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "mostra esta ajuda"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "mostra impress�o digital"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "list"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "lista chave e identificadores de usu�rios"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "seleciona ID de usu�rio N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "key"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "seleciona chave secund�ria N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "check"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "lista assinaturas"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "sign"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "assina a chave"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsign"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "assina a chave localmente"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "nrsign"
+msgstr "sign"
+
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "sign the key non-revocably"
+msgstr "assina a chave localmente"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "nrlsign"
+msgstr "sign"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "sign the key locally and non-revocably"
+msgstr "assina a chave localmente"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "debug"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "adduid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "adiciona um novo ID de usu�rio"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr ""
+
+#: g10/keyedit.c:834
+#, fuzzy
+msgid "add a photo ID"
+msgstr "adiciona um novo ID de usu�rio"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "deluid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "remove ID de usu�rio"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr ""
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "addkey"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "adiciona nova chave secund�ria"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "delkey"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "remove uma chave secund�ria"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "delsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "remove assinaturas"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "muda a data de validade"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr ""
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr ""
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "toggle"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "alterna entre listagem de chave secreta e p�blica"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
+#: g10/keyedit.c:846
+#, fuzzy
+msgid "list preferences (expert)"
 msgstr "lista prefer�ncias"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "list preferences (verbose)"
+msgstr "lista prefer�ncias"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "setpref"
+msgstr "pref"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "set preference list"
+msgstr "lista prefer�ncias"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updpref"
+msgstr "pref"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updated preferences"
+msgstr "lista prefer�ncias"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "passwd"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "muda a frase secreta"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "trust"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "muda os valores de confian�a"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "revoga assinaturas"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "revkey"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "revoga uma chave secund�ria"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "disable"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "desativa uma chave"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "enable"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "ativa uma chave"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr ""
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr ""
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "imposs�vel fazer isso em modo n�o-interativo\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, fuzzy, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "erro na leitura de `%s': %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Chave secreta dispon�vel.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Comando> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "A chave secreta � necess�ria para fazer isto.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
 msgstr ""
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "A chave � protegida.\n"
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Realmente assinar todos os IDs de usu�rio? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Sugest�o: Selecione os IDs de usu�rio para assinar\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "atualiza��o do banco de dados de confiabilidade falhou: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr ""
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Voc� precisa selecionar pelo menos um ID de usu�rio.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Voc� n�o pode remover o �ltimo ID de usu�rio!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "Realmente remover todos os IDs de usu�rio selecionados? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Realmente remover este ID de usu�rio? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Voc� deve selecionar pelo menos uma chave.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "Voc� realmente quer remover as chaves selecionadas? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "Voc� realmente quer remover esta chave? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "Voc� realmente quer revogar as chaves selecionadas? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "Voc� realmente quer revogar esta chave? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+#, fuzzy
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "Realmente remover todos os IDs de usu�rio selecionados? "
+
+#: g10/keyedit.c:1254
+#, fuzzy
+msgid "Really update the preferences? "
+msgstr "Realmente gerar os certificados de revoga��o? (s/N)"
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Salvar altera��es? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Sair sem salvar? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "atualiza��o falhou: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "atualiza��o da chave secreta falhou: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "Chave n�o alterada, nenhuma atualiza��o � necess�ria.\n"
 
 # help ou ajuda ???
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Comando inv�lido (tente \"help\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, fuzzy, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "AVISO: Esta chave foi revogada pelo seu dono!\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr ""
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
 msgstr ""
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
 msgstr ""
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Esta chave foi desativada"
 
-#: g10/keyedit.c:1116
+#: g10/keyedit.c:1539
 #, fuzzy, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "chave %08lX: a subchave foi revogada!\n"
+msgstr "rev! a subchave foi revogada: %s\n"
 
-#: g10/keyedit.c:1119
+#: g10/keyedit.c:1542
 #, fuzzy
 msgid "rev- faked revocation found\n"
-msgstr "   novas revoga��es de chaves: %lu\n"
+msgstr "rev- revoga��es de chaves incorreta\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
 msgstr ""
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Voc� tem certeza de que quer este tamanho de chave? "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "Deletar esta assinatura v�lida? (s/N/q)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "Deletar esta assinatura inv�lida? (s/N/q)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "Deletar esta assinatura desconhecida? (s/N/q)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "Realmente remover esta auto-assinatura? (s/N)"
 
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "%d assinatura removida.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "%d assinaturas removidas.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Nada removido.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Por favor remova as sele��es das chaves secretas.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "Por favor selecione no m�ximo uma chave secund�ria.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "Modificando a data de validade para uma chave secund�ria.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "Modificando a data de validade para uma chave prim�ria.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Voc� n�o pode modificar a data de validade de uma chave v3\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Nenhuma assinatura correspondente no chaveiro secreto\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+#, fuzzy
+msgid "Please select exactly one user ID.\n"
+msgstr "Voc� precisa selecionar pelo menos um ID de usu�rio.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Nenhum ID de usu�rio com �ndice %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Nenhuma chave secund�ria com �ndice %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "ID de usu�rio: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2515,203 +3067,344 @@ msgstr ""
 "\"\n"
 "assinado com sua chave %08lX em %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, fuzzy, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"assinado com sua chave %08lX em %s\n"
+
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Esta chave n�o � protegida.\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Voc� tem certeza de que quer este tamanho de chave? "
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
 msgstr "Gerar um certificado de revoga��o para esta assinatura? (s/N)"
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Voc� assinou estes IDs de usu�rio:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
-#, c-format
-msgid "   signed by %08lX at %s\n"
+#: g10/keyedit.c:2504
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s%s\n"
 msgstr "   assinado por %08lX em %s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   revogado por %08lX em %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Voc� est� prestes a revogar estas assinaturas:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2542
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   assinado por %08lX em %s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
+
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
 msgstr "Realmente gerar os certificados de revoga��o? (s/N)"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "nenhuma chave secreta\n"
 
-#: g10/keylist.c:158
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
 #, fuzzy
-msgid "invalid"
-msgstr "armadura inv�lida"
+msgid "Signature policy: "
+msgstr "assinatura %s de: %s\n"
 
-#: g10/keylist.c:178
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "AVISO: dados de nota��o inv�lidos encontrados\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
 #, fuzzy
-msgid "revoked"
-msgstr "revkey"
+msgid "Signature notation: "
+msgstr "Nota��o: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr ""
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr ""
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
+#: g10/keylist.c:423 g10/mainproc.c:856
 #, fuzzy, c-format
 msgid " [expires: %s]"
 msgstr "A chave expira em %s\n"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Impress�o digital:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "       Impress�o digital:"
+
+#: g10/keylist.c:899
+#, fuzzy
+msgid "     Key fingerprint ="
+msgstr "       Impress�o digital:"
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "dados criptografados com %s\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "criptografado com algoritmo desconhecido %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "a chave p�blica � %08lX\n"
 
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "dados criptografados com chave p�blica: DEK v�lido\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "criptografado com chave %u-bit %s, ID %08lX, criada em %s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "criptografado com chave %s, ID %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "nenhuma chave secreta para descriptografia dispon�vel\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "descriptografia de chave p�blica falhou: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, fuzzy, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "dados criptografados com %s\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "descriptografia correta\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "CUIDADO: a mensagem criptografada foi manipulada!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr "descriptografia falhou: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
 msgstr "NOTA: o remetente solicitou \"apenas-para-seus-olhos\"\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "nome de arquivo original='%.*s'\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr "revoga��o isolada - use \"gpg --import\" para aplic�-la\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "AVISO: dados de nota��o inv�lidos encontrados\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Nota��o: "
 
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Pol�tica: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "verifica��o de assinatura suprimida\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+#, fuzzy
+msgid "can't handle these multiple signatures\n"
+msgstr "fazer uma assinatura separada"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Assinatura feita em %.*s usando %s, ID da chave %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "Assinatura INCORRETA de \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+#, fuzzy
+msgid "Expired signature from \""
+msgstr "Assinatura correta de \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Assinatura correta de \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr ""
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "                   ou \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Imposs�vel verificar assinatura: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+#, fuzzy
+msgid "not a detached signature\n"
+msgstr "fazer uma assinatura separada"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "assinatura isolada da classe 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "formato de assinatura antigo (PGP2.x)\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "pacote raiz inv�lido detectado em proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "imposs�vel desativar core dumps: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Algoritmos experimentais n�o devem ser usados!\n"
 
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+#, fuzzy
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
 msgstr ""
 "este algoritmo de criptografia � depreciado; por favor use algum\n"
 "algoritmo padr�o!\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr ""
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "imposs�vel manipular algoritmo de chave p�blica %d\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpacote do tipo %d tem bit cr�tico ligado\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
 msgstr ""
 
-#: g10/passphrase.c:204
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:498
 msgid "malformed GPG_AGENT_INFO environment variable\n"
 msgstr ""
 
-#: g10/hkp.c:158 g10/passphrase.c:223
+#: g10/passphrase.c:511
+#, fuzzy, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "algoritmo de prote��o %d n�o � suportado\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
 #, fuzzy, c-format
 msgid "can't connect to `%s': %s\n"
 msgstr "imposs�vel abrir `%s': %s\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr ""
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr ""
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (ID principal da chave %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:641
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -2720,41 +3413,38 @@ msgid ""
 msgstr ""
 "\n"
 "Voc� precisa de uma frase secreta para desbloquear a chave secreta do\n"
-"usu�rio: \""
+"usu�rio: \"%.*s\"\n"
+"%u-bit %s chave, ID %08lX, criada %s%s\n"
 
-#: g10/passphrase.c:315
+#: g10/passphrase.c:662
 #, fuzzy
 msgid "Enter passphrase\n"
 msgstr "Digite a frase secreta: "
 
-#: g10/passphrase.c:317
+#: g10/passphrase.c:664
 #, fuzzy
 msgid "Repeat passphrase\n"
 msgstr "Repita a frase secreta: "
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 #, fuzzy
 msgid "passphrase too long\n"
 msgstr "linha muito longa\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
 msgstr ""
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
 msgstr ""
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
 msgstr ""
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2764,20 +3454,20 @@ msgstr ""
 "Voc� precisa de uma frase secreta para desbloquear a chave secreta do\n"
 "usu�rio: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "chave de %u-bit/%s, ID %08lX, criada em %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "imposs�vel pedir senha em modo n�o-interativo\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Digite a frase secreta: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Repita a frase secreta: "
 
@@ -2785,147 +3475,193 @@ msgstr "Repita a frase secreta: "
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr "dados n�o salvos; use a op��o \"--output\" para salv�-los\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, fuzzy, c-format
+msgid "error creating `%s': %s\n"
+msgstr "erro na leitura de `%s': %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
 msgstr "Assinatura separada.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Por favor digite o nome do arquivo de dados: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "lendo de \"stdin\" ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+#, fuzzy
+msgid "no signed data\n"
+msgstr "no dados assinados\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "imposs�vel abrir dados assinados `%s'\n"
 
-#: g10/pubkey-enc.c:135
-#, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+#: g10/pubkey-enc.c:100
+#, fuzzy, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "destinat�rio an�nimo; tentando chave secreta %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "certo, n�s somos o destinat�rio an�nimo.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "codifica��o antiga do DEK n�o suportada\n"
 
-#: g10/pubkey-enc.c:216
+#: g10/pubkey-enc.c:177
 #, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
+msgid "cipher algorithm %d%s is unknown or disabled\n"
 msgstr "algoritmo de prote��o %d n�o � suportado\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
 msgstr "NOTA: algoritmo de criptografia %d n�o encontrado nas prefer�ncias\n"
 
-#: g10/pubkey-enc.c:261
+#: g10/pubkey-enc.c:242
 #, fuzzy, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "NOTA: chave de assinatura expirou %s\n"
-
-#: g10/hkp.c:62
-#, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
+msgstr "NOTA: chave secreta %08lX expirou %s\n"
 
-#: g10/hkp.c:75
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
 #, fuzzy, c-format
-msgid "can't get key from keyserver: %s\n"
+msgid "requesting key %08lX from HKP keyserver %s\n"
 msgstr "imposs�vel escrever para o chaveiro: %s\n"
 
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
-
-#: g10/hkp.c:106
+#: g10/hkp.c:94
 #, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s n�o � um mapa de caracteres v�lido\n"
+msgid "can't get key from keyserver: %s\n"
+msgstr "imposs�vel escrever para o chaveiro: %s\n"
 
-#: g10/hkp.c:182
+#: g10/hkp.c:171
 #, fuzzy, c-format
 msgid "error sending to `%s': %s\n"
 msgstr "erro na leitura de `%s': %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
 msgstr ""
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
 msgstr ""
 
-#: g10/seckey-cert.c:89
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr ""
+
+#: g10/hkp.c:521
+#, fuzzy, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "imposs�vel escrever para o chaveiro: %s\n"
+
+#: g10/seckey-cert.c:53
 #, fuzzy
 msgid "secret key parts are not available\n"
 msgstr "chave secreta n�o dispon�vel"
 
-#: g10/seckey-cert.c:95
-#, c-format
-msgid "protection algorithm %d is not supported\n"
+#: g10/seckey-cert.c:59
+#, fuzzy, c-format
+msgid "protection algorithm %d%s is not supported\n"
 msgstr "algoritmo de prote��o %d n�o � suportado\n"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
+#: g10/seckey-cert.c:215
+#, fuzzy
+msgid "Invalid passphrase; please try again"
 msgstr "Frase secreta inv�lida; por favor tente novamente ...\n"
 
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr ""
+
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr ""
 "AVISO: Chave fraca detectada - por favor mude a frase secreta novamente.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "esta � uma chave ElGamal gerada pelo PGP que N�O � segura para assinaturas!\n"
 
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "a chave p�blica � %lu segundo mais nova que a assinatura\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "a chave p�blica � %lu segundos mais nova que a assinatura\n"
 
-#: g10/sig-check.c:306
-#, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "NOTA: chave de assinatura expirou %s\n"
+#: g10/sig-check.c:237
+#, fuzzy, c-format
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "NOTA: chave de assinatura %08lX expirou %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr "assumindo assinatura incorreta devido a um bit cr�tico desconhecido\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+
+#: g10/sign.c:274
+#, fuzzy, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "leitura de registro de assinatura falhou: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "assinatura %s de: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "AVISO: `%s' � um arquivo vazio\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "imposs�vel criar %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "assinando:"
 
-#: g10/sign.c:583
-#, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "AVISO: `%s' � um arquivo vazio\n"
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:953
+#, fuzzy, c-format
+msgid "%s encryption will be used\n"
+msgstr "descriptografia falhou: %s\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2937,425 +3673,209 @@ msgstr "imposs�vel manipular linhas de texto maiores que %d caracteres\n"
 msgid "input line longer than %d characters\n"
 msgstr "linha de entrada maior que %d caracteres\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "banco de dados de confiabilidade rec %lu: lseek falhou: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr "banco de dados de confiabilidade rec %lu: escrita falhou (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "transa��o de banco de dados de confiabilidade muito grande\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: imposs�vel acessar: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: diret�rio inexistente!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
-#, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: imposs�vel criar: %s\n"
-
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
 msgid "%s: can't create lock\n"
 msgstr "%s: imposs�vel criar trava\n"
 
-#: g10/tdbio.c:473
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, fuzzy, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: imposs�vel criar trava\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: imposs�vel criar: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: falha ao criar registro de vers�o: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: banco de dados de confiabilidade inv�lido criado\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: banco de dados de confiabilidade criado\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: banco de dados de confiabilidade inv�lido\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: falha ao criar tabela de \"hash\": %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: erro atualizando registro de vers�o: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: erro lendo registro de vers�o: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: erro escrevendo registro de vers�o: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "banco de dados de confiabilidade: lseek falhou: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "banco de dados de confiabilidade: leitura falhou (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: n�o � um banco de dados de confiabilidade\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: registro de vers�o com recnum %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: vers�o de arquivo inv�lida %d\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: erro lendo registro livre: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: erro escrevendo registro de diret�rio: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: falha ao zerar um registro: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: falha ao anexar um registro: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr ""
 "O banco de dados de confiabilidade est� danificado; por favor rode\n"
 "\"gpg --fix-trust-db\".\n"
 
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr "registro de confian�a %lu, tipo req %d: falha na leitura: %s\n"
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr "registro de confian�a %lu, tipo %d: escrita falhou: %s\n"
-
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "registro de confian�a %lu: remo��o falhou: %s\n"
-
-#: g10/trustdb.c:212
-#, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "banco de dados de confiabilidade: sincroniza��o falhou: %s\n"
-
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "erro lendo registro de diret�rio para LID %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lid %lu: registro de diret�rio esperado, tipo %d recebido\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "nenhuma chave prim�ria para LID %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "erro lendo chave prim�ria para LID %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record falhou: %s\n"
-
-#: g10/trustdb.c:474
+#: g10/trustdb.c:200
 #, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
+msgid "`%s' is not a valid long keyID\n"
 msgstr "%s n�o � um mapa de caracteres v�lido\n"
 
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
+#: g10/trustdb.c:235
+#, fuzzy, c-format
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "chave %08lX: aceita como chave confi�vel.\n"
+
+#: g10/trustdb.c:274
+#, fuzzy, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
 msgstr ""
 "chave %08lX: imposs�vel coloc�-la no banco de dados de confiabilidade\n"
 
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "chave %08lX: pedido de registro falhou\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "chave %08lX: j� est� na tabela de chaves confi�veis\n"
-
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "chave %08lX: aceita como chave confi�vel.\n"
-
-#: g10/trustdb.c:547
+#: g10/trustdb.c:290
 #, fuzzy, c-format
 msgid "key %08lX: no public key for trusted key - skipped\n"
 msgstr "chave %08lX: chave secreta sem chave p�blica - ignorada\n"
 
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "NOTA: a chave secreta %08lX N�O est� protegida.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "chave %08lX: chaves secreta e p�blica n�o s�o correspondentes\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "enumera��o de chaves secretas falhou: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "chave %08lX.%lu: Liga��o de subchave v�lida\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "chave %08lX.%lu: Liga��o de subchave inv�lida: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "chave %08lX.%lu: Revoga��o de chave v�lida\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "chave %08lX.%lu: Revoga��o de chave inv�lida: %s\n"
-
-#: g10/trustdb.c:1029
-#, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "chave %08lX.%lu: Revoga��o de subchave v�lida\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Auto-assinatura v�lida"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Auto-assinatura inv�lida"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr ""
-"Revoga��o v�lida de ID de usu�rio ignorada devido a nova auto-assinatura"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Revoga��o de ID de usu�rio v�lida"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Revoga��o de ID de usu�rio inv�lida"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Certificado de revoga��o v�lido"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Certificado correto"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Certificado de revoga��o inv�lido"
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Certificado inv�lido"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "registro de assinatura %lu[%d] aponta para registro errado.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "certificado duplicado - removido"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir falhou: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lid ?: inser��o falhou: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lid %lu: inser��o falhou: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lid %lu: inserido\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "erro lendo registro de diret�rio: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu chaves processadas\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu chaves com erros\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu chaves inseridas\n"
-
-#: g10/trustdb.c:1826
+#: g10/trustdb.c:332
 #, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "enumera��o de blocos de chaves falhou: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lid %lu: registro de diret�rio sem chave - ignorado\n"
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "registro de confian�a %lu, tipo req %d: falha na leitura: %s\n"
 
-#: g10/trustdb.c:1884
-#, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu devido a novas chaves p�blicas\n"
+#: g10/trustdb.c:338
+#, fuzzy, c-format
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "registro de confian�a %lu: remo��o falhou: %s\n"
 
-#: g10/trustdb.c:1886
+#: g10/trustdb.c:353
 #, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu chaves ignoradas\n"
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "registro de confian�a %lu, tipo %d: escrita falhou: %s\n"
 
-#: g10/trustdb.c:1890
+#: g10/trustdb.c:368
 #, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu chaves atualizadas\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Ooops, nenhuma chave\n"
+msgid "trustdb: sync failed: %s\n"
+msgstr "banco de dados de confiabilidade: sincroniza��o falhou: %s\n"
 
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Ooops, nenhum ID de usu�rio\n"
+#: g10/trustdb.c:468
+#, fuzzy
+msgid "no need for a trustdb check\n"
+msgstr "%s: n�o � um banco de dados de confiabilidade\n"
 
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: busca de registro de diret�rio falhou: %s\n"
+#: g10/trustdb.c:474 g10/trustdb.c:1641
+#, fuzzy, c-format
+msgid "next trustdb check due at %s\n"
+msgstr "inser��o de registro de confian�a falhou: %s\n"
 
-#: g10/trustdb.c:2406
-#, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "chave %08lX: inser��o de registro de confian�a falhou: %s\n"
+#: g10/trustdb.c:779
+#, fuzzy
+msgid "checking the trustdb\n"
+msgstr "muda os valores de confian�a"
 
-#: g10/trustdb.c:2410
-#, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "chave %08lX.%lu: inserida no banco de dados de confiabilidade\n"
+#: g10/trustdb.c:933
+#, fuzzy, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "chave p�blica n�o encontrada"
 
-#: g10/trustdb.c:2418
+#: g10/trustdb.c:1515
 #, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "public key of ultimately trusted key %08lX not found\n"
 msgstr ""
-"chave %08lX.%lu: criada no futuro (viagem no tempo ou problema no relogio)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "chave %08lX.%lu: expirou em %s\n"
 
-#: g10/trustdb.c:2441
+#: g10/trustdb.c:1593
 #, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "chave %08lX.%lu: verifica��o de confian�a falhou: %s\n"
-
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "usu�rio `%s' n�o encontrado: %s\n"
-
-#: g10/trustdb.c:2594
-#, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "problemas na procura de `%s' no banco de dados de confiabilidade: %s\n"
-
-#: g10/trustdb.c:2597
-#, c-format
-msgid "user '%s' not in trustdb - inserting\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 msgstr ""
-"usu�rio `%s' n�o encontrado no banco de dados de confiabilidade - inserindo\n"
-
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "falha ao colocar `%s' no banco de dados de confiabilidade: %s\n"
 
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "AVISO: ainda � imposs�vel manipular registros de prefer�ncias longos\n"
-
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3365,45 +3885,33 @@ msgstr ""
 "Por favor lembre-se de que o arquivo com a assinatura (.sig ou .asc)\n"
 "deve ser o primeiro arquivo dado na linha de comando.\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr "linha %u muito longa ou sem LF\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: imposs�vel criar chaveiro: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: chaveiro criado\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "AVISO: existem 2 arquivos com informa��es confidenciais.\n"
-
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s � o n�o modificado\n"
-
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
-#, c-format
-msgid "%s is the new one\n"
-msgstr "%s � o novo\n"
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"a chave n�o est� marcada como insegura - imposs�vel us�-la com o pseudo "
+"RNG!\n"
 
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "Por favor conserte este poss�vel furo de seguran�a\n"
+#: g10/skclist.c:138
+#, fuzzy, c-format
+msgid "skipped `%s': duplicated\n"
+msgstr "ignorado `%s': duplicado\n"
 
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "ignorado `%s': %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+#, fuzzy
+msgid "skipped: secret key already present\n"
+msgstr "ignorado: a chave secreta j� est� presente\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3422,93 +3930,103 @@ msgstr "Arquivo `%s' j� existe. "
 msgid "Overwrite (y/N)? "
 msgstr "Sobrescrever (s/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: sufixo desconhecido\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Digite novo nome de arquivo"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "escrevendo em \"stdout\"\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "assumindo dados assinados em `%s'\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: novo arquivo de op��es criado\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: imposs�vel criar diret�rio: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: diret�rio criado\n"
 
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr ""
 "voc� deve reiniciar o GnuPG, para que ele possa ler o novo arquivo\n"
 "de op��es\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "criptografado com algoritmo desconhecido %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "dados criptografados com %s\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "AVISO: A mensagem foi criptografada com uma chave fraca na criptografia\n"
 "sim�trica.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+#, fuzzy
+msgid "problem handling encrypted packet\n"
+msgstr "eliminar o campo keyid dos pacotes criptografados\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "chave fraca criada - tentando novamente\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "imposs�vel evitar chave fraca para criptografia sim�trica;\n"
 "%d tentativas!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "h� uma chave secreta para esta chave p�blica!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "use a op��o \"--delete-secret-key\" para delet�-la antes.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr ""
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "imposs�vel fazer isso em modo n�o-interativo sem \"--yes\"\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Deletar esta chave do chaveiro? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "Esta � uma chave secreta! - realmente deletar? "
 
+#: g10/delkey.c:156
+#, fuzzy, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "enumera��o de blocos de chaves falhou: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, fuzzy, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "h� uma chave secreta para esta chave p�blica!\n"
+
+#: g10/delkey.c:196
+#, fuzzy
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "use a op��o \"--delete-secret-key\" para delet�-la antes.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3520,22 +4038,30 @@ msgstr ""
 "nada a ver com a rede de certificados (implicitamente criada)."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr "Se voc� quiser usar esta chave revogada assim mesmo, responda \"sim\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr ""
 "Se voc� quiser usar esta chave n�o confi�vel assim mesmo, responda \"sim\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr ""
 "Digite o ID de usu�rio do destinat�rio para o qual voc� quer enviar a\n"
 "mensagem."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3573,7 +4099,7 @@ msgstr ""
 "este � o motivo pelo qual a chave ElGamal apenas para criptografia n�o est�\n"
 "dispon�vel neste menu."
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3584,16 +4110,16 @@ msgstr ""
 "porque n�o s�o suportadas por todos os programas e assinaturas criadas com\n"
 "elas s�o grandes e sua verifica��o � lenta."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Digite o tamanho da chave"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Responda \"sim\" ou \"n�o\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3605,19 +4131,19 @@ msgstr ""
 "rea��o a erros - o sistema tentar� interpretar o valor dado como um "
 "intervalo."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Digite o nome do possuidor da chave"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr "por favor digite um endere�o de email (opcional mas recomendado)"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Por favor digite um coment�rio (opcional)"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3631,15 +4157,56 @@ msgstr ""
 "O  para continuar a gera��o da chave.\n"
 "S  para interromper a gera��o da chave."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Responda \"sim\" (ou apenas \"s\") se quiser gerar a subchave."
 
-#: g10/helptext.c:164
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Responda \"sim\" se quiser assinar TODOS os IDs de usu�rio"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3647,11 +4214,11 @@ msgstr ""
 "Responda \"sim\" se quiser realmente remover este ID de usu�rio.\n"
 "Todos os certificados tamb�m ser�o perdidos!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Responda \"sim\" se quiser remover a subchave"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3661,7 +4228,7 @@ msgstr ""
 "remover esta assinatura porque ela pode ser importante para estabelecer\n"
 "uma conex�o de confian�a � chave ou a outra chave certificada por esta."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3673,13 +4240,13 @@ msgstr ""
 "porque a chave desta assinatura pode estabelecer uma conex�o de confian�a\n"
 "atrav�s de outra chave j� certificada."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
 msgstr "A assinatura n�o � v�lida. Faz sentido remov�-la de seu chaveiro."
 
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3692,27 +4259,33 @@ msgstr ""
 "n�o consiga mais usar esta chave. Fa�a isto apenas se por alguma\n"
 "raz�o esta auto-assinatura n�o for v�lida e h� uma segunda dispon�vel."
 
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+
+#: g10/helptext.c:238
+#, fuzzy
+msgid "Please enter the passhrase; this is a secret sentence \n"
 msgstr "Por favor digite a frase secreta"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr ""
 "Por favor repita a �ltima frase secreta, para ter certeza do que voc� "
 "digitou."
 
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr "D� o nome para o arquivo ao qual a assinatura se aplica"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Responda \"sim\" se quiser sobrescrever o arquivo"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3720,14 +4293,14 @@ msgstr ""
 "Por favor digite um novo nome de arquivo. Se voc� apenas apertar RETURN o\n"
 "arquivo padr�o (que � mostrado em colchetes) ser� usado."
 
-#: g10/helptext.c:229
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3736,33 +4309,350 @@ msgid ""
 "      this is normally used to mark an email address invalid.\n"
 msgstr ""
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
 "An empty line ends the text.\n"
 msgstr ""
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Nenhuma ajuda dispon�vel"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Nenhuma ajuda dispon�vel para `%s'"
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "erro de leitura do certificado: %s\n"
+#: g10/keydb.c:177
+#, fuzzy, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "erro na escrita do chaveiro `%s': %s\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "chave RSA n�o pode ser usada nesta vers�o\n"
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr ""
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Nenhuma chave para identificador de usu�rio\n"
+#: g10/keydb.c:197
+#, fuzzy, c-format
+msgid "keyring `%s' created\n"
+msgstr "%s: chaveiro criado\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Nenhum identificador de usu�rio para chave\n"
+#: g10/keydb.c:587
+#, fuzzy, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "%s: falha ao criar tabela de \"hash\": %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "AVISO: existem 2 arquivos com informa��es confidenciais.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s � o n�o modificado\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s � o novo\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Por favor conserte este poss�vel furo de seguran�a\n"
+
+#: g10/keyring.c:1337
+#, fuzzy, c-format
+msgid "checking keyring `%s'\n"
+msgstr "erro na escrita do chaveiro `%s': %s\n"
+
+#: g10/keyring.c:1368
+#, fuzzy, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "%lu chaves processadas at� agora\n"
+
+#: g10/keyring.c:1379
+#, fuzzy, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "listar as chaves e as assinaturas"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: chaveiro criado\n"
+
+#, fuzzy
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "Voc� tem certeza de que quer este tamanho de chave? "
+
+#, fuzzy
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "Voc� tem certeza de que quer este tamanho de chave? "
+
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Realmente assinar? "
+
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "chave %08lX: nossa c�pia n�o tem auto-assinatura\n"
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Voc� realmente precisa de uma chave t�o grande? "
+
+#~ msgid "   signed by %08lX at %s\n"
+#~ msgstr "   assinado por %08lX em %s\n"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key id-usu�rio"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key id-usu�rio"
+
+#, fuzzy
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key id-usu�rio"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Digite o identificador de usu�rio: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "ignorado: chave p�blica j� marcada com --encrypt-to\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "\n"
+#~ "WARNING: This is a PGP2-style key\n"
+#~ msgstr "AVISO: `%s' � um arquivo vazio\n"
+
+#~ msgid "sSmMqQ"
+#~ msgstr "sSmMqQ"
+
+#, fuzzy
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s n�o � um mapa de caracteres v�lido\n"
+
+#, fuzzy
+#~ msgid "duplicate (short) key ID %08lX\n"
+#~ msgstr "a chave p�blica � %08lX\n"
+
+#, fuzzy
+#~ msgid "%lu key(s) to refresh\n"
+#~ msgstr "\t%lu chaves com erros\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NOMES]|verificar o banco de dados de confiabilidade"
+
+#~ msgid ""
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "N�o foi poss�vel encontrar uma rota de confian�a v�lida para a chave.\n"
+#~ "Vamos ver se � poss�vel designar alguns valores de confian�a ausentes.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr "Nenhuma rota encontrada que leve a uma de nossas chaves.\n"
+
+#~ msgid ""
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Nenhum certificado com confian�a indefinida encontrado.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Nenhum valor de confian�a modificado.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr "%08lX: sem informa��o para calcular probabilidade de confian�a\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: erro na verifica��o da chave: %s\n"
+
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "entradas demais no cache unk - desativado\n"
+
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr "atualiza��o do banco de dados de confiabilidade falhou: %s\n"
+
+#~ msgid "assuming bad MDC due to an unknown critical bit\n"
+#~ msgstr "assumindo MDC incorreto devido a um bit cr�tico desconhecido\n"
+
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "erro lendo registro de diret�rio para LID %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr "lid %lu: registro de diret�rio esperado, tipo %d recebido\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "nenhuma chave prim�ria para LID %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr "erro lendo chave prim�ria para LID %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: search_record falhou: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "chave %08lX: pedido de registro falhou\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "chave %08lX: j� est� na tabela de chaves confi�veis\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "NOTA: a chave secreta %08lX N�O est� protegida.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
+#~ msgstr "chave %08lX: chaves secreta e p�blica n�o s�o correspondentes\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "enumera��o de chaves secretas falhou: %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "chave %08lX.%lu: Liga��o de subchave v�lida\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "chave %08lX.%lu: Liga��o de subchave inv�lida: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "chave %08lX.%lu: Revoga��o de chave v�lida\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "chave %08lX.%lu: Revoga��o de chave inv�lida: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "chave %08lX.%lu: Revoga��o de subchave v�lida\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Auto-assinatura v�lida"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Auto-assinatura inv�lida"
+
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
+#~ msgstr ""
+#~ "Revoga��o v�lida de ID de usu�rio ignorada devido a nova auto-assinatura"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "Revoga��o de ID de usu�rio v�lida"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Revoga��o de ID de usu�rio inv�lida"
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "Certificado de revoga��o v�lido"
+
+#~ msgid "Good certificate"
+#~ msgstr "Certificado correto"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Certificado de revoga��o inv�lido"
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Certificado inv�lido"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "registro de assinatura %lu[%d] aponta para registro errado.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "certificado duplicado - removido"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "tdbio_search_dir falhou: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lid ?: inser��o falhou: %s\n"
+
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lid %lu: inser��o falhou: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lid %lu: inserido\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "erro lendo registro de diret�rio: %s\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "\t%lu chaves inseridas\n"
+
+#~ msgid "enumerate keyblocks failed: %s\n"
+#~ msgstr "enumera��o de blocos de chaves falhou: %s\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lid %lu: registro de diret�rio sem chave - ignorado\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "\t%lu devido a novas chaves p�blicas\n"
+
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "\t%lu chaves ignoradas\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "\t%lu chaves atualizadas\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Ooops, nenhuma chave\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Ooops, nenhum ID de usu�rio\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr "check_trust: busca de registro de diret�rio falhou: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr "chave %08lX: inser��o de registro de confian�a falhou: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "chave %08lX.%lu: inserida no banco de dados de confiabilidade\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+#~ msgstr ""
+#~ "chave %08lX.%lu: criada no futuro (viagem no tempo ou problema no "
+#~ "relogio)\n"
+
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "chave %08lX.%lu: expirou em %s\n"
+
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "chave %08lX.%lu: verifica��o de confian�a falhou: %s\n"
+
+#~ msgid "user '%s' not found: %s\n"
+#~ msgstr "usu�rio `%s' n�o encontrado: %s\n"
+
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr ""
+#~ "problemas na procura de `%s' no banco de dados de confiabilidade: %s\n"
+
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr ""
+#~ "usu�rio `%s' n�o encontrado no banco de dados de confiabilidade - "
+#~ "inserindo\n"
+
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "falha ao colocar `%s' no banco de dados de confiabilidade: %s\n"
+
+#, fuzzy
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) ElGamal (assinatura e criptografia)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr ""
+#~ "Voc� realmente quer criar uma chave para assinatura e criptografia? "
+
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: usu�rio n�o encontrado: %s\n"
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "erro de leitura do certificado: %s\n"
 
 #~ msgid "no default public keyring\n"
 #~ msgstr "sem chaveiro p�blico padr�o\n"
@@ -3770,32 +4660,42 @@ msgstr "Nenhuma ajuda dispon�vel para `%s'"
 #~ msgid "can't lock keyring `%s': %s\n"
 #~ msgstr "imposs�vel bloquear chaveiro `%s': %s\n"
 
-#~ msgid "error writing keyring `%s': %s\n"
-#~ msgstr "erro na escrita do chaveiro `%s': %s\n"
-
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "chave %08lX: imposs�vel ler bloco de chaves original: %s\n"
-
 #~ msgid "%s: user not found\n"
 #~ msgstr "%s: usu�rio n�o encontrado\n"
 
-#~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
+#~ msgid "WARNING: can't yet handle long pref records\n"
 #~ msgstr ""
-#~ "Chaves RSA n�o s�o recomend�veis; por favor considere criar uma nova chave e "
-#~ "us�-la no futuro\n"
+#~ "AVISO: ainda � imposs�vel manipular registros de prefer�ncias longos\n"
 
-#~ msgid "not processed"
-#~ msgstr "n�o processado(s)"
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: imposs�vel criar chaveiro: %s\n"
 
-#~ msgid "assuming bad MDC due to an unknown critical bit\n"
-#~ msgstr "assumindo MDC incorreto devido a um bit cr�tico desconhecido\n"
+#, fuzzy
+#~ msgid "invalid"
+#~ msgstr "armadura inv�lida"
+
+#, fuzzy
+#~ msgid "revoked"
+#~ msgstr "revkey"
+
+#~ msgid "RSA key cannot be used in this version\n"
+#~ msgstr "chave RSA n�o pode ser usada nesta vers�o\n"
+
+#~ msgid "No key for user ID\n"
+#~ msgstr "Nenhuma chave para identificador de usu�rio\n"
+
+#~ msgid "No user ID for key\n"
+#~ msgstr "Nenhum identificador de usu�rio para chave\n"
+
+#~ msgid "no secret key for decryption available\n"
+#~ msgstr "nenhuma chave secreta para descriptografia dispon�vel\n"
 
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+#~ msgid ""
+#~ "RSA keys are deprecated; please consider creating a new key and use this "
+#~ "key in the future\n"
 #~ msgstr ""
-#~ "a chave n�o est� marcada como insegura - imposs�vel us�-la com o pseudo "
-#~ "RNG!\n"
+#~ "Chaves RSA n�o s�o recomend�veis; por favor considere criar uma nova "
+#~ "chave e us�-la no futuro\n"
 
 #~ msgid "set debugging flags"
 #~ msgstr "definir par�metros de depura��o"
@@ -3832,7 +4732,8 @@ msgstr "Nenhuma ajuda dispon�vel para `%s'"
 
 #~ msgid "NOTE: sig rec %lu[%d] in hintlist of %lu but not marked\n"
 #~ msgstr ""
-#~ "NOTA: assinatura rec %lu[%d] est� na lista de sugest�es de %lu mas n�o est�\n"
+#~ "NOTA: assinatura rec %lu[%d] est� na lista de sugest�es de %lu mas n�o "
+#~ "est�\n"
 #~ "      marcada\n"
 
 #~ msgid "sig rec %lu[%d] in hintlist of %lu does not point to a dir record\n"
@@ -3865,10 +4766,6 @@ msgstr "Nenhuma ajuda dispon�vel para `%s'"
 #~ msgid "lid %lu: can't get keyblock: %s\n"
 #~ msgstr "lid %lu: imposs�vel pegar bloco de chaves: %s\n"
 
-# muitas ou demais ???
-#~ msgid "Too many preferences"
-#~ msgstr "Prefer�ncias demais"
-
 #~ msgid "Too many preference items"
 #~ msgstr "Muitos itens de prefer�ncia"
 
@@ -3911,6 +4808,9 @@ msgstr "Nenhuma ajuda dispon�vel para `%s'"
 #~ msgid "can't lock keyring `%': %s\n"
 #~ msgstr "imposs�vel bloquear chaveiro `%': %s\n"
 
+#~ msgid "error writing keyring `%': %s\n"
+#~ msgstr "erro na escrita do chaveiro `%': %s\n"
+
 #~ msgid "can't open file: %s\n"
 #~ msgstr "imposs�vel abrir arquivo: %s\n"
 
@@ -3923,12 +4823,6 @@ msgstr "Nenhuma ajuda dispon�vel para `%s'"
 #~ msgid "can't write keyblock: %s\n"
 #~ msgstr "imposs�vel escrever bloco de chaves: %s\n"
 
-#~ msgid "can't lock secret keyring: %s\n"
-#~ msgstr "imposs�vel bloquear chaveiro secreto: %s\n"
-
-#~ msgid "can't write keyring: %s\n"
-#~ msgstr "imposs�vel escrever chaveiro: %s\n"
-
 #, fuzzy
 #~ msgid "encrypted message is valid\n"
 #~ msgstr "algoritmo de \"digest\" selecionado n�o � v�lido\n"
@@ -3968,9 +4862,6 @@ msgstr "Nenhuma ajuda dispon�vel para `%s'"
 #~ msgid "lid %lu: read pref record failed: %s\n"
 #~ msgstr "lid %lu: leitura de registro de prefer�ncias falhou: %s\n"
 
-#~ msgid "lid %lu: read sig record failed: %s\n"
-#~ msgstr "lid %lu: leitura de registro de assinatura falhou: %s\n"
-
 #, fuzzy
 #~ msgid "user '%s' read problem: %s\n"
 #~ msgstr "erro de leitura do usu�rio `%s': %s\n"
@@ -4013,9 +4904,6 @@ msgstr "Nenhuma ajuda dispon�vel para `%s'"
 #~ msgid "Oops: key is now in trustdb???\n"
 #~ msgstr "Oops: agora a chave est� no banco de dados de confiabilidade???\n"
 
-#~ msgid "insert trust record failed: %s\n"
-#~ msgstr "inser��o de registro de confian�a falhou: %s\n"
-
 #~ msgid "Hmmm, public key lost?"
 #~ msgstr "Hmmm, chave p�blica perdida?"
 
diff --git a/po/ru.po b/po/ru.po
deleted file mode 100644
index 283973593..000000000
--- a/po/ru.po
+++ /dev/null
@@ -1,4097 +0,0 @@
-# I finished the translation without looking at the contrib directory of
-# GPG site. Werner enlightened me about two previous translations and I
-# dared to look in them to correct my translation of questionable phrases.
-# So I'd like to thank:
-# Artem Belevich <[email protected]>
-# Alexey Morozov <[email protected]>
-# Michael Sobolev <[email protected]>, 1998
-# Alexey Vyskubov <[email protected]>, 1998
-# QingLong <qinglong@Bolizm> (couldn't send an email to let you know)
-msgid ""
-msgstr ""
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"Content-Type: text/plain; charset=\n"
-"Date: 1998-01-26 22:08:36+0100\n"
-"From: Gregory Steuck <[email protected]>\n"
-"Xgettext-Options: --default-domain=gnupg --directory=.. --add-comments "
-"--keyword=_ --keyword=N_ --files-from=./POTFILES.in\n"
-"Files: util/secmem.c util/argparse.c cipher/random.c cipher/rand-dummy.c "
-"cipher/rand-unix.c cipher/rand-w32.c g10/g10.c g10/pkclist.c g10/keygen.c "
-"g10/decrypt.c g10/encode.c g10/import.c g10/keyedit.c g10/keylist.c "
-"g10/mainproc.c g10/passphrase.c g10/plaintext.c g10/pref.c g10/seckey-cert.c "
-"g10/sig-check.c g10/sign.c g10/trustdb.c g10/verify.c\n"
-
-#: util/miscutil.c:278 util/miscutil.c:307
-msgid "yes"
-msgstr "��(y)"
-
-#: util/miscutil.c:279 util/miscutil.c:310
-msgid "yY"
-msgstr "yY"
-
-#: util/miscutil.c:280 util/miscutil.c:308
-msgid "no"
-msgstr ""
-
-#: util/miscutil.c:281 util/miscutil.c:311
-msgid "nN"
-msgstr ""
-
-#: g10/keyedit.c:575 util/miscutil.c:309
-msgid "quit"
-msgstr "�����"
-
-#: util/miscutil.c:312
-msgid "qQ"
-msgstr ""
-
-#: util/errors.c:55
-#, fuzzy
-msgid "general error"
-msgstr "����� ������"
-
-#: util/errors.c:56
-#, fuzzy
-msgid "unknown packet type"
-msgstr "����������� ��� ������"
-
-#: util/errors.c:57
-#, fuzzy
-msgid "unknown version"
-msgstr "����������� ������"
-
-#: util/errors.c:58
-#, fuzzy
-msgid "unknown pubkey algorithm"
-msgstr "����������� �������� ���������� � �������� ������"
-
-#: util/errors.c:59
-#, fuzzy
-msgid "unknown digest algorithm"
-msgstr "����������� �������� ��������� ���������"
-
-#: util/errors.c:60
-#, fuzzy
-msgid "bad public key"
-msgstr "������ �������� ����"
-
-#: util/errors.c:61
-#, fuzzy
-msgid "bad secret key"
-msgstr "������ ��������� ����"
-
-#: util/errors.c:62
-#, fuzzy
-msgid "bad signature"
-msgstr "������ �������"
-
-#: util/errors.c:63
-#, fuzzy
-msgid "checksum error"
-msgstr "������������ ����������� �����"
-
-#: util/errors.c:64
-#, fuzzy
-msgid "bad passphrase"
-msgstr "�������� \"�������� �����\""
-
-#: util/errors.c:65
-#, fuzzy
-msgid "public key not found"
-msgstr "�������� ���� �� ������"
-
-#: util/errors.c:66
-#, fuzzy
-msgid "unknown cipher algorithm"
-msgstr "����������� �������� ����������"
-
-#: util/errors.c:67
-#, fuzzy
-msgid "can't open the keyring"
-msgstr "���������� ������� \"������ ������\""
-
-#: util/errors.c:68
-#, fuzzy
-msgid "invalid packet"
-msgstr "������������ �����"
-
-#: util/errors.c:69
-#, fuzzy
-msgid "invalid armor"
-msgstr "������������ ASCII-���������"
-
-#: util/errors.c:70
-#, fuzzy
-msgid "no such user id"
-msgstr "����������� ������������� ������������"
-
-#: util/errors.c:71
-#, fuzzy
-msgid "secret key not available"
-msgstr "��������� ���� �� ����������"
-
-#: util/errors.c:72
-#, fuzzy
-msgid "wrong secret key used"
-msgstr "����������� ������������ ��������� ����"
-
-#: util/errors.c:73
-#, fuzzy
-msgid "not supported"
-msgstr "�� ��������������"
-
-#: util/errors.c:74
-#, fuzzy
-msgid "bad key"
-msgstr "������ ����"
-
-#: util/errors.c:75
-#, fuzzy
-msgid "file read error"
-msgstr "������ ������ �����"
-
-#: util/errors.c:76
-#, fuzzy
-msgid "file write error"
-msgstr "������ ������ �����"
-
-#: util/errors.c:77
-#, fuzzy
-msgid "unknown compress algorithm"
-msgstr "����������� �������� ��������"
-
-#: util/errors.c:78
-#, fuzzy
-msgid "file open error"
-msgstr "������ �������� �����"
-
-#: util/errors.c:79
-#, fuzzy
-msgid "file create error"
-msgstr "������ �������� �����"
-
-#: util/errors.c:80
-#, fuzzy
-msgid "invalid passphrase"
-msgstr "�������� \"�������� �����\""
-
-#: util/errors.c:81
-#, fuzzy
-msgid "unimplemented pubkey algorithm"
-msgstr "��������������� �������� ���������� � �������� ������"
-
-#: util/errors.c:82
-#, fuzzy
-msgid "unimplemented cipher algorithm"
-msgstr "��������������� �������� ����������"
-
-#: util/errors.c:83
-#, fuzzy
-msgid "unknown signature class"
-msgstr "������� ������������ ����"
-
-#: util/errors.c:84
-#, fuzzy
-msgid "trust database error"
-msgstr "������ � Trust-DB (���� ������ �������)"
-
-#: util/errors.c:85
-msgid "bad MPI"
-msgstr ""
-
-#: util/errors.c:86
-#, fuzzy
-msgid "resource limit"
-msgstr "������������ ��������"
-
-#: util/errors.c:87
-#, fuzzy
-msgid "invalid keyring"
-msgstr "������������ \"������ ������\""
-
-#: util/errors.c:88
-#, fuzzy
-msgid "bad certificate"
-msgstr "������ ����������"
-
-#: util/errors.c:89
-#, fuzzy
-msgid "malformed user id"
-msgstr "������������ ����� �������������� ������������"
-
-#: util/errors.c:90
-#, fuzzy
-msgid "file close error"
-msgstr "������ �������� �����"
-
-#: util/errors.c:91
-#, fuzzy
-msgid "file rename error"
-msgstr "������ �������������� �����"
-
-#: util/errors.c:92
-#, fuzzy
-msgid "file delete error"
-msgstr "������ �������� �����"
-
-#: util/errors.c:93
-#, fuzzy
-msgid "unexpected data"
-msgstr "����������� ������"
-
-#: util/errors.c:94
-#, fuzzy
-msgid "timestamp conflict"
-msgstr "�������� ��������� ���������� (timestamp)"
-
-#: util/errors.c:95
-#, fuzzy
-msgid "unusable pubkey algorithm"
-msgstr "����������� ��� ������������� �������� ��������� �����"
-
-#: util/errors.c:96
-#, fuzzy
-msgid "file exists"
-msgstr "���� ����������"
-
-#: util/errors.c:97
-#, fuzzy
-msgid "weak key"
-msgstr "������ ����"
-
-#: util/errors.c:98
-#, fuzzy
-msgid "invalid argument"
-msgstr "������������ ASCII-���������"
-
-#: util/errors.c:99
-msgid "bad URI"
-msgstr ""
-
-#: util/errors.c:100
-#, fuzzy
-msgid "unsupported URI"
-msgstr "�� ��������������"
-
-#: util/errors.c:101
-#, fuzzy
-msgid "network error"
-msgstr "����� ������"
-
-#: util/errors.c:103
-#, fuzzy
-msgid "not encrypted"
-msgstr "����������� ������"
-
-#: util/logger.c:227
-#, fuzzy, c-format
-msgid "... this is a bug (%s:%d:%s)\n"
-msgstr "��-�� ... ������ � ��������� (%s:%d:%s)\n"
-
-#: util/logger.c:233
-#, c-format
-msgid "you found a bug ... (%s:%d)\n"
-msgstr "�� ����� ������ � ��������� ... (%s:%d)\n"
-
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
-#, fuzzy, c-format
-msgid "can't open `%s': %s\n"
-msgstr "���������� ������� ���� `%s': %s\n"
-
-#: cipher/random.c:325
-#, fuzzy, c-format
-msgid "can't stat `%s': %s\n"
-msgstr "���������� ������� ���� `%s': %s\n"
-
-#: cipher/random.c:330
-#, c-format
-msgid "`%s' is not a regular file - ignored\n"
-msgstr ""
-
-#: cipher/random.c:335
-msgid "note: random_seed file is empty\n"
-msgstr ""
-
-#: cipher/random.c:341
-msgid "warning: invalid size of random_seed file - not used\n"
-msgstr ""
-
-#: cipher/random.c:349
-#, fuzzy, c-format
-msgid "can't read `%s': %s\n"
-msgstr "���������� ������� ���� `%s': %s\n"
-
-#: cipher/random.c:387
-msgid "note: random_seed file not updated\n"
-msgstr ""
-
-#: cipher/random.c:407
-#, fuzzy, c-format
-msgid "can't create `%s': %s\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: cipher/random.c:414
-#, fuzzy, c-format
-msgid "can't write `%s': %s\n"
-msgstr "���������� ������� ���� `%s': %s\n"
-
-#: cipher/random.c:417
-#, fuzzy, c-format
-msgid "can't close `%s': %s\n"
-msgstr "���������� ������� ���� `%s': %s\n"
-
-#: cipher/random.c:428
-#, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr ""
-
-#: cipher/random.c:659
-#, fuzzy
-msgid "WARNING: using insecure random number generator!!\n"
-msgstr "��������: ������������ ���������� ��������� ��������� �����!\n"
-
-#: cipher/random.c:665
-msgid ""
-"The random number generator is only a kludge to let\n"
-"it run - it is in no way a strong RNG!\n"
-"\n"
-"DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
-"\n"
-msgstr ""
-"������������ ��������� ��������� ����� -- ������ ��������,\n"
-"����� �������������� ���������, ����� �� �������� ���!\n"
-"\n"
-"�� ����������� ������� ���������� ���� ����������!\n"
-"\n"
-
-#: cipher/rndlinux.c:126
-#, c-format
-msgid ""
-"\n"
-"Not enough random bytes available.  Please do some other work to give\n"
-"the OS a chance to collect more entropy! (Need %d more bytes)\n"
-msgstr ""
-"\n"
-"������������ ��������� ������. ����������, ��������� ���-������, �����\n"
-"�� ����� ������� �������������� ��������� �����! (����� ��� %d ����)\n"
-
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr ""
-"��������, �������� ������ ��������� ������!\n"
-"��� �������� ����� ������, ��������� ��������� suid(root).\n"
-"���������� ��� ����� � �������������� ����� �������.\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr ""
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr ""
-
-#: g10/gpg.c:201
-msgid ""
-"@Commands:\n"
-" "
-msgstr ""
-"@�������:\n"
-" "
-
-#: g10/gpg.c:203
-#, fuzzy
-msgid "|[file]|make a signature"
-msgstr "|[����]|������� �������"
-
-#: g10/gpg.c:204
-#, fuzzy
-msgid "|[file]|make a clear text signature"
-msgstr "|[����]|������� ��������� �������"
-
-#: g10/gpg.c:205
-msgid "make a detached signature"
-msgstr "������� ��������� �������"
-
-#: g10/gpg.c:206
-msgid "encrypt data"
-msgstr "����������� ������"
-
-#: g10/gpg.c:207
-msgid "encryption only with symmetric cipher"
-msgstr "����������� ������������ ����������"
-
-#: g10/gpg.c:208
-msgid "store only"
-msgstr "������ ���������"
-
-#: g10/gpg.c:209
-msgid "decrypt data (default)"
-msgstr "������������ ������ (�� ���������)"
-
-#: g10/gpg.c:210
-msgid "verify a signature"
-msgstr "��������� �������"
-
-#: g10/gpg.c:212
-msgid "list keys"
-msgstr "������ ������"
-
-#: g10/gpg.c:214
-msgid "list keys and signatures"
-msgstr "������ ������ � ��������"
-
-#: g10/gpg.c:215
-msgid "check key signatures"
-msgstr "��������� ������� �� �����"
-
-#: g10/gpg.c:216
-msgid "list keys and fingerprints"
-msgstr "������ ������ � �� \"����������� �������\""
-
-#: g10/gpg.c:217
-msgid "list secret keys"
-msgstr "������ ��������� ������"
-
-#: g10/gpg.c:218
-msgid "generate a new key pair"
-msgstr "������������� ����� ���� ������ (�������� � ���������)"
-
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
-msgstr "������� ���� �� ������"
-
-#: g10/gpg.c:221
-#, fuzzy
-msgid "remove key from the secret keyring"
-msgstr "������� ���� �� ������"
-
-#: g10/gpg.c:222
-#, fuzzy
-msgid "sign a key"
-msgstr "��������� ����"
-
-#: g10/gpg.c:223
-#, fuzzy
-msgid "sign a key locally"
-msgstr "��������� ����"
-
-#: g10/gpg.c:224
-msgid "sign or edit a key"
-msgstr "��������� ��� ������������� ����"
-
-#: g10/gpg.c:225
-msgid "generate a revocation certificate"
-msgstr "������������� ���������� ����������"
-
-#: g10/gpg.c:226
-msgid "export keys"
-msgstr "�������������� �����"
-
-#: g10/gpg.c:227
-msgid "export keys to a key server"
-msgstr ""
-
-#: g10/gpg.c:228
-msgid "import keys from a key server"
-msgstr ""
-
-#: g10/gpg.c:232
-msgid "import/merge keys"
-msgstr "�������������/�������� �����"
-
-#: g10/gpg.c:234
-msgid "list only the sequence of packets"
-msgstr "���������� ������ ������������������ �������"
-
-#: g10/gpg.c:236
-#, fuzzy
-msgid "export the ownertrust values"
-msgstr "�������������� ��������� �������\n"
-
-#: g10/gpg.c:238
-#, fuzzy
-msgid "import ownertrust values"
-msgstr "������������� ��������� �������\n"
-
-#: g10/gpg.c:240
-#, fuzzy
-msgid "update the trust database"
-msgstr "|[�����]|��������� ���� ������ �������"
-
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[�����]|��������� ���� ������ �������"
-
-#: g10/gpg.c:243
-msgid "fix a corrupted trust database"
-msgstr "��������� ����������� ���� ������ �������"
-
-#: g10/gpg.c:244
-msgid "De-Armor a file or stdin"
-msgstr "������������ stdin ��� ���� �� ASCII-�������������"
-
-#: g10/gpg.c:246
-msgid "En-Armor a file or stdin"
-msgstr "������������ stdin ��� ���� � ASCII-�������������"
-
-#: g10/gpg.c:248
-msgid "|algo [files]|print message digests"
-msgstr "|algo [files]|���������� �������� ���������"
-
-#: g10/gpg.c:253
-msgid ""
-"@\n"
-"Options:\n"
-" "
-msgstr ""
-"@\n"
-"���������:\n"
-" "
-
-#: g10/gpg.c:255
-msgid "create ascii armored output"
-msgstr "����� � ASCII-�������������"
-
-#: g10/gpg.c:257
-#, fuzzy
-msgid "|NAME|encrypt for NAME"
-msgstr "|���|������������ ������������ ���������� ���"
-
-#: g10/gpg.c:260
-#, fuzzy
-msgid "|NAME|use NAME as default recipient"
-msgstr "|���|������������ ��� � �������� ���������� ����� �� ���������"
-
-#: g10/gpg.c:262
-msgid "use the default key as default recipient"
-msgstr ""
-
-#: g10/gpg.c:266
-msgid "use this user-id to sign or decrypt"
-msgstr ""
-"������������ ��������� ������������� ������������ ��� ������� ��� �����������"
-
-#: g10/gpg.c:267
-msgid "|N|set compress level N (0 disables)"
-msgstr "|N|���������� ������� ������ (0 - �� �������)"
-
-#: g10/gpg.c:269
-msgid "use canonical text mode"
-msgstr "������������ ������������ ��������� �����"
-
-#: g10/gpg.c:270
-msgid "use as output file"
-msgstr "������������ � �������� ��������� �����"
-
-#: g10/gpg.c:271
-msgid "verbose"
-msgstr "������������"
-
-#: g10/gpg.c:272
-msgid "be somewhat more quiet"
-msgstr ""
-
-#: g10/gpg.c:273
-msgid "don't use the terminal at all"
-msgstr ""
-
-#: g10/gpg.c:274
-#, fuzzy
-msgid "force v3 signatures"
-msgstr "��������� ������� �� �����"
-
-#: g10/gpg.c:275
-#, fuzzy
-msgid "always use a MDC for encryption"
-msgstr "������������ ��������� ������������� ������������ ��� ����������"
-
-#: g10/gpg.c:276
-msgid "do not make any changes"
-msgstr "Keine wirklichen �nderungen durchf�hren"
-
-#. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
-msgid "use the gpg-agent"
-msgstr ""
-
-#: g10/gpg.c:279
-msgid "batch mode: never ask"
-msgstr "�������� �����: ������ �� ����������"
-
-#: g10/gpg.c:280
-msgid "assume yes on most questions"
-msgstr "�������� \"��\" �� ����������� ��������"
-
-#: g10/gpg.c:281
-msgid "assume no on most questions"
-msgstr "�������� \"���\" �� ����������� ��������"
-
-#: g10/gpg.c:282
-msgid "add this keyring to the list of keyrings"
-msgstr "�������� ��� ������ � ������ ������ ������"
-
-#: g10/gpg.c:283
-msgid "add this secret keyring to the list"
-msgstr "�������� ��� ��������� ������ � ������ ������ ������"
-
-#: g10/gpg.c:284
-msgid "|NAME|use NAME as default secret key"
-msgstr "|���|������������ ��� � �������� ���������� ����� �� ���������"
-
-#: g10/gpg.c:285
-msgid "|HOST|use this keyserver to lookup keys"
-msgstr ""
-
-#: g10/gpg.c:286
-#, fuzzy
-msgid "|NAME|set terminal charset to NAME"
-msgstr "|���|������������ ������������ ���������� ���"
-
-#: g10/gpg.c:287
-msgid "read options from file"
-msgstr "������ ��������� �� �����"
-
-#: g10/gpg.c:291
-msgid "|FD|write status info to this FD"
-msgstr "|FD| ���������� ���������� � ��������� � ���������� (FD)"
-
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr ""
-
-#: g10/gpg.c:297
-#, fuzzy
-msgid "|FILE|load extension module FILE"
-msgstr "|����|��������� ���� � ������������ ��������"
-
-#: g10/gpg.c:298
-msgid "emulate the mode described in RFC1991"
-msgstr "����������� ����� ��������� � RFC1991"
-
-#: g10/gpg.c:299
-msgid "set all packet, cipher and digest options to OpenPGP behavior"
-msgstr ""
-
-#: g10/gpg.c:300
-#, fuzzy
-msgid "|N|use passphrase mode N"
-msgstr "|N|������������ �������� ����� ������ N\n"
-
-#: g10/gpg.c:302
-#, fuzzy
-msgid "|NAME|use message digest algorithm NAME for passphrases"
-msgstr "|���|������������ ���-�������� ��� ��� �������� ����"
-
-#: g10/gpg.c:304
-#, fuzzy
-msgid "|NAME|use cipher algorithm NAME for passphrases"
-msgstr "|���|������������ ������������ ���������� ��� ��� �������� ����"
-
-#: g10/gpg.c:305
-msgid "|NAME|use cipher algorithm NAME"
-msgstr "|���|������������ ������������ ���������� ���"
-
-#: g10/gpg.c:306
-msgid "|NAME|use message digest algorithm NAME"
-msgstr "|���|������������ ���-�������� ���"
-
-#: g10/gpg.c:307
-msgid "|N|use compress algorithm N"
-msgstr "|N|������������ �������� ������ N"
-
-#: g10/gpg.c:308
-msgid "throw keyid field of encrypted packets"
-msgstr "����������� ���� keyid � ������������� �������"
-
-#: g10/gpg.c:309
-msgid "|NAME=VALUE|use this notation data"
-msgstr ""
-
-#: g10/gpg.c:312
-msgid ""
-"@\n"
-"(See the man page for a complete listing of all commands and options)\n"
-msgstr ""
-
-#: g10/gpg.c:315
-#, fuzzy
-msgid ""
-"@\n"
-"Examples:\n"
-"\n"
-" -se -r Bob [file]          sign and encrypt for user Bob\n"
-" --clearsign [file]         make a clear text signature\n"
-" --detach-sign [file]       make a detached signature\n"
-" --list-keys [names]        show keys\n"
-" --fingerprint [names]      show fingerprints\n"
-msgstr ""
-"@\n"
-"�������:\n"
-"\n"
-" -se -r Bob [file]          ��������� � ����������� ��� ������������ Bob\n"
-" --clearsign [file]         ������� ��������� �������\n"
-" --detach-sign [file]       ������� ��������� �������\n"
-" --list-keys [names]        �������� ������ ������\n"
-" --fingerprint [names]      �������� \"��������� �������\" ������\n"
-
-#: g10/gpg.c:417
-msgid "Please report bugs to <[email protected]>.\n"
-msgstr ""
-"����������, ����������� ��������� �� ������� �� ������ "
-"<[email protected]>.\n"
-
-#: g10/gpg.c:421
-msgid "Usage: gpg [options] [files] (-h for help)"
-msgstr "�������������: gpg [���������] [�����] (-h ��� ������)"
-
-#: g10/gpg.c:424
-msgid ""
-"Syntax: gpg [options] [files]\n"
-"sign, check, encrypt or decrypt\n"
-"default operation depends on the input data\n"
-msgstr ""
-"���������: gpg [���������] [�����]\n"
-"�����������, ��������� �������, ������� ��� ��������������\n"
-"����� ������ ������� �� ������� ������\n"
-
-#: g10/gpg.c:431
-msgid ""
-"\n"
-"Supported algorithms:\n"
-msgstr ""
-"\n"
-"�������������� ���������:\n"
-
-#: g10/gpg.c:537
-msgid "usage: gpg [options] "
-msgstr "�������������: gpg [���������] "
-
-#: g10/gpg.c:595
-msgid "conflicting commands\n"
-msgstr "Widerspr�chliche Kommandos\n"
-
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
-#, fuzzy, c-format
-msgid "NOTE: no default option file `%s'\n"
-msgstr "���������: ���� ���������� �� ��������� `%s' �����������\n"
-
-#: g10/gpg.c:747
-#, c-format
-msgid "option file `%s': %s\n"
-msgstr "���� ���������� `%s': %s\n"
-
-#: g10/gpg.c:754
-#, c-format
-msgid "reading options from `%s'\n"
-msgstr "�������� ��������� �� `%s'\n"
-
-#: g10/gpg.c:946
-#, fuzzy, c-format
-msgid "%s is not a valid character set\n"
-msgstr "������������ ������ � �����������.\n"
-
-#: g10/gpg.c:1016
-msgid "WARNING: program may create a core file!\n"
-msgstr ""
-
-#: g10/gpg.c:1019 g10/gpg.c:1028
-#, c-format
-msgid "NOTE: %s is not for normal use!\n"
-msgstr ""
-
-#: g10/gpg.c:1021
-#, c-format
-msgid "%s not allowed with %s!\n"
-msgstr ""
-
-#: g10/gpg.c:1024
-#, c-format
-msgid "%s makes no sense with %s!\n"
-msgstr ""
-
-#: g10/gpg.c:1044 g10/gpg.c:1056
-msgid "selected cipher algorithm is invalid\n"
-msgstr "������ ������������ �������� ����������\n"
-
-#: g10/gpg.c:1050 g10/gpg.c:1062
-msgid "selected digest algorithm is invalid\n"
-msgstr "������ ������������ ��������-��������\n"
-
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
-msgstr ""
-
-#: g10/gpg.c:1069
-#, c-format
-msgid "compress algorithm must be in range %d..%d\n"
-msgstr "�������� �������� ����� ����� �������� �� %d �� %d\n"
-
-#: g10/gpg.c:1071
-msgid "completes-needed must be greater than 0\n"
-msgstr "completes-needed ������ ���� ������ 0\n"
-
-#: g10/gpg.c:1073
-msgid "marginals-needed must be greater than 1\n"
-msgstr "marginals-needed ������ ���� ������ 1\n"
-
-#: g10/gpg.c:1075
-msgid "max-cert-depth must be in range 1 to 255\n"
-msgstr ""
-
-#: g10/gpg.c:1078
-#, fuzzy
-msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
-msgstr "���������: ������� S2K ����� (0) ����� �� �������������\n"
-
-#: g10/gpg.c:1082
-msgid "invalid S2K mode; must be 0, 1 or 3\n"
-msgstr "������������ ����� S2K: ������ ���� 0, 1 ��� 3\n"
-
-#: g10/gpg.c:1171
-#, c-format
-msgid "failed to initialize the TrustDB: %s\n"
-msgstr "������ ������������� ���� ������ �������: %s\n"
-
-#: g10/gpg.c:1177
-msgid "--store [filename]"
-msgstr "--store [��� �����]"
-
-#: g10/gpg.c:1184
-msgid "--symmetric [filename]"
-msgstr "--symmetric [��� �����]"
-
-#: g10/gpg.c:1192
-msgid "--encrypt [filename]"
-msgstr "--encrypt [��� �����]"
-
-#: g10/gpg.c:1205
-msgid "--sign [filename]"
-msgstr "--sign [��� �����]"
-
-#: g10/gpg.c:1218
-msgid "--sign --encrypt [filename]"
-msgstr "--sign --encrypt [��� �����]"
-
-#: g10/gpg.c:1232
-msgid "--clearsign [filename]"
-msgstr "--clearsign [��� �����]"
-
-#: g10/gpg.c:1249
-msgid "--decrypt [filename]"
-msgstr "--decrypt [��� �����]"
-
-#: g10/gpg.c:1257
-msgid "--sign-key user-id"
-msgstr ""
-
-#: g10/gpg.c:1265
-#, fuzzy
-msgid "--lsign-key user-id"
-msgstr "--delete-key ���-������������"
-
-#: g10/gpg.c:1273
-#, fuzzy
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key ���-������������"
-
-#: g10/gpg.c:1289
-#, fuzzy
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key ���-������������"
-
-#: g10/gpg.c:1292
-#, fuzzy
-msgid "--delete-key user-id"
-msgstr "--delete-key ���-������������"
-
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
-#, c-format
-msgid "can't open %s: %s\n"
-msgstr "���������� ������� ���� `%s': %s\n"
-
-#: g10/gpg.c:1344
-#, fuzzy
-msgid "-k[v][v][v][c] [user-id] [keyring]"
-msgstr "-k[v][v][v][c] [������������� ������������] [������ ������]"
-
-#: g10/gpg.c:1410
-#, c-format
-msgid "dearmoring failed: %s\n"
-msgstr "������ �������������: %s\n"
-
-#: g10/gpg.c:1418
-#, c-format
-msgid "enarmoring failed: %s\n"
-msgstr "������ �����������: %s\n"
-
-#: g10/gpg.c:1495 g10/gpg.c:1516
-#, c-format
-msgid "invalid hash algorithm `%s'\n"
-msgstr "������������ ���-�������� `%s'\n"
-
-#: g10/gpg.c:1601
-msgid "[filename]"
-msgstr "[��� �����]"
-
-#: g10/gpg.c:1605
-msgid "Go ahead and type your message ...\n"
-msgstr ""
-
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
-#, c-format
-msgid "can't open `%s'\n"
-msgstr "���������� ������� ���� `%s'\n"
-
-#: g10/gpg.c:1786
-msgid ""
-"the first character of a notation name must be a letter or an underscore\n"
-msgstr ""
-
-#: g10/gpg.c:1792
-msgid ""
-"a notation name must have only letters, digits, dots or underscores and end "
-"with an '='\n"
-msgstr ""
-
-#: g10/gpg.c:1798
-msgid "dots in a notation name must be surrounded by other characters\n"
-msgstr ""
-
-#: g10/gpg.c:1806
-msgid "a notation value must not use any control characters\n"
-msgstr ""
-
-#: g10/armor.c:302
-#, fuzzy, c-format
-msgid "armor: %s\n"
-msgstr "���������: %s\n"
-
-#: g10/armor.c:331
-msgid "invalid armor header: "
-msgstr ""
-
-#: g10/armor.c:338
-msgid "armor header: "
-msgstr ""
-
-#: g10/armor.c:349
-#, fuzzy
-msgid "invalid clearsig header\n"
-msgstr "������������ ������ ��������� �������\n"
-
-#: g10/armor.c:401
-#, fuzzy
-msgid "nested clear text signatures\n"
-msgstr "|[����]|������� ��������� �������"
-
-#: g10/armor.c:525
-msgid "invalid dash escaped line: "
-msgstr "������������ ������ ������������ � �������: "
-
-#: g10/armor.c:537
-#, fuzzy
-msgid "unexpected armor:"
-msgstr "����������� ������"
-
-#: g10/armor.c:654
-#, fuzzy, c-format
-msgid "invalid radix64 character %02x skipped\n"
-msgstr "������������ ��� ��������� radix64 ������ %02x ��������\n"
-
-#: g10/armor.c:697
-msgid "premature eof (no CRC)\n"
-msgstr "����������� ����� ����� (��� CRC)\n"
-
-#: g10/armor.c:731
-msgid "premature eof (in CRC)\n"
-msgstr "����������� ����� ����� (� CRC)\n"
-
-#: g10/armor.c:735
-msgid "malformed CRC\n"
-msgstr "������������ ����� CRC\n"
-
-#: g10/armor.c:739
-#, c-format
-msgid "CRC error; %06lx - %06lx\n"
-msgstr "������ CRC; %06lx - %06lx\n"
-
-#: g10/armor.c:756
-msgid "premature eof (in Trailer)\n"
-msgstr "����������� ����� ����� (� ������)\n"
-
-#: g10/armor.c:760
-msgid "error in trailer line\n"
-msgstr "������ � ����������� ������\n"
-
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr ""
-
-#: g10/armor.c:1033
-#, fuzzy
-msgid "no valid OpenPGP data found.\n"
-msgstr "�� ������� ���������� RFC1991 ��� OpenPGP ������.\n"
-
-#: g10/armor.c:1038
-#, c-format
-msgid "invalid armor: line longer than %d characters\n"
-msgstr ""
-
-#: g10/armor.c:1042
-msgid ""
-"quoted printable character in armor - probably a buggy MTA has been used\n"
-msgstr ""
-
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr ""
-
-#: g10/pkclist.c:81
-#, fuzzy
-msgid "Fingerprint:"
-msgstr "�������� \"��������� ������\""
-
-#: g10/pkclist.c:117
-msgid "No reason specified"
-msgstr ""
-
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
-msgstr "���� ���� �������.\n"
-
-#: g10/pkclist.c:121
-#, fuzzy
-msgid "Key has been compromised"
-msgstr "���������: ���� �������� ����� ��� �����!\n"
-
-#: g10/pkclist.c:123
-msgid "Key is no longer used"
-msgstr ""
-
-#: g10/pkclist.c:125
-msgid "User ID is no longer valid"
-msgstr ""
-
-#: g10/pkclist.c:129
-msgid "Reason for revocation: "
-msgstr ""
-
-#: g10/pkclist.c:146
-msgid "Revocation comment: "
-msgstr ""
-
-# valid user replies (not including 1..4)
-#. a string with valid answers
-#: g10/pkclist.c:304
-#, fuzzy
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
-
-#: g10/pkclist.c:308
-#, fuzzy, c-format
-msgid ""
-"No trust value assigned to %lu:\n"
-"%4u%c/%08lX %s \""
-msgstr ""
-"�� ���������� ��������� ������� ��� %lu:\n"
-"%4u%c/%08lX %s \""
-
-#: g10/pkclist.c:320
-#, fuzzy
-msgid ""
-"Please decide how far you trust this user to correctly\n"
-"verify other users' keys (by looking at passports,\n"
-"checking fingerprints from different sources...)?\n"
-"\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
-msgstr ""
-"\"\n"
-"\n"
-"���������� ������, ��������� �� ��������� ����� ������������ ���������\n"
-"����� ����� (����� � ��������, �������� \"��������� �������\" �� ������\n"
-"����������)?\n"
-"\n"
-" 1 = �� ����\n"
-" 2 = ���, �� �������\n"
-" 3 = ���� �������\n"
-" 4 = ���� ���������\n"
-" s = ����������, �������� �������������� ����������\n"
-
-#: g10/pkclist.c:329
-msgid " m = back to the main menu\n"
-msgstr " m = ������� � ������� ����\n"
-
-#: g10/pkclist.c:331
-msgid " q = quit\n"
-msgstr ""
-
-#: g10/pkclist.c:337
-msgid "Your decision? "
-msgstr "���� �������? "
-
-#: g10/pkclist.c:359
-msgid "Certificates leading to an ultimately trusted key:\n"
-msgstr ""
-
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"�� ���������� ����� ������� ������� ��� �����. ���������, ����� �� "
-"���������\n"
-"��������� ����������� �������� \"������� ���������\"\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-
-#: g10/pkclist.c:440
-#, fuzzy
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr "�������� ���������� ������� �� ��������.\n"
-
-#: g10/pkclist.c:458
-#, fuzzy, c-format
-msgid "key %08lX: key has been revoked!\n"
-msgstr "build_sigrecs: ���� ist widerrufen\n"
-
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
-msgid "Use this key anyway? "
-msgstr "��� ����� ������������ ���� ����?"
-
-#: g10/pkclist.c:470
-#, fuzzy, c-format
-msgid "key %08lX: subkey has been revoked!\n"
-msgstr "build_sigrecs: ���� ist widerrufen\n"
-
-#: g10/pkclist.c:513
-#, fuzzy, c-format
-msgid "%08lX: key has expired\n"
-msgstr "���������: ���� �������� ����� ��� �����!\n"
-
-#: g10/pkclist.c:519
-#, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr ""
-
-#: g10/pkclist.c:534
-#, fuzzy, c-format
-msgid "%08lX: We do NOT trust this key\n"
-msgstr "��������: �� �� �������� ����� �����!\n"
-
-#: g10/pkclist.c:540
-#, c-format
-msgid ""
-"%08lX: It is not sure that this key really belongs to the owner\n"
-"but it is accepted anyway\n"
-msgstr ""
-
-#: g10/pkclist.c:546
-msgid "This key probably belongs to the owner\n"
-msgstr ""
-
-#: g10/pkclist.c:551
-msgid "This key belongs to us\n"
-msgstr ""
-
-#: g10/pkclist.c:594
-msgid ""
-"It is NOT certain that the key belongs to its owner.\n"
-"If you *really* know what you are doing, you may answer\n"
-"the next question with yes\n"
-"\n"
-msgstr ""
-"���������� ���������� ����������, ��� ���� ����������� ����,\n"
-"��� ������ ��� ����������. ��������� \"��\" �� ��������� ������,\n"
-"������ ���� �� *�������������* ��������� ��� �������.\n"
-
-#: g10/pkclist.c:608 g10/pkclist.c:631
-msgid "WARNING: Using untrusted key!\n"
-msgstr "��������: ������������ ���� � �������� ��� �������!\n"
-
-#: g10/pkclist.c:652
-msgid "WARNING: This key has been revoked by its owner!\n"
-msgstr "��������: �������� ����� ��� ������� ���!\n"
-
-#: g10/pkclist.c:653
-msgid "         This could mean that the signature is forgery.\n"
-msgstr "          ��� ����� ��������, ��� ������� ����������.\n"
-
-#: g10/pkclist.c:658
-#, fuzzy
-msgid "WARNING: This subkey has been revoked by its owner!\n"
-msgstr "��������: �������� ����� ��� ������� ���!\n"
-
-#: g10/pkclist.c:680
-msgid "Note: This key has expired!\n"
-msgstr "���������: ���� �������� ����� ��� �����!\n"
-
-#: g10/pkclist.c:688
-msgid "WARNING: This key is not certified with a trusted signature!\n"
-msgstr "��������: ���� ���� �� ������� ���������� ��������!\n"
-
-#: g10/pkclist.c:690
-msgid ""
-"         There is no indication that the signature belongs to the owner.\n"
-msgstr ""
-"         ��� ������� �������� �� ��, ��� ���� ����������� ��� ���������.\n"
-
-#: g10/pkclist.c:707
-msgid "WARNING: We do NOT trust this key!\n"
-msgstr "��������: �� �� �������� ����� �����!\n"
-
-#: g10/pkclist.c:708
-msgid "         The signature is probably a FORGERY.\n"
-msgstr "         ������� �������� -- ��������.\n"
-
-#: g10/pkclist.c:715
-msgid ""
-"WARNING: This key is not certified with sufficiently trusted signatures!\n"
-msgstr "��������: ���� ���� �� ������� ���������� ����������� ���������!\n"
-
-#: g10/pkclist.c:718
-msgid "         It is not certain that the signature belongs to the owner.\n"
-msgstr "          ��� �����������, ��� ������� ����������� ���������.\n"
-
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
-#, c-format
-msgid "%s: skipped: %s\n"
-msgstr "%s: ��������: %s\n"
-
-#: g10/pkclist.c:828 g10/pkclist.c:998
-#, c-format
-msgid "%s: skipped: public key already present\n"
-msgstr ""
-
-#: g10/pkclist.c:855
-msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
-"\n"
-msgstr ""
-"�� �� ������� ������������� ������������ (�������������� ���������� "
-"\"-r\").\n"
-"\n"
-
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "������� ������������� ������������: "
-
-#: g10/pkclist.c:877
-msgid "No such user ID.\n"
-msgstr "��� ������ �������������� ������������.\n"
-
-#: g10/pkclist.c:883
-msgid "skipped: public key already set as default recipient\n"
-msgstr ""
-
-#: g10/pkclist.c:906
-#, fuzzy
-msgid "Public key is disabled.\n"
-msgstr "�������� ���� �� ������"
-
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr ""
-
-#: g10/pkclist.c:944
-#, fuzzy, c-format
-msgid "unknown default recipient `%s'\n"
-msgstr "���������: ���� ���������� �� ��������� `%s' �����������\n"
-
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: ������ ��� �������� �����: %s\n"
-
-#: g10/pkclist.c:984
-#, c-format
-msgid "%s: skipped: public key is disabled\n"
-msgstr ""
-
-#: g10/pkclist.c:1022
-msgid "no valid addressees\n"
-msgstr "��� ���������� �������\n"
-
-#: g10/keygen.c:179
-msgid "writing self signature\n"
-msgstr "������� ����-�������\n"
-
-#: g10/keygen.c:217
-msgid "writing key binding signature\n"
-msgstr "������� \"key-binding\" �������\n"
-
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
-#, fuzzy, c-format
-msgid "keysize invalid; using %u bits\n"
-msgstr "����������� ���� ����� ����� %u ���\n"
-
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
-#, fuzzy, c-format
-msgid "keysize rounded up to %u bits\n"
-msgstr "��������� �� %u ���\n"
-
-#: g10/keygen.c:635
-msgid "Please select what kind of key you want:\n"
-msgstr "�������� �������� ��� �����:\n"
-
-#: g10/keygen.c:637
-#, c-format
-msgid "   (%d) DSA and ElGamal (default)\n"
-msgstr "   (%d) DSA � ElGamal (�� ���������)\n"
-
-#: g10/keygen.c:638
-#, c-format
-msgid "   (%d) DSA (sign only)\n"
-msgstr "   (%d) DSA (������ �������)\n"
-
-#: g10/keygen.c:640
-#, c-format
-msgid "   (%d) ElGamal (encrypt only)\n"
-msgstr "   (%d) ElGamal (������ ����������)\n"
-
-#: g10/keygen.c:641
-#, c-format
-msgid "   (%d) ElGamal (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (������� � ����������)\n"
-
-#: g10/keygen.c:643
-#, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (������� � ����������)\n"
-
-#: g10/keygen.c:647
-msgid "Your selection? "
-msgstr "��� �����? "
-
-#: g10/keygen.c:658 g10/keygen.c:666
-#, fuzzy
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "�� ������������� ������ ������� ��������� �����? "
-
-#: g10/keygen.c:680
-msgid "Invalid selection.\n"
-msgstr "������������ �����.\n"
-
-#: g10/keygen.c:692
-#, c-format
-msgid ""
-"About to generate a new %s keypair.\n"
-"              minimum keysize is  768 bits\n"
-"              default keysize is 1024 bits\n"
-"    highest suggested keysize is 2048 bits\n"
-msgstr ""
-"���������� ������������� %s �������� ����.\n"
-"                 ����������� ����� �����: 768 ���\n"
-"               ����� ����� �� ���������: 1024 ����\n"
-" ������������ ������������� ����� �����: 2048 ���\n"
-
-#: g10/keygen.c:699
-msgid "What keysize do you want? (1024) "
-msgstr "������ ������� ���� �� �������? (1024)"
-
-#: g10/keygen.c:704
-msgid "DSA only allows keysizes from 512 to 1024\n"
-msgstr "���������� ������ DSA ������ - �� 512 �� 1024 ���\n"
-
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "������� ��������� ����� �����, ���������� �������� - 768.\n"
-
-#: g10/keygen.c:708
-#, fuzzy
-msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
-msgstr "������� ��������� ����� �����, ���������� �������� - 768.\n"
-
-#. It is ridiculous and an annoyance to use larger key sizes!
-#. * GnuPG can handle much larger sizes; but it takes an eternity
-#. * to create such a key (but less than the time the Sirius
-#. * Computer Corporation needs to process one of the usual
-#. * complaints) and {de,en}cryption although needs some time.
-#. * So, before you complain about this limitation, I suggest that
-#. * you start a discussion with Marvin about this theme and then
-#. * do whatever you want.
-#: g10/keygen.c:719
-#, fuzzy, c-format
-msgid "keysize too large; %d is largest value allowed.\n"
-msgstr "������� ��������� ����� �����, ���������� �������� - 768.\n"
-
-#: g10/keygen.c:724
-#, fuzzy
-msgid ""
-"Keysizes larger than 2048 are not suggested because\n"
-"computations take REALLY long!\n"
-msgstr ""
-"����� ������ ������ 2048 �� �������������, ������ ��� ������������������ "
-"����� ����� �������!\n"
-
-#: g10/keygen.c:727
-msgid "Are you sure that you want this keysize? "
-msgstr "�� ������������� ������ ���� ����� �����? "
-
-#: g10/keygen.c:728
-msgid ""
-"Okay, but keep in mind that your monitor and keyboard radiation is also very "
-"vulnerable to attacks!\n"
-msgstr ""
-"��, ������ �� ���������, ��� ��������� ����� ���������� � �������� ����\n"
-"������ ��� �������� ��� ����.\n"
-
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "��� ������������� ����� ����� ������� ����? "
-
-#: g10/keygen.c:742
-#, c-format
-msgid "Requested keysize is %u bits\n"
-msgstr "����������� ���� ����� ����� %u ���\n"
-
-#: g10/keygen.c:745 g10/keygen.c:749
-#, c-format
-msgid "rounded up to %u bits\n"
-msgstr "��������� �� %u ���\n"
-
-#: g10/keygen.c:797
-msgid ""
-"Please specify how long the key should be valid.\n"
-"         0 = key does not expire\n"
-"      <n>  = key expires in n days\n"
-"      <n>w = key expires in n weeks\n"
-"      <n>m = key expires in n months\n"
-"      <n>y = key expires in n years\n"
-msgstr ""
-"����������, ������� ����������������� �������� ������ �����.\n"
-"         0 = ���������� ����\n"
-"      <n>  = ���� �������� ����� n ����\n"
-"      <n>w = ���� �������� ����� n ������\n"
-"      <n>m = ���� �������� ����� n �������\n"
-"      <n>y = ���� �������� ����� n ���\n"
-
-#: g10/keygen.c:812
-msgid "Key is valid for? (0) "
-msgstr "���� ������������ � �������? (0) "
-
-#: g10/keygen.c:817
-msgid "invalid value\n"
-msgstr "������������ ��������.\n"
-
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
-msgstr "���������� ����.\n"
-
-#. print the date when the key expires
-#: g10/keygen.c:828
-#, c-format
-msgid "Key expires at %s\n"
-msgstr "���� ��������� �� %s\n"
-
-#: g10/keygen.c:831
-msgid ""
-"Your system can't display dates beyond 2038.\n"
-"However, it will be correctly handled up to 2106.\n"
-msgstr ""
-
-#: g10/keygen.c:836
-msgid "Is this correct (y/n)? "
-msgstr "��� �����? (y/n) "
-
-#: g10/keygen.c:879
-msgid ""
-"\n"
-"You need a User-ID to identify your key; the software constructs the user "
-"id\n"
-"from Real Name, Comment and Email Address in this form:\n"
-"    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
-"\n"
-msgstr ""
-"\n"
-"��� ������������� ����� ��������� ������������� ������������; ���������\n"
-"������������ ��� �� ������� ����� ������������, ����������� � ������ email� "
-"����:\n"
-"    \"Vasya Pupkin (KRUTOI) <[email protected]>\"\n"
-"\n"
-
-#: g10/keygen.c:891
-msgid "Real name: "
-msgstr "���� ��� (\"��� �������\"): "
-
-#: g10/keygen.c:899
-msgid "Invalid character in name\n"
-msgstr "������������ ������ � �����\n"
-
-#: g10/keygen.c:901
-msgid "Name may not start with a digit\n"
-msgstr "������ ��� �� ����� ���������� � �����.\n"
-
-#: g10/keygen.c:903
-msgid "Name must be at least 5 characters long\n"
-msgstr "������ ��� ������ �������� �� ����� ��� �� 5�� ��������.\n"
-
-#: g10/keygen.c:911
-msgid "Email address: "
-msgstr "E-Mail: "
-
-#: g10/keygen.c:922
-msgid "Not a valid email address\n"
-msgstr "������������ E-Mail\n"
-
-#: g10/keygen.c:930
-msgid "Comment: "
-msgstr "�����������: "
-
-#: g10/keygen.c:936
-msgid "Invalid character in comment\n"
-msgstr "������������ ������ � �����������.\n"
-
-#: g10/keygen.c:961
-#, c-format
-msgid "You are using the `%s' character set.\n"
-msgstr ""
-
-#: g10/keygen.c:967
-#, c-format
-msgid ""
-"You selected this USER-ID:\n"
-"    \"%s\"\n"
-"\n"
-msgstr ""
-"�� ������� ������������� ������������:\n"
-"    \"%s\"\n"
-"\n"
-
-#: g10/keygen.c:971
-msgid "Please don't put the email address into the real name or the comment\n"
-msgstr ""
-
-#: g10/keygen.c:976
-msgid "NnCcEeOoQq"
-msgstr ""
-
-#: g10/keygen.c:986
-#, fuzzy
-msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
-msgstr "��������: N=���, C=�����������, E=E-Mail, O=Okay/Q=�����? "
-
-#: g10/keygen.c:987
-#, fuzzy
-msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
-msgstr "��������: N=���, C=�����������, E=E-Mail, O=Okay/Q=�����? "
-
-#: g10/keygen.c:1006
-msgid "Please correct the error first\n"
-msgstr ""
-
-#: g10/keygen.c:1044
-msgid ""
-"You need a Passphrase to protect your secret key.\n"
-"\n"
-msgstr ""
-"��� ������ ������ ����� ����� �������� �����.\n"
-"\n"
-
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
-msgstr "�������� ����� �� ���� ��������������, ���������� �����.\n"
-
-#: g10/keygen.c:1058
-msgid ""
-"You don't want a passphrase - this is probably a *bad* idea!\n"
-"I will do it anyway.  You can change your passphrase at any time,\n"
-"using this program with the option \"--edit-key\".\n"
-"\n"
-msgstr ""
-"�� �� ������ ������������ �������� ����� - ���, ������ �����, *������*\n"
-"����. �� � ������, ��� �� ������. �������� ����� ����� ������� � �����\n"
-"�����, �������� ��� ��������� � ���������� \"--edit-key\".\n"
-"\n"
-
-#: g10/keygen.c:1079
-#, fuzzy
-msgid ""
-"We need to generate a lot of random bytes. It is a good idea to perform\n"
-"some other action (type on the keyboard, move the mouse, utilize the\n"
-"disks) during the prime generation; this gives the random number\n"
-"generator a better chance to gain enough entropy.\n"
-msgstr ""
-"��� ����� ������������� ����� ��������� ������. ������ ����� ������ ���� ��\n"
-"���-�� �������� �� ������ (���������� � ������ ����, ��������� ����,\n"
-"��������� ������� ��� �������� ����������). ��� ���� ���������� ���������\n"
-"����� ����������� ������� ���������� ��������.\n"
-
-#: g10/keygen.c:1528
-msgid "DSA keypair will have 1024 bits.\n"
-msgstr "�������� ���� DSA ����� ����� ����� 1024 ����.\n"
-
-#: g10/keygen.c:1571
-#, fuzzy
-msgid "Key generation canceled.\n"
-msgstr "��������� ����� ��������: %s\n"
-
-#: g10/keygen.c:1668
-#, fuzzy, c-format
-msgid "writing public key to `%s'\n"
-msgstr "�������� ���������� ������������ � `%s'\n"
-
-#: g10/keygen.c:1669
-#, fuzzy, c-format
-msgid "writing secret key to `%s'\n"
-msgstr "��������� ���������� ������������ � `%s'\n"
-
-#: g10/keygen.c:1761
-msgid "public and secret key created and signed.\n"
-msgstr "�������� � ��������� ����� ������� � ���������.\n"
-
-#: g10/keygen.c:1766
-#, fuzzy
-msgid ""
-"Note that this key cannot be used for encryption.  You may want to use\n"
-"the command \"--edit-key\" to generate a secondary key for this purpose.\n"
-msgstr ""
-"�������� ��������, ��� ���� ���� �� ����� ���� ����������� ��� ����������.\n"
-"�� ������ ��������������� ���������� --add-key ��� ��������� "
-"���������������\n"
-"����� ��� ����������.\n"
-
-#: g10/keygen.c:1779 g10/keygen.c:1880
-#, c-format
-msgid "Key generation failed: %s\n"
-msgstr "��������� ����� �� �������: %s\n"
-
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
-#, fuzzy, c-format
-msgid ""
-"key has been created %lu second in future (time warp or clock problem)\n"
-msgstr ""
-"�������� ���� ������������ � ������� (����������� ������� ��� ����������� "
-"����������� ����)\n"
-
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
-#, fuzzy, c-format
-msgid ""
-"key has been created %lu seconds in future (time warp or clock problem)\n"
-msgstr ""
-"�������� ���� ������������ � ������� (����������� ������� ��� ����������� "
-"����������� ����)\n"
-
-#: g10/keygen.c:1858
-#, fuzzy
-msgid "Really create? "
-msgstr "������������� �������? "
-
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
-#, c-format
-msgid "%s: can't open: %s\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/encode.c:164
-#, c-format
-msgid "error creating passphrase: %s\n"
-msgstr "������ ��� �������� �������� �����: %s\n"
-
-#: g10/encode.c:222 g10/encode.c:354
-#, fuzzy, c-format
-msgid "%s: WARNING: empty file\n"
-msgstr "%s: ��������������: ������ ����.\n"
-
-#: g10/encode.c:320
-#, c-format
-msgid "reading from `%s'\n"
-msgstr "�������� �� `%s'\n"
-
-#: g10/encode.c:527
-#, fuzzy, c-format
-msgid "%s/%s encrypted for: %s\n"
-msgstr "%s ����������� ���: %s\n"
-
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
-#, fuzzy, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: ������������ �� ������\n"
-
-#: g10/export.c:164
-#, fuzzy, c-format
-msgid "key %08lX: not a rfc2440 key - skipped\n"
-msgstr "��������� ���� %08lX: �� ����� ���������������� ��������� �����.\n"
-
-#: g10/export.c:175
-#, fuzzy, c-format
-msgid "key %08lX: not protected - skipped\n"
-msgstr "��������� ���� %08lX: �� ����� ���������������� ��������� �����.\n"
-
-#: g10/export.c:225
-#, fuzzy
-msgid "WARNING: nothing exported\n"
-msgstr "��������: ������������ ���� � �������� ��� �������!\n"
-
-#: g10/getkey.c:212
-msgid "too many entries in pk cache - disabled\n"
-msgstr ""
-
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr ""
-
-#: g10/getkey.c:2189
-#, c-format
-msgid "using secondary key %08lX instead of primary key %08lX\n"
-msgstr "������������ �������������� ���� %09lX ������ ��������� %08lX%\n"
-
-#: g10/getkey.c:2230 g10/trustdb.c:578
-#, fuzzy, c-format
-msgid "key %08lX: secret key without public key - skipped\n"
-msgstr "��������� ���� %08lX: �� ����� ���������������� ��������� �����.\n"
-
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: ������������ �� ������\n"
-
-#: g10/import.c:182
-#, c-format
-msgid "skipping block of type %d\n"
-msgstr "���������� ���� ���� %d\n"
-
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
-#, c-format
-msgid "%lu keys so far processed\n"
-msgstr ""
-
-#: g10/import.c:194
-#, fuzzy, c-format
-msgid "error reading `%s': %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/import.c:204
-#, c-format
-msgid "Total number processed: %lu\n"
-msgstr ""
-
-#: g10/import.c:206
-#, fuzzy, c-format
-msgid "      skipped new keys: %lu\n"
-msgstr "���� %08lX: %d ����� ��������\n"
-
-#: g10/import.c:209
-#, c-format
-msgid "          w/o user IDs: %lu\n"
-msgstr ""
-
-#: g10/import.c:211
-#, c-format
-msgid "              imported: %lu"
-msgstr ""
-
-#: g10/import.c:217
-#, c-format
-msgid "             unchanged: %lu\n"
-msgstr ""
-
-#: g10/import.c:219
-#, c-format
-msgid "          new user IDs: %lu\n"
-msgstr ""
-
-#: g10/import.c:221
-#, c-format
-msgid "           new subkeys: %lu\n"
-msgstr ""
-
-#: g10/import.c:223
-#, fuzzy, c-format
-msgid "        new signatures: %lu\n"
-msgstr "���� %08lX: %d ����� ��������\n"
-
-#: g10/import.c:225
-#, c-format
-msgid "   new key revocations: %lu\n"
-msgstr ""
-
-#: g10/import.c:227
-#, c-format
-msgid "      secret keys read: %lu\n"
-msgstr ""
-
-#: g10/import.c:229
-#, fuzzy, c-format
-msgid "  secret keys imported: %lu\n"
-msgstr "���� %08lX: ��������� ���� ������������\n"
-
-#: g10/import.c:231
-#, fuzzy, c-format
-msgid " secret keys unchanged: %lu\n"
-msgstr "����������� ������������ ��������� ����"
-
-#: g10/import.c:389 g10/import.c:568
-#, fuzzy, c-format
-msgid "key %08lX: no user ID\n"
-msgstr "���� %08lX: ��� �������������� ������������\n"
-
-#: g10/import.c:403
-#, fuzzy, c-format
-msgid "key %08lX: no valid user IDs\n"
-msgstr "���� %08lX: ��� ���������� ��������������� �������������\n"
-
-#: g10/import.c:405
-msgid "this may be caused by a missing self-signature\n"
-msgstr "��� ����� ���� ������� ����������� ����-�������\n"
-
-#: g10/import.c:416 g10/import.c:624
-#, c-format
-msgid "key %08lX: public key not found: %s\n"
-msgstr "���� %08lX: �������� ���� �� ������: %s\n"
-
-#: g10/import.c:421
-#, fuzzy, c-format
-msgid "key %08lX: new key - skipped\n"
-msgstr "��������� ���� %08lX: �� ����� ���������������� ��������� �����.\n"
-
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
-#, c-format
-msgid "writing to `%s'\n"
-msgstr "������������ � `%s'\n"
-
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/import.c:436
-#, c-format
-msgid "key %08lX: public key imported\n"
-msgstr "���� %08lX: �������� ���� ������������\n"
-
-#: g10/import.c:453
-#, c-format
-msgid "key %08lX: doesn't match our copy\n"
-msgstr "���� %08lX: �� ��������� � ����� ������\n"
-
-#: g10/import.c:462 g10/import.c:632
-#, c-format
-msgid "key %08lX: can't locate original keyblock: %s\n"
-msgstr "���� %08lX: ���������� ���������� original keyblock: %s\n"
-
-#: g10/import.c:484
-#, fuzzy, c-format
-msgid "key %08lX: 1 new user ID\n"
-msgstr "���� %08lX: 1 ����� ������������� ������������\n"
-
-#: g10/import.c:487
-#, fuzzy, c-format
-msgid "key %08lX: %d new user IDs\n"
-msgstr "���� %08lX: %d ����� ��������������� �������������\n"
-
-#: g10/import.c:490
-#, c-format
-msgid "key %08lX: 1 new signature\n"
-msgstr "���� %08lX: 1 ����� �������\n"
-
-#: g10/import.c:493
-#, c-format
-msgid "key %08lX: %d new signatures\n"
-msgstr "���� %08lX: %d ����� ��������\n"
-
-#: g10/import.c:496
-#, c-format
-msgid "key %08lX: 1 new subkey\n"
-msgstr "���� %08lX: 1 ����� ���-����\n"
-
-#: g10/import.c:499
-#, c-format
-msgid "key %08lX: %d new subkeys\n"
-msgstr "���� %08lX: %d ����� ���-������\n"
-
-#: g10/import.c:509
-#, c-format
-msgid "key %08lX: not changed\n"
-msgstr "���� %08lX: �� �������\n"
-
-#: g10/import.c:581
-#, c-format
-msgid "key %08lX: secret key imported\n"
-msgstr "���� %08lX: ��������� ���� ������������\n"
-
-#. we can't merge secret keys
-#: g10/import.c:585
-#, c-format
-msgid "key %08lX: already in secret keyring\n"
-msgstr "���� %08lX: ��� �� ������ ��������� ������\n"
-
-#: g10/import.c:590
-#, c-format
-msgid "key %08lX: secret key not found: %s\n"
-msgstr "���� %08lX: ��������� ���� �� ������: %s\n"
-
-#: g10/import.c:618
-#, c-format
-msgid "key %08lX: no public key - can't apply revocation certificate\n"
-msgstr ""
-"���� %08lX: ��� ��������� ����� - ���������� ��������� ���������� "
-"����������\n"
-
-#: g10/import.c:643
-#, c-format
-msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
-msgstr "���� %08lX: ������������ ���������� ����������: %s - ���������\n"
-
-#: g10/import.c:670
-#, c-format
-msgid "key %08lX: revocation certificate imported\n"
-msgstr "���� %08lX: ���������� ���������� ������������\n"
-
-#: g10/import.c:712
-#, fuzzy, c-format
-msgid "key %08lX: no user ID for signature\n"
-msgstr "���� %08lX: ��� �������������� ������������ ��� �������\n"
-
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
-msgstr "���� %08lX: ���������������� �������� ��������� �����\n"
-
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
-msgstr "���� %08lX: ������������ ����-�������\n"
-
-#: g10/import.c:735
-#, fuzzy, c-format
-msgid "key %08lX: no subkey for key binding\n"
-msgstr "���� %08lX: ��� �������������� ������������\n"
-
-#: g10/import.c:744
-#, fuzzy, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "���� %08lX: ��� ���������� ��������������� �������������\n"
-
-#: g10/import.c:771
-#, fuzzy, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "���� %08lX: �������� ������������� ������������ '"
-
-#: g10/import.c:800
-#, fuzzy, c-format
-msgid "key %08lX: skipped user ID '"
-msgstr "���� %08lX: �������� ������������� ������������ '"
-
-#: g10/import.c:823
-#, fuzzy, c-format
-msgid "key %08lX: skipped subkey\n"
-msgstr "���� %08lX: 1 ����� ���-����\n"
-
-#. here we violate the rfc a bit by still allowing
-#. * to import non-exportable signature when we have the
-#. * the secret key used to create this signature - it
-#. * seems that this makes sense
-#: g10/import.c:848
-#, fuzzy, c-format
-msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
-msgstr "���� %08lX: ���������� ���������� � ������������ ����� - ��������\n"
-
-#: g10/import.c:857
-#, c-format
-msgid "key %08lX: revocation certificate at wrong place - skipped\n"
-msgstr "���� %08lX: ���������� ���������� � ������������ ����� - ��������\n"
-
-#: g10/import.c:865
-#, c-format
-msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
-msgstr "���� %08lX: ������������ ���������� ����������: %s - ��������\n"
-
-#: g10/import.c:965
-#, c-format
-msgid "key %08lX: duplicated user ID detected - merged\n"
-msgstr ""
-
-#: g10/import.c:1016
-#, c-format
-msgid "key %08lX: revocation certificate added\n"
-msgstr "���� %08lX: ���������� ���������� ��������\n"
-
-#: g10/import.c:1130 g10/import.c:1183
-#, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "���� %08lX: ���� ����� �� ����� ����-�������\n"
-
-#: g10/keyedit.c:150
-msgid "[revocation]"
-msgstr ""
-
-#: g10/keyedit.c:151
-#, fuzzy
-msgid "[self-signature]"
-msgstr "[����-�������]\n"
-
-#: g10/keyedit.c:215
-#, fuzzy
-msgid "1 bad signature\n"
-msgstr "1 ������ �������\n"
-
-#: g10/keyedit.c:217
-#, c-format
-msgid "%d bad signatures\n"
-msgstr "%d ������ ��������\n"
-
-#: g10/keyedit.c:219
-#, fuzzy
-msgid "1 signature not checked due to a missing key\n"
-msgstr "1 ������� �� ��������� ��-�� ���������� �����\n"
-
-#: g10/keyedit.c:221
-#, fuzzy, c-format
-msgid "%d signatures not checked due to missing keys\n"
-msgstr "%s �������� �� ��������� ��-�� ���������� ������\n"
-
-#: g10/keyedit.c:223
-#, fuzzy
-msgid "1 signature not checked due to an error\n"
-msgstr "1 ������� �� ��������� ��-�� ������\n"
-
-#: g10/keyedit.c:225
-#, c-format
-msgid "%d signatures not checked due to errors\n"
-msgstr "%s �������� �� ��������� ��-�� ������\n"
-
-#: g10/keyedit.c:227
-#, fuzzy
-msgid "1 user ID without valid self-signature detected\n"
-msgstr "��������� 1 ������������� ������������ ��� ���������� ����-�������\n"
-
-#: g10/keyedit.c:229
-#, fuzzy, c-format
-msgid "%d user IDs without valid self-signatures detected\n"
-msgstr ""
-"���������� %d ��������������� ������������� ��� ���������� ����-��������\n"
-
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
-#, fuzzy, c-format
-msgid "Already signed by key %08lX\n"
-msgstr "��� ��������� ������ %08lX.\n"
-
-#: g10/keyedit.c:319
-#, fuzzy, c-format
-msgid "Nothing to sign with key %08lX\n"
-msgstr "������ ����������� ������ %08lX\n"
-
-#: g10/keyedit.c:328
-#, fuzzy
-msgid ""
-"Are you really sure that you want to sign this key\n"
-"with your key: \""
-msgstr "�� ������������� �������, ��� ������ ��������� ���� ���� �����:\n"
-
-#: g10/keyedit.c:337
-msgid ""
-"The signature will be marked as non-exportable.\n"
-"\n"
-msgstr ""
-
-#: g10/keyedit.c:342
-msgid "Really sign? "
-msgstr "������������� ���������? "
-
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
-#, fuzzy, c-format
-msgid "signing failed: %s\n"
-msgstr "������ ������������: %s\n"
-
-#: g10/keyedit.c:422
-msgid "This key is not protected.\n"
-msgstr "���� ���� �� �������.\n"
-
-#: g10/keyedit.c:426
-#, fuzzy
-msgid "Secret parts of primary key are not available.\n"
-msgstr "��������� ���� �� ����������"
-
-#: g10/keyedit.c:430
-msgid "Key is protected.\n"
-msgstr "���� ���� �������.\n"
-
-#: g10/keyedit.c:450
-#, c-format
-msgid "Can't edit this key: %s\n"
-msgstr "���������� ������������� ���� ����: %s\n"
-
-#: g10/keyedit.c:455
-msgid ""
-"Enter the new passphrase for this secret key.\n"
-"\n"
-msgstr ""
-"������� ����� �������� ����� ��� ����� ���������� �����.\n"
-"\n"
-
-#: g10/keyedit.c:467
-msgid ""
-"You don't want a passphrase - this is probably a *bad* idea!\n"
-"\n"
-msgstr ""
-"�� �� ������ �������� ����� - ��� ������ ����� *������* ����!\n"
-"\n"
-
-#: g10/keyedit.c:470
-msgid "Do you really want to do this? "
-msgstr "�� ������������� ����� ������? "
-
-#: g10/keyedit.c:534
-msgid "moving a key signature to the correct place\n"
-msgstr ""
-
-#: g10/keyedit.c:575
-msgid "quit this menu"
-msgstr "����� �� ����"
-
-#: g10/keyedit.c:576
-msgid "q"
-msgstr ""
-
-#: g10/keyedit.c:577
-msgid "save"
-msgstr "��������"
-
-#: g10/keyedit.c:577
-msgid "save and quit"
-msgstr "�������� � �����"
-
-#: g10/keyedit.c:578
-msgid "help"
-msgstr "������"
-
-#: g10/keyedit.c:578
-msgid "show this help"
-msgstr "�������� ������"
-
-#: g10/keyedit.c:580
-msgid "fpr"
-msgstr ""
-
-#: g10/keyedit.c:580
-#, fuzzy
-msgid "show fingerprint"
-msgstr "�������� \"��������� ������\""
-
-#: g10/keyedit.c:581
-#, fuzzy
-msgid "list"
-msgstr "������"
-
-#: g10/keyedit.c:581
-#, fuzzy
-msgid "list key and user IDs"
-msgstr "������ ������ � ��������������� �������������"
-
-#: g10/keyedit.c:582
-msgid "l"
-msgstr ""
-
-#: g10/keyedit.c:583
-msgid "uid"
-msgstr ""
-
-#: g10/keyedit.c:583
-#, fuzzy
-msgid "select user ID N"
-msgstr "������� ������������� ������������ N"
-
-#: g10/keyedit.c:584
-msgid "key"
-msgstr "����"
-
-#: g10/keyedit.c:584
-msgid "select secondary key N"
-msgstr "������� �������������� ���� N"
-
-#: g10/keyedit.c:585
-msgid "check"
-msgstr "��������"
-
-#: g10/keyedit.c:585
-#, fuzzy
-msgid "list signatures"
-msgstr "������ ������ � �� ��������"
-
-#: g10/keyedit.c:586
-msgid "c"
-msgstr ""
-
-#: g10/keyedit.c:587
-msgid "sign"
-msgstr "���������"
-
-#: g10/keyedit.c:587
-#, fuzzy
-msgid "sign the key"
-msgstr "��������� ����"
-
-#: g10/keyedit.c:588
-msgid "s"
-msgstr ""
-
-#: g10/keyedit.c:589
-#, fuzzy
-msgid "lsign"
-msgstr "���������"
-
-#: g10/keyedit.c:589
-#, fuzzy
-msgid "sign the key locally"
-msgstr "��������� ����"
-
-#: g10/keyedit.c:590
-msgid "debug"
-msgstr "�������"
-
-#: g10/keyedit.c:591
-msgid "adduid"
-msgstr ""
-
-#: g10/keyedit.c:591
-#, fuzzy
-msgid "add a user ID"
-msgstr "�������� ������������� ������������"
-
-#: g10/keyedit.c:592
-msgid "deluid"
-msgstr ""
-
-#: g10/keyedit.c:592
-#, fuzzy
-msgid "delete user ID"
-msgstr "������� ������������� ������������"
-
-#: g10/keyedit.c:593
-msgid "addkey"
-msgstr ""
-
-#: g10/keyedit.c:593
-#, fuzzy
-msgid "add a secondary key"
-msgstr "�������� �������������� ����"
-
-#: g10/keyedit.c:594
-msgid "delkey"
-msgstr ""
-
-#: g10/keyedit.c:594
-msgid "delete a secondary key"
-msgstr "������� �������������� ����"
-
-#: g10/keyedit.c:595
-#, fuzzy
-msgid "delsig"
-msgstr "���������"
-
-#: g10/keyedit.c:595
-#, fuzzy
-msgid "delete signatures"
-msgstr "������ ������ � �� ��������"
-
-#: g10/keyedit.c:596
-msgid "expire"
-msgstr ""
-
-#: g10/keyedit.c:596
-#, fuzzy
-msgid "change the expire date"
-msgstr "�������� �������� �����"
-
-#: g10/keyedit.c:597
-msgid "toggle"
-msgstr ""
-
-#: g10/keyedit.c:597
-msgid "toggle between secret and public key listing"
-msgstr "����������� ����� ������� ��������� � �������� ������"
-
-#: g10/keyedit.c:599
-msgid "t"
-msgstr ""
-
-#: g10/keyedit.c:600
-msgid "pref"
-msgstr ""
-
-#: g10/keyedit.c:600
-msgid "list preferences"
-msgstr ""
-
-#: g10/keyedit.c:601
-msgid "passwd"
-msgstr ""
-
-#: g10/keyedit.c:601
-#, fuzzy
-msgid "change the passphrase"
-msgstr "�������� �������� �����"
-
-#: g10/keyedit.c:602
-msgid "trust"
-msgstr ""
-
-#: g10/keyedit.c:602
-msgid "change the ownertrust"
-msgstr "�������� ��������� �������"
-
-#: g10/keyedit.c:603
-#, fuzzy
-msgid "revsig"
-msgstr "���������"
-
-#: g10/keyedit.c:603
-#, fuzzy
-msgid "revoke signatures"
-msgstr "��������� ������� �� �����"
-
-#: g10/keyedit.c:604
-#, fuzzy
-msgid "revkey"
-msgstr "����"
-
-#: g10/keyedit.c:604
-#, fuzzy
-msgid "revoke a secondary key"
-msgstr "������� �������������� ����"
-
-#: g10/keyedit.c:605
-msgid "disable"
-msgstr ""
-
-#: g10/keyedit.c:605
-#, fuzzy
-msgid "disable a key"
-msgstr "������ ����"
-
-#: g10/keyedit.c:606
-msgid "enable"
-msgstr ""
-
-#: g10/keyedit.c:606
-#, fuzzy
-msgid "enable a key"
-msgstr "������ ����"
-
-#: g10/delkey.c:103 g10/keyedit.c:624
-msgid "can't do that in batchmode\n"
-msgstr "���������� ������� ��� � �������� ������.\n"
-
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
-#, fuzzy
-msgid "Secret key is available.\n"
-msgstr "������� ��������� ����.\n"
-
-#: g10/keyedit.c:688
-#, fuzzy
-msgid "Command> "
-msgstr "�������> "
-
-#: g10/keyedit.c:718
-#, fuzzy
-msgid "Need the secret key to do this.\n"
-msgstr "����� ��� �������, ����� ��������� ����.\n"
-
-#: g10/keyedit.c:722
-msgid "Please use the command \"toggle\" first.\n"
-msgstr ""
-
-#: g10/keyedit.c:769
-#, fuzzy
-msgid "Really sign all user IDs? "
-msgstr "������������� ��������� ��� �������������� ������������? "
-
-#: g10/keyedit.c:770
-#, fuzzy
-msgid "Hint: Select the user IDs to sign\n"
-msgstr ""
-"���������: �������� �������������� ������������ ������� ������ ���������\n"
-
-#: g10/keyedit.c:802 g10/keyedit.c:984
-#, fuzzy, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "���������� ���� ������ ������� �� �������: %s\n"
-
-#: g10/keyedit.c:813 g10/keyedit.c:834
-#, fuzzy
-msgid "You must select at least one user ID.\n"
-msgstr "�� ������ ������� ���� �� ���� ������������� ������������.\n"
-
-#: g10/keyedit.c:815
-#, fuzzy
-msgid "You can't delete the last user ID!\n"
-msgstr "�� �� ������ ������� ��������� ������������� ������������!\n"
-
-#: g10/keyedit.c:818
-#, fuzzy
-msgid "Really remove all selected user IDs? "
-msgstr "������������� ������� ��� ��������� �������������� ������������? "
-
-#: g10/keyedit.c:819
-#, fuzzy
-msgid "Really remove this user ID? "
-msgstr "������������� ������� ���� ������������� ������������? "
-
-#: g10/keyedit.c:855 g10/keyedit.c:877
-msgid "You must select at least one key.\n"
-msgstr "�� ������ ������� ���� �� ���� ����.\n"
-
-#: g10/keyedit.c:859
-#, fuzzy
-msgid "Do you really want to delete the selected keys? "
-msgstr "�� ������������� ������ ������� ��������� �����? "
-
-#: g10/keyedit.c:860
-#, fuzzy
-msgid "Do you really want to delete this key? "
-msgstr "�� ������������� ������ ������� ���� ����? "
-
-#: g10/keyedit.c:881
-#, fuzzy
-msgid "Do you really want to revoke the selected keys? "
-msgstr "�� ������������� ������ ������� ��������� �����? "
-
-#: g10/keyedit.c:882
-#, fuzzy
-msgid "Do you really want to revoke this key? "
-msgstr "�� ������������� ������ ������� ���� ����? "
-
-#: g10/keyedit.c:948
-msgid "Save changes? "
-msgstr "��������� ���������? "
-
-#: g10/keyedit.c:951
-msgid "Quit without saving? "
-msgstr "����� ��� ����������? "
-
-#: g10/keyedit.c:962
-#, fuzzy, c-format
-msgid "update failed: %s\n"
-msgstr "���������� �� �������: %s\n"
-
-#: g10/keyedit.c:969
-#, fuzzy, c-format
-msgid "update secret failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/keyedit.c:976
-msgid "Key not changed so no update needed.\n"
-msgstr "���� �� ���������, ���������� �� �����.\n"
-
-#: g10/keyedit.c:991
-msgid "Invalid command  (try \"help\")\n"
-msgstr "������������ ������� (���������� \"help\")\n"
-
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
-#, c-format
-msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
-
-#: g10/keyedit.c:1083
-#, c-format
-msgid " trust: %c/%c"
-msgstr ""
-
-#: g10/keyedit.c:1087
-#, fuzzy
-msgid "This key has been disabled"
-msgstr "���������: ���� �������� ����� ��� �����!\n"
-
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
-msgid "rev! subkey has been revoked: %s\n"
-msgstr "build_sigrecs: ���� ist widerrufen\n"
-
-#: g10/keyedit.c:1119
-msgid "rev- faked revocation found\n"
-msgstr ""
-
-#: g10/keyedit.c:1121
-#, c-format
-msgid "rev? problem checking revocation: %s\n"
-msgstr ""
-
-#: g10/keyedit.c:1359
-msgid "Delete this good signature? (y/N/q)"
-msgstr ""
-
-#: g10/keyedit.c:1363
-msgid "Delete this invalid signature? (y/N/q)"
-msgstr ""
-
-#: g10/keyedit.c:1367
-#, fuzzy
-msgid "Delete this unknown signature? (y/N/q)"
-msgstr "������������� ���������� ����������"
-
-#: g10/keyedit.c:1373
-#, fuzzy
-msgid "Really delete this self-signature? (y/N)"
-msgstr "������������� ���������� ����������"
-
-#: g10/keyedit.c:1387
-#, fuzzy, c-format
-msgid "Deleted %d signature.\n"
-msgstr "%d ������ ��������\n"
-
-#: g10/keyedit.c:1388
-#, fuzzy, c-format
-msgid "Deleted %d signatures.\n"
-msgstr "%d ������ ��������\n"
-
-#: g10/keyedit.c:1391
-#, fuzzy
-msgid "Nothing deleted.\n"
-msgstr "��������: ������������ ���� � �������� ��� �������!\n"
-
-#: g10/keyedit.c:1460
-msgid "Please remove selections from the secret keys.\n"
-msgstr ""
-
-#: g10/keyedit.c:1466
-#, fuzzy
-msgid "Please select at most one secondary key.\n"
-msgstr "�� ������ ������� ���� �� ���� ����.\n"
-
-#: g10/keyedit.c:1470
-msgid "Changing expiration time for a secondary key.\n"
-msgstr ""
-
-#: g10/keyedit.c:1472
-msgid "Changing expiration time for the primary key.\n"
-msgstr ""
-
-#: g10/keyedit.c:1514
-msgid "You can't change the expiration date of a v3 key\n"
-msgstr ""
-
-#: g10/keyedit.c:1530
-msgid "No corresponding signature in secret ring\n"
-msgstr ""
-
-#: g10/keyedit.c:1591
-#, fuzzy, c-format
-msgid "No user ID with index %d\n"
-msgstr "��� �������������� ������������ � �������� %d\n"
-
-#: g10/keyedit.c:1637
-#, c-format
-msgid "No secondary key with index %d\n"
-msgstr "��� ��������������� ����� � �������� %d\n"
-
-#: g10/keyedit.c:1735
-#, fuzzy
-msgid "user ID: \""
-msgstr "������� ������������� ������������: "
-
-#: g10/keyedit.c:1738
-#, fuzzy, c-format
-msgid ""
-"\"\n"
-"signed with your key %08lX at %s\n"
-msgstr "������ ����������� ������ %08lX\n"
-
-#: g10/keyedit.c:1742
-#, fuzzy
-msgid "Create a revocation certificate for this signature? (y/N)"
-msgstr "������������� ���������� ����������"
-
-#. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
-#, fuzzy
-msgid "You have signed these user IDs:\n"
-msgstr "�� �� ������ ������� ��������� ������������� ������������!\n"
-
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
-#, fuzzy, c-format
-msgid "   signed by %08lX at %s\n"
-msgstr "������ ����������� ������ %08lX\n"
-
-#: g10/keyedit.c:1785
-#, fuzzy, c-format
-msgid "   revoked by %08lX at %s\n"
-msgstr "������ ����������� ������ %08lX\n"
-
-#: g10/keyedit.c:1805
-#, fuzzy
-msgid "You are about to revoke these signatures:\n"
-msgstr "M�chten Sie einige der ung�ltigen Signaturen entfernen? "
-
-#: g10/keyedit.c:1823
-#, fuzzy
-msgid "Really create the revocation certificates? (y/N)"
-msgstr "������������� ���������� ����������"
-
-#: g10/keyedit.c:1852
-#, fuzzy
-msgid "no secret key\n"
-msgstr "������ ��������� ����"
-
-#: g10/keylist.c:158
-#, fuzzy
-msgid "invalid"
-msgstr "������������ ASCII-���������"
-
-#: g10/keylist.c:178
-#, fuzzy
-msgid "revoked"
-msgstr "����"
-
-#. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
-#, fuzzy, c-format
-msgid " [expires: %s]"
-msgstr "���� ��������� �� %s\n"
-
-#: g10/mainproc.c:212
-#, fuzzy, c-format
-msgid "public key is %08lX\n"
-msgstr "�������� ���� �� ������"
-
-#: g10/mainproc.c:247
-#, fuzzy
-msgid "public key encrypted data: good DEK\n"
-msgstr "����������� �������� ������ �� ������� %s\n"
-
-#: g10/mainproc.c:280
-#, fuzzy, c-format
-msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
-msgstr "(%u-��� %s ����, ID %08lX, ������ %s)\n"
-
-#: g10/mainproc.c:290
-#, fuzzy, c-format
-msgid "encrypted with %s key, ID %08lX\n"
-msgstr "������� ������� %.*s, ��������� %s ���� %08lX\n"
-
-#: g10/mainproc.c:296
-#, fuzzy
-msgid "no secret key for decryption available\n"
-msgstr "��������� ���� �� ����������"
-
-#: g10/mainproc.c:305
-#, c-format
-msgid "public key decryption failed: %s\n"
-msgstr "����������� �������� ������ �� ������� %s\n"
-
-#: g10/mainproc.c:342
-#, fuzzy
-msgid "decryption okay\n"
-msgstr "����������� �� �������: %s\n"
-
-#: g10/mainproc.c:347
-msgid "WARNING: encrypted message has been manipulated!\n"
-msgstr ""
-
-#: g10/mainproc.c:352
-#, c-format
-msgid "decryption failed: %s\n"
-msgstr "����������� �� �������: %s\n"
-
-#: g10/mainproc.c:371
-#, fuzzy
-msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
-msgstr "���������: ����������� �������� \"������-���-�����-����\"\n"
-
-#: g10/mainproc.c:373
-#, c-format
-msgid "original file name='%.*s'\n"
-msgstr ""
-
-#: g10/mainproc.c:538
-msgid "standalone revocation - use \"gpg --import\" to apply\n"
-msgstr ""
-
-#: g10/mainproc.c:625 g10/mainproc.c:634
-#, fuzzy
-msgid "WARNING: invalid notation data found\n"
-msgstr "�� ������� ���������� RFC1991 ��� OpenPGP ������.\n"
-
-#: g10/mainproc.c:637
-msgid "Notation: "
-msgstr ""
-
-#: g10/mainproc.c:644
-msgid "Policy: "
-msgstr ""
-
-#: g10/mainproc.c:1074
-msgid "signature verification suppressed\n"
-msgstr ""
-
-#: g10/mainproc.c:1080
-#, c-format
-msgid "Signature made %.*s using %s key ID %08lX\n"
-msgstr "������� ������� %.*s, ��������� %s ���� %08lX\n"
-
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
-msgid "BAD signature from \""
-msgstr "������ ������� �� \""
-
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
-msgid "Good signature from \""
-msgstr "������� ������� �� \""
-
-#: g10/mainproc.c:1109
-msgid "                aka \""
-msgstr ""
-
-#: g10/mainproc.c:1165
-#, c-format
-msgid "Can't check signature: %s\n"
-msgstr "���������� ��������� �������: %s\n"
-
-#: g10/mainproc.c:1230
-#, fuzzy, c-format
-msgid "standalone signature of class 0x%02x\n"
-msgstr "������� ������������ ����"
-
-#: g10/mainproc.c:1282
-msgid "old style (PGP 2.x) signature\n"
-msgstr ""
-
-#: g10/mainproc.c:1287
-msgid "invalid root packet detected in proc_tree()\n"
-msgstr ""
-
-#: g10/misc.c:86
-#, fuzzy, c-format
-msgid "can't disable core dumps: %s\n"
-msgstr "���������� ������� ���� `%s': %s\n"
-
-#: g10/misc.c:314
-msgid "Experimental algorithms should not be used!\n"
-msgstr ""
-
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
-msgstr ""
-
-#: g10/parse-packet.c:115
-#, fuzzy, c-format
-msgid "can't handle public key algorithm %d\n"
-msgstr "���������� ������������� ������ �������� ������: %s\n"
-
-#: g10/parse-packet.c:999
-#, c-format
-msgid "subpacket of type %d has critical bit set\n"
-msgstr ""
-
-#: g10/passphrase.c:198
-msgid "gpg-agent is not available in this session\n"
-msgstr ""
-
-#: g10/passphrase.c:204
-msgid "malformed GPG_AGENT_INFO environment variable\n"
-msgstr ""
-
-#: g10/hkp.c:158 g10/passphrase.c:223
-#, fuzzy, c-format
-msgid "can't connect to `%s': %s\n"
-msgstr "���������� ������� ���� `%s': %s\n"
-
-#: g10/passphrase.c:284 g10/passphrase.c:522
-#, c-format
-msgid " (main key ID %08lX)"
-msgstr ""
-
-#: g10/passphrase.c:294
-#, fuzzy, c-format
-msgid ""
-"You need a passphrase to unlock the secret key for user:\n"
-"\"%.*s\"\n"
-"%u-bit %s key, ID %08lX, created %s%s\n"
-msgstr ""
-"\n"
-"��� ����� �������� �����, ����� ��������� ����\n"
-"������������: \""
-
-#: g10/passphrase.c:315
-#, fuzzy
-msgid "Enter passphrase\n"
-msgstr "������� �������� �����: %s\n"
-
-#: g10/passphrase.c:317
-#, fuzzy
-msgid "Repeat passphrase\n"
-msgstr "��������� �������� �����: %s\n"
-
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-# ################################
-# ####### Help msgids ############
-# ################################
-#: g10/passphrase.c:355
-#, fuzzy
-msgid "passphrase too long\n"
-msgstr ""
-"Bitte geben Sie die \"Passhrase\" ein; dies ist ein geheimer Satz der aus\n"
-"beliebigen Zeichen bestehen kann.  Was Sie eingegeben wird nicht angezeigt.\n"
-"Zur ihrer eigenen Sicherbeit benutzen Sie biite einen Satz, den sie sich\n"
-"gut merken k�nne, der aber nicht leicht zu raten ist; Zitate und andere\n"
-"bekannte Texte sind eine SCHLECHTE Wahl, da diese mit Sicherheit online\n"
-"verf�gbar sind und durch entsprechende Programme zum Raten der "
-"\"Passphrase\"\n"
-"benutzt werden.  S�tze mit pers�nlicher Bedeutung, die auch noch durch\n"
-"falsche Gro�-/Kleinschreibung und eingestreute Sonderzeichen ver�ndert "
-"werden,\n"
-"sind i.d.R. eine gute Wahl"
-
-#: g10/passphrase.c:367
-msgid "invalid response from agent\n"
-msgstr ""
-
-#: g10/passphrase.c:376
-msgid "cancelled by user\n"
-msgstr ""
-
-#: g10/passphrase.c:379 g10/passphrase.c:445
-#, c-format
-msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
-
-#: g10/passphrase.c:508
-msgid ""
-"\n"
-"You need a passphrase to unlock the secret key for\n"
-"user: \""
-msgstr ""
-"\n"
-"��� ����� �������� �����, ����� ��������� ����\n"
-"������������: \""
-
-#: g10/passphrase.c:517
-#, fuzzy, c-format
-msgid "%u-bit %s key, ID %08lX, created %s"
-msgstr "(%u-��� %s ����, ID %08lX, ������ %s)\n"
-
-#: g10/passphrase.c:555
-#, fuzzy
-msgid "can't query password in batchmode\n"
-msgstr "���������� ������� ��� � �������� ������.\n"
-
-#: g10/passphrase.c:559
-#, fuzzy
-msgid "Enter passphrase: "
-msgstr "������� �������� �����: %s\n"
-
-#: g10/passphrase.c:563
-#, fuzzy
-msgid "Repeat passphrase: "
-msgstr "��������� �������� �����: %s\n"
-
-#: g10/plaintext.c:67
-msgid "data not saved; use option \"--output\" to save it\n"
-msgstr "������ �� ���� ���������; �������������� --\"output\" ��� ����������\n"
-
-#: g10/plaintext.c:324
-#, fuzzy
-msgid "Detached signature.\n"
-msgstr "%d ������ ��������\n"
-
-#: g10/plaintext.c:328
-msgid "Please enter name of data file: "
-msgstr "����������, ������� ��� ����� ������: "
-
-#: g10/plaintext.c:349
-msgid "reading stdin ...\n"
-msgstr ""
-
-#: g10/plaintext.c:392
-#, c-format
-msgid "can't open signed data `%s'\n"
-msgstr "���������� ������� ����������� ������ `%s' .\n"
-
-#: g10/pubkey-enc.c:135
-#, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
-msgstr "��������� ����������, ������� ��������� ���� %08lX ...\n"
-
-#: g10/pubkey-enc.c:141
-#, fuzzy
-msgid "okay, we are the anonymous recipient.\n"
-msgstr "��, �� -- ��������� ����������.\n"
-
-#: g10/pubkey-enc.c:197
-#, fuzzy
-msgid "old encoding of the DEK is not supported\n"
-msgstr "�������� ������ %d �� ��������������\n"
-
-#: g10/pubkey-enc.c:216
-#, fuzzy, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
-msgstr "�������� ������ %d �� ��������������\n"
-
-#: g10/pubkey-enc.c:255
-#, fuzzy, c-format
-msgid "NOTE: cipher algorithm %d not found in preferences\n"
-msgstr "���������: ������������ �������� %d �� ������ � �������������\n"
-
-#: g10/pubkey-enc.c:261
-#, fuzzy, c-format
-msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "��������������: ���� ������� ������� %s\n"
-
-#: g10/hkp.c:62
-#, c-format
-msgid "requesting key %08lX from %s ...\n"
-msgstr ""
-
-#: g10/hkp.c:75
-#, fuzzy, c-format
-msgid "can't get key from keyserver: %s\n"
-msgstr "���������� �������� � ������ ������: %s\n"
-
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr ""
-
-#: g10/hkp.c:106
-#, fuzzy, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "������������ ������ � �����������.\n"
-
-#: g10/hkp.c:182
-#, fuzzy, c-format
-msgid "error sending to `%s': %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/hkp.c:194
-#, c-format
-msgid "success sending to `%s' (status=%u)\n"
-msgstr ""
-
-#: g10/hkp.c:197
-#, c-format
-msgid "failed sending to `%s': status=%u\n"
-msgstr ""
-
-#: g10/seckey-cert.c:89
-#, fuzzy
-msgid "secret key parts are not available\n"
-msgstr "��������� ���� �� ����������"
-
-#: g10/seckey-cert.c:95
-#, fuzzy, c-format
-msgid "protection algorithm %d is not supported\n"
-msgstr "�������� ������ %d �� ��������������\n"
-
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
-msgstr "������������ �������� �����, ���������� ����� ...\n"
-
-#: g10/seckey-cert.c:308
-#, fuzzy
-msgid "WARNING: Weak key detected - please change passphrase again.\n"
-msgstr "��������������: ��������� ������ ���� - ������� �������� �����.\n"
-
-#: g10/sig-check.c:279
-msgid ""
-"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
-msgstr "���� ElGamal ����, ��������� PGP, �� ������� ��� �������� ��������!\n"
-
-#: g10/sig-check.c:287
-#, fuzzy, c-format
-msgid "public key is %lu second newer than the signature\n"
-msgstr "���� %08lX: ��� �������������� ������������ ��� �������\n"
-
-#: g10/sig-check.c:288
-#, fuzzy, c-format
-msgid "public key is %lu seconds newer than the signature\n"
-msgstr "���� %08lX: ��� �������������� ������������ ��� �������\n"
-
-#: g10/sig-check.c:306
-#, fuzzy, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "��������������: ���� ������� ������� %s\n"
-
-#: g10/sig-check.c:375
-msgid "assuming bad signature due to an unknown critical bit\n"
-msgstr ""
-
-#: g10/sign.c:197
-#, fuzzy, c-format
-msgid "%s signature from: %s\n"
-msgstr "������ ������� �� \""
-
-#: g10/sign.c:435 g10/sign.c:690
-#, fuzzy, c-format
-msgid "can't create %s: %s\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/sign.c:538
-#, fuzzy
-msgid "signing:"
-msgstr "���������"
-
-#: g10/sign.c:583
-#, fuzzy, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "%s: ��������������: ������ ����.\n"
-
-#: g10/textfilter.c:134
-#, c-format
-msgid "can't handle text lines longer than %d characters\n"
-msgstr ""
-
-#: g10/textfilter.c:231
-#, c-format
-msgid "input line longer than %d characters\n"
-msgstr ""
-
-#: g10/tdbio.c:116 g10/tdbio.c:1623
-#, fuzzy, c-format
-msgid "trustdb rec %lu: lseek failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/tdbio.c:122 g10/tdbio.c:1630
-#, c-format
-msgid "trustdb rec %lu: write failed (n=%d): %s\n"
-msgstr ""
-
-#: g10/tdbio.c:232
-msgid "trustdb transaction too large\n"
-msgstr ""
-
-#: g10/tdbio.c:424
-#, fuzzy, c-format
-msgid "%s: can't access: %s\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/tdbio.c:438
-#, c-format
-msgid "%s: directory does not exist!\n"
-msgstr ""
-
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
-#, fuzzy, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/tdbio.c:459 g10/tdbio.c:508
-#, fuzzy, c-format
-msgid "%s: can't create lock\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/tdbio.c:473
-#, c-format
-msgid "%s: failed to create version record: %s"
-msgstr ""
-
-#: g10/tdbio.c:477
-#, fuzzy, c-format
-msgid "%s: invalid trustdb created\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/tdbio.c:480
-#, fuzzy, c-format
-msgid "%s: trustdb created\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/tdbio.c:517
-#, fuzzy, c-format
-msgid "%s: invalid trustdb\n"
-msgstr "���������� ���� ������ ������� �� �������: %s\n"
-
-#: g10/tdbio.c:550
-#, fuzzy, c-format
-msgid "%s: failed to create hashtable: %s\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/tdbio.c:558
-#, fuzzy, c-format
-msgid "%s: error updating version record: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
-#, fuzzy, c-format
-msgid "%s: error reading version record: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/tdbio.c:587 g10/tdbio.c:646
-#, fuzzy, c-format
-msgid "%s: error writing version record: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/tdbio.c:1235
-#, fuzzy, c-format
-msgid "trustdb: lseek failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/tdbio.c:1243
-#, fuzzy, c-format
-msgid "trustdb: read failed (n=%d): %s\n"
-msgstr "���������� ���� ������ ������� �� �������: %s\n"
-
-#: g10/tdbio.c:1264
-#, fuzzy, c-format
-msgid "%s: not a trustdb file\n"
-msgstr "���������� ���� ������ ������� �� �������: %s\n"
-
-#: g10/tdbio.c:1280
-#, c-format
-msgid "%s: version record with recnum %lu\n"
-msgstr ""
-
-#: g10/tdbio.c:1285
-#, fuzzy, c-format
-msgid "%s: invalid file version %d\n"
-msgstr "������������ ������ ��������� �������\n"
-
-#: g10/tdbio.c:1589
-#, fuzzy, c-format
-msgid "%s: error reading free record: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/tdbio.c:1597
-#, fuzzy, c-format
-msgid "%s: error writing dir record: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/tdbio.c:1607
-#, c-format
-msgid "%s: failed to zero a record: %s\n"
-msgstr ""
-
-#: g10/tdbio.c:1637
-#, c-format
-msgid "%s: failed to append a record: %s\n"
-msgstr ""
-
-#: g10/tdbio.c:1748
-#, fuzzy
-msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
-msgstr "���� ������ ������� ���������: ��������� \"gpgm --fix-trust-db\".\n"
-
-#: g10/trustdb.c:169
-#, c-format
-msgid "trust record %lu, req type %d: read failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:184
-#, c-format
-msgid "trust record %lu, type %d: write failed: %s\n"
-msgstr ""
-
-#: g10/trustdb.c:198
-#, fuzzy, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/trustdb.c:212
-#, fuzzy, c-format
-msgid "trustdb: sync failed: %s\n"
-msgstr "���������� ���� ������ ������� �� �������: %s\n"
-
-#: g10/trustdb.c:377
-#, fuzzy, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr ""
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr ""
-
-#: g10/trustdb.c:394
-#, fuzzy, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/trustdb.c:433
-#, fuzzy, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/trustdb.c:474
-#, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "������������ ������ � �����������.\n"
-
-#: g10/trustdb.c:502
-#, fuzzy, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "���� %08lX.%lu: ���������� �������� � ���� ������ �������\n"
-
-#: g10/trustdb.c:508
-#, fuzzy, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "���� %08lX: ������ ������ �� ������\n"
-
-#: g10/trustdb.c:517
-#, fuzzy, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "���� %08lX: ��� �� ������ ��������� ������\n"
-
-#: g10/trustdb.c:520
-#, fuzzy, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "���� %08lX: ��� �� ������ ��������� ������\n"
-
-#: g10/trustdb.c:547
-#, fuzzy, c-format
-msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "��������� ���� %08lX: �� ����� ���������������� ��������� �����.\n"
-
-#: g10/trustdb.c:566
-#, fuzzy, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "���� ���� �� �������.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "���� %08lX: ��������� � ��������� ����� �� ���������.\n"
-
-#: g10/trustdb.c:598
-#, fuzzy, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/trustdb.c:994
-#, fuzzy, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "���� %08lX: ��� �������������� ������������\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, fuzzy, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "���� %08lX: ��� ���������� ��������������� �������������\n"
-
-#: g10/trustdb.c:1012
-#, fuzzy, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "���� %08lX.%lu: ���� �������� ����� %s\n"
-
-#: g10/trustdb.c:1018
-#, fuzzy, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "���� %08lX: �������� ���� �� ������: %s\n"
-
-#: g10/trustdb.c:1029
-#, fuzzy, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "���� %08lX: ��� ���������� ��������������� �������������\n"
-
-#: g10/trustdb.c:1140
-#, fuzzy
-msgid "Good self-signature"
-msgstr "[����-�������]\n"
-
-#: g10/trustdb.c:1150
-#, fuzzy
-msgid "Invalid self-signature"
-msgstr "���� %08lX: ������������ ����-�������\n"
-
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
-msgstr ""
-
-#: g10/trustdb.c:1183
-#, fuzzy
-msgid "Valid user ID revocation"
-msgstr "������������ �����.\n"
-
-#: g10/trustdb.c:1188
-#, fuzzy
-msgid "Invalid user ID revocation"
-msgstr "������������ �����.\n"
-
-#: g10/trustdb.c:1230
-#, fuzzy
-msgid "Valid certificate revocation"
-msgstr "������ ����������"
-
-#: g10/trustdb.c:1231
-#, fuzzy
-msgid "Good certificate"
-msgstr "������ ����������"
-
-#: g10/trustdb.c:1259
-#, fuzzy
-msgid "Invalid certificate revocation"
-msgstr "������ ����������"
-
-#: g10/trustdb.c:1260
-#, fuzzy
-msgid "Invalid certificate"
-msgstr "������ ����������"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr ""
-
-#: g10/trustdb.c:1340
-#, fuzzy
-msgid "duplicated certificate - deleted"
-msgstr "������ ����������"
-
-#: g10/trustdb.c:1661
-#, fuzzy, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "������ �������������: %s\n"
-
-#: g10/trustdb.c:1795
-#, fuzzy, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/trustdb.c:1800
-#, fuzzy, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr ""
-
-#: g10/trustdb.c:1811
-#, fuzzy, c-format
-msgid "error reading dir record: %s\n"
-msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr ""
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, fuzzy, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "������ ������ �����"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr ""
-
-#: g10/trustdb.c:1826
-#, fuzzy, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "���������� ������� �� �������: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr ""
-
-#: g10/trustdb.c:1884
-#, fuzzy, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "���� %08lX: %d ����� ���-������\n"
-
-#: g10/trustdb.c:1886
-#, fuzzy, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "%s: ��������: %s\n"
-
-#: g10/trustdb.c:1890
-#, c-format
-msgid "\t%lu keys updated\n"
-msgstr ""
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr ""
-
-#: g10/trustdb.c:2239
-#, fuzzy
-msgid "Ooops, no user IDs\n"
-msgstr "������ ������ � ��������������� �������������"
-
-#: g10/trustdb.c:2397
-#, fuzzy, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "���� %08lX.%lu: ������� ������������� ������ �� �������: %s\n"
-
-#: g10/trustdb.c:2406
-#, fuzzy, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "���� %08lX.%lu: ������� ������������� ������ �� �������: %s\n"
-
-#: g10/trustdb.c:2410
-#, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "���� %08lX.%lu: �������� � ���� ������ �������\n"
-
-#: g10/trustdb.c:2418
-#, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
-msgstr ""
-"���� %08lX.%lu: ������������ � ������� (����������� ����������� ����)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "���� %08lX.%lu: ���� �������� ����� %s\n"
-
-#: g10/trustdb.c:2441
-#, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "���� %08lX.%lu: �������� ������� �� �������: %s\n"
-
-#: g10/trustdb.c:2592
-#, fuzzy, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "%s: ������������ �� ������\n"
-
-#: g10/trustdb.c:2594
-#, fuzzy, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "������ ������������� ���� ������ �������: %s\n"
-
-#: g10/trustdb.c:2597
-#, fuzzy, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "���������� ���� ������ ������� �� �������: %s\n"
-
-#: g10/trustdb.c:2600
-#, fuzzy, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "������ ������������� ���� ������ �������: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr ""
-
-#: g10/verify.c:82
-msgid ""
-"the signature could not be verified.\n"
-"Please remember that the signature file (.sig or .asc)\n"
-"should be the first file given on the command line.\n"
-msgstr ""
-
-#: g10/verify.c:147
-#, c-format
-msgid "input line %u too long or missing LF\n"
-msgstr ""
-
-#: g10/ringedit.c:296
-#, fuzzy, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, fuzzy, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr ""
-
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, fuzzy, c-format
-msgid "%s is the unchanged one\n"
-msgstr "����������� ������������ ��������� ����"
-
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
-#, c-format
-msgid "%s is the new one\n"
-msgstr ""
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr ""
-
-#: g10/skclist.c:98
-#, fuzzy, c-format
-msgid "skipped `%s': %s\n"
-msgstr "%s: ��������: %s\n"
-
-#: g10/skclist.c:105
-#, fuzzy, c-format
-msgid ""
-"skipped `%s': this is a PGP generated ElGamal key which is not secure for "
-"signatures!\n"
-msgstr "���� ElGamal ����, ��������� PGP, �� ������� ��� �������� ��������!\n"
-
-#. do not overwrite
-#: g10/openfile.c:84
-#, c-format
-msgid "File `%s' exists. "
-msgstr "���� `%s' ����������. "
-
-#: g10/openfile.c:86
-msgid "Overwrite (y/N)? "
-msgstr "���������� (y/N)? "
-
-#: g10/openfile.c:120
-#, c-format
-msgid "%s: unknown suffix\n"
-msgstr ""
-
-#: g10/openfile.c:142
-#, fuzzy
-msgid "Enter new filename"
-msgstr "--store [��� �����]"
-
-#: g10/openfile.c:183
-#, fuzzy
-msgid "writing to stdout\n"
-msgstr "������������ � `%s'\n"
-
-#: g10/openfile.c:262
-#, fuzzy, c-format
-msgid "assuming signed data in `%s'\n"
-msgstr "���������� ������� ����������� ������ `%s' .\n"
-
-#: g10/openfile.c:312
-#, c-format
-msgid "%s: new options file created\n"
-msgstr ""
-
-#: g10/openfile.c:339
-#, fuzzy, c-format
-msgid "%s: can't create directory: %s\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/openfile.c:342
-#, fuzzy, c-format
-msgid "%s: directory created\n"
-msgstr "%s: ���������� �������: %s\n"
-
-#: g10/openfile.c:344
-msgid "you have to start GnuPG again, so it can read the new options file\n"
-msgstr ""
-
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr ""
-
-#: g10/encr-data.c:69
-#, fuzzy, c-format
-msgid "%s encrypted data\n"
-msgstr "����������� ������"
-
-#: g10/encr-data.c:99
-#, fuzzy
-msgid ""
-"WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
-msgstr ""
-"��������������: ��������� ���� �����������, ��������� ������ ����, � "
-"������������ ��������� ����������.\n"
-
-#: g10/seskey.c:61
-msgid "weak key created - retrying\n"
-msgstr "��������� ������ ����, ������� ��� ���\n"
-
-#: g10/seskey.c:66
-#, c-format
-msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
-msgstr ""
-"�� ���������� �������� ������� ����� � ������������ ���������; ��������� %d "
-"���!\n"
-
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "Es gibt einen privaten ���� zu diesem �ffentlichen ����!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr ""
-"Benutzen Sie das Kommando \"--delete-secret-key\", um ihn vorab zu "
-"entfernen.\n"
-
-#: g10/delkey.c:107
-msgid "can't do that in batchmode without \"--yes\"\n"
-msgstr "Dies kann im Batchmodus ohne \"--yes\" nicht durchgef�hrt werden.\n"
-
-#: g10/delkey.c:129
-msgid "Delete this key from the keyring? "
-msgstr "Diesen ���� aus dem ����ring l�schen? "
-
-#: g10/delkey.c:137
-msgid "This is a secret key! - really delete? "
-msgstr "Dies ist ein privater ����! - Wirklich l�schen? "
-
-#: g10/helptext.c:47
-#, fuzzy
-msgid ""
-"It's up to you to assign a value here; this value will never be exported\n"
-"to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
-"to do with the (implicitly created) web-of-certificates."
-msgstr ""
-"Sie m�ssen selbt entscheiden, welchen Wert Sie hier eintragen; dieser Wert\n"
-"wird niemals an eine dritte Seite weitergegeben.  Wir brauchen diesen Wert,\n"
-"um das \"Netz des Vertrauens\" aufzubauen.  Dieses hat nichts mit dem "
-"(implizit\n"
-"erzeugten) \"Netz der Zertifikate\" zu tun.\n"
-
-#: g10/helptext.c:53
-msgid "If you want to use this revoked key anyway, answer \"yes\"."
-msgstr ""
-
-#: g10/helptext.c:57
-msgid "If you want to use this untrusted key anyway, answer \"yes\"."
-msgstr ""
-
-#: g10/helptext.c:61
-msgid ""
-"Enter the user ID of the addressee to whom you want to send the message."
-msgstr ""
-
-#: g10/helptext.c:65
-msgid ""
-"Select the algorithm to use.\n"
-"\n"
-"DSA (aka DSS) is the digital signature algorithm which can only be used\n"
-"for signatures.  This is the suggested algorithm because verification of\n"
-"DSA signatures are much faster than those of ElGamal.\n"
-"\n"
-"ElGamal is an algorithm which can be used for signatures and encryption.\n"
-"OpenPGP distinguishs between two flavors of this algorithms: an encrypt "
-"only\n"
-"and a sign+encrypt; actually it is the same, but some parameters must be\n"
-"selected in a special way to create a safe key for signatures: this program\n"
-"does this but other OpenPGP implementations are not required to understand\n"
-"the signature+encryption flavor.\n"
-"\n"
-"The first (primary) key must always be a key which is capable of signing;\n"
-"this is the reason why the encryption only ElGamal key is not available in\n"
-"this menu."
-msgstr ""
-
-#: g10/helptext.c:85
-msgid ""
-"Although these keys are defined in RFC2440 they are not suggested\n"
-"because they are not supported by all programs and signatures created\n"
-"with them are quite large and very slow to verify."
-msgstr ""
-
-#: g10/helptext.c:92
-#, fuzzy
-msgid "Enter the size of the key"
-msgstr "������� ������������� ������������: "
-
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
-msgid "Answer \"yes\" or \"no\""
-msgstr ""
-
-#: g10/helptext.c:106
-msgid ""
-"Enter the required value as shown in the prompt.\n"
-"It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
-"get a good error response - instead the system tries to interpret\n"
-"the given value as an interval."
-msgstr ""
-
-#: g10/helptext.c:118
-msgid "Enter the name of the key holder"
-msgstr ""
-
-#: g10/helptext.c:123
-msgid "please enter an optional but highly suggested email address"
-msgstr ""
-
-#: g10/helptext.c:127
-#, fuzzy
-msgid "Please enter an optional comment"
-msgstr "����������, ������� ��� ����� ������: "
-
-#: g10/helptext.c:132
-msgid ""
-"N  to change the name.\n"
-"C  to change the comment.\n"
-"E  to change the email address.\n"
-"O  to continue with key generation.\n"
-"Q  to to quit the key generation."
-msgstr ""
-
-#: g10/helptext.c:141
-msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
-msgstr ""
-
-#: g10/helptext.c:164
-msgid "Answer \"yes\" is you want to sign ALL the user IDs"
-msgstr ""
-
-#: g10/helptext.c:168
-msgid ""
-"Answer \"yes\" if you really want to delete this user ID.\n"
-"All certificates are then also lost!"
-msgstr ""
-
-#: g10/helptext.c:173
-msgid "Answer \"yes\" if it is okay to delete the subkey"
-msgstr ""
-
-#: g10/helptext.c:178
-msgid ""
-"This is a valid signature on the key; you normally don't want\n"
-"to delete this signature because it may be important to establish a\n"
-"trust connection to the key or another key certified by this key."
-msgstr ""
-
-#: g10/helptext.c:183
-msgid ""
-"This signature can't be checked because you don't have the\n"
-"corresponding key.  You should postpone its deletion until you\n"
-"know which key was used because this signing key might establish\n"
-"a trust connection through another already certified key."
-msgstr ""
-
-#: g10/helptext.c:189
-msgid ""
-"The signature is not valid.  It does make sense to remove it from\n"
-"your keyring."
-msgstr ""
-
-#: g10/helptext.c:193
-msgid ""
-"This is a signature which binds the user ID to the key. It is\n"
-"usually not a good idea to remove such a signature.  Actually\n"
-"GnuPG might not be able to use this key anymore.  So do this\n"
-"only if this self-signature is for some reason not valid and\n"
-"a second one is available."
-msgstr ""
-
-#: g10/helptext.c:202
-msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
-msgstr ""
-
-#: g10/helptext.c:209
-msgid "Please repeat the last passphrase, so you are sure what you typed in."
-msgstr ""
-
-#: g10/helptext.c:213
-msgid "Give the name of the file to which the signature applies"
-msgstr ""
-
-#: g10/helptext.c:218
-msgid "Answer \"yes\" if it is okay to overwrite the file"
-msgstr ""
-
-#: g10/helptext.c:223
-msgid ""
-"Please enter a new filename. If you just hit RETURN the default\n"
-"file (which is shown in brackets) will be used."
-msgstr ""
-
-#: g10/helptext.c:229
-msgid ""
-"You should specify a reason for the certification.  Depending on the\n"
-"context you have the ability to choose from this list:\n"
-"  \"Key has been compromised\"\n"
-"      Use this if you have a reason to believe that unauthorized persons\n"
-"      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
-"      Use this if you have replaced this key with a newer one.\n"
-"  \"Key is no longer used\"\n"
-"      Use this if you have retired this key.\n"
-"  \"User ID is no longer valid\"\n"
-"      Use this to state that the user ID should not longer be used;\n"
-"      this is normally used to mark an email address invalid.\n"
-msgstr ""
-
-#: g10/helptext.c:245
-msgid ""
-"If you like, you can enter a text describing why you issue this\n"
-"revocation certificate.  Please keep this text concise.\n"
-"An empty line ends the text.\n"
-msgstr ""
-
-#: g10/helptext.c:260
-msgid "No help available"
-msgstr "������ �����������."
-
-#: g10/helptext.c:268
-#, c-format
-msgid "No help available for `%s'"
-msgstr "������ ��� `%s' �����������."
-
-#, fuzzy
-#~ msgid "No key for user ID\n"
-#~ msgstr "���� %08lX: ��� �������������� ������������\n"
-
-#, fuzzy
-#~ msgid "No user ID for key\n"
-#~ msgstr "������ ��������� ����"
-
-#~ msgid "no default public keyring\n"
-#~ msgstr "��� ������ �������� ������ �� ���������\n"
-
-#, fuzzy
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "���������� ������������� ������ �������� ������: %s\n"
-
-#, fuzzy
-#~ msgid "error writing keyring `%s': %s\n"
-#~ msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
-
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "���� %08lX: ���������� ��������� original keyblock: %s\n"
-
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: ������������ �� ������\n"
-
-#~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
-#~ msgstr ""
-#~ "����������� RSA ������� �� �������������, ����������, ��������� � ��������\n"
-#~ "������ ����� ��� ������������� � �������\n"
-
-#, fuzzy
-#~ msgid "not processed"
-#~ msgstr "�� ��������������"
-
-#~ msgid "set debugging flags"
-#~ msgstr "���������� ���������� �����"
-
-#~ msgid "enable full debugging"
-#~ msgstr "��������� ��� �������"
-
-#~ msgid "do not write comment packets"
-#~ msgstr "�� ������ ������ � �������������"
-
-#~ msgid "(default is 1)"
-#~ msgstr "(�� ��������� 1)"
-
-#~ msgid "(default is 3)"
-#~ msgstr "(�� ��������� 3)"
-
-#~ msgid "   (%d) ElGamal in a v3 packet\n"
-#~ msgstr "   (%d) ElGamal � v3-������\n"
-
-#~ msgid "Key generation can only be used in interactive mode\n"
-#~ msgstr ""
-#~ "��������� ����� ����� ���� ��������� ������ � ������������� ������.\n"
-
-#~ msgid "passphrase.repeat"
-#~ msgstr ""
-#~ "Um sicher zu gehen, da� Sie sich bei der Eingabe der \"Passphrase\" nicht\n"
-#~ "vertippt haben, geben Sie diese bitte nochmal ein.  Nur wenn beide Eingaben\n"
-#~ "�bereinstimmen, wird die \"Passphrase\" akzeptiert."
-
-#, fuzzy
-#~ msgid "detached_signature.filename"
-#~ msgstr "��� ����� ��� ��������� �������"
-
-#~ msgid "openfile.overwrite.okay"
-#~ msgstr "�� ������� ������������ ���� (�������� ������ ������)"
-
-#, fuzzy
-#~ msgid "tdbio_search_sdir failed: %s\n"
-#~ msgstr "������ �������������: %s\n"
-
-#~ msgid "print all message digests"
-#~ msgstr "���������� ��� ��������� ���������"
-
-#, fuzzy
-#~ msgid "lid %lu: user id not found in keyblock\n"
-#~ msgstr "%s: ������������ �� ������\n"
-
-#, fuzzy
-#~ msgid "lid %lu: user id without signature\n"
-#~ msgstr "���� %08lX: ��� �������������� ������������ ��� �������\n"
-
-#, fuzzy
-#~ msgid "lid %lu: self-signature in hintlist\n"
-#~ msgstr "build_sigrecs: Selbst-Signatur fehlt\n"
-
-#, fuzzy
-#~ msgid "lid %lu: can't get keyblock: %s\n"
-#~ msgstr "���������� �������� ���� �����: %s\n"
-
-#, fuzzy
-#~ msgid "public key not anymore available"
-#~ msgstr "��������� ���� �� ����������"
-
-#, fuzzy
-#~ msgid "insert_trust_record: keyblock not found: %s\n"
-#~ msgstr "���� %08lX: ��������� ���� �� ������: %s\n"
-
-#, fuzzy
-#~ msgid "lid %lu: update failed: %s\n"
-#~ msgstr "���������� �� �������: %s\n"
-
-#, fuzzy
-#~ msgid "%s: update failed: %s\n"
-#~ msgstr "���������� �� �������: %s\n"
-
-#, fuzzy
-#~ msgid "lid %lu: keyblock not found: %s\n"
-#~ msgstr "���� %08lX: �������� ���� �� ������: %s\n"
-
-#, fuzzy
-#~ msgid "can't lock keyring `%': %s\n"
-#~ msgstr "���������� ������������� ������ �������� ������: %s\n"
-
-#~ msgid "can't open file: %s\n"
-#~ msgstr "���������� ������� ����: %s\n"
-
-#~ msgid "read error: %s\n"
-#~ msgstr "������ ������: %s\n"
-
-#~ msgid "writing keyblock\n"
-#~ msgstr "������������ ���� �����\n"
-
-#~ msgid "can't write keyblock: %s\n"
-#~ msgstr "���������� �������� ���� �����: %s\n"
-
-#~ msgid "can't lock secret keyring: %s\n"
-#~ msgstr "���������� ������������� ������ ��������� ������: %s\n"
-
-#, fuzzy
-#~ msgid "can't write keyring: %s\n"
-#~ msgstr "���������� �������� ������ ������: %s\n"
-
-#, fuzzy
-#~ msgid "encrypted message is valid\n"
-#~ msgstr "������ ������������ ��������-��������\n"
-
-#, fuzzy
-#~ msgid "Can't check MDC: %s\n"
-#~ msgstr "���������� ��������� �������: %s\n"
-
-#~ msgid "Usage: gpgm [options] [files] (-h for help)"
-#~ msgstr "�������������: gpgm [���������] [�����] (-h ��� ������)"
-
-#, fuzzy
-#~ msgid ""
-#~ "Syntax: gpgm [options] [files]\n"
-#~ "GnuPG maintenance utility\n"
-#~ msgstr ""
-#~ "���������: gpgm [���������] [�����]\n"
-#~ "��������� ������������� GNUPG\n"
-
-#~ msgid "usage: gpgm [options] "
-#~ msgstr "�������������: gpgm [���������] "
-
-#, fuzzy
-#~ msgid "lid %lu: read dir record failed: %s\n"
-#~ msgstr "���� %08lX.%lu: ������� ������������� ������ �� �������: %s\n"
-
-#, fuzzy
-#~ msgid "lid %lu: read key record failed: %s\n"
-#~ msgstr "���� %08lX.%lu: ������� ������������� ������ �� �������: %s\n"
-
-#, fuzzy
-#~ msgid "lid %lu: read uid record failed: %s\n"
-#~ msgstr "���� %08lX.%lu: ������� ������������� ������ �� �������: %s\n"
-
-#, fuzzy
-#~ msgid "lid %lu: read pref record failed: %s\n"
-#~ msgstr "���� %08lX.%lu: ������� ������������� ������ �� �������: %s\n"
-
-#, fuzzy
-#~ msgid "lid %lu: read sig record failed: %s\n"
-#~ msgstr "���� %08lX.%lu: ������� ������������� ������ �� �������: %s\n"
-
-#, fuzzy
-#~ msgid "user '%s' read problem: %s\n"
-#~ msgstr "%s: ������������ �� ������\n"
-
-#, fuzzy
-#~ msgid "user '%s' list problem: %s\n"
-#~ msgstr "%s: ������������ �� ������\n"
-
-#, fuzzy
-#~ msgid "user '%s' not in trustdb\n"
-#~ msgstr "%s: ������������ �� ������\n"
-
-#, fuzzy
-#~ msgid "error: invalid fingerprint\n"
-#~ msgstr "������ � ����������� ������\n"
-
-#, fuzzy
-#~ msgid "error: no ownertrust value\n"
-#~ msgstr "�������������� ��������� �������\n"
-
-#, fuzzy
-#~ msgid "key not in ring: %s\n"
-#~ msgstr "���������� �������� ������ ������: %s\n"
-
-#, fuzzy
-#~ msgid "insert trust record failed: %s\n"
-#~ msgstr "���� %08lX.%lu: ������� ������������� ������ �� �������: %s\n"
-
-#, fuzzy
-#~ msgid "Hmmm, public key lost?"
-#~ msgstr "������ �������� ����"
-
-#~ msgid "invalid clear text header: "
-#~ msgstr "������������ ��������� ���������: "
-
-#~ msgid "You will see a list of signators etc. here\n"
-#~ msgstr "����� �� ������� ������ ����������� � �.�.\n"
-
-#~ msgid "key %08lX: already in ultikey_table\n"
-#~ msgstr "���� %08lX: ��� � ultikey_table\n"
-
-#, fuzzy
-#~ msgid "key %08lX.%lu, uid %02X%02X: no public key for signature %08lX\n"
-#~ msgstr ""
-#~ "���� %08lX.%lu, uid %02X%02X: ��� ��������� ����� ��� ������� %08lX\n"
-
-#, fuzzy
-#~ msgid "key %08lX.%lu, uid %02X%02X: invalid %ssignature: %s\n"
-#~ msgstr "���� %08lX: ������������ ����-�������\n"
-
-#~ msgid "can't write keyring\n"
-#~ msgstr "kann ����ring nicht schreiben\n"
-
-#~ msgid "make a signature on a key in the keyring"
-#~ msgstr "���� signieren"
-
-#~ msgid "edit a key signature"
-#~ msgstr "Bearbeiten der Signaturen eines ����s"
-
-#~ msgid "public and secret subkey created.\n"
-#~ msgstr "�ffentlicher und privater ���� erzeugt.\n"
-
-#~ msgid "No public key for %d signatures\n"
-#~ msgstr "Kein �ffentlicher ���� f�r %d Signaturen\n"
-
-#~ msgid "[User name not available] "
-#~ msgstr "[Benuzername nicht verf�gbar] "
-
-#~ msgid "This is a BAD signature!\n"
-#~ msgstr "Dies ist eine FALSCHE Signatur!\n"
-
-#~ msgid "The signature could not be checked!\n"
-#~ msgstr "Die Signatur konnte nicht gepr�ft werden!\n"
-
-#~ msgid "Checking signatures of this public key certificate:\n"
-#~ msgstr "Die Signaturen dieses Zertifikats werden �berpr�ft:\n"
diff --git a/po/sv.po b/po/sv.po
index 7a6804f69..0e2bc65bd 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -12,52 +12,68 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: gnupg 1.0.1e\n"
-"POT-Creation-Date: 2000-11-13 21:38+0100\n"
-"PO-Revision-Date: 2000-04-23 16:43+02:00\n"
+"Project-Id-Version: gnupg 1.0.6\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2001-08-23 10:32+02:00\n"
 "Last-Translator: Daniel Resare <[email protected]>\n"
 "Language-Team: Swedish <[email protected]>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=iso-8859-1\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: util/miscutil.c:278 util/miscutil.c:307
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Varning: anv�nder os�kert minne!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr ""
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "operationen �r ej m�jlig utan tillg�ng till s�kert minne\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(du kan ha anv�nt fel program f�r denna uppgift)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
 msgid "yes"
 msgstr "ja"
 
-#: util/miscutil.c:279 util/miscutil.c:310
+#: util/miscutil.c:297 util/miscutil.c:334
 msgid "yY"
 msgstr "jJ"
 
-#: util/miscutil.c:280 util/miscutil.c:308
+#: util/miscutil.c:298 util/miscutil.c:332
 msgid "no"
 msgstr "nej"
 
-#: util/miscutil.c:281 util/miscutil.c:311
+#: util/miscutil.c:299 util/miscutil.c:335
 msgid "nN"
 msgstr "nN"
 
-#: g10/keyedit.c:575 util/miscutil.c:309
+#: g10/keyedit.c:815 util/miscutil.c:333
 msgid "quit"
 msgstr "avsluta"
 
-#: util/miscutil.c:312
+#: util/miscutil.c:336
 msgid "qQ"
 msgstr "aA"
 
-#: util/errors.c:55
+#: util/errors.c:54
 msgid "general error"
 msgstr "allm�nt fel"
 
-#: util/errors.c:56
+#: util/errors.c:55
 msgid "unknown packet type"
 msgstr "ok�nd pakettyp"
 
-#: util/errors.c:57
+#: util/errors.c:56
 msgid "unknown version"
 msgstr "ok�nd version"
 
-#: util/errors.c:58
+#: util/errors.c:57
 msgid "unknown pubkey algorithm"
 msgstr "ok�nd algoritm f�r publik nyckel"
 
@@ -65,250 +81,263 @@ msgstr "ok�nd algoritm f�r publik nyckel"
 # om du har ett b�ttre f�rslag kontakta mig g�rna p�
 # [email protected]. Andra f�rslag jag s�gat �r digest (o�versatt),
 # fingeravtryck, indatakarakteristik, sammandrag och sammanfattning
-#: util/errors.c:59
+#: util/errors.c:58
 msgid "unknown digest algorithm"
 msgstr "ok�nd algoritm f�r ber�kning av kontrollsumma"
 
-#: util/errors.c:60
+#: util/errors.c:59
 msgid "bad public key"
 msgstr "felaktig publik nyckel"
 
-#: util/errors.c:61
+#: util/errors.c:60
 msgid "bad secret key"
 msgstr "felaktig hemlig nyckel"
 
-#: util/errors.c:62
+#: util/errors.c:61
 msgid "bad signature"
 msgstr "felaktig signatur"
 
-#: util/errors.c:63
+#: util/errors.c:62
 msgid "checksum error"
 msgstr "fel vid ber�kning av kontrollsumma"
 
-#: util/errors.c:64
+#: util/errors.c:63
 msgid "bad passphrase"
 msgstr "felaktig l�senordsfras"
 
-#: util/errors.c:65
+#: util/errors.c:64
 msgid "public key not found"
 msgstr "hittade inte publik nyckel"
 
-#: util/errors.c:66
+#: util/errors.c:65
 msgid "unknown cipher algorithm"
 msgstr "ok�nd chifferalgoritm"
 
-#: util/errors.c:67
+#: util/errors.c:66
 msgid "can't open the keyring"
 msgstr "kan inte �ppna nyckelringen"
 
-#: util/errors.c:68
+#: util/errors.c:67
 msgid "invalid packet"
 msgstr "felaktigt paket"
 
-#: util/errors.c:69
+#: util/errors.c:68
 msgid "invalid armor"
 msgstr "felaktigt skal"
 
-#: util/errors.c:70
+#: util/errors.c:69
 msgid "no such user id"
 msgstr "ok�nd anv�ndaridentitet"
 
-#: util/errors.c:71
+#: util/errors.c:70
 msgid "secret key not available"
 msgstr "den hemliga nyckeln �r inte tillg�nglig"
 
-#: util/errors.c:72
+#: util/errors.c:71
 msgid "wrong secret key used"
 msgstr "fel hemlig nyckel har anv�nts"
 
-#: util/errors.c:73
+#: util/errors.c:72
 msgid "not supported"
 msgstr "ej st�dd"
 
-#: util/errors.c:74
+#: util/errors.c:73
 msgid "bad key"
 msgstr "felaktig nyckel"
 
-#: util/errors.c:75
+#: util/errors.c:74
 msgid "file read error"
 msgstr "fel vid l�sning av fil"
 
-#: util/errors.c:76
+#: util/errors.c:75
 msgid "file write error"
 msgstr "fel vid skrivning av fil"
 
-#: util/errors.c:77
+#: util/errors.c:76
 msgid "unknown compress algorithm"
 msgstr "ok�nd komprimeringsalgoritm"
 
-#: util/errors.c:78
+#: util/errors.c:77
 msgid "file open error"
 msgstr "fel vid �ppnande av fil"
 
-#: util/errors.c:79
+#: util/errors.c:78
 msgid "file create error"
 msgstr "fel vid skapande av fil"
 
-#: util/errors.c:80
+#: util/errors.c:79
 msgid "invalid passphrase"
 msgstr "felaktig l�senordsfras"
 
-#: util/errors.c:81
+#: util/errors.c:80
 msgid "unimplemented pubkey algorithm"
 msgstr "algoritmen f�r publik nyckel �r ej implementerad"
 
-#: util/errors.c:82
+#: util/errors.c:81
 msgid "unimplemented cipher algorithm"
 msgstr "chifferalgorimten �r ej implementerad"
 
-#: util/errors.c:83
+#: util/errors.c:82
 msgid "unknown signature class"
 msgstr "ok�nd signaturklass"
 
-#: util/errors.c:84
+#: util/errors.c:83
 msgid "trust database error"
 msgstr "fel i tillitsdatabasen"
 
 # MPI st�r f�r Multiple Precision Integer (tror jag)
-#: util/errors.c:85
+#: util/errors.c:84
 msgid "bad MPI"
 msgstr "felaktig MPI"
 
-#: util/errors.c:86
+#: util/errors.c:85
 msgid "resource limit"
 msgstr "resursbegr�nsning"
 
-#: util/errors.c:87
+#: util/errors.c:86
 msgid "invalid keyring"
 msgstr "felaktig nyckelring"
 
-#: util/errors.c:88
+#: util/errors.c:87
 msgid "bad certificate"
 msgstr "felaktigt certifikat"
 
-#: util/errors.c:89
+#: util/errors.c:88
 msgid "malformed user id"
 msgstr "felformaterad anv�ndaridentitet"
 
-#: util/errors.c:90
+#: util/errors.c:89
 msgid "file close error"
 msgstr "fel vid st�ngning av fil"
 
-#: util/errors.c:91
+#: util/errors.c:90
 msgid "file rename error"
 msgstr "fel vid namnbyte av fil"
 
-#: util/errors.c:92
+#: util/errors.c:91
 msgid "file delete error"
 msgstr "fel vid borttagande av fil"
 
-#: util/errors.c:93
+#: util/errors.c:92
 msgid "unexpected data"
 msgstr "ov�ntad data"
 
-#: util/errors.c:94
+#: util/errors.c:93
 msgid "timestamp conflict"
 msgstr "konflikt mellan tidsst�mplar"
 
-#: util/errors.c:95
+#: util/errors.c:94
 msgid "unusable pubkey algorithm"
 msgstr "oanv�ndbar algoritm f�r publika nycklar"
 
-#: util/errors.c:96
+#: util/errors.c:95
 msgid "file exists"
 msgstr "filen finns"
 
-#: util/errors.c:97
+#: util/errors.c:96
 msgid "weak key"
 msgstr "svag nyckel"
 
-#: util/errors.c:98
+#: util/errors.c:97
 msgid "invalid argument"
 msgstr "felaktigt argument"
 
-#: util/errors.c:99
+#: util/errors.c:98
 msgid "bad URI"
 msgstr "felaktig URI"
 
-#: util/errors.c:100
+#: util/errors.c:99
 msgid "unsupported URI"
 msgstr "ej st�dd URI"
 
-#: util/errors.c:101
+#: util/errors.c:100
 msgid "network error"
 msgstr "n�tverksfel"
 
-#: util/errors.c:103
+#: util/errors.c:102
 msgid "not encrypted"
 msgstr "ej krypterad"
 
-#: util/logger.c:227
+#: util/errors.c:103
+msgid "not processed"
+msgstr "inte behandlade"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "oanv�ndbar publik nyckel"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "oanv�ndbar hemlig nyckel"
+
+#: util/errors.c:107
+#, fuzzy
+msgid "keyserver error"
+msgstr "allm�nt fel"
+
+#: util/logger.c:249
 #, c-format
 msgid "... this is a bug (%s:%d:%s)\n"
-msgstr "... detta �r en bugg (%s:%d:%s)\n"
+msgstr "... detta �r ett fel i programmet (%s:%d:%s)\n"
 
-#: util/logger.c:233
+#: util/logger.c:255
 #, c-format
 msgid "you found a bug ... (%s:%d)\n"
-msgstr "du har hittat en bugg ... (%s:%d)\\n\n"
+msgstr "du har hittat ett fel i programmet ... (%s:%d)\n"
 
-#: cipher/random.c:321 g10/import.c:128 g10/keygen.c:1353
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
 #, c-format
 msgid "can't open `%s': %s\n"
 msgstr "kan inte �ppna \"%s\": %s\n"
 
-#: cipher/random.c:325
+#: cipher/random.c:324
 #, c-format
 msgid "can't stat `%s': %s\n"
 msgstr "kan inte ta status p� \"%s\": %s\n"
 
-#: cipher/random.c:330
+#: cipher/random.c:329
 #, c-format
 msgid "`%s' is not a regular file - ignored\n"
 msgstr "\"%s\" �r inte �n vanlig fil - ignorerad\n"
 
-#: cipher/random.c:335
+#: cipher/random.c:334
 msgid "note: random_seed file is empty\n"
 msgstr "notera: filen random_seed �r tom\n"
 
-#: cipher/random.c:341
+#: cipher/random.c:340
 msgid "warning: invalid size of random_seed file - not used\n"
 msgstr "varning: random_seed har en felaktig storlek och anv�nds d�rf�r inte\n"
 
-#: cipher/random.c:349
+#: cipher/random.c:348
 #, c-format
 msgid "can't read `%s': %s\n"
 msgstr "kan inte l�sa \"%s\": %s\n"
 
-#: cipher/random.c:387
+#: cipher/random.c:386
 msgid "note: random_seed file not updated\n"
 msgstr "notera: random_seed uppdaterades inte\n"
 
-#: cipher/random.c:407
+#: cipher/random.c:406
 #, c-format
 msgid "can't create `%s': %s\n"
 msgstr "kan inte skapa \"%s\": %s\n"
 
-#: cipher/random.c:414
+#: cipher/random.c:413
 #, c-format
 msgid "can't write `%s': %s\n"
 msgstr "kan inte skriva till \"%s\": %s\n"
 
-#: cipher/random.c:417
+#: cipher/random.c:416
 #, c-format
 msgid "can't close `%s': %s\n"
 msgstr "kan inte st�nga \"%s\": %s\n"
 
-#: cipher/random.c:428
-#, c-format
-msgid "too many random bits requested; the limit is %d\n"
-msgstr "f�r m�nga slumpm�ssiga bitar efterfr�gades; maximalt antal �r %d\n"
-
-#: cipher/random.c:659
+#: cipher/random.c:662
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr "VARNING: anv�nder en os�ker slumptalsgenerator!!\n"
 
-#: cipher/random.c:665
+#: cipher/random.c:663
 msgid ""
 "The random number generator is only a kludge to let\n"
 "it run - it is in no way a strong RNG!\n"
@@ -323,7 +352,7 @@ msgstr ""
 "ANV�ND INGEN DATA GENERERAD AV DETTA PROGRAM!!\n"
 "\n"
 
-#: cipher/rndlinux.c:126
+#: cipher/rndlinux.c:142
 #, c-format
 msgid ""
 "\n"
@@ -335,19 +364,7 @@ msgstr ""
 "en stund f�r att ge operativsystemet en chans att samla mer entropi!\n"
 "(Beh�ver %d fler byte)\n"
 
-#: gcrypt/secmem.c:77
-msgid "Warning: using insecure memory!\n"
-msgstr "Varning: anv�nder os�kert minne!\n"
-
-#: gcrypt/secmem.c:287
-msgid "operation is not possible without initialized secure memory\n"
-msgstr "operationen �r ej m�jlig utan tillg�ng till s�kert minne\n"
-
-#: gcrypt/secmem.c:288
-msgid "(you may have used the wrong program for this task)\n"
-msgstr "(du kan ha anv�nt fel program f�r denna uppgift)\n"
-
-#: g10/gpg.c:201
+#: g10/g10.c:287
 msgid ""
 "@Commands:\n"
 " "
@@ -355,139 +372,170 @@ msgstr ""
 "@Kommandon:\n"
 " "
 
-#: g10/gpg.c:203
+#: g10/g10.c:289
 msgid "|[file]|make a signature"
 msgstr "|[fil]|skapa en signatur"
 
-#: g10/gpg.c:204
+#: g10/g10.c:290
 msgid "|[file]|make a clear text signature"
 msgstr "|[fil]|skapa en klartext-signatur"
 
-#: g10/gpg.c:205
+#: g10/g10.c:291
 msgid "make a detached signature"
 msgstr "skapa en signatur i en separat fil"
 
-#: g10/gpg.c:206
+#: g10/g10.c:292
 msgid "encrypt data"
 msgstr "kryptera data"
 
-#: g10/gpg.c:207
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr ""
+
+#: g10/g10.c:294
 msgid "encryption only with symmetric cipher"
 msgstr "endast kryptering med symmetriskt chiffer"
 
-#: g10/gpg.c:208
+#: g10/g10.c:295
 msgid "store only"
 msgstr "endast lagring"
 
-#: g10/gpg.c:209
+#: g10/g10.c:296
 msgid "decrypt data (default)"
 msgstr "dekryptera data (normall�ge)"
 
-#: g10/gpg.c:210
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr ""
+
+#: g10/g10.c:298
 msgid "verify a signature"
 msgstr "verifiera en signatur"
 
-#: g10/gpg.c:212
+#: g10/g10.c:300
 msgid "list keys"
 msgstr "r�kna upp nycklar"
 
-#: g10/gpg.c:214
+#: g10/g10.c:302
 msgid "list keys and signatures"
 msgstr "r�kna upp nycklar och signaturer"
 
-#: g10/gpg.c:215
+#: g10/g10.c:303
 msgid "check key signatures"
 msgstr "verifiera nyckelsignaturer"
 
-#: g10/gpg.c:216
+#: g10/g10.c:304
 msgid "list keys and fingerprints"
 msgstr "r�kna upp nycklar och fingeravtryck"
 
-#: g10/gpg.c:217
+#: g10/g10.c:305
 msgid "list secret keys"
 msgstr "r�kna upp hemliga nycklar"
 
-#: g10/gpg.c:218
+#: g10/g10.c:306
 msgid "generate a new key pair"
 msgstr "generera ett nytt nyckelpar"
 
-#: g10/gpg.c:219
-msgid "remove key from the public keyring"
+#: g10/g10.c:307
+#, fuzzy
+msgid "remove keys from the public keyring"
 msgstr "ta bort en nyckel fr�n den publika nyckelringen"
 
-#: g10/gpg.c:221
-msgid "remove key from the secret keyring"
+#: g10/g10.c:309
+#, fuzzy
+msgid "remove keys from the secret keyring"
 msgstr "ta bort en nyckel fr�n den hemliga nyckelringen"
 
-#: g10/gpg.c:222
+#: g10/g10.c:310
 msgid "sign a key"
 msgstr "signera en nyckel"
 
-#: g10/gpg.c:223
+#: g10/g10.c:311
 msgid "sign a key locally"
 msgstr "signera en nyckel lokalt"
 
-#: g10/gpg.c:224
+#: g10/g10.c:312
+#, fuzzy
+msgid "sign a key non-revocably"
+msgstr "signera en nyckel lokalt"
+
+#: g10/g10.c:313
+#, fuzzy
+msgid "sign a key locally and non-revocably"
+msgstr "signera en nyckel lokalt"
+
+#: g10/g10.c:314
 msgid "sign or edit a key"
 msgstr "signera eller redigera en nyckel"
 
-#: g10/gpg.c:225
+#: g10/g10.c:315
 msgid "generate a revocation certificate"
 msgstr "generera ett �terkallelesecertifikat"
 
-#: g10/gpg.c:226
+#: g10/g10.c:316
 msgid "export keys"
 msgstr "exportera nycklar"
 
-#: g10/gpg.c:227
+#: g10/g10.c:317
 msgid "export keys to a key server"
 msgstr "exportera nycklar till en nyckelserver"
 
-#: g10/gpg.c:228
+#: g10/g10.c:318
 msgid "import keys from a key server"
 msgstr "importera nycklar fr�n en nyckelserver"
 
-#: g10/gpg.c:232
+#: g10/g10.c:320
+#, fuzzy
+msgid "search for keys on a key server"
+msgstr "exportera nycklar till en nyckelserver"
+
+#: g10/g10.c:322
+#, fuzzy
+msgid "update all keys from a keyserver"
+msgstr "importera nycklar fr�n en nyckelserver"
+
+#: g10/g10.c:326
 msgid "import/merge keys"
 msgstr "importera/sl� ihop nycklar"
 
-#: g10/gpg.c:234
+#: g10/g10.c:328
 msgid "list only the sequence of packets"
 msgstr "skriv endast ut paketsekvensen"
 
-#: g10/gpg.c:236
+#: g10/g10.c:330
 msgid "export the ownertrust values"
 msgstr "exportera de v�rden som representerar �gartillit"
 
-#: g10/gpg.c:238
+#: g10/g10.c:332
 msgid "import ownertrust values"
 msgstr "importera v�rden som representerar �gartillit"
 
-#: g10/gpg.c:240
+#: g10/g10.c:334
 msgid "update the trust database"
 msgstr "uppdatera tillitsdatabasen"
 
-#: g10/gpg.c:242
-msgid "|[NAMES]|check the trust database"
-msgstr "|[NAMN]|kontrollera tillitsdatabasen"
+#: g10/g10.c:336
+#, fuzzy
+msgid "unattended trust database update"
+msgstr "uppdatera tillitsdatabasen"
 
-#: g10/gpg.c:243
+#: g10/g10.c:337
 msgid "fix a corrupted trust database"
 msgstr "reparera en korrupt tillitsdatabas"
 
-#: g10/gpg.c:244
+#: g10/g10.c:338
 msgid "De-Armor a file or stdin"
 msgstr "Skala av en fil eller standard in"
 
-#: g10/gpg.c:246
+#: g10/g10.c:340
 msgid "En-Armor a file or stdin"
 msgstr "Skapa ett skal f�r en fil eller standard in"
 
-#: g10/gpg.c:248
+#: g10/g10.c:342
 msgid "|algo [files]|print message digests"
 msgstr "|algo [filer]|skriv ut kontrollsummor"
 
-#: g10/gpg.c:253
+#: g10/g10.c:346
 msgid ""
 "@\n"
 "Options:\n"
@@ -497,156 +545,203 @@ msgstr ""
 "Flaggor:\n"
 " "
 
-#: g10/gpg.c:255
+#: g10/g10.c:348
 msgid "create ascii armored output"
 msgstr "skapa utdata med ett ascii-skal"
 
-#: g10/gpg.c:257
+#: g10/g10.c:350
 msgid "|NAME|encrypt for NAME"
 msgstr "|NAMN|kryptera f�r NAMN"
 
-#: g10/gpg.c:260
+#: g10/g10.c:353
 msgid "|NAME|use NAME as default recipient"
 msgstr "|NAMN|anv�nd NAMN som standardv�rdet f�r mottagare"
 
-#: g10/gpg.c:262
+#: g10/g10.c:355
 msgid "use the default key as default recipient"
 msgstr "anv�nd standardnyckeln som standardmottagare"
 
-#: g10/gpg.c:266
+#: g10/g10.c:361
 msgid "use this user-id to sign or decrypt"
 msgstr "anv�nd denna anv�ndaridentitet f�r att signera eller dekryptera"
 
-#: g10/gpg.c:267
+#: g10/g10.c:362
 msgid "|N|set compress level N (0 disables)"
 msgstr "|N|s�tt kompressionsniv�n till N (0 f�r att sl� av kompression)"
 
-#: g10/gpg.c:269
+#: g10/g10.c:364
 msgid "use canonical text mode"
 msgstr "anv�nd \"ursprunglig text\"-l�get"
 
-#: g10/gpg.c:270
+#: g10/g10.c:371
 msgid "use as output file"
 msgstr "anv�nd som fil f�r utdata"
 
-#: g10/gpg.c:271
+#: g10/g10.c:372
 msgid "verbose"
 msgstr "utf�rlig"
 
-#: g10/gpg.c:272
+#: g10/g10.c:373
 msgid "be somewhat more quiet"
 msgstr "var n�got tystare"
 
-#: g10/gpg.c:273
+#: g10/g10.c:374
 msgid "don't use the terminal at all"
 msgstr "anv�nd inte terminalen alls"
 
-#: g10/gpg.c:274
+#: g10/g10.c:375
 msgid "force v3 signatures"
 msgstr "anv�nd v3-signaturer"
 
-#: g10/gpg.c:275
+#: g10/g10.c:376
+#, fuzzy
+msgid "do not force v3 signatures"
+msgstr "anv�nd v3-signaturer"
+
+#: g10/g10.c:377
+#, fuzzy
+msgid "force v4 key signatures"
+msgstr "anv�nd v3-signaturer"
+
+#: g10/g10.c:378
+#, fuzzy
+msgid "do not force v4 key signatures"
+msgstr "anv�nd v3-signaturer"
+
+#: g10/g10.c:379
 msgid "always use a MDC for encryption"
 msgstr "anv�nd alltid en MDC f�r kryptering"
 
-#: g10/gpg.c:276
+#: g10/g10.c:381
+#, fuzzy
+msgid "never use a MDC for encryption"
+msgstr "anv�nd alltid en MDC f�r kryptering"
+
+#: g10/g10.c:383
 msgid "do not make any changes"
 msgstr "g�r inga �ndringar"
 
+# syftar p� ett anv�ndargr�nsnitt i ett separat program, till exempel gpa
 #. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
-#: g10/gpg.c:278
+#: g10/g10.c:385
 msgid "use the gpg-agent"
-msgstr ""
+msgstr "anv�nd gpg-agenten"
 
-#: g10/gpg.c:279
+#: g10/g10.c:388
 msgid "batch mode: never ask"
 msgstr "batch-l�ge: fr�ga aldrig"
 
-#: g10/gpg.c:280
+#: g10/g10.c:389
 msgid "assume yes on most questions"
 msgstr "anta att svaret �r ja p� de flesta fr�gor"
 
-#: g10/gpg.c:281
+#: g10/g10.c:390
 msgid "assume no on most questions"
 msgstr "anta att svaret �r nej p� de flesta fr�gor"
 
-#: g10/gpg.c:282
+#: g10/g10.c:391
 msgid "add this keyring to the list of keyrings"
 msgstr "l�gg till denna nyckelring till listan av nyckelringar"
 
-#: g10/gpg.c:283
+#: g10/g10.c:392
 msgid "add this secret keyring to the list"
 msgstr "l�gg till denna hemliga nyckelring till listan"
 
-#: g10/gpg.c:284
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr ""
+
+#: g10/g10.c:394
 msgid "|NAME|use NAME as default secret key"
 msgstr "|NAMN|anv�nd NAMN som f�rvald hemlig nyckel"
 
-#: g10/gpg.c:285
+#: g10/g10.c:395
 msgid "|HOST|use this keyserver to lookup keys"
 msgstr "|V�RD|anv�nd denna nyckelserver f�r att sl� upp nycklar"
 
-#: g10/gpg.c:286
+#: g10/g10.c:397
 msgid "|NAME|set terminal charset to NAME"
 msgstr "|NAMN|s�tt teckentabellen f�r terminalen till NAMN"
 
-#: g10/gpg.c:287
+#: g10/g10.c:398
 msgid "read options from file"
 msgstr "l�s flaggor fr�n fil"
 
-#: g10/gpg.c:291
+#: g10/g10.c:402
 msgid "|FD|write status info to this FD"
 msgstr "|FD|skriv statusinformation till denna FD"
 
-#: g10/gpg.c:296
-msgid "|KEYID|ulimately trust this key"
-msgstr ""
+#: g10/g10.c:404
+#, fuzzy
+msgid "|[file]|write status info to file"
+msgstr "|FD|skriv statusinformation till denna FD"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|NYCKELID|lita ovillkorligen p� denna nyckel"
 
-#: g10/gpg.c:297
+#: g10/g10.c:411
 msgid "|FILE|load extension module FILE"
 msgstr "|FIL|ladda till�ggsmodul FIL"
 
-#: g10/gpg.c:298
+#: g10/g10.c:412
 msgid "emulate the mode described in RFC1991"
 msgstr "imitera l�get som beskrivs i RFC1991"
 
-#: g10/gpg.c:299
+#: g10/g10.c:413
 msgid "set all packet, cipher and digest options to OpenPGP behavior"
 msgstr "st�ll om alla flaggor s� att gpg f�ljer OpenPGP-standarden"
 
-#: g10/gpg.c:300
+#: g10/g10.c:414
+#, fuzzy
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "st�ll om alla flaggor s� att gpg f�ljer OpenPGP-standarden"
+
+#: g10/g10.c:418
 msgid "|N|use passphrase mode N"
 msgstr "|N|anv�nd l�senordsl�get N"
 
-#: g10/gpg.c:302
+#: g10/g10.c:420
 msgid "|NAME|use message digest algorithm NAME for passphrases"
 msgstr "|NAMN|anv�nd kontrollsummealgoritmen NAMN f�r l�senordsfraser"
 
-#: g10/gpg.c:304
+#: g10/g10.c:422
 msgid "|NAME|use cipher algorithm NAME for passphrases"
 msgstr "|NAMN|anv�nd chifferalgoritmen NAMN f�r l�senordsfraser"
 
-#: g10/gpg.c:305
+#: g10/g10.c:424
 msgid "|NAME|use cipher algorithm NAME"
 msgstr "|NAMN|anv�nd chifferalgoritmen NAMN"
 
-#: g10/gpg.c:306
+#: g10/g10.c:425
 msgid "|NAME|use message digest algorithm NAME"
 msgstr "|NAMN|anv�nd kontrollsummealgoritmen NAMN"
 
-#: g10/gpg.c:307
+#: g10/g10.c:426
 msgid "|N|use compress algorithm N"
 msgstr "|N|anv�nd komprimeringsalgoritmen N"
 
-#: g10/gpg.c:308
+#: g10/g10.c:427
 msgid "throw keyid field of encrypted packets"
 msgstr "sl�ng bort nyckelidentitetsf�ltet fr�n krypterade paket"
 
-#: g10/gpg.c:309
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr ""
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr ""
+
+#: g10/g10.c:431
 msgid "|NAME=VALUE|use this notation data"
 msgstr "|NAMN=V�RDE|anv�nd detta s�tt f�r att beskriva data"
 
-#: g10/gpg.c:312
+#: g10/g10.c:434
 msgid ""
 "@\n"
 "(See the man page for a complete listing of all commands and options)\n"
@@ -654,7 +749,7 @@ msgstr ""
 "@\n"
 "(Se manualsidan f�r en komplett lista p� alla kommandon och flaggor)\n"
 
-#: g10/gpg.c:315
+#: g10/g10.c:437
 msgid ""
 "@\n"
 "Examples:\n"
@@ -674,17 +769,17 @@ msgstr ""
 "--list-keys [namn]          visa nycklar\n"
 "--fingerprint [namn]        visa fingeravtryck\n"
 
-#: g10/gpg.c:417
+#: g10/g10.c:579
 msgid "Please report bugs to <[email protected]>.\n"
 msgstr ""
 "Rapportera g�rna fel till <[email protected]>.\n"
 "Rapportera g�rna fel eller synpunkter p� �vers�ttningen till <[email protected]>.\n"
 
-#: g10/gpg.c:421
+#: g10/g10.c:583
 msgid "Usage: gpg [options] [files] (-h for help)"
 msgstr "Anv�ndning: gpg [flaggor] [filer] (-h f�r hj�lp)"
 
-#: g10/gpg.c:424
+#: g10/g10.c:586
 msgid ""
 "Syntax: gpg [options] [files]\n"
 "sign, check, encrypt or decrypt\n"
@@ -694,7 +789,7 @@ msgstr ""
 "signera, kontrollera, kryptera eller dekryptera\n"
 "vilken operation som utf�rs beror p� programmets indata\n"
 
-#: g10/gpg.c:431
+#: g10/g10.c:597
 msgid ""
 "\n"
 "Supported algorithms:\n"
@@ -702,71 +797,117 @@ msgstr ""
 "\n"
 "St�dda algoritmer:\n"
 
-#: g10/gpg.c:537
+#: g10/g10.c:671
 msgid "usage: gpg [options] "
 msgstr "anv�ndning: gpg [flaggor] "
 
-#: g10/gpg.c:595
+#: g10/g10.c:728
 msgid "conflicting commands\n"
 msgstr "motstridiga kommandon\n"
 
-#: g10/gpg.c:651
-#, c-format
-msgid "libgcrypt is too old (need %s, have %s)\n"
-msgstr ""
-
-#: g10/gpg.c:743
+#: g10/g10.c:903
 #, c-format
 msgid "NOTE: no default option file `%s'\n"
-msgstr "NOTERA: inst�llningsfilen \"%s\" saknas\n"
+msgstr "OBSERVERA: inst�llningsfilen \"%s\" saknas\n"
 
-#: g10/gpg.c:747
+#: g10/g10.c:907
 #, c-format
 msgid "option file `%s': %s\n"
 msgstr "inst�llningsfil \"%s\": %s\n"
 
-#: g10/gpg.c:754
+#: g10/g10.c:914
 #, c-format
 msgid "reading options from `%s'\n"
 msgstr "l�ser flaggor fr�n \"%s\"\n"
 
-#: g10/gpg.c:946
+#: g10/g10.c:1197
 #, c-format
 msgid "%s is not a valid character set\n"
 msgstr "%s �r ingen giltig teckentabell\n"
 
-#: g10/gpg.c:1016
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr ""
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr ""
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, fuzzy, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "VARNING: \"%s\" �r en tom fil\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr ""
+
+#: g10/g10.c:1347
 msgid "WARNING: program may create a core file!\n"
 msgstr "VARNING: programmet kan komma att skapa en minnesutskrift!\n"
 
-#: g10/gpg.c:1019 g10/gpg.c:1028
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr ""
+
+#: g10/g10.c:1358 g10/g10.c:1369
 #, c-format
 msgid "NOTE: %s is not for normal use!\n"
-msgstr "NOTERA: %s �r inte f�r normal anv�ndning!\n"
+msgstr "OBSERVERA: %s �r inte f�r normal anv�ndning!\n"
 
-#: g10/gpg.c:1021
+#: g10/g10.c:1360 g10/g10.c:1380
 #, c-format
 msgid "%s not allowed with %s!\n"
 msgstr "%s �r inte till�ten tillsammans med %s!\n"
 
-#: g10/gpg.c:1024
+#: g10/g10.c:1363
 #, c-format
 msgid "%s makes no sense with %s!\n"
 msgstr "det �r ingen po�ng att anv�nda %s tillsammans med %s!\n"
 
-#: g10/gpg.c:1044 g10/gpg.c:1056
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr ""
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr ""
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr ""
+
+#: g10/g10.c:1470 g10/g10.c:1482
 msgid "selected cipher algorithm is invalid\n"
 msgstr "den valda chifferalgoritmen �r ogiltig\n"
 
-#: g10/gpg.c:1050 g10/gpg.c:1062
+#: g10/g10.c:1476 g10/g10.c:1488
 msgid "selected digest algorithm is invalid\n"
 msgstr "den valda kontrollsummealgoritmen �r ogiltig\n"
 
-#: g10/gpg.c:1066
-msgid "the given policy URL is invalid\n"
+#: g10/g10.c:1492
+#, fuzzy
+msgid "the given signature policy URL is invalid\n"
+msgstr "angiven URL �r ogiltig\n"
+
+#: g10/g10.c:1496
+#, fuzzy
+msgid "the given certification policy URL is invalid\n"
 msgstr "angiven URL �r ogiltig\n"
 
-#: g10/gpg.c:1069
+#: g10/g10.c:1499
 #, c-format
 msgid "compress algorithm must be in range %d..%d\n"
 msgstr "kompressionsalgoritmen m�ste vara i intervallet %d..%d\n"
@@ -777,127 +918,145 @@ msgstr "kompressionsalgoritmen m�ste vara i intervallet %d..%d\n"
 # �r �nd� litet. Eventuellt borde meddelandena inte alls
 # �vers�ttas f�r att g�ra eventuell fels�kning l�ttare
 # f�r internationella fels�kare
-#: g10/gpg.c:1071
+#: g10/g10.c:1501
 msgid "completes-needed must be greater than 0\n"
 msgstr "variabeln \"completes-needed\" m�ste ha ett v�rde som �r st�rre �n 0\n"
 
-#: g10/gpg.c:1073
+#: g10/g10.c:1503
 msgid "marginals-needed must be greater than 1\n"
 msgstr "variabeln \"marginals-needed\" m�ste vara st�rre �n 1\n"
 
-#: g10/gpg.c:1075
+#: g10/g10.c:1505
 msgid "max-cert-depth must be in range 1 to 255\n"
 msgstr "variabeln \"max-cert-depth\" m�ste ha ett v�rde mellan 1 och 255\n"
 
-#: g10/gpg.c:1078
+#: g10/g10.c:1508
 msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
-msgstr "NOTERA: enkelt S2K-l�ge (0) rekommenderas inte\n"
+msgstr "OBSERVERA: enkelt S2K-l�ge (0) rekommenderas inte\n"
 
-#: g10/gpg.c:1082
+#: g10/g10.c:1512
 msgid "invalid S2K mode; must be 0, 1 or 3\n"
 msgstr "ogiltigt S2K-l�ge; m�ste vara 0, 1 eller 3\n"
 
-#: g10/gpg.c:1171
+#: g10/g10.c:1516
+#, fuzzy
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "ogiltigt S2K-l�ge; m�ste vara 0, 1 eller 3\n"
+
+#: g10/g10.c:1519
+#, fuzzy
+msgid "invalid preferences\n"
+msgstr "skriv ut inst�llningar"
+
+#: g10/g10.c:1613
 #, c-format
 msgid "failed to initialize the TrustDB: %s\n"
 msgstr "misslyckades med att initialisera tillitsdatabasen: %s\n"
 
-#: g10/gpg.c:1177
+#: g10/g10.c:1633
 msgid "--store [filename]"
 msgstr "--store [filnamn]"
 
-#: g10/gpg.c:1184
+#: g10/g10.c:1640
 msgid "--symmetric [filename]"
 msgstr "--symmetric [filnamn]"
 
-#: g10/gpg.c:1192
+#: g10/g10.c:1648
 msgid "--encrypt [filename]"
 msgstr "--encrypt [filnamn]"
 
-#: g10/gpg.c:1205
+#: g10/g10.c:1665
 msgid "--sign [filename]"
 msgstr "--sign [filnamn]"
 
-#: g10/gpg.c:1218
+#: g10/g10.c:1678
 msgid "--sign --encrypt [filename]"
 msgstr "--sign --encrypt [filnamn]"
 
-#: g10/gpg.c:1232
+#: g10/g10.c:1692
+#, fuzzy
+msgid "--sign --symmetric [filename]"
+msgstr "--symmetric [filnamn]"
+
+#: g10/g10.c:1701
 msgid "--clearsign [filename]"
 msgstr "--clearsign [filnamn]"
 
-#: g10/gpg.c:1249
+#: g10/g10.c:1719
 msgid "--decrypt [filename]"
 msgstr "--decrypt [filnamn]"
 
-#: g10/gpg.c:1257
+#: g10/g10.c:1730
 msgid "--sign-key user-id"
 msgstr "--sign-key anv�ndaridentitet"
 
-#: g10/gpg.c:1265
+#: g10/g10.c:1738
 msgid "--lsign-key user-id"
 msgstr "--lsign-key anv�ndaridentitet"
 
-#: g10/gpg.c:1273
-msgid "--edit-key user-id [commands]"
-msgstr "--edit-key anv�ndaridentitet [kommandon]"
+#: g10/g10.c:1746
+#, fuzzy
+msgid "--nrsign-key user-id"
+msgstr "--sign-key anv�ndaridentitet"
 
-#: g10/gpg.c:1289
-msgid "--delete-secret-key user-id"
-msgstr "--delete-secret-key anv�ndaridentitet"
+#: g10/g10.c:1754
+#, fuzzy
+msgid "--nrlsign-key user-id"
+msgstr "--lsign-key anv�ndaridentitet"
 
-#: g10/gpg.c:1292
-msgid "--delete-key user-id"
-msgstr "--delete-key anv�ndaridentitet"
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key anv�ndaridentitet [kommandon]"
 
 # Filnamn b�de med och utan fnuttar finns. lite ologiskt. Vill n�gon
 # fixa en patch?
-#: g10/encode.c:314 g10/gpg.c:1329 g10/sign.c:543
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
 #, c-format
 msgid "can't open %s: %s\n"
 msgstr "kan inte �ppna %s: %s\n"
 
-#: g10/gpg.c:1344
+#: g10/g10.c:1833
 msgid "-k[v][v][v][c] [user-id] [keyring]"
 msgstr "-k[v][v][v][c] [anv�ndaridentitet] [nyckelring]"
 
-#: g10/gpg.c:1410
+#: g10/g10.c:1916
 #, c-format
 msgid "dearmoring failed: %s\n"
 msgstr "misslyckades med att ta bort skalet: %s\n"
 
-#: g10/gpg.c:1418
+#: g10/g10.c:1924
 #, c-format
 msgid "enarmoring failed: %s\n"
 msgstr "misslyckades med att skapa skal: %s\n"
 
-#: g10/gpg.c:1495 g10/gpg.c:1516
+#: g10/g10.c:2011
 #, c-format
 msgid "invalid hash algorithm `%s'\n"
 msgstr "felaktig hash-algoritm \"%s\"\n"
 
-#: g10/gpg.c:1601
+#: g10/g10.c:2097
 msgid "[filename]"
 msgstr "[filnamn]"
 
-#: g10/gpg.c:1605
+#: g10/g10.c:2101
 msgid "Go ahead and type your message ...\n"
 msgstr "Skriv ditt meddelande h�r ...\n"
 
 # se f�rra kommentaren
-#: g10/decrypt.c:59 g10/gpg.c:1608 g10/verify.c:68 g10/verify.c:113
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
 #, c-format
 msgid "can't open `%s'\n"
 msgstr "kan inte �ppna \"%s\"\n"
 
-#: g10/gpg.c:1786
+#: g10/g10.c:2313
 msgid ""
 "the first character of a notation name must be a letter or an underscore\n"
 msgstr ""
 "det f�rsta tecknet i ett notationsnamn m�ste vara en bokstav eller\n"
 "ett understrykningstecken (_)\n"
 
-#: g10/gpg.c:1792
+#: g10/g10.c:2319
 msgid ""
 "a notation name must have only letters, digits, dots or underscores and end "
 "with an '='\n"
@@ -905,87 +1064,83 @@ msgstr ""
 "ett notationsnamn kan bara inneh�lla bokst�ver, siffror, punkter eller\n"
 "understrykningstecken och sluta med ett likhetstecken\n"
 
-#: g10/gpg.c:1798
+#: g10/g10.c:2325
 msgid "dots in a notation name must be surrounded by other characters\n"
 msgstr "punkter i ett notationsnamn m�ste vara omgivna av andra tecken\n"
 
-#: g10/gpg.c:1806
+#: g10/g10.c:2333
 msgid "a notation value must not use any control characters\n"
 msgstr "ett notationsv�rde f�r inte ineh�lla n�gra kontrolltecken\n"
 
-#: g10/armor.c:302
+#: g10/armor.c:314
 #, c-format
 msgid "armor: %s\n"
 msgstr "skal: %s\n"
 
-#: g10/armor.c:331
+#: g10/armor.c:343
 msgid "invalid armor header: "
 msgstr "felaktig rubrikrad i skalet: "
 
-#: g10/armor.c:338
+#: g10/armor.c:350
 msgid "armor header: "
 msgstr "rad i skalet: "
 
-#: g10/armor.c:349
+#: g10/armor.c:361
 msgid "invalid clearsig header\n"
 msgstr "felaktig rubrikrad i klartextsignatur\n"
 
-#: g10/armor.c:401
+#: g10/armor.c:413
 msgid "nested clear text signatures\n"
 msgstr "flera klartextsignaturer g�r in i varandra\n"
 
-#: g10/armor.c:525
+#: g10/armor.c:537
 msgid "invalid dash escaped line: "
 msgstr "felaktig bindestreck-kodad rad: "
 
-#: g10/armor.c:537
+#: g10/armor.c:549
 msgid "unexpected armor:"
 msgstr "ov�ntat skal:"
 
-#: g10/armor.c:654
+#: g10/armor.c:675 g10/armor.c:1242
 #, c-format
 msgid "invalid radix64 character %02x skipped\n"
 msgstr "ogiltigt radix64-tecken %02x hoppades �ver\n"
 
-#: g10/armor.c:697
+#: g10/armor.c:718
 msgid "premature eof (no CRC)\n"
 msgstr "f�r tidigt filslut (ingen CRC-summa)\n"
 
-#: g10/armor.c:731
+#: g10/armor.c:752
 msgid "premature eof (in CRC)\n"
 msgstr "f�r tidigt filslut (i CRC-summan)\n"
 
-#: g10/armor.c:735
+#: g10/armor.c:756
 msgid "malformed CRC\n"
 msgstr "felformaterad CRC-summa\n"
 
-#: g10/armor.c:739
+#: g10/armor.c:760 g10/armor.c:1279
 #, c-format
 msgid "CRC error; %06lx - %06lx\n"
 msgstr "CRC-fel; %06lx - %06lx\n"
 
-#: g10/armor.c:756
+#: g10/armor.c:780
 msgid "premature eof (in Trailer)\n"
 msgstr "f�r tidigt filslut (i den avslutande raden)\n"
 
-#: g10/armor.c:760
+#: g10/armor.c:784
 msgid "error in trailer line\n"
 msgstr "fel i avslutande rad\n"
 
-#: g10/armor.c:912
-msgid "For info see http://www.gnupg.org"
-msgstr "F�r information se http://www.gnupg.org/"
-
-#: g10/armor.c:1033
+#: g10/armor.c:1057
 msgid "no valid OpenPGP data found.\n"
 msgstr "hittade ingen giltig OpenPGP-data.\n"
 
-#: g10/armor.c:1038
+#: g10/armor.c:1062
 #, c-format
 msgid "invalid armor: line longer than %d characters\n"
 msgstr "felaktigt skal: raden �r l�ngre �n %d tecken\n"
 
-#: g10/armor.c:1042
+#: g10/armor.c:1066
 msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
@@ -993,75 +1148,57 @@ msgstr ""
 "beror sannolikt p� att en felaktig epostserver eller epostklient har "
 "anv�nts\n"
 
-#. Translators: this shoud fit into 24 bytes to that the fingerprint
-#. * data is properly aligned with the user ID
-#: g10/keyedit.c:1182 g10/pkclist.c:54
-msgid "             Fingerprint:"
-msgstr "           Fingeravtryck:"
-
-#: g10/pkclist.c:81
-msgid "Fingerprint:"
-msgstr "Fingeravtryck:"
-
-#: g10/pkclist.c:117
+#: g10/pkclist.c:61
 msgid "No reason specified"
 msgstr "Ingen anledning har angivits"
 
 # tveksam �vers�ttning. funderar p� "ersatt av n�got b�ttre" men det
 # k�nns inte heller bra
-#: g10/pkclist.c:119
-#, fuzzy
-msgid "Key is superseeded"
+#: g10/pkclist.c:63
+msgid "Key is superseded"
 msgstr "Nyckeln �r ersatt"
 
-#: g10/pkclist.c:121
+#: g10/pkclist.c:65
 msgid "Key has been compromised"
 msgstr "Nyckeln har tappat sin s�kerhet"
 
-#: g10/pkclist.c:123
+#: g10/pkclist.c:67
 msgid "Key is no longer used"
 msgstr "Nyckeln anv�nds inte l�ngre"
 
-#: g10/pkclist.c:125
-#, fuzzy
+#: g10/pkclist.c:69
 msgid "User ID is no longer valid"
 msgstr "Anv�ndaridentiteten �r inte l�ngre giltig"
 
-#: g10/pkclist.c:129
+#: g10/pkclist.c:73
 msgid "Reason for revocation: "
 msgstr "Anledning till �terkallelsen: "
 
-#: g10/pkclist.c:146
+#: g10/pkclist.c:90
 msgid "Revocation comment: "
 msgstr "�terkallelsekommentar: "
 
-# v�rdena st�r f�r s = show me more info,  m = back to menu, q = quit
-# hur skall s�dant internationaliseras p� ett bra s�tt?
 #. a string with valid answers
-#: g10/pkclist.c:304
-msgid "sSmMqQ"
-msgstr "sSmMqQ"
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr ""
 
-#: g10/pkclist.c:308
-#, c-format
+#: g10/pkclist.c:258
+#, fuzzy, c-format
 msgid ""
-"No trust value assigned to %lu:\n"
+"No trust value assigned to:\n"
 "%4u%c/%08lX %s \""
 msgstr ""
 "%lu har inte tilldelats n�got tillitsv�rde:\n"
 "%4u%c/%08lX %s \""
 
-#: g10/pkclist.c:320
+#: g10/pkclist.c:270
+#, fuzzy
 msgid ""
 "Please decide how far you trust this user to correctly\n"
 "verify other users' keys (by looking at passports,\n"
 "checking fingerprints from different sources...)?\n"
 "\n"
-" 1 = Don't know\n"
-" 2 = I do NOT trust\n"
-" 3 = I trust marginally\n"
-" 4 = I trust fully\n"
-" s = please show me more information\n"
 msgstr ""
 "Var god best�m hur mycket du litar p� denna anv�ndare\n"
 "n�r det g�ller att korrekt verifiera andra anv�ndares nycklar\n"
@@ -1074,87 +1211,93 @@ msgstr ""
 " 4 = Jag litar fullst�ndigt p� denna anv�ndare\n"
 " s = visa mig mer information\n"
 
-#: g10/pkclist.c:329
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr ""
+
+#: g10/pkclist.c:274
+#, fuzzy, c-format
+msgid " %d = I do NOT trust\n"
+msgstr "%08lX: Vi litar INTE p� denna nyckel\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr ""
+
+#: g10/pkclist.c:276
+#, fuzzy, c-format
+msgid " %d = I trust fully\n"
+msgstr "%s: ej en tillitsdatabasfil\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr ""
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr ""
+
+#: g10/pkclist.c:281
 msgid " m = back to the main menu\n"
 msgstr " m = g� tillbaka till huvudmenyn\n"
 
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr ""
+
 # q skall bytas ut mot a s�fort det kollas upp s� att q ocks� funkar.
-#: g10/pkclist.c:331
+#: g10/pkclist.c:285
 msgid " q = quit\n"
 msgstr " q = avsluta\n"
 
-#: g10/pkclist.c:337
+#: g10/pkclist.c:292
 msgid "Your decision? "
 msgstr "Vad v�ljer du? "
 
-#: g10/pkclist.c:359
+#: g10/pkclist.c:313
+#, fuzzy
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr "Vill du verkligen ta bort denna nyckel? "
+
+#: g10/pkclist.c:325
 msgid "Certificates leading to an ultimately trusted key:\n"
 msgstr "Certifikat som leder till en p�litlig nyckel:\n"
 
-#: g10/pkclist.c:430
-msgid ""
-"Could not find a valid trust path to the key.  Let's see whether we\n"
-"can assign some missing owner trust values.\n"
-"\n"
-msgstr ""
-"Kunde inte hitta n�gon giltig tillitsv�g till nyckeln. L�t oss se om vi kan\n"
-"tilldela n�gra av de �gartillitsv�rden som saknas\n"
-"\n"
-
-#: g10/pkclist.c:436
-msgid ""
-"No path leading to one of our keys found.\n"
-"\n"
-msgstr ""
-"En av de funna nycklarna saknar tillitsv�g.\n"
-"\n"
-
-#: g10/pkclist.c:438
-msgid ""
-"No certificates with undefined trust found.\n"
-"\n"
-msgstr ""
-"Hittade inga certifikat med odefinierat tillitv�rde\n"
-"\n"
-
-#: g10/pkclist.c:440
-msgid ""
-"No trust values changed.\n"
-"\n"
-msgstr ""
-"Inga tillitsv�rden �ndrade.\n"
-"\n"
-
-#: g10/pkclist.c:458
+#: g10/pkclist.c:399
 #, c-format
 msgid "key %08lX: key has been revoked!\n"
 msgstr "nyckeln %08lX: nyckeln har �terkallats!\n"
 
-#: g10/pkclist.c:465 g10/pkclist.c:477 g10/pkclist.c:599
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
 msgid "Use this key anyway? "
 msgstr "Vill du anv�nda nyckeln trots det? "
 
-#: g10/pkclist.c:470
+#: g10/pkclist.c:411
 #, c-format
 msgid "key %08lX: subkey has been revoked!\n"
 msgstr "nyckeln %08lX: en undernyckel har �terkallats!\n"
 
-#: g10/pkclist.c:513
+#: g10/pkclist.c:432
 #, c-format
 msgid "%08lX: key has expired\n"
 msgstr "%08lX: nyckeln har blivit f�r gammal\n"
 
-#: g10/pkclist.c:519
-#, c-format
-msgid "%08lX: no info to calculate a trust probability\n"
-msgstr "%08lX: det finns ingen information f�r att ber�kna ett tillitv�rde\n"
+#: g10/pkclist.c:442
+#, fuzzy, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"         Det finns inget som indikerar att signaturen tillh�r �garen.\n"
 
-#: g10/pkclist.c:534
+#: g10/pkclist.c:448
 #, c-format
 msgid "%08lX: We do NOT trust this key\n"
 msgstr "%08lX: Vi litar INTE p� denna nyckel\n"
 
-#: g10/pkclist.c:540
+#: g10/pkclist.c:454
 #, c-format
 msgid ""
 "%08lX: It is not sure that this key really belongs to the owner\n"
@@ -1163,15 +1306,15 @@ msgstr ""
 "%08lX: Det �r inte s�kert att denna nyckel verkligen tillh�r �garen\n"
 "men den accepteras trots detta\n"
 
-#: g10/pkclist.c:546
+#: g10/pkclist.c:460
 msgid "This key probably belongs to the owner\n"
 msgstr "Denna nyckel tillh�r sannolikt �garen\n"
 
-#: g10/pkclist.c:551
+#: g10/pkclist.c:465
 msgid "This key belongs to us\n"
 msgstr "Denna nyckel tillh�r oss\n"
 
-#: g10/pkclist.c:594
+#: g10/pkclist.c:507
 msgid ""
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
@@ -1182,171 +1325,198 @@ msgstr ""
 "*verkligen* vet vad du g�r, kan du svara ja p� n�sta fr�ga\n"
 "\n"
 
-#: g10/pkclist.c:608 g10/pkclist.c:631
+#: g10/pkclist.c:521 g10/pkclist.c:543
 msgid "WARNING: Using untrusted key!\n"
 msgstr "VARNING: Anv�nder en nyckel som inte �r betrodd!\n"
 
-#: g10/pkclist.c:652
+#: g10/pkclist.c:562
 msgid "WARNING: This key has been revoked by its owner!\n"
 msgstr "VARNING: Denna nyckel har �terkallats av sin �gare!\n"
 
-#: g10/pkclist.c:653
+#: g10/pkclist.c:563
 msgid "         This could mean that the signature is forgery.\n"
 msgstr "         Detta kan betyda att signaturen �r en f�rfalskning.\n"
 
-#: g10/pkclist.c:658
+#: g10/pkclist.c:569
 msgid "WARNING: This subkey has been revoked by its owner!\n"
 msgstr "VARNING: Denna undernyckel har �terkallats av sin �gare!\n"
 
-#: g10/pkclist.c:680
+#: g10/pkclist.c:574
+#, fuzzy
+msgid "Note: This key has been disabled.\n"
+msgstr "Denna nyckel har deaktiverats"
+
+#: g10/pkclist.c:579
 msgid "Note: This key has expired!\n"
 msgstr "Notera: Denna nyckel har g�tt ut!\n"
 
-#: g10/pkclist.c:688
+#: g10/pkclist.c:590
 msgid "WARNING: This key is not certified with a trusted signature!\n"
 msgstr "VARNING: Denna nyckel �r inte certifierad med en p�litlig signatur!\n"
 
-#: g10/pkclist.c:690
+#: g10/pkclist.c:592
 msgid ""
 "         There is no indication that the signature belongs to the owner.\n"
 msgstr ""
 "         Det finns inget som indikerar att signaturen tillh�r �garen.\n"
 
-#: g10/pkclist.c:707
+#: g10/pkclist.c:600
 msgid "WARNING: We do NOT trust this key!\n"
 msgstr "VARNING: Vi litar INTE p� denna nyckel!\n"
 
-#: g10/pkclist.c:708
+#: g10/pkclist.c:601
 msgid "         The signature is probably a FORGERY.\n"
 msgstr "         Signaturen �r sannolikt en F�RFALSKNING.\n"
 
-#: g10/pkclist.c:715
+#: g10/pkclist.c:609
 msgid ""
 "WARNING: This key is not certified with sufficiently trusted signatures!\n"
 msgstr ""
 "VARNING: Denna nyckel �r inte certifierad med signaturer med ett\n"
 "tillr�ckligt h�gt tillitsv�rde!\n"
 
-#: g10/pkclist.c:718
+#: g10/pkclist.c:611
 msgid "         It is not certain that the signature belongs to the owner.\n"
 msgstr "         Det �r inte s�kert att signaturen tillh�r �garen.\n"
 
-#: g10/pkclist.c:820 g10/pkclist.c:842 g10/pkclist.c:970 g10/pkclist.c:1016
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
 #, c-format
 msgid "%s: skipped: %s\n"
 msgstr "%s: %s �verhoppad\n"
 
-#: g10/pkclist.c:828 g10/pkclist.c:998
+#: g10/pkclist.c:723 g10/pkclist.c:911
 #, c-format
 msgid "%s: skipped: public key already present\n"
 msgstr "%s: hoppade �ver: publik nyckel finns redan\n"
 
-#: g10/pkclist.c:855
-msgid ""
-"You did not specify a user ID. (you may use \"-r\")\n"
-"\n"
+#: g10/pkclist.c:752
+#, fuzzy
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
 msgstr "Du specificerade ingen anv�ndaridentitet. (du kan anv�nda \"-r\")\n"
 
-#: g10/pkclist.c:865
-msgid "Enter the user ID: "
-msgstr "Ange anv�ndaridentiteten: "
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
 
-#: g10/pkclist.c:877
+#: g10/pkclist.c:776
 msgid "No such user ID.\n"
 msgstr "Hittade inte anv�ndaridentiteten.\n"
 
-#: g10/pkclist.c:883
+#: g10/pkclist.c:781 g10/pkclist.c:857
 msgid "skipped: public key already set as default recipient\n"
 msgstr ""
 "hoppade �ver: den publika nyckeln �r redan satt som f�rvald mottagare\n"
 
-#: g10/pkclist.c:906
+#: g10/pkclist.c:799
 msgid "Public key is disabled.\n"
 msgstr "Den publika nyckeln �r deaktiverad\n"
 
-#: g10/pkclist.c:913
-msgid "skipped: public key already set with --encrypt-to\n"
-msgstr "hoppade �ver: publik nyckel �r redan angiven med --encrypt-to\n"
+#: g10/pkclist.c:806
+#, fuzzy
+msgid "skipped: public key already set\n"
+msgstr "%s: hoppade �ver: publik nyckel finns redan\n"
 
-#: g10/pkclist.c:944
+#: g10/pkclist.c:849
 #, c-format
 msgid "unknown default recipient `%s'\n"
 msgstr "den f�rvalda mottagaren \"%s\" �r ok�nd\n"
 
-#: g10/pkclist.c:979
-#, c-format
-msgid "%s: error checking key: %s\n"
-msgstr "%s: fel vid kontroll av nyckeln: %s\n"
-
-#: g10/pkclist.c:984
+#: g10/pkclist.c:893
 #, c-format
 msgid "%s: skipped: public key is disabled\n"
 msgstr "%s: hoppade �ver: den publika nyckeln �r deaktiverad\n"
 
-#: g10/pkclist.c:1022
+#: g10/pkclist.c:943
 msgid "no valid addressees\n"
 msgstr "inga giltiga adresser\n"
 
-#: g10/keygen.c:179
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr ""
+
+#: g10/keygen.c:187
+#, fuzzy, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "hoppade �ver \"%s\": kopia\n"
+
+#: g10/keygen.c:192
+#, fuzzy, c-format
+msgid "too many `%c' preferences\n"
+msgstr "skriv ut inst�llningar"
+
+#: g10/keygen.c:257
+#, fuzzy
+msgid "invalid character in preference string\n"
+msgstr "Ogiltigt tecken i namnet\n"
+
+#: g10/keygen.c:399
 msgid "writing self signature\n"
 msgstr "skriver sj�lvsignatur\n"
 
-#: g10/keygen.c:217
+#: g10/keygen.c:443
 msgid "writing key binding signature\n"
 msgstr "skriver signatur knuten till nyckeln\n"
 
-#: g10/keygen.c:311 g10/keygen.c:421 g10/keygen.c:531
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
 #, c-format
 msgid "keysize invalid; using %u bits\n"
 msgstr "ogiltig nyckelstorlek; anv�nder %u bitar\n"
 
-#: g10/keygen.c:316 g10/keygen.c:426 g10/keygen.c:536
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
 #, c-format
 msgid "keysize rounded up to %u bits\n"
 msgstr "nyckelstorleken avrundad upp�t till %u bitar\n"
 
-#: g10/keygen.c:635
+#: g10/keygen.c:777
 msgid "Please select what kind of key you want:\n"
 msgstr "V�lj vilken typ av nyckel du vill ha:\n"
 
-#: g10/keygen.c:637
+#: g10/keygen.c:779
 #, c-format
 msgid "   (%d) DSA and ElGamal (default)\n"
 msgstr "   (%d) DSA och ElGamal (standardvalet)\n"
 
-#: g10/keygen.c:638
+#: g10/keygen.c:780
 #, c-format
 msgid "   (%d) DSA (sign only)\n"
 msgstr "   (%d) DSA (endast signering)\n"
 
-#: g10/keygen.c:640
+#: g10/keygen.c:782
 #, c-format
 msgid "   (%d) ElGamal (encrypt only)\n"
 msgstr "   (%d) ElGamal (endast kryptering)\n"
 
-#: g10/keygen.c:641
+#: g10/keygen.c:783
 #, c-format
 msgid "   (%d) ElGamal (sign and encrypt)\n"
 msgstr "   (%d) ElGamal (signering och kryptering)\n"
 
-#: g10/keygen.c:643
+#: g10/keygen.c:784
 #, fuzzy, c-format
-msgid "   (%d) RSA (sign and encrypt)\n"
-msgstr "   (%d) ElGamal (signering och kryptering)\n"
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) DSA (endast signering)\n"
 
-#: g10/keygen.c:647
+#: g10/keygen.c:786
+#, fuzzy, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) ElGamal (endast kryptering)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
 msgid "Your selection? "
 msgstr "Vad v�ljer du? "
 
-#: g10/keygen.c:658 g10/keygen.c:666
-msgid "Do you really want to create a sign and encrypt key? "
-msgstr "Vill du verkligen skapa en nyckel f�r signering och kryptering? "
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "Anv�ndanadet av denna algoritm �r f�rlegat - skapa �nd�? "
 
-#: g10/keygen.c:680
+#: g10/keyedit.c:529 g10/keygen.c:823
 msgid "Invalid selection.\n"
 msgstr "Felaktigt val.\n"
 
-#: g10/keygen.c:692
+#: g10/keygen.c:836
 #, c-format
 msgid ""
 "About to generate a new %s keypair.\n"
@@ -1359,22 +1529,22 @@ msgstr ""
 "              den f�rvalda nyckelstorleken �r 1024 bitar\n"
 "    den st�rsta f�reslagna nyckelstorleken �r 2048 bitar\n"
 
-#: g10/keygen.c:699
+#: g10/keygen.c:845
 msgid "What keysize do you want? (1024) "
 msgstr "Vilken nyckelstorlek vill du ha? (1024) "
 
-#: g10/keygen.c:704
+#: g10/keygen.c:850
 msgid "DSA only allows keysizes from 512 to 1024\n"
 msgstr "DSA till�ter bara nyckelstorlekar fr�n 512 till 1024\n"
 
-#: g10/keygen.c:706
-msgid "keysize too small; 768 is smallest value allowed.\n"
-msgstr "nyckelstorleken �r f�r liten; 768 �r det minst till�tna v�rdet.\n"
-
-#: g10/keygen.c:708
-#, fuzzy
+#: g10/keygen.c:852
 msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
-msgstr "nyckelstorleken �r f�r liten; 768 �r det minst till�tna v�rdet.\n"
+msgstr ""
+"nyckelstorleken �r f�r liten; 1024 �r det minsta till�tna v�rdet f�r RSA.\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr "nyckelstorleken �r f�r liten; 768 �r det minsta till�tna v�rdet.\n"
 
 #. It is ridiculous and an annoyance to use larger key sizes!
 #. * GnuPG can handle much larger sizes; but it takes an eternity
@@ -1384,12 +1554,12 @@ msgstr "nyckelstorleken �r f�r liten; 768 �r det minst till�tna v�rdet.\n"
 #. * So, before you complain about this limitation, I suggest that
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
-#: g10/keygen.c:719
+#: g10/keygen.c:866
 #, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
 msgstr "nyckelstorleken �r f�r stor; %d �r det st�rsta till�tna v�rdet\n"
 
-#: g10/keygen.c:724
+#: g10/keygen.c:871
 msgid ""
 "Keysizes larger than 2048 are not suggested because\n"
 "computations take REALLY long!\n"
@@ -1397,11 +1567,11 @@ msgstr ""
 "Nyckelstorlekar st�rre �n 2048 �r inte att rekommendera\n"
 "eftersom ber�kningar tar MYCKET l�ng tid!\n"
 
-#: g10/keygen.c:727
+#: g10/keygen.c:874
 msgid "Are you sure that you want this keysize? "
 msgstr "�r du s�ker p� att du vill ha denna nyckelstorlek? "
 
-#: g10/keygen.c:728
+#: g10/keygen.c:875
 msgid ""
 "Okay, but keep in mind that your monitor and keyboard radiation is also very "
 "vulnerable to attacks!\n"
@@ -1409,22 +1579,18 @@ msgstr ""
 "Ok, men kom ih�g att din bildsk�rm och ditt tangentbord ocks� s�nder\n"
 "avsl�jande str�lning som kan avlyssnas!\n"
 
-#: g10/keygen.c:736
-msgid "Do you really need such a large keysize? "
-msgstr "Beh�ver du verkligen en s� stor nyckelstorlek? "
-
-#: g10/keygen.c:742
+#: g10/keygen.c:884
 #, c-format
 msgid "Requested keysize is %u bits\n"
 msgstr "Den efterfr�gade nyckelstorleken �r %u bitar\n"
 
-#: g10/keygen.c:745 g10/keygen.c:749
+#: g10/keygen.c:887 g10/keygen.c:891
 #, c-format
 msgid "rounded up to %u bits\n"
 msgstr "avrundade upp�t till %u bitar\n"
 
 # borde kolla upp m�jligheterna i k�llkoden att anv�nda v m � ist�llet f�r wmy
-#: g10/keygen.c:797
+#: g10/keygen.c:942
 msgid ""
 "Please specify how long the key should be valid.\n"
 "         0 = key does not expire\n"
@@ -1440,25 +1606,49 @@ msgstr ""
 "      <n>m = nyckeln blir ogiltig efter n m�nader\n"
 "      <n>y = nyckeln blir ogiltig efter n �r\n"
 
-#: g10/keygen.c:812
+# borde kolla upp m�jligheterna i k�llkoden att anv�nda v m � ist�llet f�r wmy
+#: g10/keygen.c:951
+#, fuzzy
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Specificera hur l�nge nyckeln skall vara giltig.\n"
+"         0 = nyckeln blir aldrig ogiltig\n"
+"      <n>  = nyckeln blir ogiltig efter n dagar\n"
+"      <n>w = nyckeln blir ogiltig efter n veckor\n"
+"      <n>m = nyckeln blir ogiltig efter n m�nader\n"
+"      <n>y = nyckeln blir ogiltig efter n �r\n"
+
+#: g10/keygen.c:973
 msgid "Key is valid for? (0) "
 msgstr "F�r hur l�ng tid �r nyckeln giltig? (0) "
 
-#: g10/keygen.c:817
+#: g10/keygen.c:975
+#, fuzzy
+msgid "Signature is valid for? (0) "
+msgstr "F�r hur l�ng tid �r nyckeln giltig? (0) "
+
+#: g10/keygen.c:980
 msgid "invalid value\n"
 msgstr "ogiltigt v�rde\n"
 
-#: g10/keygen.c:822
-msgid "Key does not expire at all\n"
+#: g10/keygen.c:985
+#, fuzzy, c-format
+msgid "%s does not expire at all\n"
 msgstr "Nyckeln g�r aldrig ut\n"
 
 #. print the date when the key expires
-#: g10/keygen.c:828
-#, c-format
-msgid "Key expires at %s\n"
+#: g10/keygen.c:992
+#, fuzzy, c-format
+msgid "%s expires at %s\n"
 msgstr "Nyckeln g�r ut vid f�ljande tidpunkt: %s\n"
 
-#: g10/keygen.c:831
+#: g10/keygen.c:998
 msgid ""
 "Your system can't display dates beyond 2038.\n"
 "However, it will be correctly handled up to 2106.\n"
@@ -1466,11 +1656,11 @@ msgstr ""
 "Ditt system kan inte visa datum senare �n �r 2038.\n"
 "Datum fram till �r 2106 kommer dock att hanteras korrekt.\n"
 
-#: g10/keygen.c:836
+#: g10/keygen.c:1003
 msgid "Is this correct (y/n)? "
 msgstr "St�mmer detta (j/n)? "
 
-#: g10/keygen.c:879
+#: g10/keygen.c:1046
 msgid ""
 "\n"
 "You need a User-ID to identify your key; the software constructs the user "
@@ -1486,44 +1676,44 @@ msgstr ""
 "     \"Gustav Vasa (Brutal kung) <[email protected]>\"\n"
 "\n"
 
-#: g10/keygen.c:891
+#: g10/keygen.c:1058
 msgid "Real name: "
 msgstr "Namn: "
 
-#: g10/keygen.c:899
+#: g10/keygen.c:1066
 msgid "Invalid character in name\n"
 msgstr "Ogiltigt tecken i namnet\n"
 
-#: g10/keygen.c:901
+#: g10/keygen.c:1068
 msgid "Name may not start with a digit\n"
 msgstr "Namnet f�r inte b�rja med en siffra\n"
 
-#: g10/keygen.c:903
+#: g10/keygen.c:1070
 msgid "Name must be at least 5 characters long\n"
 msgstr "Namnet m�ste vara �tminstone 5 tecken l�ngt\n"
 
-#: g10/keygen.c:911
+#: g10/keygen.c:1078
 msgid "Email address: "
 msgstr "Epostadress: "
 
-#: g10/keygen.c:922
+#: g10/keygen.c:1089
 msgid "Not a valid email address\n"
 msgstr "Epostadressen �r ogiltig\n"
 
-#: g10/keygen.c:930
+#: g10/keygen.c:1097
 msgid "Comment: "
 msgstr "Kommentar: "
 
-#: g10/keygen.c:936
+#: g10/keygen.c:1103
 msgid "Invalid character in comment\n"
 msgstr "Ogiltigt tecken i kommentaren\n"
 
-#: g10/keygen.c:961
+#: g10/keygen.c:1126
 #, c-format
 msgid "You are using the `%s' character set.\n"
 msgstr "Du anv�nder teckenupps�ttningen \"%s\"\n"
 
-#: g10/keygen.c:967
+#: g10/keygen.c:1132
 #, c-format
 msgid ""
 "You selected this USER-ID:\n"
@@ -1534,28 +1724,28 @@ msgstr ""
 "    \"%s\"\n"
 "\n"
 
-#: g10/keygen.c:971
+#: g10/keygen.c:1136
 msgid "Please don't put the email address into the real name or the comment\n"
 msgstr "Ange inte epostadressen som namn eller kommentar\n"
 
-#: g10/keygen.c:976
+#: g10/keygen.c:1141
 msgid "NnCcEeOoQq"
 msgstr "NnKkEeOoAa"
 
-#: g10/keygen.c:986
+#: g10/keygen.c:1151
 msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
 msgstr "�ndra (N)amn, (K)ommentar, (E)post eller (A)vsluta? "
 
-#: g10/keygen.c:987
+#: g10/keygen.c:1152
 msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
 msgstr "�ndra (N)amn, (K)ommentar, (E)post eller (O)k/(A)vsluta? "
 
-#: g10/keygen.c:1006
+#: g10/keygen.c:1171
 msgid "Please correct the error first\n"
 msgstr "R�tta f�rst felet\n"
 
 # fel kapitalisering i originalet?
-#: g10/keygen.c:1044
+#: g10/keygen.c:1210
 msgid ""
 "You need a Passphrase to protect your secret key.\n"
 "\n"
@@ -1563,11 +1753,17 @@ msgstr ""
 "Du beh�ver en l�senordsfras f�r att skydda din hemliga nyckel\n"
 "\n"
 
-#: g10/keyedit.c:463 g10/keygen.c:1052
-msgid "passphrase not correctly repeated; try again.\n"
+#: g10/keyedit.c:701 g10/keygen.c:1218
+#, fuzzy
+msgid "passphrase not correctly repeated; try again"
 msgstr "l�senordsfrasen upprepades ej korrekt; f�rs�k igen.\n"
 
-#: g10/keygen.c:1058
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr ""
+
+#: g10/keygen.c:1225
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "I will do it anyway.  You can change your passphrase at any time,\n"
@@ -1578,7 +1774,7 @@ msgstr ""
 "Jag kommer att g�ra det �nd�. Du kan �ndra din l�senordsfras n�rsomhelst\n"
 "om du anv�nder detta program med flaggan \"--edit-key\".\n"
 
-#: g10/keygen.c:1079
+#: g10/keygen.c:1246
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
@@ -1590,29 +1786,54 @@ msgstr ""
 "h�rddisken) under primtalsgenereringen; detta ger slumptalsgeneratorn\n"
 "en st�rre chans att samla ihop en tillr�cklig m�ngd entropi.\n"
 
-#: g10/keygen.c:1528
+#: g10/keygen.c:1741
 msgid "DSA keypair will have 1024 bits.\n"
 msgstr "DSA-nyckelparet kommer att ha 1024 bitar.\n"
 
-#: g10/keygen.c:1571
+#: g10/keygen.c:1795
 msgid "Key generation canceled.\n"
 msgstr "Skapandet av nycklar avbr�ts.\n"
 
-#: g10/keygen.c:1668
+#: g10/keygen.c:1883 g10/keygen.c:1963
 #, c-format
 msgid "writing public key to `%s'\n"
 msgstr "skriver publik nyckel till \"%s\"\n"
 
-#: g10/keygen.c:1669
+#: g10/keygen.c:1884 g10/keygen.c:1965
 #, c-format
 msgid "writing secret key to `%s'\n"
 msgstr "skriver hemlig nyckel till \"%s\"\n"
 
-#: g10/keygen.c:1761
+#: g10/keygen.c:1952
+#, fuzzy, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "nyckel %08lX: hittade ingen publik nyckel: %s\n"
+
+#: g10/keygen.c:1958
+#, fuzzy, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "nyckel %08lX: hittade inte den hemliga nyckeln: %s\n"
+
+#: g10/keygen.c:1972
+#, fuzzy, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "fel vid skrivning av nyckelringen \"%s\": %s\n"
+
+#: g10/keygen.c:1979
+#, fuzzy, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "fel vid skrivning av nyckelringen \"%s\": %s\n"
+
+#: g10/keygen.c:1999
 msgid "public and secret key created and signed.\n"
 msgstr "publik och hemlig nyckel skapad och signerad.\n"
 
-#: g10/keygen.c:1766
+#: g10/keygen.c:2000
+#, fuzzy
+msgid "key marked as ultimately trusted.\n"
+msgstr "Certifikat som leder till en p�litlig nyckel:\n"
+
+#: g10/keygen.c:2011
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
@@ -1621,13 +1842,13 @@ msgstr ""
 "att vilja anv�nda kommandot \"--edit-key\" f�r att generera en sekund�r\n"
 "nyckel f�r detta syfte.\n"
 
-#: g10/keygen.c:1779 g10/keygen.c:1880
+#: g10/keygen.c:2023 g10/keygen.c:2131
 #, c-format
 msgid "Key generation failed: %s\n"
 msgstr "Nyckelgenereringen misslyckades: %s\n"
 
 # c-format beh�vs inte i singularis
-#: g10/keygen.c:1823 g10/sig-check.c:297 g10/sign.c:169
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
 #, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
@@ -1635,7 +1856,7 @@ msgstr ""
 "nyckeln �r skapad %lu sekund in i framtiden (problemet �r\n"
 "relaterat till tidsresande eller en felst�lld klocka)\n"
 
-#: g10/keygen.c:1825 g10/sig-check.c:299 g10/sign.c:171
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
 #, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
@@ -1643,307 +1864,361 @@ msgstr ""
 "nyckeln �r skapad %lu sekunder in i framtiden (problemet �r\n"
 "relaterat till tidsresande eller en felst�lld klocka)\n"
 
-#: g10/keygen.c:1858
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr "OSERVERA: att skapa undernycklar till v3-nycklar bryter mot OpenPGP\n"
+
+#: g10/keygen.c:2107
 msgid "Really create? "
 msgstr "Vill du verkligen skapa? "
 
-#: g10/encode.c:142 g10/openfile.c:179 g10/openfile.c:289 g10/tdbio.c:454
-#: g10/tdbio.c:515
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr ""
+
+#: g10/encode.c:92 g10/encode.c:296
+#, fuzzy, c-format
+msgid "`%s' already compressed\n"
+msgstr "%lu nycklar behandlade\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
 #, c-format
 msgid "%s: can't open: %s\n"
 msgstr "%s: kan inte �ppna: %s\n"
 
-#: g10/encode.c:164
+#: g10/encode.c:122 g10/sign.c:959
 #, c-format
 msgid "error creating passphrase: %s\n"
 msgstr "fel vid skapandet av l�senordsfras: %s\n"
 
-#: g10/encode.c:222 g10/encode.c:354
+#: g10/encode.c:185 g10/encode.c:383
 #, c-format
 msgid "%s: WARNING: empty file\n"
 msgstr "%s: VARNING: tom fil\n"
 
-#: g10/encode.c:320
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+
+#: g10/encode.c:313
 #, c-format
 msgid "reading from `%s'\n"
 msgstr "l�ser fr�n \"%s\"\n"
 
-#: g10/encode.c:527
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr ""
+
+#: g10/encode.c:563
 #, c-format
 msgid "%s/%s encrypted for: %s\n"
 msgstr "%s/%s krypterad f�r: %s\n"
 
-#: g10/delkey.c:64 g10/export.c:153 g10/keyedit.c:94
-#, c-format
-msgid "%s: user not found: %s\n"
-msgstr "%s: hittade inte anv�ndaren: %s\n"
+#: g10/delkey.c:69 g10/export.c:141
+#, fuzzy, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "anv�ndaren \"%s\" hittades inte: %s\n"
+
+#: g10/delkey.c:77 g10/export.c:161
+#, fuzzy, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "fel vid l�sning av \"%s\": %s\n"
 
-#: g10/export.c:164
+#: g10/export.c:169
 #, c-format
 msgid "key %08lX: not a rfc2440 key - skipped\n"
 msgstr "nyckeln %08lX f�ljer inte standarden RFC2440 - �verhoppad\n"
 
-#: g10/export.c:175
+#: g10/export.c:180
 #, c-format
 msgid "key %08lX: not protected - skipped\n"
 msgstr "nyckeln %08lX �r inte skyddad - �verhoppad\n"
 
-#: g10/export.c:225
+#: g10/export.c:188
+#, fuzzy, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "nyckeln %08lX: ny nyckel - �verhoppad\n"
+
+#: g10/export.c:255
 msgid "WARNING: nothing exported\n"
 msgstr "VARNING: exporterade ingenting\n"
 
-#: g10/getkey.c:212
+#: g10/getkey.c:151
 msgid "too many entries in pk cache - disabled\n"
 msgstr "f�r m�nga poster i pk-cachen - inaktiverad\n"
 
-#: g10/getkey.c:445
-msgid "too many entries in unk cache - disabled\n"
-msgstr "f�r m�nga poster i unk-cachen - inaktiverad\n"
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[Hittade inte anv�ndaridentiteten]"
 
-#: g10/getkey.c:2189
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+
+#: g10/getkey.c:1989
 #, c-format
 msgid "using secondary key %08lX instead of primary key %08lX\n"
 msgstr "anv�nder sekund�ra nyckeln %08lX ist�llet f�r prim�rnyckeln %08lX\n"
 
-#: g10/getkey.c:2230 g10/trustdb.c:578
+#: g10/getkey.c:2036
 #, c-format
 msgid "key %08lX: secret key without public key - skipped\n"
 msgstr "nyckel %08lX: hemlig nyckel utan publik nyckel - hoppade �ver\n"
 
-#: g10/getkey.c:2513
-#, fuzzy
-msgid "[User id not found]"
-msgstr "%s: hittade inte anv�ndaren\n"
-
-#: g10/import.c:182
+#: g10/import.c:206
 #, c-format
 msgid "skipping block of type %d\n"
 msgstr "hoppar �ver block av typen %d\n"
 
-#: g10/import.c:189 g10/trustdb.c:1817 g10/trustdb.c:1858
+#: g10/import.c:213
 #, c-format
 msgid "%lu keys so far processed\n"
 msgstr "har behandlat %lu nycklar hittills\n"
 
-#: g10/import.c:194
+#: g10/import.c:218
 #, c-format
 msgid "error reading `%s': %s\n"
 msgstr "fel vid l�sning av \"%s\": %s\n"
 
-#: g10/import.c:204
+#: g10/import.c:230
 #, c-format
 msgid "Total number processed: %lu\n"
 msgstr "  Totalt antal behandlade enheter: %lu\n"
 
-#: g10/import.c:206
-#, fuzzy, c-format
+#: g10/import.c:232
+#, c-format
 msgid "      skipped new keys: %lu\n"
-msgstr "                 nya undernycklar: %lu\n"
+msgstr "          �verhoppade nya nycklar: %lu\n"
 
-#: g10/import.c:209
+#: g10/import.c:235
 #, c-format
 msgid "          w/o user IDs: %lu\n"
 msgstr "         utan anv�ndaridentiteter: %lu\n"
 
-#: g10/import.c:211
+#: g10/import.c:237
 #, c-format
 msgid "              imported: %lu"
 msgstr "                      importerade: %lu"
 
-#: g10/import.c:217
+#: g10/import.c:243
 #, c-format
 msgid "             unchanged: %lu\n"
 msgstr "                      of�r�ndrade: %lu\n"
 
-#: g10/import.c:219
+#: g10/import.c:245
 #, c-format
 msgid "          new user IDs: %lu\n"
 msgstr "          nya anv�ndaridentiteter: %lu\n"
 
-#: g10/import.c:221
+#: g10/import.c:247
 #, c-format
 msgid "           new subkeys: %lu\n"
 msgstr "                 nya undernycklar: %lu\n"
 
-#: g10/import.c:223
+#: g10/import.c:249
 #, c-format
 msgid "        new signatures: %lu\n"
 msgstr "                   nya signaturer: %lu\n"
 
-#: g10/import.c:225
+#: g10/import.c:251
 #, c-format
 msgid "   new key revocations: %lu\n"
 msgstr "     nya �terkallelser av nycklar: %lu\n"
 
-#: g10/import.c:227
+#: g10/import.c:253
 #, c-format
 msgid "      secret keys read: %lu\n"
 msgstr "      antal l�sta hemliga nycklar: %lu\n"
 
-#: g10/import.c:229
+#: g10/import.c:255
 #, c-format
 msgid "  secret keys imported: %lu\n"
 msgstr "antal importerade hemliga nycklar: %lu\n"
 
-#: g10/import.c:231
+#: g10/import.c:257
 #, c-format
 msgid " secret keys unchanged: %lu\n"
 msgstr "antal of�r�ndrade hemliga nycklar: %lu\n"
 
-#: g10/import.c:389 g10/import.c:568
+#: g10/import.c:438 g10/import.c:657
 #, c-format
 msgid "key %08lX: no user ID\n"
 msgstr "nyckel %08lX: ingen anv�ndaridentitet\n"
 
-#: g10/import.c:403
+# vad inneb�r fnutten i slutet?
+#: g10/import.c:455
+#, fuzzy, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "nyckel %08lX: accepterade icke sj�lvsignerad anv�ndaridentitet '"
+
+#: g10/import.c:462
 #, c-format
 msgid "key %08lX: no valid user IDs\n"
 msgstr "nyckel %08lX: inga giltiga anv�ndaridentiteter\n"
 
-#: g10/import.c:405
+#: g10/import.c:464
 msgid "this may be caused by a missing self-signature\n"
 msgstr "detta kan bero p� att det saknas en sj�lvsignatur\n"
 
-#: g10/import.c:416 g10/import.c:624
+#: g10/import.c:474 g10/import.c:726
 #, c-format
 msgid "key %08lX: public key not found: %s\n"
 msgstr "nyckel %08lX: hittade ingen publik nyckel: %s\n"
 
-#: g10/import.c:421
-#, fuzzy, c-format
+#: g10/import.c:479
+#, c-format
 msgid "key %08lX: new key - skipped\n"
-msgstr "nyckeln %08lX f�ljer inte standarden RFC2440 - �verhoppad\n"
+msgstr "nyckeln %08lX: ny nyckel - �verhoppad\n"
+
+#: g10/import.c:489
+#, fuzzy, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "fel vid skrivning av nyckelringen \"%s\": %s\n"
 
-#: g10/import.c:429 g10/openfile.c:231 g10/sign.c:440 g10/sign.c:695
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
 #, c-format
 msgid "writing to `%s'\n"
 msgstr "skriver till \"%s\"\n"
 
-#: g10/import.c:433 g10/import.c:480 g10/import.c:578 g10/import.c:667
-#, fuzzy, c-format
-msgid "error writing key: %s\n"
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
 msgstr "fel vid skrivning av nyckelringen \"%s\": %s\n"
 
-#: g10/import.c:436
+#: g10/import.c:505
 #, c-format
 msgid "key %08lX: public key imported\n"
 msgstr "nyckel %08lX: importerade publik nyckel\n"
 
-#: g10/import.c:453
+#: g10/import.c:524
 #, c-format
 msgid "key %08lX: doesn't match our copy\n"
 msgstr "nyckel %08lX: matchar inte v�r lokala kopia\n"
 
-#: g10/import.c:462 g10/import.c:632
+#: g10/import.c:542 g10/import.c:743
 #, c-format
 msgid "key %08lX: can't locate original keyblock: %s\n"
 msgstr "nyckel %08lX: kan inte hitta det ursprungliga nyckelblocket: %s\n"
 
-#: g10/import.c:484
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "nyckel %08lX: kan inte l�sa det ursprungliga nyckelblocket %s\n"
+
+#: g10/import.c:579
 #, c-format
 msgid "key %08lX: 1 new user ID\n"
 msgstr "nyckel %08lX: 1 ny anv�ndaridentitet\n"
 
-#: g10/import.c:487
+#: g10/import.c:582
 #, c-format
 msgid "key %08lX: %d new user IDs\n"
 msgstr "nyckel %08lX: %d nya anv�ndaridentiteter\n"
 
-#: g10/import.c:490
+#: g10/import.c:585
 #, c-format
 msgid "key %08lX: 1 new signature\n"
 msgstr "nyckel %08lX: 1 ny signatur\n"
 
-#: g10/import.c:493
+#: g10/import.c:588
 #, c-format
 msgid "key %08lX: %d new signatures\n"
 msgstr "nyckel %08lX: %d nya signaturer\n"
 
-#: g10/import.c:496
+#: g10/import.c:591
 #, c-format
 msgid "key %08lX: 1 new subkey\n"
 msgstr "nyckel %08lX: 1 ny undernyckel\n"
 
-#: g10/import.c:499
+#: g10/import.c:594
 #, c-format
 msgid "key %08lX: %d new subkeys\n"
 msgstr "nyckel %08lX: %d nya undernycklar\n"
 
-#: g10/import.c:509
+#: g10/import.c:604
 #, c-format
 msgid "key %08lX: not changed\n"
 msgstr "nyckel %08lX: inte f�r�ndrad\n"
 
-#: g10/import.c:581
+#: g10/import.c:671
+#, fuzzy, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "ingen f�rvald publik nyckel\n"
+
+#: g10/import.c:682
 #, c-format
 msgid "key %08lX: secret key imported\n"
 msgstr "nyckel %08lX: den hemliga nyckeln �r importerad\n"
 
 #. we can't merge secret keys
-#: g10/import.c:585
+#: g10/import.c:686
 #, c-format
 msgid "key %08lX: already in secret keyring\n"
 msgstr "nyckel %08lX: finns redan i den hemliga nyckelringen\n"
 
-#: g10/import.c:590
+#: g10/import.c:691
 #, c-format
 msgid "key %08lX: secret key not found: %s\n"
 msgstr "nyckel %08lX: hittade inte den hemliga nyckeln: %s\n"
 
-#: g10/import.c:618
+#: g10/import.c:720
 #, c-format
 msgid "key %08lX: no public key - can't apply revocation certificate\n"
 msgstr ""
 "nyckel %08lX: ingen publik nyckel - kan inte till�mpa "
 "�terkallelsecertifikatet\n"
 
-#: g10/import.c:643
+#: g10/import.c:760
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
 msgstr "nyckel %08lX: ogiltigt �terkallelsecertifikat: %s - avvisat\n"
 
-#: g10/import.c:670
+#: g10/import.c:791
 #, c-format
 msgid "key %08lX: revocation certificate imported\n"
 msgstr "nyckel %08lX: �terkallelsecertifikat importerat\n"
 
-#: g10/import.c:712
+#: g10/import.c:826
 #, c-format
 msgid "key %08lX: no user ID for signature\n"
 msgstr "nyckel %08lX: ingen anv�ndaridentitet f�r signaturen\n"
 
-#: g10/import.c:719 g10/import.c:743
-#, c-format
-msgid "key %08lX: unsupported public key algorithm\n"
+#: g10/import.c:839
+#, fuzzy, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
 msgstr "nyckel %08lX: algoritmen f�r publik nyckel ej st�dd\n"
 
-#: g10/import.c:720
-#, c-format
-msgid "key %08lX: invalid self-signature\n"
+#: g10/import.c:841
+#, fuzzy, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
 msgstr "nyckel %08lX: ogiltig sj�lvsignatur\n"
 
-#: g10/import.c:735
+#: g10/import.c:858
 #, c-format
 msgid "key %08lX: no subkey for key binding\n"
 msgstr "nyckel %08lX: ingen undernyckel f�r nyckelbindning\n"
 
-#: g10/import.c:744
+#: g10/import.c:868
 #, c-format
-msgid "key %08lX: invalid subkey binding\n"
-msgstr "nyckel %08lX: ogiltig undernyckelbindning\n"
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "nyckel %08lX: algoritmen f�r publik nyckel ej st�dd\n"
 
-# vad inneb�r fnutten i slutet?
-#: g10/import.c:771
+#: g10/import.c:869
 #, c-format
-msgid "key %08lX: accepted non self-signed user ID '"
-msgstr "nyckel %08lX: accepterade icke sj�lvsignerad anv�ndaridentitet '"
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "nyckel %08lX: ogiltig undernyckelbindning\n"
 
-#: g10/import.c:800
+#: g10/import.c:899
 #, c-format
 msgid "key %08lX: skipped user ID '"
 msgstr "nyckel %08lX: hoppade �ver anv�ndaridentitet '"
 
-#: g10/import.c:823
+#: g10/import.c:922
 #, c-format
 msgid "key %08lX: skipped subkey\n"
 msgstr "nyckel %08lX: hoppade �ver undernyckel\n"
@@ -1952,93 +2227,184 @@ msgstr "nyckel %08lX: hoppade �ver undernyckel\n"
 #. * to import non-exportable signature when we have the
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
-#: g10/import.c:848
+#: g10/import.c:945
 #, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
 msgstr "nyckel %08lX: icke exporterbar signatur (klass %02x) - hoppade �ver\n"
 
-#: g10/import.c:857
+#: g10/import.c:954
 #, c-format
 msgid "key %08lX: revocation certificate at wrong place - skipped\n"
 msgstr "nyckel %08lX: �terkallelsecertifikat p� fel plats - hoppade �ver\n"
 
-#: g10/import.c:865
+#: g10/import.c:971
 #, c-format
 msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
 msgstr "nyckel %08lX: felaktigt �terkallelsecertifikat: %s - hoppade �ver\n"
 
-#: g10/import.c:965
+#: g10/import.c:1072
 #, c-format
 msgid "key %08lX: duplicated user ID detected - merged\n"
 msgstr "nyckel %08lX: anv�ndaridentitet hittades tv� g�nger - slog ihop\n"
 
-#: g10/import.c:1016
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+
+#: g10/import.c:1201
 #, c-format
 msgid "key %08lX: revocation certificate added\n"
 msgstr "nyckel %08lX: lade till �terkallelsecertifikat\n"
 
-#: g10/import.c:1130 g10/import.c:1183
-#, c-format
-msgid "key %08lX: our copy has no self-signature\n"
-msgstr "nyckel %08lX: v�r kopia har ingen sj�lvsignatur\n"
+#: g10/import.c:1231
+#, fuzzy, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "nyckel %08lX: %d nya signaturer\n"
 
-#: g10/keyedit.c:150
+#: g10/keyedit.c:142
 msgid "[revocation]"
 msgstr "[�terkallelse]"
 
-#: g10/keyedit.c:151
+#: g10/keyedit.c:143
 msgid "[self-signature]"
 msgstr "[sj�lvsignatur]"
 
-#: g10/keyedit.c:215
+#: g10/keyedit.c:214 g10/keylist.c:139
 msgid "1 bad signature\n"
 msgstr "1 felaktig signatur\n"
 
-#: g10/keyedit.c:217
+#: g10/keyedit.c:216 g10/keylist.c:141
 #, c-format
 msgid "%d bad signatures\n"
 msgstr "%d felaktiga signaturer\n"
 
-#: g10/keyedit.c:219
+#: g10/keyedit.c:218 g10/keylist.c:143
 msgid "1 signature not checked due to a missing key\n"
 msgstr "1 signatur verifierades inte eftersom nyckeln saknades\n"
 
-#: g10/keyedit.c:221
+#: g10/keyedit.c:220 g10/keylist.c:145
 #, c-format
 msgid "%d signatures not checked due to missing keys\n"
 msgstr "%d signaturer verifierades inte eftersom nycklar saknades\n"
 
-#: g10/keyedit.c:223
+#: g10/keyedit.c:222 g10/keylist.c:147
 msgid "1 signature not checked due to an error\n"
 msgstr "1 signatur verifierades inte eftersom ett fel uppstod\n"
 
-#: g10/keyedit.c:225
+#: g10/keyedit.c:224 g10/keylist.c:149
 #, c-format
 msgid "%d signatures not checked due to errors\n"
 msgstr "%d signaturer verifierades inte eftersom fel uppstod\n"
 
-#: g10/keyedit.c:227
+#: g10/keyedit.c:226
 msgid "1 user ID without valid self-signature detected\n"
 msgstr "1 anv�ndaridentitet utan giltig sj�lvsignatur hittades\n"
 
-#: g10/keyedit.c:229
+#: g10/keyedit.c:228
 #, c-format
 msgid "%d user IDs without valid self-signatures detected\n"
 msgstr "%d anv�ndaridentiteter utan giltig sj�lvsignatur hittades\n"
 
-#. Fixme: see whether there is a revocation in which
-#. * case we should allow to sign it again.
-#: g10/keyedit.c:311
+#: g10/keyedit.c:335
+#, fuzzy, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "Nyckeln �r skyddad.\n"
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+#, fuzzy
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "�r du s�ker p� att du vill ha denna nyckelstorlek? "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr ""
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
 #, c-format
-msgid "Already signed by key %08lX\n"
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+
+#: g10/keyedit.c:388
+#, fuzzy, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
 msgstr "Redan signerad av nyckeln %08lX\n"
 
-#: g10/keyedit.c:319
+#: g10/keyedit.c:393
+#, fuzzy, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "Redan signerad av nyckeln %08lX\n"
+
+#: g10/keyedit.c:405
 #, c-format
 msgid "Nothing to sign with key %08lX\n"
 msgstr "Det finns inget att signera med nyckeln %08lX\n"
 
-#: g10/keyedit.c:328
+#: g10/keyedit.c:420
+#, fuzzy
+msgid "This key has expired!"
+msgstr "Notera: Denna nyckel har g�tt ut!\n"
+
+#: g10/keyedit.c:440
+#, fuzzy, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Denna nyckel �r inte skyddad.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr ""
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr ""
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr ""
+
+#: g10/keyedit.c:535
 msgid ""
 "Are you really sure that you want to sign this key\n"
 "with your key: \""
@@ -2046,41 +2412,69 @@ msgstr ""
 "�r du verkligen s�ker p� att du vill signera denna nyckel\n"
 "med din nyckel: \""
 
-#: g10/keyedit.c:337
+#: g10/keyedit.c:544
+#, fuzzy
 msgid ""
+"\n"
 "The signature will be marked as non-exportable.\n"
+msgstr ""
+"Signaturen kommer att markeras som icke exporterbar.\n"
+"\n"
+
+#: g10/keyedit.c:548
+#, fuzzy
+msgid ""
 "\n"
+"The signature will be marked as non-revocable.\n"
 msgstr ""
 "Signaturen kommer att markeras som icke exporterbar.\n"
 "\n"
 
-#: g10/keyedit.c:342
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+
+#: g10/keyedit.c:569
 msgid "Really sign? "
 msgstr "Vill du verkligen signera? "
 
-#: g10/keyedit.c:368 g10/keyedit.c:1864 g10/keyedit.c:1926 g10/sign.c:193
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
 #, c-format
 msgid "signing failed: %s\n"
 msgstr "signeringen misslyckades: %s\n"
 
-#: g10/keyedit.c:422
+#: g10/keyedit.c:658
 msgid "This key is not protected.\n"
 msgstr "Denna nyckel �r inte skyddad.\n"
 
-#: g10/keyedit.c:426
+#: g10/keyedit.c:662
 msgid "Secret parts of primary key are not available.\n"
 msgstr "De hemliga delarna av den prim�ra nyckeln �r inte tillg�ngliga.\n"
 
-#: g10/keyedit.c:430
+#: g10/keyedit.c:666
 msgid "Key is protected.\n"
 msgstr "Nyckeln �r skyddad.\n"
 
-#: g10/keyedit.c:450
+#: g10/keyedit.c:686
 #, c-format
 msgid "Can't edit this key: %s\n"
 msgstr "Kan inte redigera denna nyckel: %s\n"
 
-#: g10/keyedit.c:455
+#: g10/keyedit.c:692
 msgid ""
 "Enter the new passphrase for this secret key.\n"
 "\n"
@@ -2088,7 +2482,7 @@ msgstr ""
 "Skriv in den nya l�senordsfrasen f�r denna hemliga nyckel.\n"
 "\n"
 
-#: g10/keyedit.c:467
+#: g10/keyedit.c:706
 msgid ""
 "You don't want a passphrase - this is probably a *bad* idea!\n"
 "\n"
@@ -2096,424 +2490,567 @@ msgstr ""
 "Du vill inte ha n�gon l�senordsfras - detta �r sannolikt en d�lig id�!\n"
 "\n"
 
-#: g10/keyedit.c:470
+#: g10/keyedit.c:709
 msgid "Do you really want to do this? "
 msgstr "Vill du verkligen g�ra detta? "
 
-#: g10/keyedit.c:534
+#: g10/keyedit.c:773
 msgid "moving a key signature to the correct place\n"
 msgstr "flyttar en nyckelsignatur till den r�tta platsen\n"
 
-#: g10/keyedit.c:575
+#: g10/keyedit.c:815
 msgid "quit this menu"
 msgstr "avsluta denna meny"
 
-#: g10/keyedit.c:576
+#: g10/keyedit.c:816
 msgid "q"
 msgstr "q"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save"
 msgstr "save"
 
-#: g10/keyedit.c:577
+#: g10/keyedit.c:817
 msgid "save and quit"
 msgstr "spara och avsluta"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "help"
 msgstr "help"
 
-#: g10/keyedit.c:578
+#: g10/keyedit.c:818
 msgid "show this help"
 msgstr "visa denna hj�lp"
 
 # skall dessa �vers�ttas?
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "fpr"
 msgstr "fpr"
 
-#: g10/keyedit.c:580
+#: g10/keyedit.c:820
 msgid "show fingerprint"
 msgstr "visa fingeravtryck"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list"
 msgstr "list"
 
-#: g10/keyedit.c:581
+#: g10/keyedit.c:821
 msgid "list key and user IDs"
 msgstr "r�kna upp nycklar och anv�ndaridentiteter"
 
-#: g10/keyedit.c:582
+#: g10/keyedit.c:822
 msgid "l"
 msgstr "l"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "uid"
 msgstr "uid"
 
-#: g10/keyedit.c:583
+#: g10/keyedit.c:823
 msgid "select user ID N"
 msgstr "v�lj anv�ndaridentitet N"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "key"
 msgstr "key"
 
-#: g10/keyedit.c:584
+#: g10/keyedit.c:824
 msgid "select secondary key N"
 msgstr "v�lj sekund�r nyckel N"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "check"
 msgstr "check"
 
-#: g10/keyedit.c:585
+#: g10/keyedit.c:825
 msgid "list signatures"
 msgstr "r�kna upp signaturer"
 
-#: g10/keyedit.c:586
+#: g10/keyedit.c:826
 msgid "c"
 msgstr "c"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign"
 msgstr "sign"
 
-#: g10/keyedit.c:587
+#: g10/keyedit.c:827
 msgid "sign the key"
 msgstr "signera nyckeln"
 
-#: g10/keyedit.c:588
+#: g10/keyedit.c:828
 msgid "s"
 msgstr "s"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "lsign"
 msgstr "lsign"
 
-#: g10/keyedit.c:589
+#: g10/keyedit.c:829
 msgid "sign the key locally"
 msgstr "signera nyckeln lokalt"
 
-#: g10/keyedit.c:590
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "nrsign"
+msgstr "sign"
+
+#: g10/keyedit.c:830
+#, fuzzy
+msgid "sign the key non-revocably"
+msgstr "signera nyckeln lokalt"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "nrlsign"
+msgstr "lsign"
+
+#: g10/keyedit.c:831
+#, fuzzy
+msgid "sign the key locally and non-revocably"
+msgstr "signera nyckeln lokalt"
+
+#: g10/keyedit.c:832
 msgid "debug"
 msgstr "debug"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "adduid"
 msgstr "adduid"
 
-#: g10/keyedit.c:591
+#: g10/keyedit.c:833
 msgid "add a user ID"
 msgstr "l�gg till en anv�ndaridentitet"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr ""
+
+#: g10/keyedit.c:834
+#, fuzzy
+msgid "add a photo ID"
+msgstr "l�gg till en anv�ndaridentitet"
+
+#: g10/keyedit.c:835
 msgid "deluid"
 msgstr "deluid"
 
-#: g10/keyedit.c:592
+#: g10/keyedit.c:835
 msgid "delete user ID"
 msgstr "ta bort en anv�ndaridentitet"
 
-#: g10/keyedit.c:593
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr ""
+
+#: g10/keyedit.c:838
 msgid "addkey"
 msgstr "addkey"
 
-#: g10/keyedit.c:593
+#: g10/keyedit.c:838
 msgid "add a secondary key"
 msgstr "l�gg till en sekund�r nyckel"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delkey"
 msgstr "delkey"
 
-#: g10/keyedit.c:594
+#: g10/keyedit.c:839
 msgid "delete a secondary key"
 msgstr "ta bort en sekund�r nyckel"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delsig"
 msgstr "delsig"
 
-#: g10/keyedit.c:595
+#: g10/keyedit.c:840
 msgid "delete signatures"
 msgstr "ta bort signaturer"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "expire"
 msgstr "expire"
 
-#: g10/keyedit.c:596
+#: g10/keyedit.c:841
 msgid "change the expire date"
 msgstr "�ndra utg�ngsdatum"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr ""
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr ""
+
+#: g10/keyedit.c:843
 msgid "toggle"
 msgstr "toggle"
 
-#: g10/keyedit.c:597
+#: g10/keyedit.c:843
 msgid "toggle between secret and public key listing"
 msgstr "hoppa mellan utskrift av hemliga och publika nycklar"
 
-#: g10/keyedit.c:599
+#: g10/keyedit.c:845
 msgid "t"
 msgstr "t"
 
-#: g10/keyedit.c:600
+#: g10/keyedit.c:846
 msgid "pref"
 msgstr "pref"
 
-#: g10/keyedit.c:600
-msgid "list preferences"
+#: g10/keyedit.c:846
+#, fuzzy
+msgid "list preferences (expert)"
+msgstr "skriv ut inst�llningar"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "showpref"
+
+#: g10/keyedit.c:847
+#, fuzzy
+msgid "list preferences (verbose)"
+msgstr "skriv ut inst�llningar"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "setpref"
+msgstr "pref"
+
+#: g10/keyedit.c:848
+#, fuzzy
+msgid "set preference list"
 msgstr "skriv ut inst�llningar"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updpref"
+msgstr "pref"
+
+#: g10/keyedit.c:849
+#, fuzzy
+msgid "updated preferences"
+msgstr "skriv ut inst�llningar"
+
+#: g10/keyedit.c:850
 msgid "passwd"
 msgstr "passwd"
 
-#: g10/keyedit.c:601
+#: g10/keyedit.c:850
 msgid "change the passphrase"
 msgstr "�ndra l�senordsfrasen"
 
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "trust"
 msgstr "trust"
 
 # originalet borde ha ett value
-#: g10/keyedit.c:602
+#: g10/keyedit.c:851
 msgid "change the ownertrust"
 msgstr "�ndra �gartillitsv�rdet"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revsig"
 msgstr "revsig"
 
-#: g10/keyedit.c:603
+#: g10/keyedit.c:852
 msgid "revoke signatures"
 msgstr "�terkalla signaturer"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revkey"
 msgstr "revkey"
 
-#: g10/keyedit.c:604
+#: g10/keyedit.c:853
 msgid "revoke a secondary key"
 msgstr "�terkalla en sekund�r nyckel"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable"
 msgstr "disable"
 
-#: g10/keyedit.c:605
+#: g10/keyedit.c:854
 msgid "disable a key"
 msgstr "deaktivera en nyckel"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable"
 msgstr "enable"
 
-#: g10/keyedit.c:606
+#: g10/keyedit.c:855
 msgid "enable a key"
 msgstr "aktivera en nyckel"
 
-#: g10/delkey.c:103 g10/keyedit.c:624
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr ""
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr ""
+
+#: g10/delkey.c:112 g10/keyedit.c:876
 msgid "can't do that in batchmode\n"
 msgstr "kan ej g�ra detta i batch-l�ge\n"
 
-#. check that they match
-#. fixme: check that they both match
-#: g10/keyedit.c:659
+#: g10/keyedit.c:913
+#, fuzzy, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "fel vid l�sning av \"%s\": %s\n"
+
+#: g10/keyedit.c:931
 msgid "Secret key is available.\n"
 msgstr "Den hemliga nyckeln finns tillg�nglig.\n"
 
-#: g10/keyedit.c:688
+#: g10/keyedit.c:962
 msgid "Command> "
 msgstr "Kommando> "
 
-#: g10/keyedit.c:718
+#: g10/keyedit.c:994
 msgid "Need the secret key to do this.\n"
 msgstr "Den hemliga nyckeln beh�vs f�r att g�ra detta.\n"
 
-#: g10/keyedit.c:722
+#: g10/keyedit.c:998
 msgid "Please use the command \"toggle\" first.\n"
 msgstr "Anv�nd kommandot \"toggle\" f�rst.\n"
 
-#: g10/keyedit.c:769
+#: g10/keyedit.c:1047
+#, fuzzy
+msgid "Key is revoked."
+msgstr "Nyckeln �r skyddad.\n"
+
+#: g10/keyedit.c:1066
 msgid "Really sign all user IDs? "
 msgstr "Vill du verkligen signera alla anv�ndaridentiteter? "
 
-#: g10/keyedit.c:770
+#: g10/keyedit.c:1067
 msgid "Hint: Select the user IDs to sign\n"
 msgstr "Tips: V�lj det anv�ndarid du vill signera\n"
 
-#: g10/keyedit.c:802 g10/keyedit.c:984
+#: g10/keyedit.c:1092
 #, c-format
-msgid "update of trustdb failed: %s\n"
-msgstr "uppdateringen av tillitsdatabasen misslyckades: %s\n"
+msgid "This command is not allowed while in %s mode.\n"
+msgstr ""
 
-#: g10/keyedit.c:813 g10/keyedit.c:834
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
 msgid "You must select at least one user ID.\n"
 msgstr "Du m�ste v�lja �tminstone en anv�ndaridentitet.\n"
 
-#: g10/keyedit.c:815
+#: g10/keyedit.c:1114
 msgid "You can't delete the last user ID!\n"
 msgstr "Du kan inte ta bort den sista anv�ndaridentiteten!\n"
 
-#: g10/keyedit.c:818
+#: g10/keyedit.c:1117
 msgid "Really remove all selected user IDs? "
 msgstr "Vill du verkligen ta bort alla valda anv�ndaridentiteter? "
 
-#: g10/keyedit.c:819
+#: g10/keyedit.c:1118
 msgid "Really remove this user ID? "
 msgstr "Vill du verkligen ta bort denna anv�ndaridentitet? "
 
-#: g10/keyedit.c:855 g10/keyedit.c:877
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
 msgid "You must select at least one key.\n"
 msgstr "Du m�ste v�lja �tminstone en nyckel.\n"
 
-#: g10/keyedit.c:859
+#: g10/keyedit.c:1160
 msgid "Do you really want to delete the selected keys? "
 msgstr "Vill du verkligen ta bort valda nycklar? "
 
-#: g10/keyedit.c:860
+#: g10/keyedit.c:1161
 msgid "Do you really want to delete this key? "
 msgstr "Vill du verkligen ta bort denna nyckel? "
 
-#: g10/keyedit.c:881
+#: g10/keyedit.c:1182
 msgid "Do you really want to revoke the selected keys? "
 msgstr "Vill du verkligen �terkalla de valda nycklarna? "
 
-#: g10/keyedit.c:882
+#: g10/keyedit.c:1183
 msgid "Do you really want to revoke this key? "
 msgstr "Vill du verkligen �terkalla denna nyckel? "
 
-#: g10/keyedit.c:948
+#: g10/keyedit.c:1252
+#, fuzzy
+msgid "Really update the preferences for the selected user IDs? "
+msgstr "Vill du verkligen ta bort alla valda anv�ndaridentiteter? "
+
+#: g10/keyedit.c:1254
+#, fuzzy
+msgid "Really update the preferences? "
+msgstr "Vill du verkligen skapa �terkallelsecertifikaten? (j/N)"
+
+#: g10/keyedit.c:1292
 msgid "Save changes? "
 msgstr "Spara �ndringarna? "
 
-#: g10/keyedit.c:951
+#: g10/keyedit.c:1295
 msgid "Quit without saving? "
 msgstr "Avsluta utan att spara? "
 
-#: g10/keyedit.c:962
+#: g10/keyedit.c:1306
 #, c-format
 msgid "update failed: %s\n"
 msgstr "uppdateringen misslyckades: %s\n"
 
-#: g10/keyedit.c:969
+#: g10/keyedit.c:1313
 #, c-format
 msgid "update secret failed: %s\n"
 msgstr "misslyckades med att uppdatera hemligheten: %s\n"
 
-#: g10/keyedit.c:976
+#: g10/keyedit.c:1320
 msgid "Key not changed so no update needed.\n"
 msgstr "Nyckeln �r of�r�ndrad s� det beh�vs ingen uppdatering.\n"
 
-#: g10/keyedit.c:991
+#: g10/keyedit.c:1332
 msgid "Invalid command  (try \"help\")\n"
 msgstr "Ogiltigt kommando (f�rs�k med \"help\")\n"
 
-#: g10/keyedit.c:1074 g10/keyedit.c:1100
+#: g10/keyedit.c:1489
+#, fuzzy, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr "VARNING: Denna nyckel har �terkallats av sin �gare!\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr ""
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
 #, c-format
 msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
-msgstr ""
+msgstr "%s%c %4u%c/%08lX  skapad: %s g�r ut: %s"
 
-#: g10/keyedit.c:1083
+#: g10/keyedit.c:1506
 #, c-format
 msgid " trust: %c/%c"
-msgstr ""
+msgstr " tillit: %c/%c"
 
-#: g10/keyedit.c:1087
+#: g10/keyedit.c:1510
 msgid "This key has been disabled"
 msgstr "Denna nyckel har deaktiverats"
 
-#: g10/keyedit.c:1116
-#, fuzzy, c-format
+#: g10/keyedit.c:1539
+#, c-format
 msgid "rev! subkey has been revoked: %s\n"
-msgstr "nyckeln %08lX: en undernyckel har �terkallats!\n"
+msgstr "rev! en undernyckel har �terkallats: %s\n"
 
-#: g10/keyedit.c:1119
-#, fuzzy
+#: g10/keyedit.c:1542
 msgid "rev- faked revocation found\n"
-msgstr "     nya �terkallelser av nycklar: %lu\n"
+msgstr "rev- hittade felaktig �terkallelse\n"
 
-#: g10/keyedit.c:1121
+#: g10/keyedit.c:1544
 #, c-format
 msgid "rev? problem checking revocation: %s\n"
+msgstr "rev? problem vid kontroll av �terkallandet: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
 msgstr ""
 
-#: g10/keyedit.c:1359
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+#, fuzzy
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "�r du s�ker p� att du vill ha denna nyckelstorlek? "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr ""
+
+#: g10/keyedit.c:1832
 msgid "Delete this good signature? (y/N/q)"
 msgstr "Vill du radera denna korrekta signatur? (j/N/a)"
 
-#: g10/keyedit.c:1363
+#: g10/keyedit.c:1842
 msgid "Delete this invalid signature? (y/N/q)"
 msgstr "Vill du radera denna ogiltiga signatur? (j/N/a)"
 
-#: g10/keyedit.c:1367
+#: g10/keyedit.c:1846
 msgid "Delete this unknown signature? (y/N/q)"
 msgstr "Vill du radera denna ok�nda signatur? (j/N/a)"
 
-#: g10/keyedit.c:1373
+#: g10/keyedit.c:1852
 msgid "Really delete this self-signature? (y/N)"
 msgstr "Vill du radera denna sj�lvsignatur? (j/N)"
 
 # skulle lika g�rna kunna heta 1 signatur va?
-#: g10/keyedit.c:1387
+#: g10/keyedit.c:1866
 #, c-format
 msgid "Deleted %d signature.\n"
 msgstr "Raderade %d signatur.\n"
 
-#: g10/keyedit.c:1388
+#: g10/keyedit.c:1867
 #, c-format
 msgid "Deleted %d signatures.\n"
 msgstr "Raderade %d signaturer.\n"
 
-#: g10/keyedit.c:1391
+#: g10/keyedit.c:1870
 msgid "Nothing deleted.\n"
 msgstr "Ingenting raderat.\n"
 
-#: g10/keyedit.c:1460
+#: g10/keyedit.c:1943
 msgid "Please remove selections from the secret keys.\n"
 msgstr "Tag bort markeringar fr�n de hemliga nycklarna.\n"
 
-#: g10/keyedit.c:1466
+#: g10/keyedit.c:1949
 msgid "Please select at most one secondary key.\n"
 msgstr "V�lj som mest en sekund�r nyckel.\n"
 
-#: g10/keyedit.c:1470
+#: g10/keyedit.c:1953
 msgid "Changing expiration time for a secondary key.\n"
 msgstr "�ndrar giltighetstid f�r en sekund�r nyckel.\n"
 
-#: g10/keyedit.c:1472
+#: g10/keyedit.c:1955
 msgid "Changing expiration time for the primary key.\n"
 msgstr "�ndrar giltighetstid f�r den prim�ra nyckeln.\n"
 
-#: g10/keyedit.c:1514
+#: g10/keyedit.c:1997
 msgid "You can't change the expiration date of a v3 key\n"
 msgstr "Du kan inte �ndra giltighetsdatum f�r en v3-nyckel\n"
 
-#: g10/keyedit.c:1530
+#: g10/keyedit.c:2013
 msgid "No corresponding signature in secret ring\n"
 msgstr "Det finns ingen motsvarande signatur i den hemliga nyckelringen\n"
 
-#: g10/keyedit.c:1591
+#: g10/keyedit.c:2096
+#, fuzzy
+msgid "Please select exactly one user ID.\n"
+msgstr "Du m�ste v�lja �tminstone en anv�ndaridentitet.\n"
+
+#: g10/keyedit.c:2284
 #, c-format
 msgid "No user ID with index %d\n"
 msgstr "Ingen anv�ndaridentitet med index %d\n"
 
-#: g10/keyedit.c:1637
+#: g10/keyedit.c:2330
 #, c-format
 msgid "No secondary key with index %d\n"
 msgstr "Ingen sekund�r nyckel med index %d\n"
 
-#: g10/keyedit.c:1735
+#: g10/keyedit.c:2444
 msgid "user ID: \""
 msgstr "anv�ndaridentitet: \""
 
-#: g10/keyedit.c:1738
+#: g10/keyedit.c:2449
 #, c-format
 msgid ""
 "\"\n"
@@ -2522,54 +3059,129 @@ msgstr ""
 "\"\n"
 "signerad med din nyckel %08lX %s\n"
 
-#: g10/keyedit.c:1742
-msgid "Create a revocation certificate for this signature? (y/N)"
+#: g10/keyedit.c:2452
+#, fuzzy, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"signerad med din nyckel %08lX %s\n"
+
+#: g10/keyedit.c:2457
+#, fuzzy, c-format
+msgid "This signature expired on %s.\n"
+msgstr "%s-signatur fr�n: %s\n"
+
+#: g10/keyedit.c:2461
+#, fuzzy
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Vill du verkligen �terkalla denna nyckel? "
+
+#: g10/keyedit.c:2465
+#, fuzzy
+msgid "Create a revocation certificate for this signature? (y/N) "
 msgstr "Vill du skapa ett �terkallelsecertifikat f�r denna signatur? (j/N)"
 
 #. FIXME: detect duplicates here
-#: g10/keyedit.c:1766
+#: g10/keyedit.c:2490
 msgid "You have signed these user IDs:\n"
 msgstr "Du har signerat f�ljande anv�ndaridentiteter:\n"
 
-#: g10/keyedit.c:1780 g10/keyedit.c:1815
-#, c-format
-msgid "   signed by %08lX at %s\n"
+#: g10/keyedit.c:2504
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s%s\n"
 msgstr "   signerad av %08lX %s\n"
 
-#: g10/keyedit.c:1785
+#: g10/keyedit.c:2512
 #, c-format
 msgid "   revoked by %08lX at %s\n"
 msgstr "   �terkallad av %08lX %s\n"
 
-#: g10/keyedit.c:1805
+#: g10/keyedit.c:2532
 msgid "You are about to revoke these signatures:\n"
 msgstr "Du st�r i begrepp att �terkalla dessa signaturer:\n"
 
-#: g10/keyedit.c:1823
-msgid "Really create the revocation certificates? (y/N)"
+#: g10/keyedit.c:2542
+#, fuzzy, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   signerad av %08lX %s\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr ""
+
+#: g10/keyedit.c:2551
+#, fuzzy
+msgid "Really create the revocation certificates? (y/N) "
 msgstr "Vill du verkligen skapa �terkallelsecertifikaten? (j/N)"
 
-#: g10/keyedit.c:1852
+#: g10/keyedit.c:2581
 msgid "no secret key\n"
 msgstr "ingen hemlig nyckel\n"
 
-#: g10/keylist.c:158
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
 #, fuzzy
-msgid "invalid"
-msgstr "felaktigt skal"
+msgid "Signature policy: "
+msgstr "%s-signatur fr�n: %s\n"
 
-#: g10/keylist.c:178
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "VARNING: ogiltig notationsdata hittades\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
 #, fuzzy
-msgid "revoked"
-msgstr "revkey"
+msgid "Signature notation: "
+msgstr "Notation: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr ""
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr ""
 
 #. of subkey
-#: g10/keylist.c:401 g10/mainproc.c:754
+#: g10/keylist.c:423 g10/mainproc.c:856
 #, c-format
 msgid " [expires: %s]"
 msgstr "[g�r ut: %s]"
 
-#: g10/mainproc.c:212
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr "Fingeravtryck:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "           Fingeravtryck:"
+
+#: g10/keylist.c:899
+#, fuzzy
+msgid "     Key fingerprint ="
+msgstr "           Fingeravtryck:"
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s krypterad data\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "krypterad med en ok�nd algoritm %d\n"
+
+#: g10/mainproc.c:280
 #, c-format
 msgid "public key is %08lX\n"
 msgstr "den publika nyckeln �r %08lX\n"
@@ -2581,196 +3193,254 @@ msgstr "den publika nyckeln �r %08lX\n"
 # r�tt publik nyckel att kryptera datat med. Jag tycker
 # inte att svenska �vers�ttningen �r mycket obskyrare �n engelska
 # originalet iallafall.
-#: g10/mainproc.c:247
+#: g10/mainproc.c:326
 msgid "public key encrypted data: good DEK\n"
 msgstr "data krypterad med publik nyckel: korrekt krypteringsnyckel\n"
 
-#: g10/mainproc.c:280
+#: g10/mainproc.c:378
 #, c-format
 msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
 msgstr "krypterad med %u-bitars %s-nyckel, ID %08lX, skapad %s\n"
 
-#: g10/mainproc.c:290
+#: g10/mainproc.c:388
 #, c-format
 msgid "encrypted with %s key, ID %08lX\n"
 msgstr "krypterad med %s-nyckel, ID %08lX\n"
 
-#: g10/mainproc.c:296
-msgid "no secret key for decryption available\n"
-msgstr "det finns ingen hemlig nyckel tillg�nglig f�r dekryptering\n"
-
-#: g10/mainproc.c:305
+#: g10/mainproc.c:402
 #, c-format
 msgid "public key decryption failed: %s\n"
 msgstr "dekryptering med publik nyckel misslyckades: %s\n"
 
-#: g10/mainproc.c:342
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, fuzzy, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "%s krypterad data\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+
+#: g10/mainproc.c:466
 msgid "decryption okay\n"
 msgstr "dekrypteringen lyckades\n"
 
-#: g10/mainproc.c:347
+#: g10/mainproc.c:471
 msgid "WARNING: encrypted message has been manipulated!\n"
 msgstr "VARNING: det krypterade meddelandet har �ndrats!\n"
 
-#: g10/mainproc.c:352
+#: g10/mainproc.c:476
 #, c-format
 msgid "decryption failed: %s\n"
 msgstr "dekrypteringen misslyckades: %s\n"
 
-#: g10/mainproc.c:371
+#: g10/mainproc.c:495
 msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
-msgstr "NOTERA: avs�ndaren efterfr�gade \"endast-f�r-dina-�gon\"\n"
+msgstr "OBSERVERA: avs�ndaren efterfr�gade \"endast-f�r-dina-�gon\"\n"
 
-#: g10/mainproc.c:373
+#: g10/mainproc.c:497
 #, c-format
 msgid "original file name='%.*s'\n"
 msgstr "ursprungligt filnamn=\"%.*s\"\n"
 
-#: g10/mainproc.c:538
+#: g10/mainproc.c:672
 msgid "standalone revocation - use \"gpg --import\" to apply\n"
 msgstr ""
 "frist�ende �terkallelsecertifikat - anv�nd \"gpg --import\" f�r\n"
 "att applicera\n"
 
-#: g10/mainproc.c:625 g10/mainproc.c:634
-msgid "WARNING: invalid notation data found\n"
-msgstr "VARNING: ogiltig notationsdata hittades\n"
-
-#: g10/mainproc.c:637
+#: g10/mainproc.c:733
 msgid "Notation: "
 msgstr "Notation: "
 
 # finns det n�gon bra svensk �vers�ttning av policy?
-#: g10/mainproc.c:644
+#: g10/mainproc.c:745
 msgid "Policy: "
 msgstr "Policy: "
 
-#: g10/mainproc.c:1074
+#: g10/mainproc.c:1198
 msgid "signature verification suppressed\n"
 msgstr "signaturen verifierades inte\n"
 
-#: g10/mainproc.c:1080
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "kan inte hantera dessa multipla signaturer\n"
+
+#: g10/mainproc.c:1261
 #, c-format
 msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Signerades %.*s med hj�lp av %s-nyckeln med ID %08lX\n"
 
-#. just in case that we have no userid
-#: g10/mainproc.c:1106 g10/mainproc.c:1117
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
 msgid "BAD signature from \""
 msgstr "FELAKTIG signatur fr�n \""
 
-#: g10/mainproc.c:1107 g10/mainproc.c:1118
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+#, fuzzy
+msgid "Expired signature from \""
+msgstr "Korrekt signatur fr�n \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
 msgid "Good signature from \""
 msgstr "Korrekt signatur fr�n \""
 
-#: g10/mainproc.c:1109
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr ""
+
+#: g10/mainproc.c:1351
 msgid "                aka \""
 msgstr "      �ven k�nd som \""
 
-#: g10/mainproc.c:1165
+#: g10/mainproc.c:1412
 #, c-format
 msgid "Can't check signature: %s\n"
 msgstr "Kan inte verifiera signaturen: %s\n"
 
-#: g10/mainproc.c:1230
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "ingen frikopplad signatur\n"
+
+#: g10/mainproc.c:1508
 #, c-format
 msgid "standalone signature of class 0x%02x\n"
 msgstr "frist�ende signatur av klassen 0x%02x\n"
 
-#: g10/mainproc.c:1282
+#: g10/mainproc.c:1565
 msgid "old style (PGP 2.x) signature\n"
 msgstr "signatur av den gamla (PGP 2.x) typen\n"
 
-#: g10/mainproc.c:1287
+#: g10/mainproc.c:1572
 msgid "invalid root packet detected in proc_tree()\n"
 msgstr "felaktigt rotpaket hittades i proc_tree()\n"
 
-#: g10/misc.c:86
+#: g10/misc.c:101
 #, c-format
 msgid "can't disable core dumps: %s\n"
 msgstr "kan inte deaktivera minnesutskrifter: %s\n"
 
-#: g10/misc.c:314
+#: g10/misc.c:211
 msgid "Experimental algorithms should not be used!\n"
 msgstr "Experimentella algoritmer b�r inte anv�ndas!\n"
 
 # XXX
-#: g10/misc.c:342
-msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+"denna chifferalgoritm �r f�rlegad, anv�nd ist�llet en mer normal algoritm!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
 msgstr ""
-"avr�der fr�n denna chifferalgoritm, anv�nd ist�llet en mer normal algoritm!\n"
 
-#: g10/parse-packet.c:115
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr ""
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr ""
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+
+#: g10/parse-packet.c:119
 #, c-format
 msgid "can't handle public key algorithm %d\n"
 msgstr "kan inte hantera algoritm %d f�r publik nyckelhantering\n"
 
-#: g10/parse-packet.c:999
+#: g10/parse-packet.c:1053
 #, c-format
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "underpaket av typen %d har den bit satt som markerar den som kritisk\n"
 
-#: g10/passphrase.c:198
+#: g10/passphrase.c:442 g10/passphrase.c:489
 msgid "gpg-agent is not available in this session\n"
+msgstr "kunde inte f� tillg�ng till n�gon gpg-agent i denna session\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
 msgstr ""
 
-#: g10/passphrase.c:204
-msgid "malformed GPG_AGENT_INFO environment variable\n"
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr ""
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
 msgstr ""
 
-#: g10/hkp.c:158 g10/passphrase.c:223
+#: g10/passphrase.c:498
+msgid "malformed GPG_AGENT_INFO environment variable\n"
+msgstr "milj�variabeln GPG_AGENT_INFO �r felformaterad\n"
+
+#: g10/passphrase.c:511
+#, fuzzy, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "skyddsalgoritmen %d st�ds inte\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
 #, c-format
 msgid "can't connect to `%s': %s\n"
 msgstr "kan inte ansluta till \"%s\": %s\n"
 
-#: g10/passphrase.c:284 g10/passphrase.c:522
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr ""
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+#, fuzzy
+msgid "problem with the agent - disabling agent use\n"
+msgstr "problem med agenten: agenten returnerar 0x%lx\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
 #, c-format
 msgid " (main key ID %08lX)"
 msgstr " (huvudnyckelns identitet %08lX)"
 
-#: g10/passphrase.c:294
-#, fuzzy, c-format
+#: g10/passphrase.c:641
+#, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 msgstr ""
-"\n"
 "Du beh�ver en l�senordsfras f�r att l�sa upp den hemliga nyckeln f�r\n"
-"anv�ndaren: \""
+"anv�ndaren: \"%.*s\"\n"
+"%u-bitars %s-nyckel, ID %08lX, skapad %s%s\n"
 
-#: g10/passphrase.c:315
-#, fuzzy
+#: g10/passphrase.c:662
 msgid "Enter passphrase\n"
-msgstr "Ange l�senordsfras: "
+msgstr "Ange l�senordsfras\n"
 
-#: g10/passphrase.c:317
-#, fuzzy
+#: g10/passphrase.c:664
 msgid "Repeat passphrase\n"
-msgstr "Repetera l�senordsfrasen: "
+msgstr "Repetera l�senordsfrasen\n"
 
-#: g10/passphrase.c:338 g10/passphrase.c:348 g10/passphrase.c:439
-msgid "response from agent too short\n"
-msgstr ""
-
-#: g10/passphrase.c:355
+#: g10/passphrase.c:705
 msgid "passphrase too long\n"
-msgstr ""
+msgstr "l�senordsfrasen �r f�r l�ng\n"
 
-#: g10/passphrase.c:367
+#: g10/passphrase.c:718
 msgid "invalid response from agent\n"
-msgstr ""
+msgstr "felaktigt svar fr�n agenten\n"
 
-#: g10/passphrase.c:376
+#: g10/passphrase.c:727 g10/passphrase.c:808
 msgid "cancelled by user\n"
-msgstr ""
+msgstr "avbruten av anv�ndaren\n"
 
-#: g10/passphrase.c:379 g10/passphrase.c:445
+#: g10/passphrase.c:729 g10/passphrase.c:890
 #, c-format
 msgid "problem with the agent: agent returns 0x%lx\n"
-msgstr ""
+msgstr "problem med agenten: agenten returnerar 0x%lx\n"
 
-#: g10/passphrase.c:508
+#: g10/passphrase.c:1003
 msgid ""
 "\n"
 "You need a passphrase to unlock the secret key for\n"
@@ -2780,20 +3450,20 @@ msgstr ""
 "Du beh�ver en l�senordsfras f�r att l�sa upp den hemliga nyckeln f�r\n"
 "anv�ndaren: \""
 
-#: g10/passphrase.c:517
+#: g10/passphrase.c:1012
 #, c-format
 msgid "%u-bit %s key, ID %08lX, created %s"
 msgstr "%u-bits  %s-nyckel, ID %08lX, skapad %s"
 
-#: g10/passphrase.c:555
+#: g10/passphrase.c:1063
 msgid "can't query password in batchmode\n"
 msgstr "kan inte fr�ga efter l�senord i batch-l�ge\n"
 
-#: g10/passphrase.c:559
+#: g10/passphrase.c:1067
 msgid "Enter passphrase: "
 msgstr "Ange l�senordsfras: "
 
-#: g10/passphrase.c:563
+#: g10/passphrase.c:1071
 msgid "Repeat passphrase: "
 msgstr "Repetera l�senordsfrasen: "
 
@@ -2801,148 +3471,193 @@ msgstr "Repetera l�senordsfrasen: "
 msgid "data not saved; use option \"--output\" to save it\n"
 msgstr "data sparades inte, anv�nd flaggan \"--output\" f�r att spara den\n"
 
-#: g10/plaintext.c:324
+#: g10/plaintext.c:108
+#, fuzzy, c-format
+msgid "error creating `%s': %s\n"
+msgstr "fel vid l�sning av \"%s\": %s\n"
+
+#: g10/plaintext.c:337
 msgid "Detached signature.\n"
 msgstr "L�skopplad signatur.\n"
 
-#: g10/plaintext.c:328
+#: g10/plaintext.c:341
 msgid "Please enter name of data file: "
 msgstr "Ange namnet p� datafilen: "
 
-#: g10/plaintext.c:349
+#: g10/plaintext.c:362
 msgid "reading stdin ...\n"
 msgstr "l�ser fr�n standard in ...\n"
 
-#: g10/plaintext.c:392
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "ingen signerad data\n"
+
+#: g10/plaintext.c:404
 #, c-format
 msgid "can't open signed data `%s'\n"
 msgstr "kan inte �ppna signerad data \"%s\"\n"
 
-#: g10/pubkey-enc.c:135
-#, c-format
-msgid "anonymous receiver; trying secret key %08lX ...\n"
+#: g10/pubkey-enc.c:100
+#, fuzzy, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
 msgstr "anonym mottagare, f�rs�ker anv�nda den hemliga nyckeln %08lX ...\n"
 
-#: g10/pubkey-enc.c:141
+#: g10/pubkey-enc.c:106
 msgid "okay, we are the anonymous recipient.\n"
 msgstr "ok, vi �r den hemliga mottagaren.\n"
 
-#: g10/pubkey-enc.c:197
+#: g10/pubkey-enc.c:158
 msgid "old encoding of the DEK is not supported\n"
 msgstr "gammal kodning av krypteringsnyckeln st�ds inte\n"
 
-#: g10/pubkey-enc.c:216
-#, c-format
-msgid "cipher algorithm %d is unknown or disabled\n"
+#: g10/pubkey-enc.c:177
+#, fuzzy, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
 msgstr "chifferalgoritmen %d �r ok�nd eller avslagen\n"
 
-#: g10/pubkey-enc.c:255
+#: g10/pubkey-enc.c:220
 #, c-format
 msgid "NOTE: cipher algorithm %d not found in preferences\n"
-msgstr "NOTERA: chifferalgoritmen %d finns inte i inst�llningarna\n"
+msgstr "OBSERVERA: chifferalgoritmen %d finns inte i inst�llningarna\n"
 
-#: g10/pubkey-enc.c:261
+#: g10/pubkey-enc.c:242
 #, c-format
 msgid "NOTE: secret key %08lX expired at %s\n"
-msgstr "NOTERA: den hemliga nyckeln %08lX gick ut %s\n"
+msgstr "OBSERVERA: den hemliga nyckeln %08lX gick ut %s\n"
 
-#: g10/hkp.c:62
-#, c-format
-msgid "requesting key %08lX from %s ...\n"
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
+#, fuzzy, c-format
+msgid "requesting key %08lX from HKP keyserver %s\n"
 msgstr "fr�ga efter nyckeln %08lX fr�n %s ...\n"
 
-#: g10/hkp.c:75
+#: g10/hkp.c:94
 #, c-format
 msgid "can't get key from keyserver: %s\n"
 msgstr "kan inte h�mta nyckeln fr�n en nyckelserver: %s\n"
 
-#: g10/hkp.c:98 g10/hkp.c:136
-msgid "no keyserver known (use option --keyserver)\n"
-msgstr "k�nner inte till n�gon nyckelserver (anv�nd flaggan --keyserver)\n"
-
-#: g10/hkp.c:106
-#, c-format
-msgid "%s: not a valid key ID\n"
-msgstr "%s: ogiltig nyckelidentitet\n"
-
-#: g10/hkp.c:182
+#: g10/hkp.c:171
 #, c-format
 msgid "error sending to `%s': %s\n"
 msgstr "fel vid s�ndning till \"%s\": %s\n"
 
-#: g10/hkp.c:194
+#: g10/hkp.c:186
 #, c-format
 msgid "success sending to `%s' (status=%u)\n"
 msgstr "lyckades s�nda till \"%s\" (status=%u)\n"
 
-#: g10/hkp.c:197
+#: g10/hkp.c:189
 #, c-format
 msgid "failed sending to `%s': status=%u\n"
 msgstr "misslyckades s�nda till \"%s\": status=%u\n"
 
-#: g10/seckey-cert.c:89
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr ""
+
+#: g10/hkp.c:521
+#, fuzzy, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "kan inte h�mta nyckeln fr�n en nyckelserver: %s\n"
+
+#: g10/seckey-cert.c:53
 msgid "secret key parts are not available\n"
 msgstr "de hemliga nyckeldelarna �r inte tillg�nliga\n"
 
-#: g10/seckey-cert.c:95
-#, c-format
-msgid "protection algorithm %d is not supported\n"
+#: g10/seckey-cert.c:59
+#, fuzzy, c-format
+msgid "protection algorithm %d%s is not supported\n"
 msgstr "skyddsalgoritmen %d st�ds inte\n"
 
-#: g10/seckey-cert.c:245
-msgid "Invalid passphrase; please try again ...\n"
+#: g10/seckey-cert.c:215
+#, fuzzy
+msgid "Invalid passphrase; please try again"
 msgstr "Ogiltig l�senordsfras, f�rs�k igen ...\n"
 
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr ""
+
 # �r det nyckeln som �r svag, konstigt
-#: g10/seckey-cert.c:308
+#: g10/seckey-cert.c:273
 msgid "WARNING: Weak key detected - please change passphrase again.\n"
 msgstr "VARNING: Uppt�ckte en svag nyckel - byt l�senordsfras igen.\n"
 
-#: g10/sig-check.c:279
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+
+#: g10/sig-check.c:205
 msgid ""
 "this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
 msgstr ""
 "detta �r en PGP-genererad ElGamal-nyckel som INTE �r s�ker f�r signaturer!\n"
 
 # beh�vs verkligen c-format h�r?
-#: g10/sig-check.c:287
+#: g10/sig-check.c:213
 #, c-format
 msgid "public key is %lu second newer than the signature\n"
 msgstr "den publika nyckeln �r %lu sekund nyare �n signaturen\n"
 
-#: g10/sig-check.c:288
+#: g10/sig-check.c:214
 #, c-format
 msgid "public key is %lu seconds newer than the signature\n"
 msgstr "den publika nyckeln �r %lu sekunder nyare �n signaturen\n"
 
-#: g10/sig-check.c:306
+#: g10/sig-check.c:237
 #, c-format
-msgid "NOTE: signature key expired %s\n"
-msgstr "NOTERA: signaturnyckeln �r f�r gammal, gick ut vid %s\n"
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "OBSERVERA: signaturnyckeln %08lX, gick ut vid %s\n"
 
-#: g10/sig-check.c:375
+#: g10/sig-check.c:318
 msgid "assuming bad signature due to an unknown critical bit\n"
 msgstr ""
 "antar att signaturen �r felaktig eftersom en ok�nd kritisk bit �r satt\n"
 
-#: g10/sign.c:197
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "f�rs�k att verifiera signaturen misslyckades: %s\n"
+
+#: g10/sign.c:283
 #, c-format
 msgid "%s signature from: %s\n"
 msgstr "%s-signatur fr�n: %s\n"
 
-#: g10/sign.c:435 g10/sign.c:690
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "VARNING: \"%s\" �r en tom fil\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:643 g10/sign.c:812
 #, c-format
 msgid "can't create %s: %s\n"
 msgstr "kan inte skapa %s: %s\n"
 
-#: g10/sign.c:538
+#: g10/sign.c:704
 msgid "signing:"
 msgstr "signerar:"
 
-#: g10/sign.c:583
-#, c-format
-msgid "WARNING: `%s' is an empty file\n"
-msgstr "VARNING: \"%s\" �r en tom fil\n"
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+
+#: g10/sign.c:953
+#, fuzzy, c-format
+msgid "%s encryption will be used\n"
+msgstr "dekrypteringen misslyckades: %s\n"
 
 #: g10/textfilter.c:134
 #, c-format
@@ -2954,429 +3669,209 @@ msgstr "kan inte hantera text med rader l�ngre �n %d tecken\n"
 msgid "input line longer than %d characters\n"
 msgstr "indataraden �r l�ngre �n %d tecken\n"
 
-#: g10/tdbio.c:116 g10/tdbio.c:1623
+#: g10/tdbio.c:121 g10/tdbio.c:1382
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "tillitsdatabasposten %lu: lseek misslyckades: %s\n"
 
-#: g10/tdbio.c:122 g10/tdbio.c:1630
+#: g10/tdbio.c:127 g10/tdbio.c:1389
 #, c-format
 msgid "trustdb rec %lu: write failed (n=%d): %s\n"
 msgstr "tillitsdatabasposten %lu: skrivning misslyckades (n=%d): %s\n"
 
-#: g10/tdbio.c:232
+#: g10/tdbio.c:237
 msgid "trustdb transaction too large\n"
 msgstr "tillitsdatabastransaktion f�r stor\n"
 
-#: g10/tdbio.c:424
+#: g10/tdbio.c:454
 #, c-format
 msgid "%s: can't access: %s\n"
 msgstr "%s: ingen �tkomst: %s\n"
 
-#: g10/tdbio.c:438
+#: g10/tdbio.c:468
 #, c-format
 msgid "%s: directory does not exist!\n"
 msgstr "%s: katalogen finns inte!\n"
 
-#: g10/openfile.c:227 g10/openfile.c:296 g10/ringedit.c:843
-#: g10/ringedit.c:1161 g10/tdbio.c:444
-#, c-format
-msgid "%s: can't create: %s\n"
-msgstr "%s: kan inte skapa: %s\n"
-
-#: g10/tdbio.c:459 g10/tdbio.c:508
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
 #, c-format
 msgid "%s: can't create lock\n"
 msgstr "%s: kan inte skapa l�s\n"
 
-#: g10/tdbio.c:473
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, fuzzy, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: kan inte skapa l�s\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: kan inte skapa: %s\n"
+
+#: g10/tdbio.c:503
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: misslyckades med att skapa versionspost: %s"
 
-#: g10/tdbio.c:477
+#: g10/tdbio.c:507
 #, c-format
 msgid "%s: invalid trustdb created\n"
 msgstr "%s: felaktig tillitsdatabas skapad\n"
 
-#: g10/tdbio.c:480
+#: g10/tdbio.c:510
 #, c-format
 msgid "%s: trustdb created\n"
 msgstr "%s: tillitsdatabas skapad\n"
 
-#: g10/tdbio.c:517
+#: g10/tdbio.c:565
 #, c-format
 msgid "%s: invalid trustdb\n"
 msgstr "%s: felaktig tillitsdatabas\n"
 
-#: g10/tdbio.c:550
+#: g10/tdbio.c:597
 #, c-format
 msgid "%s: failed to create hashtable: %s\n"
 msgstr "%s: misslyckades med att skapa hash-tabell: %s\n"
 
-#: g10/tdbio.c:558
+#: g10/tdbio.c:605
 #, c-format
 msgid "%s: error updating version record: %s\n"
 msgstr "%s: fel vid uppdatering av versionspost: %s\n"
 
-#: g10/tdbio.c:574 g10/tdbio.c:613 g10/tdbio.c:635 g10/tdbio.c:665
-#: g10/tdbio.c:690 g10/tdbio.c:1556 g10/tdbio.c:1583
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
 #, c-format
 msgid "%s: error reading version record: %s\n"
 msgstr "%s: fel vid l�sning av versionspost: %s\n"
 
-#: g10/tdbio.c:587 g10/tdbio.c:646
+#: g10/tdbio.c:634 g10/tdbio.c:680
 #, c-format
 msgid "%s: error writing version record: %s\n"
 msgstr "%s: fel vid skrivning av versionspost: %s\n"
 
-#: g10/tdbio.c:1235
+#: g10/tdbio.c:1119
 #, c-format
 msgid "trustdb: lseek failed: %s\n"
 msgstr "tillitsdatabas: lseek misslyckades: %s\n"
 
-#: g10/tdbio.c:1243
+#: g10/tdbio.c:1127
 #, c-format
 msgid "trustdb: read failed (n=%d): %s\n"
 msgstr "tillitsdatabas: l�sning misslyckades (n=%d): %s\n"
 
-#: g10/tdbio.c:1264
+#: g10/tdbio.c:1148
 #, c-format
 msgid "%s: not a trustdb file\n"
 msgstr "%s: ej en tillitsdatabasfil\n"
 
-#: g10/tdbio.c:1280
+#: g10/tdbio.c:1165
 #, c-format
 msgid "%s: version record with recnum %lu\n"
 msgstr "%s: versionspost med postnummer %lu\n"
 
-#: g10/tdbio.c:1285
+#: g10/tdbio.c:1170
 #, c-format
 msgid "%s: invalid file version %d\n"
 msgstr "%s: ogiltig filversion %d\n"
 
-#: g10/tdbio.c:1589
+#: g10/tdbio.c:1348
 #, c-format
 msgid "%s: error reading free record: %s\n"
 msgstr "%s: fel vid l�sning av ledig post: %s\n"
 
-#: g10/tdbio.c:1597
+#: g10/tdbio.c:1356
 #, c-format
 msgid "%s: error writing dir record: %s\n"
 msgstr "%s: fel vid l�sning av katalogpost: %s\n"
 
-#: g10/tdbio.c:1607
+#: g10/tdbio.c:1366
 #, c-format
 msgid "%s: failed to zero a record: %s\n"
 msgstr "%s: misslyckades med att nollst�lla en post: %s\n"
 
-#: g10/tdbio.c:1637
+#: g10/tdbio.c:1396
 #, c-format
 msgid "%s: failed to append a record: %s\n"
 msgstr "%s: misslyckades med att l�gga till en post: %s\n"
 
-#: g10/tdbio.c:1748
+#: g10/tdbio.c:1441
 msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
 msgstr "tillitsdatabasen �r trasig, k�r \"gpg --fix-trustdb\".\n"
 
+#: g10/trustdb.c:200
+#, fuzzy, c-format
+msgid "`%s' is not a valid long keyID\n"
+msgstr "\"%s\" �r en ogiltig l�ng nyckelidentitet\n"
+
+#: g10/trustdb.c:235
+#, fuzzy, c-format
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "nyckel %08lX: accepterad som en p�litlig nyckel\n"
+
+#: g10/trustdb.c:274
+#, fuzzy, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "nyckel %08lX: kan inte l�gga till i tillitsdatabasen\n"
+
+#: g10/trustdb.c:290
+#, c-format
+msgid "key %08lX: no public key for trusted key - skipped\n"
+msgstr "nyckel %08lX: hittade ingen motsvarande publik nyckel - �verhoppad\n"
+
 # req �r nog felstavat i originalet d� det syftar p� record och inte
 # request
-#: g10/trustdb.c:169
+#: g10/trustdb.c:332
 #, c-format
 msgid "trust record %lu, req type %d: read failed: %s\n"
 msgstr "tillitspost %lu, posttyp %d: kunde inte l�sa: %s\n"
 
-#: g10/trustdb.c:184
+#: g10/trustdb.c:338
+#, fuzzy, c-format
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "tillitspost %lu: kunde inte radera: %s\n"
+
+#: g10/trustdb.c:353
 #, c-format
 msgid "trust record %lu, type %d: write failed: %s\n"
 msgstr "tillitspost: %lu, typ %d: kunde inte skriva: %s\n"
 
-#: g10/trustdb.c:198
-#, c-format
-msgid "trust record %lu: delete failed: %s\n"
-msgstr "tillitspost %lu: kunde inte radera: %s\n"
-
-#: g10/trustdb.c:212
+#: g10/trustdb.c:368
 #, c-format
 msgid "trustdb: sync failed: %s\n"
 msgstr "tillitsdatabas: synkronisering misslyckades: %s\n"
 
-# LID betyder local id och �r serienumret i den lokala databasen
-# f�r en given nyckel
-#: g10/trustdb.c:377
-#, c-format
-msgid "error reading dir record for LID %lu: %s\n"
-msgstr "fel vid l�sning av katalogpost f�r lokalt id %lu: %s\n"
-
-#: g10/trustdb.c:384
-#, c-format
-msgid "lid %lu: expected dir record, got type %d\n"
-msgstr "lokalt id %lu: v�ntade en katalogpost, fick en post av typen %d\n"
-
-#: g10/trustdb.c:389
-#, c-format
-msgid "no primary key for LID %lu\n"
-msgstr "ingen prim�r nyckel f�r lokalt id %lu\n"
-
-#: g10/trustdb.c:394
-#, c-format
-msgid "error reading primary key for LID %lu: %s\n"
-msgstr "fel vid l�sning av prim�r nyckel f�r lokalt id %lu: %s\n"
-
-#: g10/trustdb.c:433
-#, c-format
-msgid "get_dir_record: search_record failed: %s\n"
-msgstr "get_dir_record: search_record misslyckades: %s\n"
+#: g10/trustdb.c:468
+#, fuzzy
+msgid "no need for a trustdb check\n"
+msgstr "%s: ej en tillitsdatabasfil\n"
 
-#: g10/trustdb.c:474
+#: g10/trustdb.c:474 g10/trustdb.c:1641
 #, fuzzy, c-format
-msgid "'%s' is not a valid long keyID\n"
-msgstr "%s: ogiltig nyckelidentitet\n"
-
-#: g10/trustdb.c:502
-#, c-format
-msgid "key %08lX: can't put it into the trustdb\n"
-msgstr "nyckel %08lX: kan inte l�gga till i tillitsdatabasen\n"
-
-#: g10/trustdb.c:508
-#, c-format
-msgid "key %08lX: query record failed\n"
-msgstr "nyckel %08lX: uppslagning av post misslyckades\n"
-
-#: g10/trustdb.c:517
-#, c-format
-msgid "key %08lX: already in trusted key table\n"
-msgstr "nyckel %08lX: finns redan i tabellen �ver p�litliga nycklar\n"
+msgid "next trustdb check due at %s\n"
+msgstr "tillitsdatabasposten %lu: lseek misslyckades: %s\n"
 
-#: g10/trustdb.c:520
-#, c-format
-msgid "key %08lX: accepted as trusted key.\n"
-msgstr "nyckel %08lX: accepterad som en p�litlig nyckel\n"
+# originalet borde ha ett value
+#: g10/trustdb.c:779
+#, fuzzy
+msgid "checking the trustdb\n"
+msgstr "�ndra �gartillitsv�rdet"
 
-#: g10/trustdb.c:547
+#: g10/trustdb.c:933
 #, fuzzy, c-format
-msgid "key %08lX: no public key for trusted key - skipped\n"
-msgstr "nyckeln %08lX �r inte skyddad - �verhoppad\n"
-
-#: g10/trustdb.c:566
-#, c-format
-msgid "NOTE: secret key %08lX is NOT protected.\n"
-msgstr "NOTERA: den hemliga nyckeln %08lX �r INTE skyddad.\n"
-
-#: g10/trustdb.c:585
-#, c-format
-msgid "key %08lX: secret and public key don't match\n"
-msgstr "nyckel %08lX: hemlig och publik nyckel st�mmer inte �verens\n"
-
-#: g10/trustdb.c:598
-#, c-format
-msgid "enumerate secret keys failed: %s\n"
-msgstr "numrering av hemliga nycklar misslyckades: %s\n"
-
-#: g10/trustdb.c:994
-#, c-format
-msgid "key %08lX.%lu: Good subkey binding\n"
-msgstr "nyckel: %08lX.%lu: Korrekt bindning till undernyckel\n"
-
-#: g10/trustdb.c:1000 g10/trustdb.c:1035
-#, c-format
-msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
-msgstr "nyckel %08lX.%lu: Felaktig bindning till undernyckel: %s\n"
-
-#: g10/trustdb.c:1012
-#, c-format
-msgid "key %08lX.%lu: Valid key revocation\n"
-msgstr "nyckel %08lX.%lu: Giltig �terkallelse av nyckel\n"
-
-#: g10/trustdb.c:1018
-#, c-format
-msgid "key %08lX.%lu: Invalid key revocation: %s\n"
-msgstr "nyckel %08lX.%lu: Felaktig �terkallelse av nyckel: %s\n"
+msgid "public key %08lX not found: %s\n"
+msgstr "hittade inte publik nyckel"
 
-#: g10/trustdb.c:1029
+#: g10/trustdb.c:1515
 #, c-format
-msgid "key %08lX.%lu: Valid subkey revocation\n"
-msgstr "nyckel %08lX.%lu: Giltig �terkallelse av undernyckel\n"
-
-#: g10/trustdb.c:1140
-msgid "Good self-signature"
-msgstr "Korrekt sj�lvsignatur"
-
-#: g10/trustdb.c:1150
-msgid "Invalid self-signature"
-msgstr "Felaktig sj�lvsignatur"
-
-# detta verkar mycket m�rkligt. N�gon borde kanske f� en f�rklaring fr�n
-# gnupg-utvecklarna?
-#: g10/trustdb.c:1177
-msgid "Valid user ID revocation skipped due to a newer self signature"
+msgid "public key of ultimately trusted key %08lX not found\n"
 msgstr ""
-"Hoppade �ver en giltig �terkallelse av anv�ndaridentiteten p�\n"
-"grund av en nyare sj�lvsignatur"
-
-#: g10/trustdb.c:1183
-msgid "Valid user ID revocation"
-msgstr "Giltig �terkallelse av anv�ndaridentitet"
-
-#: g10/trustdb.c:1188
-msgid "Invalid user ID revocation"
-msgstr "Ogiltig �terkallelse av anv�ndaridentitet"
-
-#: g10/trustdb.c:1230
-msgid "Valid certificate revocation"
-msgstr "Giltig �terkallelse av certifikat"
-
-#: g10/trustdb.c:1231
-msgid "Good certificate"
-msgstr "Korrekt certifikat"
-
-#: g10/trustdb.c:1259
-msgid "Invalid certificate revocation"
-msgstr "Ogiltig �terkallelse av certifikat "
-
-#: g10/trustdb.c:1260
-msgid "Invalid certificate"
-msgstr "Ogiltigt certifikat"
-
-#: g10/trustdb.c:1277 g10/trustdb.c:1281
-#, c-format
-msgid "sig record %lu[%d] points to wrong record.\n"
-msgstr "signaturpost %lu[%d] pekar mot fel post.\n"
-
-#: g10/trustdb.c:1340
-msgid "duplicated certificate - deleted"
-msgstr "dubblett av certifikat - borttaget"
-
-#: g10/trustdb.c:1661
-#, c-format
-msgid "tdbio_search_dir failed: %s\n"
-msgstr "tdbio_search_dir misslyckades: %s\n"
-
-#: g10/trustdb.c:1795
-#, c-format
-msgid "lid ?: insert failed: %s\n"
-msgstr "lokalt id ?: till�gg misslyckades: %s\n"
-
-#: g10/trustdb.c:1800
-#, c-format
-msgid "lid %lu: insert failed: %s\n"
-msgstr "lokalt id %lu: till�gg misslyckades: %s\n"
-
-#: g10/trustdb.c:1806
-#, c-format
-msgid "lid %lu: inserted\n"
-msgstr "lokalt id %lu: lades till\n"
-
-#: g10/trustdb.c:1811
-#, c-format
-msgid "error reading dir record: %s\n"
-msgstr "fel vid l�sning av katalogpost: %s\n"
-
-#: g10/trustdb.c:1819 g10/trustdb.c:1882
-#, c-format
-msgid "%lu keys processed\n"
-msgstr "%lu nycklar behandlade\n"
-
-#: g10/trustdb.c:1821 g10/trustdb.c:1888
-#, c-format
-msgid "\t%lu keys with errors\n"
-msgstr "\t%lu nycklar med fel\n"
-
-#: g10/trustdb.c:1823
-#, c-format
-msgid "\t%lu keys inserted\n"
-msgstr "\t%lu nycklar tillagda\n"
 
-#: g10/trustdb.c:1826
+#: g10/trustdb.c:1593
 #, c-format
-msgid "enumerate keyblocks failed: %s\n"
-msgstr "numrering av nyckelblock misslyckades: %s\n"
-
-#: g10/trustdb.c:1874
-#, c-format
-msgid "lid %lu: dir record w/o key - skipped\n"
-msgstr "lokalt id %lu: katalogpost utan nyckel - hoppade �ver\n"
-
-#: g10/trustdb.c:1884
-#, c-format
-msgid "\t%lu due to new pubkeys\n"
-msgstr "\t%lu p� grund av nya publika nycklar\n"
-
-#: g10/trustdb.c:1886
-#, c-format
-msgid "\t%lu keys skipped\n"
-msgstr "\t%lu nycklar hoppades �ver\n"
-
-#: g10/trustdb.c:1890
-#, c-format
-msgid "\t%lu keys updated\n"
-msgstr "\t%lu nycklar uppdaterades\n"
-
-#: g10/trustdb.c:2235
-msgid "Ooops, no keys\n"
-msgstr "Ooops, inga nycklar\n"
-
-#: g10/trustdb.c:2239
-msgid "Ooops, no user IDs\n"
-msgstr "Ooops, inga anv�ndaridentiteter\n"
-
-#: g10/trustdb.c:2397
-#, c-format
-msgid "check_trust: search dir record failed: %s\n"
-msgstr "check_trust: s�kning av katalogpost misslyckades: %s\n"
-
-#: g10/trustdb.c:2406
-#, c-format
-msgid "key %08lX: insert trust record failed: %s\n"
-msgstr "nyckel %08lX: till�gg av tillitspost misslyckades: %s\n"
-
-#: g10/trustdb.c:2410
-#, c-format
-msgid "key %08lX.%lu: inserted into trustdb\n"
-msgstr "nyckel %08lX.%lu: lades till i tillitsdatabasen\n"
-
-#: g10/trustdb.c:2418
-#, c-format
-msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
 msgstr ""
-"nyckel %08lX.%lu: skapad i framtiden (problemet �r relaterat till\n"
-"tidsresande eller en felst�lld klocka)\n"
-
-#: g10/trustdb.c:2433
-#, c-format
-msgid "key %08lX.%lu: expired at %s\n"
-msgstr "nyckel %08lX.%lu: gick ut %s\n"
-
-#: g10/trustdb.c:2441
-#, c-format
-msgid "key %08lX.%lu: trust check failed: %s\n"
-msgstr "nyckel %08lX.%lu: tillitskontroll misslyckades: %s\n"
-
-#: g10/trustdb.c:2592
-#, c-format
-msgid "user '%s' not found: %s\n"
-msgstr "anv�ndaren \"%s\" hittades inte: %s\n"
 
-#: g10/trustdb.c:2594
-#, c-format
-msgid "problem finding '%s' in trustdb: %s\n"
-msgstr "problem att hitta \"%s\" i tillitsdatabasen: %s\n"
-
-#: g10/trustdb.c:2597
-#, c-format
-msgid "user '%s' not in trustdb - inserting\n"
-msgstr "anv�ndaren \"%s\" finns inte tillitsdatabasen - l�gger till\n"
-
-#: g10/trustdb.c:2600
-#, c-format
-msgid "failed to put '%s' into trustdb: %s\n"
-msgstr "misslyckades med att placera \"%s\" i tillitsdatabasen: %s\n"
-
-#: g10/trustdb.c:2786 g10/trustdb.c:2816
-msgid "WARNING: can't yet handle long pref records\n"
-msgstr "VARNING: kan �nnu inte hantera l�nga inst�llningsposter\n"
-
-#: g10/verify.c:82
+#: g10/verify.c:108
 msgid ""
 "the signature could not be verified.\n"
 "Please remember that the signature file (.sig or .asc)\n"
@@ -3386,46 +3881,32 @@ msgstr ""
 "Kom ih�g att signaturfilen (.sig eller .asc)\n"
 "ska vara den f�rst angivna filen p� kommandoraden\n"
 
-#: g10/verify.c:147
+#: g10/verify.c:173
 #, c-format
 msgid "input line %u too long or missing LF\n"
 msgstr "raden %u �r f�r l�ng, eller saknar nyradstecken\n"
 
-#: g10/ringedit.c:296
-#, c-format
-msgid "%s: can't create keyring: %s\n"
-msgstr "%s: kan inte skapa nyckelring: %s\n"
-
-#: g10/ringedit.c:313 g10/ringedit.c:848 g10/ringedit.c:1166
-#, c-format
-msgid "%s: keyring created\n"
-msgstr "%s: nyckelring skapad\n"
-
-# m�rkligt felmeddelande, kolla upp
-#: g10/ringedit.c:1025 g10/ringedit.c:1343
-msgid "WARNING: 2 files with confidential information exists.\n"
-msgstr "VARNING: det finns 2 filer med konfidentiell information.\n"
-
-#: g10/ringedit.c:1026 g10/ringedit.c:1344
-#, c-format
-msgid "%s is the unchanged one\n"
-msgstr "%s �r den of�r�ndrade\n"
+# om n�gon kan tala om f�r mig vad detta betyder skulle jag bli j�tteglad!
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr ""
+"nyckeln �r inte markerad os�ker - g�r inte att anv�nda med fejkad RNG!\n"
 
-#: g10/ringedit.c:1027 g10/ringedit.c:1345
+#: g10/skclist.c:138
 #, c-format
-msgid "%s is the new one\n"
-msgstr "%s �r den nya\n"
-
-#: g10/ringedit.c:1028 g10/ringedit.c:1346
-msgid "Please fix this possible security flaw\n"
-msgstr "L�s detta potentiella s�kerhetsproblem\n"
+msgid "skipped `%s': duplicated\n"
+msgstr "hoppade �ver \"%s\": kopia\n"
 
-#: g10/skclist.c:98
+#: g10/skclist.c:145 g10/skclist.c:153
 #, c-format
 msgid "skipped `%s': %s\n"
 msgstr "hoppade �ver \"%s\": %s\n"
 
-#: g10/skclist.c:105
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "hoppade �ver: hemlig nyckel finns redan\n"
+
+#: g10/skclist.c:160
 #, c-format
 msgid ""
 "skipped `%s': this is a PGP generated ElGamal key which is not secure for "
@@ -3444,92 +3925,101 @@ msgstr "Filen \"%s\" finns. "
 msgid "Overwrite (y/N)? "
 msgstr "Skriv �ver (j/N)? "
 
-#: g10/openfile.c:120
+#: g10/openfile.c:119
 #, c-format
 msgid "%s: unknown suffix\n"
 msgstr "%s: ok�nt suffix\n"
 
-#: g10/openfile.c:142
+#: g10/openfile.c:141
 msgid "Enter new filename"
 msgstr "Ange nytt filnamn"
 
-#: g10/openfile.c:183
+#: g10/openfile.c:184
 msgid "writing to stdout\n"
 msgstr "skriver till standard ut\n"
 
-#: g10/openfile.c:262
+#: g10/openfile.c:273
 #, c-format
 msgid "assuming signed data in `%s'\n"
 msgstr "antar att signera data finns i filen \"%s\"\n"
 
-#: g10/openfile.c:312
+#: g10/openfile.c:323
 #, c-format
 msgid "%s: new options file created\n"
 msgstr "%s: ny inst�llningsfil skapad\n"
 
-#: g10/openfile.c:339
+#: g10/openfile.c:350
 #, c-format
 msgid "%s: can't create directory: %s\n"
 msgstr "%s: kan inte skapa katalog: %s\n"
 
-#: g10/openfile.c:342
+#: g10/openfile.c:353
 #, c-format
 msgid "%s: directory created\n"
 msgstr "%s: katalog skapad\n"
 
 # GnuPG borde v�l ers�ttas med %s?
-#: g10/openfile.c:344
+#: g10/openfile.c:355
 msgid "you have to start GnuPG again, so it can read the new options file\n"
 msgstr "du m�ste starta om GnuPG, s� att den nya inst�llningsfilen kan l�sas\n"
 
-#: g10/encr-data.c:64
-#, c-format
-msgid "encrypted with unknown algorithm %d\n"
-msgstr "krypterad med en ok�nd algoritm %d\n"
-
-#: g10/encr-data.c:69
-#, c-format
-msgid "%s encrypted data\n"
-msgstr "%s krypterad data\n"
-
-#: g10/encr-data.c:99
+#: g10/encr-data.c:91
 msgid ""
 "WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
 msgstr ""
 "VARNING: meddelandet krypterades med en svag nyckel i det symmetriska\n"
 "chiffret.\n"
 
-#: g10/seskey.c:61
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "problem vid hanteringen av krypterat paket\n"
+
+#: g10/seskey.c:52
 msgid "weak key created - retrying\n"
 msgstr "skapade en svag nyckel - f�rs�ker igen\n"
 
-#: g10/seskey.c:66
+#: g10/seskey.c:57
 #, c-format
 msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
 msgstr ""
 "kan inte undvika en svag nyckel f�r symmetriskt chiffer; f�rs�kte\n"
 "%d g�nger!\n"
 
-#: g10/delkey.c:87
-msgid "there is a secret key for this public key!\n"
-msgstr "det finns en hemlig nyckel tillh�rande denna publika nyckel!\n"
-
-#: g10/delkey.c:89
-msgid "use option \"--delete-secret-key\" to delete it first.\n"
-msgstr "anv�nd flaggan \"--delete-secret-key\" f�r att ta bort den f�rst.\n"
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr ""
 
-#: g10/delkey.c:107
+#: g10/delkey.c:116
 msgid "can't do that in batchmode without \"--yes\"\n"
 msgstr "kan inte g�ra s� i batch-l�ge utan flaggan \"--yes\"\n"
 
-#: g10/delkey.c:129
+#: g10/delkey.c:138
 msgid "Delete this key from the keyring? "
 msgstr "Vill du ta bort denna nyckel fr�n nyckelringen? "
 
-#: g10/delkey.c:137
+#: g10/delkey.c:146
 msgid "This is a secret key! - really delete? "
 msgstr "Detta �r en hemlig nyckel! - vill du verkligen ta bort den? "
 
+#: g10/delkey.c:156
+#, fuzzy, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "numrering av nyckelblock misslyckades: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr ""
+
+#: g10/delkey.c:194
+#, fuzzy, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "det finns en hemlig nyckel tillh�rande denna publika nyckel!\n"
+
+#: g10/delkey.c:196
+#, fuzzy
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "anv�nd flaggan \"--delete-secret-key\" f�r att ta bort den f�rst.\n"
+
 #: g10/helptext.c:47
 msgid ""
 "It's up to you to assign a value here; this value will never be exported\n"
@@ -3542,19 +4032,27 @@ msgstr ""
 "n�tet av certifikat."
 
 #: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+
+#: g10/helptext.c:60
 msgid "If you want to use this revoked key anyway, answer \"yes\"."
 msgstr "Om du vill anv�nda denna �terkallade nyckel �nd�, svara \"ja\"."
 
-#: g10/helptext.c:57
+#: g10/helptext.c:64
 msgid "If you want to use this untrusted key anyway, answer \"yes\"."
 msgstr "Om du vill anv�nda denna otillf�rlitliga nyckel �nd�, svara \"ja\"."
 
-#: g10/helptext.c:61
+#: g10/helptext.c:68
 msgid ""
 "Enter the user ID of the addressee to whom you want to send the message."
 msgstr "Ange anv�ndaridentiteten till vilken du vill skicka meddelandet."
 
-#: g10/helptext.c:65
+#: g10/helptext.c:72
 msgid ""
 "Select the algorithm to use.\n"
 "\n"
@@ -3594,7 +4092,7 @@ msgstr ""
 "f�r att skapa signaturer. Detta �r anledningen till att den ElGamal-variant\n"
 "som bara krypterar inte �r tillg�nglig i denna meny"
 
-#: g10/helptext.c:85
+#: g10/helptext.c:92
 msgid ""
 "Although these keys are defined in RFC2440 they are not suggested\n"
 "because they are not supported by all programs and signatures created\n"
@@ -3604,16 +4102,16 @@ msgstr ""
 "att anv�nda dem eftersom de inte st�ds i alla program och signaturer\n"
 "skapade med dem �r stora och mycket l�ngsamma att verifiera."
 
-#: g10/helptext.c:92
+#: g10/helptext.c:99
 msgid "Enter the size of the key"
 msgstr "Ange storleken p� nyckeln"
 
-#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
-#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
 msgid "Answer \"yes\" or \"no\""
 msgstr "Svara \"ja\" eller \"nej\""
 
-#: g10/helptext.c:106
+#: g10/helptext.c:113
 msgid ""
 "Enter the required value as shown in the prompt.\n"
 "It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
@@ -3625,19 +4123,19 @@ msgstr ""
 "inte att f� n�got vettigt felmeddelande - ist�llet kommer systemet\n"
 "att f�rs�ka tolka det angivna v�rdet som ett intervall."
 
-#: g10/helptext.c:118
+#: g10/helptext.c:125
 msgid "Enter the name of the key holder"
 msgstr "Ange namnet p� nyckelns �gare"
 
-#: g10/helptext.c:123
+#: g10/helptext.c:130
 msgid "please enter an optional but highly suggested email address"
 msgstr "ange en epostadress. Detta �r valfritt men rekommenderas varmt"
 
-#: g10/helptext.c:127
+#: g10/helptext.c:134
 msgid "Please enter an optional comment"
 msgstr "Ange en valfri kommentar"
 
-#: g10/helptext.c:132
+#: g10/helptext.c:139
 msgid ""
 "N  to change the name.\n"
 "C  to change the comment.\n"
@@ -3651,16 +4149,57 @@ msgstr ""
 "O  f�r att forts�tta med nyckelgenerering.\n"
 "Q  f�r att avsluta nyckelgenereringen."
 
-#: g10/helptext.c:141
+#: g10/helptext.c:148
 msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
 msgstr "Svara \"ja\" (eller bara \"j\") om du vill generera denna undernyckel."
 
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+
 # felstavat original
-#: g10/helptext.c:164
+#: g10/helptext.c:194
 msgid "Answer \"yes\" is you want to sign ALL the user IDs"
 msgstr "Svara \"ja\" om du vill signera ALLA anv�ndaridentiteter"
 
-#: g10/helptext.c:168
+#: g10/helptext.c:198
 msgid ""
 "Answer \"yes\" if you really want to delete this user ID.\n"
 "All certificates are then also lost!"
@@ -3668,11 +4207,11 @@ msgstr ""
 "Svara \"ja\" om du verkligen vill ta bort denna anv�ndaridentitet.\n"
 "Alla certifikat kommer att g� f�rlorade!"
 
-#: g10/helptext.c:173
+#: g10/helptext.c:203
 msgid "Answer \"yes\" if it is okay to delete the subkey"
 msgstr "Svara \"ja\" om du vill ta bort denna undernyckel"
 
-#: g10/helptext.c:178
+#: g10/helptext.c:208
 msgid ""
 "This is a valid signature on the key; you normally don't want\n"
 "to delete this signature because it may be important to establish a\n"
@@ -3683,7 +4222,7 @@ msgstr ""
 "en tillitskoppling till nyckeln eller en annan nyckel som �r\n"
 "certifierad av denna nyckel."
 
-#: g10/helptext.c:183
+#: g10/helptext.c:213
 msgid ""
 "This signature can't be checked because you don't have the\n"
 "corresponding key.  You should postpone its deletion until you\n"
@@ -3695,7 +4234,7 @@ msgstr ""
 "vet vilken nyckel som anv�ndes eftersom den nyckeln kanske uppr�ttar\n"
 "en tillitskoppling genom en annan redan certifierad nyckel."
 
-#: g10/helptext.c:189
+#: g10/helptext.c:219
 msgid ""
 "The signature is not valid.  It does make sense to remove it from\n"
 "your keyring."
@@ -3704,7 +4243,7 @@ msgstr ""
 "din nyckelring."
 
 # borde inge GnuPG bytas ut mot gpg eller �nnu b�ttre %s?
-#: g10/helptext.c:193
+#: g10/helptext.c:223
 msgid ""
 "This is a signature which binds the user ID to the key. It is\n"
 "usually not a good idea to remove such a signature.  Actually\n"
@@ -3718,29 +4257,35 @@ msgstr ""
 "mer. S� g�r bara detta om denna sj�lvsignatur av n�gon anledning �r\n"
 "ogiltig och det finns en andra signatur som tillg�nglig."
 
-# ej klar, eller?
-#: g10/helptext.c:202
+#: g10/helptext.c:231
 msgid ""
-"Please enter the passhrase; this is a secret sentence \n"
-"  Blurb, blurb,.... "
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+
+# ej klar, eller?
+#: g10/helptext.c:238
+#, fuzzy
+msgid "Please enter the passhrase; this is a secret sentence \n"
 msgstr ""
 "Ange en l�senordsfras. Detta �r en hemlig mening\n"
 "[hj�lptexten ej f�rdigst�lld]"
 
-#: g10/helptext.c:209
+#: g10/helptext.c:244
 msgid "Please repeat the last passphrase, so you are sure what you typed in."
 msgstr "Reptera l�senordsfrasen, s� du �r s�ker p� vad du skrev in."
 
 # # felstavat/ologiskt original
-#: g10/helptext.c:213
+#: g10/helptext.c:248
 msgid "Give the name of the file to which the signature applies"
 msgstr "Ange namnet p� den fil signaturen g�ller"
 
-#: g10/helptext.c:218
+#: g10/helptext.c:253
 msgid "Answer \"yes\" if it is okay to overwrite the file"
 msgstr "Svara \"ja\" om det du vill skriva �ver filen"
 
-#: g10/helptext.c:223
+#: g10/helptext.c:258
 msgid ""
 "Please enter a new filename. If you just hit RETURN the default\n"
 "file (which is shown in brackets) will be used."
@@ -3748,15 +4293,14 @@ msgstr ""
 "Ange ett nytt filnamn. Om du bara trycker RETUR kommer standarfilnamnet\n"
 "(som anges i hakparenteser) att anv�ndas."
 
-#: g10/helptext.c:229
-#, fuzzy
+#: g10/helptext.c:264
 msgid ""
 "You should specify a reason for the certification.  Depending on the\n"
 "context you have the ability to choose from this list:\n"
 "  \"Key has been compromised\"\n"
 "      Use this if you have a reason to believe that unauthorized persons\n"
 "      got access to your secret key.\n"
-"  \"Key is superseeded\"\n"
+"  \"Key is superseded\"\n"
 "      Use this if you have replaced this key with a newer one.\n"
 "  \"Key is no longer used\"\n"
 "      Use this if you have retired this key.\n"
@@ -3777,9 +4321,9 @@ msgstr ""
 "  \"Anv�ndaridentiteten �r inte l�ngre giltig\"\n"
 "     Anv�nd denna f�r att visa att denna anv�ndaridentitet inte l�ngre\n"
 "     skall anv�ndas. Detta anv�nds normalt f�r att visa att en epostadress\n"
-"     �r ogiltig\n"
+"     �r ogiltig.\n"
 
-#: g10/helptext.c:245
+#: g10/helptext.c:280
 msgid ""
 "If you like, you can enter a text describing why you issue this\n"
 "revocation certificate.  Please keep this text concise.\n"
@@ -3789,54 +4333,347 @@ msgstr ""
 "detta �terkallelsecertifikat. F�rs�k att h�lla texten kort och koncis.\n"
 "En tom rad avslutar texten.\n"
 
-#: g10/helptext.c:260
+#: g10/helptext.c:295
 msgid "No help available"
 msgstr "Det finns ingen hj�lp tillg�nglig"
 
-#: g10/helptext.c:268
+#: g10/helptext.c:303
 #, c-format
 msgid "No help available for `%s'"
 msgstr "Det finns ingen hj�lp tillg�nglig f�r \"%s\""
 
-#~ msgid "certificate read problem: %s\n"
-#~ msgstr "fel vid l�sning av certifikat: %s\n"
+#: g10/keydb.c:177
+#, fuzzy, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "fel vid skrivning av nyckelringen \"%s\": %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr ""
+
+#: g10/keydb.c:197
+#, fuzzy, c-format
+msgid "keyring `%s' created\n"
+msgstr "%s: nyckelring skapad\n"
+
+#: g10/keydb.c:587
+#, fuzzy, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "%s: misslyckades med att skapa hash-tabell: %s\n"
+
+# m�rkligt felmeddelande, kolla upp
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "VARNING: det finns 2 filer med konfidentiell information.\n"
 
-#~ msgid "RSA key cannot be used in this version\n"
-#~ msgstr "det g�r inte att anv�nda RSA-nycklar i denna version\n"
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s �r den of�r�ndrade\n"
 
-#~ msgid "No key for user ID\n"
-#~ msgstr "Ingen nyckel f�r anv�ndaridentiteten\n"
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s �r den nya\n"
 
-#~ msgid "No user ID for key\n"
-#~ msgstr "Inget anv�ndarid f�r nyckel\n"
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "L�s detta potentiella s�kerhetsproblem\n"
 
-#~ msgid "no default public keyring\n"
-#~ msgstr "ingen f�rvald publik nyckel\n"
+#: g10/keyring.c:1337
+#, fuzzy, c-format
+msgid "checking keyring `%s'\n"
+msgstr "kan inte l�sa nyckelringen \"%s\": %s\n"
 
-#~ msgid "can't lock keyring `%s': %s\n"
-#~ msgstr "kan inte l�sa nyckelringen \"%s\": %s\n"
+#: g10/keyring.c:1368
+#, fuzzy, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "har behandlat %lu nycklar hittills\n"
 
-#~ msgid "key %08lX: can't read original keyblock: %s\n"
-#~ msgstr "nyckel %08lX: kan inte l�sa det ursprungliga nyckelblocket %s\n"
+#: g10/keyring.c:1379
+#, fuzzy, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "r�kna upp nycklar och signaturer"
 
-#~ msgid "%s: user not found\n"
-#~ msgstr "%s: hittade inte anv�ndaren\n"
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: nyckelring skapad\n"
+
+#, fuzzy
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "�r du s�ker p� att du vill ha denna nyckelstorlek? "
+
+#, fuzzy
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "�r du s�ker p� att du vill ha denna nyckelstorlek? "
+
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Vill du verkligen signera? "
+
+#~ msgid "too many random bits requested; the limit is %d\n"
+#~ msgstr "f�r m�nga slumpm�ssiga bitar efterfr�gades; maximalt antal �r %d\n"
+
+#~ msgid "|[NAMES]|check the trust database"
+#~ msgstr "|[NAMN]|kontrollera tillitsdatabasen"
+
+#~ msgid "--delete-secret-key user-id"
+#~ msgstr "--delete-secret-key anv�ndaridentitet"
+
+#~ msgid "--delete-key user-id"
+#~ msgstr "--delete-key anv�ndaridentitet"
+
+#~ msgid "--delete-secret-and-public-key user-id"
+#~ msgstr "--delete-secret-and-public-key anv�ndaridentitet"
+
+#~ msgid "For info see http://www.gnupg.org"
+#~ msgstr "F�r information se http://www.gnupg.org/"
+
+# v�rdena st�r f�r s = show me more info,  m = back to menu, q = quit
+# hur skall s�dant internationaliseras p� ett bra s�tt?
+#~ msgid "sSmMqQ"
+#~ msgstr "sSmMqQ"
 
-# maila gnupg-bugs om konstigt felmeddelande, man skapar nycklar i pluralis
 #~ msgid ""
-#~ "RSA keys are deprecated; please consider creating a new key and use this key "
-#~ "in the future\n"
+#~ "Could not find a valid trust path to the key.  Let's see whether we\n"
+#~ "can assign some missing owner trust values.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kunde inte hitta n�gon giltig tillitsv�g till nyckeln. L�t oss se om vi "
+#~ "kan\n"
+#~ "tilldela n�gra av de �gartillitsv�rden som saknas\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No path leading to one of our keys found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "En av de funna nycklarna saknar tillitsv�g.\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No certificates with undefined trust found.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Hittade inga certifikat med odefinierat tillitv�rde\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "No trust values changed.\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Inga tillitsv�rden �ndrade.\n"
+#~ "\n"
+
+#~ msgid "%08lX: no info to calculate a trust probability\n"
+#~ msgstr ""
+#~ "%08lX: det finns ingen information f�r att ber�kna ett tillitv�rde\n"
+
+#~ msgid "Enter the user ID: "
+#~ msgstr "Ange anv�ndaridentiteten: "
+
+#~ msgid "skipped: public key already set with --encrypt-to\n"
+#~ msgstr "hoppade �ver: publik nyckel �r redan angiven med --encrypt-to\n"
+
+#~ msgid "%s: error checking key: %s\n"
+#~ msgstr "%s: fel vid kontroll av nyckeln: %s\n"
+
+#~ msgid "   (%d) RSA (sign and encrypt)\n"
+#~ msgstr "   (%d) RSA (signering och kryptering)\n"
+
+#~ msgid "Do you really want to create a sign and encrypt key? "
+#~ msgstr "Vill du verkligen skapa en nyckel f�r signering och kryptering? "
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Beh�ver du verkligen en s� stor nyckelstorlek? "
+
+#~ msgid "%s: user not found: %s\n"
+#~ msgstr "%s: hittade inte anv�ndaren: %s\n"
+
+#~ msgid "certificate read problem: %s\n"
+#~ msgstr "fel vid l�sning av certifikat: %s\n"
+
+#~ msgid "too many entries in unk cache - disabled\n"
+#~ msgstr "f�r m�nga poster i unk-cachen - inaktiverad\n"
+
+#~ msgid "secret key %08lX not imported (use %s to allow for it)\n"
 #~ msgstr ""
-#~ "RSA-nycklar �r f�rlegade; �verv�g att skapa nya nycklar och anv�nd dessa i "
-#~ "framtiden\n"
+#~ "den hemliga nyckeln %08lX importerades inte (anv�nd %s f�r att till�ta)\n"
 
-#~ msgid "not processed"
-#~ msgstr "inte behandlade"
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "nyckel %08lX: v�r kopia har ingen sj�lvsignatur\n"
+
+#~ msgid "%s: user not found\n"
+#~ msgstr "%s: hittade inte anv�ndaren\n"
+
+#~ msgid "update of trustdb failed: %s\n"
+#~ msgstr "uppdateringen av tillitsdatabasen misslyckades: %s\n"
+
+#~ msgid "no keyserver known (use option --keyserver)\n"
+#~ msgstr "k�nner inte till n�gon nyckelserver (anv�nd flaggan --keyserver)\n"
+
+#~ msgid "%s: not a valid key ID\n"
+#~ msgstr "%s: ogiltig nyckelidentitet\n"
 
 #~ msgid "assuming bad MDC due to an unknown critical bit\n"
 #~ msgstr "antar att MDC �r felaktig eftersom en ok�nd kritisk bit �r satt\n"
 
-# om n�gon kan tala om f�r mig vad detta betyder skulle jag bli j�tteglad!
-#~ msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+# LID betyder local id och �r serienumret i den lokala databasen
+# f�r en given nyckel
+#~ msgid "error reading dir record for LID %lu: %s\n"
+#~ msgstr "fel vid l�sning av katalogpost f�r lokalt id %lu: %s\n"
+
+#~ msgid "lid %lu: expected dir record, got type %d\n"
+#~ msgstr "lokalt id %lu: v�ntade en katalogpost, fick en post av typen %d\n"
+
+#~ msgid "no primary key for LID %lu\n"
+#~ msgstr "ingen prim�r nyckel f�r lokalt id %lu\n"
+
+#~ msgid "error reading primary key for LID %lu: %s\n"
+#~ msgstr "fel vid l�sning av prim�r nyckel f�r lokalt id %lu: %s\n"
+
+#~ msgid "get_dir_record: search_record failed: %s\n"
+#~ msgstr "get_dir_record: search_record misslyckades: %s\n"
+
+#~ msgid "key %08lX: query record failed\n"
+#~ msgstr "nyckel %08lX: uppslagning av post misslyckades\n"
+
+#~ msgid "key %08lX: already in trusted key table\n"
+#~ msgstr "nyckel %08lX: finns redan i tabellen �ver p�litliga nycklar\n"
+
+#~ msgid "NOTE: secret key %08lX is NOT protected.\n"
+#~ msgstr "OBSERVERA: den hemliga nyckeln %08lX �r INTE skyddad.\n"
+
+#~ msgid "key %08lX: secret and public key don't match\n"
+#~ msgstr "nyckel %08lX: hemlig och publik nyckel st�mmer inte �verens\n"
+
+#~ msgid "enumerate secret keys failed: %s\n"
+#~ msgstr "numrering av hemliga nycklar misslyckades: %s\n"
+
+#~ msgid "key %08lX.%lu: Good subkey binding\n"
+#~ msgstr "nyckel: %08lX.%lu: Korrekt bindning till undernyckel\n"
+
+#~ msgid "key %08lX.%lu: Invalid subkey binding: %s\n"
+#~ msgstr "nyckel %08lX.%lu: Felaktig bindning till undernyckel: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid key revocation\n"
+#~ msgstr "nyckel %08lX.%lu: Giltig �terkallelse av nyckel\n"
+
+#~ msgid "key %08lX.%lu: Invalid key revocation: %s\n"
+#~ msgstr "nyckel %08lX.%lu: Felaktig �terkallelse av nyckel: %s\n"
+
+#~ msgid "key %08lX.%lu: Valid subkey revocation\n"
+#~ msgstr "nyckel %08lX.%lu: Giltig �terkallelse av undernyckel\n"
+
+#~ msgid "Good self-signature"
+#~ msgstr "Korrekt sj�lvsignatur"
+
+#~ msgid "Invalid self-signature"
+#~ msgstr "Felaktig sj�lvsignatur"
+
+# detta verkar mycket m�rkligt. N�gon borde kanske f� en f�rklaring fr�n
+# gnupg-utvecklarna?
+#~ msgid "Valid user ID revocation skipped due to a newer self signature"
+#~ msgstr ""
+#~ "Hoppade �ver en giltig �terkallelse av anv�ndaridentiteten p�\n"
+#~ "grund av en nyare sj�lvsignatur"
+
+#~ msgid "Valid user ID revocation"
+#~ msgstr "Giltig �terkallelse av anv�ndaridentitet"
+
+#~ msgid "Invalid user ID revocation"
+#~ msgstr "Ogiltig �terkallelse av anv�ndaridentitet"
+
+#~ msgid "Valid certificate revocation"
+#~ msgstr "Giltig �terkallelse av certifikat"
+
+#~ msgid "Good certificate"
+#~ msgstr "Korrekt certifikat"
+
+#~ msgid "Invalid certificate revocation"
+#~ msgstr "Ogiltig �terkallelse av certifikat "
+
+#~ msgid "Invalid certificate"
+#~ msgstr "Ogiltigt certifikat"
+
+#~ msgid "sig record %lu[%d] points to wrong record.\n"
+#~ msgstr "signaturpost %lu[%d] pekar mot fel post.\n"
+
+#~ msgid "duplicated certificate - deleted"
+#~ msgstr "dubblett av certifikat - borttaget"
+
+#~ msgid "tdbio_search_dir failed: %s\n"
+#~ msgstr "tdbio_search_dir misslyckades: %s\n"
+
+#~ msgid "lid ?: insert failed: %s\n"
+#~ msgstr "lokalt id ?: till�gg misslyckades: %s\n"
+
+#~ msgid "lid %lu: insert failed: %s\n"
+#~ msgstr "lokalt id %lu: till�gg misslyckades: %s\n"
+
+#~ msgid "lid %lu: inserted\n"
+#~ msgstr "lokalt id %lu: lades till\n"
+
+#~ msgid "error reading dir record: %s\n"
+#~ msgstr "fel vid l�sning av katalogpost: %s\n"
+
+#~ msgid "\t%lu keys with errors\n"
+#~ msgstr "\t%lu nycklar med fel\n"
+
+#~ msgid "\t%lu keys inserted\n"
+#~ msgstr "\t%lu nycklar tillagda\n"
+
+#~ msgid "lid %lu: dir record w/o key - skipped\n"
+#~ msgstr "lokalt id %lu: katalogpost utan nyckel - hoppade �ver\n"
+
+#~ msgid "\t%lu due to new pubkeys\n"
+#~ msgstr "\t%lu p� grund av nya publika nycklar\n"
+
+#~ msgid "\t%lu keys skipped\n"
+#~ msgstr "\t%lu nycklar hoppades �ver\n"
+
+#~ msgid "\t%lu keys updated\n"
+#~ msgstr "\t%lu nycklar uppdaterades\n"
+
+#~ msgid "Ooops, no keys\n"
+#~ msgstr "Ooops, inga nycklar\n"
+
+#~ msgid "Ooops, no user IDs\n"
+#~ msgstr "Ooops, inga anv�ndaridentiteter\n"
+
+#~ msgid "check_trust: search dir record failed: %s\n"
+#~ msgstr "check_trust: s�kning av katalogpost misslyckades: %s\n"
+
+#~ msgid "key %08lX: insert trust record failed: %s\n"
+#~ msgstr "nyckel %08lX: till�gg av tillitspost misslyckades: %s\n"
+
+#~ msgid "key %08lX.%lu: inserted into trustdb\n"
+#~ msgstr "nyckel %08lX.%lu: lades till i tillitsdatabasen\n"
+
+#~ msgid "key %08lX.%lu: created in future (time warp or clock problem)\n"
 #~ msgstr ""
-#~ "nyckeln �r inte markerad os�ker - g�r inte att anv�nda med fejkad RNG!\n"
+#~ "nyckel %08lX.%lu: skapad i framtiden (problemet �r relaterat till\n"
+#~ "tidsresande eller en felst�lld klocka)\n"
+
+#~ msgid "key %08lX.%lu: expired at %s\n"
+#~ msgstr "nyckel %08lX.%lu: gick ut %s\n"
+
+#~ msgid "key %08lX.%lu: trust check failed: %s\n"
+#~ msgstr "nyckel %08lX.%lu: tillitskontroll misslyckades: %s\n"
+
+#~ msgid "problem finding '%s' in trustdb: %s\n"
+#~ msgstr "problem att hitta \"%s\" i tillitsdatabasen: %s\n"
+
+#~ msgid "user '%s' not in trustdb - inserting\n"
+#~ msgstr "anv�ndaren \"%s\" finns inte tillitsdatabasen - l�gger till\n"
+
+#~ msgid "failed to put '%s' into trustdb: %s\n"
+#~ msgstr "misslyckades med att placera \"%s\" i tillitsdatabasen: %s\n"
+
+#~ msgid "WARNING: can't yet handle long pref records\n"
+#~ msgstr "VARNING: kan �nnu inte hantera l�nga inst�llningsposter\n"
+
+#~ msgid "%s: can't create keyring: %s\n"
+#~ msgstr "%s: kan inte skapa nyckelring: %s\n"
diff --git a/po/tr.po b/po/tr.po
new file mode 100644
index 000000000..bd5d658f4
--- /dev/null
+++ b/po/tr.po
@@ -0,0 +1,4380 @@
+# Turkish translations for GnuPG messages.
+# Copyright (C) 2002 Free Software Foundation, Inc.
+# Nilgün Belma Bugüner <[email protected]>, 2001, 2002.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: gnupg 1.0.7\n"
+"POT-Creation-Date: 2002-04-29 17:09+0200\n"
+"PO-Revision-Date: 2002-04-21 15:14+0300\n"
+"Last-Translator: Nilgün Belma Bugüner <[email protected]>\n"
+"Language-Team: Turkish <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 0.9.6\n"
+
+#: util/secmem.c:88
+msgid "Warning: using insecure memory!\n"
+msgstr "Uyarı: kullanılan bellek güvenli değil!\n"
+
+#: util/secmem.c:89
+msgid "please see http://www.gnupg.org/faq.html for more information\n"
+msgstr ""
+"Daha geniş bilgi edinmek için http://www.gnupg.org/faq.html adresine "
+"bakınız\n"
+
+#: util/secmem.c:326
+msgid "operation is not possible without initialized secure memory\n"
+msgstr "güvenli bellek hazırlanmadan işlem yapmak mümkün değil\n"
+
+#: util/secmem.c:327
+msgid "(you may have used the wrong program for this task)\n"
+msgstr "(bu görev için yanlış program kullanmış olabilirsiniz)\n"
+
+#: util/miscutil.c:296 util/miscutil.c:331
+msgid "yes"
+msgstr "evet"
+
+#: util/miscutil.c:297 util/miscutil.c:334
+msgid "yY"
+msgstr "eE"
+
+#: util/miscutil.c:298 util/miscutil.c:332
+msgid "no"
+msgstr "hayır"
+
+#: util/miscutil.c:299 util/miscutil.c:335
+msgid "nN"
+msgstr "hH"
+
+#: g10/keyedit.c:815 util/miscutil.c:333
+msgid "quit"
+msgstr "çıkış"
+
+#: util/miscutil.c:336
+msgid "qQ"
+msgstr "çÇ"
+
+#: util/errors.c:54
+msgid "general error"
+msgstr "genel hata"
+
+#: util/errors.c:55
+msgid "unknown packet type"
+msgstr "bilinmeyen paket tipi"
+
+#: util/errors.c:56
+msgid "unknown version"
+msgstr "bilinmeyen sürüm"
+
+#: util/errors.c:57
+msgid "unknown pubkey algorithm"
+msgstr "bilinmeyen genel anahtar algoritması"
+
+#: util/errors.c:58
+msgid "unknown digest algorithm"
+msgstr "bilinmeyen özümleme algoritması"
+
+#: util/errors.c:59
+msgid "bad public key"
+msgstr "genel anahtar hatalı"
+
+#: util/errors.c:60
+msgid "bad secret key"
+msgstr "gizli anahtar hatalı"
+
+#: util/errors.c:61
+msgid "bad signature"
+msgstr "imza hatalı"
+
+#: util/errors.c:62
+msgid "checksum error"
+msgstr "\"checksum\" hatası"
+
+#: util/errors.c:63
+msgid "bad passphrase"
+msgstr "anahtar parolası hatalı"
+
+#: util/errors.c:64
+msgid "public key not found"
+msgstr "genel anahtar bulunamadı"
+
+#: util/errors.c:65
+msgid "unknown cipher algorithm"
+msgstr "bilinmeyen şifre algoritması"
+
+#: util/errors.c:66
+msgid "can't open the keyring"
+msgstr "anahtar zinciri açılamadı"
+
+#: util/errors.c:67
+msgid "invalid packet"
+msgstr "geçersiz paket"
+
+#: util/errors.c:68
+msgid "invalid armor"
+msgstr "geçersiz zırh"
+
+#: util/errors.c:69
+msgid "no such user id"
+msgstr "böyle bir kullanıcı kimliği yok"
+
+#: util/errors.c:70
+msgid "secret key not available"
+msgstr "gizli anahtar kullanışsız"
+
+#: util/errors.c:71
+msgid "wrong secret key used"
+msgstr "yanlış gizli anahtar kullanılmış"
+
+#: util/errors.c:72
+msgid "not supported"
+msgstr "desteklenmiyor"
+
+#: util/errors.c:73
+msgid "bad key"
+msgstr "anahtar hatalı"
+
+#: util/errors.c:74
+msgid "file read error"
+msgstr "dosya okuma hatası"
+
+#: util/errors.c:75
+msgid "file write error"
+msgstr "dosya yazma hatası"
+
+#: util/errors.c:76
+msgid "unknown compress algorithm"
+msgstr "bilinmeyen sıkıştırma algoritması"
+
+#: util/errors.c:77
+msgid "file open error"
+msgstr "dosya açma hatası"
+
+#: util/errors.c:78
+msgid "file create error"
+msgstr "dosya oluşturma hatası"
+
+#: util/errors.c:79
+msgid "invalid passphrase"
+msgstr "anahtar parolası geçersiz"
+
+#: util/errors.c:80
+msgid "unimplemented pubkey algorithm"
+msgstr "tamamlanmamış genel anahtar algoritması"
+
+#: util/errors.c:81
+msgid "unimplemented cipher algorithm"
+msgstr "tamamlanmamış şifre algoritması"
+
+#: util/errors.c:82
+msgid "unknown signature class"
+msgstr "bilinmeyen imza sınıfı"
+
+#: util/errors.c:83
+msgid "trust database error"
+msgstr "güvence veritabanı hatası"
+
+#: util/errors.c:84
+msgid "bad MPI"
+msgstr "MPI hatalı"
+
+#: util/errors.c:85
+msgid "resource limit"
+msgstr "iç kaynak sınırı"
+
+#: util/errors.c:86
+msgid "invalid keyring"
+msgstr "anahtar zinciri geçersiz"
+
+#: util/errors.c:87
+msgid "bad certificate"
+msgstr "sertifika hatalı"
+
+#: util/errors.c:88
+msgid "malformed user id"
+msgstr "kullanıcı kimliği bozuk"
+
+#: util/errors.c:89
+msgid "file close error"
+msgstr "dosya kapama hatası"
+
+#: util/errors.c:90
+msgid "file rename error"
+msgstr "dosya isim değiştirme hatası"
+
+#: util/errors.c:91
+msgid "file delete error"
+msgstr "dosya silme hatası"
+
+#: util/errors.c:92
+msgid "unexpected data"
+msgstr "beklenmeyen veri"
+
+#: util/errors.c:93
+msgid "timestamp conflict"
+msgstr "zaman damgası çelişkili"
+
+#: util/errors.c:94
+msgid "unusable pubkey algorithm"
+msgstr "genel anahtar algoritması kullanışsız"
+
+#: util/errors.c:95
+msgid "file exists"
+msgstr "dosya mevcut"
+
+#: util/errors.c:96
+msgid "weak key"
+msgstr "anahtar zayıf"
+
+#: util/errors.c:97
+msgid "invalid argument"
+msgstr "geçersiz argüman"
+
+#: util/errors.c:98
+msgid "bad URI"
+msgstr "URI hatalı"
+
+#: util/errors.c:99
+msgid "unsupported URI"
+msgstr "desteklenmeyen URI"
+
+#: util/errors.c:100
+msgid "network error"
+msgstr "ağ hatası"
+
+#: util/errors.c:102
+msgid "not encrypted"
+msgstr "şifrelenemedi"
+
+#: util/errors.c:103
+msgid "not processed"
+msgstr "işlenemedi"
+
+#. the key cannot be used for a specific usage
+#: util/errors.c:105
+msgid "unusable public key"
+msgstr "genel anahtar kullanımdışı"
+
+#: util/errors.c:106
+msgid "unusable secret key"
+msgstr "gizli anahtar kullanımdışı"
+
+#: util/errors.c:107
+msgid "keyserver error"
+msgstr "anahtar sunucusu hatası"
+
+#: util/logger.c:249
+#, c-format
+msgid "... this is a bug (%s:%d:%s)\n"
+msgstr "... bu bir yazılım hatası (%s:%d:%s)\n"
+
+#: util/logger.c:255
+#, c-format
+msgid "you found a bug ... (%s:%d)\n"
+msgstr "bir yazılım hatası buldunuz ... (%s:%d)\n"
+
+#: cipher/random.c:320 g10/import.c:145 g10/keygen.c:1565
+#, c-format
+msgid "can't open `%s': %s\n"
+msgstr "`%s' açılamıyor: %s\n"
+
+#: cipher/random.c:324
+#, c-format
+msgid "can't stat `%s': %s\n"
+msgstr "`%s' durumlanamıyor: %s\n"
+
+#: cipher/random.c:329
+#, c-format
+msgid "`%s' is not a regular file - ignored\n"
+msgstr "`%s' düzenli bir dosya değil - görülmedi\n"
+
+#: cipher/random.c:334
+msgid "note: random_seed file is empty\n"
+msgstr "not: \"random_seed\" dosyası boş\n"
+
+#: cipher/random.c:340
+msgid "warning: invalid size of random_seed file - not used\n"
+msgstr "uyarı: \"random_seed\" dosyasının boyu hatalı - kullanılmadı\n"
+
+#: cipher/random.c:348
+#, c-format
+msgid "can't read `%s': %s\n"
+msgstr "\"%s\" okunamıyor: %s\n"
+
+#: cipher/random.c:386
+msgid "note: random_seed file not updated\n"
+msgstr "bilgi: \"random_seed\" dosyası güncel değil\n"
+
+#: cipher/random.c:406
+#, c-format
+msgid "can't create `%s': %s\n"
+msgstr "\"%s\" oluşturulamıyor: %s\n"
+
+#: cipher/random.c:413
+#, c-format
+msgid "can't write `%s': %s\n"
+msgstr "\"%s\" yazılamıyor: %s\n"
+
+#: cipher/random.c:416
+#, c-format
+msgid "can't close `%s': %s\n"
+msgstr "\"%s\" kapatılamıyor: %s\n"
+
+#: cipher/random.c:662
+msgid "WARNING: using insecure random number generator!!\n"
+msgstr "UYARI: kullanılan rasgele sayı üreteci güvenli değil!!\n"
+
+#: cipher/random.c:663
+msgid ""
+"The random number generator is only a kludge to let\n"
+"it run - it is in no way a strong RNG!\n"
+"\n"
+"DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
+"\n"
+msgstr ""
+"Rasgele sayı üreteci kendi halinde çalışan\n"
+"bir kukla - güvenilir bir RSÜ değil!\n"
+"\n"
+"BU PROGRAMLA ÜRETİLMİŞ HİÇBİR VERİYİ KULLANMAYIN!!\n"
+"\n"
+
+#: cipher/rndlinux.c:142
+#, c-format
+msgid ""
+"\n"
+"Not enough random bytes available.  Please do some other work to give\n"
+"the OS a chance to collect more entropy! (Need %d more bytes)\n"
+msgstr ""
+"\n"
+"Rasgele üretilen baytlar yetersiz. Lütfen bazı işlemler yaparak\n"
+"daha fazla rasgele bayt toplayabilmesi için işletim sistemine\n"
+"yardımcı olun! (%d bayt daha gerekiyor)\n"
+
+#: g10/g10.c:287
+msgid ""
+"@Commands:\n"
+" "
+msgstr ""
+"@Komutlar:\n"
+" "
+
+#: g10/g10.c:289
+msgid "|[file]|make a signature"
+msgstr "|[dosya]|bir imza yapar"
+
+#: g10/g10.c:290
+msgid "|[file]|make a clear text signature"
+msgstr "|[dosya]|açıkça okunabilen bir imza yapar"
+
+#: g10/g10.c:291
+msgid "make a detached signature"
+msgstr "bağımsız bir imza yapar"
+
+#: g10/g10.c:292
+msgid "encrypt data"
+msgstr "veriyi şifreler"
+
+#: g10/g10.c:293
+msgid "|[files]|encrypt files"
+msgstr "|[dosyalar]|dosyalar şifrelenir"
+
+#: g10/g10.c:294
+msgid "encryption only with symmetric cipher"
+msgstr "sadece simetrik şifre ile şifreler"
+
+#: g10/g10.c:295
+msgid "store only"
+msgstr "sadece saklar"
+
+#: g10/g10.c:296
+msgid "decrypt data (default)"
+msgstr "veri şifresini açar (öntanımlı)"
+
+#: g10/g10.c:297
+msgid "|[files]|decrypt files"
+msgstr "|[dosyalar]|dosyaların şifresi açılır"
+
+#: g10/g10.c:298
+msgid "verify a signature"
+msgstr "bir imzayı doğrular"
+
+#: g10/g10.c:300
+msgid "list keys"
+msgstr "anahtarları listeler"
+
+#: g10/g10.c:302
+msgid "list keys and signatures"
+msgstr "anahtarları ve imzaları listeler"
+
+#: g10/g10.c:303
+msgid "check key signatures"
+msgstr "anahtar imzalarını kontrol eder"
+
+#: g10/g10.c:304
+msgid "list keys and fingerprints"
+msgstr "anahtarları ve parmak izlerini listeler"
+
+#: g10/g10.c:305
+msgid "list secret keys"
+msgstr "gizli anahtarları listeler"
+
+#: g10/g10.c:306
+msgid "generate a new key pair"
+msgstr "yeni bir anahtar çifti üretir"
+
+#: g10/g10.c:307
+msgid "remove keys from the public keyring"
+msgstr "anahtarları genel anahtar zincirinden siler"
+
+#: g10/g10.c:309
+msgid "remove keys from the secret keyring"
+msgstr "anahtarları gizli anahtar zincirinden siler"
+
+#: g10/g10.c:310
+msgid "sign a key"
+msgstr "bir anahtarı imzalar"
+
+#: g10/g10.c:311
+msgid "sign a key locally"
+msgstr "bir anahtarı yerel olarak imzalar"
+
+#: g10/g10.c:312
+msgid "sign a key non-revocably"
+msgstr "bir anahtarı iptal edilemez olarak imzalar"
+
+#: g10/g10.c:313
+msgid "sign a key locally and non-revocably"
+msgstr "bir anahtarı yerel ve iptal edilemez olarak imzalar"
+
+#: g10/g10.c:314
+msgid "sign or edit a key"
+msgstr "bir anahtarı düzenler ve imzalar"
+
+#: g10/g10.c:315
+msgid "generate a revocation certificate"
+msgstr "bir yürürlükten kaldırma sertifikası üretir"
+
+#: g10/g10.c:316
+msgid "export keys"
+msgstr "anahtarları gönderir"
+
+#: g10/g10.c:317
+msgid "export keys to a key server"
+msgstr "anahtarları bir anahtar sunucusuna gönderir"
+
+#: g10/g10.c:318
+msgid "import keys from a key server"
+msgstr "anahtarları bir anahtar sunucusundan indirir"
+
+#: g10/g10.c:320
+msgid "search for keys on a key server"
+msgstr "bir anahtar sunucusunda anahtarları arar"
+
+#: g10/g10.c:322
+msgid "update all keys from a keyserver"
+msgstr "anahtarları bir anahtar sunucusundan günceller"
+
+#: g10/g10.c:326
+msgid "import/merge keys"
+msgstr "anahtarları indirir/katıştırır"
+
+#: g10/g10.c:328
+msgid "list only the sequence of packets"
+msgstr "sadece paketlerin silsilesini listeler"
+
+#: g10/g10.c:330
+msgid "export the ownertrust values"
+msgstr "sahibiningüvencesi değerlerini gönderir"
+
+#: g10/g10.c:332
+msgid "import ownertrust values"
+msgstr "sahibiningüvencesi değerlerini indirir"
+
+#: g10/g10.c:334
+msgid "update the trust database"
+msgstr "güvence veritabanını günceller"
+
+#: g10/g10.c:336
+msgid "unattended trust database update"
+msgstr "bakımsız güvence veritabanının güncellemesi"
+
+#: g10/g10.c:337
+msgid "fix a corrupted trust database"
+msgstr "bozulan güvence veritabanını onarır"
+
+#: g10/g10.c:338
+msgid "De-Armor a file or stdin"
+msgstr "Bir dosya veya standart girdinin zırhını kaldırır"
+
+#: g10/g10.c:340
+msgid "En-Armor a file or stdin"
+msgstr "Bir dosya veya standart girdiyi zırhlar"
+
+#: g10/g10.c:342
+msgid "|algo [files]|print message digests"
+msgstr "|algo [dosyalar]|ileti özümlemelerini gösterir"
+
+#: g10/g10.c:346
+msgid ""
+"@\n"
+"Options:\n"
+" "
+msgstr ""
+"@\n"
+"Seçenekler:\n"
+" "
+
+#: g10/g10.c:348
+msgid "create ascii armored output"
+msgstr "ascii zırhlı çıktı oluşturur"
+
+#: g10/g10.c:350
+msgid "|NAME|encrypt for NAME"
+msgstr "|İSİM|İSİM için şifreleme yapar"
+
+#: g10/g10.c:353
+msgid "|NAME|use NAME as default recipient"
+msgstr "|İSİM|öntanımlı alıcı olarak İSİM kullanılır"
+
+#: g10/g10.c:355
+msgid "use the default key as default recipient"
+msgstr "öntanımlı alıcı olarak öntanımlı anahtar kullanılır"
+
+#: g10/g10.c:361
+msgid "use this user-id to sign or decrypt"
+msgstr "imzalamak ya da şifre çözmek için bu kullanıcı kimliği kullanılır"
+
+#: g10/g10.c:362
+msgid "|N|set compress level N (0 disables)"
+msgstr "|N|sıkıştırma seviyesi N olarak ayarlanır (0 ise sıkıştırma yapılmaz)"
+
+#: g10/g10.c:364
+msgid "use canonical text mode"
+msgstr "kurallı metin kipini kullanır"
+
+#: g10/g10.c:371
+msgid "use as output file"
+msgstr "çıktı dosyası olarak kullanılır"
+
+#: g10/g10.c:372
+msgid "verbose"
+msgstr "çok detaylı"
+
+#: g10/g10.c:373
+msgid "be somewhat more quiet"
+msgstr "daha az detaylı"
+
+#: g10/g10.c:374
+msgid "don't use the terminal at all"
+msgstr "terminali hiç kullanma"
+
+#: g10/g10.c:375
+msgid "force v3 signatures"
+msgstr "v3 imzalarına zorlar"
+
+#: g10/g10.c:376
+msgid "do not force v3 signatures"
+msgstr "v3 imzalara zorlamaz"
+
+#: g10/g10.c:377
+msgid "force v4 key signatures"
+msgstr "v4 imzalara zorlar"
+
+#: g10/g10.c:378
+msgid "do not force v4 key signatures"
+msgstr "v4 imzalara zorlamaz"
+
+#: g10/g10.c:379
+msgid "always use a MDC for encryption"
+msgstr "şifreleme için daima bir MDC kullanılır"
+
+#: g10/g10.c:381
+msgid "never use a MDC for encryption"
+msgstr "şifreleme için asla bir MDC kullanılmaz"
+
+#: g10/g10.c:383
+msgid "do not make any changes"
+msgstr "hiçbir değişiklik yapmaz"
+
+#. { oInteractive, "interactive", 0, N_("prompt before overwriting") },
+#: g10/g10.c:385
+msgid "use the gpg-agent"
+msgstr "gpg-agent kullan"
+
+#: g10/g10.c:388
+msgid "batch mode: never ask"
+msgstr "önceden belirlenmiş işlemler kipi: hiç sormaz"
+
+#: g10/g10.c:389
+msgid "assume yes on most questions"
+msgstr "soruların çoğunda cevap evet farzedilir"
+
+#: g10/g10.c:390
+msgid "assume no on most questions"
+msgstr "soruların çoğunda cevap hayır farzedilir"
+
+#: g10/g10.c:391
+msgid "add this keyring to the list of keyrings"
+msgstr "bu anahtar zincirini anahtar zincirleri listesine ekler"
+
+#: g10/g10.c:392
+msgid "add this secret keyring to the list"
+msgstr "bu gizli anahtar zincirini listeye ekler"
+
+#: g10/g10.c:393
+msgid "show which keyring a listed key is on"
+msgstr "listedeki bir anahtarın hangi anahtar zincirinde olduğunu gösterir"
+
+#: g10/g10.c:394
+msgid "|NAME|use NAME as default secret key"
+msgstr "|İSİM|öntanımlı gizli anahtar olarak İSİM kullanılır"
+
+#: g10/g10.c:395
+msgid "|HOST|use this keyserver to lookup keys"
+msgstr "|MAKİNA|anahtarları aramak için bu anahtar sunucusu kullanılır"
+
+#: g10/g10.c:397
+msgid "|NAME|set terminal charset to NAME"
+msgstr "|İSİM|terminal karakter setini İSİM olarak ayarlar"
+
+#: g10/g10.c:398
+msgid "read options from file"
+msgstr "seçenekleri dosyadan okur"
+
+#: g10/g10.c:402
+msgid "|FD|write status info to this FD"
+msgstr "|FD|durum bilgisini bu FD'ye yazar"
+
+#: g10/g10.c:404
+msgid "|[file]|write status info to file"
+msgstr "|[DOSYA]|durum bilgisini DOSYAya yazar"
+
+#: g10/g10.c:410
+msgid "|KEYID|ultimately trust this key"
+msgstr "|ANHKİML|bu anahtar son derece güvenli"
+
+#: g10/g10.c:411
+msgid "|FILE|load extension module FILE"
+msgstr "|DOSYA|genişletme modülü olarak DOSYA yüklenir"
+
+#: g10/g10.c:412
+msgid "emulate the mode described in RFC1991"
+msgstr "RFC1991 de açıklanan kipi uygular"
+
+#: g10/g10.c:413
+msgid "set all packet, cipher and digest options to OpenPGP behavior"
+msgstr "tüm paket, şifre ve özümleme seçeneklerini OpenPGP tarzında ayarlar"
+
+#: g10/g10.c:414
+msgid "set all packet, cipher and digest options to PGP 2.x behavior"
+msgstr "tüm paket, şifre ve özümleme seçeneklerini PGP 2.x'e göre ayarlar"
+
+#: g10/g10.c:418
+msgid "|N|use passphrase mode N"
+msgstr "|N|anahtar parolası kipi olarak N kullanılır"
+
+#: g10/g10.c:420
+msgid "|NAME|use message digest algorithm NAME for passphrases"
+msgstr ""
+"|İSİM|anahtar parolaları için ileti özümleme algoritması olarak İSİM "
+"kullanılır"
+
+#: g10/g10.c:422
+msgid "|NAME|use cipher algorithm NAME for passphrases"
+msgstr "|İSİM|anahtar parolaları için şifre algoritması olarak İSİM kullanılır"
+
+#: g10/g10.c:424
+msgid "|NAME|use cipher algorithm NAME"
+msgstr "|İSİM|şifre algoritması olarak İSİM kullanılır"
+
+#: g10/g10.c:425
+msgid "|NAME|use message digest algorithm NAME"
+msgstr "|İSİM|özümleme algoritması olarak İSİM kullanılır"
+
+#: g10/g10.c:426
+msgid "|N|use compress algorithm N"
+msgstr "|N|sıkıştırma algoritması olarak N kullanılır"
+
+#: g10/g10.c:427
+msgid "throw keyid field of encrypted packets"
+msgstr "şifreli paketlerin anahtar-kimlik alanlarını atar"
+
+#: g10/g10.c:428
+msgid "Show Photo IDs"
+msgstr "Foto kimliklerini gösterir"
+
+#: g10/g10.c:429
+msgid "Don't show Photo IDs"
+msgstr "Foto kimliklerini göstermez"
+
+#: g10/g10.c:430
+msgid "Set command line to view Photo IDs"
+msgstr "Komut satırını foto kimliklerini göstermeye ayarlar"
+
+#: g10/g10.c:431
+msgid "|NAME=VALUE|use this notation data"
+msgstr "|İSİM=DEĞER|veri bu nitelemeyle kullanılır"
+
+#: g10/g10.c:434
+msgid ""
+"@\n"
+"(See the man page for a complete listing of all commands and options)\n"
+msgstr ""
+"@\n"
+"(Tüm komut ve seçeneklerin komple listesi için man sayfalarına bakın)\n"
+
+#: g10/g10.c:437
+msgid ""
+"@\n"
+"Examples:\n"
+"\n"
+" -se -r Bob [file]          sign and encrypt for user Bob\n"
+" --clearsign [file]         make a clear text signature\n"
+" --detach-sign [file]       make a detached signature\n"
+" --list-keys [names]        show keys\n"
+" --fingerprint [names]      show fingerprints\n"
+msgstr ""
+"@\n"
+"Örnekler:\n"
+"\n"
+" -se -r Ali [dosya]         kullanıcı Ali için imzalar ve şifreler\n"
+" --clearsign [dosya]        açıkça okunabilir bir imza yapar\n"
+" --detach-sign [dosya]      bağımsız bir imza yapar\n"
+" --list-keys [isimler]      anahtarları listeler\n"
+" --fingerprint [isimler]    parmak izlerini gösterir\n"
+
+#: g10/g10.c:579
+msgid "Please report bugs to <[email protected]>.\n"
+msgstr "Yazılım hatalarını lütfen <[email protected]> adresine bildirin.\n"
+
+#: g10/g10.c:583
+msgid "Usage: gpg [options] [files] (-h for help)"
+msgstr "Kullanımı: gpg [seçenekler] [dosyalar] (yardım için -h)"
+
+#: g10/g10.c:586
+msgid ""
+"Syntax: gpg [options] [files]\n"
+"sign, check, encrypt or decrypt\n"
+"default operation depends on the input data\n"
+msgstr ""
+"Yazılışı: gpg [seçenekler] [dosyalar]\n"
+"imzalama, kontrol, şifreleme veya çözme\n"
+"öntanımlı işlem girilen veriye bağımlıdır\n"
+
+#: g10/g10.c:597
+msgid ""
+"\n"
+"Supported algorithms:\n"
+msgstr ""
+"\n"
+"Desteklenen algoritmalar:\n"
+
+#: g10/g10.c:671
+msgid "usage: gpg [options] "
+msgstr "kullanımı: gpg [seçenekler] "
+
+#: g10/g10.c:728
+msgid "conflicting commands\n"
+msgstr "çelişen komutlar\n"
+
+#: g10/g10.c:903
+#, c-format
+msgid "NOTE: no default option file `%s'\n"
+msgstr "BİLGİ: \"%s\" öntanımlı seçenek dosyası yok\n"
+
+#: g10/g10.c:907
+#, c-format
+msgid "option file `%s': %s\n"
+msgstr "seçenek dosyası \"%s\": %s\n"
+
+#: g10/g10.c:914
+#, c-format
+msgid "reading options from `%s'\n"
+msgstr "\"%s\"den seçenekler okunuyor\n"
+
+#: g10/g10.c:1197
+#, c-format
+msgid "%s is not a valid character set\n"
+msgstr "%s geçerli bir karakter seti değil\n"
+
+#: g10/g10.c:1214
+msgid "could not parse keyserver URI\n"
+msgstr "anahtar sunucusunun adresi çözümlenemedi\n"
+
+#: g10/g10.c:1228
+#, c-format
+msgid "unable to set exec-path to %s\n"
+msgstr "çalıştırılabilirlerin patikası %s yapılamıyor\n"
+
+#: g10/g10.c:1251 g10/g10.c:1267
+#, c-format
+msgid "WARNING: %s is a deprecated option.\n"
+msgstr "UYARI: %s seçeneği kullanımdan kaldırılmak üzere.\n"
+
+#: g10/g10.c:1253 g10/g10.c:1270
+#, c-format
+msgid "please use \"--keyserver-options %s\" instead\n"
+msgstr "lütfen yerine \"--keyserver-options %s\" kullanınız\n"
+
+#: g10/g10.c:1347
+msgid "WARNING: program may create a core file!\n"
+msgstr "UYARI: program bir \"core\" dosyası oluşturabilir!\n"
+
+#: g10/g10.c:1351
+#, c-format
+msgid "WARNING: %s overrides %s\n"
+msgstr "UYARI: %s %s'i aşıyor\n"
+
+#: g10/g10.c:1358 g10/g10.c:1369
+#, c-format
+msgid "NOTE: %s is not for normal use!\n"
+msgstr "BİLGİ: %s normal kullanım için değil!\n"
+
+#: g10/g10.c:1360 g10/g10.c:1380
+#, c-format
+msgid "%s not allowed with %s!\n"
+msgstr "%s ile %s birlikte kullanılmaz!\n"
+
+#: g10/g10.c:1363
+#, c-format
+msgid "%s makes no sense with %s!\n"
+msgstr "%s, %s ile etkisiz olur!\n"
+
+#: g10/g10.c:1389
+msgid "you can only make detached or clear signatures while in --pgp2 mode\n"
+msgstr "--pgp2 kipinde sadece ayrık veya sade imzalar yapabilirsiniz\n"
+
+#: g10/g10.c:1395
+msgid "you can't sign and encrypt at the same time while in --pgp2 mode\n"
+msgstr "--pgp2 kipinde aynı anda hem imzalama hem de şifreleme yapamazsınız\n"
+
+#: g10/g10.c:1401
+msgid "you must use files (and not a pipe) when working with --pgp2 enabled.\n"
+msgstr "--pgp2 ile çalışırken veri yolu yerine dosyaları kullanmalısınız.\n"
+
+#: g10/g10.c:1414
+msgid "encrypting a message in --pgp2 mode requires the IDEA cipher\n"
+msgstr "--pgp2 kipinde ileti şifrelemesi IDEA şifresi gerektirir\n"
+
+#: g10/encode.c:287 g10/encode.c:349 g10/g10.c:1428 g10/sign.c:620
+#: g10/sign.c:798
+msgid "this message may not be usable by PGP 2.x\n"
+msgstr "bu ileti PGP 2.x tarafından kullanılamayabilir\n"
+
+#: g10/g10.c:1470 g10/g10.c:1482
+msgid "selected cipher algorithm is invalid\n"
+msgstr "seçilen şifre algoritması geçersiz\n"
+
+#: g10/g10.c:1476 g10/g10.c:1488
+msgid "selected digest algorithm is invalid\n"
+msgstr "seçilen özümleme algoritması geçersiz\n"
+
+#: g10/g10.c:1492
+msgid "the given signature policy URL is invalid\n"
+msgstr "belirtilen imza güvence adresi geçersiz\n"
+
+#: g10/g10.c:1496
+msgid "the given certification policy URL is invalid\n"
+msgstr "belirtilen sertifika güvence adresi geçersiz\n"
+
+#: g10/g10.c:1499
+#, c-format
+msgid "compress algorithm must be in range %d..%d\n"
+msgstr "sıkıştırma algoritması %d..%d aralığında olmalı\n"
+
+#: g10/g10.c:1501
+msgid "completes-needed must be greater than 0\n"
+msgstr "\"completes-needed\" 0 dan büyük olmalı\n"
+
+#: g10/g10.c:1503
+msgid "marginals-needed must be greater than 1\n"
+msgstr "\"marginals-needed\" 1 den büyük olmalı\n"
+
+#: g10/g10.c:1505
+msgid "max-cert-depth must be in range 1 to 255\n"
+msgstr "\"max-cert-depth\" 1 ile 255 arasında olmalı\n"
+
+#: g10/g10.c:1508
+msgid "NOTE: simple S2K mode (0) is strongly discouraged\n"
+msgstr "BİLGİ: basit S2K kipi (0) kesinlikle tavsiye edilmez\n"
+
+#: g10/g10.c:1512
+msgid "invalid S2K mode; must be 0, 1 or 3\n"
+msgstr "S2K kipi geçersiz; 0, 1 veya 3 olmalı\n"
+
+#: g10/g10.c:1516
+msgid "invalid default-check-level; must be 0, 1, 2, or 3\n"
+msgstr "öntanımlı denetim seviyesi geçersiz; 0, 1, 2, ya da 3 olabilir\n"
+
+#: g10/g10.c:1519
+msgid "invalid preferences\n"
+msgstr "tercihler geçersiz\n"
+
+#: g10/g10.c:1613
+#, c-format
+msgid "failed to initialize the TrustDB: %s\n"
+msgstr "\"TrustDB\" güvence veritabanı başlangıç aşamasında başarısız: %s\n"
+
+#: g10/g10.c:1633
+msgid "--store [filename]"
+msgstr "--store [dosyaismi]"
+
+#: g10/g10.c:1640
+msgid "--symmetric [filename]"
+msgstr "--symmetric [dosyaismi]"
+
+#: g10/g10.c:1648
+msgid "--encrypt [filename]"
+msgstr "--encrypt [dosyaismi]"
+
+#: g10/g10.c:1665
+msgid "--sign [filename]"
+msgstr "--sign [dosyaismi]"
+
+#: g10/g10.c:1678
+msgid "--sign --encrypt [filename]"
+msgstr "--sign --encrypt [dosyaismi]"
+
+#: g10/g10.c:1692
+msgid "--sign --symmetric [filename]"
+msgstr "--sign --symmetric [DOSYA]"
+
+#: g10/g10.c:1701
+msgid "--clearsign [filename]"
+msgstr "--clearsign [dosyaismi]"
+
+#: g10/g10.c:1719
+msgid "--decrypt [filename]"
+msgstr "--decrypt [dosyaismi]"
+
+#: g10/g10.c:1730
+msgid "--sign-key user-id"
+msgstr "--sign-key kullanıcı-kimliği"
+
+#: g10/g10.c:1738
+msgid "--lsign-key user-id"
+msgstr "--lsign-key kullanıcı-kimliği"
+
+#: g10/g10.c:1746
+msgid "--nrsign-key user-id"
+msgstr "--nrsign-key KULL-KML"
+
+#: g10/g10.c:1754
+msgid "--nrlsign-key user-id"
+msgstr "--nrlsign-key KULL-KML"
+
+#: g10/g10.c:1762
+msgid "--edit-key user-id [commands]"
+msgstr "--edit-key kullanıcı-kimliği [komutlar]"
+
+#: g10/encode.c:307 g10/g10.c:1818 g10/sign.c:709
+#, c-format
+msgid "can't open %s: %s\n"
+msgstr "%s açılamadı: %s\n"
+
+#: g10/g10.c:1833
+msgid "-k[v][v][v][c] [user-id] [keyring]"
+msgstr "-k[v][v][v][c] [kullanıcı-kimliği] [anahtar-zinciri]"
+
+#: g10/g10.c:1916
+#, c-format
+msgid "dearmoring failed: %s\n"
+msgstr "zırhın kaldırılması başarısız: %s\n"
+
+#: g10/g10.c:1924
+#, c-format
+msgid "enarmoring failed: %s\n"
+msgstr "zırhlama başarısız: %s\n"
+
+#: g10/g10.c:2011
+#, c-format
+msgid "invalid hash algorithm `%s'\n"
+msgstr "`%s' hash algoritması geçersiz\n"
+
+#: g10/g10.c:2097
+msgid "[filename]"
+msgstr "[dosyaismi]"
+
+#: g10/g10.c:2101
+msgid "Go ahead and type your message ...\n"
+msgstr "İletinizi yazın ...\n"
+
+#: g10/decrypt.c:60 g10/decrypt.c:106 g10/g10.c:2104 g10/verify.c:94
+#: g10/verify.c:139
+#, c-format
+msgid "can't open `%s'\n"
+msgstr "`%s' açılamadı\n"
+
+#: g10/g10.c:2313
+msgid ""
+"the first character of a notation name must be a letter or an underscore\n"
+msgstr "bir niteleme isminin ilk karakteri bir harf ya da altçizgi olmalı\n"
+
+#: g10/g10.c:2319
+msgid ""
+"a notation name must have only letters, digits, dots or underscores and end "
+"with an '='\n"
+msgstr ""
+"bir niteleme ismi sadece harfler, rakamlar ve altçizgiler içerebilir ve "
+"sonuna bir '=' gelir.\n"
+
+#: g10/g10.c:2325
+msgid "dots in a notation name must be surrounded by other characters\n"
+msgstr ""
+"bir niteleme isminde noktalar diğer karakterler tarafından kuşatılmış "
+"olmalıdır\n"
+
+#: g10/g10.c:2333
+msgid "a notation value must not use any control characters\n"
+msgstr "bir niteleme değerinde kontrol karakterleri kullanılamaz\n"
+
+#: g10/armor.c:314
+#, c-format
+msgid "armor: %s\n"
+msgstr "zırh: %s\n"
+
+#: g10/armor.c:343
+msgid "invalid armor header: "
+msgstr "zırh başlığı geçersiz: "
+
+#: g10/armor.c:350
+msgid "armor header: "
+msgstr "zırh başlığı: "
+
+#: g10/armor.c:361
+msgid "invalid clearsig header\n"
+msgstr "açıkça okunabilen imza başlığı geçersiz\n"
+
+#: g10/armor.c:413
+msgid "nested clear text signatures\n"
+msgstr "açıkça okunabilen imzalar dahil edildi\n"
+
+#: g10/armor.c:537
+msgid "invalid dash escaped line: "
+msgstr "araçizgisi escape'lı satır geçersiz: "
+
+#: g10/armor.c:549
+msgid "unexpected armor:"
+msgstr "beklenmeyen zırh: "
+
+#: g10/armor.c:675 g10/armor.c:1242
+#, c-format
+msgid "invalid radix64 character %02x skipped\n"
+msgstr "geçersiz radix64 karakteri %02x atlandı\n"
+
+#: g10/armor.c:718
+msgid "premature eof (no CRC)\n"
+msgstr "dosya sonu belirsiz (CRC yok)\n"
+
+#: g10/armor.c:752
+msgid "premature eof (in CRC)\n"
+msgstr "dosya sonu belirsiz (CRC içinde)\n"
+
+#: g10/armor.c:756
+msgid "malformed CRC\n"
+msgstr "CRC bozulmuş\n"
+
+#: g10/armor.c:760 g10/armor.c:1279
+#, c-format
+msgid "CRC error; %06lx - %06lx\n"
+msgstr "CRC hatası; %06lx - %06lx\n"
+
+#: g10/armor.c:780
+msgid "premature eof (in Trailer)\n"
+msgstr "dosya sonu belirsiz (kuyruk içinde)\n"
+
+#: g10/armor.c:784
+msgid "error in trailer line\n"
+msgstr "kuyruk satırında hata\n"
+
+#: g10/armor.c:1057
+msgid "no valid OpenPGP data found.\n"
+msgstr "geçerli OpenPGP verisi yok\n"
+
+#: g10/armor.c:1062
+#, c-format
+msgid "invalid armor: line longer than %d characters\n"
+msgstr "geçersiz zırh: satır %d karakterden uzun\n"
+
+#: g10/armor.c:1066
+msgid ""
+"quoted printable character in armor - probably a buggy MTA has been used\n"
+msgstr ""
+"zırh içinde uluslararası karakterler - büyük olasılıkla hatalı bir e-posta "
+"sunucusu kullanılmış\n"
+
+#: g10/pkclist.c:61
+msgid "No reason specified"
+msgstr "Belirtilmiş bir neden yok"
+
+#: g10/pkclist.c:63
+msgid "Key is superseded"
+msgstr "Anahtarın yerine başkası konulmuş ve iptal edilmiştir"
+
+#: g10/pkclist.c:65
+msgid "Key has been compromised"
+msgstr "Anahtar tehlikede"
+
+#: g10/pkclist.c:67
+msgid "Key is no longer used"
+msgstr "Anahtar artık kullanılmayacak"
+
+#: g10/pkclist.c:69
+msgid "User ID is no longer valid"
+msgstr "Kullanıcı kimliği artık geçersiz"
+
+#: g10/pkclist.c:73
+msgid "Reason for revocation: "
+msgstr "Yürürlükten kaldırma sebebi: "
+
+#: g10/pkclist.c:90
+msgid "Revocation comment: "
+msgstr "Yürürlükten kaldırma açıklaması: "
+
+#. a string with valid answers
+#: g10/pkclist.c:252
+msgid "iImMqQsS"
+msgstr "bBmMaAkK"
+
+#: g10/pkclist.c:258
+#, c-format
+msgid ""
+"No trust value assigned to:\n"
+"%4u%c/%08lX %s \""
+msgstr ""
+"Güven derecesi belirtilmemiş:\n"
+"%4u%c/%08lX %s \""
+
+#: g10/pkclist.c:270
+msgid ""
+"Please decide how far you trust this user to correctly\n"
+"verify other users' keys (by looking at passports,\n"
+"checking fingerprints from different sources...)?\n"
+"\n"
+msgstr ""
+"Diğer kullanıcıları anahtarların doğrulayacak\n"
+"bu kullanıcının güven derecesine lütfen karar verin.\n"
+"(pasportuna mı bakarsınız yoksa farklı kaynaklardan\n"
+"parmakizlerini mi kontrol edersiniz...)? kararınızı verin\n"
+
+#: g10/pkclist.c:273
+#, c-format
+msgid " %d = Don't know\n"
+msgstr " %d = bilmiyorum\n"
+
+#: g10/pkclist.c:274
+#, c-format
+msgid " %d = I do NOT trust\n"
+msgstr " %d = güvence vermem\n"
+
+#: g10/pkclist.c:275
+#, c-format
+msgid " %d = I trust marginally\n"
+msgstr " %d = Şöyle böyle güveniyorum\n"
+
+#: g10/pkclist.c:276
+#, c-format
+msgid " %d = I trust fully\n"
+msgstr " %d = Tamamen güveniyorum\n"
+
+#: g10/pkclist.c:278
+#, c-format
+msgid " %d = I trust ultimately\n"
+msgstr " %d = Son derece güveniyorum\n"
+
+#: g10/pkclist.c:279
+msgid " i = please show me more information\n"
+msgstr " b = Daha fazla bilgi gerekli\n"
+
+#: g10/pkclist.c:281
+msgid " m = back to the main menu\n"
+msgstr " m = ana menüye dön\n"
+
+#: g10/pkclist.c:284
+msgid " s = skip this key\n"
+msgstr " a = bu anahtarı atla\n"
+
+#: g10/pkclist.c:285
+msgid " q = quit\n"
+msgstr " k = çık\n"
+
+#: g10/pkclist.c:292
+msgid "Your decision? "
+msgstr "Kararınız? "
+
+#: g10/pkclist.c:313
+msgid "Do you really want to set this key to ultimate trust? "
+msgstr ""
+"Bu anahtara gerçekten en yüksek güven derecesini vermek istiyor musunuz?"
+
+#: g10/pkclist.c:325
+msgid "Certificates leading to an ultimately trusted key:\n"
+msgstr "Son derece güvenli bir anahtarla sonuçlanan sertifikalar:\n"
+
+#: g10/pkclist.c:399
+#, c-format
+msgid "key %08lX: key has been revoked!\n"
+msgstr "anahtar %08lX: anahtar yürürlükten kaldırılmıştı!\n"
+
+#: g10/pkclist.c:406 g10/pkclist.c:418 g10/pkclist.c:512
+msgid "Use this key anyway? "
+msgstr "Bu anahtar yine de kullanılsın mı? "
+
+#: g10/pkclist.c:411
+#, c-format
+msgid "key %08lX: subkey has been revoked!\n"
+msgstr "anahtar %08lX: yardımcı anahtar yürürlükten kaldırılmıştı!\n"
+
+#: g10/pkclist.c:432
+#, c-format
+msgid "%08lX: key has expired\n"
+msgstr "%08lX: anahtarın kullanım süresi dolmuş\n"
+
+#: g10/pkclist.c:442
+#, c-format
+msgid ""
+"%08lX: There is no indication that this key really belongs to the owner\n"
+msgstr ""
+"%08lX: Bu anahtarın gerçekten sahibine ait olduğuna dair bir belirti yok\n"
+
+#: g10/pkclist.c:448
+#, c-format
+msgid "%08lX: We do NOT trust this key\n"
+msgstr "%08lX: Bu anahtara güven-mi-yoruz\n"
+
+#: g10/pkclist.c:454
+#, c-format
+msgid ""
+"%08lX: It is not sure that this key really belongs to the owner\n"
+"but it is accepted anyway\n"
+msgstr ""
+"%08lX: Bu anahtarın gerçekten sahibine ait olup olmadığından emin\n"
+"olunamadı fakat yine de kabul edildi.\n"
+
+#: g10/pkclist.c:460
+msgid "This key probably belongs to the owner\n"
+msgstr "Bu anahtarın sahibine ait olduğu umuluyor\n"
+
+#: g10/pkclist.c:465
+msgid "This key belongs to us\n"
+msgstr "Bu anahtar bizim\n"
+
+#: g10/pkclist.c:507
+msgid ""
+"It is NOT certain that the key belongs to its owner.\n"
+"If you *really* know what you are doing, you may answer\n"
+"the next question with yes\n"
+"\n"
+msgstr ""
+"Bu anahtarın sahibine ait olduğu kesin DEĞİL.\n"
+"*Gerçekten* ne yaptığınızı biliyorsanız, sonraki\n"
+"soruya da evet cevabı verebilirsiniz.\n"
+
+#: g10/pkclist.c:521 g10/pkclist.c:543
+msgid "WARNING: Using untrusted key!\n"
+msgstr "UYARI: Güven derecesiz anahtar kullanılıyor!\n"
+
+#: g10/pkclist.c:562
+msgid "WARNING: This key has been revoked by its owner!\n"
+msgstr "UYARI: Bu anahtar sahibi tarafından yürürlükten kaldırılmıştı!\n"
+
+#: g10/pkclist.c:563
+msgid "         This could mean that the signature is forgery.\n"
+msgstr "         Bu imza sahte anlamına gelebilir.\n"
+
+#: g10/pkclist.c:569
+msgid "WARNING: This subkey has been revoked by its owner!\n"
+msgstr ""
+"UYARI: Bu yardımcı anahtar sahibi tarafından yürürlükten kaldırılmıştı!\n"
+
+#: g10/pkclist.c:574
+msgid "Note: This key has been disabled.\n"
+msgstr "Bilgi: Bu anahtar iptal edildi.\n"
+
+#: g10/pkclist.c:579
+msgid "Note: This key has expired!\n"
+msgstr "Bilgi: Bu anahtarın kullanım süresi dolmuştu!\n"
+
+#: g10/pkclist.c:590
+msgid "WARNING: This key is not certified with a trusted signature!\n"
+msgstr "UYARI: Bu anahtar güven dereceli bir imza ile sertifikalanmamış!\n"
+
+#: g10/pkclist.c:592
+msgid ""
+"         There is no indication that the signature belongs to the owner.\n"
+msgstr "         Bu imzanın sahibine ait olduğuna dair bir belirti yok.\n"
+
+#: g10/pkclist.c:600
+msgid "WARNING: We do NOT trust this key!\n"
+msgstr "UYARI: Bu anahtara güven-mi-yoruz!\n"
+
+#: g10/pkclist.c:601
+msgid "         The signature is probably a FORGERY.\n"
+msgstr "         Bu imza SAHTE olabilir.\n"
+
+#: g10/pkclist.c:609
+msgid ""
+"WARNING: This key is not certified with sufficiently trusted signatures!\n"
+msgstr ""
+"UYARI: Bu anahtar yeterli güven derecesine sahip imzalarla "
+"sertifikalanmamış!\n"
+
+#: g10/pkclist.c:611
+msgid "         It is not certain that the signature belongs to the owner.\n"
+msgstr "         Bu imzanın sahibine ait olduğu kesin değil.\n"
+
+#: g10/pkclist.c:714 g10/pkclist.c:737 g10/pkclist.c:882 g10/pkclist.c:937
+#, c-format
+msgid "%s: skipped: %s\n"
+msgstr "%s: atlandı: %s\n"
+
+#: g10/pkclist.c:723 g10/pkclist.c:911
+#, c-format
+msgid "%s: skipped: public key already present\n"
+msgstr "%s: atlandı: genel anahtar zaten var\n"
+
+#: g10/pkclist.c:752
+msgid "You did not specify a user ID. (you may use \"-r\")\n"
+msgstr "Bir kullanıcı kimliği belirtmediniz. (\"-r\" kullanabilirsiniz)\n"
+
+#: g10/pkclist.c:762
+msgid ""
+"\n"
+"Enter the user ID.  End with an empty line: "
+msgstr ""
+"\n"
+"Kullanıcı kimliğini girin. Boş bir satır işlemi sonlandırır:"
+
+#: g10/pkclist.c:776
+msgid "No such user ID.\n"
+msgstr "Böyle bir kullanıcı kimliği yok.\n"
+
+#: g10/pkclist.c:781 g10/pkclist.c:857
+msgid "skipped: public key already set as default recipient\n"
+msgstr "atlandı: genel anahtar zaten öntanımlı alıcı olarak ayarlanmış\n"
+
+#: g10/pkclist.c:799
+msgid "Public key is disabled.\n"
+msgstr "Genel anahtar iptal edildi.\n"
+
+#: g10/pkclist.c:806
+msgid "skipped: public key already set\n"
+msgstr "atlandı: genel anahtar zaten belirtilmiş\n"
+
+#: g10/pkclist.c:849
+#, c-format
+msgid "unknown default recipient `%s'\n"
+msgstr "öntanımlı alıcı `%s' bilinmiyor\n"
+
+#: g10/pkclist.c:893
+#, c-format
+msgid "%s: skipped: public key is disabled\n"
+msgstr "%s: atlandı: genel anahtar iptal edildi\n"
+
+#: g10/pkclist.c:943
+msgid "no valid addressees\n"
+msgstr "geçerli adresler yok\n"
+
+#: g10/keygen.c:180
+#, c-format
+msgid "preference %c%lu is not valid\n"
+msgstr "%c%lu tercihi geçersiz\n"
+
+#: g10/keygen.c:187
+#, c-format
+msgid "preference %c%lu duplicated\n"
+msgstr "%c%lu tercihi yinelendi\n"
+
+#: g10/keygen.c:192
+#, c-format
+msgid "too many `%c' preferences\n"
+msgstr "`%c' tercih çok fazla\n"
+
+#: g10/keygen.c:257
+msgid "invalid character in preference string\n"
+msgstr "tercih dizgesindeki karakter geçersiz\n"
+
+#: g10/keygen.c:399
+msgid "writing self signature\n"
+msgstr "öz-imza yazılıyor\n"
+
+#: g10/keygen.c:443
+msgid "writing key binding signature\n"
+msgstr "anahtarı garantileyen imzayı yazıyor\n"
+
+#: g10/keygen.c:497 g10/keygen.c:581 g10/keygen.c:672
+#, c-format
+msgid "keysize invalid; using %u bits\n"
+msgstr "anahtar uzunluğu geçersiz; %u bit kullanılıyor\n"
+
+#: g10/keygen.c:502 g10/keygen.c:586 g10/keygen.c:677
+#, c-format
+msgid "keysize rounded up to %u bits\n"
+msgstr "anahtar uzunluğu %u bite yuvarlandı\n"
+
+#: g10/keygen.c:777
+msgid "Please select what kind of key you want:\n"
+msgstr "Lütfen istediğiniz anahtarı seçiniz:\n"
+
+#: g10/keygen.c:779
+#, c-format
+msgid "   (%d) DSA and ElGamal (default)\n"
+msgstr "   (%d) DSA ve ElGamal (öntanımlı)\n"
+
+#: g10/keygen.c:780
+#, c-format
+msgid "   (%d) DSA (sign only)\n"
+msgstr "   (%d) DSA (yalnız imzalamak için)\n"
+
+#: g10/keygen.c:782
+#, c-format
+msgid "   (%d) ElGamal (encrypt only)\n"
+msgstr "   (%d) ElGamal (yalnız şifrelemek için)\n"
+
+#: g10/keygen.c:783
+#, c-format
+msgid "   (%d) ElGamal (sign and encrypt)\n"
+msgstr "   (%d) ElGamal (imzalamak ve şifrelemek için)\n"
+
+#: g10/keygen.c:784
+#, c-format
+msgid "   (%d) RSA (sign only)\n"
+msgstr "   (%d) RSA (sadece imzalamak için)\n"
+
+#: g10/keygen.c:786
+#, c-format
+msgid "   (%d) RSA (encrypt only)\n"
+msgstr "   (%d) RSA (sadece şifrelemek için)\n"
+
+#: g10/keyedit.c:516 g10/keygen.c:789
+msgid "Your selection? "
+msgstr "Seçiminiz? "
+
+#: g10/keygen.c:809
+msgid "The use of this algorithm is deprecated - create anyway? "
+msgstr "Bu algoritmanın kullanımı uygun değil - Yine de oluşturulsun mu?"
+
+#: g10/keyedit.c:529 g10/keygen.c:823
+msgid "Invalid selection.\n"
+msgstr "Seçim geçersiz.\n"
+
+#: g10/keygen.c:836
+#, c-format
+msgid ""
+"About to generate a new %s keypair.\n"
+"              minimum keysize is  768 bits\n"
+"              default keysize is 1024 bits\n"
+"    highest suggested keysize is 2048 bits\n"
+msgstr ""
+"Yeni bir %s anahtar çifti üretmek üzeresiniz.\n"
+"                   en küçük anahtar uzunluğu:  768 bit\n"
+"                  öntanımlı anahtar uzunluğu: 1024 bit\n"
+"    önerilebilecek en büyük anahtar uzunluğu: 2048 bit\n"
+
+#: g10/keygen.c:845
+msgid "What keysize do you want? (1024) "
+msgstr "İstediğiniz anahtar uzunluğu nedir? (1024) "
+
+#: g10/keygen.c:850
+msgid "DSA only allows keysizes from 512 to 1024\n"
+msgstr "DSA anahtarının uzunluğu 512 ile 1024 bit arasında olabilir\n"
+
+#: g10/keygen.c:852
+msgid "keysize too small; 1024 is smallest value allowed for RSA.\n"
+msgstr ""
+"anahtar uzunluğu çok küçük; RSA anahtarı için en küçük uzunluk: 1024 bit\n"
+
+#: g10/keygen.c:855
+msgid "keysize too small; 768 is smallest value allowed.\n"
+msgstr "anahtar uzunluğu çok küçük; en küçük anahtar uzunluğu 768 bit'tir.\n"
+
+#. It is ridiculous and an annoyance to use larger key sizes!
+#. * GnuPG can handle much larger sizes; but it takes an eternity
+#. * to create such a key (but less than the time the Sirius
+#. * Computer Corporation needs to process one of the usual
+#. * complaints) and {de,en}cryption although needs some time.
+#. * So, before you complain about this limitation, I suggest that
+#. * you start a discussion with Marvin about this theme and then
+#. * do whatever you want.
+#: g10/keygen.c:866
+#, c-format
+msgid "keysize too large; %d is largest value allowed.\n"
+msgstr "anahtar uzunluğu çok büyük; izin verilen en büyük değer: %d bit\n"
+
+#: g10/keygen.c:871
+msgid ""
+"Keysizes larger than 2048 are not suggested because\n"
+"computations take REALLY long!\n"
+msgstr ""
+"Hesaplama EPEYCE UZUN zaman alacağından anahtar uzunluklarında\n"
+"2048 bitten fazlası tavsiye edilmez.\n"
+
+#: g10/keygen.c:874
+msgid "Are you sure that you want this keysize? "
+msgstr "Bu anahtar uzunluğunu istediğinizden emin misiniz? "
+
+#: g10/keygen.c:875
+msgid ""
+"Okay, but keep in mind that your monitor and keyboard radiation is also very "
+"vulnerable to attacks!\n"
+msgstr ""
+"Tamam, ama saldırılara çok duyarlı olan monitör ve klavye ışınımlarından "
+"kendinizi uzak tutun! (ne demekse...)\n"
+
+#: g10/keygen.c:884
+#, c-format
+msgid "Requested keysize is %u bits\n"
+msgstr "İstenen anahtar uzunluğu: %u bit\n"
+
+#: g10/keygen.c:887 g10/keygen.c:891
+#, c-format
+msgid "rounded up to %u bits\n"
+msgstr "%u bite yuvarlandı\n"
+
+#: g10/keygen.c:942
+msgid ""
+"Please specify how long the key should be valid.\n"
+"         0 = key does not expire\n"
+"      <n>  = key expires in n days\n"
+"      <n>w = key expires in n weeks\n"
+"      <n>m = key expires in n months\n"
+"      <n>y = key expires in n years\n"
+msgstr ""
+"Lütfen anahtarın ne kadar süreyle geçerli olacağını belirtin.\n"
+"         0 = anahtar süresiz geçerli\n"
+"      <n>  = anahtar n gün geçerli\n"
+"      <n>w = anahtar n hafta geçerli\n"
+"      <n>m = anahtar n ay geçerli\n"
+"      <n>y = anahtar n yıl geçerli\n"
+
+#: g10/keygen.c:951
+msgid ""
+"Please specify how long the signature should be valid.\n"
+"         0 = signature does not expire\n"
+"      <n>  = signature expires in n days\n"
+"      <n>w = signature expires in n weeks\n"
+"      <n>m = signature expires in n months\n"
+"      <n>y = signature expires in n years\n"
+msgstr ""
+"Lütfen imzanınn ne kadar süreyle geçerli olacağını belirtin.\n"
+"         0 = imza süresiz geçerli\n"
+"      <n>  = imza n gün geçerli\n"
+"      <n>w = imza n hafta geçerli\n"
+"      <n>m = imza n ay geçerli\n"
+"      <n>y = imza n yıl geçerli\n"
+
+#: g10/keygen.c:973
+msgid "Key is valid for? (0) "
+msgstr "Anahtar ne kadar geçerli olacak? (0) "
+
+#: g10/keygen.c:975
+msgid "Signature is valid for? (0) "
+msgstr "İmza ne kadar geçerli olacak? (0) "
+
+#: g10/keygen.c:980
+msgid "invalid value\n"
+msgstr "değer hatalı\n"
+
+#: g10/keygen.c:985
+#, c-format
+msgid "%s does not expire at all\n"
+msgstr "%s hep geçerli olacak\n"
+
+#. print the date when the key expires
+#: g10/keygen.c:992
+#, c-format
+msgid "%s expires at %s\n"
+msgstr "%s %s sonra geçersiz olacak\n"
+
+#: g10/keygen.c:998
+msgid ""
+"Your system can't display dates beyond 2038.\n"
+"However, it will be correctly handled up to 2106.\n"
+msgstr ""
+"Sisteminiz 2038 yılından sonraki tarihleri gösteremiyor.\n"
+"Ama emin olun ki 2106 yılına kadar elde edilebilecek.\n"
+
+#: g10/keygen.c:1003
+msgid "Is this correct (y/n)? "
+msgstr "Bu doğru mu? (e/h)? "
+
+#: g10/keygen.c:1046
+msgid ""
+"\n"
+"You need a User-ID to identify your key; the software constructs the user "
+"id\n"
+"from Real Name, Comment and Email Address in this form:\n"
+"    \"Heinrich Heine (Der Dichter) <[email protected]>\"\n"
+"\n"
+msgstr ""
+"\n"
+"Anahtarınızın size ait olduğunu belirten bir Kullanıcı-Kimliği olmalı;\n"
+"Kullanıcı-Kimliği, Gerçek İsminiz, Bir Önbilgi ve e-Posta Adresiniz\n"
+"alanlarının bir birleşiminden oluşur. Örneğin:\n"
+"\t\"Fatih Sultan Mehmed (Padisah) <[email protected]>\"\n"
+"\n"
+
+#: g10/keygen.c:1058
+msgid "Real name: "
+msgstr "Adınız ve Soyadınız: "
+
+#: g10/keygen.c:1066
+msgid "Invalid character in name\n"
+msgstr "Ad ve soyadınızda geçersiz karakter var\n"
+
+#: g10/keygen.c:1068
+msgid "Name may not start with a digit\n"
+msgstr "Ad ve soyadınız bir rakamla başlamamalı\n"
+
+#: g10/keygen.c:1070
+msgid "Name must be at least 5 characters long\n"
+msgstr "Ad ve soyadınız en az 5 harfli olmalı\n"
+
+#: g10/keygen.c:1078
+msgid "Email address: "
+msgstr "E-posta adresiniz: "
+
+#: g10/keygen.c:1089
+msgid "Not a valid email address\n"
+msgstr "geçerli bir E-posta adresi değil\n"
+
+#: g10/keygen.c:1097
+msgid "Comment: "
+msgstr "Önbilgi: "
+
+#: g10/keygen.c:1103
+msgid "Invalid character in comment\n"
+msgstr "Önbilgi alanında geçersiz karakter var\n"
+
+#: g10/keygen.c:1126
+#, c-format
+msgid "You are using the `%s' character set.\n"
+msgstr "`%s' karakter kümesini kullanıyorsunuz.\n"
+
+#: g10/keygen.c:1132
+#, c-format
+msgid ""
+"You selected this USER-ID:\n"
+"    \"%s\"\n"
+"\n"
+msgstr ""
+"Seçtiğiniz KULLANICI-KİMLİĞİ:\n"
+"    \"%s\"\n"
+"\n"
+
+#: g10/keygen.c:1136
+msgid "Please don't put the email address into the real name or the comment\n"
+msgstr ""
+"Lütfen E-posta adresinizi Adı ve Soyadı veya Açıklama alanı içine koymayın\n"
+
+#: g10/keygen.c:1141
+msgid "NnCcEeOoQq"
+msgstr "AaYyEeTtKk"
+
+#: g10/keygen.c:1151
+msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
+msgstr "(A)dı ve Soyadı, (Y)orum, (E)posta alanlarını değiştir ya da Çı(k)? "
+
+#: g10/keygen.c:1152
+msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
+msgstr ""
+"(A)dı ve Soyadı, (Y)orum, (E)posta alanlarını değiştir ya da (T)amam/Çı(k)? "
+
+#: g10/keygen.c:1171
+msgid "Please correct the error first\n"
+msgstr "Lütfen önce hatayı düzeltin\n"
+
+#: g10/keygen.c:1210
+msgid ""
+"You need a Passphrase to protect your secret key.\n"
+"\n"
+msgstr ""
+"Gizli anahtarınızı korumak için bir Anahtar Parolanız olmalı.\n"
+"\n"
+
+#: g10/keyedit.c:701 g10/keygen.c:1218
+msgid "passphrase not correctly repeated; try again"
+msgstr ""
+"ikinci kez yazdığınız anahtar parolası ilkiyle aynı değil; işlem "
+"tekrarlanacak"
+
+#: g10/keygen.c:1219
+#, c-format
+msgid "%s.\n"
+msgstr "%s.\n"
+
+#: g10/keygen.c:1225
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"I will do it anyway.  You can change your passphrase at any time,\n"
+"using this program with the option \"--edit-key\".\n"
+"\n"
+msgstr ""
+"Bir anahtar parolası istemediniz - bu *kötü* bir fikir!\n"
+"Nasıl isterseniz. Anahtar parolanızı bu programı \"--edit-key\"\n"
+"seçeneği ile kullanarak her zaman değiştirebilirsiniz.\n"
+"\n"
+
+#: g10/keygen.c:1246
+msgid ""
+"We need to generate a lot of random bytes. It is a good idea to perform\n"
+"some other action (type on the keyboard, move the mouse, utilize the\n"
+"disks) during the prime generation; this gives the random number\n"
+"generator a better chance to gain enough entropy.\n"
+msgstr ""
+"Bir miktar rasgele bayt üretilmesi gerekiyor. İlk üretim sırasında biraz\n"
+"hareket (klavyeyi kullanmak, fareyi hareket ettirmek, disklerden "
+"yararlanmak)\n"
+"iyi olacaktır; bu yeterli rasgele bayt kazanmak için rasgele sayı\n"
+"üretecine yardımcı olur. \n"
+
+#: g10/keygen.c:1741
+msgid "DSA keypair will have 1024 bits.\n"
+msgstr "DSA anahtar çifti 1024 bit olacak.\n"
+
+#: g10/keygen.c:1795
+msgid "Key generation canceled.\n"
+msgstr "Anahtar üretimi durduruldu.\n"
+
+#: g10/keygen.c:1883 g10/keygen.c:1963
+#, c-format
+msgid "writing public key to `%s'\n"
+msgstr "genel anahtarı `%s'e yazıyor\n"
+
+#: g10/keygen.c:1884 g10/keygen.c:1965
+#, c-format
+msgid "writing secret key to `%s'\n"
+msgstr "gizli anahtarı `%s'e yazıyor\n"
+
+#: g10/keygen.c:1952
+#, c-format
+msgid "no writable public keyring found: %s\n"
+msgstr "yazılabilir bir genel anahtar zinciri yok: %s\n"
+
+#: g10/keygen.c:1958
+#, c-format
+msgid "no writable secret keyring found: %s\n"
+msgstr "yazılabilir bir gizli anahtar zinciri yok: %s\n"
+
+#: g10/keygen.c:1972
+#, c-format
+msgid "error writing public keyring `%s': %s\n"
+msgstr "`%s' genel anahtar zincirine yazılırken hata oluştu: %s\n"
+
+#: g10/keygen.c:1979
+#, c-format
+msgid "error writing secret keyring `%s': %s\n"
+msgstr "`%s' gixli anahtar zincirine yazılırken hata oluştu: %s\n"
+
+#: g10/keygen.c:1999
+msgid "public and secret key created and signed.\n"
+msgstr "genel ve gizli anahtar üretildi ve imzalandı.\n"
+
+#: g10/keygen.c:2000
+msgid "key marked as ultimately trusted.\n"
+msgstr "anahtar son derece güvenli olarak imlendi.\n"
+
+#: g10/keygen.c:2011
+msgid ""
+"Note that this key cannot be used for encryption.  You may want to use\n"
+"the command \"--edit-key\" to generate a secondary key for this purpose.\n"
+msgstr ""
+"Bu anahtar şifreleme için kullanılamaz. Şifreleme için ikinci bir anahtarı\n"
+"\"--edit-key\" seçeneğini kullanarak üretebilirsiniz.\n"
+
+#: g10/keygen.c:2023 g10/keygen.c:2131
+#, c-format
+msgid "Key generation failed: %s\n"
+msgstr "Anahtar üretimi başarısızlığa uğradı: %s\n"
+
+#: g10/keygen.c:2067 g10/sig-check.c:223 g10/sign.c:228
+#, c-format
+msgid ""
+"key has been created %lu second in future (time warp or clock problem)\n"
+msgstr ""
+"anahtar %lu saniye sonra üretilmiş (zaman sapması veya saat problemi)\n"
+
+#: g10/keygen.c:2069 g10/sig-check.c:225 g10/sign.c:230
+#, c-format
+msgid ""
+"key has been created %lu seconds in future (time warp or clock problem)\n"
+msgstr ""
+"anahtar bundan %lu saniye sonra üretilmiş (zaman sapması veya saat "
+"problemi)\n"
+
+#: g10/keygen.c:2078
+msgid "NOTE: creating subkeys for v3 keys is not OpenPGP compliant\n"
+msgstr ""
+"BİLGİ: v3 anahtarları için yardımcı anahtar üretimi OpenPGP uyumlu değildir\n"
+
+#: g10/keygen.c:2107
+msgid "Really create? "
+msgstr "Gerçekten oluşturulsun mu? "
+
+#: g10/decrypt.c:92 g10/encode.c:590
+msgid "--output doesn't work for this command\n"
+msgstr "--output seçeneği bu komutla çalışmaz\n"
+
+#: g10/encode.c:92 g10/encode.c:296
+#, c-format
+msgid "`%s' already compressed\n"
+msgstr "`%s' zaten sıkıştırılmış\n"
+
+#: g10/encode.c:100 g10/openfile.c:180 g10/openfile.c:300 g10/tdbio.c:492
+#: g10/tdbio.c:552
+#, c-format
+msgid "%s: can't open: %s\n"
+msgstr "%s: açılamıyor: %s\n"
+
+#: g10/encode.c:122 g10/sign.c:959
+#, c-format
+msgid "error creating passphrase: %s\n"
+msgstr "anahtar parolası oluşturulurken hata: %s\n"
+
+#: g10/encode.c:185 g10/encode.c:383
+#, c-format
+msgid "%s: WARNING: empty file\n"
+msgstr "%s: UYARI: dosya boş\n"
+
+#: g10/encode.c:285
+msgid "you can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"
+msgstr ""
+"--pgp2 kipinde sadece 2048 bitlik RSA anahtarları ile şifreleme "
+"yapabilirsiniz\n"
+
+#: g10/encode.c:313
+#, c-format
+msgid "reading from `%s'\n"
+msgstr "`%s'den okunuyor\n"
+
+#: g10/encode.c:347
+msgid ""
+"unable to use the IDEA cipher for all of the keys you are encrypting to.\n"
+msgstr "tüm anahtarları şifrelemek için IDEA şifresi kullanılamaz.\n"
+
+#: g10/encode.c:563
+#, c-format
+msgid "%s/%s encrypted for: %s\n"
+msgstr "%s/%s %s için şifrelendi\n"
+
+#: g10/delkey.c:69 g10/export.c:141
+#, c-format
+msgid "key `%s' not found: %s\n"
+msgstr "anahtar `%s' yok: %s\n"
+
+#: g10/delkey.c:77 g10/export.c:161
+#, c-format
+msgid "error reading keyblock: %s\n"
+msgstr "anahtar bloğu okunurken hata: %s\n"
+
+#: g10/export.c:169
+#, c-format
+msgid "key %08lX: not a rfc2440 key - skipped\n"
+msgstr "%08lX anahtarı: bir RFC2440 anahtarı değil - atlandı\n"
+
+#: g10/export.c:180
+#, c-format
+msgid "key %08lX: not protected - skipped\n"
+msgstr "%08lX anahtarı: korunmamış - atlandı\n"
+
+#: g10/export.c:188
+#, c-format
+msgid "key %08lX: PGP 2.x style key - skipped\n"
+msgstr "%08lX anahtarı: PGP 2.x tarzı bir anahtar - atlandı\n"
+
+#: g10/export.c:255
+msgid "WARNING: nothing exported\n"
+msgstr "UYARI: hiçbir şey dışarı aktarılmadı\n"
+
+#: g10/getkey.c:151
+msgid "too many entries in pk cache - disabled\n"
+msgstr "pk belleğinde çok fazla girdi - iptal edildi\n"
+
+#. fixme: returning translatable constants instead of a user ID is
+#. * not good because they are probably not utf-8 encoded.
+#: g10/getkey.c:187 g10/getkey.c:2272
+msgid "[User id not found]"
+msgstr "[Kullanıcı kimliği bulunamadı]"
+
+#: g10/getkey.c:1360
+#, c-format
+msgid "Invalid key %08lX made valid by --allow-non-selfsigned-uid\n"
+msgstr ""
+"Geçersiz %08lX anahtarı --allow-non-selfsigned-uid kullanılarak geçerli "
+"oldu\n"
+
+#: g10/getkey.c:1989
+#, c-format
+msgid "using secondary key %08lX instead of primary key %08lX\n"
+msgstr "yardımcı anahtar %08lX, asıl anahtar %08lX yerine kullanılıyor\n"
+
+#: g10/getkey.c:2036
+#, c-format
+msgid "key %08lX: secret key without public key - skipped\n"
+msgstr "%08lX anahtarı: genel anahtarsız gizli anahtar - atlandı\n"
+
+#: g10/import.c:206
+#, c-format
+msgid "skipping block of type %d\n"
+msgstr "%d. tür blok atlandı\n"
+
+#: g10/import.c:213
+#, c-format
+msgid "%lu keys so far processed\n"
+msgstr "şu ana kadar herşey yolunda giderek %lu anahtar işlenmiş\n"
+
+#: g10/import.c:218
+#, c-format
+msgid "error reading `%s': %s\n"
+msgstr "\"%s\" okunurken hata: %s\n"
+
+#: g10/import.c:230
+#, c-format
+msgid "Total number processed: %lu\n"
+msgstr "İşlenmiş toplam miktar: %lu\n"
+
+#: g10/import.c:232
+#, c-format
+msgid "      skipped new keys: %lu\n"
+msgstr "     yeni anahtarlar atlandı: %lu\n"
+
+#: g10/import.c:235
+#, c-format
+msgid "          w/o user IDs: %lu\n"
+msgstr "         kullanıcı kimliksiz: %lu\n"
+
+#: g10/import.c:237
+#, c-format
+msgid "              imported: %lu"
+msgstr "                   indirildi: %lu"
+
+#: g10/import.c:243
+#, c-format
+msgid "             unchanged: %lu\n"
+msgstr "                   değişmedi: %lu\n"
+
+#: g10/import.c:245
+#, c-format
+msgid "          new user IDs: %lu\n"
+msgstr "      yeni kullanıcı kimliği: %lu\n"
+
+#: g10/import.c:247
+#, c-format
+msgid "           new subkeys: %lu\n"
+msgstr "    yeni yardımcı anahtarlar: %lu\n"
+
+#: g10/import.c:249
+#, c-format
+msgid "        new signatures: %lu\n"
+msgstr "                yeni imzalar: %lu\n"
+
+#: g10/import.c:251
+#, c-format
+msgid "   new key revocations: %lu\n"
+msgstr "      yeni anahtar iptalleri: %lu\n"
+
+#: g10/import.c:253
+#, c-format
+msgid "      secret keys read: %lu\n"
+msgstr "     gizli anahtarlar okundu: %lu\n"
+
+#: g10/import.c:255
+#, c-format
+msgid "  secret keys imported: %lu\n"
+msgstr "  gizli anahtarlar indirildi: %lu\n"
+
+#: g10/import.c:257
+#, c-format
+msgid " secret keys unchanged: %lu\n"
+msgstr "  gizli anahtarlar değişmedi: %lu\n"
+
+#: g10/import.c:438 g10/import.c:657
+#, c-format
+msgid "key %08lX: no user ID\n"
+msgstr "anahtar %08lX: kullanıcı kimliği yok\n"
+
+#: g10/import.c:455
+#, c-format
+msgid "key %08lX: accepted non self-signed user ID '%s'\n"
+msgstr "anahtar %08lX: öz-imzalı olmayan kullanıcı kimliği '%s' kabul edildi\n"
+
+#: g10/import.c:462
+#, c-format
+msgid "key %08lX: no valid user IDs\n"
+msgstr "anahtar %08lX: kullanıcı kimliği geçersiz\n"
+
+#: g10/import.c:464
+msgid "this may be caused by a missing self-signature\n"
+msgstr "bu kayıp bir öz-imza yüzünden meydana gelebilir\n"
+
+#: g10/import.c:474 g10/import.c:726
+#, c-format
+msgid "key %08lX: public key not found: %s\n"
+msgstr "anahtar %08lX: genel anahtar bulunamadı: %s\n"
+
+#: g10/import.c:479
+#, c-format
+msgid "key %08lX: new key - skipped\n"
+msgstr "anahtar %08lX: yeni anahtar - atlandı\n"
+
+#: g10/import.c:489
+#, c-format
+msgid "no writable keyring found: %s\n"
+msgstr "yazılabilir bir anahtar zinciri yok: %s\n"
+
+#: g10/import.c:494 g10/openfile.c:244 g10/sign.c:648 g10/sign.c:817
+#, c-format
+msgid "writing to `%s'\n"
+msgstr "\"%s\"e yazıyor\n"
+
+#: g10/import.c:497 g10/import.c:571 g10/import.c:677 g10/import.c:786
+#, c-format
+msgid "error writing keyring `%s': %s\n"
+msgstr "\"%s\" anahtar zincirine yazarken hata oluştu: %s\n"
+
+#: g10/import.c:505
+#, c-format
+msgid "key %08lX: public key imported\n"
+msgstr "anahtar %08lX: genel anahtar indirildi\n"
+
+#: g10/import.c:524
+#, c-format
+msgid "key %08lX: doesn't match our copy\n"
+msgstr "anahtar %08lX: bizim kopyamızla eşleşmiyor\n"
+
+#: g10/import.c:542 g10/import.c:743
+#, c-format
+msgid "key %08lX: can't locate original keyblock: %s\n"
+msgstr "anahtar %08lX: özgün anahtar bloku bulunamadı: %s\n"
+
+#: g10/import.c:549 g10/import.c:749
+#, c-format
+msgid "key %08lX: can't read original keyblock: %s\n"
+msgstr "anahtar %08lX: özgün anahtar bloku okunamadı: %s\n"
+
+#: g10/import.c:579
+#, c-format
+msgid "key %08lX: 1 new user ID\n"
+msgstr "anahtar %08lX: 1 yeni kullanıcı kimliği\n"
+
+#: g10/import.c:582
+#, c-format
+msgid "key %08lX: %d new user IDs\n"
+msgstr "anahtar %08lX: %d yeni kullanıcı kimliği\n"
+
+#: g10/import.c:585
+#, c-format
+msgid "key %08lX: 1 new signature\n"
+msgstr "anahtar %08lX: 1 yeni imza\n"
+
+#: g10/import.c:588
+#, c-format
+msgid "key %08lX: %d new signatures\n"
+msgstr "anahtar %08lX: %d yeni imza\n"
+
+#: g10/import.c:591
+#, c-format
+msgid "key %08lX: 1 new subkey\n"
+msgstr "anahtar %08lX: bir yeni yardımcı anahtar\n"
+
+#: g10/import.c:594
+#, c-format
+msgid "key %08lX: %d new subkeys\n"
+msgstr "anahtar %08lX: %d yeni yardımcı anahtar\n"
+
+#: g10/import.c:604
+#, c-format
+msgid "key %08lX: not changed\n"
+msgstr "anahtar %08lX: değişmedi\n"
+
+#: g10/import.c:671
+#, c-format
+msgid "no default secret keyring: %s\n"
+msgstr "öntanımlı gizli anahtar zinciri yok: %s\n"
+
+#: g10/import.c:682
+#, c-format
+msgid "key %08lX: secret key imported\n"
+msgstr "anahtar %08lX: gizli anahtar indirildi\n"
+
+#. we can't merge secret keys
+#: g10/import.c:686
+#, c-format
+msgid "key %08lX: already in secret keyring\n"
+msgstr "anahtar %08lX: zaten gizli anahtar zincirinde\n"
+
+#: g10/import.c:691
+#, c-format
+msgid "key %08lX: secret key not found: %s\n"
+msgstr "anahtar %08lX: gizli anahtar bulunamadı: %s\n"
+
+#: g10/import.c:720
+#, c-format
+msgid "key %08lX: no public key - can't apply revocation certificate\n"
+msgstr ""
+"anahtar %08lX: genel anahtar değil - yürürlükten kaldırma sertifikası "
+"uygulanamaz\n"
+
+#: g10/import.c:760
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - rejected\n"
+msgstr ""
+"anahtar %08lX: yürürlükten kaldırma sertifikası geçersiz: %s - reddedildi\n"
+
+#: g10/import.c:791
+#, c-format
+msgid "key %08lX: revocation certificate imported\n"
+msgstr "anahtar %08lX: yürürlükten kaldırma sertifikası indirildi\n"
+
+#: g10/import.c:826
+#, c-format
+msgid "key %08lX: no user ID for signature\n"
+msgstr "anahtar %08lX: imza için kullanıcı kimliği yok\n"
+
+#: g10/import.c:839
+#, c-format
+msgid "key %08lX: unsupported public key algorithm on user id \"%s\"\n"
+msgstr ""
+"anahtar %08lX: genel anahtar algoritması, kullanıcı kimliği \"%s\" için "
+"desteklenmiyor\n"
+
+#: g10/import.c:841
+#, c-format
+msgid "key %08lX: invalid self-signature on user id \"%s\"\n"
+msgstr "anahtar %08lX: kullanıcı kimliği \"%s\" için öz-imza geçersiz\n"
+
+#: g10/import.c:858
+#, c-format
+msgid "key %08lX: no subkey for key binding\n"
+msgstr "anahtar %08lX: anahtarı garantilemek için yardımcı anahtar yok\n"
+
+#: g10/import.c:868
+#, c-format
+msgid "key %08lX: unsupported public key algorithm\n"
+msgstr "anahtar %08lX: genel anahtar algoritması desteklenmiyor\n"
+
+#: g10/import.c:869
+#, c-format
+msgid "key %08lX: invalid subkey binding\n"
+msgstr "anahtar %08lX: yardımcı anahtar garantileme geçersiz\n"
+
+#: g10/import.c:899
+#, c-format
+msgid "key %08lX: skipped user ID '"
+msgstr "anahtar %08lX: kullanıcı kimliği atlandı: '"
+
+#: g10/import.c:922
+#, c-format
+msgid "key %08lX: skipped subkey\n"
+msgstr "anahtar %08lX: yardımcı anahtar atlandı\n"
+
+#. here we violate the rfc a bit by still allowing
+#. * to import non-exportable signature when we have the
+#. * the secret key used to create this signature - it
+#. * seems that this makes sense
+#: g10/import.c:945
+#, c-format
+msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
+msgstr "anahtar %08lX: imza gönderilebilir değil (%02x sınıfı) - atlandı\n"
+
+#: g10/import.c:954
+#, c-format
+msgid "key %08lX: revocation certificate at wrong place - skipped\n"
+msgstr ""
+"anahtar %08lX: yürürlükten kaldırma sertifikası yanlış yerde - atlandı\n"
+
+#: g10/import.c:971
+#, c-format
+msgid "key %08lX: invalid revocation certificate: %s - skipped\n"
+msgstr ""
+"anahtar %08lX: yürürlükten kaldırma sertifikası geçersiz: %s - atlandı\n"
+
+#: g10/import.c:1072
+#, c-format
+msgid "key %08lX: duplicated user ID detected - merged\n"
+msgstr "anahtar %08lX: çift kullanıcı kimliği saptandı - katıştırıldı\n"
+
+#: g10/import.c:1131
+#, c-format
+msgid "Warning: key %08lX may be revoked: fetching revocation key %08lX\n"
+msgstr ""
+"Uyarı: anahtar %08lX yürürlükten kaldırılmış olmalı: yürürlükten kaldırma "
+"anahtarı %08lX alınıyor\n"
+
+#: g10/import.c:1145
+#, c-format
+msgid "Warning: key %08lX may be revoked: revocation key %08lX not present.\n"
+msgstr ""
+"Uyarı: anahtar %08lX yürürlükten kaldırılmış olabilir: yürürlükten kaldırma "
+"anahtarı %08lX mevcut değil.\n"
+
+#: g10/import.c:1201
+#, c-format
+msgid "key %08lX: revocation certificate added\n"
+msgstr "anahtar %08lX: yürürlükten kaldırma sertifikası eklendi\n"
+
+#: g10/import.c:1231
+#, c-format
+msgid "key %08lX: direct key signature added\n"
+msgstr "anahtar %08lX: doğrudan anahtar imzası eklendi\n"
+
+#: g10/keyedit.c:142
+msgid "[revocation]"
+msgstr "[yürürlükten kaldırma]"
+
+#: g10/keyedit.c:143
+msgid "[self-signature]"
+msgstr "[öz-imza]"
+
+#: g10/keyedit.c:214 g10/keylist.c:139
+msgid "1 bad signature\n"
+msgstr "1 kötü imza\n"
+
+#: g10/keyedit.c:216 g10/keylist.c:141
+#, c-format
+msgid "%d bad signatures\n"
+msgstr "%d kötü imza\n"
+
+#: g10/keyedit.c:218 g10/keylist.c:143
+msgid "1 signature not checked due to a missing key\n"
+msgstr "1 imza kayıp bir anahtar yüzünden kontrol edilmedi\n"
+
+#: g10/keyedit.c:220 g10/keylist.c:145
+#, c-format
+msgid "%d signatures not checked due to missing keys\n"
+msgstr "%d imza kayıp bir anahtar yüzünden kontrol edilmedi\n"
+
+#: g10/keyedit.c:222 g10/keylist.c:147
+msgid "1 signature not checked due to an error\n"
+msgstr "1 imza bir hata yüzünden kontrol edilmedi\n"
+
+#: g10/keyedit.c:224 g10/keylist.c:149
+#, c-format
+msgid "%d signatures not checked due to errors\n"
+msgstr "%d imza hatalardan dolayı kontrol edilmedi\n"
+
+#: g10/keyedit.c:226
+msgid "1 user ID without valid self-signature detected\n"
+msgstr "1 öz-imzası geçersiz kullanıcı kimliği saptandı\n"
+
+#: g10/keyedit.c:228
+#, c-format
+msgid "%d user IDs without valid self-signatures detected\n"
+msgstr "%d öz-imzası geçersiz kullanıcı kimliği saptandı\n"
+
+#: g10/keyedit.c:335
+#, c-format
+msgid "User ID \"%s\" is revoked."
+msgstr "Kullanıcı kimliği \"%s\" yürürlükten kaldırıldı."
+
+#: g10/keyedit.c:343 g10/keyedit.c:426 g10/keyedit.c:484 g10/keyedit.c:1053
+msgid "Are you sure you still want to sign it? (y/N) "
+msgstr "Onu yine de imzalamak istiyor musunuz? (e/H) "
+
+#: g10/keyedit.c:350 g10/keyedit.c:432 g10/keyedit.c:1059
+msgid "  Unable to sign.\n"
+msgstr "  İmzalanamıyor.\n"
+
+#. It's a local sig, and we want to make a
+#. exportable sig.
+#: g10/keyedit.c:364
+#, c-format
+msgid ""
+"Your current signature on \"%s\"\n"
+"is a local signature.\n"
+msgstr ""
+"\"%s\" üzerindeki imzanız\n"
+"dahili bir imza.\n"
+
+#: g10/keyedit.c:368
+msgid "Do you want to promote it to a full exportable signature? (y/N) "
+msgstr ""
+"Bu imzanın dışarda da geçerli hale getirilmesini istiyor musunuz? (e/H) "
+
+#: g10/keyedit.c:388
+#, c-format
+msgid "\"%s\" was already locally signed by key %08lX\n"
+msgstr "\"%s\" zaten %08lX anahtarıyla yerel olarak imzalanmış\n"
+
+#: g10/keyedit.c:393
+#, c-format
+msgid "\"%s\" was already signed by key %08lX\n"
+msgstr "\"%s\" zaten %08lX anahtarıyla imzalanmış\n"
+
+#: g10/keyedit.c:405
+#, c-format
+msgid "Nothing to sign with key %08lX\n"
+msgstr "%08lX anahtarı ile imzalanacak hiçbir şey yok\n"
+
+#: g10/keyedit.c:420
+msgid "This key has expired!"
+msgstr "Bu anahtarın kullanım süresi dolmuş!"
+
+#: g10/keyedit.c:440
+#, c-format
+msgid "This key is due to expire on %s.\n"
+msgstr "Bu anahtarın geçerliliği %s de bitiyor.\n"
+
+#: g10/keyedit.c:444
+msgid "Do you want your signature to expire at the same time? (Y/n) "
+msgstr "İmzanızın da bu kadar süre geçerli olmasını ister misiniz? (E/h) "
+
+#: g10/keyedit.c:477
+msgid ""
+"You may not make an OpenPGP signature on a PGP 2.x key while in --pgp2 "
+"mode.\n"
+msgstr ""
+"--pgp2 kipinde bir PGP 2.x anahtarlara bir OpenPGP imzası "
+"uygulanamayabilir.\n"
+
+#: g10/keyedit.c:479
+msgid "This would make the key unusable in PGP 2.x.\n"
+msgstr "Bu, anahtarı PGP 2.x için kullanışsız yapacak.\n"
+
+#: g10/keyedit.c:500
+msgid ""
+"How carefully have you verified the key you are about to sign actually "
+"belongs\n"
+"to the person named above?  If you don't know what to answer, enter \"0\".\n"
+msgstr ""
+"Bu anahtarın ismi yukarda yazılı kişiye ait olduğunu ne kadar dikkatli\n"
+"doğruladınız?  Bu sorunun cevabını bilmiyorsanız \"0\" yazın.\n"
+
+#: g10/keyedit.c:504
+#, c-format
+msgid "   (0) I will not answer.%s\n"
+msgstr "   (0) Cevabı bilmiyorum. %s\n"
+
+#: g10/keyedit.c:506
+#, c-format
+msgid "   (1) I have not checked at all.%s\n"
+msgstr "   (1) Tamamen kontrol edildi.%s\n"
+
+#: g10/keyedit.c:508
+#, c-format
+msgid "   (2) I have done casual checking.%s\n"
+msgstr "   (2) İlişkisel denetim yaptım.%s\n"
+
+#: g10/keyedit.c:510
+#, c-format
+msgid "   (3) I have done very careful checking.%s\n"
+msgstr "   (3) Çok dikkatli bir denetim yaptım.%s\n"
+
+#: g10/keyedit.c:535
+msgid ""
+"Are you really sure that you want to sign this key\n"
+"with your key: \""
+msgstr ""
+"Bu anahtarı kendi anahtarınızla imzalamak istediğinize gerçekten\n"
+"emin misiniz?: \""
+
+#: g10/keyedit.c:544
+msgid ""
+"\n"
+"The signature will be marked as non-exportable.\n"
+msgstr ""
+"\n"
+"İmza dışarı gönderilemez olarak imlenecek.\n"
+
+#: g10/keyedit.c:548
+msgid ""
+"\n"
+"The signature will be marked as non-revocable.\n"
+msgstr ""
+"\n"
+"İmza yürürlükten kaldırılamaz olarak imlenecek.\n"
+
+#: g10/keyedit.c:553
+msgid ""
+"\n"
+"I have not checked this key at all.\n"
+msgstr ""
+"\n"
+"Her şeyiyle bu anahtarı kontol edemedim.\n"
+
+#: g10/keyedit.c:557
+msgid ""
+"\n"
+"I have checked this key casually.\n"
+msgstr ""
+"\n"
+"Bu anahtarı karşılaştırmalı kontrol ettim.\n"
+
+#: g10/keyedit.c:561
+msgid ""
+"\n"
+"I have checked this key very carefully.\n"
+msgstr ""
+"\n"
+"Bu anahtarı çok dikkatli kontrol ettim.\n"
+
+#: g10/keyedit.c:569
+msgid "Really sign? "
+msgstr "Gerçekten imzalayacak mısınız? "
+
+#: g10/keyedit.c:602 g10/keyedit.c:2593 g10/keyedit.c:2652 g10/sign.c:279
+#, c-format
+msgid "signing failed: %s\n"
+msgstr "imzalama başarısız: %s\n"
+
+#: g10/keyedit.c:658
+msgid "This key is not protected.\n"
+msgstr "Bu anahtar korunmamış.\n"
+
+#: g10/keyedit.c:662
+msgid "Secret parts of primary key are not available.\n"
+msgstr "Asıl anahtarın gizli parçaları kullanılamaz.\n"
+
+#: g10/keyedit.c:666
+msgid "Key is protected.\n"
+msgstr "Anahtar korunmuş.\n"
+
+#: g10/keyedit.c:686
+#, c-format
+msgid "Can't edit this key: %s\n"
+msgstr "Bu anahtar üzerinde düzenleme yapılamaz: %s\n"
+
+#: g10/keyedit.c:692
+msgid ""
+"Enter the new passphrase for this secret key.\n"
+"\n"
+msgstr ""
+"Bu gizli anahtar için yeni anahtar parolasını giriniz.\n"
+"\n"
+
+#: g10/keyedit.c:706
+msgid ""
+"You don't want a passphrase - this is probably a *bad* idea!\n"
+"\n"
+msgstr ""
+"Bir anahtar parolası vermediniz - bu çok *kötü* bir fikir!\n"
+"\n"
+
+#: g10/keyedit.c:709
+msgid "Do you really want to do this? "
+msgstr "Gerçekten bunu yapmak istiyor musunuz? "
+
+#: g10/keyedit.c:773
+msgid "moving a key signature to the correct place\n"
+msgstr "bir anahtar imzası doğru yere taşınıyor\n"
+
+#: g10/keyedit.c:815
+msgid "quit this menu"
+msgstr "bu menüden çık"
+
+#: g10/keyedit.c:816
+msgid "q"
+msgstr "k"
+
+#: g10/keyedit.c:817
+msgid "save"
+msgstr "kaydet"
+
+#: g10/keyedit.c:817
+msgid "save and quit"
+msgstr "kaydet ve çık"
+
+#: g10/keyedit.c:818
+msgid "help"
+msgstr "yardım"
+
+#: g10/keyedit.c:818
+msgid "show this help"
+msgstr "bunu gösterir "
+
+#: g10/keyedit.c:820
+msgid "fpr"
+msgstr "piz"
+
+#: g10/keyedit.c:820
+msgid "show fingerprint"
+msgstr "parmak izini göster"
+
+#: g10/keyedit.c:821
+msgid "list"
+msgstr "listele"
+
+#: g10/keyedit.c:821
+msgid "list key and user IDs"
+msgstr "anahtarı ve kullanıcı kimliğini göster"
+
+#: g10/keyedit.c:822
+msgid "l"
+msgstr "l"
+
+#: g10/keyedit.c:823
+msgid "uid"
+msgstr "kullkim"
+
+#: g10/keyedit.c:823
+msgid "select user ID N"
+msgstr "N kullanıcı kimliğini seçer"
+
+#: g10/keyedit.c:824
+msgid "key"
+msgstr "anahtar"
+
+#: g10/keyedit.c:824
+msgid "select secondary key N"
+msgstr "N yardımcı anahtarını seçer"
+
+#: g10/keyedit.c:825
+msgid "check"
+msgstr "kontrol"
+
+#: g10/keyedit.c:825
+msgid "list signatures"
+msgstr "imzaları listele"
+
+#: g10/keyedit.c:826
+msgid "c"
+msgstr "k"
+
+#: g10/keyedit.c:827
+msgid "sign"
+msgstr "imzala"
+
+#: g10/keyedit.c:827
+msgid "sign the key"
+msgstr "anahtarı imzalar"
+
+#: g10/keyedit.c:828
+msgid "s"
+msgstr "i"
+
+#: g10/keyedit.c:829
+msgid "lsign"
+msgstr "yimza"
+
+#: g10/keyedit.c:829
+msgid "sign the key locally"
+msgstr "anahtarı yerel olarak imzala"
+
+#: g10/keyedit.c:830
+msgid "nrsign"
+msgstr "yksızimza"
+
+#: g10/keyedit.c:830
+msgid "sign the key non-revocably"
+msgstr "yürürlükten kaldırılamayan imza"
+
+#: g10/keyedit.c:831
+msgid "nrlsign"
+msgstr "içyksızimza"
+
+#: g10/keyedit.c:831
+msgid "sign the key locally and non-revocably"
+msgstr "yürürlükten kaldırılamayan yerel imza"
+
+#: g10/keyedit.c:832
+msgid "debug"
+msgstr "hata ayıklama"
+
+#: g10/keyedit.c:833
+msgid "adduid"
+msgstr "kullkimEkle"
+
+#: g10/keyedit.c:833
+msgid "add a user ID"
+msgstr "bir kullanıcı kimliği ekler"
+
+#: g10/keyedit.c:834
+msgid "addphoto"
+msgstr "fotoekle"
+
+#: g10/keyedit.c:834
+msgid "add a photo ID"
+msgstr "bir foto kimliği ekler"
+
+#: g10/keyedit.c:835
+msgid "deluid"
+msgstr "kullkimSil"
+
+#: g10/keyedit.c:835
+msgid "delete user ID"
+msgstr "kullanıcı kimliğini siler"
+
+#. delphoto is really deluid in disguise
+#: g10/keyedit.c:837
+msgid "delphoto"
+msgstr "fotosil"
+
+#: g10/keyedit.c:838
+msgid "addkey"
+msgstr "anhEkle"
+
+#: g10/keyedit.c:838
+msgid "add a secondary key"
+msgstr "bir yardımcı anahtar ekler"
+
+#: g10/keyedit.c:839
+msgid "delkey"
+msgstr "anhSil"
+
+#: g10/keyedit.c:839
+msgid "delete a secondary key"
+msgstr "bir yardımcı anahtar siler"
+
+#: g10/keyedit.c:840
+msgid "delsig"
+msgstr "imzaSil"
+
+#: g10/keyedit.c:840
+msgid "delete signatures"
+msgstr "imzaları siler"
+
+#: g10/keyedit.c:841
+msgid "expire"
+msgstr "sontarih"
+
+#: g10/keyedit.c:841
+msgid "change the expire date"
+msgstr "son kullanım tarihini değiştirir"
+
+#: g10/keyedit.c:842
+msgid "primary"
+msgstr "asıl"
+
+#: g10/keyedit.c:842
+msgid "flag user ID as primary"
+msgstr "kullanıcı kimliğini asıl olarak imler"
+
+#: g10/keyedit.c:843
+msgid "toggle"
+msgstr "seçmece"
+
+#: g10/keyedit.c:843
+msgid "toggle between secret and public key listing"
+msgstr "genel ve gizli anahtar listeleri arasında yer değiştirir"
+
+#: g10/keyedit.c:845
+msgid "t"
+msgstr "b"
+
+#: g10/keyedit.c:846
+msgid "pref"
+msgstr "önayar"
+
+#: g10/keyedit.c:846
+msgid "list preferences (expert)"
+msgstr "tercihleri listeler (uzman)"
+
+#: g10/keyedit.c:847
+msgid "showpref"
+msgstr "tercihgöst"
+
+#: g10/keyedit.c:847
+msgid "list preferences (verbose)"
+msgstr "tercihleri listeler (ayrıntılı)"
+
+#: g10/keyedit.c:848
+msgid "setpref"
+msgstr "tercihyap"
+
+#: g10/keyedit.c:848
+msgid "set preference list"
+msgstr "tercih listesi oluşturmak için"
+
+#: g10/keyedit.c:849
+msgid "updpref"
+msgstr "tercgüncel"
+
+#: g10/keyedit.c:849
+msgid "updated preferences"
+msgstr "güncelenmiş tercihler"
+
+#: g10/keyedit.c:850
+msgid "passwd"
+msgstr "aparola"
+
+#: g10/keyedit.c:850
+msgid "change the passphrase"
+msgstr "anahtar parolasını değiştirir"
+
+#: g10/keyedit.c:851
+msgid "trust"
+msgstr "güvence"
+
+#: g10/keyedit.c:851
+msgid "change the ownertrust"
+msgstr "sahibiningüvencesini değiştirir"
+
+#: g10/keyedit.c:852
+msgid "revsig"
+msgstr "imzayürkal"
+
+#: g10/keyedit.c:852
+msgid "revoke signatures"
+msgstr "imzaları yürürlükten kaldırır"
+
+#: g10/keyedit.c:853
+msgid "revkey"
+msgstr "yürkalanh"
+
+#: g10/keyedit.c:853
+msgid "revoke a secondary key"
+msgstr "bir yardımcı anahtarı yürürlükten kaldırır"
+
+#: g10/keyedit.c:854
+msgid "disable"
+msgstr "iptal"
+
+#: g10/keyedit.c:854
+msgid "disable a key"
+msgstr "bir anahtarı iptal eder"
+
+#: g10/keyedit.c:855
+msgid "enable"
+msgstr "kullan"
+
+#: g10/keyedit.c:855
+msgid "enable a key"
+msgstr "bir anahtarı kullanıma sokar"
+
+#: g10/keyedit.c:856
+msgid "showphoto"
+msgstr "fotogöst"
+
+#: g10/keyedit.c:856
+msgid "show photo ID"
+msgstr "foto kimliğini gösterir"
+
+#: g10/delkey.c:112 g10/keyedit.c:876
+msgid "can't do that in batchmode\n"
+msgstr "bu önceden belirlenmiş işlemler kipinde (in batchmode) yapılamaz\n"
+
+#: g10/keyedit.c:913
+#, c-format
+msgid "error reading secret keyblock `%s': %s\n"
+msgstr "gizli anahtar bloğu `%s' okunurken hata oluştu: %s\n"
+
+#: g10/keyedit.c:931
+msgid "Secret key is available.\n"
+msgstr "Gizli anahtar mevcut.\n"
+
+#: g10/keyedit.c:962
+msgid "Command> "
+msgstr "Komut> "
+
+#: g10/keyedit.c:994
+msgid "Need the secret key to do this.\n"
+msgstr "Bunu yapmak için gizli anahtar gerekli.\n"
+
+#: g10/keyedit.c:998
+msgid "Please use the command \"toggle\" first.\n"
+msgstr "lütfen önce \"seçmece\" komutunu kullanın.\n"
+
+#: g10/keyedit.c:1047
+msgid "Key is revoked."
+msgstr "Anahtar yürürlükten kaldırıldı."
+
+#: g10/keyedit.c:1066
+msgid "Really sign all user IDs? "
+msgstr "Tüm kullanıcı kimlikleri gerçekten imzalanacak mı? "
+
+#: g10/keyedit.c:1067
+msgid "Hint: Select the user IDs to sign\n"
+msgstr "İpucu: İmzalamak için bir kullanıcı kimliği seçiniz\n"
+
+#: g10/keyedit.c:1092
+#, c-format
+msgid "This command is not allowed while in %s mode.\n"
+msgstr "%s kipindeyken bu komut kullanılamaz.\n"
+
+#: g10/keyedit.c:1112 g10/keyedit.c:1133
+msgid "You must select at least one user ID.\n"
+msgstr "En az bir kullanıcı kimliği seçmelisiniz.\n"
+
+#: g10/keyedit.c:1114
+msgid "You can't delete the last user ID!\n"
+msgstr "Son kullanıcı kimliğini silemezsiniz!\n"
+
+#: g10/keyedit.c:1117
+msgid "Really remove all selected user IDs? "
+msgstr "Seçilen tüm kullanıcı kimlikleri gerçekten silinecek mi? "
+
+#: g10/keyedit.c:1118
+msgid "Really remove this user ID? "
+msgstr "Bu kullanıcı kimliği gerçekten silinecek mi? "
+
+#: g10/keyedit.c:1156 g10/keyedit.c:1178
+msgid "You must select at least one key.\n"
+msgstr "En az bir anahtar seçmelisiniz.\n"
+
+#: g10/keyedit.c:1160
+msgid "Do you really want to delete the selected keys? "
+msgstr "Seçilen anahtarları gerçekten silmek istiyor musunuz? "
+
+#: g10/keyedit.c:1161
+msgid "Do you really want to delete this key? "
+msgstr "Bu anahtarı gerçekten silmek istiyor musunuz? "
+
+#: g10/keyedit.c:1182
+msgid "Do you really want to revoke the selected keys? "
+msgstr "Seçilen anahtarları gerçekten yürürlükten kaldırmak istiyor musunuz? "
+
+#: g10/keyedit.c:1183
+msgid "Do you really want to revoke this key? "
+msgstr "Bu anahtarı gerçekten yürürlükten kaldırmak istiyor musunuz? "
+
+#: g10/keyedit.c:1252
+msgid "Really update the preferences for the selected user IDs? "
+msgstr ""
+"Seçilen kullanıcı kimlik için tercihleri gerçekten güncellemek istiyor "
+"musunuz? "
+
+#: g10/keyedit.c:1254
+msgid "Really update the preferences? "
+msgstr "Tercihleri gerçekten güncellemek istiyor musunuz? "
+
+#: g10/keyedit.c:1292
+msgid "Save changes? "
+msgstr "Değişiklikler kaydedilecek mi? "
+
+#: g10/keyedit.c:1295
+msgid "Quit without saving? "
+msgstr "Kaydetmeden çıkılsın mı? "
+
+#: g10/keyedit.c:1306
+#, c-format
+msgid "update failed: %s\n"
+msgstr "güncelleme başarısız: %s\n"
+
+#: g10/keyedit.c:1313
+#, c-format
+msgid "update secret failed: %s\n"
+msgstr "gizliyi güncelleme başarısız: %s\n"
+
+#: g10/keyedit.c:1320
+msgid "Key not changed so no update needed.\n"
+msgstr "Güncelleme gereği olmadığından anahtar değişmedi.\n"
+
+#: g10/keyedit.c:1332
+msgid "Invalid command  (try \"help\")\n"
+msgstr "Komut geçersiz (\"yardım\" komutunu deneyin)\n"
+
+#: g10/keyedit.c:1489
+#, c-format
+msgid "This key may be revoked by %s key %s%s\n"
+msgstr ""
+"Bu anahtar %s tarafından %s%s anahtarı ile yürürlükten kaldırılmış olabilir\n"
+
+#: g10/keyedit.c:1492
+msgid " (sensitive)"
+msgstr " (duyarlı)"
+
+#: g10/keyedit.c:1497 g10/keyedit.c:1523
+#, c-format
+msgid "%s%c %4u%c/%08lX  created: %s expires: %s"
+msgstr "%s%c %4u%c/%08lX  üretildi: %s son kullanma tarihi: %s"
+
+#: g10/keyedit.c:1506
+#, c-format
+msgid " trust: %c/%c"
+msgstr " güven derecesi: %c/%c"
+
+#: g10/keyedit.c:1510
+msgid "This key has been disabled"
+msgstr "Bu anahtar iptal edilmişti"
+
+#: g10/keyedit.c:1539
+#, c-format
+msgid "rev! subkey has been revoked: %s\n"
+msgstr "yürkal! yardımcı anahtar yürürlülükten kaldırıldı: %s\n"
+
+#: g10/keyedit.c:1542
+msgid "rev- faked revocation found\n"
+msgstr "yürkal- sahte yürürlükten kaldırma sertifikası bulundu\n"
+
+#: g10/keyedit.c:1544
+#, c-format
+msgid "rev? problem checking revocation: %s\n"
+msgstr "yürkal? Yürürlükten kaldırma denetlenirken problem: %s\n"
+
+#: g10/keyedit.c:1574
+msgid ""
+"Please note that the shown key validity is not necessary correct\n"
+"unless you restart the program.\n"
+msgstr ""
+"Gösterilen anahtarın, uygulamayı yeniden başlatıncaya kadar, geçerliliğinin\n"
+"olmayacağını lütfen gözönüne alınız.\n"
+
+#: g10/keyedit.c:1660
+msgid ""
+"WARNING: This key already has a photo ID.\n"
+"         Adding another photo ID may confuse some versions of PGP.\n"
+msgstr ""
+"UYARI: Bu anahtarın zaten bir foto kimliği var.\n"
+"    Başka bir foto kimliği eklemek PGP'in bazı sürümleriyle uyumsuz "
+"olabilir.\n"
+
+#: g10/keyedit.c:1664 g10/keyedit.c:1691
+msgid "Are you sure you still want to add it? (y/N) "
+msgstr "Onu yine de eklemek istiyor musunuz? (e/H) "
+
+#: g10/keyedit.c:1672
+msgid "You may only have one photo ID on a key.\n"
+msgstr "Bir anahtarın sadece bir foto kimliği olabilir.\n"
+
+#: g10/keyedit.c:1686
+msgid ""
+"WARNING: This is a PGP2-style key.  Adding a photo ID may cause some "
+"versions\n"
+"         of PGP to reject this key.\n"
+msgstr ""
+"UYARI: Bu PGP-2 tarzı bir anahtar. Bir foto kimliği eklenmesi bu anahtarın\n"
+"       bazı PGP sürümleri tarafından reddedilmesi ile sonuçlanabilir.\n"
+
+#: g10/keyedit.c:1697
+msgid "You may not add a photo ID to a PGP2-style key.\n"
+msgstr "PGP2 tarzı bir anahtara bir foto kimliği ekleyemeyebilirsiniz.\n"
+
+#: g10/keyedit.c:1832
+msgid "Delete this good signature? (y/N/q)"
+msgstr "Bu doğru imza silinsin mi? (e/H/k)"
+
+#: g10/keyedit.c:1842
+msgid "Delete this invalid signature? (y/N/q)"
+msgstr "Bu geçersiz imza silinsin mi? (e/H/k)"
+
+#: g10/keyedit.c:1846
+msgid "Delete this unknown signature? (y/N/q)"
+msgstr "Bu bilinmeyen imza silinsin mi? (e/H/k)"
+
+#: g10/keyedit.c:1852
+msgid "Really delete this self-signature? (y/N)"
+msgstr "Bu öz-imza gerçekten silinecek mi? (e/H)"
+
+#: g10/keyedit.c:1866
+#, c-format
+msgid "Deleted %d signature.\n"
+msgstr "%d imza silindi.\n"
+
+#: g10/keyedit.c:1867
+#, c-format
+msgid "Deleted %d signatures.\n"
+msgstr "%d imza silindi.\n"
+
+#: g10/keyedit.c:1870
+msgid "Nothing deleted.\n"
+msgstr "Hiçbir şey silinmedi.\n"
+
+#: g10/keyedit.c:1943
+msgid "Please remove selections from the secret keys.\n"
+msgstr "Lütfen gizli anahtarlardan seçilenleri silin.\n"
+
+#: g10/keyedit.c:1949
+msgid "Please select at most one secondary key.\n"
+msgstr "Lütfen en fazla bir yardımcı anahtar seçin.\n"
+
+#: g10/keyedit.c:1953
+msgid "Changing expiration time for a secondary key.\n"
+msgstr "Bir yardımcı anahtar için son kullanma tarihi değiştiriliyor.\n"
+
+#: g10/keyedit.c:1955
+msgid "Changing expiration time for the primary key.\n"
+msgstr "Asıl anahtar için son kullanma tarihi değiştiriliyor.\n"
+
+#: g10/keyedit.c:1997
+msgid "You can't change the expiration date of a v3 key\n"
+msgstr "Bir v3 anahtarının son kullanma tarihini değiştiremezsiniz\n"
+
+#: g10/keyedit.c:2013
+msgid "No corresponding signature in secret ring\n"
+msgstr "Gizli anahtar demetinde uygun/benzer imza yok\n"
+
+#: g10/keyedit.c:2096
+msgid "Please select exactly one user ID.\n"
+msgstr "Lütfen sadece ve sadece bir kullanıcı kimlik seçiniz.\n"
+
+#: g10/keyedit.c:2284
+#, c-format
+msgid "No user ID with index %d\n"
+msgstr "%d endeksine sahip kullanıcı kimliği yok\n"
+
+#: g10/keyedit.c:2330
+#, c-format
+msgid "No secondary key with index %d\n"
+msgstr "%d endeksine sahip yardımcı anahtar yok\n"
+
+#: g10/keyedit.c:2444
+msgid "user ID: \""
+msgstr "Kullanıcı kimliği: \""
+
+#: g10/keyedit.c:2449
+#, c-format
+msgid ""
+"\"\n"
+"signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+" %08lX anahtarınızla %s de imzalandı\n"
+
+#: g10/keyedit.c:2452
+#, c-format
+msgid ""
+"\"\n"
+"locally signed with your key %08lX at %s\n"
+msgstr ""
+"\"\n"
+"%08lX anahtarınızla %s de yerel olarak imzalı\n"
+
+#: g10/keyedit.c:2457
+#, c-format
+msgid "This signature expired on %s.\n"
+msgstr "Bu anahtarın geçerliliği %s de bitti.\n"
+
+#: g10/keyedit.c:2461
+msgid "Are you sure you still want to revoke it? (y/N) "
+msgstr "Onu yine de yürürlükten kaldırmak istiyor musunuz? (e/H) "
+
+#: g10/keyedit.c:2465
+msgid "Create a revocation certificate for this signature? (y/N) "
+msgstr ""
+"Bu imza için bir yürürlükten kaldırma sertifikası oluşturulsun mu? (e/H) "
+
+#. FIXME: detect duplicates here
+#: g10/keyedit.c:2490
+msgid "You have signed these user IDs:\n"
+msgstr "Bu kullanıcı kimliklerini imzalamışsınız:\n"
+
+#: g10/keyedit.c:2504
+#, c-format
+msgid "   signed by %08lX at %s%s%s\n"
+msgstr "   %08lX ile %s%s%s de imzalanmış\n"
+
+#: g10/keyedit.c:2512
+#, c-format
+msgid "   revoked by %08lX at %s\n"
+msgstr "   %08lX tarafından %s de yürürlükten kaldırılmış\n"
+
+#: g10/keyedit.c:2532
+msgid "You are about to revoke these signatures:\n"
+msgstr "Bu imzaları yürürlükten kaldırmak üzeresiniz:\n"
+
+#: g10/keyedit.c:2542
+#, c-format
+msgid "   signed by %08lX at %s%s\n"
+msgstr "   %08lX ile %s%s de imzalanmış\n"
+
+#: g10/keyedit.c:2544
+msgid " (non-exportable)"
+msgstr " (dışarda geçersiz)"
+
+#: g10/keyedit.c:2551
+msgid "Really create the revocation certificates? (y/N) "
+msgstr ""
+"Bu yürürlükten kaldırma sertifikalarını gerçekten oluşturacak mısınız? (e/H) "
+
+#: g10/keyedit.c:2581
+msgid "no secret key\n"
+msgstr "gizli anahtar yok\n"
+
+#: g10/keyedit.c:2730
+#, c-format
+msgid "Displaying %s photo ID of size %ld for key 0x%08lX (uid %d)\n"
+msgstr ""
+"Anahtar 0x%3$08lX (kull-kiml %4$d) için %2$ld uzunluktaki %1$s foto kimliği "
+"gösteriliyor\n"
+
+#. This isn't UTF8 as it is a URL(?)
+#: g10/keylist.c:87
+msgid "Signature policy: "
+msgstr "imza guvencesi: "
+
+#: g10/keylist.c:112 g10/keylist.c:132 g10/mainproc.c:721 g10/mainproc.c:730
+msgid "WARNING: invalid notation data found\n"
+msgstr "UYARI: geçersiz niteleme verisi bulundu\n"
+
+#. This is UTF8
+#: g10/keylist.c:120
+msgid "Signature notation: "
+msgstr "imza niteleyici: "
+
+#: g10/keylist.c:127
+msgid "not human readable"
+msgstr "insan okuyabilir değil"
+
+#: g10/keylist.c:216
+msgid "Keyring"
+msgstr "Anahtar Zinciri"
+
+#. of subkey
+#: g10/keylist.c:423 g10/mainproc.c:856
+#, c-format
+msgid " [expires: %s]"
+msgstr "[son kullanma tarihi: %s]"
+
+#: g10/keylist.c:889
+msgid "Fingerprint:"
+msgstr " Parmak izi:"
+
+#. use tty
+#. Translators: this should fit into 24 bytes to that the fingerprint
+#. * data is properly aligned with the user ID
+#: g10/keylist.c:895
+msgid "             Fingerprint:"
+msgstr "              Parmak izi:"
+
+#: g10/keylist.c:899
+msgid "     Key fingerprint ="
+msgstr "     Anahtar parmak izi ="
+
+#: g10/encr-data.c:66 g10/mainproc.c:255
+#, c-format
+msgid "%s encrypted data\n"
+msgstr "%s şifreli veri\n"
+
+#: g10/encr-data.c:68 g10/mainproc.c:257
+#, c-format
+msgid "encrypted with unknown algorithm %d\n"
+msgstr "bilinmeyen algoritma %d ile şifrelenmiş\n"
+
+#: g10/mainproc.c:280
+#, c-format
+msgid "public key is %08lX\n"
+msgstr "genel anahtar: %08lX\n"
+
+#: g10/mainproc.c:326
+msgid "public key encrypted data: good DEK\n"
+msgstr "genel anahtarla şifreli veri: doğru DEK\n"
+
+#: g10/mainproc.c:378
+#, c-format
+msgid "encrypted with %u-bit %s key, ID %08lX, created %s\n"
+msgstr ""
+"%u bitlik %s anahtarı ve kullanıcı kimliği\n"
+"%08lX ile şifrelendi, %s oluşturuldu\n"
+
+#: g10/mainproc.c:388
+#, c-format
+msgid "encrypted with %s key, ID %08lX\n"
+msgstr "%s anahtarı ve %08lX kullanıcı kimliği ile şifrelendi\n"
+
+#: g10/mainproc.c:402
+#, c-format
+msgid "public key decryption failed: %s\n"
+msgstr "genel anahtar şifre çözümü başarısız: %s\n"
+
+#: g10/mainproc.c:429 g10/mainproc.c:448
+#, c-format
+msgid "assuming %s encrypted data\n"
+msgstr "%s şifreli veri varsayılıyor\n"
+
+#: g10/mainproc.c:436
+#, c-format
+msgid "IDEA cipher unavailable, optimistically attempting to use %s instead\n"
+msgstr ""
+"IDEA şifre kullanışsız, iyimserlikle yerine %s kullanılmaya çalışılıyor\n"
+
+#: g10/mainproc.c:466
+msgid "decryption okay\n"
+msgstr "Şifre çözme tamam\n"
+
+#: g10/mainproc.c:471
+msgid "WARNING: encrypted message has been manipulated!\n"
+msgstr "UYARI: şifreli ileti tahrip edilmiş!\n"
+
+#: g10/mainproc.c:476
+#, c-format
+msgid "decryption failed: %s\n"
+msgstr "şifre çözme başarısız: %s\n"
+
+#: g10/mainproc.c:495
+msgid "NOTE: sender requested \"for-your-eyes-only\"\n"
+msgstr "BİLGİ: gönderen \"yalnız-gözleriniz-için\" ricasında bulundu\n"
+
+#: g10/mainproc.c:497
+#, c-format
+msgid "original file name='%.*s'\n"
+msgstr "özgün dosya adı = '%.*s'\n"
+
+#: g10/mainproc.c:672
+msgid "standalone revocation - use \"gpg --import\" to apply\n"
+msgstr ""
+"tek başına yürürlükten kaldırma - uygulamak için \"gpg --import\" kullanın\n"
+
+#: g10/mainproc.c:733
+msgid "Notation: "
+msgstr "Niteleme: "
+
+#: g10/mainproc.c:745
+msgid "Policy: "
+msgstr "Güvence: "
+
+#: g10/mainproc.c:1198
+msgid "signature verification suppressed\n"
+msgstr "imza doğrulama engellendi\n"
+
+#. plaintext before signatures but no one-pass packets
+#: g10/mainproc.c:1240 g10/mainproc.c:1250
+msgid "can't handle these multiple signatures\n"
+msgstr "bu çoklu imzalar elde edilemiyor\n"
+
+#: g10/mainproc.c:1261
+#, c-format
+msgid "Signature made %.*s using %s key ID %08lX\n"
+msgstr "%.*s imzası, %s anahtarı ve %08lX kullanıcı kimliği ile yapıldı\n"
+
+#: g10/mainproc.c:1305 g10/mainproc.c:1327
+msgid "BAD signature from \""
+msgstr "KÖTÜ imza: \""
+
+#: g10/mainproc.c:1306 g10/mainproc.c:1328
+msgid "Expired signature from \""
+msgstr "Kullanım tarihi geçmiş imza: \""
+
+#: g10/mainproc.c:1307 g10/mainproc.c:1329
+msgid "Good signature from \""
+msgstr "Doğru imza: \""
+
+#: g10/mainproc.c:1331
+msgid "[uncertain]"
+msgstr "[şüpheli]"
+
+#: g10/mainproc.c:1351
+msgid "                aka \""
+msgstr "                den \""
+
+#: g10/mainproc.c:1412
+#, c-format
+msgid "Can't check signature: %s\n"
+msgstr "İmza kontrol edilemedi: %s\n"
+
+#: g10/mainproc.c:1481 g10/mainproc.c:1497 g10/mainproc.c:1559
+msgid "not a detached signature\n"
+msgstr "bir bağımsız imza değil\n"
+
+#: g10/mainproc.c:1508
+#, c-format
+msgid "standalone signature of class 0x%02x\n"
+msgstr "0x%02x sınıfı tek başına imza\n"
+
+#: g10/mainproc.c:1565
+msgid "old style (PGP 2.x) signature\n"
+msgstr "eski stil (PGP 2.x) imza\n"
+
+#: g10/mainproc.c:1572
+msgid "invalid root packet detected in proc_tree()\n"
+msgstr "proc_tree() içinde geçersiz kök paket saptandı\n"
+
+#: g10/misc.c:101
+#, c-format
+msgid "can't disable core dumps: %s\n"
+msgstr "\"core\" oluşumu iptal edilemedi: %s\n"
+
+#: g10/misc.c:211
+msgid "Experimental algorithms should not be used!\n"
+msgstr "Deneysel algoritmalar kullanılmamalı!\n"
+
+#: g10/misc.c:241
+msgid "this cipher algorithm is deprecated; please use a more standard one!\n"
+msgstr ""
+"bu şifre algoritması standart dışı; lütfen daha standart birini kullanın!\n"
+
+#: g10/misc.c:378
+#, c-format
+msgid "Warning: unsafe ownership on %s \"%s\"\n"
+msgstr "Uyarı: %s \"%s\" de güvensiz sahiplik\n"
+
+#: g10/misc.c:410
+#, c-format
+msgid "Warning: unsafe permissions on %s \"%s\"\n"
+msgstr "Uyarı: %s \"%s\" de güvensiz izinler\n"
+
+#: g10/misc.c:435
+msgid "the IDEA cipher plugin is not present\n"
+msgstr "IDEA şifre eklentisi yok\n"
+
+#: g10/misc.c:436
+msgid ""
+"please see http://www.gnupg.org/why-not-idea.html for more information\n"
+msgstr ""
+"Daha fazla bilgi için lütfen http://www.gnupg.org/why-not-idea.html "
+"adresine\n"
+"bakınız.\n"
+
+#: g10/parse-packet.c:119
+#, c-format
+msgid "can't handle public key algorithm %d\n"
+msgstr "%d genel anahtar algoritması kullanılamadı\n"
+
+#: g10/parse-packet.c:1053
+#, c-format
+msgid "subpacket of type %d has critical bit set\n"
+msgstr "%d tipi alt paket kritik bit kümesine sahip\n"
+
+#: g10/passphrase.c:442 g10/passphrase.c:489
+msgid "gpg-agent is not available in this session\n"
+msgstr "gpg-agent bu oturumda kullanılamaz\n"
+
+#: g10/passphrase.c:450
+msgid "can't set client pid for the agent\n"
+msgstr "istemci pid'i belirlenemiyor\n"
+
+#: g10/passphrase.c:458
+msgid "can't get server read FD for the agent\n"
+msgstr "sunucu okuma dosya tanıtıcısı alınamadı\n"
+
+#: g10/passphrase.c:465
+msgid "can't get server write FD for the agent\n"
+msgstr "sunucu yazma dosya tanıtıcısı alınamadı\n"
+
+#: g10/passphrase.c:498
+msgid "malformed GPG_AGENT_INFO environment variable\n"
+msgstr "GPG_AGENT_INFO çevre değişkeni hatalı\n"
+
+#: g10/passphrase.c:511
+#, c-format
+msgid "gpg-agent protocol version %d is not supported\n"
+msgstr "gpg-agent protokolü sürüm %d desteklenmiyor\n"
+
+#: g10/hkp.c:147 g10/passphrase.c:532
+#, c-format
+msgid "can't connect to `%s': %s\n"
+msgstr "\"%s\" sunucusuna bağlanılamadı: %s\n"
+
+#: g10/passphrase.c:554
+msgid "communication problem with gpg-agent\n"
+msgstr "gpg-agent ile haberleşme problemi\n"
+
+#: g10/passphrase.c:561 g10/passphrase.c:811 g10/passphrase.c:919
+msgid "problem with the agent - disabling agent use\n"
+msgstr "vekil ile problem - vekil kullanımı iptal ediliyor\n"
+
+#: g10/passphrase.c:631 g10/passphrase.c:1017
+#, c-format
+msgid " (main key ID %08lX)"
+msgstr " (asıl anahtar kimliği %08lX)"
+
+#: g10/passphrase.c:641
+#, c-format
+msgid ""
+"You need a passphrase to unlock the secret key for user:\n"
+"\"%.*s\"\n"
+"%u-bit %s key, ID %08lX, created %s%s\n"
+msgstr ""
+"\"%.*s\"\n"
+"kullanıcısının gizli anahtarını açacak bir anahtar parolasına ihtiyaç var.\n"
+"%u bitlik %s anahtarı, kimlik %08lX, oluşturulan %s%s\n"
+
+#: g10/passphrase.c:662
+msgid "Enter passphrase\n"
+msgstr "Anahtar parolasını giriniz\n"
+
+#: g10/passphrase.c:664
+msgid "Repeat passphrase\n"
+msgstr "Parolayı tekrar yazınız\n"
+
+#: g10/passphrase.c:705
+msgid "passphrase too long\n"
+msgstr "Parola çok uzun\n"
+
+#: g10/passphrase.c:718
+msgid "invalid response from agent\n"
+msgstr "yanıt geçersiz\n"
+
+#: g10/passphrase.c:727 g10/passphrase.c:808
+msgid "cancelled by user\n"
+msgstr "kullanıcı tarafından durduruldu\n"
+
+#: g10/passphrase.c:729 g10/passphrase.c:890
+#, c-format
+msgid "problem with the agent: agent returns 0x%lx\n"
+msgstr "vekil ile sorun var: vekil 0x%lx ile sonuçlandı\n"
+
+#: g10/passphrase.c:1003
+msgid ""
+"\n"
+"You need a passphrase to unlock the secret key for\n"
+"user: \""
+msgstr ""
+"\n"
+"Gizli anahtarın kilidini açmak için bir anahtar parolasına ihtiyacınız var.\n"
+"Anahtarın sahibi: \""
+
+#: g10/passphrase.c:1012
+#, c-format
+msgid "%u-bit %s key, ID %08lX, created %s"
+msgstr "%u bitlik %s anahtarı, kimlik: %08lX, oluşturuldu %s"
+
+#: g10/passphrase.c:1063
+msgid "can't query password in batchmode\n"
+msgstr "önceden tanımlanmış işlemler kipinde (batchmode) parola sorgulanamaz\n"
+
+#: g10/passphrase.c:1067
+msgid "Enter passphrase: "
+msgstr "Anahtar parolasını girin: "
+
+#: g10/passphrase.c:1071
+msgid "Repeat passphrase: "
+msgstr "Tekrar: "
+
+#: g10/plaintext.c:67
+msgid "data not saved; use option \"--output\" to save it\n"
+msgstr "veri kaydedilmedi; kaydetmek için \"--output\" seçeneğini kullanın\n"
+
+#: g10/plaintext.c:108
+#, c-format
+msgid "error creating `%s': %s\n"
+msgstr "`%s' oluşturulurken hata: %s\n"
+
+#: g10/plaintext.c:337
+msgid "Detached signature.\n"
+msgstr "Bağımsız imza.\n"
+
+#: g10/plaintext.c:341
+msgid "Please enter name of data file: "
+msgstr "Lütfen veri dosyasının ismini girin: "
+
+#: g10/plaintext.c:362
+msgid "reading stdin ...\n"
+msgstr "standart girdiden okuyor ...\n"
+
+#: g10/plaintext.c:396
+msgid "no signed data\n"
+msgstr "imzalı veri yok\n"
+
+#: g10/plaintext.c:404
+#, c-format
+msgid "can't open signed data `%s'\n"
+msgstr "imzalı veri '%s'  açılamadı\n"
+
+#: g10/pubkey-enc.c:100
+#, c-format
+msgid "anonymous recipient; trying secret key %08lX ...\n"
+msgstr "anonim alıcı: %08lX gizli anahtarı deneniyor ...\n"
+
+#: g10/pubkey-enc.c:106
+msgid "okay, we are the anonymous recipient.\n"
+msgstr "tamam, biz anonim alıcıyız.\n"
+
+#: g10/pubkey-enc.c:158
+msgid "old encoding of the DEK is not supported\n"
+msgstr "DEK'in eski kodlaması desteklenmiyor\n"
+
+#: g10/pubkey-enc.c:177
+#, c-format
+msgid "cipher algorithm %d%s is unknown or disabled\n"
+msgstr "şifre algoritması %d%s bilinmiyor ya da iptal edilmiş\n"
+
+#: g10/pubkey-enc.c:220
+#, c-format
+msgid "NOTE: cipher algorithm %d not found in preferences\n"
+msgstr "BİLGİ: %d şifre algoritması tercihlerde bulunamadı\n"
+
+#: g10/pubkey-enc.c:242
+#, c-format
+msgid "NOTE: secret key %08lX expired at %s\n"
+msgstr "BİLGİ: %08lX gizli anahtarının %s tarihinde kullanım süresi doldu\n"
+
+#. HKP does not support v3 fingerprints
+#: g10/hkp.c:70
+#, c-format
+msgid "requesting key %08lX from HKP keyserver %s\n"
+msgstr "%08lX anahtarı HKP anahtar sunucusunun %s adresinden isteniyor\n"
+
+#: g10/hkp.c:94
+#, c-format
+msgid "can't get key from keyserver: %s\n"
+msgstr "anahtar sunucusunun %s adresinden anahtar alınamadı\n"
+
+#: g10/hkp.c:171
+#, c-format
+msgid "error sending to `%s': %s\n"
+msgstr "\"%s\" adresine gönderme hatası: %s\n"
+
+#: g10/hkp.c:186
+#, c-format
+msgid "success sending to `%s' (status=%u)\n"
+msgstr "\"%s\" adresine gönderme işlemi başarılı (durum=%u)\n"
+
+#: g10/hkp.c:189
+#, c-format
+msgid "failed sending to `%s': status=%u\n"
+msgstr "\"%s\" adresine gönderme işlemi başarısız (durum=%u)\n"
+
+#: g10/hkp.c:471
+#, c-format
+msgid "searching for \"%s\" from HKP server %s\n"
+msgstr "HKP sunucusunun %2$s adresinde \"%1$s\" aranıyor\n"
+
+#: g10/hkp.c:521
+#, c-format
+msgid "can't search keyserver: %s\n"
+msgstr "anahtar sunucusu aranamıyor: %s\n"
+
+#: g10/seckey-cert.c:53
+msgid "secret key parts are not available\n"
+msgstr "gizli anahtar parçaları kullanım dışı\n"
+
+#: g10/seckey-cert.c:59
+#, c-format
+msgid "protection algorithm %d%s is not supported\n"
+msgstr "koruma algoritması %d%s desteklenmiyor\n"
+
+#: g10/seckey-cert.c:215
+msgid "Invalid passphrase; please try again"
+msgstr "Anahtar parolası geçersiz; lütfen tekrar deneyin"
+
+#: g10/seckey-cert.c:216
+#, c-format
+msgid "%s ...\n"
+msgstr "%s ...\n"
+
+#: g10/seckey-cert.c:273
+msgid "WARNING: Weak key detected - please change passphrase again.\n"
+msgstr ""
+"UYARI: Zayıf anahtar saptandı - lütfen anahtar parolasını tekrar "
+"değiştirin.\n"
+
+#: g10/seckey-cert.c:311
+msgid "generating the deprecated 16-bit checksum for secret key protection\n"
+msgstr ""
+"gizli anahtarın güvenliği için eski tarz 16 bitlik sağlama toplamı "
+"üretiliyor\n"
+
+#: g10/sig-check.c:205
+msgid ""
+"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
+msgstr "Bu, imzalar için güvenli olmayan PGP üretimi bir ElGamal anahtarı!\n"
+
+#: g10/sig-check.c:213
+#, c-format
+msgid "public key is %lu second newer than the signature\n"
+msgstr "genel anahtar imzadan %lu saniye daha yeni\n"
+
+#: g10/sig-check.c:214
+#, c-format
+msgid "public key is %lu seconds newer than the signature\n"
+msgstr "genel anahtar imzadan %lu saniye daha yeni.\n"
+
+#: g10/sig-check.c:237
+#, c-format
+msgid "NOTE: signature key %08lX expired %s\n"
+msgstr "BİLGİ: %08lX imza anahtarının kullanım süresi %s tarihinde dolmuş\n"
+
+#: g10/sig-check.c:318
+msgid "assuming bad signature due to an unknown critical bit\n"
+msgstr "Hatalı imzanın bilinmeyen bir kritik bitten kaynaklandığı sanılıyor\n"
+
+#: g10/sign.c:115
+#, c-format
+msgid ""
+"WARNING: unable to %%-expand policy url (too large).  Using unexpanded.\n"
+msgstr ""
+"UYARI: güvence adresinin uzatılması imkansız (çok büyük).\n"
+"Uzatılmadan kullanılıyor.\n"
+
+#: g10/sign.c:274
+#, c-format
+msgid "checking created signature failed: %s\n"
+msgstr "oluşturulan imzanın denetimi başarısız: %s\n"
+
+#: g10/sign.c:283
+#, c-format
+msgid "%s signature from: %s\n"
+msgstr "%s imza: %s den\n"
+
+#: g10/sign.c:430
+#, c-format
+msgid "WARNING: `%s' is an empty file\n"
+msgstr "UYARI: \"%s\" dosyası boş\n"
+
+#: g10/sign.c:618
+msgid "you can only sign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr ""
+"--pgp2 kipinde sadece PGP 2.x tarzı anahtarlarla imzalama yapabilirsiniz\n"
+
+#: g10/sign.c:643 g10/sign.c:812
+#, c-format
+msgid "can't create %s: %s\n"
+msgstr "%s oluşturulamıyor: %s\n"
+
+#: g10/sign.c:704
+msgid "signing:"
+msgstr "imzalanıyor:"
+
+#: g10/sign.c:796
+msgid "you can only clearsign with PGP 2.x style keys while in --pgp2 mode\n"
+msgstr "--pgp2 kipinde sadece PGP 2.x tarzı anahtarlarla imza yapabilirsiniz\n"
+
+#: g10/sign.c:953
+#, c-format
+msgid "%s encryption will be used\n"
+msgstr "%s şifrelemesi kullanılmayacak\n"
+
+#: g10/textfilter.c:134
+#, c-format
+msgid "can't handle text lines longer than %d characters\n"
+msgstr "%d karakterden daha uzun metin satırları okunamıyor\n"
+
+#: g10/textfilter.c:231
+#, c-format
+msgid "input line longer than %d characters\n"
+msgstr "girdi satırı %d karakterden daha uzun\n"
+
+#: g10/tdbio.c:121 g10/tdbio.c:1382
+#, c-format
+msgid "trustdb rec %lu: lseek failed: %s\n"
+msgstr "güvence veritabanı %lu kaydı: erişim başarısız: %s\n"
+
+#: g10/tdbio.c:127 g10/tdbio.c:1389
+#, c-format
+msgid "trustdb rec %lu: write failed (n=%d): %s\n"
+msgstr "güvence veritabanı %lu kaydı: yazma başarısız (n=%d): %s\n"
+
+#: g10/tdbio.c:237
+msgid "trustdb transaction too large\n"
+msgstr "güvence veritabanı işlemi çok uzun\n"
+
+#: g10/tdbio.c:454
+#, c-format
+msgid "%s: can't access: %s\n"
+msgstr "%s: erişilemedi: %s\n"
+
+#: g10/tdbio.c:468
+#, c-format
+msgid "%s: directory does not exist!\n"
+msgstr "%s: dizin yok!\n"
+
+#: g10/tdbio.c:478 g10/tdbio.c:498 g10/tdbio.c:541
+#, c-format
+msgid "%s: can't create lock\n"
+msgstr "%s: kilit oluşturulamadı\n"
+
+#: g10/tdbio.c:480 g10/tdbio.c:544
+#, c-format
+msgid "%s: can't make lock\n"
+msgstr "%s: kilitleme yapılamadı\n"
+
+#: g10/keyring.c:1436 g10/openfile.c:240 g10/openfile.c:307 g10/tdbio.c:484
+#, c-format
+msgid "%s: can't create: %s\n"
+msgstr "%s: oluşturulamadı: %s\n"
+
+#: g10/tdbio.c:503
+#, c-format
+msgid "%s: failed to create version record: %s"
+msgstr "%s: sürüm kaydı oluşturmada başarısız: %s"
+
+#: g10/tdbio.c:507
+#, c-format
+msgid "%s: invalid trustdb created\n"
+msgstr "%s: geçersiz güvence veritabanı oluşturuldu\n"
+
+#: g10/tdbio.c:510
+#, c-format
+msgid "%s: trustdb created\n"
+msgstr "%s: güvence veritabanı oluşturuldu\n"
+
+#: g10/tdbio.c:565
+#, c-format
+msgid "%s: invalid trustdb\n"
+msgstr "%s: güvence veritabanı geçersiz\n"
+
+#: g10/tdbio.c:597
+#, c-format
+msgid "%s: failed to create hashtable: %s\n"
+msgstr "%s: nitelemeli tablo oluşturulamadı: %s\n"
+
+#: g10/tdbio.c:605
+#, c-format
+msgid "%s: error updating version record: %s\n"
+msgstr "%s: sürüm kaydının güncellenmesinde hata: %s\n"
+
+#: g10/tdbio.c:621 g10/tdbio.c:657 g10/tdbio.c:671 g10/tdbio.c:701
+#: g10/tdbio.c:1315 g10/tdbio.c:1342
+#, c-format
+msgid "%s: error reading version record: %s\n"
+msgstr "%s: sürüm kaydının okunmasında hata: %s\n"
+
+#: g10/tdbio.c:634 g10/tdbio.c:680
+#, c-format
+msgid "%s: error writing version record: %s\n"
+msgstr "%s: sürüm kaydının yazılmasında hata: %s\n"
+
+#: g10/tdbio.c:1119
+#, c-format
+msgid "trustdb: lseek failed: %s\n"
+msgstr "güvence veritabanı: erişim başarısız: %s\n"
+
+#: g10/tdbio.c:1127
+#, c-format
+msgid "trustdb: read failed (n=%d): %s\n"
+msgstr "güvence veritabanı: okuma başarısız (n=%d): %s\n"
+
+#: g10/tdbio.c:1148
+#, c-format
+msgid "%s: not a trustdb file\n"
+msgstr "%s: bir güvence veritabanı dosyası değil\n"
+
+#: g10/tdbio.c:1165
+#, c-format
+msgid "%s: version record with recnum %lu\n"
+msgstr "%s: %lu kayıt numarası ile sürüm kaydı\n"
+
+#: g10/tdbio.c:1170
+#, c-format
+msgid "%s: invalid file version %d\n"
+msgstr "%s: dosya sürümü %d geçersiz\n"
+
+#: g10/tdbio.c:1348
+#, c-format
+msgid "%s: error reading free record: %s\n"
+msgstr "%s: serbest kaydı okuma hatası: %s\n"
+
+#: g10/tdbio.c:1356
+#, c-format
+msgid "%s: error writing dir record: %s\n"
+msgstr "%s: dizin kaydını yazma hatası: %s\n"
+
+#: g10/tdbio.c:1366
+#, c-format
+msgid "%s: failed to zero a record: %s\n"
+msgstr "%s: kayıt sıfırlama başarısız: %s\n"
+
+#: g10/tdbio.c:1396
+#, c-format
+msgid "%s: failed to append a record: %s\n"
+msgstr "%s: kayıt ekleme başarısız: %s\n"
+
+#: g10/tdbio.c:1441
+msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
+msgstr ""
+"güvence veritabanı bozulmuş; lütfen \"gpg --fix-trustdb\" çalıştırın.\n"
+
+#: g10/trustdb.c:200
+#, c-format
+msgid "`%s' is not a valid long keyID\n"
+msgstr "`%s' geçerli bir anahtar kimliği değil\n"
+
+#: g10/trustdb.c:235
+#, c-format
+msgid "key %08lX: accepted as trusted key\n"
+msgstr "%08lX anahtarı: güvenli anahtar olarak kabul edildi\n"
+
+#: g10/trustdb.c:274
+#, c-format
+msgid "key %08lX occurs more than once in the trustdb\n"
+msgstr "%08lX anahtarı güvence veritabanında birden fazla kayıtta bulundu\n"
+
+#: g10/trustdb.c:290
+#, c-format
+msgid "key %08lX: no public key for trusted key - skipped\n"
+msgstr "%08lX anahtarı: güvenli anahtar için genel anahtar yok - atlandı\n"
+
+#: g10/trustdb.c:332
+#, c-format
+msgid "trust record %lu, req type %d: read failed: %s\n"
+msgstr "güvence veritabanı kaydı %lu, istek tipi %d: okuma başarısız: %s\n"
+
+#: g10/trustdb.c:338
+#, c-format
+msgid "trust record %lu is not of requested type %d\n"
+msgstr "güvence veritabanının %lu. kaydı %d istek türünde değil\n"
+
+#: g10/trustdb.c:353
+#, c-format
+msgid "trust record %lu, type %d: write failed: %s\n"
+msgstr "güvence veritabanının %lu. kaydı, %d türünde: yazma başarısız: %s\n"
+
+#: g10/trustdb.c:368
+#, c-format
+msgid "trustdb: sync failed: %s\n"
+msgstr "güvence veritabanı: eşzamanlama başarısız: %s\n"
+
+#: g10/trustdb.c:468
+msgid "no need for a trustdb check\n"
+msgstr "bir güvence veritabanı denetimi gereksiz\n"
+
+#: g10/trustdb.c:474 g10/trustdb.c:1641
+#, c-format
+msgid "next trustdb check due at %s\n"
+msgstr "sonraki güvence veritabanı denetimi %s de\n"
+
+#: g10/trustdb.c:779
+msgid "checking the trustdb\n"
+msgstr "güvence veritabanı denetleniyor\n"
+
+#: g10/trustdb.c:933
+#, c-format
+msgid "public key %08lX not found: %s\n"
+msgstr "%08lX genel anahtarı yok: %s\n"
+
+#: g10/trustdb.c:1515
+#, c-format
+msgid "public key of ultimately trusted key %08lX not found\n"
+msgstr "son derece güvenli %08lX genel anahtarı yok\n"
+
+#: g10/trustdb.c:1593
+#, c-format
+msgid "checking at depth %d signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%d\n"
+msgstr ""
+"denetim %d derinlikte yapılıyor: signed=%d ot(-/q/n/m/f/u)=%d/%d/%d/%d/%d/%"
+"d\n"
+
+#: g10/verify.c:108
+msgid ""
+"the signature could not be verified.\n"
+"Please remember that the signature file (.sig or .asc)\n"
+"should be the first file given on the command line.\n"
+msgstr ""
+"imza doğrulanamadı.\n"
+"İmza dosyasının (.sig veya .asc) komut satırında verilecek\n"
+"ilk dosya olması gerektiğini lütfen hatırlayın.\n"
+
+#: g10/verify.c:173
+#, c-format
+msgid "input line %u too long or missing LF\n"
+msgstr "girdi satırı %u ya çok uzun ya da sonunda satırsonu karakteri yok\n"
+
+#: g10/skclist.c:110 g10/skclist.c:166
+msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
+msgstr "anahtar güvenli olarak imlenmemiş - onu sahte RSÜ ile kullanmayın!\n"
+
+#: g10/skclist.c:138
+#, c-format
+msgid "skipped `%s': duplicated\n"
+msgstr "`%s' atlandı: tekrarlanmış\n"
+
+#: g10/skclist.c:145 g10/skclist.c:153
+#, c-format
+msgid "skipped `%s': %s\n"
+msgstr "\"%s\" atlandı: %s\n"
+
+#: g10/skclist.c:149
+msgid "skipped: secret key already present\n"
+msgstr "atlandı: gizli anahtar zaten var\n"
+
+#: g10/skclist.c:160
+#, c-format
+msgid ""
+"skipped `%s': this is a PGP generated ElGamal key which is not secure for "
+"signatures!\n"
+msgstr ""
+"`%s' atlandı:\n"
+"Bu, imzalar için güvenli olmayan PGP üretimi bir ElGamal anahtarı!\n"
+
+#. do not overwrite
+#: g10/openfile.c:84
+#, c-format
+msgid "File `%s' exists. "
+msgstr "\"%s\" dosyası var. "
+
+#: g10/openfile.c:86
+msgid "Overwrite (y/N)? "
+msgstr "Üzerine yazılsın mı? (e/H)? "
+
+#: g10/openfile.c:119
+#, c-format
+msgid "%s: unknown suffix\n"
+msgstr "%s: bilinmeyen sonek\n"
+
+#: g10/openfile.c:141
+msgid "Enter new filename"
+msgstr "Yeni dosya ismini giriniz"
+
+#: g10/openfile.c:184
+msgid "writing to stdout\n"
+msgstr "standart çıktıya yazıyor\n"
+
+#: g10/openfile.c:273
+#, c-format
+msgid "assuming signed data in `%s'\n"
+msgstr "\"%s\" içindeki veri imzalı kabul ediliyor\n"
+
+#: g10/openfile.c:323
+#, c-format
+msgid "%s: new options file created\n"
+msgstr "%s: yeni seçenekler dosyası oluşturuldu\n"
+
+#: g10/openfile.c:350
+#, c-format
+msgid "%s: can't create directory: %s\n"
+msgstr "%s: dizin oluşturulamıyor: %s\n"
+
+#: g10/openfile.c:353
+#, c-format
+msgid "%s: directory created\n"
+msgstr "%s: dizin oluşturuldu\n"
+
+#: g10/openfile.c:355
+msgid "you have to start GnuPG again, so it can read the new options file\n"
+msgstr ""
+"Yeni seçenekler dosyasının okunabilmesi için GnuPG yeniden başlatılmalıdır\n"
+
+#: g10/encr-data.c:91
+msgid ""
+"WARNING: message was encrypted with a weak key in the symmetric cipher.\n"
+msgstr "UYARI: ileti simetrik şifre içindeki zayıf bir anahtarla şifrelendi.\n"
+
+#: g10/encr-data.c:98
+msgid "problem handling encrypted packet\n"
+msgstr "şifreli paketin elde edilmesinde sorun var\n"
+
+#: g10/seskey.c:52
+msgid "weak key created - retrying\n"
+msgstr "zayıf anahtar oluşturuldu - yeniden deneniyor\n"
+
+#: g10/seskey.c:57
+#, c-format
+msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
+msgstr ""
+"simetrik şifre için zayıf anahtarın önlenmesi mümkün olamadı: %d kere "
+"denendi!\n"
+
+#: g10/seskey.c:200
+msgid "DSA requires the use of a 160 bit hash algorithm\n"
+msgstr "DSA, 160 bitlik bir hash algoritması kullanılmasını gerektiriyor\n"
+
+#: g10/delkey.c:116
+msgid "can't do that in batchmode without \"--yes\"\n"
+msgstr "önceden belirlenmiş işlemler kipinde \"--yes\" olmaksızın yapılamaz\n"
+
+#: g10/delkey.c:138
+msgid "Delete this key from the keyring? "
+msgstr "Bu anahtar, anahtar zincirinden silinsin mi? "
+
+#: g10/delkey.c:146
+msgid "This is a secret key! - really delete? "
+msgstr "Bu bir gizli anahtar! - gerçekten silinecek mi? "
+
+#: g10/delkey.c:156
+#, c-format
+msgid "deleting keyblock failed: %s\n"
+msgstr "anahtar bloğu silinemedi: %s\n"
+
+#: g10/delkey.c:166
+msgid "ownertrust information cleared\n"
+msgstr "sahibinin güvencesi bilgisi temizlendi\n"
+
+#: g10/delkey.c:194
+#, c-format
+msgid "there is a secret key for public key \"%s\"!\n"
+msgstr "genel anahtar \"%s\" için bir gizli anahtar var!\n"
+
+#: g10/delkey.c:196
+msgid "use option \"--delete-secret-keys\" to delete it first.\n"
+msgstr "onu önce \"--delete-secret-keys\" ile silmelisiniz.\n"
+
+#: g10/helptext.c:47
+msgid ""
+"It's up to you to assign a value here; this value will never be exported\n"
+"to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
+"to do with the (implicitly created) web-of-certificates."
+msgstr ""
+"Bir değeri buraya işaretlemek size kalmış; bu değer herhangi bir 3. şahsa\n"
+"gönderilmeyecek. Bir güvence ağı sağlamak için bizim buna ihtiyacımız var;\n"
+"bunun (açıkça belirtilmeden oluşturulmuş) sertifikalar ağıyla\n"
+"hiçbir alakası yok."
+
+#: g10/helptext.c:53
+msgid ""
+"To build the Web-of-Trust, GnuPG needs to know which keys are\n"
+"ultimately trusted - those are usually the keys for which you have\n"
+"access to the secret key.  Answer \"yes\" to set this key to\n"
+"ultimately trusted\n"
+msgstr ""
+"Web-of-Trust oluşturulabilmesi için GnuPG'ye hangi anahtarların son derece\n"
+"güvenli (bunlar gizli anahtarlarına erişiminiz olan anahtarlardır) "
+"olduğunun\n"
+"bildirilmesi gerekir. \"evet\" yanıtı bu anahtarın son derece güvenli\n"
+"olduğunun belirtilmesi için yeterlidir.\n"
+
+#: g10/helptext.c:60
+msgid "If you want to use this revoked key anyway, answer \"yes\"."
+msgstr ""
+"Bu yürürlükten kaldırılmış anahtarı yine de kullanmak istiyorsanız\n"
+"cevap olarak \"evet\" yazın."
+
+#: g10/helptext.c:64
+msgid "If you want to use this untrusted key anyway, answer \"yes\"."
+msgstr ""
+"Bu güvencesiz anahtarı yine de kullanmak istiyorsanız cevap olarak\n"
+" \"evet\" yazın."
+
+#: g10/helptext.c:68
+msgid ""
+"Enter the user ID of the addressee to whom you want to send the message."
+msgstr "Bu iletiyi göndereceğiniz adresin kullanıcı kimliğini giriniz."
+
+#: g10/helptext.c:72
+msgid ""
+"Select the algorithm to use.\n"
+"\n"
+"DSA (aka DSS) is the digital signature algorithm which can only be used\n"
+"for signatures.  This is the suggested algorithm because verification of\n"
+"DSA signatures are much faster than those of ElGamal.\n"
+"\n"
+"ElGamal is an algorithm which can be used for signatures and encryption.\n"
+"OpenPGP distinguishs between two flavors of this algorithms: an encrypt "
+"only\n"
+"and a sign+encrypt; actually it is the same, but some parameters must be\n"
+"selected in a special way to create a safe key for signatures: this program\n"
+"does this but other OpenPGP implementations are not required to understand\n"
+"the signature+encryption flavor.\n"
+"\n"
+"The first (primary) key must always be a key which is capable of signing;\n"
+"this is the reason why the encryption only ElGamal key is not available in\n"
+"this menu."
+msgstr ""
+"Kullanılacak algoritmayı seçiniz.\n"
+"\n"
+"DSA (DSS olarak da bilinir) sadece imzalar için kullanılan bir sayısal\n"
+"imza algoritmasıdır. Bu algoritma ElGamal algoritmasından çok daha hızlı\n"
+"doğrulandığı için önerilmektedir.\n"
+"\n"
+"ElGamal imzalar ve şifreleme için kullanılan bir algoritmadır.\n"
+"OpenPGP bu algoritmanın bu iki kullanımını birbirinden ayırır:\n"
+"sadece şifreleme ve imza+şifreleme; esas olarak aynı gibi görünmekle "
+"beraber\n"
+"imzalar için kullanılacak anahtarı oluşturacak bazı özel parametrelerin\n"
+"seçilmesini gerektirir: bu program bunu yapar ama diğer OpenPGP\n"
+"gerçeklemelerinin imza+şifreleme olayını anlaması gerekmiyorsa kullanmak\n"
+"anlamlı olur.\n"
+"\n"
+"İlk (asıl) anahtar imzalama yeteneğine sahip bir anahtar olmalıdır;\n"
+"bu durum, sadece şifreleme yapabilen ElGamal anahtarlarının neden menüde\n"
+"bulunmadığını açıklar."
+
+#: g10/helptext.c:92
+msgid ""
+"Although these keys are defined in RFC2440 they are not suggested\n"
+"because they are not supported by all programs and signatures created\n"
+"with them are quite large and very slow to verify."
+msgstr ""
+"Bu anahtarlar tüm programlar tarafından desteklenmediği için ve\n"
+"onlarla oluşturulan imzalar gereğinden büyük ve doğrulanması çok yavaş\n"
+"olduğundan RFC2440 standardında tanımlı olmalarına rağmen tavsiye\n"
+"edilmezler."
+
+#: g10/helptext.c:99
+msgid "Enter the size of the key"
+msgstr "Anahtar uzunluğunu giriniz"
+
+#: g10/helptext.c:103 g10/helptext.c:108 g10/helptext.c:120 g10/helptext.c:152
+#: g10/helptext.c:180 g10/helptext.c:185 g10/helptext.c:190
+msgid "Answer \"yes\" or \"no\""
+msgstr "Cevap \"evet\" ya da \"hayır\""
+
+#: g10/helptext.c:113
+msgid ""
+"Enter the required value as shown in the prompt.\n"
+"It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
+"get a good error response - instead the system tries to interpret\n"
+"the given value as an interval."
+msgstr ""
+"İstenen değeri girin. ISO tarihi (YYYY-AA-GG) girmeniz mümkündür fakat\n"
+"iyi bir hata cevabı alamazsınız -- onun yerine sistem verilen değeri\n"
+"bir zaman aralığı olarak çözümlemeyi dener."
+
+#: g10/helptext.c:125
+msgid "Enter the name of the key holder"
+msgstr "Anahtar tutucunun ismini giriniz"
+
+#: g10/helptext.c:130
+msgid "please enter an optional but highly suggested email address"
+msgstr ""
+"lütfen bir E-posta adresi girin (isteğe bağlı ancak kuvvetle tavsiye edilir)"
+
+#: g10/helptext.c:134
+msgid "Please enter an optional comment"
+msgstr "Lütfen önbilgi girin (isteğe bağlı)"
+
+#: g10/helptext.c:139
+msgid ""
+"N  to change the name.\n"
+"C  to change the comment.\n"
+"E  to change the email address.\n"
+"O  to continue with key generation.\n"
+"Q  to to quit the key generation."
+msgstr ""
+"S iSim değiştirmek için.\n"
+"B önBilgiyi değiştirmek için.\n"
+"P e-Posta adresini değiştirmek için.\n"
+"D anahtar üretimine Devam etmek için.\n"
+"K anahtar üretiminden çıKmak için."
+
+#: g10/helptext.c:148
+msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
+msgstr "Yardımcı anahtarı üretmek istiyorsanız \"evet\" ya da \"e\" girin."
+
+#: g10/helptext.c:156
+msgid ""
+"When you sign a user ID on a key, you should first verify that the key\n"
+"belongs to the person named in the user ID.  It is useful for others to\n"
+"know how carefully you verified this.\n"
+"\n"
+"\"0\" means you make no particular claim as to how carefully you verified "
+"the\n"
+"    key.\n"
+"\n"
+"\"1\" means you believe the key is owned by the person who claims to own it\n"
+"    but you could not, or did not verify the key at all.  This is useful "
+"for\n"
+"    a \"persona\" verification, where you sign the key of a pseudonymous "
+"user.\n"
+"\n"
+"\"2\" means you did casual verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint and checked the user ID on "
+"the\n"
+"    key against a photo ID.\n"
+"\n"
+"\"3\" means you did extensive verification of the key.  For example, this "
+"could\n"
+"    mean that you verified the key fingerprint with the owner of the key in\n"
+"    person, and that you checked, by means of a hard to forge document with "
+"a\n"
+"    photo ID (such as a passport) that the name of the key owner matches "
+"the\n"
+"    name in the user ID on the key, and finally that you verified (by "
+"exchange\n"
+"    of email) that the email address on the key belongs to the key owner.\n"
+"\n"
+"Note that the examples given above for levels 2 and 3 are *only* examples.\n"
+"In the end, it is up to you to decide just what \"casual\" and \"extensive"
+"\"\n"
+"mean to you when you sign other keys.\n"
+"\n"
+"If you don't know what the right answer is, answer \"0\"."
+msgstr ""
+"Bir anahtarı bir kullanıcı kimlikle imzalamadan önce kullanıcı kimliğin\n"
+"içindeki ismin, anahtarın sahibine ait olup olmadığını kontrol etmelisiniz.\n"
+"\n"
+"\"0\" bu kontrolu yapmadığınız ve yapmayı da bilmediğiniz anlamındadır.\n"
+"\"1\" anahtar size sahibi tarafından gönderildi ama siz bu anahtarı başka\n"
+"      kaynaklardan doğrulamadınız anlamındadır. Bu kişisel doğrulama için\n"
+"      yeterlidir. En azında yarı anonim bir anahtar imzalaması yapmış\n"
+"      olursunuz.\n"
+"\"2\" ayrıntılı bir inceleme yapıldığı anlamındadır. Örneğin parmakizi ve\n"
+"      bir anahtarın foto kimliğiyle kullanıcı kimliğini karşılaştırmak\n"
+"      gibi denetimleri yapmışsınızdır.\n"
+"\"3\" inceden inceye bir doğrulama anlatır. Örneğin, şahıstaki anahtarın\n"
+"      sahibi ile anahtar parmak izini karşılaştırmışsınızdır ve anahtardaki\n"
+"      kullanıcı kimlikte belirtilen isme ait bir basılı kimlik belgesindeki\n"
+"      bir fotoğrafla şahsı karşılaştırmışsınızdır ve son olarak anahtar\n"
+"      sahibinin e-posta adresini kendisinin kullanmakta olduğunu da\n"
+"      denetlemişsinizdir.\n"
+"Burada 2 ve 3 için verilen örnekler *sadece* örnektir.\n"
+"Eninde sonunda bir anahtarı imzalarken \"ayrıntılı\" ve \"inceden inceye\" "
+"kontroller arasındaki ayrıma siz karar vereceksiniz.\n"
+"Bu kararı verebilecek durumda değilseniz \"0\" cevabını verin."
+
+#: g10/helptext.c:194
+msgid "Answer \"yes\" is you want to sign ALL the user IDs"
+msgstr "Kullanıcı kimliklerinin TÜMünü imzalamak istiyorsanız \"evet\" girin"
+
+#: g10/helptext.c:198
+msgid ""
+"Answer \"yes\" if you really want to delete this user ID.\n"
+"All certificates are then also lost!"
+msgstr ""
+"Bu kullanıcı kimliğini gerçekten silmek istiyorsanız \"evet\" girin.\n"
+"Böylece bütün sertifikaları kaybedeceksiniz!"
+
+#: g10/helptext.c:203
+msgid "Answer \"yes\" if it is okay to delete the subkey"
+msgstr "Bu yardımcı anahtarı silme izni vermek istiyorsanız \"evet\" girin"
+
+#: g10/helptext.c:208
+msgid ""
+"This is a valid signature on the key; you normally don't want\n"
+"to delete this signature because it may be important to establish a\n"
+"trust connection to the key or another key certified by this key."
+msgstr ""
+"Bu, anahtar üzerinde geçerli bir imzadır; anahtara ya da bu anahtarla\n"
+"sertifikalanmış bir diğer anahtara bir güvence bağlantısı sağlamakta\n"
+"önemli olabileceğinden normalde bu imzayı silmek istemezsiniz."
+
+#: g10/helptext.c:213
+msgid ""
+"This signature can't be checked because you don't have the\n"
+"corresponding key.  You should postpone its deletion until you\n"
+"know which key was used because this signing key might establish\n"
+"a trust connection through another already certified key."
+msgstr ""
+"Bu imza, anahtarına sahip olmadığınızdan, kontrol edilemez. Bu imzanın\n"
+"silinmesini hangi anahtarın kullanıldığını bilene kadar\n"
+"ertelemelisiniz çünkü bu imzalama anahtarı başka bir sertifikalı\n"
+"anahtar vasıtası ile bir güvence bağlantısı sağlayabilir."
+
+#: g10/helptext.c:219
+msgid ""
+"The signature is not valid.  It does make sense to remove it from\n"
+"your keyring."
+msgstr "İmza geçersiz. Onu anahtar zincirinizden kaldırmak uygun olacak."
+
+#: g10/helptext.c:223
+msgid ""
+"This is a signature which binds the user ID to the key. It is\n"
+"usually not a good idea to remove such a signature.  Actually\n"
+"GnuPG might not be able to use this key anymore.  So do this\n"
+"only if this self-signature is for some reason not valid and\n"
+"a second one is available."
+msgstr ""
+"Bu imza kullanıcı kimliğini anahtara bağlar. Öz-imzayı silmek hiç iyi\n"
+"bir fikir değil. GnuPG bu anahtarı bir daha hiç kullanamayabilir.\n"
+"Bunu sadece, eğer bu öz-imza bazı durumlarda geçerli değilse ya da\n"
+"kullanılabilir bir ikincisi var ise yapın."
+
+#: g10/helptext.c:231
+msgid ""
+"Change the preferences of all user IDs (or just of the selected ones)\n"
+"to the current list of preferences.  The timestamp of all affected\n"
+"self-signatures will be advanced by one second.\n"
+msgstr ""
+"Tüm kullanıcı kimlik tercihlerini (ya da seçilen birini) mevcut tercihler\n"
+"listesine çevirir. Tüm etkilenen öz-imzaların zaman damgaları bir sonraki\n"
+"tarafından öne alınacaktır.\n"
+
+#: g10/helptext.c:238
+msgid "Please enter the passhrase; this is a secret sentence \n"
+msgstr "Lütfen bir anahtar parolası giriniz; yazdıklarınız görünmeyecek\n"
+
+#: g10/helptext.c:244
+msgid "Please repeat the last passphrase, so you are sure what you typed in."
+msgstr "Lütfen son parolayı tekrarlayarak ne yazdığınızdan emin olun."
+
+#: g10/helptext.c:248
+msgid "Give the name of the file to which the signature applies"
+msgstr "İmzanın uygulanacağı dosyanın ismini verin"
+
+#: g10/helptext.c:253
+msgid "Answer \"yes\" if it is okay to overwrite the file"
+msgstr "Dosyanın üzerine yazılacaksa lütfen \"evet\" yazın"
+
+#: g10/helptext.c:258
+msgid ""
+"Please enter a new filename. If you just hit RETURN the default\n"
+"file (which is shown in brackets) will be used."
+msgstr ""
+"Lütfen yeni dosya ismini girin. Dosya ismini yazmadan RETURN tuşlarsanız\n"
+"parantez içinde gösterilen öntanımlı dosya kullanılacak."
+
+#: g10/helptext.c:264
+msgid ""
+"You should specify a reason for the certification.  Depending on the\n"
+"context you have the ability to choose from this list:\n"
+"  \"Key has been compromised\"\n"
+"      Use this if you have a reason to believe that unauthorized persons\n"
+"      got access to your secret key.\n"
+"  \"Key is superseded\"\n"
+"      Use this if you have replaced this key with a newer one.\n"
+"  \"Key is no longer used\"\n"
+"      Use this if you have retired this key.\n"
+"  \"User ID is no longer valid\"\n"
+"      Use this to state that the user ID should not longer be used;\n"
+"      this is normally used to mark an email address invalid.\n"
+msgstr ""
+"Sertifikalama için bir sebep belirtmelisiniz. İçeriğine bağlı olarak\n"
+"bu listeden seçebilirsiniz:\n"
+"  \"Anahtar tehlikede\"\n"
+"\tYetkisiz kişilerin gizli anahtarınıza erişebildiğine inanıyorsanız\n"
+"\tbunu seçin.\n"
+"  \"Anahtar geçici\"\n"
+"\tMevcut anahtarı daha yeni bir anahtar ile değiştirmişseniz bunu seçin.\n"
+"  \"Anahtar artık kullanılmayacak\"\n"
+"\tAnahtarı emekliye ayıracaksanız bunu seçin.\n"
+"  \"Kullanıcı kimliği artık geçersiz\"\n"
+"\tKullanıcı kimliği artık kullanılamayacak durumdaysa bunu\n"
+"\tseçin; genelde Eposta adresi geçersiz olduğunda kullanılır.\n"
+
+#: g10/helptext.c:280
+msgid ""
+"If you like, you can enter a text describing why you issue this\n"
+"revocation certificate.  Please keep this text concise.\n"
+"An empty line ends the text.\n"
+msgstr ""
+"İsterseniz, neden bu yürürlükten kaldırma sertifikasını\n"
+"verdiğinizi açıklayan bir metin girebilirsiniz.\n"
+"Lütfen bu metin kısa olsun. Bir boş satır metni bitirir.\n"
+
+#: g10/helptext.c:295
+msgid "No help available"
+msgstr "yardım mevcut değil"
+
+#: g10/helptext.c:303
+#, c-format
+msgid "No help available for `%s'"
+msgstr "\"%s\" için yardım mevcut değil"
+
+#: g10/keydb.c:177
+#, c-format
+msgid "error creating keyring `%s': %s\n"
+msgstr "`%s' anahtar zinciri oluşturulurken hata: %s\n"
+
+#: g10/keydb.c:188
+#, c-format
+msgid "changing permission of  `%s' failed: %s\n"
+msgstr "`%s' izinleri değiştirilemedi: %s\n"
+
+#: g10/keydb.c:197
+#, c-format
+msgid "keyring `%s' created\n"
+msgstr "`%s' anahtar zinciri oluşturuldu\n"
+
+#: g10/keydb.c:587
+#, c-format
+msgid "failed to rebuild keyring cache: %s\n"
+msgstr "anahtar zinciri belleği yeniden oluşturulurken hata: %s\n"
+
+#: g10/keyring.c:1235
+msgid "WARNING: 2 files with confidential information exists.\n"
+msgstr "UYARI: gizli bilgi içeren 2 dosya mevcut.\n"
+
+#: g10/keyring.c:1237
+#, c-format
+msgid "%s is the unchanged one\n"
+msgstr "%s değişmeyenlerden\n"
+
+#: g10/keyring.c:1238
+#, c-format
+msgid "%s is the new one\n"
+msgstr "%s yenilerden\n"
+
+#: g10/keyring.c:1239
+msgid "Please fix this possible security flaw\n"
+msgstr "Lütfen bu güvenlik çatlağını giderin\n"
+
+#: g10/keyring.c:1337
+#, c-format
+msgid "checking keyring `%s'\n"
+msgstr "`%s' anahtar zinciri denetleniyor\n"
+
+#: g10/keyring.c:1368
+#, c-format
+msgid "%lu keys so far checked (%lu signatures)\n"
+msgstr "şimdiye dek %lu anahtar denetlendi (%lu imza)\n"
+
+#: g10/keyring.c:1379
+#, c-format
+msgid "%lu keys checked (%lu signatures)\n"
+msgstr "%lu anahtar denetlendi (%lu imza)\n"
+
+#: g10/keyring.c:1441
+#, c-format
+msgid "%s: keyring created\n"
+msgstr "%s: anahtar zinciri oluşturuldu\n"
+
+#~ msgid "Are you sure you still want to sign it?\n"
+#~ msgstr "Onu yine de imzalamak istiyor musunuz?\n"
+
+#~ msgid "  Are you sure you still want to sign it?\n"
+#~ msgstr "  Onu yine de imzalamak istiyor musunuz?\n"
+
+#, fuzzy
+#~ msgid "Really sign? (y/N) "
+#~ msgstr "Gerçekten imzalayacak mısınız? "
+
+#~ msgid "key %08lX: our copy has no self-signature\n"
+#~ msgstr "anahtar %08lX: bizim kopyanın öz-imzası yok\n"
+
+#~ msgid "Do you really need such a large keysize? "
+#~ msgstr "Bu kadar büyük anahtar uzunluğuna gerçekten ihtiyacınız var mı?"
+
+#~ msgid "   signed by %08lX at %s\n"
+#~ msgstr "   %08lX tarafından %s de imzalanmış\n"
diff --git a/scripts/ChangeLog b/scripts/ChangeLog
index 16779ff26..4447ea143 100644
--- a/scripts/ChangeLog
+++ b/scripts/ChangeLog
@@ -1,38 +1,159 @@
-Mon Jul 17 16:35:47 CEST 2000  Werner Koch  <wk@>
+2002-06-21  Stefan Bellon  <[email protected]>
 
-  * config.gues, config.sub: Support for s390-ibm-linux-gnu; thanks
-  to Holger Smolinski.	Add support for QNX; by Sam Roberts.
+	* conf-riscos/Makefile: Changes due to moving around RISC OS
+	specific stuff in the code.
 
-Tue Oct 26 14:10:21 CEST 1999  Werner Koch  <[email protected]>
+2002-06-07  Stefan Bellon  <[email protected]>
+
+	* conf-riscos/include/config.h [__riscos__]: Fixed macro bug.
+
+2002-05-10  Stefan Bellon  <[email protected]>
+
+	* conf-riscos/include/config.h [__riscos__]: Changes for later
+	Norcroft compilers.
+
+	* conf-riscos/Makefile [__riscos__]: Updated.
+
+2002-04-22  Stefan Bellon  <[email protected]>
+
+	* conf-riscos/include/config.h [__riscos__]: Development
+	versions automatically define DEBUG from now on.
+
+	* conf-riscos/Makefile [__riscos__]: Updated for LDAP keyserver
+	code.
+
+2002-04-19  David Shaw  <[email protected]>
+
+	* gnupg.spec.in: Removed pubring.asc and OPTIONS.  Added
+	samplekeys.asc.
+
+2002-03-31  David Shaw  <[email protected]>
+
+	* gnupg.spec.in: Added the gpgkeys_xxx keyserver helpers.  Added a
+	* to catch variations on the basic gpg man page (gpg, gpgv).  Mark
+	options.skel as a config file.  Do not include the FAQ/faq.html
+	twice (in /doc/ and /share/).
+	
+2002-01-02  Stefan Bellon  <[email protected]>
+
+	* build-riscos [__riscos__]: Set filetype of Makefile correctly.
+
+	* conf-riscos/include/g10defs.h [__riscos__]: Added GNU GPL
+	header and exec code defines.
+
+	* conf-riscos/include/config.h [__riscos__]: Moved parts to
+	include/util.h where they really belong to.
+
+	* conf-riscos/Makefile [__riscos__]: Updated for new keyserver,
+	exec and photo id code.
+
+2001-12-22  Werner Koch  <[email protected]>
+
+	* autogen.sh: Fixed last change.
+
+2001-12-21  Werner Koch  <[email protected]>
+
+	* distfiles: Removed those files which which automake installs by
+	default.
+
+	* autogen.sh: Replaced $() by backticks for system without a posix
+	shell.  Removed gawk specific quoting. By David Champion.
+
+2001-10-22  Werner Koch  <[email protected]>
+
+	* autogen.sh (aclocal_vers): Require automalke 1.5.
+
+2001-08-21  Stefan Bellon  <[email protected]>
+
+	* build-riscos [__riscos__]: New.
+	* conf-riscos [__riscos__]: Ditto.
+
+2001-08-13  Werner Koch  <[email protected]>
+
+	* autogen.sh: Test on gettext 0.10.38. By Michael Engels.
+
+2001-08-07  Werner Koch  <[email protected]>
+
+	* autogen.sh: Adjusted --build-w32 for autoconf 2.52 
+
+2001-07-09  Werner Koch  <[email protected]>
+
+	* autogen.sh (autoconf_vers): Require autoconf 2.50
+
+2001-05-06  Werner Koch  <[email protected]>
+
+	* config.guess, config.sub: Add updates from subversions.gnu.org.
+
+2001-04-19  Werner Koch  <[email protected]>
+
+	* autogen.sh: Add VPATH build support for option --build-w32. 
+
+2001-03-12  Werner Koch  <[email protected]>
+
+	* config.guess, config.sub: Replaced with the current GNU CVS ones. 
+
+2001-01-18  Werner Koch  <[email protected]>
+
+	* autogen.sh: New options --build-w32
+	* build-w32: Does now call autogen.sh
+
+2000-11-24  Werner Koch  <[email protected]>
+
+	* build-w32: New script to build the W32 version.
+	* distfiles: And put it into the distribution
+
+Thu Sep 14 17:45:11 CEST 2000  Werner Koch  <[email protected]>
+
+        * gnupg.spec.in: Updated.
+
+Wed Sep  6 17:55:47 CEST 2000  Werner Koch  <[email protected]>
+
+        * config.guess, config.sub: Replaced with the latest version from the
+        CVS archive.  Hope that does not break too much.
+
+Fri May 12 14:01:20 CEST 2000  Werner Koch  <[email protected]>
+
+	* gnupg.spec.in: New version from Fabio with some updated descriptions.
+
+Mon May  1 15:38:04 CEST 2000  Werner Koch  <[email protected]>
+
+	* gnupg.spec.in: New version from Fabio.
+
+Fri Mar 17 16:26:05 CET 2000  Werner Koch  <[email protected]>
+
+	* config.gues, config.sub: Support for s390-ibm-linux-gnu. Thanks
+	to Holger Smolinski.
+
+Thu Mar  2 15:37:46 CET 2000  Werner Koch  <[email protected]>
+
+	* config.guess: Add support for QNX.  By Sam Roberts.
+	* config.sub: Ditto.
+
+Thu Sep 23 09:49:25 1999  Werner Koch  ([email protected])
 
 	* commit: Remove leading and trailing empty lines when copying
 	Changes to Changelog
 
 Wed Sep 15 16:22:17 CEST 1999  Werner Koch  <[email protected]>
 
-
 	* gnupg.spec: Add Portuguese description
 
 Thu Sep  2 16:40:55 CEST 1999  Werner Koch  <[email protected]>
 
-
 	* mkdiff: changed format of diff file name and made script more
 	general.
 
 Wed Aug  4 10:34:18 CEST 1999  Werner Koch  <[email protected]>
 
-
 	* config.guess: Updated from gnu/common and applied my emx patch again.
 	* config.sub: Updated from gnu/common.
 
 Wed Jul 14 19:42:08 CEST 1999  Werner Koch  <[email protected]>
 
-
 	* ltmain.sh, ltconfig.sh : Updated to libtool 1.3.3
 
 Mon Jul 12 14:55:34 CEST 1999  Werner Koch  <[email protected]>
 
-
 	* autogen.sh: Run libtoolize
 
 Sat May 22 22:47:26 CEST 1999  Werner Koch  <[email protected]>
@@ -105,3 +226,15 @@ Wed Oct 14 09:55:25 1998  Werner Koch  ([email protected])
 	* config.guess (FreeBSD): Changes from Jun Kuriyama to support ELF
 	* config.sub: (freebsd): Add to maybe_os
 
+
+ Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
diff --git a/scripts/autogen.sh b/scripts/autogen.sh
index 28ea1ee18..2751a6205 100755
--- a/scripts/autogen.sh
+++ b/scripts/autogen.sh
@@ -1,13 +1,76 @@
 #!/bin/sh
 # Run this to generate all the initial makefiles, etc.
+#
+# Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 
 PGM=GnuPG
+lib_config_files=""
+autoconf_vers=2.52
+automake_vers=1.5
+aclocal_vers=1.5
+
+
 DIE=no
+if test "$1" = "--build-w32"; then
+    tmp=`dirname $0`
+    tsdir=`cd "$tmp"; cd ..; pwd`
+    shift
+    host=i386--mingw32
+    if [ ! -f $tsdir/scripts/config.guess ]; then
+        echo "$tsdir/scripts/config.guess not found" >&2
+        exit 1
+    fi
+    build=`$tsdir/scripts/config.guess`
+        
+    if ! mingw32 --version >/dev/null; then
+        echo "We need at least version 0.3 of MingW32/CPD" >&2
+        exit 1
+    fi
+
+    if [ -f "$tsdir/config.log" ]; then
+        if ! head $tsdir/config.log | grep i386--mingw32 >/dev/null; then
+            echo "Pease run a 'make distclean' first" >&2
+            exit 1
+        fi
+    fi
+
+    crossbindir=`mingw32 --install-dir`/bin
+    CC=`mingw32 --get-path gcc`
+    CPP=`mingw32 --get-path cpp`
+    AR=`mingw32 --get-path ar`
+    RANLIB=`mingw32 --get-path ranlib`
+    export CC CPP AR RANLIB 
+
+    disable_foo_tests=""
+    if [ -n "$lib_config_files" ]; then
+        for i in $lib_config_files; do
+            j=`echo $i | tr '[a-z-]' '[A-Z_]'`
+            eval "$j=${crossbindir}/$i"
+            export $j
+            disable_foo_tests="$disable_foo_tests --disable-`echo $i| \
+                           sed 's,-config$,,'`-test"
+            if [ ! -f "${crossbindir}/$i" ]; then                   
+                echo "$i not installed for MingW32" >&2
+                DIE=yes
+            fi
+        done
+    fi
+    [ $DIE = yes ] && exit 1
+
+    $tsdir/configure --build=${build} --host=${host} \
+                ${disable_foo_tests} $*
+    exit $?
+fi
+
 
-autoconf_vers=2.13
-automake_vers=1.4
-aclocal_vers=1.4
-#libtool_vers=1.3
 
 if (autoconf --version) < /dev/null > /dev/null 2>&1 ; then
     if (autoconf --version | awk 'NR==1 { if( $3 >= '$autoconf_vers') \
@@ -54,42 +117,23 @@ else
 fi
 
 
-if (gettext --version </dev/null 2>/dev/null | awk 'NR==1 { split($4,A,"\."); \
-    X=10000*A[1]+100*A[2]+A[3]; echo X; if( X >= 1035 ) exit 1; exit 0}')
+if (gettext --version </dev/null 2>/dev/null | awk 'NR==1 { split($4,A,"."); \
+    X=10000*A[1]+100*A[2]+A[3]; echo X; if( X >= 1038 ) exit 1; exit 0}')
     then
     echo "**Error**: You must have "\`gettext\'" installed to compile $PGM."
-    echo '           (version 0.10.35 or newer is required; get'
-    echo '            ftp://alpha.gnu.org/gnu/gettext-0.10.35.tar.gz'
+    echo '           (version 0.10.38 or newer is required; get'
+    echo '            ftp://alpha.gnu.org/gnu/gettext/gettext-0.10.38.tar.gz'
     echo '            or install the latest Debian package)'
     DIE="yes"
 fi
 
 
-#if (libtool --version) < /dev/null > /dev/null 2>&1 ; then
-#    if (libtool --version | awk 'NR==1 { if( $4 >= '$libtool_vers') \
-#			       exit 1; exit 0; }');
-#    then
-#       echo "**Error**: "\`libtool\'" is too old."
-#       echo '           (version ' $libtool_vers ' or newer is required)'
-#       DIE="yes"
-#    fi
-#else
-#    echo
-#    echo "**Error**: You must have "\`libtool\'" installed to compile $PGM."
-#    echo '           (version ' $libtool_vers ' or newer is required)'
-#    DIE="yes"
-#fi
-
-
 if test "$DIE" = "yes"; then
     exit 1
 fi
 
 echo "Running gettextize...  Ignore non-fatal messages."
 echo "no" | gettextize --force
-#echo "Running libtoolize...  Ignore non-fatal messages."
-#echo "no" | libtoolize
-
 
 echo "Running aclocal..."
 aclocal
diff --git a/scripts/build-riscos b/scripts/build-riscos
new file mode 100644
index 000000000..c255a7827
--- /dev/null
+++ b/scripts/build-riscos
@@ -0,0 +1,11 @@
+| This is an RISC OS Obey file (filetype &feb) that copies handcrafted files
+| for the RISC OS version into the correct places.
+| It won't run on anything other than RISC OS -- I think ;-)
+
+copy <obey$dir>.conf-riscos.cipher.c.construct <obey$dir>.^.cipher.c.construct ~cf~v
+copy <obey$dir>.conf-riscos.cipher.c.constructv <obey$dir>.^.cipher.c.constructv ~cf~v
+copy <obey$dir>.conf-riscos.include.h.config <obey$dir>.^.include.h.config ~cf~v
+copy <obey$dir>.conf-riscos.include.h.g10defs <obey$dir>.^.include.h.g10defs ~cf~v
+copy <obey$dir>.conf-riscos.Makefile <obey$dir>.^.Makefile ~cf~v
+settype <obey$dir>.^.Makefile &fe1
+echo Done.
diff --git a/scripts/build-w32 b/scripts/build-w32
new file mode 100755
index 000000000..9995a4865
--- /dev/null
+++ b/scripts/build-w32
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+exec scripts/autogen.sh --build-w32
+
+
+
diff --git a/scripts/conf-riscos/Makefile b/scripts/conf-riscos/Makefile
new file mode 100644
index 000000000..3461fa196
--- /dev/null
+++ b/scripts/conf-riscos/Makefile
@@ -0,0 +1,465 @@
+# Makefile for the RISC OS version of GnuPG
+CC=cc
+LINK=link
+AS=objasm
+MAKE=amu
+DEPEND=-depend !Depend
+LIBLDAP=^.^.openldap-2/0/18
+CC_FLAGS=-Wp -apcs 3/26bit/fpe2 -throwback -Otime -IUnix:,include,mpi,intl,zlib,$(LIBLDAP).include -JUnix: -D__riscos__ -DHAVE_CONFIG_H -DNO_ASM -UIS_MODULE -DVERSION="\"$(GnuPG$Version)\"" $(GnuPG$DevDefine)
+AS_FLAGS=-apcs 3/26bit/fpe2 -throwback -predefine "ARMv4 SETA 0"
+LD_FLAGS=Unix:o.unixlib
+CIPHER_OBJS=cipher.o.blowfish \
+	cipher.o.cast5 \
+	cipher.o.cipher \
+	cipher.o.construct \
+	cipher.o.des \
+	cipher.o.dsa \
+	cipher.o.dynload \
+	cipher.o.elgamal \
+	cipher.o.g10c \
+	cipher.o.md \
+	cipher.o.md5 \
+	cipher.o.primegen \
+	cipher.o.pubkey \
+	cipher.o.random \
+	cipher.o.rijndael \
+	cipher.o.rmd160 \
+	cipher.o.rndriscos \
+	cipher.o.rsa \
+	cipher.o.sha1 \
+	cipher.o.smallprime \
+	cipher.o.tiger32 \
+	cipher.o.twofish
+GETTEXT_OBJS=intl.o.bindtextdom \
+	intl.o.dcgettext \
+	intl.o.dgettext \
+	intl.o.explodename \
+	intl.o.finddomain \
+	intl.o.gettext \
+	intl.o.intl-compat \
+	intl.o.l10nflist \
+	intl.o.loadmsgcat \
+	intl.o.localealias \
+	intl.o.textdomain
+MPI_OBJS=mpi.o.mpi-add \
+	mpi.o.mpi-bit \
+	mpi.o.mpi-cmp \
+	mpi.o.mpi-div \
+	mpi.o.mpi-gcd \
+	mpi.o.mpi-inline \
+	mpi.o.mpi-inv \
+	mpi.o.mpi-mul \
+	mpi.o.mpi-pow \
+	mpi.o.mpi-mpow \
+	mpi.o.mpi-scan \
+	mpi.o.mpicoder \
+	mpi.o.mpih-div \
+	mpi.o.mpih-mul \
+	mpi.o.mpiutil \
+	mpi.o.g10m \
+	mpi.arm.o.mpih
+UTIL_OBJS=util.o.argparse \
+	util.o.dotlock \
+	util.o.errors \
+	util.o.fileutil \
+	util.o.g10u \
+	util.o.http \
+	util.o.iobuf \
+	util.o.logger \
+	util.o.memory \
+	util.o.miscutil \
+	util.o.secmem \
+	util.o.strgutil \
+	util.o.ttyio \
+	util.o.riscos
+ZLIB_OBJS=zlib.o.adler32 \
+	zlib.o.compress \
+	zlib.o.crc32 \
+	zlib.o.deflate \
+	zlib.o.infblock \
+	zlib.o.infcodes \
+	zlib.o.inffast \
+	zlib.o.inflate \
+	zlib.o.inftrees \
+	zlib.o.infutil \
+	zlib.o.trees \
+	zlib.o.uncompr \
+	zlib.o.zutil
+G10_OBJS=g10.o.armor \
+	g10.o.build-packet \
+	g10.o.cipher \
+	g10.o.comment \
+	g10.o.compress \
+	g10.o.dearmor \
+	g10.o.decrypt \
+	g10.o.delkey \
+	g10.o.encode \
+	g10.o.encr-data \
+	g10.o.exec \
+	g10.o.export \
+	g10.o.free-packet \
+	g10.o.g10 \
+	g10.o.getkey \
+	g10.o.helptext \
+	g10.o.hkp \
+	g10.o.import \
+	g10.o.kbnode \
+	g10.o.keydb \
+	g10.o.keyedit \
+	g10.o.keygen \
+	g10.o.keyid \
+	g10.o.keylist \
+	g10.o.keyring \
+	g10.o.keyserver \
+	g10.o.mainproc \
+	g10.o.mdfilter \
+	g10.o.misc \
+	g10.o.mkdtemp \
+	g10.o.openfile \
+	g10.o.parse-packet \
+	g10.o.passphrase \
+	g10.o.photoid \
+	g10.o.pipemode \
+	g10.o.pkclist \
+	g10.o.plaintext \
+	g10.o.pubkey-enc \
+	g10.o.revoke \
+	g10.o.seckey-cert \
+	g10.o.seskey \
+	g10.o.sig-check \
+	g10.o.sign \
+	g10.o.signal \
+	g10.o.skclist \
+	g10.o.status \
+	g10.o.tdbdump \
+	g10.o.tdbio \
+	g10.o.textfilter \
+	g10.o.trustdb \
+	g10.o.verify
+GPGV_OBJS=g10.o.armor \
+	g10.o.build-packet \
+	g10.o.compress \
+	g10.o.free-packet \
+	g10.o.getkey \
+	g10.o.gpgv \
+	g10.o.keydb \
+	g10.o.keylist \
+	g10.o.kbnode \
+	g10.o.keyid \
+	g10.o.keyring \
+	g10.o.mainproc \
+	g10.o.mdfilter \
+	g10.o.misc \
+	g10.o.openfile \
+	g10.o.parse-packet \
+	g10.o.plaintext \
+	g10.o.seskey \
+	g10.o.sig-check \
+	g10.o.signal \
+	g10.o.status \
+	g10.o.textfilter \
+	g10.o.verify \
+	util.o.argparse \
+	util.o.errors \
+	util.o.fileutil \
+	util.o.g10u \
+	util.o.iobuf \
+	util.o.logger \
+	util.o.memory \
+	util.o.miscutil \
+	util.o.secmem \
+	util.o.strgutil \
+	util.o.riscos \
+	cipher.o.constructv \
+	cipher.o.dsa \
+	cipher.o.dynload \
+	cipher.o.elgamal \
+	cipher.o.g10c \
+	cipher.o.md \
+	cipher.o.pubkey \
+	cipher.o.rmd160 \
+	cipher.o.rsa \
+	mpi.mpi \
+	zlib.zlib
+GPGKEYS_OBJS=util.o.riscos \
+	util.o.strgutil \
+	util.o.memory \
+	util.o.logger \
+	util.o.secmem \
+	intl.gettext
+
+## Rule Patterns ##
+
+.SUFFIXES:	.c .o .s
+
+.c.o:
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o $@ $<
+
+.s.o:
+	$(AS) $(AS_FLAGS) $(DEPEND) $< $@
+
+# Static dependencies:
+
+all:
+	@echo Use one of the following as target:
+	@echo |  dev   to build the development version
+	@echo |  dist  to build the distribution with all archives
+	@echo All other targets are internal and shouldn't be used!
+
+cipher.cipher: $(CIPHER_OBJS)
+	$(LINK) -aof $(CIPHER_OBJS) -o cipher.cipher
+
+intl.gettext: $(GETTEXT_OBJS)
+	$(LINK) -aof $(GETTEXT_OBJS) -o intl.gettext
+
+mpi.mpi: $(MPI_OBJS)
+	$(LINK) -aof $(MPI_OBJS) -o mpi.mpi
+
+tools.gpgsplit: tools.o.gpgsplit util.util intl.gettext zlib.zlib
+	$(LINK) $(LD_FLAGS) tools.o.gpgsplit util.util intl.gettext zlib.zlib -o tools.gpgsplit
+	-squeeze tools.gpgsplit
+	-copy tools.gpgsplit ADFS::A5.$.tmp.!GnuPG.gpgsplit ~CF~V
+
+keyserver.gpgkeys_ldap: keyserver.o.gpgkeys_ldap $(GPGKEYS_OBJS) $(LIBLDAP).libraries.libldap.libldap
+	$(LINK) $(LD_FLAGS) keyserver.o.gpgkeys_ldap $(GPGKEYS_OBJS) $(LIBLDAP).libraries.libldap.libldap -o keyserver.gpgkeys_ldap
+	-squeeze keyserver.gpgkeys_ldap
+	-copy keyserver.gpgkeys_ldap ADFS::A5.$.tmp.!GnuPG.gpgkeys_ldap ~CF~V
+
+riscos.jpegview.jpegview:
+	-dir riscos.jpegview
+	-$(MAKE)
+	-back
+
+util.util: $(UTIL_OBJS)
+	$(LINK) -aof $(UTIL_OBJS) -o util.util
+
+zlib.zlib: $(ZLIB_OBJS)
+	$(LINK) -aof zlib.o.* -o zlib.zlib
+
+g10.gpg: $(G10_OBJS) cipher.o.idea cipher.cipher intl.gettext mpi.mpi util.util zlib.zlib BUILD
+	$(LINK) $(G10_OBJS) $(LD_FLAGS) cipher.o.idea cipher.cipher intl.gettext mpi.mpi util.util zlib.zlib -o g10.gpg
+	-copy g10.gpg ADFS::A5.$.tmp.!GnuPG.gpg ~CFR~V
+
+g10.gpgv: $(GPGV_OBJS) intl.gettext BUILD
+	$(LINK) $(GPGV_OBJS) intl.gettext $(LD_FLAGS) -o g10.gpgv
+	-copy g10.gpgv ADFS::A5.$.tmp.!GnuPG.gpgv ~CFR~V
+
+g10.gpgpart: $(G10_OBJS) cipher.cipher intl.gettext mpi.mpi util.util zlib.zlib BUILD
+	drlink034 -aof $(G10_OBJS) $(LD_FLAGS) cipher.cipher intl.gettext mpi.mpi util.util zlib.zlib -o g10.gpgpart
+
+select-idea-src:
+	-copy distrib.idea-addon.cipher.c.idea cipher.c.idea ~CF~NR~V
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o cipher.o.idea cipher.c.idea
+
+select-gpl-src:
+	-copy distrib.non-idea.cipher.c.idea cipher.c.idea ~CF~NR~V
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o cipher.o.idea cipher.c.idea
+
+distrib.gnupgsrc/zip: select-gpl-src
+	-zip -9@ distrib.gnupgsrc/zip < distrib.resources.distfiles
+
+distrib.gnupg/zip: distrib.gpl-bin.!GnuPG.JPEGview distrib.gpl-bin.!GnuPG.gpgsplit distrib.gpl-bin.!GnuPG.gpg distrib.gpl-bin.!GnuPG.gpgv select-gpl-src
+	-copy distrib.resources.History distrib.gpl-bin.History ~CFR~V
+	-copy distrib.resources.Upgrading distrib.gpl-bin.Upgrading ~CFR~V
+	-copy distrib.resources.ReadMe_bin distrib.gpl-bin.!ReadMe1st ~CFR~V
+	-copy distrib.resources.!GnuPG distrib.gpl-bin.!GnuPG ~CFR~V
+	-copy distrib.resources.!GnuPGUser distrib.gpl-bin.!GnuPGUser ~CFR~V
+	-copy distrib.resources.!System distrib.gpl-bin.!System ~CFR~V
+	-copy distrib.resources.orig_docs distrib.gpl-bin.orig_docs ~CFR~V
+	-dir distrib.gpl-bin
+	-zip -r9 ^.gnupg/zip *
+	-back
+
+distrib.gnupgdev/zip: distrib.private.!GnuPG.JPEGview distrib.private.!GnuPG.gpgsplit distrib.private.!GnuPG.gpgkeys_ldap distrib.private.!GnuPG.gpg distrib.private.!GnuPG.gpgv select-idea-src
+	-ifthere distrib.private.!GnuPG.locale then wipe distrib.private.!GnuPG.locale ~CFR~V
+	-copy distrib.intl.!GnuPG.locale distrib.private.!GnuPG.locale ~CFR~V
+	-copy distrib.resources.History distrib.private.History ~CFR~V
+	-copy distrib.resources.Upgrading distrib.private.Upgrading ~CFR~V
+	-copy distrib.resources.ReadMe_bin distrib.private.!ReadMe1st ~CFR~V
+	-copy distrib.resources.!GnuPG distrib.private.!GnuPG ~CFR~V
+	-copy distrib.resources.!GnuPGUser distrib.private.!GnuPGUser ~CFR~V
+	-copy distrib.resources.!System distrib.private.!System ~CFR~V
+	-copy distrib.resources.orig_docs distrib.private.orig_docs ~CFR~V
+	-dir distrib.private
+	-zip -r9 ^.gnupgdev/zip *
+	-back
+
+distrib.gnupgidea/zip: cipher.o.idea select-idea-src
+	-copy distrib.resources.ReadMe_idea distrib.idea-addon.!ReadMe ~CFR~V
+	-copy cipher.o.idea distrib.idea-addon.cipher.o.idea ~CFR~V
+	-dir distrib.idea-addon
+	-zip -r9 ^.gnupgidea/zip *
+	-back
+
+distrib.gnupgpart/zip: g10.gpgpart select-idea-src
+	-copy distrib.resources.ReadMe_part distrib.part.!ReadMe1st ~CFR~V
+	-copy g10.gpgpart distrib.part.g10.gpgpart ~CFR~V
+	-dir distrib.part
+	-zip -r9 ^.gnupgpart/zip *
+	-back
+
+distrib.gnupgldap/zip: keyserver.gpgkeys_ldap
+	-copy distrib.resources.ReadMe_ldap distrib.ldap.!ReadMe ~CFR~V
+	-copy keyserver.gpgkeys_ldap distrib.ldap.!GnuPG.gpgkeys_ldap ~CFR~V
+	-dir distrib.ldap
+	-zip -r9 ^.gnupgldap/zip *
+	-back
+
+distrib.gnupgintl/zip:
+	-dir distrib.intl
+	-zip -r9 ^.gnupgintl/zip *
+	-back
+
+distrib.gpl-bin.!GnuPG.gpg: g10.gpg
+	-copy g10.gpg distrib.gpl-bin.!GnuPG.gpg ~CFR~V
+	-squeeze distrib.gpl-bin.!GnuPG.gpg
+
+distrib.gpl-bin.!GnuPG.gpgv: g10.gpgv
+	-copy g10.gpgv distrib.gpl-bin.!GnuPG.gpgv ~CFR~V
+	-squeeze distrib.gpl-bin.!GnuPG.gpgv
+
+distrib.gpl-bin.!GnuPG.gpgsplit: tools.gpgsplit
+	-copy tools.gpgsplit distrib.gpl-bin.!GnuPG.gpgsplit ~CFR~V
+	-squeeze distrib.gpl-bin.!GnuPG.gpgsplit
+
+distrib.gpl-bin.!GnuPG.JPEGview: riscos.jpegview.jpegview
+	-copy riscos.jpegview.jpegview distrib.gpl-bin.!GnuPG.JPEGview ~CFR~V
+
+distrib.private.!GnuPG.gpg: g10.gpg
+	-copy g10.gpg distrib.private.!GnuPG.gpg ~CFR~V
+	-squeeze distrib.private.!GnuPG.gpg
+
+distrib.private.!GnuPG.gpgv: g10.gpgv
+	-copy g10.gpgv distrib.private.!GnuPG.gpgv ~CFR~V
+	-squeeze distrib.private.!GnuPG.gpgv
+
+distrib.private.!GnuPG.gpgsplit: tools.gpgsplit
+	-copy tools.gpgsplit distrib.private.!GnuPG.gpgsplit ~CFR~V
+	-squeeze distrib.private.!GnuPG.gpgsplit
+
+distrib.private.!GnuPG.gpgkeys_ldap: keyserver.gpgkeys_ldap
+	-copy keyserver.gpgkeys_ldap distrib.private.!GnuPG.gpgkeys_ldap ~CFR~V
+	-squeeze distrib.private.!GnuPG.gpgkeys_ldap
+
+distrib.private.!GnuPG.JPEGview: riscos.jpegview.jpegview
+	-copy riscos.jpegview.jpegview distrib.private.!GnuPG.JPEGview ~CFR~V
+
+clean-cipher:
+	-ifthere cipher.o.* then wipe cipher.o.* ~CFR~V
+	-ifthere cipher.cipher then wipe cipher.cipher ~CFR~V
+
+clean-intl:
+	-ifthere intl.o.* then wipe intl.o.* ~CFR~V
+	-ifthere intl.gettext then wipe intl.gettext ~CFR~V
+
+clean-mpi:
+	-ifthere mpi.o.* then wipe mpi.o.* ~CFR~V
+	-ifthere mpi.arm.o.* then wipe mpi.arm.o.* ~CFR~V
+	-ifthere mpi.mpi then wipe mpi.mpi ~CFR~V
+
+clean-util:
+	-ifthere util.o.* then wipe util.o.* ~CFR~V
+	-ifthere util.util then wipe util.util ~CFR~V
+
+clean-zlib:
+	-ifthere zlib.o.* then wipe zlib.o.* ~CFR~V
+	-ifthere zlib.zlib then wipe zlib.zlib ~CFR~V
+
+clean-dist:
+	-ifthere distrib.*/zip then wipe distrib.*/zip ~CFR~V
+
+clean-g10:
+	-ifthere g10.gpg then wipe g10.gpg ~CFR~V
+	-ifthere g10.gpgv then wipe g10.gpgv ~CFR~V
+	-ifthere g10.gpgpart then wipe g10.gpgpart ~CFR~V
+	-ifthere g10.o.* then wipe g10.o.* ~CFR~V
+
+clean-keyserver:
+	-ifthere keyserver.gpgkeys_* then wipe keyserver.gpgkeys_* ~CFR~V
+	-ifthere keyserver.o.* then wipe keyserver.o.* ~CFR~V
+
+clean-tools:
+	-ifthere tools.gpgsplit then wipe tools.gpgsplit ~CFR~V
+	-ifthere tools.o.* then wipe tools.o.* ~CFR~V
+
+clean-riscos:
+	-ifthere riscos.jpegview.jpegview then wipe riscos.jpegview.jpegview ~CFR~V
+
+clean-version:
+	-ifthere g10.o.armor then wipe g10.o.armor ~CFR~V
+	-ifthere g10.o.encode then wipe g10.o.encode ~CFR~V
+	-ifthere g10.o.g10 then wipe g10.o.g10 ~CFR~V
+	-ifthere g10.o.gpgv then wipe g10.o.gpgv ~CFR~V
+	-ifthere g10.o.keygen then wipe g10.o.keygen ~CFR~V
+	-ifthere g10.o.sign then wipe g10.o.sign ~CFR~V
+	-ifthere g10.gpg then wipe g10.gpg ~CFR~V
+	-ifthere g10.gpgv then wipe g10.gpgv ~CFR~V
+	-ifthere g10.gpgpart then wipe g10.gpgpart ~CFR~V
+
+clean: clean-dist clean-cipher clean-intl clean-mpi clean-util clean-zlib clean-g10 clean-keyserver clean-tools clean-riscos
+
+g10.o.armor: BUILD
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o g10.o.armor g10.c.armor
+
+g10.o.encode: BUILD
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o g10.o.encode g10.c.encode
+
+g10.o.g10: BUILD
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o g10.o.g10 g10.c.g10
+
+g10.o.gpgv: BUILD
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o g10.o.gpgv g10.c.gpgv
+
+g10.o.keygen: BUILD
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o g10.o.keygen g10.c.keygen
+
+g10.o.sign: BUILD
+	$(CC) $(CC_FLAGS) $(DEPEND) -c -o g10.o.sign g10.c.sign
+
+dev: clean-version
+	$(MAKE) fast-dev
+
+fast-dev: BUILD
+	setver configure/ac AC_INIT(gnupg, , dev
+	wipe distrib.private.!GnuPG.gpg* ~CFR~V
+	-$(MAKE) keyserver.gpgkeys_ldap
+	$(MAKE) tools.gpgsplit
+	$(MAKE) distrib.gnupgdev/zip
+	ifthere <WebServe$ServeRoot>.private.gnupgdev/zip then wipe <WebServe$ServeRoot>.private.gnupgdev/zip ~CFR~V
+	rename distrib.gnupgdev/zip <WebServe$ServeRoot>.private.gnupgdev/zip
+
+dist: BUILD clean-version tools.gpgsplit
+	setver configure/ac AC_INIT(gnupg, , dist
+	wipe distrib.gpl-bin.!GnuPG.gpg* ~CFR~V
+	$(MAKE) distrib.gnupg/zip
+	$(MAKE) distrib.gnupgidea/zip
+	$(MAKE) distrib.gnupgpart/zip
+	wipe distrib.private.!GnuPG.gpg* ~CFR~V
+	$(MAKE) distrib.gnupgdev/zip
+	$(MAKE) distrib.gnupgsrc/zip
+	$(MAKE) distrib.gnupgintl/zip
+	$(MAKE) distrib.gnupgldap/zip
+	$(MAKE) select-idea-src
+	ifthere <WebServe$ServeRoot>.archives.gnupg/zip then wipe <WebServe$ServeRoot>.archives.gnupg/zip ~CFR~V
+	ifthere <WebServe$ServeRoot>.private.gnupgdev/zip then wipe <WebServe$ServeRoot>.private.gnupgdev/zip ~CFR~V
+	ifthere <WebServe$ServeRoot>.archives.gnupgidea/zip then wipe <WebServe$ServeRoot>.archives.gnupgidea/zip ~CFR~V
+	ifthere <WebServe$ServeRoot>.archives.gnupgpart/zip then wipe <WebServe$ServeRoot>.archives.gnupgpart/zip ~CFR~V
+	ifthere <WebServe$ServeRoot>.archives.gnupgsrc/zip then wipe <WebServe$ServeRoot>.archives.gnupgsrc/zip ~CFR~V
+	ifthere <WebServe$ServeRoot>.archives.gnupgintl/zip then wipe <WebServe$ServeRoot>.archives.gnupgintl/zip ~CFR~V
+	ifthere <WebServe$ServeRoot>.archives.gnupgldap/zip then wipe <WebServe$ServeRoot>.archives.gnupgldap/zip ~CFR~V
+	ifthere <WebServe$ServeRoot>.gnupg_history/txt then wipe <WebServe$ServeRoot>.gnupg_history/txt ~CFR~V
+	ifthere <WebServe$ServeRoot>.gnupg_news/txt then wipe <WebServe$ServeRoot>.gnupg_news/txt ~CFR~V
+	rename distrib.gnupgdev/zip <WebServe$ServeRoot>.private.gnupgdev/zip
+	rename distrib.gnupg/zip <WebServe$ServeRoot>.archives.gnupg/zip
+	rename distrib.gnupgidea/zip <WebServe$ServeRoot>.archives.gnupgidea/zip
+	rename distrib.gnupgpart/zip <WebServe$ServeRoot>.archives.gnupgpart/zip
+	rename distrib.gnupgsrc/zip <WebServe$ServeRoot>.archives.gnupgsrc/zip
+	rename distrib.gnupgintl/zip <WebServe$ServeRoot>.archives.gnupgintl/zip
+	rename distrib.gnupgldap/zip <WebServe$ServeRoot>.archives.gnupgldap/zip
+	copy distrib.resources.History <WebServe$ServeRoot>.gnupg_history/txt ~CFR~V
+	copy distrib.resources.orig_docs.NEWS <WebServe$ServeRoot>.gnupg_news/txt ~CFR~V
+	unset GnuPG$DevDefine
+	unset GnuPG$Version
+	updatesigs <WebServe$ServeRoot>.archives --secring adfs::ap.$.secring/gpg
+
+# Dynamic dependencies:
diff --git a/scripts/conf-riscos/cipher/construct.c b/scripts/conf-riscos/cipher/construct.c
new file mode 100644
index 000000000..122d740e8
--- /dev/null
+++ b/scripts/conf-riscos/cipher/construct.c
@@ -0,0 +1,38 @@
+/* construct.c  -  RISC OS constructors for cipher algorithms
+ *	Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+void rndriscos_constructor(void);
+void sha1_constructor(void);
+void rmd160_constructor(void);
+void md5_constructor(void);
+
+void
+cipher_modules_constructor(void)
+{
+    static int done = 0;
+    if( done )
+        return;
+    done = 1;
+
+   rndriscos_constructor();
+   sha1_constructor();
+   rmd160_constructor();
+   md5_constructor();
+}
diff --git a/scripts/conf-riscos/cipher/constructv.c b/scripts/conf-riscos/cipher/constructv.c
new file mode 100644
index 000000000..cb50bfff8
--- /dev/null
+++ b/scripts/conf-riscos/cipher/constructv.c
@@ -0,0 +1,32 @@
+/* constructv.c  -  RISC OS constructors for cipher algorithms (gpgv version)
+ *	Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+void rmd160_constructor(void);
+
+void
+cipher_modules_constructor(void)
+{
+    static int done = 0;
+    if( done )
+        return;
+    done = 1;
+
+   rmd160_constructor();
+}
diff --git a/scripts/conf-riscos/include/config.h b/scripts/conf-riscos/include/config.h
new file mode 100644
index 000000000..6a3440235
--- /dev/null
+++ b/scripts/conf-riscos/include/config.h
@@ -0,0 +1,384 @@
+/* config.h - hand edited by Stefan Bellon to suit RISC OS needs
+ *	Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GNUPG.
+ *
+ * GNUPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GNUPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_CONFIG_H
+#define G10_CONFIG_H
+
+/* need this, because some autoconf tests rely on this (e.g. stpcpy)
+ * and it should be used for new programs
+ */
+#define _GNU_SOURCE  1
+
+
+/* Define if using alloca.c.  */
+#undef C_ALLOCA
+
+/* Define to empty if the keyword does not work.  */
+/* #undef const */
+
+/* Define to one of _getb67, GETB67, getb67 for Cray-2 and Cray-YMP systems.
+   This function is required for alloca.c support on those systems.  */
+#undef CRAY_STACKSEG_END
+
+/* Define if you have alloca, as a function or macro.  */
+/* #undef HAVE_ALLOCA */
+#define HAVE_ALLOCA
+
+/* Define if you have <alloca.h> and it should be used (not on Ultrix).  */
+/* #undef HAVE_ALLOCA_H */
+#define HAVE_ALLOCA_H
+
+/* #undef _LIBC */
+
+/* Define if you don't have vprintf but do have _doprnt.  */
+#undef HAVE_DOPRNT
+
+/* Define if you have the vprintf function.  */
+#define HAVE_VPRINTF
+
+/* Define to `long' if <sys/types.h> doesn't define.  */
+#undef off_t
+
+/* Define if you need to in order for stat and other things to work.  */
+#undef _POSIX_SOURCE
+
+/* Define as the return type of signal handlers (int or void).  */
+#define RETSIGTYPE void
+
+/* Define to `unsigned' if <sys/types.h> doesn't define.  */
+#define size_t unsigned int
+
+/* If using the C implementation of alloca, define if you know the
+   direction of stack growth for your system; otherwise it will be
+   automatically deduced at run-time.
+ STACK_DIRECTION > 0 => grows toward higher addresses
+ STACK_DIRECTION < 0 => grows toward lower addresses
+ STACK_DIRECTION = 0 => direction of growth unknown
+ */
+#undef STACK_DIRECTION
+
+/* Define if you have the ANSI C header files.  */
+#define STDC_HEADERS
+
+/* Define if `sys_siglist' is declared by <signal.h>.  */
+#define SYS_SIGLIST_DECLARED
+
+#undef M_DEBUG
+#undef M_GUARD
+#define PRINTABLE_OS_NAME "RISC OS"
+
+/* Define if your locale.h file contains LC_MESSAGES.  */
+#undef HAVE_LC_MESSAGES
+
+/* Define to 1 if NLS is requested.  */
+#define ENABLE_NLS 1
+
+/* Define as 1 if you have catgets and don't want to use GNU gettext.  */
+#undef HAVE_CATGETS
+
+/* Define as 1 if you have gettext and don't want to use GNU gettext.  */
+#undef HAVE_GETTEXT
+
+#undef BIG_ENDIAN_HOST
+#define LITTLE_ENDIAN_HOST 1
+
+#undef HAVE_BYTE_TYPEDEF
+#undef HAVE_USHORT_TYPEDEF
+#undef HAVE_ULONG_TYPEDEF
+#undef HAVE_U16_TYPEDEF
+#undef HAVE_U32_TYPEDEF
+
+#undef HAVE_BROKEN_MLOCK
+
+/* defined if we have a /dev/random and /dev/urandom */
+#undef HAVE_DEV_RANDOM
+/* and the real names of the random devices */
+#undef NAME_OF_DEV_RANDOM
+#undef NAME_OF_DEV_URANDOM
+/* Linux has an ioctl */
+#undef HAVE_DEV_RANDOM_IOCTL
+
+/* see cipher/rndegd.c */
+#undef EGD_SOCKET_NAME
+
+#undef USE_DYNAMIC_LINKING
+#undef HAVE_DL_DLOPEN
+#undef HAVE_DL_SHL_LOAD
+#undef HAVE_DLD_DLD_LINK
+
+#undef USE_SHM_COPROCESSING
+
+#undef IPC_HAVE_SHM_LOCK
+#undef IPC_RMID_DEFERRED_RELEASE
+
+/* set this to limit filenames to the 8.3 format */
+#undef USE_ONLY_8DOT3
+/* defined if we must run on a stupid file system */
+#undef HAVE_DRIVE_LETTERS
+/* defined if we run on some of the PCDOS like systems (DOS, Windoze. OS/2)
+ * with special properties like no file modes */
+#undef HAVE_DOSISH_SYSTEM
+/* because the Unix gettext has to much overhead on MingW32 systems
+ * and these systems lack Posix functions, we use a simplified version
+ * of gettext */
+#undef USE_SIMPLE_GETTEXT
+/* At some point in the system we need to know that we use the Windows
+ * random module. */
+#undef USE_STATIC_RNDW32
+
+#undef USE_CAPABILITIES
+
+/* Some systems have mkdir that takes a single argument. */
+#undef MKDIR_TAKES_ONE_ARG
+
+/* The number of bytes in a unsigned int.  */
+#define SIZEOF_UNSIGNED_INT 4
+
+/* The number of bytes in a unsigned long.  */
+#define SIZEOF_UNSIGNED_LONG 4
+
+/* The number of bytes in a unsigned long long.  */
+#define SIZEOF_UNSIGNED_LONG_LONG 0
+
+/* The number of bytes in a unsigned short.  */
+#define SIZEOF_UNSIGNED_SHORT 2
+
+/* Define if you have the __argz_count function.  */
+#undef HAVE___ARGZ_COUNT
+
+/* Define if you have the __argz_next function.  */
+#undef HAVE___ARGZ_NEXT
+
+/* Define if you have the __argz_stringify function.  */
+#undef HAVE___ARGZ_STRINGIFY
+
+/* Define if you have the atexit function.  */
+#define HAVE_ATEXIT
+
+/* Define if you have the clock_gettime function.  */
+#undef HAVE_CLOCK_GETTIME
+
+/* Define if you have the dcgettext function.  */
+#undef HAVE_DCGETTEXT
+
+/* Define if you have the dlopen function.  */
+#undef HAVE_DLOPEN
+
+/* Define if you have the fopen64 function.  */
+#undef HAVE_FOPEN64
+
+/* Define if you have the fstat64 function.  */
+#undef HAVE_FSTAT64
+
+/* Define if you have the getcwd function.  */
+#define HAVE_GETCWD
+
+/* Define if you have the gethrtime function.  */
+#undef HAVE_GETHRTIME
+
+/* Define if you have the getpagesize function.  */
+#define HAVE_GETPAGESIZE
+
+/* Define if you have the getrusage function.  */
+#define HAVE_GETRUSAGE
+
+/* Define if you have the gettimeofday function.  */
+#define HAVE_GETTIMEOFDAY
+
+/* Define if you have the memicmp function.  */
+#undef HAVE_MEMICMP
+
+/* Define if you have the memmove function.  */
+#define HAVE_MEMMOVE
+
+/* Define if you have the mlock function.  */
+#undef HAVE_MLOCK
+
+/* Define if you have the mmap function.  */
+#undef HAVE_MMAP
+
+/* Define if you have the munmap function.  */
+#undef HAVE_MUNMAP
+
+/* Define if you have the nl_langinfo function.  */
+#undef HAVE_NL_LANGINFO
+
+/* Define if you have the putenv function.  */
+#define HAVE_PUTENV
+
+/* Define if you have the raise function.  */
+#define HAVE_RAISE
+
+/* Define if you have the rand function.  */
+#define HAVE_RAND
+
+/* Define if you have the setenv function.  */
+#define HAVE_SETENV
+
+/* Define if you have the setlocale function.  */
+#define HAVE_SETLOCALE
+
+/* Define if you have the setrlimit function.  */
+#define HAVE_SETRLIMIT
+
+/* Define if you have the sigaction function.  */
+#define HAVE_SIGACTION
+
+/* Define if you have the sigprocmask function.  */
+#define HAVE_SIGPROCMASK
+
+/* Define if you have the stpcpy function.  */
+#define HAVE_STPCPY
+
+/* Define if you have the strcasecmp function.  */
+#define HAVE_STRCASECMP
+
+/* Define if you have the strchr function.  */
+#define HAVE_STRCHR
+
+/* Define if you have the strdup function.  */
+#define HAVE_STRDUP
+
+/* Define if you have the strerror function.  */
+#define HAVE_STRERROR
+
+/* Define if you have the strftime function.  */
+#define HAVE_STRFTIME
+
+/* Define if you have the stricmp function.  */
+#define HAVE_STRICMP
+
+/* Define if you have the strlwr function.  */
+#undef HAVE_STRLWR
+
+/* Define if you have the strtoul function.  */
+#define HAVE_STRTOUL
+
+/* Define if you have the tcgetattr function.  */
+#define HAVE_TCGETATTR
+
+/* Define if you have the wait4 function.  */
+#define HAVE_WAIT4
+
+/* Define if you have the waitpid function.  */
+#define HAVE_WAITPID
+
+/* Define if you have the <argz.h> header file.  */
+#undef HAVE_ARGZ_H
+
+/* Define if you have the <direct.h> header file.  */
+#undef HAVE_DIRECT_H
+
+/* Define if you have the <gdbm.h> header file.  */
+#undef HAVE_GDBM_H
+
+/* Define if you have the <langinfo.h> header file.  */
+#undef HAVE_LANGINFO_H
+
+/* Define if you have the <limits.h> header file.  */
+#define HAVE_LIMITS_H
+
+/* Define if you have the <linux/random.h> header file.  */
+#undef HAVE_LINUX_RANDOM_H
+
+/* Define if you have the <locale.h> header file.  */
+#define HAVE_LOCALE_H
+
+/* Define if you have the <malloc.h> header file.  */
+#define HAVE_MALLOC_H
+
+/* Define if you have the <nl_types.h> header file.  */
+#undef HAVE_NL_TYPES_H
+
+/* Define if you have the <string.h> header file.  */
+#define HAVE_STRING_H
+
+/* Define if you have the <sys/capability.h> header file.  */
+#undef HAVE_SYS_CAPABILITY_H
+
+/* Define if you have the <sys/ipc.h> header file.  */
+#undef HAVE_SYS_IPC_H
+
+/* Define if you have the <sys/mman.h> header file.  */
+#define HAVE_SYS_MMAN_H
+
+/* Define if you have the <sys/param.h> header file.  */
+#define HAVE_SYS_PARAM_H
+
+/* Define if you have the <sys/shm.h> header file.  */
+#undef HAVE_SYS_SHM_H
+
+/* Define if you have the <sys/stat.h> header file.  */
+#define HAVE_SYS_STAT_H
+
+/* Define if you have the <termio.h> header file.  */
+#define HAVE_TERMIO_H
+
+/* Define if you have the <unistd.h> header file.  */
+#define HAVE_UNISTD_H
+
+/* Define if you have the <zlib.h> header file.  */
+#define HAVE_ZLIB_H
+
+/* Define if you have the dl library (-ldl).  */
+#undef HAVE_LIBDL
+
+/* Define if you have the dld library (-ldld).  */
+#undef HAVE_LIBDLD
+
+/* Define if you have the gdbm library (-lgdbm).  */
+#undef HAVE_LIBGDBM
+
+/* Define if you have the i library (-li).  */
+#undef HAVE_LIBI
+
+/* Define if you have the nsl library (-lnsl).  */
+#undef HAVE_LIBNSL
+
+/* Define if you have the rt library (-lrt).  */
+#undef HAVE_LIBRT
+
+/* Name of package */
+#define PACKAGE "GnuPG"
+
+
+/* define if compiled symbols have a leading underscore */
+#define WITH_SYMBOL_UNDERSCORE
+
+#ifdef IS_DEVELOPMENT_VERSION
+  #define DEBUG
+/*  #define M_DEBUG */
+  #define M_GUARD
+#endif
+
+
+/* RISC OS specifica */
+#if (__CC_NORCROFT == 1) /* Norcroft */
+# define __attribute__(x) 
+# if (__CC_NORCROFT_VERSION < 544) /* old version of Norcroft */
+#  define inline __inline
+#  define STR(a) #a
+#  define __func__ "[" __FILE__ ":" STR(__LINE__) "]"
+# endif
+#else /* gcc */
+#endif
+
+#include "g10defs.h"
+
+#endif /*G10_CONFIG_H*/
diff --git a/scripts/conf-riscos/include/g10defs.h b/scripts/conf-riscos/include/g10defs.h
new file mode 100644
index 000000000..a02dff42a
--- /dev/null
+++ b/scripts/conf-riscos/include/g10defs.h
@@ -0,0 +1,41 @@
+/* g10defs.h - hand edited by Stefan Bellon to suit RISC OS needs
+ *	Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GNUPG.
+ *
+ * GNUPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GNUPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* Path variables and filing system constants for RISC OS */
+#define G10_LOCALEDIR     "<GnuPG$Dir>.locale"
+#define GNUPG_LIBDIR      "<GnuPG$Dir>"
+#define GNUPG_DATADIR     "<GnuPG$Dir>"
+#define GNUPG_HOMEDIR     "<GnuPGUser$Dir>"
+#define LOCALE_ALIAS_PATH "<GnuPG$Dir>.locale"
+#define GNULOCALEDIR      "<GnuPG$Dir>.locale"
+#define DIRSEP_C            '.'
+#define EXTSEP_C            '/'
+#define DIRSEP_S            "."
+#define EXTSEP_S            "/"
+
+/* This file defines some basic constants for the MPI machinery.  We
+ * need to define the types on a per-CPU basis, so it is done with
+ * this file here.  */
+#define BYTES_PER_MPI_LIMB  (SIZEOF_UNSIGNED_LONG)
+
+/* External process spawning mechanism */
+#if !(defined(HAVE_FORK) && defined(HAVE_PIPE) && defined(HAVE_WAITPID))
+#define EXEC_TEMPFILE_ONLY
+#endif
diff --git a/scripts/config.guess b/scripts/config.guess
index 50fd53e39..dff9e481b 100755
--- a/scripts/config.guess
+++ b/scripts/config.guess
@@ -1,8 +1,10 @@
 #! /bin/sh
 # Attempt to guess a canonical system name.
-#   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999
+#   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
 #   Free Software Foundation, Inc.
-#
+
+timestamp='2001-09-04'
+
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
@@ -10,7 +12,7 @@
 #
 # This program is distributed in the hope that it will be useful, but
 # WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the GNU
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 # General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
@@ -23,53 +25,152 @@
 # the same distribution terms that you use for the rest of that program.
 
 # Written by Per Bothner <[email protected]>.
-# The master version of this file is at the FSF in /home/gd/gnu/lib.
-# Please send patches to the Autoconf mailing list <[email protected]>.
+# Please send patches to <[email protected]>.
 #
 # This script attempts to guess a canonical system name similar to
 # config.sub.  If it succeeds, it prints the system name on stdout, and
 # exits with 0.  Otherwise, it exits with 1.
 #
 # The plan is that this can be called by configure scripts if you
-# don't specify an explicit system type (host/target name).
-#
-# Only a few systems have been added to this list; please add others
-# (but try to keep the structure clean).
-#
+# don't specify an explicit build system type.
 
-# Use $HOST_CC if defined. $CC may point to a cross-compiler
-if test x"$CC_FOR_BUILD" = x; then
-  if test x"$HOST_CC" != x; then
-    CC_FOR_BUILD="$HOST_CC"
-  else
-    if test x"$CC" != x; then
-      CC_FOR_BUILD="$CC"
-    else
-      CC_FOR_BUILD=cc
-    fi
-  fi
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION]
+
+Output the configuration name of the system \`$me' is run on.
+
+Operation modes:
+  -h, --help         print this help, then exit
+  -t, --time-stamp   print date of last modification, then exit
+  -v, --version      print version number, then exit
+
+Report bugs and patches to <[email protected]>."
+
+version="\
+GNU config.guess ($timestamp)
+
+Originally written by Per Bothner.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
+Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+  case $1 in
+    --time-stamp | --time* | -t )
+       echo "$timestamp" ; exit 0 ;;
+    --version | -v )
+       echo "$version" ; exit 0 ;;
+    --help | --h* | -h )
+       echo "$usage"; exit 0 ;;
+    -- )     # Stop option processing
+       shift; break ;;
+    - )	# Use stdin as input.
+       break ;;
+    -* )
+       echo "$me: invalid option $1$help" >&2
+       exit 1 ;;
+    * )
+       break ;;
+  esac
+done
+
+if test $# != 0; then
+  echo "$me: too many arguments$help" >&2
+  exit 1
 fi
 
 
+dummy=dummy-$$
+trap 'rm -f $dummy.c $dummy.o $dummy.rel $dummy; exit 1' 1 2 15
+
+# CC_FOR_BUILD -- compiler used by this script.
+# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
+# use `HOST_CC' if defined, but it is deprecated.
+
+set_cc_for_build='case $CC_FOR_BUILD,$HOST_CC,$CC in
+ ,,)    echo "int dummy(){}" > $dummy.c ;
+	for c in cc gcc c89 ; do
+	  ($c $dummy.c -c -o $dummy.o) >/dev/null 2>&1 ;
+	  if test $? = 0 ; then
+	     CC_FOR_BUILD="$c"; break ;
+	  fi ;
+	done ;
+	rm -f $dummy.c $dummy.o $dummy.rel ;
+	if test x"$CC_FOR_BUILD" = x ; then
+	  CC_FOR_BUILD=no_compiler_found ;
+	fi
+	;;
+ ,,*)   CC_FOR_BUILD=$CC ;;
+ ,*,*)  CC_FOR_BUILD=$HOST_CC ;;
+esac'
+
 # This is needed to find uname on a Pyramid OSx when run in the BSD universe.
-# ([email protected] 8/24/94.)
+# ([email protected] 1994-08-24)
 if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
 	PATH=$PATH:/.attbin ; export PATH
 fi
 
 UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
 UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
-UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null`  || UNAME_SYSTEM=unknown
 UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
 
-dummy=dummy-$$
-trap 'rm -f $dummy.c $dummy.o $dummy; exit 1' 1 2 15
-
 # Note: order is significant - the case branches are not exclusive.
 
 case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
-    *:QNX:*:*)
-	echo i386-pc-qnx
+    *:NetBSD:*:*)
+	# Netbsd (nbsd) targets should (where applicable) match one or
+	# more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
+	# *-*-netbsdecoff* and *-*-netbsd*.  For targets that recently
+	# switched to ELF, *-*-netbsd* would select the old
+	# object file format.  This provides both forward
+	# compatibility and a consistent mechanism for selecting the
+	# object file format.
+	# Determine the machine/vendor (is the vendor relevant).
+	case "${UNAME_MACHINE}" in
+	    amiga) machine=m68k-unknown ;;
+	    arm32) machine=arm-unknown ;;
+	    atari*) machine=m68k-atari ;;
+	    sun3*) machine=m68k-sun ;;
+	    mac68k) machine=m68k-apple ;;
+	    macppc) machine=powerpc-apple ;;
+	    hp3[0-9][05]) machine=m68k-hp ;;
+	    ibmrt|romp-ibm) machine=romp-ibm ;;
+	    *) machine=${UNAME_MACHINE}-unknown ;;
+	esac
+	# The Operating System including object format, if it has switched
+	# to ELF recently, or will in the future.
+	case "${UNAME_MACHINE}" in
+	    i386|sparc|amiga|arm*|hp300|mvme68k|vax|atari|luna68k|mac68k|news68k|next68k|pc532|sun3*|x68k)
+		eval $set_cc_for_build
+		if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
+			| grep __ELF__ >/dev/null
+		then
+		    # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
+		    # Return netbsd for either.  FIX?
+		    os=netbsd
+		else
+		    os=netbsdelf
+		fi
+		;;
+	    *)
+	        os=netbsd
+		;;
+	esac
+	# The OS release
+	release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+	# Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM:
+	# contains redundant information, the shorter form:
+	# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
+	echo "${machine}-${os}${release}"
 	exit 0 ;;
     alpha:OSF1:*:*)
 	if test $UNAME_RELEASE = "V4.0"; then
@@ -80,41 +181,55 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
 	# A Xn.n version is an unreleased experimental baselevel.
 	# 1.2 uses "1.2" for uname -r.
 	cat <<EOF >$dummy.s
+	.data
+\$Lformat:
+	.byte 37,100,45,37,120,10,0	# "%d-%x\n"
+
+	.text
 	.globl main
+	.align 4
 	.ent main
 main:
-	.frame \$30,0,\$26,0
-	.prologue 0
-	.long 0x47e03d80 # implver $0
-	lda \$2,259
-	.long 0x47e20c21 # amask $2,$1
-	srl \$1,8,\$2
-	sll \$2,2,\$2
-	sll \$0,3,\$0
-	addl \$1,\$0,\$0
-	addl \$2,\$0,\$0
-	ret \$31,(\$26),1
+	.frame \$30,16,\$26,0
+	ldgp \$29,0(\$27)
+	.prologue 1
+	.long 0x47e03d80 # implver \$0
+	lda \$2,-1
+	.long 0x47e20c21 # amask \$2,\$1
+	lda \$16,\$Lformat
+	mov \$0,\$17
+	not \$1,\$18
+	jsr \$26,printf
+	ldgp \$29,0(\$26)
+	mov 0,\$16
+	jsr \$26,exit
 	.end main
 EOF
+	eval $set_cc_for_build
 	$CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null
 	if test "$?" = 0 ; then
-		./$dummy
-		case "$?" in
-			7)
+		case `./$dummy` in
+			0-0)
 				UNAME_MACHINE="alpha"
 				;;
-			15)
+			1-0)
 				UNAME_MACHINE="alphaev5"
 				;;
-			14)
+			1-1)
 				UNAME_MACHINE="alphaev56"
 				;;
-			10)
+			1-101)
 				UNAME_MACHINE="alphapca56"
 				;;
-			16)
+			2-303)
 				UNAME_MACHINE="alphaev6"
 				;;
+			2-307)
+				UNAME_MACHINE="alphaev67"
+				;;
+			2-1307)
+				UNAME_MACHINE="alphaev68"
+				;;
 		esac
 	fi
 	rm -f $dummy.s $dummy
@@ -130,11 +245,8 @@ EOF
 	echo alpha-dec-winnt3.5
 	exit 0 ;;
     Amiga*:UNIX_System_V:4.0:*)
-	echo m68k-cbm-sysv4
+	echo m68k-unknown-sysv4
 	exit 0;;
-    amiga:NetBSD:*:*)
-      echo m68k-cbm-netbsd${UNAME_RELEASE}
-      exit 0 ;;
     amiga:OpenBSD:*:*)
 	echo m68k-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
@@ -159,13 +271,13 @@ EOF
     wgrisc:OpenBSD:*:*)
 	echo mipsel-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
+    *:OS/390:*:*)
+	echo i370-ibm-openedition
+	exit 0 ;;
     arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
 	echo arm-acorn-riscix${UNAME_RELEASE}
 	exit 0;;
-    arm32:NetBSD:*:*)
-	echo arm-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
-	exit 0 ;;
-    SR2?01:HI-UX/MPP:*:*)
+    SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
 	echo hppa1.1-hitachi-hiuxmpp
 	exit 0;;
     Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
@@ -221,8 +333,8 @@ EOF
     aushp:SunOS:*:*)
 	echo sparc-auspex-sunos${UNAME_RELEASE}
 	exit 0 ;;
-    atari*:NetBSD:*:*)
-	echo m68k-atari-netbsd${UNAME_RELEASE}
+    sparc*:NetBSD:*)
+	echo `uname -p`-unknown-netbsd${UNAME_RELEASE}
 	exit 0 ;;
     atari*:OpenBSD:*:*)
 	echo m68k-unknown-openbsd${UNAME_RELEASE}
@@ -236,32 +348,26 @@ EOF
     # MiNT.  But MiNT is downward compatible to TOS, so this should
     # be no problem.
     atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
-	echo m68k-atari-mint${UNAME_RELEASE}
+        echo m68k-atari-mint${UNAME_RELEASE}
 	exit 0 ;;
     atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
 	echo m68k-atari-mint${UNAME_RELEASE}
-	exit 0 ;;
+        exit 0 ;;
     *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
-	echo m68k-atari-mint${UNAME_RELEASE}
+        echo m68k-atari-mint${UNAME_RELEASE}
 	exit 0 ;;
     milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
-	echo m68k-milan-mint${UNAME_RELEASE}
-	exit 0 ;;
+        echo m68k-milan-mint${UNAME_RELEASE}
+        exit 0 ;;
     hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
-	echo m68k-hades-mint${UNAME_RELEASE}
-	exit 0 ;;
+        echo m68k-hades-mint${UNAME_RELEASE}
+        exit 0 ;;
     *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
-	echo m68k-unknown-mint${UNAME_RELEASE}
-	exit 0 ;;
-    sun3*:NetBSD:*:*)
-	echo m68k-sun-netbsd${UNAME_RELEASE}
-	exit 0 ;;
+        echo m68k-unknown-mint${UNAME_RELEASE}
+        exit 0 ;;
     sun3*:OpenBSD:*:*)
 	echo m68k-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
-    mac68k:NetBSD:*:*)
-	echo m68k-apple-netbsd${UNAME_RELEASE}
-	exit 0 ;;
     mac68k:OpenBSD:*:*)
 	echo m68k-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
@@ -274,9 +380,6 @@ EOF
     powerpc:machten:*:*)
 	echo powerpc-apple-machten${UNAME_RELEASE}
 	exit 0 ;;
-    macppc:NetBSD:*:*)
-	echo powerpc-apple-netbsd${UNAME_RELEASE}
-	exit 0 ;;
     RISC*:Mach:*:*)
 	echo mips-dec-mach_bsd4.3
 	exit 0 ;;
@@ -290,8 +393,10 @@ EOF
 	echo clipper-intergraph-clix${UNAME_RELEASE}
 	exit 0 ;;
     mips:*:*:UMIPS | mips:*:*:RISCos)
-	sed 's/^        //' << EOF >$dummy.c
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
 #ifdef __cplusplus
+#include <stdio.h>  /* for printf() prototype */
 	int main (int argc, char *argv[]) {
 #else
 	int main (argc, argv) int argc; char *argv[]; {
@@ -312,10 +417,13 @@ EOF
 EOF
 	$CC_FOR_BUILD $dummy.c -o $dummy \
 	  && ./$dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
-	  && rm $dummy.c $dummy && exit 0
+	  && rm -f $dummy.c $dummy && exit 0
 	rm -f $dummy.c $dummy
 	echo mips-mips-riscos${UNAME_RELEASE}
 	exit 0 ;;
+    Motorola:PowerMAX_OS:*:*)
+	echo powerpc-motorola-powermax
+	exit 0 ;;
     Night_Hawk:Power_UNIX:*:*)
 	echo powerpc-harris-powerunix
 	exit 0 ;;
@@ -329,19 +437,22 @@ EOF
 	echo m88k-motorola-sysv3
 	exit 0 ;;
     AViiON:dgux:*:*)
-	# DG/UX returns AViiON for all architectures
-	UNAME_PROCESSOR=`/usr/bin/uname -p`
-	if [ $UNAME_PROCESSOR = mc88100 -o $UNAME_PROCESSOR = mc88110 ] ; then
-	if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx \
-	     -o ${TARGET_BINARY_INTERFACE}x = x ] ; then
+        # DG/UX returns AViiON for all architectures
+        UNAME_PROCESSOR=`/usr/bin/uname -p`
+	if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
+	then
+	    if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
+	       [ ${TARGET_BINARY_INTERFACE}x = x ]
+	    then
 		echo m88k-dg-dgux${UNAME_RELEASE}
-	else
+	    else
 		echo m88k-dg-dguxbcs${UNAME_RELEASE}
+	    fi
+	else
+	    echo i586-dg-dgux${UNAME_RELEASE}
 	fi
-	else echo i586-dg-dgux${UNAME_RELEASE}
-	fi
-	exit 0 ;;
-    M88*:DolphinOS:*:*) # DolphinOS (SVR3)
+ 	exit 0 ;;
+    M88*:DolphinOS:*:*)	# DolphinOS (SVR3)
 	echo m88k-dolphin-sysv3
 	exit 0 ;;
     M88*:*:R3*:*)
@@ -359,13 +470,22 @@ EOF
 	exit 0 ;;
     ????????:AIX?:[12].1:2)   # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
 	echo romp-ibm-aix      # uname -m gives an 8 hex-code CPU id
-	exit 0 ;;	       # Note that: echo "'`uname -s`'" gives 'AIX '
-    i?86:AIX:*:*)
+	exit 0 ;;              # Note that: echo "'`uname -s`'" gives 'AIX '
+    i*86:AIX:*:*)
 	echo i386-ibm-aix
 	exit 0 ;;
+    ia64:AIX:*:*)
+	if [ -x /usr/bin/oslevel ] ; then
+		IBM_REV=`/usr/bin/oslevel`
+	else
+		IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+	fi
+	echo ${UNAME_MACHINE}-ibm-aix${IBM_REV}
+	exit 0 ;;
     *:AIX:2:3)
 	if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
-		sed 's/^                //' << EOF >$dummy.c
+		eval $set_cc_for_build
+		sed 's/^		//' << EOF >$dummy.c
 		#include <sys/systemcfg.h>
 
 		main()
@@ -376,7 +496,7 @@ EOF
 			exit(0);
 			}
 EOF
-		$CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm $dummy.c $dummy && exit 0
+		$CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm -f $dummy.c $dummy && exit 0
 		rm -f $dummy.c $dummy
 		echo rs6000-ibm-aix3.2.5
 	elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
@@ -385,9 +505,9 @@ EOF
 		echo rs6000-ibm-aix3.2
 	fi
 	exit 0 ;;
-    *:AIX:*:4)
+    *:AIX:*:[45])
 	IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | head -1 | awk '{ print $1 }'`
-	if /usr/sbin/lsattr -EHl ${IBM_CPU_ID} | grep POWER >/dev/null 2>&1; then
+	if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
 		IBM_ARCH=rs6000
 	else
 		IBM_ARCH=powerpc
@@ -395,7 +515,7 @@ EOF
 	if [ -x /usr/bin/oslevel ] ; then
 		IBM_REV=`/usr/bin/oslevel`
 	else
-		IBM_REV=4.${UNAME_RELEASE}
+		IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
 	fi
 	echo ${IBM_ARCH}-ibm-aix${IBM_REV}
 	exit 0 ;;
@@ -405,9 +525,9 @@ EOF
     ibmrt:4.4BSD:*|romp-ibm:BSD:*)
 	echo romp-ibm-bsd4.4
 	exit 0 ;;
-    ibmrt:*BSD:*|romp-ibm:BSD:*)	    # covers RT/PC NetBSD and
+    ibmrt:*BSD:*|romp-ibm:BSD:*)            # covers RT/PC BSD and
 	echo romp-ibm-bsd${UNAME_RELEASE}   # 4.3 with uname added to
-	exit 0 ;;			    # report: romp-ibm BSD 4.3
+	exit 0 ;;                           # report: romp-ibm BSD 4.3
     *:BOSX:*:*)
 	echo rs6000-bull-bosx
 	exit 0 ;;
@@ -421,49 +541,76 @@ EOF
 	echo m68k-hp-bsd4.4
 	exit 0 ;;
     9000/[34678]??:HP-UX:*:*)
+	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
 	case "${UNAME_MACHINE}" in
-	    9000/31? )		  HP_ARCH=m68000 ;;
-	    9000/[34]?? )	  HP_ARCH=m68k ;;
+	    9000/31? )            HP_ARCH=m68000 ;;
+	    9000/[34]?? )         HP_ARCH=m68k ;;
 	    9000/[678][0-9][0-9])
-	      sed 's/^              //' << EOF >$dummy.c
-	      #include <stdlib.h>
-	      #include <unistd.h>
+              case "${HPUX_REV}" in
+                11.[0-9][0-9])
+                  if [ -x /usr/bin/getconf ]; then
+                    sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
+                    sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+                    case "${sc_cpu_version}" in
+                      523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
+                      528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
+                      532)                      # CPU_PA_RISC2_0
+                        case "${sc_kernel_bits}" in
+                          32) HP_ARCH="hppa2.0n" ;;
+                          64) HP_ARCH="hppa2.0w" ;;
+                        esac ;;
+                    esac
+                  fi ;;
+              esac
+              if [ "${HP_ARCH}" = "" ]; then
+	      eval $set_cc_for_build
+              sed 's/^              //' << EOF >$dummy.c
 
-	      int main ()
-	      {
-	      #if defined(_SC_KERNEL_BITS)
-		  long bits = sysconf(_SC_KERNEL_BITS);
-	      #endif
-		  long cpu  = sysconf (_SC_CPU_VERSION);
+              #define _HPUX_SOURCE
+              #include <stdlib.h>
+              #include <unistd.h>
 
-		  switch (cpu)
-		{
-		case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
-		case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
-		case CPU_PA_RISC2_0:
-	      #if defined(_SC_KERNEL_BITS)
-		    switch (bits)
-			{
-			case 64: puts ("hppa2.0w"); break;
-			case 32: puts ("hppa2.0n"); break;
-			default: puts ("hppa2.0"); break;
-			} break;
-	      #else  /* !defined(_SC_KERNEL_BITS) */
-		    puts ("hppa2.0"); break;
-	      #endif
-		default: puts ("hppa1.0"); break;
-		}
-		  exit (0);
-	      }
+              int main ()
+              {
+              #if defined(_SC_KERNEL_BITS)
+                  long bits = sysconf(_SC_KERNEL_BITS);
+              #endif
+                  long cpu  = sysconf (_SC_CPU_VERSION);
+
+                  switch (cpu)
+              	{
+              	case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+              	case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+              	case CPU_PA_RISC2_0:
+              #if defined(_SC_KERNEL_BITS)
+              	    switch (bits)
+              		{
+              		case 64: puts ("hppa2.0w"); break;
+              		case 32: puts ("hppa2.0n"); break;
+              		default: puts ("hppa2.0"); break;
+              		} break;
+              #else  /* !defined(_SC_KERNEL_BITS) */
+              	    puts ("hppa2.0"); break;
+              #endif
+              	default: puts ("hppa1.0"); break;
+              	}
+                  exit (0);
+              }
 EOF
-	($CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null ) && HP_ARCH=`./$dummy`
-	rm -f $dummy.c $dummy
+	    (CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null ) && HP_ARCH=`./$dummy`
+	    if test -z "$HP_ARCH"; then HP_ARCH=hppa; fi
+	    rm -f $dummy.c $dummy
+	fi ;;
 	esac
-	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
 	echo ${HP_ARCH}-hp-hpux${HPUX_REV}
 	exit 0 ;;
+    ia64:HP-UX:*:*)
+	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	echo ia64-hp-hpux${HPUX_REV}
+	exit 0 ;;
     3050*:HI-UX:*:*)
-	sed 's/^        //' << EOF >$dummy.c
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
 	#include <unistd.h>
 	int
 	main ()
@@ -471,7 +618,7 @@ EOF
 	  long cpu = sysconf (_SC_CPU_VERSION);
 	  /* The order matters, because CPU_IS_HP_MC68K erroneously returns
 	     true for CPU_PA_RISC1_0.  CPU_IS_PA_RISC returns correct
-	     results, however.	*/
+	     results, however.  */
 	  if (CPU_IS_PA_RISC (cpu))
 	    {
 	      switch (cpu)
@@ -488,7 +635,7 @@ EOF
 	  exit (0);
 	}
 EOF
-	$CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm $dummy.c $dummy && exit 0
+	$CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm -f $dummy.c $dummy && exit 0
 	rm -f $dummy.c $dummy
 	echo unknown-hitachi-hiuxwe2
 	exit 0 ;;
@@ -498,7 +645,7 @@ EOF
     9000/8??:4.3bsd:*:*)
 	echo hppa1.0-hp-bsd
 	exit 0 ;;
-    *9??*:MPE/iX:*:*)
+    *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*)
 	echo hppa1.0-hp-mpeix
 	exit 0 ;;
     hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
@@ -507,7 +654,7 @@ EOF
     hp8??:OSF1:*:*)
 	echo hppa1.0-hp-osf
 	exit 0 ;;
-    i?86:OSF1:*:*)
+    i*86:OSF1:*:*)
 	if [ -x /usr/sbin/sysversion ] ; then
 	    echo ${UNAME_MACHINE}-unknown-osf1mk
 	else
@@ -522,57 +669,59 @@ EOF
 	exit 0 ;;
     C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
 	echo c1-convex-bsd
-	exit 0 ;;
+        exit 0 ;;
     C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
 	if getsysinfo -f scalar_acc
 	then echo c32-convex-bsd
 	else echo c2-convex-bsd
 	fi
-	exit 0 ;;
+        exit 0 ;;
     C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
 	echo c34-convex-bsd
-	exit 0 ;;
+        exit 0 ;;
     C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
 	echo c38-convex-bsd
-	exit 0 ;;
+        exit 0 ;;
     C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
 	echo c4-convex-bsd
-	exit 0 ;;
+        exit 0 ;;
     CRAY*X-MP:*:*:*)
 	echo xmp-cray-unicos
-	exit 0 ;;
+        exit 0 ;;
     CRAY*Y-MP:*:*:*)
-	echo ymp-cray-unicos${UNAME_RELEASE}
+	echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
 	exit 0 ;;
     CRAY*[A-Z]90:*:*:*)
 	echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
 	| sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
-	      -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/
+	      -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \
+	      -e 's/\.[^.]*$/.X/'
 	exit 0 ;;
     CRAY*TS:*:*:*)
-	echo t90-cray-unicos${UNAME_RELEASE}
+	echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit 0 ;;
+    CRAY*T3D:*:*:*)
+	echo alpha-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
 	exit 0 ;;
     CRAY*T3E:*:*:*)
-	echo t3e-cray-unicosmk${UNAME_RELEASE}
+	echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit 0 ;;
+    CRAY*SV1:*:*:*)
+	echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
 	exit 0 ;;
     CRAY-2:*:*:*)
 	echo cray2-cray-unicos
-	exit 0 ;;
-    F300:UNIX_System_V:*:*)
-	FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
-	FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
-	echo "f300-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
-	exit 0 ;;
-    F301:UNIX_System_V:*:*)
-       echo f301-fujitsu-uxpv`echo $UNAME_RELEASE | sed 's/ .*//'`
-       exit 0 ;;
-    hp3[0-9][05]:NetBSD:*:*)
-	echo m68k-hp-netbsd${UNAME_RELEASE}
-	exit 0 ;;
+        exit 0 ;;
+    F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
+	FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+        FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+        echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+        exit 0 ;;
     hp300:OpenBSD:*:*)
 	echo m68k-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
-    i?86:BSD/386:*:* | i?86:BSD/OS:*:*)
+    i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
 	echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
 	exit 0 ;;
     sparc*:BSD/OS:*:*)
@@ -582,17 +731,8 @@ EOF
 	echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
 	exit 0 ;;
     *:FreeBSD:*:*)
-	if test -x /usr/bin/objformat; then
-	    if test "elf" = "`/usr/bin/objformat`"; then
-		echo ${UNAME_MACHINE}-unknown-freebsdelf`echo ${UNAME_RELEASE}|sed -e 's/[-_].*//'`
-		exit 0
-	    fi
-	fi
 	echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
 	exit 0 ;;
-    *:NetBSD:*:*)
-	echo ${UNAME_MACHINE}-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
-	exit 0 ;;
     *:OpenBSD:*:*)
 	echo ${UNAME_MACHINE}-unknown-openbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
 	exit 0 ;;
@@ -602,6 +742,9 @@ EOF
     i*:MINGW*:*)
 	echo ${UNAME_MACHINE}-pc-mingw32
 	exit 0 ;;
+    i*:PW*:*)
+	echo ${UNAME_MACHINE}-pc-pw32
+	exit 0 ;;
     i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
 	# How do we know it's Interix rather than the generic POSIX subsystem?
 	# It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
@@ -620,150 +763,99 @@ EOF
     *:GNU:*:*)
 	echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
 	exit 0 ;;
-    *:Linux:*:*)
-	# uname on the ARM produces all sorts of strangeness, and we need to
-	# filter it out.
-	case "$UNAME_MACHINE" in
-	  armv*)		      UNAME_MACHINE=$UNAME_MACHINE ;;
-	  arm* | sa110*)	      UNAME_MACHINE="arm" ;;
+    i*86:Minix:*:*)
+	echo ${UNAME_MACHINE}-pc-minix
+	exit 0 ;;
+    arm*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit 0 ;;
+    ia64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux
+	exit 0 ;;
+    m68*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit 0 ;;
+    mips:Linux:*:*)
+	case `sed -n '/^byte/s/^.*: \(.*\) endian/\1/p' < /proc/cpuinfo` in
+	  big)    echo mips-unknown-linux-gnu && exit 0 ;;
+	  little) echo mipsel-unknown-linux-gnu && exit 0 ;;
 	esac
-
+	;;
+    ppc:Linux:*:*)
+	echo powerpc-unknown-linux-gnu
+	exit 0 ;;
+    ppc64:Linux:*:*)
+	echo powerpc64-unknown-linux-gnu
+	exit 0 ;;
+    alpha:Linux:*:*)
+	case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+	  EV5)   UNAME_MACHINE=alphaev5 ;;
+	  EV56)  UNAME_MACHINE=alphaev56 ;;
+	  PCA56) UNAME_MACHINE=alphapca56 ;;
+	  PCA57) UNAME_MACHINE=alphapca56 ;;
+	  EV6)   UNAME_MACHINE=alphaev6 ;;
+	  EV67)  UNAME_MACHINE=alphaev67 ;;
+	  EV68*) UNAME_MACHINE=alphaev68 ;;
+        esac
+	objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
+	if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
+	echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+	exit 0 ;;
+    parisc:Linux:*:* | hppa:Linux:*:*)
+	# Look for CPU level
+	case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
+	  PA7*) echo hppa1.1-unknown-linux-gnu ;;
+	  PA8*) echo hppa2.0-unknown-linux-gnu ;;
+	  *)    echo hppa-unknown-linux-gnu ;;
+	esac
+	exit 0 ;;
+    parisc64:Linux:*:* | hppa64:Linux:*:*)
+	echo hppa64-unknown-linux-gnu
+	exit 0 ;;
+    s390:Linux:*:* | s390x:Linux:*:*)
+	echo ${UNAME_MACHINE}-ibm-linux
+	exit 0 ;;
+    sh*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit 0 ;;
+    sparc:Linux:*:* | sparc64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit 0 ;;
+    x86_64:Linux:*:*)
+	echo x86_64-unknown-linux-gnu
+	exit 0 ;;
+    i*86:Linux:*:*)
 	# The BFD linker knows what the default object file format is, so
 	# first see if it will tell us. cd to the root directory to prevent
 	# problems with other programs or directories called `ld' in the path.
-	ld_help_string=`cd /; ld --help 2>&1`
-	ld_supported_emulations=`echo $ld_help_string \
-			 | sed -ne '/supported emulations:/!d
-				    s/[ 	][	]*/ /g
-				    s/.*supported emulations: *//
+	ld_supported_targets=`cd /; ld --help 2>&1 \
+			 | sed -ne '/supported targets:/!d
+				    s/[ 	][ 	]*/ /g
+				    s/.*supported targets: *//
 				    s/ .*//
 				    p'`
-	case "$ld_supported_emulations" in
-	  i?86linux)  echo "${UNAME_MACHINE}-pc-linux-gnuaout"      ; exit 0 ;;
-	  i?86coff)   echo "${UNAME_MACHINE}-pc-linux-gnucoff"      ; exit 0 ;;
-	  sparclinux) echo "${UNAME_MACHINE}-unknown-linux-gnuaout" ; exit 0 ;;
-	  armlinux)   echo "${UNAME_MACHINE}-unknown-linux-gnuaout" ; exit 0 ;;
-	  m68klinux)  echo "${UNAME_MACHINE}-unknown-linux-gnuaout" ; exit 0 ;;
-	  elf_s390)   echo "${UNAME_MACHINE}-ibm-linux-gnu"         ; exit 0 ;;
-	  elf32ppc)
-		# Determine Lib Version
-		cat >$dummy.c <<EOF
-#include <features.h>
-#if defined(__GLIBC__)
-extern char __libc_version[];
-extern char __libc_release[];
-#endif
-main(argc, argv)
-     int argc;
-     char *argv[];
-{
-#if defined(__GLIBC__)
-  printf("%s %s\n", __libc_version, __libc_release);
-#else
-  printf("unkown\n");
-#endif
-  return 0;
-}
-EOF
-		LIBC=""
-		$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null
-		if test "$?" = 0 ; then
-			./$dummy | grep 1\.99 > /dev/null
-			if test "$?" = 0 ; then
-				LIBC="libc1"
-			fi
-		fi
-		rm -f $dummy.c $dummy
-		echo powerpc-unknown-linux-gnu${LIBC} ; exit 0 ;;
+        case "$ld_supported_targets" in
+	  elf32-i386)
+		TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
+		;;
+	  a.out-i386-linux)
+		echo "${UNAME_MACHINE}-pc-linux-gnuaout"
+		exit 0 ;;		
+	  coff-i386)
+		echo "${UNAME_MACHINE}-pc-linux-gnucoff"
+		exit 0 ;;
+	  "")
+		# Either a pre-BFD a.out linker (linux-gnuoldld) or
+		# one that does not give us useful --help.
+		echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
+		exit 0 ;;
 	esac
-
-	if test "${UNAME_MACHINE}" = "alpha" ; then
-		sed 's/^        //'  <<EOF >$dummy.s
-		.globl main
-		.ent main
-	main:
-		.frame \$30,0,\$26,0
-		.prologue 0
-		.long 0x47e03d80 # implver $0
-		lda \$2,259
-		.long 0x47e20c21 # amask $2,$1
-		srl \$1,8,\$2
-		sll \$2,2,\$2
-		sll \$0,3,\$0
-		addl \$1,\$0,\$0
-		addl \$2,\$0,\$0
-		ret \$31,(\$26),1
-		.end main
-EOF
-		LIBC=""
-		$CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null
-		if test "$?" = 0 ; then
-			./$dummy
-			case "$?" in
-			7)
-				UNAME_MACHINE="alpha"
-				;;
-			15)
-				UNAME_MACHINE="alphaev5"
-				;;
-			14)
-				UNAME_MACHINE="alphaev56"
-				;;
-			10)
-				UNAME_MACHINE="alphapca56"
-				;;
-			16)
-				UNAME_MACHINE="alphaev6"
-				;;
-			esac
-
-			objdump --private-headers $dummy | \
-			  grep ld.so.1 > /dev/null
-			if test "$?" = 0 ; then
-				LIBC="libc1"
-			fi
-		fi
-		rm -f $dummy.s $dummy
-		echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} ; exit 0
-	elif test "${UNAME_MACHINE}" = "mips" ; then
-	  cat >$dummy.c <<EOF
-#ifdef __cplusplus
-	int main (int argc, char *argv[]) {
-#else
-	int main (argc, argv) int argc; char *argv[]; {
-#endif
-#ifdef __MIPSEB__
-  printf ("%s-unknown-linux-gnu\n", argv[1]);
-#endif
-#ifdef __MIPSEL__
-  printf ("%sel-unknown-linux-gnu\n", argv[1]);
-#endif
-  return 0;
-}
-EOF
-	  $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm $dummy.c $dummy && exit 0
-	  rm -f $dummy.c $dummy
-	else
-	  # Either a pre-BFD a.out linker (linux-gnuoldld)
-	  # or one that does not give us useful --help.
-	  # GCC wants to distinguish between linux-gnuoldld and linux-gnuaout.
-	  # If ld does not provide *any* "supported emulations:"
-	  # that means it is gnuoldld.
-	  echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations:"
-	  test $? != 0 && echo "${UNAME_MACHINE}-pc-linux-gnuoldld" && exit 0
-
-	  case "${UNAME_MACHINE}" in
-	  i?86)
-	    VENDOR=pc;
-	    ;;
-	  *)
-	    VENDOR=unknown;
-	    ;;
-	  esac
-	  # Determine whether the default compiler is a.out or elf
-	  cat >$dummy.c <<EOF
+	# Determine whether the default compiler is a.out or elf
+	eval $set_cc_for_build
+	cat >$dummy.c <<EOF
 #include <features.h>
 #ifdef __cplusplus
+#include <stdio.h>  /* for printf() prototype */
 	int main (int argc, char *argv[]) {
 #else
 	int main (argc, argv) int argc; char *argv[]; {
@@ -771,51 +863,54 @@ EOF
 #ifdef __ELF__
 # ifdef __GLIBC__
 #  if __GLIBC__ >= 2
-    printf ("%s-${VENDOR}-linux-gnu\n", argv[1]);
+    printf ("%s-pc-linux-gnu\n", argv[1]);
 #  else
-    printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]);
+    printf ("%s-pc-linux-gnulibc1\n", argv[1]);
 #  endif
 # else
-   printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]);
+   printf ("%s-pc-linux-gnulibc1\n", argv[1]);
 # endif
 #else
-  printf ("%s-${VENDOR}-linux-gnuaout\n", argv[1]);
+  printf ("%s-pc-linux-gnuaout\n", argv[1]);
 #endif
   return 0;
 }
 EOF
-	  $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm $dummy.c $dummy && exit 0
-	  rm -f $dummy.c $dummy
-	fi ;;
-# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.  earlier versions
-# are messed up and put the nodename in both sysname and nodename.
-    i?86:DYNIX/ptx:4*:*)
+	$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm -f $dummy.c $dummy && exit 0
+	rm -f $dummy.c $dummy
+	test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0
+	;;
+    i*86:DYNIX/ptx:4*:*)
+	# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
+	# earlier versions are messed up and put the nodename in both
+	# sysname and nodename.
 	echo i386-sequent-sysv4
 	exit 0 ;;
-    i?86:UNIX_SV:4.2MP:2.*)
-	# Unixware is an offshoot of SVR4, but it has its own version
-	# number series starting with 2...
-	# I am not positive that other SVR4 systems won't match this,
-	# I just have to hope.	-- rms.
-	# Use sysv4.2uw... so that sysv4* matches it.
+    i*86:UNIX_SV:4.2MP:2.*)
+        # Unixware is an offshoot of SVR4, but it has its own version
+        # number series starting with 2...
+        # I am not positive that other SVR4 systems won't match this,
+	# I just have to hope.  -- rms.
+        # Use sysv4.2uw... so that sysv4* matches it.
 	echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
 	exit 0 ;;
-    i?86:*:4.*:* | i?86:SYSTEM_V:4.*:*)
+    i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*)
+	UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'`
 	if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
-		echo ${UNAME_MACHINE}-univel-sysv${UNAME_RELEASE}
+		echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL}
 	else
-		echo ${UNAME_MACHINE}-pc-sysv${UNAME_RELEASE}
+		echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL}
 	fi
 	exit 0 ;;
-    i?86:*:5:7*)
-	UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')`
-	(/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486
-	(/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) && UNAME_MACHINE=i586
-	(/bin/uname -X|egrep '^Machine.*Pent.*II' >/dev/null) && UNAME_MACHINE=i686
-	(/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) && UNAME_MACHINE=i585
-	echo ${UNAME_MACHINE}-${UNAME_SYSTEM}${UNAME_VERSION}-sysv${UNAME_RELEASE}
+    i*86:*:5:[78]*)
+	case `/bin/uname -X | grep "^Machine"` in
+	    *486*)	     UNAME_MACHINE=i486 ;;
+	    *Pentium)	     UNAME_MACHINE=i586 ;;
+	    *Pent*|*Celeron) UNAME_MACHINE=i686 ;;
+	esac
+	echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION}
 	exit 0 ;;
-    i?86:*:3.2:*)
+    i*86:*:3.2:*)
 	if test -f /usr/options/cb.name; then
 		UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
 		echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
@@ -833,11 +928,15 @@ EOF
 		echo ${UNAME_MACHINE}-pc-sysv32
 	fi
 	exit 0 ;;
+    i*86:*DOS:*:*)
+	echo ${UNAME_MACHINE}-pc-msdosdjgpp
+	exit 0 ;;
     pc:*:*:*)
-	# uname -m prints for DJGPP always 'pc', but it prints nothing about
-	# the processor, so we play safe by assuming i386.
+	# Left here for compatibility:
+        # uname -m prints for DJGPP always 'pc', but it prints nothing about
+        # the processor, so we play safe by assuming i386.
 	echo i386-pc-msdosdjgpp
-	exit 0 ;;
+        exit 0 ;;
     Intel:Mach:3*:*)
 	echo i386-pc-mach3
 	exit 0 ;;
@@ -857,7 +956,7 @@ EOF
 	exit 0 ;;
     M68*:*:R3V[567]*:*)
 	test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
-    3[34]??:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0)
+    3[34]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0)
 	OS_REL=''
 	test -r /etc/.relid \
 	&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
@@ -866,23 +965,26 @@ EOF
 	/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
 	  && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;;
     3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
-	/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
-	  && echo i486-ncr-sysv4 && exit 0 ;;
-    m68*:LynxOS:2.*:*)
+        /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+          && echo i486-ncr-sysv4 && exit 0 ;;
+    m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
 	echo m68k-unknown-lynxos${UNAME_RELEASE}
 	exit 0 ;;
     mc68030:UNIX_System_V:4.*:*)
 	echo m68k-atari-sysv4
 	exit 0 ;;
-    i?86:LynxOS:2.*:* | i?86:LynxOS:3.[01]*:*)
+    i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
 	echo i386-unknown-lynxos${UNAME_RELEASE}
 	exit 0 ;;
     TSUNAMI:LynxOS:2.*:*)
 	echo sparc-unknown-lynxos${UNAME_RELEASE}
 	exit 0 ;;
-    rs6000:LynxOS:2.*:* | PowerPC:LynxOS:2.*:*)
+    rs6000:LynxOS:2.*:*)
 	echo rs6000-unknown-lynxos${UNAME_RELEASE}
 	exit 0 ;;
+    PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
+	echo powerpc-unknown-lynxos${UNAME_RELEASE}
+	exit 0 ;;
     SM[BE]S:UNIX_SV:*:*)
 	echo mips-dde-sysv${UNAME_RELEASE}
 	exit 0 ;;
@@ -900,10 +1002,10 @@ EOF
 		echo ns32k-sni-sysv
 	fi
 	exit 0 ;;
-    PENTIUM:CPunix:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
-			   # says <[email protected]>
-	echo i586-unisys-sysv4
-	exit 0 ;;
+    PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+                      # says <[email protected]>
+        echo i586-unisys-sysv4
+        exit 0 ;;
     *:UNIX_System_V:4*:FTX*)
 	# From Gerald Hewes <[email protected]>.
 	# How about differentiating between stratus architectures? -djm
@@ -913,19 +1015,23 @@ EOF
 	# From [email protected].
 	echo i860-stratus-sysv4
 	exit 0 ;;
+    *:VOS:*:*)
+	# From [email protected].
+	echo hppa1.1-stratus-vos
+	exit 0 ;;
     mc68*:A/UX:*:*)
 	echo m68k-apple-aux${UNAME_RELEASE}
 	exit 0 ;;
-    news*:NEWS-OS:*:6*)
+    news*:NEWS-OS:6*:*)
 	echo mips-sony-newsos6
 	exit 0 ;;
     R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
 	if [ -d /usr/nec ]; then
-		echo mips-nec-sysv${UNAME_RELEASE}
+	        echo mips-nec-sysv${UNAME_RELEASE}
 	else
-		echo mips-unknown-sysv${UNAME_RELEASE}
+	        echo mips-unknown-sysv${UNAME_RELEASE}
 	fi
-	exit 0 ;;
+        exit 0 ;;
     BeBox:BeOS:*:*)	# BeOS running on hardware made by Be, PPC only.
 	echo powerpc-be-beos
 	exit 0 ;;
@@ -947,11 +1053,76 @@ EOF
     *:Rhapsody:*:*)
 	echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
 	exit 0 ;;
+    *:Darwin:*:*)
+	echo `uname -p`-apple-darwin${UNAME_RELEASE}
+	exit 0 ;;
+    *:procnto*:*:* | *:QNX:[0123456789]*:*)
+	if test "${UNAME_MACHINE}" = "x86pc"; then
+		UNAME_MACHINE=pc
+	fi
+	echo `uname -p`-${UNAME_MACHINE}-nto-qnx
+	exit 0 ;;
+    *:QNX:*:4*)
+	echo i386-pc-qnx
+	exit 0 ;;
+    NSR-[KW]:NONSTOP_KERNEL:*:*)
+	echo nsr-tandem-nsk${UNAME_RELEASE}
+	exit 0 ;;
+    *:NonStop-UX:*:*)
+	echo mips-compaq-nonstopux
+	exit 0 ;;
+    BS2000:POSIX*:*:*)
+	echo bs2000-siemens-sysv
+	exit 0 ;;
+    DS/*:UNIX_System_V:*:*)
+	echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE}
+	exit 0 ;;
+    *:Plan9:*:*)
+	# "uname -m" is not consistent, so use $cputype instead. 386
+	# is converted to i386 for consistency with other x86
+	# operating systems.
+	if test "$cputype" = "386"; then
+	    UNAME_MACHINE=i386
+	else
+	    UNAME_MACHINE="$cputype"
+	fi
+	echo ${UNAME_MACHINE}-unknown-plan9
+	exit 0 ;;
+    i*86:OS/2:*:*)
+	# If we were able to find `uname', then EMX Unix compatibility
+	# is probably installed.
+	echo ${UNAME_MACHINE}-pc-os2-emx
+	exit 0 ;;
+    *:TOPS-10:*:*)
+	echo pdp10-unknown-tops10
+	exit 0 ;;
+    *:TENEX:*:*)
+	echo pdp10-unknown-tenex
+	exit 0 ;;
+    KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*)
+	echo pdp10-dec-tops20
+	exit 0 ;;
+    XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*)
+	echo pdp10-xkl-tops20
+	exit 0 ;;
+    *:TOPS-20:*:*)
+	echo pdp10-unknown-tops20
+	exit 0 ;;
+    *:ITS:*:*)
+	echo pdp10-unknown-its
+	exit 0 ;;
+    i*86:XTS-300:*:STOP)
+	echo ${UNAME_MACHINE}-unknown-stop
+	exit 0 ;;
+    i*86:atheos:*:*)
+	echo ${UNAME_MACHINE}-unknown-atheos
+	exit 0 ;;
 esac
 
 #echo '(No uname command or uname output not recognized.)' 1>&2
 #echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
 
+eval $set_cc_for_build
 cat >$dummy.c <<EOF
 #ifdef _SEQUENT_
 # include <sys/types.h>
@@ -968,11 +1139,11 @@ main ()
 #include <sys/param.h>
   printf ("m68k-sony-newsos%s\n",
 #ifdef NEWSOS4
-	  "4"
+          "4"
 #else
 	  ""
 #endif
-	 ); exit (0);
+         ); exit (0);
 #endif
 #endif
 
@@ -1038,26 +1209,35 @@ main ()
 #endif
 
 #if defined (vax)
-#if !defined (ultrix)
-  printf ("vax-dec-bsd\n"); exit (0);
-#else
-  printf ("vax-dec-ultrix\n"); exit (0);
-#endif
+# if !defined (ultrix)
+#  include <sys/param.h>
+#  if defined (BSD)
+#   if BSD == 43
+      printf ("vax-dec-bsd4.3\n"); exit (0);
+#   else
+#    if BSD == 199006
+      printf ("vax-dec-bsd4.3reno\n"); exit (0);
+#    else
+      printf ("vax-dec-bsd\n"); exit (0);
+#    endif
+#   endif
+#  else
+    printf ("vax-dec-bsd\n"); exit (0);
+#  endif
+# else
+    printf ("vax-dec-ultrix\n"); exit (0);
+# endif
 #endif
 
 #if defined (alliant) && defined (i860)
   printf ("i860-alliant-bsd\n"); exit (0);
 #endif
 
-#if defined(__EMX__)
-  printf ("i386-pc-os2_emx"); exit(0);
-#endif
-
   exit (1);
 }
 EOF
 
-$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy && rm $dummy.c $dummy && exit 0
+$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy && rm -f $dummy.c $dummy && exit 0
 rm -f $dummy.c $dummy
 
 # Apollos put the system type in the environment.
@@ -1090,6 +1270,48 @@ then
     esac
 fi
 
-#echo '(Unable to guess system type)' 1>&2
+cat >&2 <<EOF
+$0: unable to guess system type
+
+This script, last modified $timestamp, has failed to recognize
+the operating system you are using. It is advised that you
+download the most up to date version of the config scripts from
+
+    ftp://ftp.gnu.org/pub/gnu/config/
+
+If the version you run ($0) is already up to date, please
+send the following data and any information you think might be
+pertinent to <[email protected]> in order to provide the needed
+information to handle your system.
+
+config.guess timestamp = $timestamp
+
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null`
+/bin/uname -X     = `(/bin/uname -X) 2>/dev/null`
+
+hostinfo               = `(hostinfo) 2>/dev/null`
+/bin/universe          = `(/bin/universe) 2>/dev/null`
+/usr/bin/arch -k       = `(/usr/bin/arch -k) 2>/dev/null`
+/bin/arch              = `(/bin/arch) 2>/dev/null`
+/usr/bin/oslevel       = `(/usr/bin/oslevel) 2>/dev/null`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null`
+
+UNAME_MACHINE = ${UNAME_MACHINE}
+UNAME_RELEASE = ${UNAME_RELEASE}
+UNAME_SYSTEM  = ${UNAME_SYSTEM}
+UNAME_VERSION = ${UNAME_VERSION}
+EOF
 
 exit 1
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/scripts/config.sub b/scripts/config.sub
index 0159f7208..393f13d37 100755
--- a/scripts/config.sub
+++ b/scripts/config.sub
@@ -1,6 +1,10 @@
 #! /bin/sh
-# Configuration validation subroutine script, version 1.1.
-#   Copyright (C) 1991, 92-97, 1998, 1999 Free Software Foundation, Inc.
+# Configuration validation subroutine script.
+#   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
+#   Free Software Foundation, Inc.
+
+timestamp='2001-09-07'
+
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
 # can handle that machine.  It does not imply ALL GNU software can.
@@ -12,7 +16,7 @@
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
@@ -25,6 +29,8 @@
 # configuration script generated by Autoconf, you may include it under
 # the same distribution terms that you use for the rest of that program.
 
+# Please send patches to <[email protected]>.
+#
 # Configuration subroutine to validate and canonicalize a configuration type.
 # Supply the specified configuration type as an argument.
 # If it is invalid, we print an error message on stderr and exit with code 1.
@@ -34,7 +40,7 @@
 # and recognize all the CPU types, system types and aliases
 # that are meaningful with *any* GNU software.
 # Each package is responsible for reporting which valid configurations
-# it does not support.	The user should be able to distinguish
+# it does not support.  The user should be able to distinguish
 # a failure to support a valid configuration from a meaningless
 # configuration.
 
@@ -45,30 +51,73 @@
 #	CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
 # It is wrong to echo any other type of specification.
 
-if [ x$1 = x ]
-then
-	echo Configuration name missing. 1>&2
-	echo "Usage: $0 CPU-MFR-OPSYS" 1>&2
-	echo "or     $0 ALIAS" 1>&2
-	echo where ALIAS is a recognized configuration type. 1>&2
-	exit 1
-fi
+me=`echo "$0" | sed -e 's,.*/,,'`
 
-# First pass through any local machine types.
-case $1 in
-	*local*)
-		echo $1
-		exit 0
-		;;
-	*)
-	;;
+usage="\
+Usage: $0 [OPTION] CPU-MFR-OPSYS
+       $0 [OPTION] ALIAS
+
+Canonicalize a configuration name.
+
+Operation modes:
+  -h, --help         print this help, then exit
+  -t, --time-stamp   print date of last modification, then exit
+  -v, --version      print version number, then exit
+
+Report bugs and patches to <[email protected]>."
+
+version="\
+GNU config.sub ($timestamp)
+
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
+Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+  case $1 in
+    --time-stamp | --time* | -t )
+       echo "$timestamp" ; exit 0 ;;
+    --version | -v )
+       echo "$version" ; exit 0 ;;
+    --help | --h* | -h )
+       echo "$usage"; exit 0 ;;
+    -- )     # Stop option processing
+       shift; break ;;
+    - )	# Use stdin as input.
+       break ;;
+    -* )
+       echo "$me: invalid option $1$help"
+       exit 1 ;;
+
+    *local*)
+       # First pass through any local machine types.
+       echo $1
+       exit 0;;
+
+    * )
+       break ;;
+  esac
+done
+
+case $# in
+ 0) echo "$me: missing argument$help" >&2
+    exit 1;;
+ 1) ;;
+ *) echo "$me: too many arguments$help" >&2
+    exit 1;;
 esac
 
 # Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
 # Here we must recognize all the valid KERNEL-OS combinations.
 maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
 case $maybe_os in
-  linux-gnu*)
+  nto-qnx* | linux-gnu* | storm-chaos* | os2-emx* | windows32-*)
     os=-$maybe_os
     basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
     ;;
@@ -94,7 +143,7 @@ case $os in
 	-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
 	-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
 	-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-	-apple)
+	-apple | -axis)
 		os=
 		basic_machine=$1
 		;;
@@ -105,9 +154,17 @@ case $os in
 	-scout)
 		;;
 	-wrs)
-		os=vxworks
+		os=-vxworks
+		basic_machine=$1
+		;;
+	-chorusos*)
+		os=-chorusos
 		basic_machine=$1
 		;;
+ 	-chorusrdb)
+ 		os=-chorusrdb
+		basic_machine=$1
+ 		;;
 	-hiux*)
 		os=-hiuxwe2
 		;;
@@ -156,64 +213,105 @@ case $os in
 	-psos*)
 		os=-psos
 		;;
+	-mint | -mint[0-9]*)
+		basic_machine=m68k-atari
+		os=-mint
+		;;
 esac
 
 # Decode aliases for certain CPU-COMPANY combinations.
 case $basic_machine in
 	# Recognize the basic CPU types without company name.
 	# Some are omitted here because they have special meanings below.
-	tahoe | i860 | m32r | m68k | m68000 | m88k | ns32k | arc | arm \
-		| arme[lb] | pyramid | mn10200 | mn10300 | tron | a29k \
-		| 580 | i960 | h8300 \
-		| hppa | hppa1.0 | hppa1.1 | hppa2.0 | hppa2.0w | hppa2.0n \
-		| alpha | alphaev[4-7] | alphaev56 | alphapca5[67] | s390 \
-		| we32k | ns16k | clipper | i370 | sh | powerpc | powerpcle \
-		| 1750a | dsp16xx | pdp11 | mips16 | mips64 | mipsel | mips64el \
-		| mips64orion | mips64orionel | mipstx39 | mipstx39el \
-		| mips64vr4300 | mips64vr4300el | mips64vr4100 | mips64vr4100el \
-		| mips64vr5000 | miprs64vr5000el \
-		| sparc | sparclet | sparclite | sparc64 | sparcv9 | v850 | c4x \
-		| thumb | d10v)
+	1750a | 580 \
+	| a29k \
+	| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
+	| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
+	| c4x | clipper \
+	| d10v | d30v | dsp16xx \
+	| fr30 \
+	| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+	| i370 | i860 | i960 | ia64 \
+	| m32r | m68000 | m68k | m88k | mcore \
+	| mips16 | mips64 | mips64el | mips64orion | mips64orionel \
+	| mips64vr4100 | mips64vr4100el | mips64vr4300 \
+	| mips64vr4300el | mips64vr5000 | mips64vr5000el \
+	| mipsbe | mipseb | mipsel | mipsle | mipstx39 | mipstx39el \
+	| mipsisa32 \
+	| mn10200 | mn10300 \
+	| ns16k | ns32k \
+	| openrisc \
+	| pdp10 | pdp11 | pj | pjl \
+	| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
+	| pyramid \
+	| s390 | s390x \
+	| sh | sh[34] | sh[34]eb | shbe | shle \
+	| sparc | sparc64 | sparclet | sparclite | sparcv9 | sparcv9b \
+	| stormy16 | strongarm \
+	| tahoe | thumb | tic80 | tron \
+	| v850 \
+	| we32k \
+	| x86 | xscale \
+	| z8k)
 		basic_machine=$basic_machine-unknown
 		;;
-	m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | z8k | v70 | h8500 | w65)
+	m6811 | m68hc11 | m6812 | m68hc12)
+		# Motorola 68HC11/12.
+		basic_machine=$basic_machine-unknown
+		os=-none
+		;;
+	m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
 		;;
 
 	# We use `pc' rather than `unknown'
 	# because (1) that's what they normally are, and
 	# (2) the word "unknown" tends to confuse beginning users.
-	i[34567]86)
+	i*86 | x86_64)
 	  basic_machine=$basic_machine-pc
 	  ;;
-	s390 | s390-ibm)
-	  basic_machine=s390-ibm
-	  ;;
-	s390-redhat)
-	  basic_machine=s390-redhat
-	  ;;
 	# Object if more than one company name word.
 	*-*-*)
 		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
 		exit 1
 		;;
 	# Recognize the basic CPU types with company name.
-	vax-* | tahoe-* | i[34567]86-* | i860-* | m32r-* | m68k-* | m68000-* \
-	      | m88k-* | sparc-* | ns32k-* | fx80-* | arc-* | arm-* | c[123]* \
-	      | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* \
-	      | power-* | none-* | 580-* | cray2-* | h8300-* | h8500-* | i960-* \
-	      | xmp-* | ymp-* \
-	      | hppa-* | hppa1.0-* | hppa1.1-* | hppa2.0-* | hppa2.0w-* | hppa2.0n-* \
-	      | alpha-* | alphaev[4-7]-* | alphaev56-* | alphapca5[67]-* \
-	      | we32k-* | cydra-* | ns16k-* | pn-* | np1-* | xps100-* \
-	      | clipper-* | orion-* \
-	      | sparclite-* | pdp11-* | sh-* | powerpc-* | powerpcle-* \
-	      | sparc64-* | sparcv9-* | sparc86x-* | mips16-* | mips64-* | mipsel-* \
-	      | mips64el-* | mips64orion-* | mips64orionel-* \
-	      | mips64vr4100-* | mips64vr4100el-* | mips64vr4300-* | mips64vr4300el-* \
-	      | mipstx39-* | mipstx39el-* \
-	      | f301-* | armv*-* | t3e-* \
-	      | m88110-* | m680[01234]0-* | m683?2-* | m68360-* | z8k-* | d10v-* \
-	      | thumb-* | v850-* | d30v-* | tic30-* | c30-* )
+	580-* \
+	| a29k-* \
+	| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
+	| alphapca5[67]-* | arc-* \
+	| arm-*  | armbe-* | armle-* | armv*-* \
+	| bs2000-* \
+	| c[123]* | c30-* | [cjt]90-* | c54x-* \
+	| clipper-* | cray2-* | cydra-* \
+	| d10v-* | d30v-* \
+	| elxsi-* \
+	| f30[01]-* | f700-* | fr30-* | fx80-* \
+	| h8300-* | h8500-* \
+	| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+	| i*86-* | i860-* | i960-* | ia64-* \
+	| m32r-* \
+	| m68000-* | m680[01234]0-* | m68360-* | m683?2-* | m68k-* \
+	| m88110-* | m88k-* | mcore-* \
+	| mips-* | mips16-* | mips64-* | mips64el-* | mips64orion-* \
+	| mips64orionel-* | mips64vr4100-* | mips64vr4100el-* \
+	| mips64vr4300-* | mips64vr4300el-* | mipsbe-* | mipseb-* \
+	| mipsle-* | mipsel-* | mipstx39-* | mipstx39el-* \
+	| none-* | np1-* | ns16k-* | ns32k-* \
+	| orion-* \
+	| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
+	| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
+	| pyramid-* \
+	| romp-* | rs6000-* \
+	| s390-* | s390x-* \
+	| sh-* | sh[34]-* | sh[34]eb-* | shbe-* | shle-* \
+	| sparc-* | sparc64-* | sparc86x-* | sparclite-* \
+	| sparcv9-* | sparcv9b-* | stormy16-* | strongarm-* | sv1-* \
+	| t3e-* | tahoe-* | thumb-* | tic30-* | tic54x-* | tic80-* | tron-* \
+	| v850-* | vax-* \
+	| we32k-* \
+	| x86-* | x86_64-* | xmp-* | xps100-* | xscale-* \
+	| ymp-* \
+	| z8k-*)
 		;;
 	# Recognize the various machine names and aliases which stand
 	# for a CPU type and a company and sometimes even an OS.
@@ -250,14 +348,14 @@ case $basic_machine in
 		os=-sysv
 		;;
 	amiga | amiga-*)
-		basic_machine=m68k-cbm
+		basic_machine=m68k-unknown
 		;;
 	amigaos | amigados)
-		basic_machine=m68k-cbm
+		basic_machine=m68k-unknown
 		os=-amigaos
 		;;
 	amigaunix | amix)
-		basic_machine=m68k-cbm
+		basic_machine=m68k-unknown
 		os=-sysv4
 		;;
 	apollo68)
@@ -304,13 +402,16 @@ case $basic_machine in
 		basic_machine=cray2-cray
 		os=-unicos
 		;;
-	[ctj]90-cray)
-		basic_machine=c90-cray
+	[cjt]90)
+		basic_machine=${basic_machine}-cray
 		os=-unicos
 		;;
 	crds | unos)
 		basic_machine=m68k-crds
 		;;
+	cris | cris-* | etrax*)
+		basic_machine=cris-axis
+		;;
 	da30 | da30-*)
 		basic_machine=m68k-da30
 		;;
@@ -358,6 +459,10 @@ case $basic_machine in
 		basic_machine=tron-gmicro
 		os=-sysv
 		;;
+	go32)
+		basic_machine=i386-pc
+		os=-go32
+		;;
 	h3050r* | hiux*)
 		basic_machine=hppa1.1-hitachi
 		os=-hiuxwe2
@@ -431,22 +536,21 @@ case $basic_machine in
 		;;
 	i370-ibm* | ibm*)
 		basic_machine=i370-ibm
-		os=-mvs
 		;;
 # I'm not sure what "Sysv32" means.  Should this be sysv3.2?
-	i[34567]86v32)
+	i*86v32)
 		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
 		os=-sysv32
 		;;
-	i[34567]86v4*)
+	i*86v4*)
 		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
 		os=-sysv4
 		;;
-	i[34567]86v)
+	i*86v)
 		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
 		os=-sysv
 		;;
-	i[34567]86sol2)
+	i*86sol2)
 		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
 		os=-solaris2
 		;;
@@ -458,14 +562,6 @@ case $basic_machine in
 		basic_machine=i386-unknown
 		os=-vsta
 		;;
-	i386-go32 | go32)
-		basic_machine=i386-unknown
-		os=-go32
-		;;
-	i386-mingw32 | mingw32)
-		basic_machine=i386-unknown
-		os=-mingw32
-		;;
 	iris | iris4d)
 		basic_machine=mips-sgi
 		case $os in
@@ -491,10 +587,14 @@ case $basic_machine in
 		basic_machine=ns32k-utek
 		os=-sysv
 		;;
+	mingw32)
+		basic_machine=i386-pc
+		os=-mingw32
+		;;
 	miniframe)
 		basic_machine=m68000-convergent
 		;;
-	*mint | *MiNT)
+	*mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*)
 		basic_machine=m68k-atari
 		os=-mint
 		;;
@@ -512,14 +612,22 @@ case $basic_machine in
 	mips3*)
 		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
 		;;
+	mmix*)
+		basic_machine=mmix-knuth
+		os=-mmixware
+		;;
 	monitor)
 		basic_machine=m68k-rom68k
 		os=-coff
 		;;
 	msdos)
-		basic_machine=i386-unknown
+		basic_machine=i386-pc
 		os=-msdos
 		;;
+	mvs)
+		basic_machine=i370-ibm
+		os=-mvs
+		;;
 	ncr3000)
 		basic_machine=i486-ncr
 		os=-sysv4
@@ -529,7 +637,7 @@ case $basic_machine in
 		os=-netbsd
 		;;
 	netwinder)
-		basic_machine=armv4l-corel
+		basic_machine=armv4l-rebel
 		os=-linux
 		;;
 	news | news700 | news800 | news900)
@@ -577,9 +685,16 @@ case $basic_machine in
 		basic_machine=i960-intel
 		os=-mon960
 		;;
+	nonstopux)
+		basic_machine=mips-compaq
+		os=-nonstopux
+		;;
 	np1)
 		basic_machine=np1-gould
 		;;
+	nsr-tandem)
+		basic_machine=nsr-tandem
+		;;
 	op50n-* | op60c-*)
 		basic_machine=hppa1.1-oki
 		os=-proelf
@@ -606,45 +721,59 @@ case $basic_machine in
 	pbb)
 		basic_machine=m68k-tti
 		;;
-	pc532 | pc532-*)
+        pc532 | pc532-*)
 		basic_machine=ns32k-pc532
 		;;
-	pentium | p5 | k5 | k6 | nexen)
+	pentium | p5 | k5 | k6 | nexgen)
 		basic_machine=i586-pc
 		;;
-	pentiumpro | p6 | 6x86)
+	pentiumpro | p6 | 6x86 | athlon)
 		basic_machine=i686-pc
 		;;
 	pentiumii | pentium2)
-		basic_machine=i786-pc
+		basic_machine=i686-pc
 		;;
-	pentium-* | p5-* | k5-* | k6-* | nexen-*)
+	pentium-* | p5-* | k5-* | k6-* | nexgen-*)
 		basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
 		;;
-	pentiumpro-* | p6-* | 6x86-*)
+	pentiumpro-* | p6-* | 6x86-* | athlon-*)
 		basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
 		;;
 	pentiumii-* | pentium2-*)
-		basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
+		basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
 		;;
 	pn)
 		basic_machine=pn-gould
 		;;
-	power)	basic_machine=rs6000-ibm
+	power)	basic_machine=power-ibm
 		;;
 	ppc)	basic_machine=powerpc-unknown
-		;;
+	        ;;
 	ppc-*)	basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
 		;;
 	ppcle | powerpclittle | ppc-le | powerpc-little)
 		basic_machine=powerpcle-unknown
-		;;
+	        ;;
 	ppcle-* | powerpclittle-*)
 		basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
 		;;
+	ppc64)	basic_machine=powerpc64-unknown
+	        ;;
+	ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppc64le | powerpc64little | ppc64-le | powerpc64-little)
+		basic_machine=powerpc64le-unknown
+	        ;;
+	ppc64le-* | powerpc64little-*)
+		basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
 	ps2)
 		basic_machine=i386-ibm
 		;;
+	pw32)
+		basic_machine=i586-unknown
+		os=-pw32
+		;;
 	rom68k)
 		basic_machine=m68k-rom68k
 		os=-coff
@@ -724,6 +853,10 @@ case $basic_machine in
 	sun386 | sun386i | roadrunner)
 		basic_machine=i386-sun
 		;;
+	sv1)
+		basic_machine=sv1-cray
+		os=-unicos
+		;;
 	symmetry)
 		basic_machine=i386-sequent
 		os=-dynix
@@ -732,6 +865,10 @@ case $basic_machine in
 		basic_machine=t3e-cray
 		os=-unicos
 		;;
+	tic54x | c54x*)
+		basic_machine=tic54x-unknown
+		os=-coff
+		;;
 	tx39)
 		basic_machine=mipstx39-unknown
 		;;
@@ -762,8 +899,8 @@ case $basic_machine in
 		os=-vms
 		;;
 	vpp*|vx|vx-*)
-	       basic_machine=f301-fujitsu
-	       ;;
+               basic_machine=f301-fujitsu
+               ;;
 	vxworks960)
 		basic_machine=i960-wrs
 		os=-vxworks
@@ -784,11 +921,15 @@ case $basic_machine in
 		basic_machine=hppa1.1-winbond
 		os=-proelf
 		;;
+	windows32)
+		basic_machine=i386-pc
+		os=-windows32-msvcrt
+		;;
 	xmp)
 		basic_machine=xmp-cray
 		os=-unicos
 		;;
-	xps | xps100)
+        xps | xps100)
 		basic_machine=xps100-honeywell
 		;;
 	z8k-*-coff)
@@ -827,16 +968,23 @@ case $basic_machine in
 	vax)
 		basic_machine=vax-dec
 		;;
+	pdp10)
+		# there are many clones, so DEC is not a safe bet
+		basic_machine=pdp10-unknown
+		;;
 	pdp11)
 		basic_machine=pdp11-dec
 		;;
 	we32k)
 		basic_machine=we32k-att
 		;;
-	sparc | sparcv9)
+	sh3 | sh4 | sh3eb | sh4eb)
+		basic_machine=sh-unknown
+		;;
+	sparc | sparcv9 | sparcv9b)
 		basic_machine=sparc-sun
 		;;
-	cydra)
+        cydra)
 		basic_machine=cydra-cydrome
 		;;
 	orion)
@@ -855,6 +1003,9 @@ case $basic_machine in
 		basic_machine=c4x-none
 		os=-coff
 		;;
+	*-unknown)
+		# Make sure to match an already-canonicalized machine name.
+		;;
 	*)
 		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
 		exit 1
@@ -878,8 +1029,8 @@ esac
 if [ x"$os" != x"" ]
 then
 case $os in
-	# First match some system type aliases
-	# that might get confused with valid system types.
+        # First match some system type aliases
+        # that might get confused with valid system types.
 	# -solaris* is a basic system type, with this one exception.
 	-solaris1 | -solaris1.*)
 		os=`echo $os | sed -e 's|solaris1|sunos4|'`
@@ -887,9 +1038,6 @@ case $os in
 	-solaris)
 		os=-solaris2
 		;;
-	-qnx)
-		os=-qnx
-		;;
 	-svr4*)
 		os=-sysv4
 		;;
@@ -914,14 +1062,30 @@ case $os in
 	      | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
 	      | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
 	      | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
+	      | -chorusos* | -chorusrdb* \
 	      | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
 	      | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \
-	      | -interix* | -uwin* | -rhapsody* | -openstep* | -oskit*)
+	      | -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \
+	      | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
+	      | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
+	      | -os2* | -vos*)
 	# Remember, each alternative MUST END IN *, to match a version number.
 		;;
+	-qnx*)
+		case $basic_machine in
+		    x86-* | i*86-*)
+			;;
+		    *)
+			os=-nto$os
+			;;
+		esac
+		;;
+	-nto*)
+		os=-nto-qnx
+		;;
 	-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
 	      | -windows* | -osx | -abug | -netware* | -os9* | -beos* \
-	      | -macos* | -mpw* | -magic* | -mon960* | -lnews*)
+	      | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
 		;;
 	-mac*)
 		os=`echo $os | sed -e 's|mac|macos|'`
@@ -935,6 +1099,12 @@ case $os in
 	-sunos6*)
 		os=`echo $os | sed -e 's|sunos6|solaris3|'`
 		;;
+	-opened*)
+		os=-openedition
+		;;
+	-wince*)
+		os=-wince
+		;;
 	-osfrose*)
 		os=-osfrose
 		;;
@@ -957,7 +1127,10 @@ case $os in
 		os=-sysv
 		;;
 	-ns2 )
-		os=-nextstep2
+	        os=-nextstep2
+		;;
+	-nsk*)
+		os=-nsk
 		;;
 	# Preserve the version number of sinix5.
 	-sinix5.*)
@@ -993,8 +1166,8 @@ case $os in
 	-xenix)
 		os=-xenix
 		;;
-	-*mint | -*MiNT)
-		os=-mint
+        -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+	        os=-mint
 		;;
 	-none)
 		;;
@@ -1021,13 +1194,16 @@ case $basic_machine in
 	*-acorn)
 		os=-riscix1.2
 		;;
-	arm*-corel)
+	arm*-rebel)
 		os=-linux
 		;;
 	arm*-semi)
 		os=-aout
 		;;
-	pdp11-*)
+	pdp10-*)
+		os=-tops20
+		;;
+        pdp11-*)
 		os=-none
 		;;
 	*-dec | vax-*)
@@ -1117,25 +1293,25 @@ case $basic_machine in
 	*-next)
 		os=-nextstep3
 		;;
-	*-gould)
+        *-gould)
 		os=-sysv
 		;;
-	*-highlevel)
+        *-highlevel)
 		os=-bsd
 		;;
 	*-encore)
 		os=-bsd
 		;;
-	*-sgi)
+        *-sgi)
 		os=-irix
 		;;
-	*-siemens)
+        *-siemens)
 		os=-sysv4
 		;;
 	*-masscomp)
 		os=-rtu
 		;;
-	f301-fujitsu)
+	f30[01]-fujitsu | f700-fujitsu)
 		os=-uxpv
 		;;
 	*-rom68k)
@@ -1195,7 +1371,7 @@ case $basic_machine in
 			-genix*)
 				vendor=ns
 				;;
-			-mvs*)
+			-mvs* | -opened*)
 				vendor=ibm
 				;;
 			-ptx*)
@@ -1213,12 +1389,23 @@ case $basic_machine in
 			-mpw* | -macos*)
 				vendor=apple
 				;;
-			-*mint | -*MiNT)
+			-*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
 				vendor=atari
 				;;
+			-vos*)
+				vendor=stratus
+				;;
 		esac
 		basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
 		;;
 esac
 
 echo $basic_machine$os
+exit 0
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/scripts/db2html.in b/scripts/db2html.in
deleted file mode 100755
index ba35afbc1..000000000
--- a/scripts/db2html.in
+++ /dev/null
@@ -1,151 +0,0 @@
-#!/bin/sh
-# db2html.in - Docbook to HTML rendering (wk 2000-02-15)
-#
-#	Copyright (C) 2000 Free Software Foundation
-#
-# This is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
-
-nosplit=no
-copyfiles=no
-stylesheet=@DSL_FOR_HTML@
-JADE=@JADE@
-
-usage () {
-    echo 'usage: db2html [--nosplit] [--copyfiles] filename' >&2
-    exit 1
-}
-
-
-while test "`echo $1 | head -c1`" = "-"; do
-    case $1 in
-      --version)
-	cat <<EOF
-db2html 0.5
-Copyright (C) 2000 Free Software Foundation, Inc.
-This is free software; see the source for copying conditions.  There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-
-stylesteet: $stylesheet
-EOF
-	exit 0
-	;;
-      --help|-h|-help)
-	usage
-	;;
-      --nosplit)
-	nosplit=yes
-	;;
-      --copyfiles)
-	copyfiles=yes
-	;;
-      --)
-	shift
-	break
-	;;
-      *)
-	echo "invalid option $1" >&2
-	exit 1
-	;;
-    esac
-    shift
-done
-
-if test $# = 1; then
-   input="$1"
-else
-   usage
-fi
-
-# grep the document type
-doctype=`grep -i '\<doctype' $input|awk 'NR==1 {print $2}'| tr '[A-Z]' '[a-z]'`
-if test -z $doctype; then
-    doctype=book
-    echo "no DOCTYPE found - assuming '$doctype'" >&2
-else
-    echo "DOCTYPE is '$doctype'" >&2
-fi
-
-output="`basename $input| sed 's/\.sgml$//'`.html"
-
-
-if test $nosplit = yes; then
-    echo "running jade on '$input' ..." >&2
-    $JADE -d $stylesheet -t sgml -i html -V nochunks $input > $output
-    echo "$output created"
-    exit 0
-fi
-
-if test -d html ; then
-    :
-else
-    if mkdir html; then
-	echo "'html' directory created" >&2
-    else
-	echo "failed to create 'html' directory" >&2
-	exit 1
-    fi
-fi
-
-outputdir="html/`basename $input| sed 's/\.sgml$//'`"
-
-if test -d $outputdir ; then
-    :
-else
-    if mkdir $outputdir; then
-	echo "'$outputdir' created" >&2
-    else
-	echo "failed to create '$outputdir'" >&2
-	exit 1
-    fi
-fi
-echo "creating html pages in '$outputdir' ..." >&2
-if test "$input" = "`basename $input`"; then
-    inp="../../$input"
-else
-    inp="$input"
-fi
-echo "running jade on '$inp' ..." >&2
-(cd $outputdir && $JADE -t sgml -i html -d $stylesheet $inp )
-echo "html version in '$outputdir' created" >&2
-
-# break out all filerefs and copy them to the outputdirectory
-# fixme: handling of path components is wrong
-if test $copyfiles = yes; then
-    echo "looking for filerefs ..." >&2
-    for file in `nsgmls -i html $input \
-		    | awk '/^AFILEREF[ \t]+CDATA/ {print $3}'`; do
-	d=$outputdir/`basename $file`
-	if cat $file > $outputdir/`basename $file` ; then
-	    echo "  $file -> $d" >&2
-	fi
-    done
-fi
-
-mainfile=`ls $outputdir/${doctype}* | head -1`
-
-cat > $output <<EOF
-<html><title>$output</title>
-<body>
-
-<a href="$mainfile">$mainfile</a>
-
-</body>
-</html>
-EOF
-
-echo "$output created with link to '$mainfile'" >&2
-
-exit 0
-
diff --git a/scripts/distfiles b/scripts/distfiles
index 7262866bb..6a1ef2666 100644
--- a/scripts/distfiles
+++ b/scripts/distfiles
@@ -1,13 +1,5 @@
-config.guess
-config.sub
-install-sh
-mkinstalldirs
 mkdiff
-missing
+build-w32
 gnupg.spec.in
 autogen.sh
-ChangeLog
-ltconfig
-ltmain.sh
-db2html.in
 
diff --git a/scripts/gnupg.spec.in b/scripts/gnupg.spec.in
index e116ea3b4..357f540a3 100644
--- a/scripts/gnupg.spec.in
+++ b/scripts/gnupg.spec.in
@@ -4,32 +4,70 @@
 #
 %define version @pkg_version@
 %define name gnupg
-Summary: GPL public key crypto
+Summary: GNU Utility for data encryption and digital signatures
+Summary(it): Utility GNU per la sicurezza nelle comunicazioni e nell'archiviazione dei dati.
+Summary(cs): GNU n�stroj pro �ifrovanou komunikaci a bezpe�n� ukl�d�n� dat
+Summary(fr): Utilitaire GNU de chiffrement et d'authentification des communications et des donn�es
+Summary(pl): Narzedzie GNU do szyfrowania i podpisywania danych
+Vendor: GNU Privacy Guard Project
 Name: %{name}
 Version: %{version}
 Release: 1
 Copyright: GPL
 Group: Applications/Cryptography
+Group(cs): Aplikace/�ifrov�n�
+Group(fr): Applications/Cryptographie
+Group(it): Applicazioni/Crittografia
 Source: ftp://ftp.gnupg.org/pub/gcrypt/%{name}-%{version}.tar.gz
 URL: http://www.gnupg.org
 Provides: gpg openpgp
 BuildRoot: /tmp/rpmbuild_%{name}
 
 %changelog
+* Fri Apr 19 2002 David Shaw <[email protected]>
+- Removed OPTIONS and pubring.asc - no longer used
+- Added doc/samplekeys.asc
+* Sun Mar 31 2002 David Shaw <[email protected]>
+- Added the gpgkeys_xxx keyserver helpers.
+- Added a * to catch variations on the basic gpg man page (gpg, gpgv).
+- Mark options.skel as a config file.
+- Do not include the FAQ/faq.html twice (in /doc/ and /share/).
+
+* Wed Sep 06 2000 Fabio Coatti <[email protected]>
+- Added Polish description and summary (Kindly provided by  
+  Lukasz Stelmach <[email protected]>)
+  
+* Thu Jul 13 2000 Fabio Coatti <[email protected]>
+- Added a * to catch all formats for man pages (plain, gz, bz2...)    
+
+* Mon May 01 2000 Fabio Coatti <[email protected]>
+- Some corrections in French description, thanks to Ga�l Qu�ri
+  <[email protected]>; Some corrections to Italian descriptions.
+
+* Tue Apr 25 2000 Fabio Coatti <[email protected]>
+- Removed the no longer needed patch for man page by Keith Owens
+
+* Wed Mar 1 2000 Petr Kri�tof <[email protected]> 
+- Czech descriptions added; some fixes and updates.
+
+* Sat Jan 15 2000 Keith Owens <[email protected]>
+- Add missing man page as separate patch instead of updating the tar file.
+
+* Mon Dec 27 1999 Fabio Coatti <[email protected]> 
+- Upgraded for 1.0.1 (added missing gpg.1 man page)
+
 * Sat May 29 1999 Fabio Coatti <[email protected]>
-- Some corrections in French description, thanks to 
-Ga�l Qu�ri <[email protected]>  
+- Some corrections in French description, thanks to Ga�l Qu�ri <[email protected]>  
 
 * Mon May 17 1999 Fabio Coatti <[email protected]>
 - Added French description, provided by 
-Christophe Labouisse <[email protected]>
+  Christophe Labouisse <[email protected]>
 
 * Thu May 06 1999 Fabio Coatti <[email protected]> 
 - Upgraded for 0.9.6 (removed gpgm)
 
 * Tue Jan 12 1999 Fabio Coatti <[email protected]>
-- LINGUAS variable is now unset in configure to ensure that all
-  languages will be built. (Thanks to Luca Olivetti <[email protected]>)
+- LINGUAS variable is now unset in configure to ensure that all languages will be built. (Thanks to Luca Olivetti <[email protected]>)
  
 * Sat Jan 02 1999 Fabio Coatti <[email protected]>
 - Added pl language file.
@@ -38,24 +76,57 @@ Christophe Labouisse <[email protected]>
 * Sat Dec 19 1998 Fabio Coatti <[email protected]>
 - Modified the spec file provided by Caskey L. Dickson <caskey-at-technocage.com>
 - Now it can be built also by non-root. Installation has to be done as
-root, gpg is suid.
+  root, gpg is suid.
 - Added some changes by  Ross Golder <[email protected]>
 - Updates for version 0.4.5 of GnuPG (.mo files)
 
 %description
-GnuPG is a complete and free replacement for PGP. Because it does not
-use IDEA or RSA it can be used without any restrictions. GnuPG is in
-compliance with the OpenPGP specification (RFC2440).
+GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and
+creating digital signatures. GnuPG has advanced key management
+capabilities and is compliant with the proposed OpenPGP Internet
+standard described in RFC2440. Since GnuPG doesn't use any patented
+algorithm, it is not compatible with any version of PGP2 (PGP2.x uses
+only IDEA, patented worldwide, and RSA, which is patented in the US
+until 9/20/00).
 
 %description -l it
-GnuPG � un sostituto completo e gratuito per il PGP. Non utilizzando
-IDEA o RSA pu� essere utilizzato senza restrizioni. GnuPG � conforme
-alle specifiche OpenPGP (RFC2440).
+GnuPG (GNU Privacy Guard) � una utility GNU per la cifratura di dati e
+la creazione di firme digitali. Possiede una gestione avanzata delle
+chiavi ed � conforme allo standard Internet OpenPGP, descritto nella
+RFC 2440. Non utilizzando algoritmi brevettati, non � compatibile con
+PGP2 (PGP2.x usa solo IDEA, coperto da brevetto mondiale, ed RSA,
+brevettato negli USA con scadenza 20/09/2000). Questi algoritmi sono
+utilizzabili da GnuPG tramite moduli esterni.
 
 %description -l fr
-GnuPG est un remplacement complet et � libre � de PGP. Comme il n'utilise
-ni IDEA ni RSA il peut �tre utilis� sans restriction. GnuPG est conforme
-� la sp�cification OpenPGP (RFC2440).                         
+GnuPG est un utilitaire GNU destin� � chiffrer des donn�es et � cr�er
+des signatures �lectroniques. Il a des capacit�s avanc�es de gestion de
+cl�s et il est conforme � la norme propos�e OpenPGP d�crite dans la
+RFC2440. Comme GnuPG n'utilise pas d'algorithme brevet�, il n'est
+compatible avec aucune version de PGP2 (PGP2.x ne sait utiliser que
+l'IDEA brevet� dans le monde entier et RSA, brevet� aux �tats-Unis
+jusqu'au 20 septembre 2000). 
+
+%description -l cs
+GnuPG je GNU n�stroj pro bezpe�nou komunikaci a ukl�d�n� dat. M��e b�t
+pou�it na �ifrov�n� dat a vytv��en� digit�ln�ch podpis�. Obsahuje
+funkce pro pokro�ilou spr�vu kl��� a vyhovuje navrhovan�mu OpenPGP
+Internet standardu podle RFC2440. Byl vytvo�en jako kompletn�
+n�hrada za PGP. Proto�e neobsahuje �ifrovac� algoritmy IDEA nebo RSA,
+m��e b�t pou��v�n bez omezen�.
+Proto�e GnuPG nepou��v� ��dn� patentovan� algoritmus, nem��e b�t �pln�
+kompatibiln� s PGP verze 2. PGP 2.x pou��v� algoritmy IDEA (patentov�no
+celosv�tov�) a RSA (patentov�no ve Spojen�ch st�tech do 20. z���
+2000). Tyto algoritmy lze zav�st do GnuPG pomoc� extern�ch modul�.
+
+%description -l pl
+GnuPG (GNU Privacy Guard) jest nazedziem do szfrowania danych i tworzenia
+cyfrowych podpis�w. GnuPG posiada zaawansowane mozliwosci obslugi kluczy
+i jest zgodne z OpenPGP, proponowanym standardem internetowym opisanym
+w RFC2440. Poniewaz GnuPG nie uzywa zadnych opatentowanych algorytm�w
+nie jest wiec zgodne z jaka kolwiek wersja PGP2 (PGP2.x kozysta jedynie
+z algorytm�w: IDEA, opatentowanego na calym swiecie, oraz RSA, kt�rego
+patent na terenie Stan�w Zjednoczonych wygasa 20 wrzesnia 2000).         
 
 %prep
 rm -rf $RPM_BUILD_ROOT
@@ -67,7 +138,7 @@ rm -rf $RPM_BUILD_DIR/%{name}-%{version}
 if test -n "$LINGUAS"; then
  unset LINGUAS
 fi    
-CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr
+CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --enable-shared
 make
 
 %install
@@ -86,25 +157,20 @@ make install-strip prefix=$RPM_BUILD_ROOT/usr
 %doc %attr (-,root,root) PROJECTS
 %doc %attr (-,root,root) doc/DETAILS
 %doc %attr (-,root,root) doc/FAQ
+%doc %attr (-,root,root) doc/faq.html
 %doc %attr (-,root,root) doc/HACKING
 %doc %attr (-,root,root) doc/OpenPGP
-%doc %attr (-,root,root) g10/pubring.asc
-%doc %attr (-,root,root) g10/OPTIONS
+%doc %attr (-,root,root) doc/samplekeys.asc
 
-%attr (-,root,root) /usr/man/man1/gpg.1
+%attr (-,root,root) /usr/man/man1/gpg*.1*
 %attr (4755,root,root) /usr/bin/gpg
+%attr (-,root,root) /usr/bin/gpgkeys_*
 
-%attr (-,root,root) /usr/share/locale/de/LC_MESSAGES/%{name}.mo
-%attr (-,root,root) /usr/share/locale/it/LC_MESSAGES/%{name}.mo
-%attr (-,root,root) /usr/share/locale/fr/LC_MESSAGES/%{name}.mo
-%attr (-,root,root) /usr/share/locale/ru/LC_MESSAGES/%{name}.mo
-%attr (-,root,root) /usr/share/locale/es_ES/LC_MESSAGES/%{name}.mo
-%attr (-,root,root) /usr/share/locale/pt_BR/LC_MESSAGES/%{name}.mo
-%attr (-,root,root) /usr/share/locale/pl/LC_MESSAGES/%{name}.mo
-
+%attr (-,root,root) /usr/share/locale/*/*/%{name}.mo
 
 %attr (-,root,root) /usr/lib/%{name}
-%attr (-,root,root) /usr/share/%{name}
+
+%config %attr (-,root,root) /usr/share/%{name}/options.skel
 
 %clean
 rm -rf $RPM_BUILD_ROOT
diff --git a/scripts/gnupgbug b/scripts/gnupgbug
new file mode 100644
index 000000000..7cde6aa16
--- /dev/null
+++ b/scripts/gnupgbug
@@ -0,0 +1,185 @@
+#!/bin/sh
+
+#
+#     File a bug against the GNU Privacy Guard.
+#
+
+#
+#     Copyright (c) 2000 Thomas Roessler <[email protected]>
+#
+#
+#     This program is free software; you can redistribute it and/or modify
+#     it under the terms of the GNU General Public License as published by
+#     the Free Software Foundation; either version 2 of the License, or
+#     (at your option) any later version.
+#
+#     This program is distributed in the hope that it will be useful,
+#     but WITHOUT ANY WARRANTY; without even the implied warranty of
+#     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#     GNU General Public License for more details.
+#
+#     You should have received a copy of the GNU General Public License
+#     along with this program; if not, write to the Free Software
+#     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+
+SUBMIT="[email protected]"
+DEBIAN_SUBMIT="[email protected]"
+
+
+include_file ()
+{
+	echo
+	echo "--- Begin $1"
+	sed -e 's/^-/- -/' $1 | egrep -v '^[    ]*(#|$)'
+	echo "--- End $1"
+	echo
+}
+
+case `echo -n` in
+"") n=-n; c=   ;;
+ *) n=; c='\c' ;;
+esac
+
+
+exec > /dev/tty
+exec < /dev/tty
+
+SCRATCH=${TMPDIR-/tmp}/`basename $0`.`hostname`.$$
+
+mkdir ${SCRATCH} || \
+{
+	echo "`basename $0`: Can't create temporary directory." >& 2 ;
+	exit 1 ;
+}
+
+trap "rm -r -f ${SCRATCH} ; trap '' 0 ; exit" 0 1 2
+
+TEMPLATE=${SCRATCH}/template.txt
+
+echo "Please enter a one-line description of the problem you experience:"
+echo $n "> $c"
+read SUBJECT
+
+echo $n "Do you want to include your personal GnuPG configuration files? [Y|n]$c"
+read personal
+case "$personal" in
+[nN]*)	personal=no  ;;
+    *)	personal=yes ;;
+esac
+
+if test -f /etc/debian_version ; then
+	DEBIAN=yes
+	echo $n "Checking whether GnuPG has been installed as a package... $c"
+	GNUPGVERSION="`dpkg -l gnupg | grep ^i | awk '{print $3}'`" 2> /dev/null
+	if test "$GNUPGVERSION" ; then
+		DPKG=yes
+	else
+		DPKG=no
+	fi
+	echo "$DPKG"
+	if test "$DPKG" = "no" ; then
+		echo $n "File this bug with Debian? [Y|n]$c"
+		read $DPKG
+		case "$DPKG" in
+		[nN])	DPKG=no ;;
+		*)	DPKG=yes ;;
+		esac
+	fi
+else
+	DEBIAN=no
+	DPKG=no
+fi
+
+test "$MUTTVERSION"  || MUTTVERSION="`mutt -v | head -1 | awk '{print $2}' | tr -d i`"
+test "$DPKG" = "yes" && SUBMIT="$SUBMIT, $DEBIAN_SUBMIT"
+
+
+exec > ${TEMPLATE}
+
+echo "Subject: mutt-$MUTTVERSION: $SUBJECT"
+echo "To: $SUBMIT"
+echo "Cc: $LOGNAME"
+echo
+echo "Package: mutt"
+echo "Version: $MUTTVERSION"
+echo
+echo "-- Please type your report below this line"
+echo
+echo
+echo
+
+if test "$DEBIAN" = "yes" ; then
+	echo "Obtaining Debian-specific information..." > /dev/tty
+	bug -p -s dummy mutt |				       \
+		sed -n -e "/^-- System Information/,/^---/p" | \
+		grep -v '^---'
+fi
+
+echo
+echo "-- Mutt Version Information"
+echo
+mutt -v
+
+if test "$personal" = "yes" ; then
+	CANDIDATES=".muttrc-${MUTTVERSION} .muttrc .mutt/muttrc-${MUTTVERSION} .mutt/muttrc"
+	MATCHED="none"
+	for f in $CANDIDATES; do
+		if test -f "${HOME}/$f" ; then
+			MATCHED="${HOME}/$f"
+			break
+		fi
+	done
+
+	if test "$MATCHED" = "none" ; then
+		echo "Warning: Can't find your personal .muttrc." >&2
+	else
+		include_file $MATCHED
+	fi
+fi
+
+if test "$global" = "yes" ; then
+	CANDIDATES="Muttrc-${MUTTVERSION} Muttrc"
+	DIRECTORIES="/etc /usr/local/share/mutt"
+	MATCHED="none"
+	for d in $DIRECTORIES ; do
+		for f in $CANDIDATES; do
+			if test -f $d/$f ; then
+				MATCHED="$d/$f"
+				break
+			fi
+		done
+		test "$MATCHED" = "none" || break
+	done
+
+	if test "$MATCHED" = "none" ; then
+		echo "Warning: Can't find global Muttrc." >&2
+	else
+		include_file $MATCHED
+	fi
+fi
+
+exec > /dev/tty
+
+cp $TEMPLATE $SCRATCH/mutt-bug.txt
+
+input="e"
+while : ; do
+	if test "$input" = "e" ; then
+		${VISUAL-vi} $SCRATCH/mutt-bug.txt
+		if cmp $SCRATCH/mutt-bug.txt ${TEMPLATE} > /dev/null ; then
+			echo "Warning: Bug report was not modified!"
+		fi
+	fi
+
+	echo $n "Submit, Edit, Print, Quit? [S|e|p|q]$c"
+	read _input
+	input="`echo $_input | tr EPSQ epsq`"
+	case $input in
+	e*)	;;
+	p*)	${PAGER-more} $SCRATCH/mutt-bug.txt ;;
+	s*|"")  /usr/sbin/sendmail -t < $SCRATCH/mutt-bug.txt ; exit ;;
+	q*)	exit
+	esac
+done
+
diff --git a/scripts/install-sh b/scripts/install-sh
index ebc66913e..398a88e14 100755
--- a/scripts/install-sh
+++ b/scripts/install-sh
@@ -1,4 +1,4 @@
-#! /bin/sh
+#!/bin/sh
 #
 # install - install a program, script, or datafile
 # This comes from X11R5 (mit/util/scripts/install.sh).
@@ -109,7 +109,7 @@ then
 	echo "install:	no input file specified"
 	exit 1
 else
-	true
+	:
 fi
 
 if [ x"$dir_arg" != x ]; then
@@ -118,8 +118,9 @@ if [ x"$dir_arg" != x ]; then
 	
 	if [ -d $dst ]; then
 		instcmd=:
+		chmodcmd=""
 	else
-		instcmd=mkdir
+		instcmd=$mkdirprog
 	fi
 else
 
@@ -129,7 +130,7 @@ else
 
 	if [ -f $src -o -d $src ]
 	then
-		true
+		:
 	else
 		echo "install:  $src does not exist"
 		exit 1
@@ -140,7 +141,7 @@ else
 		echo "install:	no destination specified"
 		exit 1
 	else
-		true
+		:
 	fi
 
 # If destination is a directory, append the input filename; if your system
@@ -150,7 +151,7 @@ else
 	then
 		dst="$dst"/`basename $src`
 	else
-		true
+		:
 	fi
 fi
 
@@ -162,8 +163,8 @@ dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
 
 # Skip lots of stat calls in the usual case.
 if [ ! -d "$dstdir" ]; then
-defaultIFS='	
-'
+defaultIFS='
+	'
 IFS="${IFS-${defaultIFS}}"
 
 oIFS="${IFS}"
@@ -182,7 +183,7 @@ while [ $# -ne 0 ] ; do
         then
 		$mkdirprog "${pathcomp}"
 	else
-		true
+		:
 	fi
 
 	pathcomp="${pathcomp}/"
@@ -193,10 +194,10 @@ if [ x"$dir_arg" != x ]
 then
 	$doit $instcmd $dst &&
 
-	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
-	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
-	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
-	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else : ; fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else : ; fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else : ; fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else : ; fi
 else
 
 # If we're going to rename the final executable, determine the name now.
@@ -215,7 +216,7 @@ else
 	then
 		dstfile=`basename $dst`
 	else
-		true
+		:
 	fi
 
 # Make a temp file name in the proper directory.
@@ -234,10 +235,10 @@ else
 # ignore errors from any of these, just make sure not to ignore
 # errors from the above "$doit $instcmd $src $dsttmp" command.
 
-	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
-	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
-	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
-	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else :;fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else :;fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else :;fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else :;fi &&
 
 # Now rename the file to the real destination.
 
diff --git a/scripts/mail-to-translators b/scripts/mail-to-translators
new file mode 100755
index 000000000..f3bbbd0fd
--- /dev/null
+++ b/scripts/mail-to-translators
@@ -0,0 +1,64 @@
+#!/bin/sh
+# mail a compressed version of the current translation to the Last-Translator
+#
+
+SENDMAIL="/usr/sbin/sendmail"
+
+for file in *.po; do
+    addr=$(awk '/Last-Translator:/ { printf "%s", $0; exit 0}' $file | sed 's/.*\(<.*>\).*/\1/')
+    ll=$(basename $file .po)    
+
+    if ! msgfmt -vc $file 2>&1| egrep -q 'fuzzy|untranslated|error'; then
+        echo "$file: okay" >&2
+        continue;
+    fi    
+
+    if [ -z "$addr" ]; then
+        echo "$file: no translator known" >&2
+        continue;
+    fi
+
+    echo "$file: sending to $addr"
+    ( cat <<EOF
+From: [email protected]
+To: $addr
+Subject: GnuPG translation ($ll)
+Mime-Version: 1.0
+Content-Type: multipart/mixed; boundary="=-=-="
+
+--=-=-=
+
+Hi!
+
+Please find attached the latest version of the PO file for your GnuPG
+translation ($file).  I would appreciate if you can fix any remaining
+fuzzy or untranslated entries.  If you need access to the code
+please use http://cvs.gnupg.org or get the latest snapshot from
+ftp://ftp.gnupg.org/gcrypt/devel/.
+
+Output of msgfmt is:
+$(msgfmt --check --statistics $file 2>&1 | head)
+
+If you are not able to continue the translation work, I suggest to
+pass this message on to another translator and drop me a short note.
+
+Thanks,
+
+  Werner
+
+
+--=-=-=
+Content-Type: application/octet-stream
+Content-Disposition: attachment; filename=gnupg-${file}.gz
+Content-Transfer-Encoding: base64
+
+EOF
+
+gzip <$file | mimencode 
+
+echo ""
+echo "--=-=-=--"
+echo ""
+    ) | $SENDMAIL -oi "$addr"
+
+done
diff --git a/scripts/missing b/scripts/missing
index a6abd0698..dd583709f 100755
--- a/scripts/missing
+++ b/scripts/missing
@@ -1,7 +1,7 @@
 #! /bin/sh
 # Common stub for a few missing GNU programs while installing.
-# Copyright (C) 1996, 1997 Free Software Foundation, Inc.
-# Franc,ois Pinard <[email protected]>, 1996.
+# Copyright 1996, 1997, 1999, 2000 Free Software Foundation, Inc.
+# Originally by Fran,cois Pinard <[email protected]>, 1996.
 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -18,11 +18,37 @@
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
 # 02111-1307, USA.
 
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
 if test $# -eq 0; then
   echo 1>&2 "Try \`$0 --help' for more information"
   exit 1
 fi
 
+run=:
+
+# In the cases where this matters, `missing' is being run in the
+# srcdir already.
+if test -f configure.ac; then
+  configure_ac=configure.ac
+else
+  configure_ac=configure.in
+fi
+
+case "$1" in
+--run)
+  # Try to run requested program, and just exit if it succeeds.
+  run=
+  shift
+  "$@" && exit 0
+  ;;
+esac
+
+# If it does not exist, or fails to run (possibly an outdated version),
+# try to emulate it.
 case "$1" in
 
   -h|--h|--he|--hel|--help)
@@ -35,19 +61,24 @@ error status if there is no known handling for PROGRAM.
 Options:
   -h, --help      display this help and exit
   -v, --version   output version information and exit
+  --run           try to run the given command, and emulate it if it fails
 
 Supported PROGRAM values:
   aclocal      touch file \`aclocal.m4'
   autoconf     touch file \`configure'
   autoheader   touch file \`config.h.in'
   automake     touch all \`Makefile.in' files
-  bison        touch file \`y.tab.c'
+  bison        create \`y.tab.[ch]', if possible, from existing .[ch]
+  flex         create \`lex.yy.c', if possible, from existing .c
+  help2man     touch the output file
+  lex          create \`lex.yy.c', if possible, from existing .c
   makeinfo     touch the output file
-  yacc         touch file \`y.tab.c'"
+  tar          try tar, gnutar, gtar, then tar without non-portable flags
+  yacc         create \`y.tab.[ch]', if possible, from existing .[ch]"
     ;;
 
   -v|--v|--ve|--ver|--vers|--versi|--versio|--version)
-    echo "missing - GNU libit 0.0"
+    echo "missing 0.4 - GNU automake"
     ;;
 
   -*)
@@ -56,42 +87,100 @@ Supported PROGRAM values:
     exit 1
     ;;
 
-  aclocal)
+  aclocal*)
+    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
+       # We have it, but it failed.
+       exit 1
+    fi
+
     echo 1>&2 "\
 WARNING: \`$1' is missing on your system.  You should only need it if
-         you modified \`acinclude.m4' or \`configure.in'.  You might want
+         you modified \`acinclude.m4' or \`${configure_ac}'.  You might want
          to install the \`Automake' and \`Perl' packages.  Grab them from
          any GNU archive site."
     touch aclocal.m4
     ;;
 
   autoconf)
+    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
+       # We have it, but it failed.
+       exit 1
+    fi
+
     echo 1>&2 "\
 WARNING: \`$1' is missing on your system.  You should only need it if
-         you modified \`configure.in'.  You might want to install the
+         you modified \`${configure_ac}'.  You might want to install the
          \`Autoconf' and \`GNU m4' packages.  Grab them from any GNU
          archive site."
     touch configure
     ;;
 
   autoheader)
+    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
+       # We have it, but it failed.
+       exit 1
+    fi
+
     echo 1>&2 "\
 WARNING: \`$1' is missing on your system.  You should only need it if
-         you modified \`acconfig.h' or \`configure.in'.  You might want
+         you modified \`acconfig.h' or \`${configure_ac}'.  You might want
          to install the \`Autoconf' and \`GNU m4' packages.  Grab them
          from any GNU archive site."
-    touch config.h.in
+    files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}`
+    test -z "$files" && files="config.h"
+    touch_files=
+    for f in $files; do
+      case "$f" in
+      *:*) touch_files="$touch_files "`echo "$f" |
+				       sed -e 's/^[^:]*://' -e 's/:.*//'`;;
+      *) touch_files="$touch_files $f.in";;
+      esac
+    done
+    touch $touch_files
     ;;
 
-  automake)
+  automake*)
+    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
+       # We have it, but it failed.
+       exit 1
+    fi
+
     echo 1>&2 "\
 WARNING: \`$1' is missing on your system.  You should only need it if
-         you modified \`Makefile.am', \`acinclude.m4' or \`configure.in'.
+         you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'.
          You might want to install the \`Automake' and \`Perl' packages.
          Grab them from any GNU archive site."
-    find . -type f -name Makefile.am -print \
-      | sed 's/^\(.*\).am$/touch \1.in/' \
-      | sh
+    find . -type f -name Makefile.am -print |
+	   sed 's/\.am$/.in/' |
+	   while read f; do touch "$f"; done
+    ;;
+
+  autom4te)
+    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
+       # We have it, but it failed.
+       exit 1
+    fi
+
+    echo 1>&2 "\
+WARNING: \`$1' is needed, and you do not seem to have it handy on your
+         system.  You might have modified some files without having the
+         proper tools for further handling them.
+         You can get \`$1Help2man' as part of \`Autoconf' from any GNU
+         archive site."
+
+    file=`echo "$*" | sed -n 's/.*--output[ =]*\([^ ]*\).*/\1/p'`
+    test -z "$file" && file=`echo "$*" | sed -n 's/.*-o[ ]*\([^ ]*\).*/\1/p'`
+    if test -f "$file"; then
+	touch $file
+    else
+	test -z "$file" || exec >$file
+	echo "#! /bin/sh"
+	echo "# Created by GNU Automake missing as a replacement of"
+	echo "#  $ $@"
+	echo "exit 0"
+	chmod +x $file
+	exit 1
+    fi
     ;;
 
   bison|yacc)
@@ -100,10 +189,84 @@ WARNING: \`$1' is missing on your system.  You should only need it if
          you modified a \`.y' file.  You may need the \`Bison' package
          in order for those modifications to take effect.  You can get
          \`Bison' from any GNU archive site."
-    touch y.tab.c
+    rm -f y.tab.c y.tab.h
+    if [ $# -ne 1 ]; then
+        eval LASTARG="\${$#}"
+	case "$LASTARG" in
+	*.y)
+	    SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
+	    if [ -f "$SRCFILE" ]; then
+	         cp "$SRCFILE" y.tab.c
+	    fi
+	    SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'`
+	    if [ -f "$SRCFILE" ]; then
+	         cp "$SRCFILE" y.tab.h
+	    fi
+	  ;;
+	esac
+    fi
+    if [ ! -f y.tab.h ]; then
+	echo >y.tab.h
+    fi
+    if [ ! -f y.tab.c ]; then
+	echo 'main() { return 0; }' >y.tab.c
+    fi
+    ;;
+
+  lex|flex)
+    echo 1>&2 "\
+WARNING: \`$1' is missing on your system.  You should only need it if
+         you modified a \`.l' file.  You may need the \`Flex' package
+         in order for those modifications to take effect.  You can get
+         \`Flex' from any GNU archive site."
+    rm -f lex.yy.c
+    if [ $# -ne 1 ]; then
+        eval LASTARG="\${$#}"
+	case "$LASTARG" in
+	*.l)
+	    SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
+	    if [ -f "$SRCFILE" ]; then
+	         cp "$SRCFILE" lex.yy.c
+	    fi
+	  ;;
+	esac
+    fi
+    if [ ! -f lex.yy.c ]; then
+	echo 'main() { return 0; }' >lex.yy.c
+    fi
+    ;;
+
+  help2man)
+    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
+       # We have it, but it failed.
+       exit 1
+    fi
+
+    echo 1>&2 "\
+WARNING: \`$1' is missing on your system.  You should only need it if
+	 you modified a dependency of a manual page.  You may need the
+	 \`Help2man' package in order for those modifications to take
+	 effect.  You can get \`Help2man' from any GNU archive site."
+
+    file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
+    if test -z "$file"; then
+	file=`echo "$*" | sed -n 's/.*--output=\([^ ]*\).*/\1/p'`
+    fi
+    if [ -f "$file" ]; then
+	touch $file
+    else
+	test -z "$file" || exec >$file
+	echo ".ab help2man is required to generate this page"
+	exit 1
+    fi
     ;;
 
   makeinfo)
+    if test -z "$run" && (makeinfo --version) > /dev/null 2>&1; then
+       # We have makeinfo, but it failed.
+       exit 1
+    fi
+
     echo 1>&2 "\
 WARNING: \`$1' is missing on your system.  You should only need it if
          you modified a \`.texi' or \`.texinfo' file, or any other file
@@ -119,6 +282,45 @@ WARNING: \`$1' is missing on your system.  You should only need it if
     touch $file
     ;;
 
+  tar)
+    shift
+    if test -n "$run"; then
+      echo 1>&2 "ERROR: \`tar' requires --run"
+      exit 1
+    fi
+
+    # We have already tried tar in the generic part.
+    # Look for gnutar/gtar before invocation to avoid ugly error
+    # messages.
+    if (gnutar --version > /dev/null 2>&1); then
+       gnutar ${1+"$@"} && exit 0
+    fi
+    if (gtar --version > /dev/null 2>&1); then
+       gtar ${1+"$@"} && exit 0
+    fi
+    firstarg="$1"
+    if shift; then
+	case "$firstarg" in
+	*o*)
+	    firstarg=`echo "$firstarg" | sed s/o//`
+	    tar "$firstarg" ${1+"$@"} && exit 0
+	    ;;
+	esac
+	case "$firstarg" in
+	*h*)
+	    firstarg=`echo "$firstarg" | sed s/h//`
+	    tar "$firstarg" ${1+"$@"} && exit 0
+	    ;;
+	esac
+    fi
+
+    echo 1>&2 "\
+WARNING: I can't seem to be able to run \`tar' with the given arguments.
+         You may want to install GNU tar or Free paxutils, or check the
+         command line arguments."
+    exit 1
+    ;;
+
   *)
     echo 1>&2 "\
 WARNING: \`$1' is needed, and you do not seem to have it handy on your
diff --git a/scripts/mk-w32-dist b/scripts/mk-w32-dist
new file mode 100755
index 000000000..317caef6e
--- /dev/null
+++ b/scripts/mk-w32-dist
@@ -0,0 +1,53 @@
+#!/bin/sh
+#
+# Copyright (C) 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
+set -e
+
+cd dist-w32
+
+if [ -f ../README ]; then
+    srcdir=..
+elif [ -f ../../gnupg-stable/README ]; then
+    srcdir=../../gnupg-stable
+elif [ -f ../../../gnupg-stable/README ]; then
+    srcdir=../../../gnupg-stable
+else
+    echo "cannot figure out the source dir" >&2
+    exit 1
+fi
+
+rm * || true
+ln ../g10/gpg gpg.exe
+mingw32 strip gpg.exe
+if [ -f ../doc/gpg.man ] ; then
+  sed `printf "s/\b.//g"` ../doc/gpg.man >gpg.man
+else
+  man -Tlatin1 -l ../doc/gpg.1 | sed `printf "s/\b.//g"`  >gpg.man
+fi
+todos gpg.man
+cp ${srcdir}/README .
+todos README
+cp ${srcdir}/COPYING .
+todos COPYING
+ln ${srcdir}/doc/README.W32 .
+todos README.W32
+ln ${srcdir}/doc/FAQ .
+todos FAQ
+for i in ${srcdir}/po/*.gmo; do ln $i "$(basename $i .gmo).mo" ; done
+zip "gnupg-w32-$(cat ${srcdir}/VERSION).zip" *
+
+
+
+
+
+
diff --git a/scripts/mkdiff b/scripts/mkdiff
index 92efcda6a..f17979383 100755
--- a/scripts/mkdiff
+++ b/scripts/mkdiff
@@ -1,25 +1,34 @@
 #!/bin/sh
-
-if [ $# = 1 ]; then
-    pack="$1"
-    vprf=""
-elif [ $# = 2 ] ; then
-    pack="$1"
-    vprf="$2"
-else
-    echo "usage: mkdiff package-name [version-prefix]" >&2
+# Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+# Please note that this script is now maintained outside of GNUPG.
+# To get the most up to date version use
+# cvs -d :pserver:[email protected]:/cvs/wk checkout misc-scripts/mkdiff
+
+if [ $# != 1 ] ; then
+    echo "usage: mkdiff package-name" >&2
     exit 1
 fi
 
+pack="$1"
+
 set -e
 
-curr_ver=$(ls $pack-${vprf}*.tar.gz 2>/dev/null | sed "s/^$pack-\(.*\)\.tar\.gz/\1/"\
+curr_ver=$(ls $pack-*.tar.gz 2>/dev/null | sed "s/^$pack-\(.*\)\.tar\.gz/\1/"\
 	   | sort -r -t '.' -n +0 -1 +1 -2 +2 | head -1 )
 if [ ! -f $pack-$curr_ver.tar.gz ]; then
     echo "mkdiff: no current version of package $pack found" >&2
     exit 1
 fi
-prev_ver=$(ls $pack-${vprf}*.tar.gz 2>/dev/null | sed "s/^$pack-\(.*\)\.tar\.gz/\1/"\
+prev_ver=$(ls $pack-*.tar.gz 2>/dev/null | sed "s/^$pack-\(.*\)\.tar\.gz/\1/"\
 	   | sort -r -t '.' -n +0 -1 +1 -2 +2 | head -2 | tail -1 )
 if [ "$prev_ver" = "$curr_ver"  ]; then
     echo "mkdiff: no previous version of package $pack found" >&2
diff --git a/scripts/mkinstalldirs b/scripts/mkinstalldirs
index 70f6e5802..994d71ce7 100755
--- a/scripts/mkinstalldirs
+++ b/scripts/mkinstalldirs
@@ -16,12 +16,12 @@ Usage: mkinstalldirs [-h] [--help] [-m mode] dir ..."
 while test $# -gt 0 ; do
    case "${1}" in
      -h | --help | --h* )			# -h for help
-        echo "${usage}" 1>&2; exit 0 ;;
+	echo "${usage}" 1>&2; exit 0 ;;
      -m )					# -m PERM arg
-        shift
-        test $# -eq 0 && { echo "${usage}" 1>&2; exit 1; }
-        dirmode="${1}"
-        shift ;;
+	shift
+	test $# -eq 0 && { echo "${usage}" 1>&2; exit 1; }
+	dirmode="${1}"
+	shift ;;
      -- ) shift; break ;;			# stop option processing
      -* ) echo "${usage}" 1>&2; exit 1 ;;	# unknown option
      * )  break ;;				# first non-opt arg
@@ -30,6 +30,32 @@ done
 
 for file
 do
+  if test -d "$file"; then
+    shift
+  else
+    break
+  fi
+done
+
+case $# in
+0) exit 0 ;;
+esac
+
+case $dirmode in
+'')
+  if mkdir -p -- . 2>/dev/null; then
+    echo "mkdir -p -- $*"
+    exec mkdir -p -- "$@"
+  fi ;;
+*)
+  if mkdir -m "$dirmode" -p -- . 2>/dev/null; then
+    echo "mkdir -m $dirmode -p -- $*"
+    exec mkdir -m "$dirmode" -p -- "$@"
+  fi ;;
+esac
+
+for file
+do
    set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
    shift
 
@@ -42,24 +68,24 @@ do
      esac
 
      if test ! -d "$pathcomp"; then
-        echo "mkdir $pathcomp"
+	echo "mkdir $pathcomp"
 
-        mkdir "$pathcomp" || lasterr=$?
+	mkdir "$pathcomp" || lasterr=$?
 
-        if test ! -d "$pathcomp"; then
-  	  errstatus=$lasterr
+	if test ! -d "$pathcomp"; then
+	  errstatus=$lasterr
 	else
 	  if test ! -z "$dirmode"; then
 	     echo "chmod $dirmode $pathcomp"
 
 	     lasterr=""
-	     chmod $dirmode "$pathcomp" || lasterr=$?
+	     chmod "$dirmode" "$pathcomp" || lasterr=$?
 
 	     if test ! -z "$lasterr"; then
 	       errstatus=$lasterr
 	     fi
 	  fi
-        fi
+	fi
      fi
 
      pathcomp="$pathcomp/"
@@ -69,6 +95,7 @@ done
 exit $errstatus
 
 # Local Variables:
-# mode:shell-script
-# sh-indentation:3
+# mode: shell-script
+# sh-indentation: 3
 # End:
+# mkinstalldirs ends here
diff --git a/scripts/mksnapshot b/scripts/mksnapshot
index 7b534b98c..cca19d98d 100755
--- a/scripts/mksnapshot
+++ b/scripts/mksnapshot
@@ -21,7 +21,7 @@ This is a snapshot of the current CVS head branch!
 
 It may not compile or not work.  Please don't report
 bugs about this snapshot release it is just for your
-convenience and to reduce the load of our CVS server.
+convenience and to reduce the load of out CVS server.
 
 Thanks,
 
diff --git a/scripts/mkwebpage b/scripts/mkwebpage
index eba90d490..b39feb176 100755
--- a/scripts/mkwebpage
+++ b/scripts/mkwebpage
@@ -1,44 +1,105 @@
 #!/bin/sh
 # Make a snapshot of the CVS head revision for the gnupg webpages
 
+
 set -e
 
-myhome="$HOME/pub"
-pgm="gnupg-www"
-mod="gnupg-www"
-MKWEBSITE=$HOME/bin/mkwebsite
+cd $HOME/pub
+
+extract_date () {
+    # This strange construct is to speed up things.  Grouping a "s" and a "q"
+    # does not work. Anyway we should use awk instead.
+    # Have to quote the I from $Id so that CVS does not expand it
+    sed '/^.*\$[I]d:.*\$.*$/q' $1 |
+    sed -n 's!^.*\$[I]d: [^ ]\+ [^ ]\+ \([0-9]*\)/\([0-9]*\)/\([0-9]*\) [^ ]\+ \([^ ]\+\).*$!\1-\2-\3 \4!p'
+}
+
+# We have to edit most files
+sed_it () {
+    src=$1
+    dst=$2
 
-cd $myhome
+    for srcdir in `find $src -type d -print` ; do
+	dstdir=`echo "$srcdir" | sed "s/^$src/$dst/g"`
+	mkdir $dstdir || true
+	for sf in `find $srcdir -type f -maxdepth 1 -print`; do
+	    updated=`extract_date $sf`
+	    df="$dstdir/`basename $sf`"
+	    case "$df" in
+		*.html)
+		    sed "/@FOOTER@/ {
+			r $src/footer.html.inc
+			d
+			}
+			/^<body>$/ {
+			r $src/body-tag.html.inc
+			d
+			}
+			/@UPDATED@/c\\
+Updated: $updated \\
+<hr>
+			/@INSERT_BUGLIST_HERE@/ {
+			r $src/BUGS
+			d
+			}
+			/@HOSTEDBY@/ {
+			r $src/hostedby.html.inc
+			d
+			}
+		     " $sf > $df
+		    ;;
+		*.html.inc | *~ | *.tmp | */BUGS )
+		    :
+		    ;;
+		*)
+		    cat $sf > $df
+		    ;;
+	    esac
+	done
+    done
+}
 
-rm -rf $pgm.tmp 2>/dev/null || true
-rm -rf $pgm.new || true
-mkdir  $pgm.new || true
-rm -rf $pgm.old || true
-cvs -Q export -r HEAD -d $pgm.tmp $mod
-cat <<EOF >$pgm.tmp/en/NEWS
+
+do_export () {
+    pgm=$1
+    mod=$2
+
+    rm -rf $pgm.tmp 2>/dev/null || true
+    rm -rf $pgm.new || true
+    rm -rf $pgm.old || true
+    cvs -Q export -r HEAD -d $pgm.tmp $mod
+    cat <<EOF >$pgm.tmp/NEWS
 [ This is a snapshot of the NEWS file from the CVS head revision.
   You will find the NEWS for the latest revision below the line
-  "Noteworthy changes in version 1.x.y".
+  "Noteworthy changes in version 0.x.y".
 						     (wk $(date +%Y-%m-%d)) ]
 
 
 EOF
-cvs -Q checkout -p gnupg/NEWS >>$pgm.tmp/en/NEWS
-cvs -Q checkout -p gnupg/BUGS | sed  '1,/^~~~~~~~~~~~/ d' > $pgm.tmp/en/include-file-1.tmp
-echo "(List generated from CVS: " $(date +%Y-%m-%d) ")"  >> $pgm.tmp/en/include-file-1.tmp
-cd $pgm.tmp
-$MKWEBSITE --cvs --use-this-dir $myhome/$pgm.new
-cd $myhome
-cp -a gph $pgm.new/ || true
-
-rm -rf $pgm.tmp || true
-
-rm -rf $pgm.old || true
-[ -d $pgm ] && mv $pgm $pgm.old
-if ! mv $pgm.new $pgm ; then
-    echo "rename failed - restoring" >&2
-    mv $pgm.old $pgm
-    exit 1
-fi
-rm -rf $pgm.old || true
+    cvs -Q checkout -p gnupg/NEWS >>$pgm.tmp/NEWS
+    cvs -Q checkout -p gnupg/BUGS | sed  '1,/^~~~~~~~~~~~/ d' > $pgm.tmp/BUGS
+    echo "(List generated from CVS: " $(date +%Y-%m-%d) ")"  >> $pgm.tmp/BUGS
+    sed_it $pgm.tmp $pgm.new
+    rm -rf $pgm.tmp || true
+    ln -sf gnupg.html $pgm.new/index.html
+
+    rm -rf $pgm.old || true
+    [ -d $pgm ] && mv $pgm $pgm.old
+    if ! mv $pgm.new $pgm ; then
+	echo "rename failed - restoring" >&2
+	mv $pgm.old $pgm
+	exit 1
+    fi
+    rm -rf $pgm.old || true
+}
+
+
+do_export gnupg-www gnupg-www
+
+#cd gnupg-www
+#tar czf /home/ftp/pub/gcrypt/.old/webpages.tmp *
+#mv /home/ftp/pub/gcrypt/old/webpages.tmp /home/ftp/pub/gcrypt/old/webpages.tar.gz
+
+
+exit 0
 
diff --git a/tools/ChangeLog b/tools/ChangeLog
index 2faf8de06..0cb89ae11 100644
--- a/tools/ChangeLog
+++ b/tools/ChangeLog
@@ -1,22 +1,61 @@
-2000-10-10  Werner Koch  <[email protected]>
+2002-05-07  Stefan Bellon  <[email protected]>
 
-	* bftest.c (main): Allow selection of cipher mode.
+	* gpgsplit.c (create_filename): Use EXTSEP_S instead of ".".
 
-Mon Sep 18 16:35:45 CEST 2000  Werner Koch  <[email protected]>
+2002-04-23  David Shaw  <[email protected]>
 
-       * ring-a-party: substr starts at offset 1 not 0.  Many thanks to Mike
-        for finding this bug. Flush the last key.
+	* Makefile.am: Do not list libraries in -lxxx format in a
+	dependency line.
 
-Mon Jul 17 16:35:47 CEST 2000  Werner Koch  <wk@>
+2002-01-02  Stefan Bellon  <[email protected]>
 
-  * mail-signed-keys: New.
-  * ring-a-party: New.
+	* gpgsplit.c [__riscos__]: Added RISC OS specific file name
+	code.
 
-Mon Jan 31 17:46:35 CET 2000  Werner Koch  <wk@>
+	* gpgsplit.c (write_part): Introduced two explicit casts.
 
-	* Makefile.am: Add libjnlib.
-	* bftest.c: Some minor hacks to let it compile.
-	* mpicalc.c: Ditto.
+2001-12-21  David Shaw  <[email protected]>
+
+	* gpgsplit.c (pkttype_to_string): PKT_PHOTO_ID -> PKT_ATTRIBUTE
+
+2001-10-23  Werner Koch  <[email protected]>
+
+	* Makefile.am (gpgsplit_LDADD): Add ZLIBS.
+
+2001-09-18  Werner Koch  <[email protected]>
+
+	* gpgsplit.c: New option --uncompress.
+	(write_part): Handle old style uncompressing.
+
+2001-06-20  Werner Koch  <[email protected]>
+
+	* gpgsplit.c: New.
+	* Makefile.am (bin_PROGRAMS): Install gpgsplit.
+
+2001-03-27  Werner Koch  <[email protected]>
+
+	* mail-signed-keys: Add option --dry-run.
+
+2001-03-21  Werner Koch  <[email protected]>
+
+	* shmtest.c: Add sys/types.h
+
+Fri Sep 15 18:40:36 CEST 2000  Werner Koch  <[email protected]>
+
+        * ring-a-party: An array start at offset 1 no 0.  Many thanks to Mike
+        for finding this bug.
+
+Thu Sep 14 14:20:38 CEST 2000  Werner Koch  <[email protected]>
+
+        * ring-a-party: Flush the last key.
+
+Wed Jul  5 13:28:45 CEST 2000  Werner Koch  <wk@>
+
+        * mail-signed-keys: New.
+
+Tue May 23 09:19:00 CEST 2000  Werner Koch  <[email protected]>
+
+	* ring-a-party: New.
 
 Thu Jul  8 16:21:27 CEST 1999  Werner Koch  <[email protected]>
 
@@ -43,3 +82,16 @@ Tue Apr  7 19:50:41 1998  Werner Koch  ([email protected])
 
 	* bftest.c: Now supports all availabe ciphers.
 
+
+
+ Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
diff --git a/tools/Makefile.am b/tools/Makefile.am
index 4e261ca34..769e30c48 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -1,14 +1,28 @@
-## Process this file with automake to produce Makefile.in
+# Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
 
-EXTRA_DIST = lspgpot mail-signed-keys ring-a-party
-INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl
-# we need to add libutil.la a second time because we have to resolve
-# gpg_log_ in some libjnlib modules. - very ugly - should be removed soon.
-needed_libs = ../util/libutil.a \
-	      ../jnlib/libjnlib.a ../util/libutil.a \
-               @INTLLIBS@
+## Process this file with automake to produce Makefile.in
 
+EXTRA_DIST = lspgpot ring-a-party mail-signed-keys
+INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
+needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
 
+bin_PROGRAMS    = gpgsplit
 noinst_PROGRAMS = mpicalc bftest clean-sat mk-tdata shmtest
 
 mpicalc_SOURCES = mpicalc.c
@@ -19,11 +33,13 @@ clean_sat_SOURCES  = clean-sat.c
 mk_tdata_SOURCES = mk-tdata.c
 shmtest_SOURCES = shmtest.c
 
+gpgsplit_SOURCES = gpgsplit.c
 
-mpicalc_LDADD =  $(needed_libs) $(LIBGCRYPT_LIBS)
-bftest_LDADD =	$(needed_libs) $(LIBGCRYPT_LIBS)
 
-shmtest_LDADD =  $(needed_libs) $(LIBGCRYPT_LIBS)
+mpicalc_LDADD =  $(needed_libs) @INTLLIBS@
+bftest_LDADD =	$(needed_libs) @INTLLIBS@
 
-mpicalc bftest shmtest: $(needed_libs)
+shmtest_LDADD =  $(needed_libs) @INTLLIBS@
+gpgsplit_LDADD = @ZLIBS@ $(needed_libs) @INTLLIBS@
 
+mpicalc bftest shmtest gpgsplit: $(needed_libs)
diff --git a/tools/bftest.c b/tools/bftest.c
index 6b1e09117..b15f4a1da 100644
--- a/tools/bftest.c
+++ b/tools/bftest.c
@@ -1,5 +1,5 @@
 /* bftest.c - Blowfish test program
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -27,17 +27,22 @@
   #include <fcntl.h>
 #endif
 
-#include <gcrypt.h>
 #include "util.h"
+#include "cipher.h"
 #include "i18n.h"
 
 static void
 my_usage(void)
 {
-    fprintf(stderr, "usage: bftest [-e][-d] algo mode key\n");
+    fprintf(stderr, "usage: bftest [-e][-d] algo key\n");
     exit(1);
 }
 
+const char *
+strusage( int level )
+{
+    return default_strusage(level);
+}
 
 static void
 i18n_init(void)
@@ -48,7 +53,7 @@ i18n_init(void)
     #else
        setlocale( LC_ALL, "" );
     #endif
-    bindtextdomain( PACKAGE, GNUPG_LOCALEDIR );
+    bindtextdomain( PACKAGE, G10_LOCALEDIR );
     textdomain( PACKAGE );
   #endif
 }
@@ -57,12 +62,11 @@ int
 main(int argc, char **argv)
 {
     int encode=0;
-    GCRY_CIPHER_HD hd;
+    CIPHER_HANDLE hd;
     char buf[4096];
-    int rc, n, size=4096;
-    int algo, mode;
-    const char *s;
-    
+    int n, size=4096;
+    int algo;
+
   #ifdef HAVE_DOSISH_SYSTEM
     setmode( fileno(stdin), O_BINARY );
     setmode( fileno(stdout), O_BINARY );
@@ -85,56 +89,24 @@ main(int argc, char **argv)
 	argc--; argv++;
 	size = 10;
     }
-    if( argc != 4 )
+    if( argc != 3 )
 	my_usage();
     argc--; argv++;
-    algo = gcry_cipher_map_name( *argv );
+    algo = string_to_cipher_algo( *argv );
     argc--; argv++;
-    s = *argv; argc--; argv++;
-    if ( !strcasecmp( s, "cfb" ) )
-        mode = GCRY_CIPHER_MODE_CFB;
-    else if ( !strcasecmp( s, "cbc" ) )
-        mode = GCRY_CIPHER_MODE_CBC;
-    else if ( !strcasecmp( s, "ebc" ) )
-        mode = GCRY_CIPHER_MODE_ECB;
-    else if ( !strcasecmp( s, "none" ) )
-        mode = GCRY_CIPHER_MODE_NONE;
-    else if ( !strcasecmp( s, "stream" ) )
-        mode = GCRY_CIPHER_MODE_STREAM;
-    else {
-        fprintf( stderr,
-                 "wrong mode; use one of:  none, ecb, cbc, cfb, stream\n");
-        return 1;
-    }
 
-    hd = gcry_cipher_open( algo, mode, 0 );
-    if (!hd )
-        log_fatal("cipher open failed: %s\n", gcry_strerror(-1) );
-    rc = gcry_cipher_setkey( hd, *argv, strlen(*argv) );
-    if ( rc ) 
-        log_fatal("setkey failed: %s\n", gcry_strerror(rc) );
-    gcry_cipher_setiv( hd, NULL, 0 );
+    hd = cipher_open( algo, CIPHER_MODE_CFB, 0 );
+    cipher_setkey( hd, *argv, strlen(*argv) );
+    cipher_setiv( hd, NULL, 0 );
     while( (n = fread( buf, 1, size, stdin )) > 0 ) {
 	if( encode )
-	    gcry_cipher_encrypt( hd, buf, n, buf, n );
+	    cipher_encrypt( hd, buf, buf, n );
 	else
-	    gcry_cipher_decrypt( hd, buf, n, buf, n );
+	    cipher_decrypt( hd, buf, buf, n );
 	if( fwrite( buf, 1, n, stdout) != n )
 	    log_fatal("write error\n");
     }
-    gcry_cipher_close(hd);
+    cipher_close(hd);
     return 0;
 }
 
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/tools/clean-sat.c b/tools/clean-sat.c
index b1edb2010..8b6bfd77a 100644
--- a/tools/clean-sat.c
+++ b/tools/clean-sat.c
@@ -1,4 +1,13 @@
 /* clean-sat.c
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * This file is free software; as a special exception the author gives
+ * unlimited permission to copy and/or distribute it, with or without
+ * modifications, as long as this notice is preserved.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  */
 
 #include <stdio.h>
diff --git a/tools/crlf.c b/tools/crlf.c
index f81f77e69..e6ac8c70f 100644
--- a/tools/crlf.c
+++ b/tools/crlf.c
@@ -1,4 +1,13 @@
 /* crlf.c
+ * Copyright (C) 1999, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * This file is free software; as a special exception the author gives
+ * unlimited permission to copy and/or distribute it, with or without
+ * modifications, as long as this notice is preserved.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  */
 
 #include <stdio.h>
diff --git a/tools/gpgsplit.c b/tools/gpgsplit.c
new file mode 100644
index 000000000..8d89b1b9d
--- /dev/null
+++ b/tools/gpgsplit.c
@@ -0,0 +1,553 @@
+/* gpgsplit.c - An OpenPGP packet splitting tool
+ * Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* 
+ * TODO: Add an option to uncompress packets.  This should come quite handy.
+ */
+
+#include <config.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <unistd.h>
+#include <assert.h>
+#ifdef HAVE_DOSISH_SYSTEM
+  #include <fcntl.h> /* for setmode() */
+#endif
+#include <zlib.h>
+#ifdef __riscos__
+#include <unixlib/local.h>
+#endif /* __riscos__ */
+
+#define INCLUDED_BY_MAIN_MODULE 1
+#include "../g10/packet.h"
+#include "util.h"
+
+static int opt_verbose;
+static const char *opt_prefix = "";
+static int opt_uncompress;
+
+static void g10_exit( int rc );
+static void split_packets (const char *fname);
+
+
+enum cmd_and_opt_values { aNull = 0,
+    oVerbose	  = 'v',
+    oPrefix       = 'p',                          
+    oUncompress   = 500,                      
+aTest };
+
+
+static ARGPARSE_OPTS opts[] = {
+
+    { 301, NULL, 0, "@Options:\n " },
+
+    { oVerbose, "verbose",   0, "verbose" },
+    { oPrefix,  "prefix",    2, "|STRING|Prepend filenames with STRING" },
+    { oUncompress, "uncompress", 0, "uncompress a packet"},
+{0} };
+
+
+const char *
+strusage( int level )
+{
+    const char *p;
+    switch( level ) {
+      case 11: p = "gpgsplit (GnuPG)";
+	break;
+      case 13: p = VERSION; break;
+      case 17: p = PRINTABLE_OS_NAME; break;
+      case 19: p =
+	    "Please report bugs to <[email protected]>.\n";
+	break;
+      case 1:
+      case 40:	p =
+	    "Usage: gpgsplit [options] [files] (-h for help)";
+	break;
+      case 41:	p =
+	    "Syntax: gpgsplit [options] [files]\n"
+	      "Split an OpenPGP message into packets\n";
+	break;
+
+      default:	p = default_strusage(level);
+    }
+    return p;
+}
+
+
+
+int
+main( int argc, char **argv )
+{
+    ARGPARSE_ARGS pargs;
+
+  #ifdef __riscos__
+    /* set global RISC OS specific properties */
+    __riscosify_control = __RISCOSIFY_NO_PROCESS;
+  #endif /* __riscos__ */
+  #ifdef HAVE_DOSISH_SYSTEM
+    setmode( fileno(stdin), O_BINARY );
+    setmode( fileno(stdout), O_BINARY );
+  #endif
+    log_set_name("gpgsplit");
+
+    pargs.argc = &argc;
+    pargs.argv = &argv;
+    pargs.flags=  1;  /* do not remove the args */
+    while( optfile_parse( NULL, NULL, NULL, &pargs, opts) ) {
+	switch( pargs.r_opt ) {
+          case oVerbose: opt_verbose = 1; break;
+          case oPrefix: opt_prefix = pargs.r.ret_str; break;
+          case oUncompress: opt_uncompress = 1; break;
+	  default : pargs.err = 2; break;
+	}
+    }
+
+    if( log_get_errorcount(0) )
+	g10_exit(2);
+
+    if (!argc)
+        split_packets (NULL);
+    else {
+        for ( ;argc; argc--, argv++) 
+            split_packets (*argv);
+    }
+
+    g10_exit (0);
+    return 0; 
+}
+
+
+static void
+g10_exit( int rc )
+{
+    rc = rc? rc : log_get_errorcount(0)? 2 : 0;
+    exit(rc );
+}
+
+static const char *
+pkttype_to_string (int pkttype)
+{
+    const char *s;
+    switch (pkttype) {
+	case PKT_PUBKEY_ENC    : s = "pk_enc"; break;
+	case PKT_SIGNATURE     : s = "sig"; break;
+	case PKT_SYMKEY_ENC    : s = "sym_enc"; break;
+	case PKT_ONEPASS_SIG   : s = "onepass_sig"; break;
+	case PKT_SECRET_KEY    : s = "secret_key"; break;
+	case PKT_PUBLIC_KEY    : s = "public_key"; break;
+	case PKT_SECRET_SUBKEY : s = "secret_subkey"; break;
+	case PKT_COMPRESSED    : 
+          s = opt_uncompress? "uncompressed":"compressed";
+          break;
+	case PKT_ENCRYPTED     : s = "encrypted"; break;
+	case PKT_MARKER	       : s = "marker"; break;
+	case PKT_PLAINTEXT     : s = "plaintext"; break;
+	case PKT_RING_TRUST    : s = "ring_trust"; break;
+	case PKT_USER_ID       : s = "user_id"; break;
+	case PKT_PUBLIC_SUBKEY : s = "public_subkey"; break;
+	case PKT_OLD_COMMENT   : s = "old_comment"; break;
+	case PKT_ATTRIBUTE     : s = "attribute"; break;
+	case PKT_ENCRYPTED_MDC : s = "encrypted_mdc"; break;
+	case PKT_MDC 	       : s = "mdc"; break;
+	case PKT_COMMENT       : s = "comment"; break;
+        case PKT_GPG_CONTROL   : s = "gpg_control"; break;
+      default: s = "unknown"; break;
+    }
+    return s;
+}
+
+
+/*
+ * Create a new filename and a return a pointer to a statically
+ * allocated buffer 
+ */
+static char *
+create_filename (int pkttype)
+{
+    static unsigned int partno = 0;
+    static char *name;
+
+    if (!name) 
+        name = m_alloc (strlen (opt_prefix) + 100 );
+
+    assert (pkttype < 1000 && pkttype >= 0 );
+    partno++;
+    sprintf (name, "%s%06u-%03d" EXTSEP_S "%.40s",
+             opt_prefix, partno, pkttype, pkttype_to_string (pkttype));
+    return name;
+}
+
+static int
+read_u16 (FILE *fp, size_t *rn)
+{
+    int c;
+
+    if ( (c = getc (fp)) == EOF )
+        return -1;
+    *rn = c << 8;
+    if ( (c = getc (fp)) == EOF )
+        return -1;
+    *rn |= c;
+    return 0;
+}
+
+static int
+read_u32 (FILE *fp, unsigned long *rn)
+{
+    size_t tmp;
+
+    if (read_u16 (fp, &tmp))
+        return -1;
+    *rn = tmp << 16;
+    if (read_u16 (fp, &tmp))
+        return -1;
+    *rn |= tmp;
+    return 0;
+}
+
+
+/* hdr must pint to a buffer large enough to hold all header bytes */
+static int
+write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
+             int pkttype, int partial, unsigned char *hdr, size_t hdrlen)
+{
+    FILE *fpout;
+    int c, first;
+    unsigned char *p;
+    const char *outname = create_filename (pkttype);
+
+    /* fixme: should we check that this file does not yet exist? */
+    if (opt_verbose)
+        log_info ("writing `%s'\n", outname);
+    fpout = fopen (outname, "wb");
+    if (!fpout) {
+        log_error ("error creating `%s': %s\n", outname, strerror(errno));
+        /* stop right now, otherwise we would mess up the sequence of
+         * the part numbers */
+        g10_exit (1);
+    }
+
+    if (!opt_uncompress) {
+        for (p=hdr; hdrlen; p++, hdrlen--) {
+            if ( putc (*p, fpout) == EOF )
+                goto write_error;
+        }
+    }
+
+    first = 1;
+    while (partial) {
+        size_t partlen;
+
+        if (partial == 1) { /* openpgp */
+            if( first ) {
+                c = pktlen;
+                assert( c >= 224 && c < 255 );
+		first = 0;
+            }
+            else if( (c = getc (fpin)) == EOF ) {
+                goto read_error;
+            }
+            else
+                hdr[hdrlen++] = c;
+            
+            if( c < 192 ) {
+                pktlen = c;
+                partial = 0; /* (last segment may follow) */
+            }
+            else if( c < 224 ) {
+                pktlen = (c - 192) * 256;
+                if( (c = getc (fpin)) == EOF ) 
+                    goto read_error;
+                hdr[hdrlen++] = c;
+                pktlen += c + 192;
+                partial = 0;
+            }
+            else if( c == 255 ) {
+                if (read_u32 (fpin, &pktlen))
+                    goto read_error;
+                hdr[hdrlen++] = pktlen >> 24;
+                hdr[hdrlen++] = pktlen >> 16;
+                hdr[hdrlen++] = pktlen >> 8;
+                hdr[hdrlen++] = pktlen;
+                partial = 0;
+            }
+            else { /* next partial body length */
+                for (p=hdr; hdrlen; p++, hdrlen--) {
+                    if ( putc (*p, fpout) == EOF )
+                        goto write_error;
+                }
+                partlen = 1 << (c & 0x1f);
+                for (; partlen; partlen--) {
+                    if ((c = getc (fpin)) == EOF) 
+                        goto read_error;
+                    if ( putc (c, fpout) == EOF )
+                        goto write_error;
+                }
+            }
+        }
+        else if (partial == 2) { /* old gnupg */
+            assert (!pktlen);
+            if ( read_u16 (fpin, &partlen) )
+                goto read_error;
+            hdr[hdrlen++] = partlen >> 8;
+            hdr[hdrlen++] = partlen;
+            for (p=hdr; hdrlen; p++, hdrlen--) {
+                if ( putc (*p, fpout) == EOF )
+                    goto write_error;
+            }
+            if (!partlen)
+                partial = 0; /* end of packet */
+            for (; partlen; partlen--) {
+                c = getc (fpin);
+                if (c == EOF) 
+                    goto read_error;
+                if ( putc (c, fpout) == EOF )
+                    goto write_error;
+            }
+        }
+        else { /* compressed: read to end */
+            pktlen = 0;
+            partial = 0;
+            hdrlen = 0;
+            if (opt_uncompress) {
+                z_stream zs;
+                byte *inbuf, *outbuf;
+                unsigned int inbufsize, outbufsize;
+                int algo, zinit_done, zrc, nread, count;
+                size_t n;
+
+                if ((c = getc (fpin)) == EOF)
+                    goto read_error;
+                algo = c;
+                
+                memset (&zs, 0, sizeof zs);
+                inbufsize = 2048;
+                inbuf = m_alloc (inbufsize);
+                outbufsize = 8192;
+                outbuf = m_alloc (outbufsize);
+                zs.avail_in = 0;
+                zinit_done = 0;
+                
+                do {
+                    if (zs.avail_in < inbufsize) {
+                        n = zs.avail_in;
+                        if (!n)
+                            zs.next_in = (Bytef *) inbuf;
+                        count = inbufsize - n;
+                        for (nread=0;
+                             nread < count && (c=getc (fpin)) != EOF;
+                             nread++) {
+                            inbuf[n+nread] = c;
+                        }
+                        n += nread;
+                        if (nread < count && algo == 1) {
+                            inbuf[n] = 0xFF; /* chew dummy byte */
+                            n++;
+                        }
+                        zs.avail_in = n;
+                    }
+                    zs.next_out = (Bytef *) outbuf;
+                    zs.avail_out = outbufsize;
+                    
+                    if (!zinit_done) {
+                        zrc = algo == 1? inflateInit2 ( &zs, -13)
+                                       : inflateInit ( &zs );
+                        if (zrc != Z_OK) {
+                            log_fatal ("zlib problem: %s\n", zs.msg? zs.msg :
+                                       zrc == Z_MEM_ERROR ? "out of core" :
+                                       zrc == Z_VERSION_ERROR ?
+                                       "invalid lib version" :
+                                       "unknown error" );
+                        }
+                        zinit_done = 1;
+                    }
+                    else {
+#ifdef Z_SYNC_FLUSH
+                        zrc = inflate (&zs, Z_SYNC_FLUSH);
+#else
+                        zrc = inflate (&zs, Z_PARTIAL_FLUSH);
+#endif
+                        if (zrc == Z_STREAM_END)
+                            ; /* eof */
+                        else if (zrc != Z_OK && zrc != Z_BUF_ERROR) {
+                            if (zs.msg)
+                                log_fatal ("zlib inflate problem: %s\n", zs.msg );
+                            else
+                                log_fatal ("zlib inflate problem: rc=%d\n", zrc );
+                        }
+                        for (n=0; n < outbufsize - zs.avail_out; n++) {
+                            if (putc (outbuf[n], fpout) == EOF )
+                                goto write_error;
+                        }
+                    }
+                } while (zrc != Z_STREAM_END && zrc != Z_BUF_ERROR);
+                inflateEnd (&zs);
+            }
+            else {
+                while ( (c=getc (fpin)) != EOF ) {
+                    if ( putc (c, fpout) == EOF )
+                        goto write_error;
+                }
+            }
+            if (!feof (fpin))
+                goto read_error;
+        }
+
+    }
+
+    for (p=hdr; hdrlen; p++, hdrlen--) {
+        if ( putc (*p, fpout) == EOF )
+            goto write_error;
+    }
+    /* standard packet or last segment of partial length encoded packet */
+    for (; pktlen; pktlen--) {
+        c = getc (fpin);
+        if (c == EOF) 
+            goto read_error;
+        if ( putc (c, fpout) == EOF )
+            goto write_error;
+    }
+    
+        
+    if ( fclose (fpout) )
+        log_error ("error closing `%s': %s\n", outname, strerror (errno));
+    return 0;
+
+ write_error:    
+    log_error ("error writing `%s': %s\n", outname, strerror (errno));
+    fclose (fpout);
+    return 2;
+    
+ read_error: {
+        int save = errno;
+        fclose (fpout);
+        errno = save;
+    }
+    return -1;
+}
+
+
+
+static int
+do_split (const char *fname, FILE *fp)
+{
+    int c, ctb, pkttype;
+    unsigned long pktlen = 0;
+    int partial = 0;
+    unsigned char header[20];
+    int header_idx = 0;
+
+    ctb = getc (fp);
+    if (ctb == EOF)
+        return 3; /* ready */
+    header[header_idx++] = ctb;
+
+    if( !(ctb & 0x80) ) {
+        log_error("invalid CTB %02x\n", ctb );
+	return 1;
+    }
+    if ( (ctb & 0x40) ) { /* new CTB */
+	pkttype =  (ctb & 0x3f);
+	if( (c = getc (fp)) == EOF )
+            return -1;
+        header[header_idx++] = c;
+
+	if( c < 192 )
+	    pktlen = c;
+	else if( c < 224 ) {
+	    pktlen = (c - 192) * 256;
+	    if( (c = getc (fp)) == EOF ) 
+                return -1;
+            header[header_idx++] = c;
+	    pktlen += c + 192;
+	}
+	else if( c == 255 ) {
+            if (read_u32 (fp, &pktlen))
+                return -1;
+            header[header_idx++] = pktlen >> 24;
+            header[header_idx++] = pktlen >> 16;
+            header[header_idx++] = pktlen >> 8;
+            header[header_idx++] = pktlen; 
+	}
+	else { /* partial body length */
+	    pktlen = c;
+            partial = 1;
+	}
+    }
+    else {
+        int lenbytes;
+
+	pkttype = (ctb>>2)&0xf;
+	lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
+	if( !lenbytes ) {
+	    pktlen = 0; /* don't know the value */
+	    if( pkttype == PKT_COMPRESSED )
+                partial = 3;
+            else
+		partial = 2; /* the old GnuPG partial length encoding */
+	}
+	else {
+	    for( ; lenbytes; lenbytes-- ) {
+		pktlen <<= 8;
+                if( (c = getc (fp)) == EOF ) 
+                    return -1;
+                header[header_idx++] = c;
+
+		pktlen |= c;
+	    }
+	}
+    }
+
+    return write_part (fname, fp, pktlen, pkttype, partial,
+                       header, header_idx);
+}
+
+
+static void
+split_packets (const char *fname)
+{
+    FILE *fp;
+    int rc;
+
+    if (!fname || !strcmp (fname, "-")) {
+        fp = stdin;
+        fname = "-";
+    }
+    else if ( !(fp = fopen (fname,"rb")) ) {
+        log_error ("can't open `%s': %s\n", fname, strerror (errno));
+        return;
+    }
+
+    while ( !(rc = do_split (fname, fp)) )
+        ;
+    if ( rc > 0 )
+        ; /* error already handled */
+    else if ( ferror (fp) )
+        log_error ("error reading `%s': %s\n", fname, strerror (errno));
+    else
+        log_error ("premature EOF while reading `%s'\n", fname );
+
+    if ( fp != stdin )
+        fclose (fp);
+}
+
diff --git a/tools/lspgpot b/tools/lspgpot
index 585629b5b..8dc9c3047 100755
--- a/tools/lspgpot
+++ b/tools/lspgpot
@@ -1,6 +1,14 @@
 #!/bin/sh
 # lspgpot - script to extract the ownertrust values
 # from PGP keyrings and list them in GnuPG ownertrust format.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 
 ../g10/gpg --dry-run --with-fingerprint --with-colons $* | awk '
 BEGIN { FS=":"
diff --git a/tools/mail-signed-keys b/tools/mail-signed-keys
index 3f9f01831..80fbb3481 100755
--- a/tools/mail-signed-keys
+++ b/tools/mail-signed-keys
@@ -1,19 +1,38 @@
 #!/bin/sh
+# Copyright (C) 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 
-if [ -z "$1" -o -z "$2" ]; then
-   echo "usage: mail-signed-keys keyring signedby" >&2
+# FIXME: Add --dry-run,  use only valid email addreses, extract only given keys
+
+dryrun=0
+if [ "$1" = "--dry-run" ]; then
+   dryrun=1
+   shift
+fi
+
+if [ -z "$1" -o -z "$2" -o -z "$3" ]; then
+   echo "usage: mail-signed-keys keyring signedby signame" >&2
    exit 1
 fi
 
+signame="$3"
+
 if [ ! -f $1 ]; then
     echo "mail-signed-keys: '$1': no such file" >&2
     exit 1
 fi
 
 [ -f '.#tdb.tmp' ] && rm '.#tdb.tmp'
-ro="--trustdb-name=./.#tdb.tmp --dry-run --lock-never --no-default-keyring --keyring $1"
+ro="--homedir . --no-options --trustdb-name=./.#tdb.tmp --dry-run --lock-never --no-default-keyring --keyring $1"
 
-signedby=`gpg $ro --fast-list-mode --list-keys --with-colons $2 \
+signedby=`gpg $ro --list-keys --with-colons $2 \
 	  2>/dev/null | awk -F: '$1=="pub" {print $5; exit 0}'`
 
 if [ -z "$signedby" ]; then
@@ -21,14 +40,16 @@ if [ -z "$signedby" ]; then
     exit 1
 fi
 
-echo "About to send the the keys signed by $signedby" >&2
-echo -n "to their owners.  Do you really want to do this? (y/N)" >&2
-read
-[ "$REPLY" != "y" -a "$REPLY" != "Y" ] && exit 0
-
+if [ "$dryrun" = "0" ]; then
+  echo "About to send the the keys signed by $signedby" >&2
+  echo -n "to their owners.  Do you really want to do this? (y/N)" >&2
+  read
+  [ "$REPLY" != "y" -a "$REPLY" != "Y" ] && exit 0
+fi
 
 gpg $ro --check-sigs --with-colons 2>/dev/null \
-     | awk -F: -v signedby="$signedby" -v gpgopt="$ro" '
+     | awk -F: -v signedby="$signedby" -v gpgopt="$ro" \
+       -v dryrun="$dryrun" -v signame="$signame"  '
 BEGIN	      { sendmail="/usr/lib/sendmail -oi -t " }
 $1 == "pub"   { nextkid=$5; nextuid=$10
 		if( uidcount > 0 ) { myflush() }
@@ -42,34 +63,52 @@ function myflush()
 {
        if ( kid == signedby ) { uidcount=0; return }
        print "sending key " substr(kid,9) " to" | "cat >&2"
-       for(i=0; i < uidcount; i++ ) {
+       for(i=0; i < 1; i++ ) {  
 	   print "    " uids[i] | "cat >&2"
-	   if( i == 0 ) {
-		printf "To: %s", uids[i]   | sendmail
-	   }
-	   else {
-		printf ",\n    %s", uids[i]   | sendmail
-	   }
+           if( dryrun == 0 ) {
+	      if( i == 0 ) {
+		 printf "To: %s", uids[i]   | sendmail
+	      }
+	      else {
+		 printf ",\n    %s", uids[i]   | sendmail
+	      }
+           }
        }
-       printf "\n"                                        | sendmail
-       print "Subject: I signed your key " substr(kid,9)  | sendmail
-       print ""                                           | sendmail
-       print "Hi,"                                        | sendmail
-       print ""                                           | sendmail
-       print "Here you get back the signed key."          | sendmail
-       print ""                                           | sendmail
-       print "ciao,"                                      | sendmail
-       print "     your Key Signator"                     | sendmail
-       print ""                                           | sendmail
-       cmd = "gpg " gpgopt " --export -a " kid " 2>/dev/null"
-       while( (cmd | getline) > 0 ) {
-	   print | sendmail
+       if(dryrun == 0) {  
+         printf "\n"                                        | sendmail
+         print "Subject: I signed your key " substr(kid,9)  | sendmail
+         print ""                                           | sendmail
+         print "Hi,"                                        | sendmail
+         print ""                                           | sendmail
+         print "Here you get back the signed key."          | sendmail
+	 print "Please send it yourself to a keyserver."    | sendmail
+         print ""                                           | sendmail
+         print "Peace,"                                     | sendmail
+         print "      " signame                             | sendmail
+         print ""                                           | sendmail
+         cmd = "gpg " gpgopt " --export -a " kid " 2>/dev/null"
+         while( (cmd | getline) > 0 ) {
+             print | sendmail
+         }
+         print ""                                           | sendmail
+         close(cmd)
+         close( sendmail )
        }
-       print ""                                           | sendmail
-       close(cmd)
-       close( sendmail )
        uidcount=0
 }
 '
 
 
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tools/mk-tdata.c b/tools/mk-tdata.c
index 70358dc47..dcfa859f1 100644
--- a/tools/mk-tdata.c
+++ b/tools/mk-tdata.c
@@ -1,7 +1,13 @@
-/* mk-tdata.c
+/* mk-tdata.c -  Create some simple random testdata
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
- *  Create some simple random testdata
+ * This file is free software; as a special exception the author gives
+ * unlimited permission to copy and/or distribute it, with or without
+ * modifications, as long as this notice is preserved.
  *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  */
 
 #include <config.h>
diff --git a/tools/mpicalc.c b/tools/mpicalc.c
index aedb27ecf..2817c9932 100644
--- a/tools/mpicalc.c
+++ b/tools/mpicalc.c
@@ -1,5 +1,5 @@
 /* mpitest.c - test the mpi functions
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This is an RPN calculator; values must be given in hex.
  * Operation is like dc(1) except that the input/output radix is
@@ -28,9 +28,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <ctype.h>
-#include <gcrypt.h>
 
 #include "util.h"
+#include "mpi.h"
 #include "i18n.h"
 
 #define STACKSIZE  100
@@ -38,8 +38,8 @@ static MPI stack[STACKSIZE];
 static int stackidx;
 
 
-static const char *
-my_strusage( int level )
+const char *
+strusage( int level )
 {
     const char *p;
     switch( level ) {
@@ -56,7 +56,7 @@ my_strusage( int level )
     "\nSyntax: mpicalc [options] [files]\n"
     "MPI RPN calculator\n";
 	break;
-      default:	p = NULL;
+      default:	p = default_strusage(level);
     }
     return p;
 }
@@ -71,35 +71,11 @@ i18n_init(void)
     #else
        setlocale( LC_ALL, "" );
     #endif
-    bindtextdomain( PACKAGE, GNUPG_LOCALEDIR );
+    bindtextdomain( PACKAGE, G10_LOCALEDIR );
     textdomain( PACKAGE );
   #endif
 }
 
-int
-mpi_print( FILE *fp, MPI a, int mode )
-{
-    int n=0;
-
-    if( !a )
-	return fprintf(fp, "[MPI_NULL]");
-    if( !mode ) {
-	unsigned int n1;
-	n1 = gcry_mpi_get_nbits(a);
-	n += fprintf(fp, "[%u bits]", n1);
-    }
-    else {
-	int rc;
-	char *buffer;
-
-	rc = gcry_mpi_aprint( GCRYMPI_FMT_HEX, (void **)&buffer, NULL, a );
-	fputs( buffer, fp );
-	n += strlen(buffer);
-	gcry_free( buffer );
-    }
-    return n;
-}
-
 
 static void
 do_add(void)
@@ -257,7 +233,6 @@ main(int argc, char **argv)
     pargs.argv = &argv;
     pargs.flags = 0;
 
-    set_strusage( my_strusage );
     i18n_init();
     while( arg_parse( &pargs, opts) ) {
 	switch( pargs.r_opt ) {
diff --git a/tools/ring-a-party b/tools/ring-a-party
index 7cf05d78d..1993e2732 100755
--- a/tools/ring-a-party
+++ b/tools/ring-a-party
@@ -1,5 +1,14 @@
 #!/bin/sh
 # ring-a-party	- print a keyring suitable for a key signing party
+# Copyright (C) 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 
 if [ $# -lt 1 ]; then
     echo "usage: ring-a-party keyring [headerline]" >&2
@@ -54,20 +63,20 @@ $1 == "sub" { if( $4 != 17 && $4 != 3 )  signencrypt=1 }
 function myflush()
 {
     # fixme: take lines to print here into account
-    if( lines > 50 || lines == -1 ) {
+    if( lines > 45 || lines == -1 ) {
 	if( lines != -1 ) printf "\f";
 	page++;
 	printf "%s  %-50.50s Page %d\n\n", now, KEYRING, page ;
-	printf "Type Bits KeyID      Created    Expires    Algorithm                 Use\n";
+	printf "    Type Bits KeyID      Created    Expires    Algorithm                 Use\n\n";
 	lines = 1;
     }
-    printf "pub  %04d 0x%s %10s %10s %-10s     %15s\n",
+    printf "[ ] pub  %04d 0x%s %10s %10s %-10s     %15s\n",
 	  nbits, keyid, created, expires == ""? "----------":expires, algostr,
 			signencrypt == 1? "Sign & Encrypt":"Sign only";
     length(fpr) == 40 ? printfpr20( fpr ) : printfpr16( fpr );
     lnes += 2;
     for( i=0; i < uidcount; i++ ) {
-	printf "uid  %s\n", uids[i];
+	printf "( ) uid  %s\n", uids[i];
 	lines++;
     }
     printf "\n\n";
@@ -84,7 +93,7 @@ function mapalgo( no )
 
 function printfpr16( s )
 {
-    printf "f16    Fingerprint16 =";
+    printf "    f16    Fingerprint16 =";
     for(i=0; i < 16; i++ ) {
 	if( i == 8 ) printf " ";
 	printf " %s", substr( s, i*2+1, 2 );
@@ -94,7 +103,7 @@ function printfpr16( s )
 
 function printfpr20( s )
 {
-    printf "f20    Fingerprint20 =";
+    printf "    f20    Fingerprint20 =";
     for(i=0; i < 10; i++ ) {
 	if( i == 5 ) printf " ";
 	printf " %s", substr( s, i*4+1, 4 );
diff --git a/tools/shmtest.c b/tools/shmtest.c
index 956dec6c5..fceade1e1 100644
--- a/tools/shmtest.c
+++ b/tools/shmtest.c
@@ -1,7 +1,16 @@
 /* shmtest.c
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
+ * This file is free software; as a special exception the author gives
+ * unlimited permission to copy and/or distribute it, with or without
+ * modifications, as long as this notice is preserved.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  */
 
+
 #include <config.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -10,12 +19,12 @@
 #include <signal.h>
 #include <unistd.h>
 #ifdef HAVE_SYS_IPC_H
+  #include <sys/types.h>
   #include <sys/ipc.h>
 #endif
 #ifdef HAVE_SYS_SHM_H
   #include <sys/shm.h>
 #endif
-#include <gcrypt.h>
 #include "util.h"
 #include "ttyio.h"
 #include "i18n.h"
@@ -37,6 +46,12 @@ my_usage(void)
     exit(1);
 }
 
+const char *
+strusage( int level )
+{
+    return default_strusage(level);
+}
+
 static void
 i18n_init(void)
 {
@@ -46,7 +61,7 @@ i18n_init(void)
     #else
        setlocale( LC_ALL, "" );
     #endif
-    bindtextdomain( PACKAGE, GNUPG_LOCALEDIR );
+    bindtextdomain( PACKAGE, G10_LOCALEDIR );
     textdomain( PACKAGE );
   #endif
 }
@@ -72,7 +87,7 @@ do_get_string( int mode, const char *keyword, byte *area, size_t areasize )
 	memcpy( area+n+2, p, len );
 	area[n] = len >> 8;
 	area[n+1] = len;
-	gcry_free(p);
+	m_free(p);
     }
     else { /* bool */
 	area[n] = 0;
@@ -107,7 +122,7 @@ main(int argc, char **argv)
 
     for(n=0,i=1; i < argc; i++ )
 	n += strlen(argv[i]) + 1;
-    p = gcry_xmalloc( 100 + n );
+    p = m_alloc( 100 + n );
     strcpy( p, "../g10/gpg --status-fd 1 --run-as-shm-coprocess 0");
     for(i=1; i < argc; i++ ) {
 	strcat(p, " " );
@@ -115,7 +130,7 @@ main(int argc, char **argv)
     }
 
     fp = popen( p, "r" );
-    gcry_free( p );
+    m_free( p );
     if( !fp )
 	log_error("popen failed: %s\n", strerror(errno));
 
diff --git a/util/ChangeLog b/util/ChangeLog
index 20e9bda3e..c01b5e207 100644
--- a/util/ChangeLog
+++ b/util/ChangeLog
@@ -1,129 +1,464 @@
-Mon Sep 18 16:35:45 CEST 2000  Werner Koch  <[email protected]>
+2002-06-21  Stefan Bellon  <[email protected]>
 
-        * strgutil.c (utf8_to_native): Fixed null ptr problem.  By
-        Giampaolo Tomassoni.
+	* riscos.c (riscos_global_defaults): New.
+
+2002-06-20  Stefan Bellon  <[email protected]>
+
+	* riscos.c (riscos_set_filetype_by_number, riscos_set_filetype):
+	New. Set RISC OS filetype according to MIME type.
+
+2002-06-14  David Shaw  <[email protected]>
+
+	* strgutil.c (pop_strlist): New function to pop the head off of a
+	strlist.
+
+2002-06-05  Timo Schulz  <[email protected]>
+
+	* fileutil.c (is_file_compressed): Corrected the magic values
+	for bzip2 and gzip. Noted by David.
+	
+2002-05-22  Werner Koch  <[email protected]>
+
+	* fileutil.c (compare_filenames): Replaced stricmp by strcasecmp.
+	* miscutil.c (answer_is_yes_no_quit,answer_is_yes_no_default): Ditto.
+
+	* strgutil.c (strncasecmp): New.
+	(memicmp): Removed.
+
+2002-05-10  Stefan Bellon  <[email protected]>
+
+	* memory.c (add_entry) [M_DEBUG]: Added some missing EXTRA_ALIGN.
+	(free_entry) [M_DEBUG]: Free secure memory via secmem_free.
+	(alloc_secure): Malloc at least 1 byte.
+	(realloc) [M_GUARD]: Added missing FNAMEARG to function call.
+
+	* logger.c (g10_log_bug0) [__riscos__]: Make use of first
+	g10_log_bug0 function for later Norcroft compiler.
+
+	* riscos.c: Added stdlib.h include.
+
+2002-05-04  Werner Koch  <[email protected]>
+
+	* http.c (write_server) [__MINGW32__]: Replaced WriteFile by send
+	because sockets don't work with WriteFile under NT anymore.
+
+2002-05-03  David Shaw  <[email protected]>
+
+	* argparse.c (optfile_parse): Remove quotes only if they totally
+	enclose the string, and do not occur within the string.  This
+	makes specifying a program under Win32 easier when you need quotes
+	around part of a string, but not around the whole string.
+	
+2002-05-02  Werner Koch  <[email protected]>
+
+	* memory.c (alloc): Malloc at least 1 byte.  Noted by Winona Brown. 
+
+2002-04-23  David Shaw  <[email protected]>
+
+ 	* miscutil.c: New function answer_is_yes_no_default() to give a
+	default answer.
+
+2002-04-22  Stefan Bellon  <[email protected]>
+
+	* riscos.c (riscos_open, riscos_fopen, riscos_fstat, set_filetype):
+	Removed as they're not needed anymore.
+
+	* iobuf.c (direct_open) [__riscos__]: Don't allow opening of
+	directories.
+
+2002-04-08  Werner Koch  <[email protected]>
+
+	Fixed filename of last entry.
+
+2002-03-29  David Shaw  <[email protected]>
+
+	* miscutil.c (print_string, utf8_to_native): If a delimiter is
+	used, then quote the backslash character as well.  Problem noted
+	by Rainer Perske.
+
+2002-03-15  Werner Koch  <[email protected]>
+
+	* argparse.c (optfile_parse): Fixed missing argument handling.
+
+2002-02-28  Timo Schulz  <[email protected]>
+
+	* http.c (write_server): Convert integer to a HANDLE for W32.
+	
+2002-01-27  David Shaw  <[email protected]>
+
+	* iobuf.c (iobuf_fdopen, iobuf_sockopen): Do not cache fdopened
+	fds on close.
+
+2002-01-08  Werner Koch  <[email protected]>
+
+	* secmem.c (print_warn): Print a pointer to the FAQ.
+
+2002-01-05  Werner Koch  <[email protected]>
+
+	* argparse.c (default_strusage): Set default copyright date to 2002.
+
+2002-01-02  Stefan Bellon  <[email protected]>
+
+	* iobuf.c [__riscos__]: Updated include file name.
+
+	* fileutil.c [__riscos__]: Ditto.
+
+	* ttyio.d [__riscos__]: Ditto.
+
+	* riscos.c [__riscos__]: Ditto. Added debugging code and
+	unified error messages.
+
+2001-12-27  David Shaw  <[email protected]>
+
+	* errors.c (g10_errstr): Added G10ERR_KEYSERVER
+
+2001-12-27  Werner Koch  <[email protected]>
+
+	* simple-gettext.c [MINGW32]: Fixed last changed.
+
+2001-12-22  Stefan Bellon  <[email protected]>
+
+	* memory.c (realloc): Fixed realloc not working when M_GUARD is
+	defined and first parameter is NULL.
+
+2001-12-22  Timo Schulz <[email protected]>
+
+        * fileutil.c (is_file_compressed): New.
+
+2001-12-19  Werner Koch  <[email protected]>
+
+	* simple-gettext.c, w32reg.c [CYGWIN32]: Allow to use this file
+
+2001-10-11  Werner Koch  <[email protected]>
+
+	* http.c (do_parse_uri): Changed initialization of the port number
+	so that it does also work with x-hkp.  By David Shaw.
+
+2001-09-19  Werner Koch  <[email protected]>
+
+	* w32reg.c (get_root_key): New.
+	(read_w32_registry_string): Use it here.
+	(write_w32_registry_string): New.  Contributed by Timo.
+
+	* iobuf.c (iobuf_ioctl): New command to disable fd
+	caching. Implemented no_cache flag where needed.
+	(iobuf_sockopen): Always set no_cache flag.
+
+	* strgutil.c (utf8_to_native): Add a delim arg and changed all
+	callers. Make sure that quoting is done when translation is
+	disabled.
+	* miscutil.c (print_utf8_string2): New.
+
+2001-09-17  Werner Koch  <[email protected]>
+
+	* miscutil.c (print_string): Use explicit ranges and not iscntrl().  
+	(make_printable_string): Ditto.
+
+2001-09-07  Werner Koch  <[email protected]>
+
+	* strgutil.c (strsep): New, taken from glibc 2.2.1.
+
+2001-09-03  Werner Koch  <[email protected]>
+
+	* miscutil.c (strtimestamp,asctimestamp): Avoid trigraphs.
+
+2001-08-21  Stefan Bellon  <[email protected]>
+
+	* riscos.c [__riscos__] (close_fds): Fixed possible endless loop.
+
+2001-08-20  Werner Koch  <[email protected]>
+
+	Applied patches from Stefan Bellon <[email protected]> to support
+	RISC OS.  Nearly all of these patches are identified by the
+	__riscos__ macro.
+	* secmem.c [__riscos__]: Disabled secure memory stuff.
+	* dotlock.c, ttyio.c [__riscos__]: Adapted for RISC OS
+	* fileutil.c, iobuf.c: Adapted for RISC OS;  mainly replaced
+	hardcoded path separators with EXTSEP_S like macros. 
+	* http.c (send_request): Use macros for the env-var name.
+	* logger.c [__riscos__]: Do an fflush at the end of each log
+	function. 
+ 	* memory.c [__riscos__]: Minor patches
+	* riscos.c (set_filetype): New.
+
+	* secmem.c (lock_pool): Under HPUX mlock is broken but we might
+	have plock, so we use this to lock the entire process.  By Albert
+	Chin.
+	
+2001-07-03  Werner Koch  <[email protected]>
+
+	* strgutil.c (utf8_to_native): Fixed printing of invalid utf-8
+	characters.  Thomas Roessler reported that the escaping didn't work
+	correct.
+
+2001-06-12  Werner Koch  <[email protected]>
+
+	* strgutil.c (ascii_memistr,ascii_isupper,ascii_islower,
+	ascii_toupper,ascii_tolower, ascii_strcasecmp, ascii_memcasecmp): New.
+	(set_native_charset): Use ascii_strcasecmp()
+	* fileutil.c (compare_filenames): Ditto
+	* miscutil.c (answer_is_yes): Ditto.
+	(answer_is_yes_no_quit): Ditto.
+
+2001-06-06  Werner Koch  <[email protected]>
+
+	* strgutil.c (vasprintf) [__MINGW32__]: New. Taken from libiberty.
+	* ttyio.c (tty_printf) [__MINGW32__]:  Replaced the sprintf with
+	the new vasprintf. 
+
+2001-06-05  Werner Koch  <[email protected]>
+
+	* dotlock.c (make_dotlock): Typo fixes. 
+
+2001-05-25  Werner Koch  <[email protected]>
+
+	* ttyio.c (do_get): Fixed a serious format string bug.  Thanks to
+	fish stiqz.
+
+2001-05-23  Werner Koch  <[email protected]>
+
+	* secmem.c (EPERM): Try to work around a Slackware problem.
+
+2001-05-05  Werner Koch  <[email protected]>
+
+	* http.c (http_start_data): Flush before writing.
+	(http_wait_response): No need to flush here.
+
+2001-04-27  Werner Koch  <[email protected]>
+
+	* memory.c (out_of_core): Print an explanation on reasons why
+	secret memory can get exhausted.
+
+2001-04-23  Werner Koch  <[email protected]>
+
+	* http.c (http_wait_response): Implement new flag to inhibit the
+	TCP shutdown.
+
+2001-04-20  Werner Koch  <[email protected]>
+
+	* http.c (http_start_data): Use write_server and not the iobuf
+	stuff.  I wonder why we are at all using write_server - shouldn't
+	it be handled by iobuf?
+
+	* strgutil.c (set_native_charset): Allow utf-8 by introducing the
+	new no_translation variable.
+	(native_to_utf8): Handle no_translation.
+	(utf8_to_native): Ditto.
+
+2001-04-19  Werner Koch  <[email protected]>
+
+	* miscutil.c (asctimestamp): Handle negative times.  We must do
+	this because Windoze segvs on negative times passed to gmtime().
+	(strtimestamp): Ditto.
+
+2001-04-14  Werner Koch  <[email protected]>
+
+	* strgutil.c (utf8_to_native): Fixed a segv.  Thanks to Keith Clayton.
+
+2001-04-13  Werner Koch  <[email protected]>
+
+	* iobuf.c (iobuf_fopen): Removed because it is not used and
+	furthermore mode is ignored for an fname of "-".  Suggested by
+	Florian Weimer.
+
+2001-04-02  Werner Koch  <[email protected]>
+
+	* iobuf.c (translate_file_handle): New. Use this function
+	everywhere in this file.
+	(iobuf_translate_file_handle): Always use the osfhandle stuff here
+	because callers don't know the implementation details of iobuf and
+	they expect that the handles are translated. 
+
+2001-03-29  Werner Koch  <[email protected]>
+
+	* miscutil.c (answer_is_yes): An empty string does now return no.
+	(answer_is_yes_no_quit): Likewise.
+
+	* iobuf.c (iobuf_close): Burn the buffers.
+
+2001-03-26  Werner Koch  <[email protected]>
+
+	* ttyio.c: Define TERMDEVICE depending on OS.
+
+	* http.c (http_start_data): send a CRLF and not just a LF.
+	Pointed out by Steven Murdoch.
+
+2001-03-13  Werner Koch  <[email protected]>
+
+	* iobuf.c (iobuf_sockopen): New.
+	(sock_filter) [__MINGW32__]: New.
+	(iobuf_ioctl): New.
+	(file_filter): Implemented keep_open mode.
+	* http.c (http_open, http_wait_response): Replaced iobuf_fdopen by
+	iobuf_sockopen and use an iobuf_ioctl to avoid the dup().
+	(deinit_sockets, init_sockets) [__MINGW32__]: New.
+	(connect_server, write_server): Add code to work with W32 sockets.
+
+2001-03-12  Werner Koch  <[email protected]>
+
+	* strgutil.c (check_trailing_chars,check_trailing_ws): New.
+
+2001-03-08  Werner Koch  <[email protected]>
+
+	* argparse.c (default_strusage): Changed year of printed copyright
+	to 2001.
+
+	* iobuf.c (fd_cache_invalidate, fd_cache_close, fd_cache_open): New. 
+	(direct_open): Invalidate the fd_cache for read access.
+	(file_filter): Cache the close here.
+	(iobuf_open): Use new my_fopen_ro macro to try the cache first.
+
+2001-03-07  Werner Koch  <[email protected]>
+
+	* iobuf.c: Made the old stdio file handling cpp conditional
+	controlled by FILE_FILTER_USES_STDIO and added a new
+	open/read/close based one.  We don't need the stdio buffering
+	becuase we are doing our own buffering anyway.  And it is a
+	prerequesite to allow the use of ReadFile et al for W32 which in
+	turn is needed to make the http stuff work there. The new W32
+	stuff has also been implemented. Minor changes to all open functions.
+	(direct_open): New.
+	(file_filter): Core of the new read/write handling.
+	(iobuf_get_filelength): Use W32 API function here. But it is
+	currently limited to 2GB files.
+	(iobuf_seek): Ditto.
+
+2001-03-01  Werner Koch  <[email protected]>
+
+	* errors.c (g10_errstr): New codes UNU_SECKEY and UNU_PUBKEY.
+
+2000-12-28  Werner Koch  <[email protected]>
+
+	* dotlock.c: Made all_lockfiles volatile.
+	(remove_lockfiles): Made public.
+
+2000-11-30  Werner Koch  <[email protected]>
+
+	* iobuf.c (iobuf_translate_file_handle): New.
+	(iobuf_open, iobuf_create): Use it for special filenames
+
+2000-11-11  Paul Eggert  <[email protected]>
+
+        * iobuf.c (iobuf_get_filelength): Now returns off_t, not u32.
+        Remove kludges to worry about large files; the callers check
+        for files that are too large, and they should already be doing
+        the right thing in an implementation-independent way.
+        (fopen, fstat): Remove macros.
+
+        * iobuf.c (iobuf_set_limit, iobuf_tell, iobuf_seek): 
+        Use off_t, not ulong, for file offsets.
+        (<limits.h>): Include if needed.
+        (LONG_MAX, LONG_MIN): Define a substitute if needed.
+        (fseeko): Define a substitute if needed.
+
+        * iobuf.c (iobuf_seek):  Do not use %lu to report file
+
+2000-11-09  Werner Koch  <[email protected]>
+
+	* iobuf.c (iobuf_enable_special_filenames): New.
+	(check_special_filename): New.
+	(iobuf_open): check for special filenames.
+	(iobuf_create): Ditto.
+
+2000-10-23  Werner Koch  <[email protected]>
+
+	* secmem.c (lock_pool): Don't print warning for Windows.
+
+2000-10-16  Werner Koch  <[email protected]>
+
+	* secmem.c (lock_pool): Fixed error checking for Linux.
+	By James Troup.
+
+Thu Sep 14 14:20:38 CEST 2000  Werner Koch  <[email protected]>
+
+        * miscutil.c (answer_is_yes_no_quit): Swapped order of yes/no test
+        so that no is returned for an empty input. By David Champion.
+
+Wed Sep  6 17:55:47 CEST 2000  Werner Koch  <[email protected]>
 
         * iobuf.c: Use fopen64 insead of fopen when available.
         (iobuf_get_filelength): Use fstat64 when available but return
         2^32-1 if the file is larger than this value.
 
-        * miscutil.c (answer_is_yes_no_quit): Swapped order of yes/no test
-        so that no is returned for an empty input. By David Champion.
+Wed Sep  6 14:59:09 CEST 2000  Werner Koch  <[email protected]>
 
-Fri Aug 18 14:27:14 CEST 2000  Werner Koch  <[email protected]>
+        * secmem.c (secmem_realloc): check for failed secmem_malloc.  By
+        Matt Kraai.
 
-        * logger.c (log_set_file): Allow to set the file by name.
+        * strgutil.c (utf8_to_native): Fixed null ptr problem.  By
+        Giampaolo Tomassoni.
 
-Fri Jul 28 18:19:11 CEST 2000  Werner Koch  <[email protected]>
+Thu Jul 27 10:02:38 CEST 2000  Werner Koch  <[email protected]>
 
   * iobuf.c: Use setmode() at several places to set stdin and stdout
   to binary mode for MSDOS based systems
 
   * iobuf.c (underflow): Initialize dummy_len to keep memory checker happy.
 
-Fri Jul 14 19:38:23 CEST 2000  Werner Koch  <wk@>
-
-  * iobuf.c (iobuf_cancel): Broadcast the new Cancel message to all
-  filters.  Fix for MSDOS.
-
-  * miscutil.c (asctimestamp): Fix for possible buffer overflow by
-  a large system returned date format string.
-
-  * logger.c (log_inc_errorcount): New.
+Fri Jun  9 10:09:52 CEST 2000  Werner Koch  <[email protected]>
 
-  * w32reg.c: New.
+  * ttyio.c: Simulate termios with termios.  By Dave Dykstra.
 
-  * simple-gettext.c: Use the Registry to locate the mo file.
+Thu Jun  8 20:22:00 CEST 2000  Werner Koch  <[email protected]>
 
-  * http.c (send_request): Add support for proxys; suggested by
-  Walter Hofmann.
-  (http_open_document): Pass flags to http_open.
+  * secmem.c (lock_pool,secmem_init): Additional check for dropped privs.
 
-  * ttyio.c (do_get): Replaced #if __MINGW32__ by #ifdef because
-  gcc 2.95.1 assigns a floating point value (0.2) to this macro,
-  which in turn can't be used in an expression.
-  * ttyio.c: Simulate termios with termios.  By Dave Dykstra.
-  * ttyio.c (tty_print_utf8_string): Oops.
-  * ttyio.c (tty_print_utf8_string2): New to allow a max output size.
+Tue May 30 16:37:55 CEST 2000  Werner Koch  <[email protected]>
 
-Thu Jan 27 18:00:44 CET 2000  Werner Koch  <[email protected]>
+  * iobuf.c (iobuf_cancel): Fix for MSDOS.
 
-	* Changed all "g10_"/"GPG_" prefixes to "gpg_"/"GPG_".
+Fri Apr 14 19:37:08 CEST 2000  Werner Koch  <[email protected]>
 
-Mon Jan 24 13:04:28 CET 2000  Werner Koch  <[email protected]>
+	* dotlock.c (disable_dotlock): New.  Implmented this in the module.
 
-	* memory.c: Removed
-	* secmem.c: Moved to ../gcrypt.
-	* argparse.c argparse.h logging.c logging.h
-	  mischelp.h stringhelp.c stringhelp.h xmalloc.c
-	  xmalloc.h dotlock.c: Moved to ../jnlib
-	* libutil-config.h: Removed.
+2000-03-09 14:04:22  Werner Koch  ([email protected])
 
-	* logging.c (log_set_file): New.
-	(log_printf): New.
-	(do_logv): Add kludge to insert LFs.
+	* argparse.c (default_strusage): Changed year of default copyright.
 
-	* Replaced all m_ memory fucntions by gcry_ ones.
-	* README: New.
+Tue Mar  7 18:45:31 CET 2000  Werner Koch  <[email protected]>
 
-Fri Dec 31 12:48:31 CET 1999  Werner Koch  <[email protected]>
+	* secmem.c (lock_pool): No more warning for QNX. By Sam Roberts.
 
-	* memory.c (m_is_secure): New.
+2000-03-02 15:51:04  Werner Koch  ([email protected])
 
-	* stringhelp.c (trim_trailing_spaces): New.
+	* ttyio.c (tty_print_utf8_string): Oops.
 
-Wed Dec  8 21:58:32 CET 1999  Werner Koch  <[email protected]>
+Thu Mar  2 15:37:46 CET 2000  Werner Koch  <[email protected]>
 
-	* strgutil.c (strcasecmp): New.
+	* ttyio.c (tty_print_utf8_string2): New to allow a max output size.
 
-	* argparse.h: New.
-	* libutil.h: New.
-	* argparse.c: Use these new files.
-	(optfile_parse): s/m_alloc/libutil_xalloc/
+Wed Feb 23 10:07:57 CET 2000  Werner Koch  <[email protected]>
 
-	* strgutil.c: Moved a lot of function to ...
-	* stringhelp.c: ... this new file
-	* stringhelp.h: ... and the definitions to here
+	* miscutil.c (asctimestamp): Fix for possible buffer overflow by
+	large system returned date format string.
 
-	* mischelp.h: New.
+Fri Dec 31 14:08:15 CET 1999  Werner Koch  <[email protected]>
 
-	* logging.h: New, but not yet used in GnuPG.
-	* logging.c: Ditto.
+	* logger.c (log_inc_errorcount): New.
 
-Fri Nov 19 17:15:20 CET 1999  Werner Koch  <[email protected]>
+Sat Dec  4 12:30:28 CET 1999  Werner Koch  <[email protected]>
 
-	* argparse.c (default_strusage): Renamed to strusage. Fall back
-	to the old behaviour if no sepcial strhandler has been set.
+	* iobuf.c (iobuf_cancel): Broadcast the new Cancel mesaage to all
+	filters.
 
-	* memory.c (g10_private_check_heap): New.
+Mon Nov 22 11:14:53 CET 1999  Werner Koch  <[email protected]>
 
-	* secmem.c (m_is_secure): Renamed to ...
-	(g10_private_is_secure): ... this.
-	* memory.c (g10_private_malloc): New. Takes core functionalty of ...
-	(m_alloc): ... and calls it.
-	(g10_private_malloc_secure): New. Takes core functionalty of ...
-	(m_alloc_secure): ... and calls it.
-	(g10_private_realloc): New. Takes core functionalty of ...
-	(m_realloc): ... and this one calls it.
-	(g10_private_free): Wraps around m_free().
+	* strgutil.c (strcasecmp): New.
 
-	* argparse.c (g10_set_strusage): New.
-	(default_strusage): renamed to ...
-	(g10_default_strusage): .. this.
+	* secmem.c (pool_is_mmapped): Made volatile.
 
-Sat Nov 13 17:44:23 CET 1999  Werner Koch  <[email protected]>
+Sat Oct  9 20:34:41 CEST 1999  Werner Koch  <[email protected]>
 
-	* g10u.c: Removed.
+	* Makefile.am:	Removed libtool.
 
-	* errors.c (g10_errstr): Use gcry_strerror as fallback
+Fri Oct  8 20:32:01 CEST 1999  Werner Koch  <[email protected]>
 
-Tue Oct 26 14:10:21 CEST 1999  Werner Koch  <[email protected]>
+	* w32reg.c: New.
+	* simple-gettext.c: Use the Registry to locate the mo file.
 
-	* simple-gettext.c (set_gettext_file): Check charset and do
-	mapping only for IBM850.
-	* strgutil.c (query_native_charset): New.
-	(get_native_charset): Try to get it from the system on the first call.
-	(ibm850_unicode): New table.
+	* http.c (send_request): Add support for proxys; suggested by
+	Walter Hofmann.
+	(http_open_document): Pass flags to http_open.
 
 Fri Sep 17 12:56:42 CEST 1999  Werner Koch  <[email protected]>
 
@@ -208,7 +543,7 @@ Sat Jun 26 12:15:59 CEST 1999  Werner Koch  <[email protected]>
 Fri Jun 18 00:18:02 CEST 1999 Michael Roth <[email protected]>
 
 	* iobuf.c: file_filter() Detection of EOF on terminals
-          improved/fixed (see Bug #21).
+	  improved/fixed (see Bug #21).
 
 Mon Jun 14 21:18:54 CEST 1999 Michael Roth <[email protected]>
 
@@ -581,3 +916,15 @@ Fri Feb 13 15:14:13 1998  Werner Koch  ([email protected])
 	* argparse.c (show_help): New '\v' kludge.
 
 
+
+ Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
diff --git a/util/Makefile.am b/util/Makefile.am
index 28d0c8cb3..a8d40da2d 100644
--- a/util/Makefile.am
+++ b/util/Makefile.am
@@ -1,13 +1,32 @@
+# Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+
 ## Process this file with automake to produce Makefile.in
 
-INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl
-EXTRA_DIST = README
+INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
 
 noinst_LIBRARIES = libutil.a
 
-libutil_a_SOURCES = logger.c fileutil.c miscutil.c strgutil.c	\
-		     ttyio.c  errors.c iobuf.c \
-		     http.c simple-gettext.c w32reg.c
+
+#libutil_a_LDFLAGS =
+libutil_a_SOURCES = g10u.c logger.c fileutil.c miscutil.c strgutil.c  \
+		     ttyio.c  argparse.c memory.c secmem.c errors.c iobuf.c \
+		     dotlock.c http.c simple-gettext.c w32reg.c
 
 
 http-test:  http.c
@@ -16,5 +35,3 @@ http-test:  http.c
 
 
 
-
-
diff --git a/util/README b/util/README
deleted file mode 100644
index 168c58a7c..000000000
--- a/util/README
+++ /dev/null
@@ -1,7 +0,0 @@
-Here you find supporting code for GnuPG and the tools.  It needs some
-support from libgcrypt.
-
-util is not a good name, so at some time we should rename the whole source
-tree.  However this is not easy for CVS and diff reasons.
-
-
diff --git a/util/argparse.c b/util/argparse.c
new file mode 100644
index 000000000..c3cc3d709
--- /dev/null
+++ b/util/argparse.c
@@ -0,0 +1,1000 @@
+/* [argparse.c wk 17.06.97] Argument Parser for option handling
+ *  Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ *
+ *  This file is part of GnuPG.
+ *
+ *  GnuPG is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  GnuPG is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ *
+ *
+ * Note: This is an independent version of the one in WkLib
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <string.h>
+
+#include "util.h"
+#include "i18n.h"
+
+
+/*********************************
+ * @Summary arg_parse
+ *  #include <wk/lib.h>
+ *
+ *  typedef struct {
+ *	char *argc;		  pointer to argc (value subject to change)
+ *	char ***argv;		  pointer to argv (value subject to change)
+ *	unsigned flags; 	  Global flags (DO NOT CHANGE)
+ *	int err;		  print error about last option
+ *				  1 = warning, 2 = abort
+ *	int r_opt;		  return option
+ *	int r_type;		  type of return value (0 = no argument found)
+ *	union {
+ *	    int   ret_int;
+ *	    long  ret_long
+ *	    ulong ret_ulong;
+ *	    char *ret_str;
+ *	} r;			  Return values
+ *	struct {
+ *	    int idx;
+ *	    const char *last;
+ *	    void *aliases;
+ *	} internal;		  DO NOT CHANGE
+ *  } ARGPARSE_ARGS;
+ *
+ *  typedef struct {
+ *	int	    short_opt;
+ *	const char *long_opt;
+ *	unsigned flags;
+ *  } ARGPARSE_OPTS;
+ *
+ *  int arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts );
+ *
+ * @Description
+ *  This is my replacement for getopt(). See the example for a typical usage.
+ *  Global flags are:
+ *     Bit 0 : Do not remove options form argv
+ *     Bit 1 : Do not stop at last option but return other args
+ *	       with r_opt set to -1.
+ *     Bit 2 : Assume options and real args are mixed.
+ *     Bit 3 : Do not use -- to stop option processing.
+ *     Bit 4 : Do not skip the first arg.
+ *     Bit 5 : allow usage of long option with only one dash
+ *     Bit 6 : ignore --version and --help
+ *     all other bits must be set to zero, this value is modified by the
+ *     function, so assume this is write only.
+ *  Local flags (for each option):
+ *     Bit 2-0 : 0 = does not take an argument
+ *		 1 = takes int argument
+ *		 2 = takes string argument
+ *		 3 = takes long argument
+ *		 4 = takes ulong argument
+ *     Bit 3 : argument is optional (r_type will the be set to 0)
+ *     Bit 4 : allow 0x etc. prefixed values.
+ *     Bit 7 : this is a command and not an option
+ *  You stop the option processing by setting opts to NULL, the function will
+ *  then return 0.
+ * @Return Value
+ *   Returns the args.r_opt or 0 if ready
+ *   r_opt may be -2/-7 to indicate an unknown option/command.
+ * @See Also
+ *   ArgExpand
+ * @Notes
+ *  You do not need to process the options 'h', '--help' or '--version'
+ *  because this function includes standard help processing; but if you
+ *  specify '-h', '--help' or '--version' you have to do it yourself.
+ *  The option '--' stops argument processing; if bit 1 is set the function
+ *  continues to return normal arguments.
+ *  To process float args or unsigned args you must use a string args and do
+ *  the conversion yourself.
+ * @Example
+ *
+ *     ARGPARSE_OPTS opts[] = {
+ *     { 'v', "verbose",   0 },
+ *     { 'd', "debug",     0 },
+ *     { 'o', "output",    2 },
+ *     { 'c', "cross-ref", 2|8 },
+ *     { 'm', "my-option", 1|8 },
+ *     { 500, "have-no-short-option-for-this-long-option", 0 },
+ *     {0} };
+ *     ARGPARSE_ARGS pargs = { &argc, &argv, 0 }
+ *
+ *     while( ArgParse( &pargs, &opts) ) {
+ *	   switch( pargs.r_opt ) {
+ *	     case 'v': opt.verbose++; break;
+ *	     case 'd': opt.debug++; break;
+ *	     case 'o': opt.outfile = pargs.r.ret_str; break;
+ *	     case 'c': opt.crf = pargs.r_type? pargs.r.ret_str:"a.crf"; break;
+ *	     case 'm': opt.myopt = pargs.r_type? pargs.r.ret_int : 1; break;
+ *	     case 500: opt.a_long_one++;  break
+ *	     default : pargs.err = 1; break; -- force warning output --
+ *	   }
+ *     }
+ *     if( argc > 1 )
+ *	   log_fatal( "Too many args");
+ *
+ */
+
+typedef struct alias_def_s *ALIAS_DEF;
+struct alias_def_s {
+    ALIAS_DEF next;
+    char *name;   /* malloced buffer with name, \0, value */
+    const char *value; /* ptr into name */
+};
+
+static int  set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s);
+static void show_help(ARGPARSE_OPTS *opts, unsigned flags);
+static void show_version(void);
+
+static void
+initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno )
+{
+    if( !(arg->flags & (1<<15)) ) { /* initialize this instance */
+	arg->internal.idx = 0;
+	arg->internal.last = NULL;
+	arg->internal.inarg = 0;
+	arg->internal.stopped = 0;
+	arg->internal.aliases = NULL;
+	arg->internal.cur_alias = NULL;
+	arg->err = 0;
+	arg->flags |= 1<<15; /* mark initialized */
+	if( *arg->argc < 0 )
+	    log_bug("Invalid argument for ArgParse\n");
+    }
+
+
+    if( arg->err ) { /* last option was erroneous */
+	const char *s;
+
+	if( filename ) {
+	    if( arg->r_opt == -6 )
+		s = "%s:%u: argument not expected\n";
+	    else if( arg->r_opt == -5 )
+		s = "%s:%u: read error\n";
+	    else if( arg->r_opt == -4 )
+		s = "%s:%u: keyword too long\n";
+	    else if( arg->r_opt == -3 )
+		s = "%s:%u: missing argument\n";
+	    else if( arg->r_opt == -7 )
+		s = "%s:%u: invalid command\n";
+	    else if( arg->r_opt == -10 )
+		s = "%s:%u: invalid alias definition\n";
+	    else
+		s = "%s:%u: invalid option\n";
+	    log_error(s, filename, *lineno );
+	}
+	else {
+	    if( arg->r_opt == -3 )
+		s = "Missing argument for option \"%.50s\"\n";
+	    else if( arg->r_opt == -6 )
+		s = "Option \"%.50s\" does not expect an argument\n";
+	    else if( arg->r_opt == -7 )
+		s = "Invalid command \"%.50s\"\n";
+	    else if( arg->r_opt == -8 )
+		s = "Option \"%.50s\" is ambiguous\n";
+	    else if( arg->r_opt == -9 )
+		s = "Command \"%.50s\" is ambiguous\n";
+	    else
+		s = "Invalid option \"%.50s\"\n";
+	    log_error(s, arg->internal.last? arg->internal.last:"[??]" );
+	}
+	if( arg->err != 1 )
+	    exit(2);
+	arg->err = 0;
+    }
+
+    /* clearout the return value union */
+    arg->r.ret_str = NULL;
+    arg->r.ret_long= 0;
+}
+
+
+static void
+store_alias( ARGPARSE_ARGS *arg, char *name, char *value )
+{
+    /* TODO: replace this dummy function with a rea one
+     * and fix the probelms IRIX has with (ALIAS_DEV)arg..
+     * used as lvalue
+     */
+#if 0
+    ALIAS_DEF a = m_alloc( sizeof *a );
+    a->name = name;
+    a->value = value;
+    a->next = (ALIAS_DEF)arg->internal.aliases;
+    (ALIAS_DEF)arg->internal.aliases = a;
+#endif
+}
+
+/****************
+ * Get options from a file.
+ * Lines starting with '#' are comment lines.
+ * Syntax is simply a keyword and the argument.
+ * Valid keywords are all keywords from the long_opt list without
+ * the leading dashes. The special keywords "help", "warranty" and "version"
+ * are not valid here.
+ * The special keyword "alias" may be used to store alias definitions,
+ * which are later expanded like long options.
+ * Caller must free returned strings.
+ * If called with FP set to NULL command line args are parse instead.
+ *
+ * Q: Should we allow the syntax
+ *     keyword = value
+ *    and accept for boolean options a value of 1/0, yes/no or true/false?
+ * Note: Abbreviation of options is here not allowed.
+ */
+int
+optfile_parse( FILE *fp, const char *filename, unsigned *lineno,
+	       ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
+{
+    int state, i, c;
+    int idx=0;
+    char keyword[100];
+    char *buffer = NULL;
+    size_t buflen = 0;
+    int inverse=0;
+    int in_alias=0;
+
+    if( !fp ) /* same as arg_parse() in this case */
+	return arg_parse( arg, opts );
+
+    initialize( arg, filename, lineno );
+
+    /* find the next keyword */
+    state = i = 0;
+    for(;;) {
+	c=getc(fp);
+	if( c == '\n' || c== EOF ) {
+	    if( c != EOF )
+		++*lineno;
+	    if( state == -1 )
+		break;
+	    else if( state == 2 ) {
+		keyword[i] = 0;
+		for(i=0; opts[i].short_opt; i++ )
+		    if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) )
+			break;
+		idx = i;
+		arg->r_opt = opts[idx].short_opt;
+		if( inverse ) /* this does not have an effect, hmmm */
+		    arg->r_opt = -arg->r_opt;
+		if( !opts[idx].short_opt )   /* unknown command/option */
+		    arg->r_opt = (opts[idx].flags & 256)? -7:-2;
+		else if( !(opts[idx].flags & 7) ) /* does not take an arg */
+		    arg->r_type = 0;	       /* okay */
+		else if( (opts[idx].flags & 8) )  /* argument is optional */
+                    arg->r_type = 0;	       /* okay */
+		else			       /* required argument */
+		    arg->r_opt = -3;	       /* error */
+		break;
+	    }
+	    else if( state == 3 ) {	       /* no argument found */
+		if( in_alias )
+		    arg->r_opt = -3;	       /* error */
+		else if( !(opts[idx].flags & 7) ) /* does not take an arg */
+		    arg->r_type = 0;	       /* okay */
+		else if( (opts[idx].flags & 8) )  /* no optional argument */
+		    arg->r_type = 0;	       /* okay */
+		else			       /* no required argument */
+		    arg->r_opt = -3;	       /* error */
+		break;
+	    }
+	    else if( state == 4 ) {	/* have an argument */
+		if( in_alias ) {
+		    if( !buffer )
+			arg->r_opt = -6;
+		    else {
+			char *p;
+
+			buffer[i] = 0;
+			p = strpbrk( buffer, " \t" );
+			if( p ) {
+			    *p++ = 0;
+			    trim_spaces( p );
+			}
+			if( !p || !*p ) {
+			    m_free( buffer );
+			    arg->r_opt = -10;
+			}
+			else {
+			    store_alias( arg, buffer, p );
+			}
+		    }
+		}
+		else if( !(opts[idx].flags & 7) )  /* does not take an arg */
+		    arg->r_opt = -6;	    /* error */
+		else {
+		    char *p;
+		    if( !buffer ) {
+			keyword[i] = 0;
+			buffer = m_strdup(keyword);
+		    }
+		    else
+			buffer[i] = 0;
+
+		    trim_spaces( buffer );
+		    p = buffer;
+		    /* remove quotes if they totally enclose the
+                       string, and do not occur within the string */
+		    if( *p == '"' && p[strlen(p)-1]=='"') {
+		        char *i=p;
+
+			while(*(++i))
+			  if(*i=='"')
+			    break;
+
+			if(*i=='"' && *(i+1)=='\0') {
+			  p[strlen(p)-1] = 0;
+			  p++;
+			}
+		    }
+		    if( !set_opt_arg(arg, opts[idx].flags, p) )
+			m_free(buffer);
+		}
+		break;
+	    }
+	    else if( c == EOF ) {
+		if( ferror(fp) )
+		    arg->r_opt = -5;   /* read error */
+		else
+		    arg->r_opt = 0;    /* eof */
+		break;
+	    }
+	    state = 0;
+	    i = 0;
+	}
+	else if( state == -1 )
+	    ; /* skip */
+	else if( !state && isspace(c) )
+	    ; /* skip leading white space */
+	else if( !state && c == '#' )
+	    state = 1;	/* start of a comment */
+	else if( state == 1 )
+	    ; /* skip comments */
+	else if( state == 2 && isspace(c) ) {
+	    keyword[i] = 0;
+	    for(i=0; opts[i].short_opt; i++ )
+		if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) )
+		    break;
+	    idx = i;
+	    arg->r_opt = opts[idx].short_opt;
+	    if( !opts[idx].short_opt ) {
+		if( !strcmp( keyword, "alias" ) ) {
+		    in_alias = 1;
+		    state = 3;
+		}
+		else {
+		    arg->r_opt = (opts[idx].flags & 256)? -7:-2;
+		    state = -1;        /* skip rest of line and leave */
+		}
+	    }
+	    else
+		state = 3;
+	}
+	else if( state == 3 ) { /* skip leading spaces of the argument */
+	    if( !isspace(c) ) {
+		i = 0;
+		keyword[i++] = c;
+		state = 4;
+	    }
+	}
+	else if( state == 4 ) { /* collect the argument */
+	    if( buffer ) {
+		if( i < buflen-1 )
+		    buffer[i++] = c;
+		else {
+		    buflen += 50;
+		    buffer = m_realloc(buffer, buflen);
+		    buffer[i++] = c;
+		}
+	    }
+	    else if( i < DIM(keyword)-1 )
+		keyword[i++] = c;
+	    else {
+		buflen = DIM(keyword)+50;
+		buffer = m_alloc(buflen);
+		memcpy(buffer, keyword, i);
+		buffer[i++] = c;
+	    }
+	}
+	else if( i >= DIM(keyword)-1 ) {
+	    arg->r_opt = -4;   /* keyword to long */
+	    state = -1;        /* skip rest of line and leave */
+	}
+	else {
+	    keyword[i++] = c;
+	    state = 2;
+	}
+    }
+
+    return arg->r_opt;
+}
+
+
+
+static int
+find_long_option( ARGPARSE_ARGS *arg,
+		  ARGPARSE_OPTS *opts, const char *keyword )
+{
+    int i;
+    size_t n;
+
+    /* Would be better if we can do a binary search, but it is not
+       possible to reorder our option table because we would mess
+       up our help strings - What we can do is: Build a nice option
+       lookup table wehn this function is first invoked */
+    if( !*keyword )
+	return -1;
+    for(i=0; opts[i].short_opt; i++ )
+	if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) )
+	    return i;
+  #if 0
+    {
+	ALIAS_DEF a;
+	/* see whether it is an alias */
+	for( a = args->internal.aliases; a; a = a->next ) {
+	    if( !strcmp( a->name, keyword) ) {
+		/* todo: must parse the alias here */
+		args->internal.cur_alias = a;
+		return -3; /* alias available */
+	    }
+	}
+    }
+  #endif
+    /* not found, see whether it is an abbreviation */
+    /* aliases may not be abbreviated */
+    n = strlen( keyword );
+    for(i=0; opts[i].short_opt; i++ ) {
+	if( opts[i].long_opt && !strncmp( opts[i].long_opt, keyword, n ) ) {
+	    int j;
+	    for(j=i+1; opts[j].short_opt; j++ ) {
+		if( opts[j].long_opt
+		    && !strncmp( opts[j].long_opt, keyword, n ) )
+		    return -2;	/* abbreviation is ambiguous */
+	    }
+	    return i;
+	}
+    }
+    return -1;
+}
+
+int
+arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
+{
+    int idx;
+    int argc;
+    char **argv;
+    char *s, *s2;
+    int i;
+
+    initialize( arg, NULL, NULL );
+    argc = *arg->argc;
+    argv = *arg->argv;
+    idx = arg->internal.idx;
+
+    if( !idx && argc && !(arg->flags & (1<<4)) ) { /* skip the first entry */
+	argc--; argv++; idx++;
+    }
+
+  next_one:
+    if( !argc ) { /* no more args */
+	arg->r_opt = 0;
+	goto leave; /* ready */
+    }
+
+    s = *argv;
+    arg->internal.last = s;
+
+    if( arg->internal.stopped && (arg->flags & (1<<1)) ) {
+	arg->r_opt = -1;  /* not an option but a argument */
+	arg->r_type = 2;
+	arg->r.ret_str = s;
+	argc--; argv++; idx++; /* set to next one */
+    }
+    else if( arg->internal.stopped ) { /* ready */
+	arg->r_opt = 0;
+	goto leave;
+    }
+    else if( *s == '-' && s[1] == '-' ) { /* long option */
+	char *argpos;
+
+	arg->internal.inarg = 0;
+	if( !s[2] && !(arg->flags & (1<<3)) ) { /* stop option processing */
+	    arg->internal.stopped = 1;
+	    argc--; argv++; idx++;
+	    goto next_one;
+	}
+
+	argpos = strchr( s+2, '=' );
+	if( argpos )
+	    *argpos = 0;
+	i = find_long_option( arg, opts, s+2 );
+	if( argpos )
+	    *argpos = '=';
+
+	if( i < 0 && !strcmp( "help", s+2) ) {
+	    if( !(arg->flags & (1<<6)) ) {
+		show_help(opts, arg->flags);
+	    }
+	}
+	else if( i < 0 && !strcmp( "version", s+2) ) {
+	    if( !(arg->flags & (1<<6)) ) {
+		show_version();
+		exit(0);
+	    }
+	}
+	else if( i < 0 && !strcmp( "warranty", s+2) ) {
+	    puts( strusage(16) );
+	    exit(0);
+	}
+	else if( i < 0 && !strcmp( "dump-options", s+2) ) {
+	    for(i=0; opts[i].short_opt; i++ ) {
+		if( opts[i].long_opt )
+		    printf( "--%s\n", opts[i].long_opt );
+	    }
+	    fputs("--dump-options\n--help\n--version\n--warranty\n", stdout );
+	    exit(0);
+	}
+
+	if( i == -2 ) /* ambiguous option */
+	    arg->r_opt = -8;
+	else if( i == -1 ) {
+	    arg->r_opt = -2;
+	    arg->r.ret_str = s+2;
+	}
+	else
+	    arg->r_opt = opts[i].short_opt;
+	if( i < 0 )
+	    ;
+	else if( (opts[i].flags & 7) ) {
+	    if( argpos ) {
+		s2 = argpos+1;
+		if( !*s2 )
+		    s2 = NULL;
+	    }
+	    else
+		s2 = argv[1];
+	    if( !s2 && (opts[i].flags & 8) ) { /* no argument but it is okay*/
+		arg->r_type = 0;	       /* because it is optional */
+	    }
+	    else if( !s2 ) {
+		arg->r_opt = -3; /* missing argument */
+	    }
+	    else if( !argpos && *s2 == '-' && (opts[i].flags & 8) ) {
+		/* the argument is optional and the next seems to be
+		 * an option. We do not check this possible option
+		 * but assume no argument */
+		arg->r_type = 0;
+	    }
+	    else {
+		set_opt_arg(arg, opts[i].flags, s2);
+		if( !argpos ) {
+		    argc--; argv++; idx++; /* skip one */
+		}
+	    }
+	}
+	else { /* does not take an argument */
+	    if( argpos )
+		arg->r_type = -6; /* argument not expected */
+	    else
+		arg->r_type = 0;
+	}
+	argc--; argv++; idx++; /* set to next one */
+    }
+    else if( (*s == '-' && s[1]) || arg->internal.inarg ) { /* short option */
+	int dash_kludge = 0;
+	i = 0;
+	if( !arg->internal.inarg ) {
+	    arg->internal.inarg++;
+	    if( arg->flags & (1<<5) ) {
+		for(i=0; opts[i].short_opt; i++ )
+		    if( opts[i].long_opt && !strcmp( opts[i].long_opt, s+1)) {
+			dash_kludge=1;
+			break;
+		    }
+	    }
+	}
+	s += arg->internal.inarg;
+
+	if( !dash_kludge ) {
+	    for(i=0; opts[i].short_opt; i++ )
+		if( opts[i].short_opt == *s )
+		    break;
+	}
+
+	if( !opts[i].short_opt && ( *s == 'h' || *s == '?' ) ) {
+	    if( !(arg->flags & (1<<6)) ) {
+		show_help(opts, arg->flags);
+	    }
+	}
+
+	arg->r_opt = opts[i].short_opt;
+	if( !opts[i].short_opt ) {
+	    arg->r_opt = (opts[i].flags & 256)? -7:-2;
+	    arg->internal.inarg++; /* point to the next arg */
+	    arg->r.ret_str = s;
+	}
+	else if( (opts[i].flags & 7) ) {
+	    if( s[1] && !dash_kludge ) {
+		s2 = s+1;
+		set_opt_arg(arg, opts[i].flags, s2);
+	    }
+	    else {
+		s2 = argv[1];
+		if( !s2 && (opts[i].flags & 8) ) { /* no argument but it is okay*/
+		    arg->r_type = 0;		   /* because it is optional */
+		}
+		else if( !s2 ) {
+		    arg->r_opt = -3; /* missing argument */
+		}
+		else if( *s2 == '-' && s2[1] && (opts[i].flags & 8) ) {
+		    /* the argument is optional and the next seems to be
+		     * an option. We do not check this possible option
+		     * but assume no argument */
+		    arg->r_type = 0;
+		}
+		else {
+		    set_opt_arg(arg, opts[i].flags, s2);
+		    argc--; argv++; idx++; /* skip one */
+		}
+	    }
+	    s = "x"; /* so that !s[1] yields false */
+	}
+	else { /* does not take an argument */
+	    arg->r_type = 0;
+	    arg->internal.inarg++; /* point to the next arg */
+	}
+	if( !s[1] || dash_kludge ) { /* no more concatenated short options */
+	    arg->internal.inarg = 0;
+	    argc--; argv++; idx++;
+	}
+    }
+    else if( arg->flags & (1<<2) ) {
+	arg->r_opt = -1;  /* not an option but a argument */
+	arg->r_type = 2;
+	arg->r.ret_str = s;
+	argc--; argv++; idx++; /* set to next one */
+    }
+    else {
+	arg->internal.stopped = 1; /* stop option processing */
+	goto next_one;
+    }
+
+  leave:
+    *arg->argc = argc;
+    *arg->argv = argv;
+    arg->internal.idx = idx;
+    return arg->r_opt;
+}
+
+
+
+static int
+set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s)
+{
+    int base = (flags & 16)? 0 : 10;
+
+    switch( arg->r_type = (flags & 7) ) {
+      case 1: /* takes int argument */
+	arg->r.ret_int = (int)strtol(s,NULL,base);
+	return 0;
+      case 3: /* takes long argument   */
+	arg->r.ret_long= strtol(s,NULL,base);
+	return 0;
+      case 4: /* takes ulong argument  */
+	arg->r.ret_ulong= strtoul(s,NULL,base);
+	return 0;
+      case 2: /* takes string argument */
+      default:
+	arg->r.ret_str = s;
+	return 1;
+    }
+}
+
+
+static size_t
+long_opt_strlen( ARGPARSE_OPTS *o )
+{
+    size_t n = strlen(o->long_opt);
+
+    if( o->description && *o->description == '|' ) {
+	const char *s;
+
+	s=o->description+1;
+	if( *s != '=' )
+	    n++;
+	for(; *s && *s != '|'; s++ )
+	    n++;
+    }
+    return n;
+}
+
+/****************
+ * Print formatted help. The description string has some special
+ * meanings:
+ *  - A description string which is "@" suppresses help output for
+ *    this option
+ *  - a description,ine which starts with a '@' and is followed by
+ *    any other characters is printed as is; this may be used for examples
+ *    ans such.
+ *  - A description which starts with a '|' outputs the string between this
+ *    bar and the next one as arguments of the long option.
+ */
+static void
+show_help( ARGPARSE_OPTS *opts, unsigned flags )
+{
+    const char *s;
+
+    show_version();
+    putchar('\n');
+    s = strusage(41);
+    puts(s);
+    if( opts[0].description ) { /* auto format the option description */
+	int i,j, indent;
+	/* get max. length of long options */
+	for(i=indent=0; opts[i].short_opt; i++ ) {
+	    if( opts[i].long_opt )
+		if( !opts[i].description || *opts[i].description != '@' )
+		    if( (j=long_opt_strlen(opts+i)) > indent && j < 35 )
+			 indent = j;
+	}
+	/* example: " -v, --verbose   Viele Sachen ausgeben" */
+	indent += 10;
+	if( *opts[0].description != '@' )
+	    puts("Options:");
+	for(i=0; opts[i].short_opt; i++ ) {
+	    s = _( opts[i].description );
+	    if( s && *s== '@' && !s[1] ) /* hide this line */
+		continue;
+	    if( s && *s == '@' ) { /* unindented comment only line */
+		for(s++; *s; s++ ) {
+		    if( *s == '\n' ) {
+			if( s[1] )
+			    putchar('\n');
+		    }
+		    else
+			putchar(*s);
+		}
+		putchar('\n');
+		continue;
+	    }
+
+	    j = 3;
+	    if( opts[i].short_opt < 256 ) {
+		printf(" -%c", opts[i].short_opt );
+		if( !opts[i].long_opt ) {
+		    if(s && *s == '|' ) {
+			putchar(' '); j++;
+			for(s++ ; *s && *s != '|'; s++, j++ )
+			    putchar(*s);
+			if( *s )
+			    s++;
+		    }
+		}
+	    }
+	    else
+		fputs("   ", stdout);
+	    if( opts[i].long_opt ) {
+		j += printf("%c --%s", opts[i].short_opt < 256?',':' ',
+				       opts[i].long_opt );
+		if(s && *s == '|' ) {
+		    if( *++s != '=' ) {
+			putchar(' ');
+			j++;
+		    }
+		    for( ; *s && *s != '|'; s++, j++ )
+			putchar(*s);
+		    if( *s )
+			s++;
+		}
+		fputs("   ", stdout);
+		j += 3;
+	    }
+	    for(;j < indent; j++ )
+		putchar(' ');
+	    if( s ) {
+		if( *s && j > indent ) {
+		    putchar('\n');
+		    for(j=0;j < indent; j++ )
+			putchar(' ');
+		}
+		for(; *s; s++ ) {
+		    if( *s == '\n' ) {
+			if( s[1] ) {
+			    putchar('\n');
+			    for(j=0;j < indent; j++ )
+				putchar(' ');
+			}
+		    }
+		    else
+			putchar(*s);
+		}
+	    }
+	    putchar('\n');
+	}
+	if( flags & 32 )
+	    puts("\n(A single dash may be used instead of the double ones)");
+    }
+    if( (s=strusage(19)) ) {  /* bug reports to ... */
+	putchar('\n');
+	fputs(s, stdout);
+    }
+    fflush(stdout);
+    exit(0);
+}
+
+static void
+show_version()
+{
+    const char *s;
+    int i;
+    /* version line */
+    fputs(strusage(11), stdout);
+    if( (s=strusage(12)) )
+	printf(" (%s)", s );
+    printf(" %s\n", strusage(13) );
+    /* additional version lines */
+    for(i=20; i < 30; i++ )
+	if( (s=strusage(i)) )
+	    printf("%s\n", s );
+    /* copyright string */
+    if( (s=strusage(14)) )
+	printf("%s\n", s );
+    /* copying conditions */
+    if( (s=strusage(15)) )
+	fputs(s, stdout);
+    /* thanks */
+    if( (s=strusage(18)) )
+	fputs(s, stdout);
+    /* additional program info */
+    for(i=30; i < 40; i++ )
+	if( (s=strusage(i)) )
+	    fputs( (const byte*)s, stdout);
+    fflush(stdout);
+}
+
+
+void
+usage( int level )
+{
+    if( !level ) {
+	fprintf(stderr,"%s %s; %s\n", strusage(11), strusage(13),
+						     strusage(14) );
+	fflush(stderr);
+    }
+    else if( level == 1 ) {
+	fputs(strusage(40),stderr);
+	exit(2);
+    }
+    else if( level == 2 ) {
+	puts(strusage(41));
+	exit(0);
+    }
+}
+
+/* Level
+ *     0: Copyright String auf stderr ausgeben
+ *     1: Kurzusage auf stderr ausgeben und beenden
+ *     2: Langusage auf stdout ausgeben und beenden
+ *    11: name of program
+ *    12: optional name of package which includes this program.
+ *    13: version  string
+ *    14: copyright string
+ *    15: Short copying conditions (with LFs)
+ *    16: Long copying conditions (with LFs)
+ *    17: Optional printable OS name
+ *    18: Optional thanks list	 (with LFs)
+ *    19: Bug report info
+ *20..29: Additional lib version strings.
+ *30..39: Additional program info (with LFs)
+ *    40: short usage note (with LF)
+ *    41: long usage note (with LF)
+ */
+const char *
+default_strusage( int level )
+{
+    const char *p = NULL;
+    switch( level ) {
+      case 11: p = "foo"; break;
+      case 13: p = "0.0"; break;
+      case 14: p = "Copyright (C) 2002 Free Software Foundation, Inc."; break;
+      case 15: p =
+"This program comes with ABSOLUTELY NO WARRANTY.\n"
+"This is free software, and you are welcome to redistribute it\n"
+"under certain conditions. See the file COPYING for details.\n"; break;
+      case 16:	p =
+"This is free software; you can redistribute it and/or modify\n"
+"it under the terms of the GNU General Public License as published by\n"
+"the Free Software Foundation; either version 2 of the License, or\n"
+"(at your option) any later version.\n\n"
+"It is distributed in the hope that it will be useful,\n"
+"but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
+"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\n"
+"GNU General Public License for more details.\n\n"
+"You should have received a copy of the GNU General Public License\n"
+"along with this program; if not, write to the Free Software\n"
+"Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.\n";
+	break;
+      case 40: /* short and long usage */
+      case 41: p = ""; break;
+    }
+
+    return p;
+}
+
+
+
+#ifdef TEST
+static struct {
+    int verbose;
+    int debug;
+    char *outfile;
+    char *crf;
+    int myopt;
+    int echo;
+    int a_long_one;
+}opt;
+
+int
+main(int argc, char **argv)
+{
+    ARGPARSE_OPTS opts[] = {
+    { 'v', "verbose",   0 , "Laut sein"},
+    { 'e', "echo"   ,   0 , "Zeile ausgeben, damit wir sehen, was wir einegegeben haben"},
+    { 'd', "debug",     0 , "Debug\nfalls mal etasws\nSchief geht"},
+    { 'o', "output",    2   },
+    { 'c', "cross-ref", 2|8, "cross-reference erzeugen\n" },
+    { 'm', "my-option", 1|8 },
+    { 500, "a-long-option", 0 },
+    {0} };
+    ARGPARSE_ARGS pargs = { &argc, &argv, 2|4|32 };
+    int i;
+
+    while( ArgParse( &pargs, opts) ) {
+	switch( pargs.r_opt ) {
+	  case -1 : printf( "arg=`%s'\n", pargs.r.ret_str); break;
+	  case 'v': opt.verbose++; break;
+	  case 'e': opt.echo++; break;
+	  case 'd': opt.debug++; break;
+	  case 'o': opt.outfile = pargs.r.ret_str; break;
+	  case 'c': opt.crf = pargs.r_type? pargs.r.ret_str:"a.crf"; break;
+	  case 'm': opt.myopt = pargs.r_type? pargs.r.ret_int : 1; break;
+	  case 500: opt.a_long_one++;  break;
+	  default : pargs.err = 1; break; /* force warning output */
+	}
+    }
+    for(i=0; i < argc; i++ )
+	printf("%3d -> (%s)\n", i, argv[i] );
+    puts("Options:");
+    if( opt.verbose )
+	printf("  verbose=%d\n", opt.verbose );
+    if( opt.debug )
+	printf("  debug=%d\n", opt.debug );
+    if( opt.outfile )
+	printf("  outfile=`%s'\n", opt.outfile );
+    if( opt.crf )
+	printf("  crffile=`%s'\n", opt.crf );
+    if( opt.myopt )
+	printf("  myopt=%d\n", opt.myopt );
+    if( opt.a_long_one )
+	printf("  a-long-one=%d\n", opt.a_long_one );
+    if( opt.echo       )
+	printf("  echo=%d\n", opt.echo );
+    return 0;
+}
+#endif
+
+/**** bottom of file ****/
diff --git a/util/dotlock.c b/util/dotlock.c
new file mode 100644
index 000000000..fac825450
--- /dev/null
+++ b/util/dotlock.c
@@ -0,0 +1,420 @@
+/* dotlock.c - dotfile locking
+ *	Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <ctype.h>
+#include <errno.h>
+#include <unistd.h>
+#if !defined (HAVE_DOSISH_SYSTEM)
+#include <sys/utsname.h>
+#endif
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <signal.h>
+#include "types.h"
+#include "util.h"
+#include "memory.h"
+
+struct dotlock_handle {
+    struct dotlock_handle *next;
+    char *tname;    /* name of lockfile template */
+    char *lockname; /* name of the real lockfile */
+    int locked;     /* lock status */
+    int disable;    /* locking */
+};
+
+
+static volatile DOTLOCK all_lockfiles;
+static int never_lock;
+
+static int read_lockfile( const char *name );
+
+void
+disable_dotlock(void)
+{
+    never_lock = 1;
+}
+
+/****************
+ * Create a lockfile with the given name and return an object of
+ * type DOTLOCK which may be used later to actually do the lock.
+ * A cleanup routine gets installed to cleanup left over locks
+ * or other files used together with the lockmechanism.
+ * Althoug the function is called dotlock, this does not necessarily
+ * mean that real lockfiles are used - the function may decide to
+ * use fcntl locking.  Calling the function with NULL only install
+ * the atexit handler and maybe used to assure that the cleanup
+ * is called after all other atexit handlers.
+ *
+ * Notes: This function creates a lock file in the same directory
+ *	  as file_to_lock with the name "file_to_lock.lock"
+ *	  A temporary file ".#lk.<hostname>.pid[.threadid] is used.
+ *	  This function does nothing for Windoze.
+ */
+DOTLOCK
+create_dotlock( const char *file_to_lock )
+{
+    static int initialized;
+    DOTLOCK h;
+    int  fd = -1;
+    char pidstr[16];
+  #if !defined (HAVE_DOSISH_SYSTEM)
+    struct utsname utsbuf;
+  #endif
+    const char *nodename;
+    const char *dirpart;
+    int dirpartlen;
+
+    if( !initialized ) {
+	atexit( remove_lockfiles );
+	initialized = 1;
+    }
+    if( !file_to_lock )
+	return NULL;
+
+    h = m_alloc_clear( sizeof *h );
+    if( never_lock ) {
+	h->disable = 1;
+      #ifdef _REENTRANT
+	/* fixme: aquire mutex on all_lockfiles */
+      #endif
+	h->next = all_lockfiles;
+	all_lockfiles = h;
+	return h;
+    }
+
+
+#if !defined (HAVE_DOSISH_SYSTEM)
+    sprintf( pidstr, "%10d\n", (int)getpid() );
+    /* fixme: add the hostname to the second line (FQDN or IP addr?) */
+
+    /* create a temporary file */
+    if( uname( &utsbuf ) )
+	nodename = "unknown";
+    else
+	nodename = utsbuf.nodename;
+
+#ifdef __riscos__
+    {
+        char *iter = (char *) nodename;
+        for (; iter[0]; iter++)
+            if (iter[0] == '.')
+                iter[0] = '/';
+    }
+#endif /* __riscos__ */
+
+    if( !(dirpart = strrchr( file_to_lock, DIRSEP_C )) ) {
+	dirpart = EXTSEP_S;
+	dirpartlen = 1;
+    }
+    else {
+	dirpartlen = dirpart - file_to_lock;
+	dirpart = file_to_lock;
+    }
+
+  #ifdef _REENTRANT
+    /* fixme: aquire mutex on all_lockfiles */
+  #endif
+    h->next = all_lockfiles;
+    all_lockfiles = h;
+
+    h->tname = m_alloc( dirpartlen + 6+30+ strlen(nodename) + 11 );
+#ifndef __riscos__
+    sprintf( h->tname, "%.*s/.#lk%p.%s.%d",
+	     dirpartlen, dirpart, h, nodename, (int)getpid() );
+#else /* __riscos__ */
+    sprintf( h->tname, "%.*s.lk%p/%s/%d",
+	     dirpartlen, dirpart, h, nodename, (int)getpid() );
+#endif /* __riscos__ */
+
+    do {
+	errno = 0;
+	fd = open( h->tname, O_WRONLY|O_CREAT|O_EXCL,
+			  S_IRUSR|S_IRGRP|S_IROTH|S_IWUSR );
+    } while( fd == -1 && errno == EINTR );
+    if( fd == -1 ) {
+	all_lockfiles = h->next;
+	log_error( "failed to create temporary file `%s': %s\n",
+					    h->tname, strerror(errno));
+	m_free(h->tname);
+	m_free(h);
+	return NULL;
+    }
+    if( write(fd, pidstr, 11 ) != 11 ) {
+	all_lockfiles = h->next;
+      #ifdef _REENTRANT
+	/* release mutex */
+      #endif
+	log_fatal( "error writing to `%s': %s\n", h->tname, strerror(errno) );
+	close(fd);
+	unlink(h->tname);
+	m_free(h->tname);
+	m_free(h);
+	return NULL;
+    }
+    if( close(fd) ) {
+	all_lockfiles = h->next;
+      #ifdef _REENTRANT
+	/* release mutex */
+      #endif
+	log_error( "error closing `%s': %s\n", h->tname, strerror(errno));
+	unlink(h->tname);
+	m_free(h->tname);
+	m_free(h);
+	return NULL;
+    }
+
+  #ifdef _REENTRANT
+    /* release mutex */
+  #endif
+#endif
+    h->lockname = m_alloc( strlen(file_to_lock) + 6 );
+    strcpy(stpcpy(h->lockname, file_to_lock), EXTSEP_S "lock");
+    return h;
+}
+
+static int
+maybe_deadlock( DOTLOCK h )
+{
+    DOTLOCK r;
+
+    for( r=all_lockfiles; r; r = r->next ) {
+	if( r != h && r->locked )
+	    return 1;
+    }
+    return 0;
+}
+
+/****************
+ * Do a lock on H. A TIMEOUT of 0 returns immediately,
+ * -1 waits forever (hopefully not), other
+ * values are timeouts in milliseconds.
+ * Returns: 0 on success
+ */
+int
+make_dotlock( DOTLOCK h, long timeout )
+{
+#if defined (HAVE_DOSISH_SYSTEM)
+    return 0;
+#else
+    int  pid;
+    const char *maybe_dead="";
+    int backoff=0;
+
+    if( h->disable ) {
+	return 0;
+    }
+
+    if( h->locked ) {
+#ifndef __riscos__
+	log_debug("oops, `%s' is already locked\n", h->lockname );
+#endif /* !__riscos__ */
+	return 0;
+    }
+
+    for(;;) {
+#ifndef __riscos__
+	if( !link(h->tname, h->lockname) ) {
+	    /* fixme: better use stat to check the link count */
+	    h->locked = 1;
+	    return 0; /* okay */
+	}
+	if( errno != EEXIST ) {
+	    log_error( "lock not made: link() failed: %s\n", strerror(errno) );
+	    return -1;
+	}
+#else /* __riscos__ */
+        if( !renamefile(h->tname, h->lockname) ) {
+            h->locked = 1;
+            return 0; /* okay */
+        }
+        if( errno != EEXIST ) {
+	    log_error( "lock not made: rename() failed: %s\n", strerror(errno) );
+	    return -1;
+        }
+#endif /* __riscos__ */
+	if( (pid = read_lockfile(h->lockname)) == -1 ) {
+	    if( errno != ENOENT ) {
+		log_info("cannot read lockfile\n");
+		return -1;
+	    }
+	    log_info( "lockfile disappeared\n");
+	    continue;
+	}
+	else if( pid == getpid() ) {
+	    log_info( "Oops: lock already held by us\n");
+	    h->locked = 1;
+	    return 0; /* okay */
+	}
+	else if( kill(pid, 0) && errno == ESRCH ) {
+#ifndef __riscos__
+	    maybe_dead = " - probably dead";
+	 #if 0 /* we should not do this without checking the permissions */
+	       /* and the hostname */
+	    log_info( "removing stale lockfile (created by %d)", pid );
+	 #endif
+#else /* __riscos__ */
+            /* we are *pretty* sure that the other task is dead and therefore
+               we remove the other lock file */
+            maybe_dead = " - probably dead - removing lock";
+            unlink(h->lockname);
+#endif /* __riscos__ */
+	}
+	if( timeout == -1 ) {
+	    struct timeval tv;
+	    log_info( "waiting for lock (held by %d%s) %s...\n",
+		      pid, maybe_dead, maybe_deadlock(h)? "(deadlock?) ":"");
+
+
+	    /* can't use sleep, cause signals may be blocked */
+	    tv.tv_sec = 1 + backoff;
+	    tv.tv_usec = 0;
+	    select(0, NULL, NULL, NULL, &tv);
+	    if( backoff < 10 )
+		backoff++ ;
+	}
+	else
+	    return -1;
+    }
+    /*not reached */
+#endif
+}
+
+
+/****************
+ * release a lock
+ * Returns: 0 := success
+ */
+int
+release_dotlock( DOTLOCK h )
+{
+#if defined (HAVE_DOSISH_SYSTEM)
+    return 0;
+#else
+    int pid;
+
+    if( h->disable ) {
+	return 0;
+    }
+
+    if( !h->locked ) {
+	log_debug("oops, `%s' is not locked\n", h->lockname );
+	return 0;
+    }
+
+    pid = read_lockfile( h->lockname );
+    if( pid == -1 ) {
+	log_error( "release_dotlock: lockfile error\n");
+	return -1;
+    }
+    if( pid != getpid() ) {
+	log_error( "release_dotlock: not our lock (pid=%d)\n", pid);
+	return -1;
+    }
+#ifndef __riscos__
+    if( unlink( h->lockname ) ) {
+	log_error( "release_dotlock: error removing lockfile `%s'",
+							h->lockname);
+	return -1;
+    }
+#else /* __riscos__ */
+    if( renamefile(h->lockname, h->tname) ) {
+	log_error( "release_dotlock: error renaming lockfile `%s' to `%s'",
+							h->lockname, h->tname);
+	return -1;
+    }
+#endif /* __riscos__ */
+    /* fixme: check that the link count is now 1 */
+    h->locked = 0;
+    return 0;
+#endif
+}
+
+
+/****************
+ * Read the lock file and return the pid, returns -1 on error.
+ */
+static int
+read_lockfile( const char *name )
+{
+  #if defined (HAVE_DOSISH_SYSTEM)
+    return 0;
+  #else
+    int fd, pid;
+    char pidstr[16];
+
+    if( (fd = open(name, O_RDONLY)) == -1 ) {
+	int e = errno;
+	log_debug("error opening lockfile `%s': %s\n", name, strerror(errno) );
+	errno = e;
+	return -1;
+    }
+    if( read(fd, pidstr, 10 ) != 10 ) {  /* Read 10 digits w/o newline */
+	log_debug("error reading lockfile `%s'", name );
+	close(fd);
+	errno = 0;
+	return -1;
+    }
+    pidstr[10] = 0;  /* terminate pid string */
+    close(fd);
+    pid = atoi(pidstr);
+#ifndef __riscos__
+    if( !pid || pid == -1 ) {
+#else /* __riscos__ */
+    if( (!pid && riscos_getpid()) || pid == -1 ) {
+#endif /* __riscos__ */
+	log_error("invalid pid %d in lockfile `%s'", pid, name );
+	errno = 0;
+	return -1;
+    }
+    return pid;
+  #endif
+}
+
+
+void
+remove_lockfiles()
+{
+  #if !defined (HAVE_DOSISH_SYSTEM)
+    DOTLOCK h, h2;
+
+    h = all_lockfiles;
+    all_lockfiles = NULL;
+
+    while( h ) {
+	h2 = h->next;
+	if( !h->disable ) {
+	    if( h->locked )
+		unlink( h->lockname );
+	    unlink(h->tname);
+	    m_free(h->tname);
+	    m_free(h->lockname);
+	}
+	m_free(h);
+	h = h2;
+    }
+  #endif
+}
+
diff --git a/util/errors.c b/util/errors.c
index d3eb2f172..25d5a088a 100644
--- a/util/errors.c
+++ b/util/errors.c
@@ -1,5 +1,5 @@
 /* errors.c  -	error strings
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,7 +23,6 @@
 #include <stdlib.h>
 #include <stdarg.h>
 
-#include <gcrypt.h>
 #include "errors.h"
 #include "i18n.h"
 
@@ -43,12 +42,12 @@ strerror( int n )
 #endif /* !HAVE_STRERROR */
 
 const char *
-gpg_errstr( int err )
+g10_errstr( int err )
 {
     static char buf[50];
     const char *p;
 
-  #define X(n,s) case GPGERR_##n : p = s; break;
+  #define X(n,s) case G10ERR_##n : p = s; break;
     switch( err ) {
       case -1:		p = "eof"; break;
       case 0:		p = "okay"; break;
@@ -101,13 +100,12 @@ gpg_errstr( int err )
       X(NETWORK        ,N_("network error"))
       X(SELFTEST_FAILED,"selftest failed")
       X(NOT_ENCRYPTED  ,N_("not encrypted"))
-      default: /* pass on to libgcrypt */
-	if( err >= 0 ) /* pass on to libgcrypt */
-	    p = gcry_strerror(err); /* fimxe: how do we handle i18n? */
-	else {
-	    p = buf; sprintf(buf, "gpgerr=%d", err); break;
-	}
-	break;
+      X(NOT_PROCESSED  ,N_("not processed"))
+      /* the key cannot be used for a specific usage */
+      X(UNU_PUBKEY     ,N_("unusable public key"))
+      X(UNU_SECKEY     ,N_("unusable secret key"))
+      X(KEYSERVER      ,N_("keyserver error"))
+      default: p = buf; sprintf(buf, "g10err=%d", err); break;
     }
   #undef X
     return _(p);
diff --git a/util/fileutil.c b/util/fileutil.c
index 39268da74..76eacfb80 100644
--- a/util/fileutil.c
+++ b/util/fileutil.c
@@ -25,7 +25,10 @@
 #include <string.h>
 #include <assert.h>
 #include <unistd.h>
-#include <gcrypt.h>
+#ifdef __riscos__
+#include <kernel.h>
+#include <swis.h>
+#endif /* __riscos__ */
 #include "util.h"
 #include "memory.h"
 #include "ttyio.h"
@@ -40,16 +43,16 @@ make_basename(const char *filepath)
 {
     char *p;
 
-    if ( !(p=strrchr(filepath, '/')) )
+    if ( !(p=strrchr(filepath, DIRSEP_C)) )
       #ifdef HAVE_DRIVE_LETTERS
 	if ( !(p=strrchr(filepath, '\\')) )
 	    if ( !(p=strrchr(filepath, ':')) )
       #endif
 	      {
-		return gcry_xstrdup(filepath);
+		return m_strdup(filepath);
 	      }
 
-    return gcry_xstrdup(p+1);
+    return m_strdup(p+1);
 }
 
 
@@ -67,17 +70,17 @@ make_dirname(const char *filepath)
     int  dirname_length;
     char *p;
 
-    if ( !(p=strrchr(filepath, '/')) )
+    if ( !(p=strrchr(filepath, DIRSEP_C)) )
       #ifdef HAVE_DRIVE_LETTERS
 	if ( !(p=strrchr(filepath, '\\')) )
 	    if ( !(p=strrchr(filepath, ':')) )
       #endif
 	      {
-		return gcry_xstrdup(".");
+		return m_strdup(EXTSEP_S);
 	      }
 
     dirname_length = p-filepath;
-    dirname = gcry_xmalloc(dirname_length+1);
+    dirname = m_alloc(dirname_length+1);
     strncpy(dirname, filepath, dirname_length);
     dirname[dirname_length] = 0;
 
@@ -104,20 +107,30 @@ make_filename( const char *first_part, ... )
 	n += strlen(s) + 1;
     va_end(arg_ptr);
 
+#ifndef __riscos__
     home = NULL;
-    if( *first_part == '~' && first_part[1] == '/'
+    if( *first_part == '~' && first_part[1] == DIRSEP_C
 			   && (home = getenv("HOME")) && *home )
 	n += strlen(home);
-
-    name = gcry_xmalloc(n);
+    name = m_alloc(n);
     p = home ? stpcpy(stpcpy(name,home), first_part+1)
 	     : stpcpy(name, first_part);
+#else /* __riscos__ */
+    name = m_alloc(n);
+    p = stpcpy(name, first_part);
+#endif /* __riscos__ */
     va_start( arg_ptr, first_part ) ;
     while( (s=va_arg(arg_ptr, const char *)) )
-	p = stpcpy(stpcpy(p,"/"), s);
+	p = stpcpy(stpcpy(p, DIRSEP_S), s);
     va_end(arg_ptr);
 
+#ifndef __riscos__
     return name;
+#else /* __riscos__ */
+    p = gstrans(name);
+    m_free(name);
+    return p;
+#endif /* __riscos__ */
 }
 
 
@@ -127,11 +140,26 @@ compare_filenames( const char *a, const char *b )
     /* ? check whether this is an absolute filename and
      * resolve symlinks?
      */
+#ifndef __riscos__
   #ifdef HAVE_DRIVE_LETTERS
-    return stricmp(a,b);
+    return ascii_strcasecmp(a,b);
   #else
     return strcmp(a,b);
   #endif
+#else /* __riscos__ */
+    int c = 0;
+    char *abuf, *bbuf;
+
+    abuf = gstrans(a);
+    bbuf = gstrans(b);
+
+    c = strcasecmp (abuf, bbuf);
+
+    m_free(abuf);
+    m_free(bbuf);
+
+    return c;
+#endif /* __riscos__ */
 }
 
 
@@ -156,4 +184,55 @@ print_fname_stdin( const char *s )
     return s;
 }
 
+/****************
+ * Check if the file is compressed.
+ **/
+int
+is_file_compressed( const char *s, int *ret_rc )
+{
+    IOBUF a;
+    byte buf[4];
+    int i, rc = 0;
+
+    struct magic_compress_s {
+        size_t len;
+        byte magic[4];
+    } magic[] = {
+        { 3, { 0x42, 0x5a, 0x68, 0x00 } }, /* bzip2 */
+        { 3, { 0x1f, 0x8b, 0x08, 0x00 } }, /* gzip */
+        { 4, { 0x50, 0x4b, 0x03, 0x04 } }, /* (pk)zip */
+    };
+    
+    if ( !s || *s == '-' || !ret_rc )
+        return 0; /* We can't check stdin or no file was given */
+
+    a = iobuf_open( s );
+    if ( a == NULL ) {
+        *ret_rc = G10ERR_OPEN_FILE;
+        return 0;
+    }
+
+    if ( iobuf_get_filelength( a ) < 4 ) {
+        *ret_rc = 0;
+        goto leave;
+    }
+
+    if ( iobuf_read( a, buf, 4 ) == -1 ) {
+        *ret_rc = G10ERR_READ_FILE;
+        goto leave;
+    }
+
+    for ( i = 0; i < DIM( magic ); i++ ) {
+        if ( !memcmp( buf, magic[i].magic, magic[i].len ) ) {
+            *ret_rc = 0;
+            rc = 1;
+            break;
+        }
+    }
+
+leave:    
+    iobuf_close( a );
+    return rc;
+}
+
 
diff --git a/util/g10u.c b/util/g10u.c
new file mode 100644
index 000000000..2ce3a4e36
--- /dev/null
+++ b/util/g10u.c
@@ -0,0 +1,40 @@
+/* g10u.c  -  Wrapper for utility functions
+ *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include "mpi.h"
+#include "util.h"
+
+
+/* FIXME: The modules should use functions from libgcrypt */
+
+const char *g10u_revision_string(int dummy) { return "$Revision$"; }
+
+
+void *g10_malloc( size_t n )	     { return m_alloc( n ); }
+void *g10_calloc( size_t n )	     { return m_alloc_clear( n ); }
+void *g10_malloc_secure( size_t n )  { return m_alloc_secure( n ); }
+void *g10_calloc_secure( size_t n )  { return m_alloc_secure_clear( n ); }
+void *g10_realloc( void *a, size_t n ) { return m_realloc( a, n ); }
+void  g10_free( void *p )	     { m_free( p ); }
+char *g10_strdup( const char * a)    { return m_strdup( a ); }
+
diff --git a/util/http.c b/util/http.c
index 81bf91ded..23556b7bd 100644
--- a/util/http.c
+++ b/util/http.c
@@ -1,5 +1,5 @@
 /* http.c  -  HTTP protocol handler
- *	Copyright (C) 1999, 2000 Free Software Foundation, Inc.
+ *	Copyright (C) 1999, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -26,18 +26,18 @@
 #include <ctype.h>
 #include <errno.h>
 
-#ifndef HAVE_DOSISH_SYSTEM  /* fixme: add support W32 sockets */
-
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/time.h>
-#include <time.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-
-#include <gcrypt.h>
+#ifdef __MINGW32__
+ #include <windows.h>
+#else
+ #include <unistd.h>
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <sys/time.h>
+ #include <time.h>
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
+ #include <netdb.h>
+#endif
 
 #include "util.h"
 #include "iobuf.h"
@@ -45,6 +45,20 @@
 
 #include "http.h"
 
+#ifdef __riscos__
+  #define HTTP_PROXY_ENV           "GnuPG$HttpProxy"
+  #define HTTP_PROXY_ENV_PRINTABLE "<GnuPG$HttpProxy>"
+#else
+  #define HTTP_PROXY_ENV           "http_proxy"
+  #define HTTP_PROXY_ENV_PRINTABLE "$http_proxy"
+#endif
+
+#ifdef __MINGW32__
+#define sock_close(a)  closesocket(a)
+#else
+#define sock_close(a)  close(a)
+#endif
+
 #define MAX_LINELEN 20000  /* max. length of a HTTP line */
 #define VALID_URI_CHARS "abcdefghijklmnopqrstuvwxyz"   \
 			"ABCDEFGHIJKLMNOPQRSTUVWXYZ"   \
@@ -69,6 +83,38 @@ static int parse_response( HTTP_HD hd );
 static int connect_server( const char *server, ushort port );
 static int write_server( int sock, const char *data, size_t length );
 
+#ifdef __MINGW32__
+static void
+deinit_sockets (void)
+{
+    WSACleanup();
+}
+
+static void
+init_sockets (void)
+{
+    static int initialized;
+    static WSADATA wsdata;
+
+    if (initialized)
+        return;
+
+    if( WSAStartup( 0x0101, &wsdata ) ) {
+        log_error ("error initializing socket library: ec=%d\n", 
+                    (int)WSAGetLastError () );
+        return;
+    }
+    if( wsdata.wVersion < 0x0001 ) {
+        log_error ("socket library version is %x.%x - but 1.1 needed\n",
+                   LOBYTE(wsdata.wVersion), HIBYTE(wsdata.wVersion));
+        WSACleanup();
+        return;
+    }
+    atexit ( deinit_sockets );
+    initialized = 1;
+}
+#endif /*__MINGW32__*/
+
 
 int
 http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url,
@@ -77,7 +123,7 @@ http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url,
     int rc;
 
     if( !(reqtype == HTTP_REQ_GET || reqtype == HTTP_REQ_POST) )
-	return GPGERR_INV_ARG;
+	return G10ERR_INV_ARG;
 
     /* initialize the handle */
     memset( hd, 0, sizeof *hd );
@@ -90,15 +136,15 @@ http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url,
     if( !rc ) {
 	rc = send_request( hd );
 	if( !rc ) {
-	    hd->fp_write = iobuf_fdopen( hd->sock , "w" );
+	    hd->fp_write = iobuf_sockopen( hd->sock , "w" );
 	    if( hd->fp_write )
 		return 0;
-	    rc = GPGERR_GENERAL;
+	    rc = G10ERR_GENERAL;
 	}
     }
 
     if( !hd->fp_read && !hd->fp_write && hd->sock != -1 )
-	close( hd->sock );
+	sock_close( hd->sock );
     iobuf_close( hd->fp_read );
     iobuf_close( hd->fp_write);
     release_parsed_uri( hd->uri );
@@ -111,8 +157,9 @@ http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url,
 void
 http_start_data( HTTP_HD hd )
 {
+    iobuf_flush ( hd->fp_write );
     if( !hd->in_data ) {
-	iobuf_put( hd->fp_write, '\n' );
+        write_server (hd->sock, "\r\n", 2);
 	hd->in_data = 1;
     }
 }
@@ -124,19 +171,22 @@ http_wait_response( HTTP_HD hd, unsigned int *ret_status )
     int rc;
 
     http_start_data( hd ); /* make sure that we are in the data */
-    iobuf_flush( hd->fp_write );
 
-    hd->sock = dup( hd->sock );
+  #if 0
+    hd->sock = dup( hd->sock ); 
     if( hd->sock == -1 )
-	return GPGERR_GENERAL;
-    iobuf_close( hd->fp_write );
+	return G10ERR_GENERAL;
+  #endif
+    iobuf_ioctl (hd->fp_write, 1, 1, NULL); /* keep the socket open */
+    iobuf_close (hd->fp_write);
     hd->fp_write = NULL;
-    shutdown( hd->sock, 1 );
+    if ( !(hd->flags & HTTP_FLAG_NO_SHUTDOWN) )
+        shutdown( hd->sock, 1 );
     hd->in_data = 0;
 
-    hd->fp_read = iobuf_fdopen( hd->sock , "r" );
+    hd->fp_read = iobuf_sockopen( hd->sock , "r" );
     if( !hd->fp_read )
-	return GPGERR_GENERAL;
+	return G10ERR_GENERAL;
 
     rc = parse_response( hd );
     if( !rc && ret_status )
@@ -171,11 +221,11 @@ http_close( HTTP_HD hd )
     if( !hd || !hd->initialized )
 	return;
     if( !hd->fp_read && !hd->fp_write && hd->sock != -1 )
-	close( hd->sock );
+	sock_close( hd->sock );
     iobuf_close( hd->fp_read );
     iobuf_close( hd->fp_write );
     release_parsed_uri( hd->uri );
-    gcry_free( hd->buffer );
+    m_free( hd->buffer );
     hd->initialized = 0;
 }
 
@@ -189,7 +239,7 @@ http_close( HTTP_HD hd )
 static int
 parse_uri( PARSED_URI *ret_uri, const char *uri )
 {
-   *ret_uri = gcry_xcalloc( 1, sizeof(**ret_uri) + strlen(uri) );
+   *ret_uri = m_alloc_clear( sizeof(**ret_uri) + strlen(uri) );
    strcpy( (*ret_uri)->buffer, uri );
    return do_parse_uri( *ret_uri, 0 );
 }
@@ -203,9 +253,9 @@ release_parsed_uri( PARSED_URI uri )
 
 	for( r = uri->query; r; r = r2 ) {
 	    r2 = r->next;
-	    gcry_free( r );
+	    m_free( r );
 	}
-	gcry_free( uri );
+	m_free( uri );
     }
 }
 
@@ -225,27 +275,28 @@ do_parse_uri( PARSED_URI uri, int only_local_part )
 
     /* a quick validity check */
     if( strspn( p, VALID_URI_CHARS) != n )
-	return GPGERR_BAD_URI; /* invalid characters found */
+	return G10ERR_BAD_URI; /* invalid characters found */
 
     if( !only_local_part ) {
 	/* find the scheme */
 	if( !(p2 = strchr( p, ':' ) ) || p2 == p )
-	   return GPGERR_BAD_URI; /* No scheme */
+	   return G10ERR_BAD_URI; /* No scheme */
 	*p2++ = 0;
 	strlwr( p );
 	uri->scheme = p;
+        uri->port = 80;
 	if( !strcmp( uri->scheme, "http" ) )
 	    ;
 	else if( !strcmp( uri->scheme, "x-hkp" ) ) /* same as HTTP */
-	    ;
+	    uri->port = 11371;
 	else
-	    return GPGERR_INVALID_URI; /* Unsupported scheme */
+	    return G10ERR_INVALID_URI; /* Unsupported scheme */
 
 	p = p2;
 
 	/* find the hostname */
 	if( *p != '/' )
-	    return GPGERR_INVALID_URI; /* does not start with a slash */
+	    return G10ERR_INVALID_URI; /* does not start with a slash */
 
 	p++;
 	if( *p == '/' ) {  /* there seems to be a hostname */
@@ -258,13 +309,12 @@ do_parse_uri( PARSED_URI uri, int only_local_part )
 		*p3++ = 0;
 		uri->port = atoi( p3 );
 	    }
-	    else
-	       uri->port = 80;
+
 	    uri->host = p;
 	    if( (n = remove_escapes( uri->host )) < 0 )
-		return GPGERR_BAD_URI;
+		return G10ERR_BAD_URI;
 	    if( n != strlen( p ) )
-		return GPGERR_BAD_URI; /* hostname with a Nul in it */
+		return G10ERR_BAD_URI; /* hostname with a Nul in it */
 	    p = p2 ? p2 : NULL;
 	}
     } /* end global URI part */
@@ -281,9 +331,9 @@ do_parse_uri( PARSED_URI uri, int only_local_part )
 
     uri->path = p;
     if( (n = remove_escapes( p )) < 0 )
-	return GPGERR_BAD_URI;
+	return G10ERR_BAD_URI;
     if( n != strlen( p ) )
-	return GPGERR_BAD_URI; /* path with a Nul in it */
+	return G10ERR_BAD_URI; /* path with a Nul in it */
     p = p2 ? p2 : NULL;
 
     if( !p || !*p ) /* we don't have a query string */
@@ -297,7 +347,7 @@ do_parse_uri( PARSED_URI uri, int only_local_part )
 	if( (p2 = strchr( p, '&' )) )
 	    *p2++ = 0;
 	if( !(elem = parse_tuple( p )) )
-	    return GPGERR_BAD_URI;
+	    return G10ERR_BAD_URI;
 	*tail = elem;
 	tail = &elem->next;
 
@@ -397,7 +447,7 @@ parse_tuple( byte *string )
 	return NULL; /* bad URI */
     if( n != strlen( p ) )
        return NULL; /* name with a Nul in it */
-    tuple = gcry_xcalloc( 1, sizeof *tuple );
+    tuple = m_alloc_clear( sizeof *tuple );
     tuple->name = p;
     if( !p2 )  {
 	/* we have only the name, so we assume an empty value string */
@@ -406,7 +456,7 @@ parse_tuple( byte *string )
     }
     else { /* name and value */
 	if( (n = remove_escapes( p2 )) < 0 ) {
-	    gcry_free( tuple );
+	    m_free( tuple );
 	    return NULL; /* bad URI */
 	}
 	tuple->value = p2;
@@ -433,14 +483,15 @@ send_request( HTTP_HD hd )
     port   = hd->uri->port?  hd->uri->port : 80;
 
     if( (hd->flags & HTTP_FLAG_TRY_PROXY)
-	&& (http_proxy = getenv( "http_proxy" )) ) {
+	&& (http_proxy = getenv( HTTP_PROXY_ENV )) ) {
 	PARSED_URI uri;
 
 	rc = parse_uri( &uri, http_proxy );
 	if (rc) {
-	    log_error("invalid $http_proxy: %s\n", gpg_errstr(rc));
+	    log_error("invalid " HTTP_PROXY_ENV_PRINTABLE ": %s\n",
+                      g10_errstr(rc));
 	    release_parsed_uri( uri );
-	    return GPGERR_NETWORK;
+	    return G10ERR_NETWORK;
 	}
 	hd->sock = connect_server( *uri->host? uri->host : "localhost",
 				    uri->port? uri->port : 80 );
@@ -450,10 +501,10 @@ send_request( HTTP_HD hd )
 	hd->sock = connect_server( server, port );
 
     if( hd->sock == -1 )
-	return GPGERR_NETWORK;
+	return G10ERR_NETWORK;
 
     p = build_rel_path( hd->uri );
-    request = gcry_xmalloc( strlen(p) + 20 );
+    request = m_alloc( strlen(server) + strlen(p) + 50 );
     if( http_proxy ) {
 	sprintf( request, "%s http://%s:%hu%s%s HTTP/1.0\r\n",
 			  hd->req_type == HTTP_REQ_GET ? "GET" :
@@ -468,10 +519,10 @@ send_request( HTTP_HD hd )
 			  hd->req_type == HTTP_REQ_POST? "POST": "OOPS",
 						  *p == '/'? "":"/", p );
     }
-    gcry_free(p);
+    m_free(p);
 
     rc = write_server( hd->sock, request, strlen(request) );
-    gcry_free( request );
+    m_free( request );
 
     return rc;
 }
@@ -502,7 +553,7 @@ build_rel_path( PARSED_URI uri )
     n++;
 
     /* now  allocate and copy */
-    p = rel_path = gcry_xmalloc( n );
+    p = rel_path = m_alloc( n );
     n = insert_escapes( p, uri->path, "%;?&" );
     p += n;
     /* todo: add params */
@@ -608,13 +659,13 @@ start_server()
 
     if( bind( fd, (struct sockaddr *)&mya, sizeof(mya)) ) {
 	log_error("bind to port 11371 failed: %s\n", strerror(errno) );
-	close( fd );
+	sock_close( fd );
 	return -1;
     }
 
     if( listen( fd, 5 ) ) {
 	log_error("listen failed: %s\n", strerror(errno) );
-	close( fd );
+	sock_close( fd );
 	return -1;
     }
 
@@ -647,7 +698,7 @@ start_server()
 	    fclose(fp);
 	    exit(0);
 	}
-	close( client );
+	sock_close( client );
     }
 
 
@@ -660,9 +711,51 @@ start_server()
 static int
 connect_server( const char *server, ushort port )
 {
+    int sd;
+#ifdef __MINGW32__
+    struct hostent *hp;
+    struct sockaddr_in ad;
+    unsigned long l;
+    
+    init_sockets ();
+
+    memset (&ad, 0, sizeof(ad));
+    ad.sin_family = AF_INET;
+    ad.sin_port = htons(port);
+
+    if( (l = inet_addr (server)) != SOCKET_ERROR ) {
+        memcpy (&ad.sin_addr, &l, sizeof(l));
+    }
+    else if( (hp = gethostbyname (server)) ) {
+        if( hp->h_addrtype != AF_INET ) {
+            log_error ("%s: unknown address family\n", server);
+            return -1;
+        }
+        if ( hp->h_length != 4 ) {
+            log_error ("%s: illegal address length\n", server);
+            return -1;
+        }
+        memcpy (&ad.sin_addr, hp->h_addr, hp->h_length);
+    }
+    else {
+        log_error ("%s: host not found: ec=%d\n",
+                   server, (int)WSAGetLastError ());
+        return -1;
+    }
+
+    if ((sd = socket(AF_INET, SOCK_STREAM, 0)) == INVALID_SOCKET) {
+        log_error ("error creating socket: ex=%d\n", 
+                   (int)WSAGetLastError ());
+        return -1;
+    }
+
+    if( connect (sd, (struct sockaddr *)&ad, sizeof (ad) ) ) {
+        sock_close (sd);
+        return -1;
+    }
+#else
     struct sockaddr_in addr;
     struct hostent *host;
-    int sd;
 
     addr.sin_family = AF_INET;
     addr.sin_port = htons(port);
@@ -677,10 +770,10 @@ connect_server( const char *server, ushort port )
 	return -1;
 
     if( connect( sd, (struct sockaddr *)&addr, sizeof addr) == -1 ) {
-	close(sd);
+	sock_close(sd);
 	return -1;
     }
-
+#endif
     return sd;
 }
 
@@ -688,11 +781,20 @@ connect_server( const char *server, ushort port )
 static int
 write_server( int sock, const char *data, size_t length )
 {
-    int nleft, nwritten;
+    int nleft;
 
     nleft = length;
     while( nleft > 0 ) {
-	nwritten = write( sock, data, nleft );
+      #ifdef __MINGW32__  
+        int nwritten;
+
+        nwritten = send (sock, data, nleft, 0);
+        if ( nwritten == SOCKET_ERROR ) {
+	    log_info ("write failed: ec=%d\n", (int)WSAGetLastError ());
+	    return G10ERR_NETWORK;
+        }
+      #else
+	int nwritten = write( sock, data, nleft );
 	if( nwritten == -1 ) {
 	    if( errno == EINTR )
 		continue;
@@ -705,8 +807,9 @@ write_server( int sock, const char *data, size_t length )
 		continue;
 	    }
 	    log_info("write failed: %s\n", strerror(errno));
-	    return GPGERR_NETWORK;
+	    return G10ERR_NETWORK;
 	}
+      #endif
 	nleft -=nwritten;
 	data += nwritten;
     }
@@ -714,8 +817,6 @@ write_server( int sock, const char *data, size_t length )
     return 0;
 }
 
-#endif /* HAVE_DOSISH_SYSTEM */
-
 /**** Test code ****/
 #ifdef TEST
 
@@ -742,7 +843,7 @@ main(int argc, char **argv)
 
     rc = parse_uri( &uri, *argv );
     if( rc ) {
-	log_error("`%s': %s\n", *argv, gpg_errstr(rc));
+	log_error("`%s': %s\n", *argv, g10_errstr(rc));
 	release_parsed_uri( uri );
 	return 1;
     }
@@ -767,7 +868,7 @@ main(int argc, char **argv)
 
     rc = http_open_document( &hd, *argv, 0 );
     if( rc ) {
-	log_error("can't get `%s': %s\n", *argv, gpg_errstr(rc));
+	log_error("can't get `%s': %s\n", *argv, g10_errstr(rc));
 	return 1;
     }
     log_info("open_http_document succeeded; status=%u\n", hd.status_code );
diff --git a/util/iobuf.c b/util/iobuf.c
index 5f70694c2..5df2d6975 100644
--- a/util/iobuf.c
+++ b/util/iobuf.c
@@ -1,5 +1,5 @@
 /* iobuf.c  -  file handling
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,33 +23,89 @@
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
+#include <ctype.h>
 #include <assert.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <fcntl.h> 
 #include <unistd.h>
-#include <gcrypt.h>
 #ifdef HAVE_DOSISH_SYSTEM
-  #include <fcntl.h> /* for setmode() */
+ #include <windows.h>
 #endif
+#ifdef __riscos__
+#include <kernel.h>
+#include <swis.h>
+#endif /* __riscos__ */
 
 #include "memory.h"
 #include "util.h"
 #include "iobuf.h"
 
+#undef FILE_FILTER_USES_STDIO
 
-#if defined (HAVE_FOPEN64) && defined (HAVE_FSTAT64)
-  #define fopen(a,b)  fopen64 ((a),(b))
-  #define fstat(a,b)  fstat64 ((a),(b))
+#ifdef HAVE_DOSISH_SYSTEM
+ #define USE_SETMODE 1
 #endif
 
+#ifdef FILE_FILTER_USES_STDIO
+ #define my_fileno(a)  fileno ((a))
+ #define my_fopen_ro(a,b) fopen ((a),(b))
+ #define my_fopen(a,b)    fopen ((a),(b))
+ typedef FILE *FILEP_OR_FD;
+ #define INVALID_FP    NULL
+ #define FILEP_OR_FD_FOR_STDIN  (stdin)
+ #define FILEP_OR_FD_FOR_STDOUT  (stdout)
+ typedef struct {
+     FILE *fp;	   /* open file handle */
+     int keep_open;
+     int no_cache;
+     int  print_only_name; /* flags indicating that fname is not a real file*/
+     char fname[1]; /* name of the file */
+ } file_filter_ctx_t ;
+#else
+ #define my_fileno(a)  (a)
+ #define my_fopen_ro(a,b) fd_cache_open ((a),(b)) 
+ #define my_fopen(a,b) direct_open ((a),(b)) 
+ #ifdef HAVE_DOSISH_SYSTEM
+   typedef HANDLE FILEP_OR_FD;
+   #define INVALID_FP  ((HANDLE)-1)
+   #define FILEP_OR_FD_FOR_STDIN  (GetStdHandle (STD_INPUT_HANDLE))
+   #define FILEP_OR_FD_FOR_STDOUT (GetStdHandle (STD_OUTPUT_HANDLE))
+   #undef USE_SETMODE
+ #else
+   typedef int FILEP_OR_FD;
+   #define INVALID_FP  (-1)
+   #define FILEP_OR_FD_FOR_STDIN  (0)
+   #define FILEP_OR_FD_FOR_STDOUT (1)
+ #endif
+ typedef struct {
+     FILEP_OR_FD  fp;	   /* open file handle */
+     int keep_open;
+     int no_cache;
+     int eof_seen;
+     int  print_only_name; /* flags indicating that fname is not a real file*/
+     char fname[1]; /* name of the file */
+ } file_filter_ctx_t ;
+
+ struct close_cache_s { 
+    struct close_cache_s *next;
+    FILEP_OR_FD fp;
+    char fname[1];
+ };
+ typedef struct close_cache_s *CLOSE_CACHE;
+ static CLOSE_CACHE close_cache;
+#endif
 
-
+#ifdef __MINGW32__
 typedef struct {
-    FILE *fp;	   /* open file handle */
+    int sock;
+    int keep_open;
+    int no_cache;
+    int eof_seen;
     int  print_only_name; /* flags indicating that fname is not a real file*/
     char fname[1]; /* name of the file */
-} file_filter_ctx_t ;
-
+} sock_filter_ctx_t ;
+#endif /*__MINGW32__*/
 
 /* The first partial length header block must be of size 512
  * to make it easier (and efficienter) we use a min. block size of 512
@@ -68,8 +124,185 @@ typedef struct {
     int eof;
 } block_filter_ctx_t;
 
+static int special_names_enabled;
 
 static int underflow(IOBUF a);
+static int translate_file_handle ( int fd, int for_write );
+
+#ifndef FILE_FILTER_USES_STDIO
+
+/*
+ * Invalidate (i.e. close) a cached iobuf
+ */
+static void
+fd_cache_invalidate (const char *fname)
+{
+    CLOSE_CACHE cc;
+
+    assert (fname);
+    if( DBG_IOBUF )
+        log_debug ("fd_cache_invalidate (%s)\n", fname);
+
+    for (cc=close_cache; cc; cc = cc->next ) {
+        if ( cc->fp != INVALID_FP && !strcmp (cc->fname, fname) ) {
+            if( DBG_IOBUF )
+                log_debug ("                did (%s)\n", cc->fname);
+          #ifdef HAVE_DOSISH_SYSTEM
+            CloseHandle (cc->fp);
+          #else
+	    close(cc->fp);
+	  #endif
+            cc->fp = INVALID_FP;
+        }
+    }
+}
+
+
+
+static FILEP_OR_FD
+direct_open (const char *fname, const char *mode)
+{
+#ifdef HAVE_DOSISH_SYSTEM
+    unsigned long da, cd, sm;
+    HANDLE hfile;
+
+    /* Note, that we do not handle all mode combinations */
+
+    /* According to the ReactOS source it seems that open() of the
+     * standard MSW32 crt does open the file in share mode which is
+     * something new for MS applications ;-)
+     */
+    if ( strchr (mode, '+') ) {
+        fd_cache_invalidate (fname);
+        da = GENERIC_READ|GENERIC_WRITE;
+        cd = OPEN_EXISTING;
+        sm = FILE_SHARE_READ | FILE_SHARE_WRITE;
+    }
+    else if ( strchr (mode, 'w') ) {
+        fd_cache_invalidate (fname);
+        da = GENERIC_WRITE;
+        cd = CREATE_ALWAYS;
+        sm = FILE_SHARE_WRITE;
+    }
+    else {
+        da = GENERIC_READ;
+        cd = OPEN_EXISTING;
+        sm = FILE_SHARE_READ;
+    }
+
+    hfile = CreateFile (fname, da, sm, NULL, cd, FILE_ATTRIBUTE_NORMAL, NULL);
+    return hfile;
+#else
+    int oflag;
+    int cflag = S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH;
+
+    /* Note, that we do not handle all mode combinations */
+    if ( strchr (mode, '+') ) {
+        fd_cache_invalidate (fname);
+        oflag = O_RDWR;
+    }
+    else if ( strchr (mode, 'w') ) {
+        fd_cache_invalidate (fname);
+        oflag = O_WRONLY | O_CREAT | O_TRUNC;
+    }
+    else {
+        oflag = O_RDONLY;
+    }
+#ifndef __riscos__
+    return open (fname, oflag, cflag );
+#else
+    {
+        struct stat buf;
+        int rc = stat( fname, &buf );
+        
+        /* Don't allow iobufs on directories */
+        if( !rc && S_ISDIR(buf.st_mode) && !S_ISREG(buf.st_mode) )
+            return __set_errno( EISDIR );
+        else
+            return open( fname, oflag, cflag );
+    }
+#endif
+#endif
+}
+
+
+/*
+ * Instead of closing an FD we keep it open and cache it for later reuse 
+ * Note that this caching strategy only works if the process does not chdir.
+ */
+static void
+fd_cache_close (const char *fname, FILEP_OR_FD fp)
+{
+    CLOSE_CACHE cc;
+
+    assert (fp);
+    if ( !fname || !*fname ) {
+#ifdef HAVE_DOSISH_SYSTEM
+        CloseHandle (fp);
+#else
+        close(fp);
+#endif
+        if( DBG_IOBUF )
+            log_debug ("fd_cache_close (%p) real\n", (void*)fp);
+        return;
+    }
+    /* try to reuse a slot */
+    for (cc=close_cache; cc; cc = cc->next ) {
+        if ( cc->fp == INVALID_FP && !strcmp (cc->fname, fname) ) {
+            cc->fp = fp;
+            if( DBG_IOBUF )
+                log_debug ("fd_cache_close (%s) used existing slot\n", fname);
+            return;
+        }
+    }
+    /* add a new one */
+    if( DBG_IOBUF )
+        log_debug ("fd_cache_close (%s) new slot created\n", fname);
+    cc = m_alloc_clear (sizeof *cc + strlen (fname));
+    strcpy (cc->fname, fname);
+    cc->fp = fp;
+    cc->next = close_cache;
+    close_cache = cc;
+}
+
+/*
+ * Do an direct_open on FNAME but first try to reuse one from the fd_cache
+ */
+static FILEP_OR_FD
+fd_cache_open (const char *fname, const char *mode)
+{
+    CLOSE_CACHE cc;
+
+    assert (fname);
+    for (cc=close_cache; cc; cc = cc->next ) {
+        if ( cc->fp != INVALID_FP && !strcmp (cc->fname, fname) ) {
+            FILEP_OR_FD fp = cc->fp;
+            cc->fp = INVALID_FP;
+            if( DBG_IOBUF )
+                log_debug ("fd_cache_open (%s) using cached fp\n", fname);
+          #ifdef HAVE_DOSISH_SYSTEM
+            if (SetFilePointer (fp, 0, NULL, FILE_BEGIN) == 0xffffffff ) {
+                log_error ("rewind file failed on handle %p: ec=%d\n",
+                           fp, (int)GetLastError () );
+                fp = INVALID_FP;
+            }
+          #else
+            if ( lseek (fp, 0, SEEK_SET) == (off_t)-1 ) {
+                log_error("can't rewind fd %d: %s\n", fp, strerror(errno) );
+                fp = INVALID_FP;
+            }
+          #endif
+            return fp;
+        }
+    }
+    if( DBG_IOBUF )
+        log_debug ("fd_cache_open (%s) not cached\n", fname);
+    return direct_open (fname, mode);
+}
+
+
+#endif /*FILE_FILTER_USES_STDIO*/
+
 
 /****************
  * Read data from a file into buf which has an allocated length of *LEN.
@@ -87,7 +320,7 @@ static int underflow(IOBUF a);
  *		    buffer, and should be set to the number of bytes
  *		    which were put into the buffer. The function
  *		    returns 0 to indicate success, -1 on EOF and
- *		    GPGERR_xxxxx for other errors.
+ *		    G10ERR_xxxxx for other errors.
  *
  * IOBUFCTRL_FLUSH: called by iobuf_flush() to write out the collected stuff.
  *		    *RET_LAN is the number of bytes in BUF.
@@ -99,59 +332,258 @@ static int
 file_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 {
     file_filter_ctx_t *a = opaque;
-    FILE *fp = a->fp;
+    FILEP_OR_FD f = a->fp;
     size_t size = *ret_len;
     size_t nbytes = 0;
     int rc = 0;
 
+#ifdef FILE_FILTER_USES_STDIO
     if( control == IOBUFCTRL_UNDERFLOW ) {
 	assert( size ); /* need a buffer */
-	if ( feof(fp)) {	/* On terminals you could easiely read as many EOFs as you call 	*/
+	if ( feof(f)) {	/* On terminals you could easiely read as many EOFs as you call 	*/
 	    rc = -1;		/* fread() or fgetc() repeatly. Every call will block until you press	*/
 	    *ret_len = 0;	/* CTRL-D. So we catch this case before we call fread() again.		*/
 	}
 	else {
-	    clearerr( fp );
-	    nbytes = fread( buf, 1, size, fp );
-	    if( feof(fp) && !nbytes )
+	    clearerr( f );
+	    nbytes = fread( buf, 1, size, f );
+	    if( feof(f) && !nbytes ) {
 		rc = -1; /* okay: we can return EOF now. */
-	    else if( ferror(fp) && errno != EPIPE  ) {
+            }
+	    else if( ferror(f) && errno != EPIPE  ) {
 		log_error("%s: read error: %s\n",
 			  a->fname, strerror(errno));
-		rc = GPGERR_READ_FILE;
+		rc = G10ERR_READ_FILE;
 	    }
 	    *ret_len = nbytes;
 	}
     }
     else if( control == IOBUFCTRL_FLUSH ) {
 	if( size ) {
-	    clearerr( fp );
-	    nbytes = fwrite( buf, 1, size, fp );
-	    if( ferror(fp) ) {
+	    clearerr( f );
+	    nbytes = fwrite( buf, 1, size, f );
+	    if( ferror(f) ) {
 		log_error("%s: write error: %s\n", a->fname, strerror(errno));
-		rc = GPGERR_WRITE_FILE;
+		rc = G10ERR_WRITE_FILE;
 	    }
 	}
 	*ret_len = nbytes;
     }
     else if( control == IOBUFCTRL_INIT ) {
+        a->keep_open = a->no_cache = 0;
     }
     else if( control == IOBUFCTRL_DESC ) {
 	*(char**)buf = "file_filter";
     }
     else if( control == IOBUFCTRL_FREE ) {
-	if( fp != stdin && fp != stdout ) {
+	if( f != stdin && f != stdout ) {
 	    if( DBG_IOBUF )
-		log_debug("%s: close fd %d\n", a->fname, fileno(fp) );
-	    fclose(fp);
+		log_debug("%s: close fd %d\n", a->fname, fileno(f) );
+            if (!a->keep_open)
+                fclose(f);
 	}
-	fp = NULL;
-	gcry_free(a); /* we can free our context now */
+	f = NULL;
+	m_free(a); /* we can free our context now */
     }
+#else /* !stdio implementation */
 
+    if( control == IOBUFCTRL_UNDERFLOW ) {
+	assert( size ); /* need a buffer */
+	if ( a->eof_seen) {
+	    rc = -1;		
+	    *ret_len = 0;	
+	}
+	else {
+          #ifdef HAVE_DOSISH_SYSTEM
+            unsigned long nread;
+
+            nbytes = 0;
+            if ( !ReadFile ( f, buf, size, &nread, NULL ) ) {
+                int ec = (int)GetLastError ();
+                if ( ec != ERROR_BROKEN_PIPE ) {
+                    log_error("%s: read error: ec=%d\n", a->fname, ec);
+                    rc = G10ERR_READ_FILE;
+                }
+            }
+            else if ( !nread ) {
+                a->eof_seen = 1;
+                rc = -1;
+            }
+            else {
+                nbytes = nread;
+            }
+
+          #else
+
+            int n;
+
+            nbytes = 0;
+            do {
+                n = read ( f, buf, size );
+            } while (n == -1 && errno == EINTR );
+            if ( n == -1 ) { /* error */
+                if (errno != EPIPE) {
+                    log_error("%s: read error: %s\n",
+                              a->fname, strerror(errno));
+                    rc = G10ERR_READ_FILE;
+                }
+            }
+            else if ( !n ) { /* eof */
+                a->eof_seen = 1;
+                rc = -1;
+            }
+            else {
+                nbytes = n;
+            }
+          #endif
+	    *ret_len = nbytes;
+	}
+    }
+    else if( control == IOBUFCTRL_FLUSH ) {
+	if( size ) {
+          #ifdef HAVE_DOSISH_SYSTEM
+            byte *p = buf;
+            unsigned long n;
+
+            nbytes = size;
+            do {
+                if ( size && !WriteFile ( f,  p, nbytes, &n, NULL) ) {
+                    int ec = (int)GetLastError ();
+                    log_error("%s: write error: ec=%d\n", a->fname, ec);
+                    rc = G10ERR_WRITE_FILE;
+                    break;
+                }
+                p += n;
+                nbytes -= n;
+            } while ( nbytes );
+            nbytes = p - buf;
+          #else
+            byte *p = buf;
+            int n;
+
+            nbytes = size;
+            do {
+                do {
+                    n = write ( f, p, nbytes );
+                } while ( n == -1 && errno == EINTR );
+                if ( n > 0 ) {
+                    p += n;
+                    nbytes -= n;
+                }
+            } while ( n != -1 && nbytes );
+	    if( n == -1 ) {
+		log_error("%s: write error: %s\n", a->fname, strerror(errno));
+		rc = G10ERR_WRITE_FILE;
+	    }
+            nbytes = p - buf;
+          #endif
+	}
+	*ret_len = nbytes;
+    }
+    else if ( control == IOBUFCTRL_INIT ) {
+        a->eof_seen = 0;
+        a->keep_open = 0;
+        a->no_cache = 0;
+    }
+    else if ( control == IOBUFCTRL_DESC ) {
+	*(char**)buf = "file_filter(fd)";
+    }
+    else if ( control == IOBUFCTRL_FREE ) {
+      #ifdef HAVE_DOSISH_SYSTEM
+        if ( f != FILEP_OR_FD_FOR_STDIN && f != FILEP_OR_FD_FOR_STDOUT ) {
+	    if( DBG_IOBUF )
+		log_debug("%s: close handle %p\n", a->fname, f );
+            if (!a->keep_open)
+                fd_cache_close (a->no_cache?NULL:a->fname, f);
+        }
+      #else
+	if ( (int)f != 0 && (int)f != 1 ) {
+	    if( DBG_IOBUF )
+		log_debug("%s: close fd %d\n", a->fname, f );
+            if (!a->keep_open)
+                fd_cache_close (a->no_cache?NULL:a->fname, f);
+	}
+	f = INVALID_FP;
+      #endif
+	m_free (a); /* we can free our context now */
+    }
+#endif /* !stdio implementation */
     return rc;
 }
 
+#ifdef __MINGW32__
+/* Becuase sockets are an special object under Lose32 we have to
+ * use a special filter */
+static int
+sock_filter (void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
+{
+    sock_filter_ctx_t *a = opaque;
+    size_t size = *ret_len;
+    size_t nbytes = 0;
+    int rc = 0;
+
+    if( control == IOBUFCTRL_UNDERFLOW ) {
+	assert( size ); /* need a buffer */
+	if ( a->eof_seen) {
+	    rc = -1;		
+	    *ret_len = 0;	
+	}
+	else {
+            int nread;
+
+            nread = recv ( a->sock, buf, size, 0 );
+            if ( nread == SOCKET_ERROR ) {
+                int ec = (int)WSAGetLastError ();
+                log_error("socket read error: ec=%d\n", ec);
+                rc = G10ERR_READ_FILE;
+            }
+            else if ( !nread ) {
+                a->eof_seen = 1;
+                rc = -1;
+            }
+            else {
+                nbytes = nread;
+            }
+	    *ret_len = nbytes;
+	}
+    }
+    else if( control == IOBUFCTRL_FLUSH ) {
+	if( size ) {
+            byte *p = buf;
+            int n;
+
+            nbytes = size;
+            do {
+                n = send (a->sock, p, nbytes, 0);
+                if ( n == SOCKET_ERROR ) {
+                    int ec = (int)WSAGetLastError ();
+                    log_error("socket write error: ec=%d\n", ec);
+                    rc = G10ERR_WRITE_FILE;
+                    break;
+                }
+                p += n;
+                nbytes -= n;
+            } while ( nbytes );
+            nbytes = p - buf;
+	}
+	*ret_len = nbytes;
+    }
+    else if ( control == IOBUFCTRL_INIT ) {
+        a->eof_seen = 0;
+        a->keep_open = 0;
+        a->no_cache = 0;
+    }
+    else if ( control == IOBUFCTRL_DESC ) {
+	*(char**)buf = "sock_filter";
+    }
+    else if ( control == IOBUFCTRL_FREE ) {
+        if (!a->keep_open)
+            closesocket (a->sock);
+	m_free (a); /* we can free our context now */
+    }
+    return rc;
+}
+#endif /*__MINGW32__*/
 
 /****************
  * This is used to implement the block write mode.
@@ -191,7 +623,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		    }
 		    else if( (c = iobuf_get(chain)) == -1 ) {
 			log_error("block_filter: 1st length byte missing\n");
-			rc = GPGERR_READ_FILE;
+			rc = G10ERR_READ_FILE;
 			break;
 		    }
 		    if( c < 192 ) {
@@ -208,7 +640,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 			a->size = (c - 192) * 256;
 			if( (c = iobuf_get(chain)) == -1 ) {
 			    log_error("block_filter: 2nd length byte missing\n");
-			    rc = GPGERR_READ_FILE;
+			    rc = G10ERR_READ_FILE;
 			    break;
 			}
 			a->size += c + 192;
@@ -226,7 +658,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 			a->size |= iobuf_get(chain) << 8;
 			if( (c = iobuf_get(chain)) == -1 ) {
 			    log_error("block_filter: invalid 4 byte length\n");
-			    rc = GPGERR_READ_FILE;
+			    rc = G10ERR_READ_FILE;
 			    break;
 			}
 			a->size |= c;
@@ -243,7 +675,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		    a->size |= c;
 		    if( c == -1 ) {
 			log_error("block_filter: error reading length info\n");
-			rc = GPGERR_READ_FILE;
+			rc = G10ERR_READ_FILE;
 		    }
 		    if( !a->size ) {
 			a->eof = 1;
@@ -261,7 +693,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		    if( c == -1 ) c = 0;
 		    log_error("block_filter %p: read error (size=%lu,a->size=%lu)\n",
 			      a,  (ulong)size+c, (ulong)a->size+c);
-		    rc = GPGERR_READ_FILE;
+		    rc = G10ERR_READ_FILE;
 		}
 		else {
 		    size -= c;
@@ -281,7 +713,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 	    if( nbytes < OP_MIN_PARTIAL_CHUNK ) {
 		/* not enough to write a partial block out; so we store it*/
 		if( !a->buffer )
-		    a->buffer = gcry_xmalloc( OP_MIN_PARTIAL_CHUNK );
+		    a->buffer = m_alloc( OP_MIN_PARTIAL_CHUNK );
 		memcpy( a->buffer + a->buflen, buf, size );
 		a->buflen += size;
 	    }
@@ -303,14 +735,14 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		    if( (n=a->buflen) ) { /* write stuff from the buffer */
 			assert( n == OP_MIN_PARTIAL_CHUNK);
 			if( iobuf_write(chain, a->buffer, n ) )
-			    rc = GPGERR_WRITE_FILE;
+			    rc = G10ERR_WRITE_FILE;
 			a->buflen = 0;
 			nbytes -= n;
 		    }
 		    if( (n = nbytes) > blen )
 			n = blen;
 		    if( n && iobuf_write(chain, p, n ) )
-			rc = GPGERR_WRITE_FILE;
+			rc = G10ERR_WRITE_FILE;
 		    p += n;
 		    nbytes -= n;
 		} while( !rc && nbytes >= OP_MIN_PARTIAL_CHUNK );
@@ -319,7 +751,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		    assert( !a->buflen );
 		    assert( nbytes < OP_MIN_PARTIAL_CHUNK );
 		    if( !a->buffer )
-			a->buffer = gcry_xmalloc( OP_MIN_PARTIAL_CHUNK );
+			a->buffer = m_alloc( OP_MIN_PARTIAL_CHUNK );
 		    memcpy( a->buffer, p, nbytes );
 		    a->buflen = nbytes;
 		}
@@ -348,7 +780,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		if( n > avail )
 		    n = avail;
 		if( iobuf_write(chain, p, n ) )
-		    rc = GPGERR_WRITE_FILE;
+		    rc = G10ERR_WRITE_FILE;
 		a->count += n;
 		p += n;
 		size -= n;
@@ -405,9 +837,9 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		    rc = iobuf_write(chain, a->buffer, len );
 		if( rc ) {
 		    log_error("block_filter: write error: %s\n",strerror(errno));
-		    rc = GPGERR_WRITE_FILE;
+		    rc = G10ERR_WRITE_FILE;
 		}
-		gcry_free( a->buffer ); a->buffer = NULL; a->buflen = 0;
+		m_free( a->buffer ); a->buffer = NULL; a->buflen = 0;
 	    }
 	    else {
 		iobuf_writebyte(chain, 0);
@@ -419,7 +851,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 	}
 	if( DBG_IOBUF )
 	    log_debug("free block_filter %p\n", a );
-	gcry_free(a); /* we can free our context now */
+	m_free(a); /* we can free our context now */
     }
 
     return rc;
@@ -463,9 +895,9 @@ iobuf_alloc(int use, size_t bufsize)
     IOBUF a;
     static int number=0;
 
-    a = gcry_xcalloc( 1,sizeof *a);
+    a = m_alloc_clear(sizeof *a);
     a->use = use;
-    a->d.buf = gcry_xmalloc( bufsize );
+    a->d.buf = m_alloc( bufsize );
     a->d.size = bufsize;
     a->no = ++number;
     a->subno = 0;
@@ -474,17 +906,16 @@ iobuf_alloc(int use, size_t bufsize)
     return a;
 }
 
-
 int
-iobuf_close( IOBUF a )
+iobuf_close ( IOBUF a )
 {
     IOBUF a2;
-    size_t dummy_len = 0;
+    size_t dummy_len=0;
     int rc=0;
 
     if( a && a->directfp ) {
 	fclose( a->directfp );
-	gcry_free( a->real_fname );
+	m_free( a->real_fname );
 	if( DBG_IOBUF )
 	    log_debug("iobuf_close -> %p\n", a->directfp );
 	return 0;
@@ -493,35 +924,37 @@ iobuf_close( IOBUF a )
     for( ; a && !rc ; a = a2 ) {
 	a2 = a->chain;
 	if( a->use == 2 && (rc=iobuf_flush(a)) )
-	    log_error("iobuf_flush failed on close: %s\n", gpg_errstr(rc));
+	    log_error("iobuf_flush failed on close: %s\n", g10_errstr(rc));
 
 	if( DBG_IOBUF )
 	    log_debug("iobuf-%d.%d: close `%s'\n", a->no, a->subno, a->desc );
 	if( a->filter && (rc = a->filter(a->filter_ov, IOBUFCTRL_FREE,
 					 a->chain, NULL, &dummy_len)) )
-	    log_error("IOBUFCTRL_FREE failed on close: %s\n", gpg_errstr(rc) );
-	gcry_free(a->real_fname);
-	gcry_free(a->d.buf);
-	gcry_free(a);
+	    log_error("IOBUFCTRL_FREE failed on close: %s\n", g10_errstr(rc) );
+	m_free(a->real_fname);
+        if (a->d.buf) {
+            memset (a->d.buf, 0, a->d.size); /* erase the buffer */
+            m_free(a->d.buf);
+        }
+	m_free(a);
     }
     return rc;
 }
 
-
 int
 iobuf_cancel( IOBUF a )
 {
     const char *s;
     IOBUF a2;
     int rc;
-  #ifdef HAVE_DOSISH_SYSTEM
+  #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
     char *remove_name = NULL;
   #endif
 
     if( a && a->use == 2 ) {
 	s = iobuf_get_real_fname(a);
 	if( s && *s ) {
-	  #ifdef HAVE_DOSISH_SYSTEM
+	  #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
 	    remove_name = m_strdup ( s );
 	  #else
 	    remove(s);
@@ -538,7 +971,7 @@ iobuf_cancel( IOBUF a )
     }
 
     rc = iobuf_close(a);
-  #ifdef HAVE_DOSISH_SYSTEM
+  #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
     if ( remove_name ) {
 	/* Argg, MSDOS does not allow to remove open files.  So
 	 * we have to do it here */
@@ -549,6 +982,7 @@ iobuf_cancel( IOBUF a )
     return rc;
 }
 
+
 /****************
  * create a temporary iobuf, which can be used to collect stuff
  * in an iobuf and later be written by iobuf_write_temp() to another
@@ -576,6 +1010,32 @@ iobuf_temp_with_content( const char *buffer, size_t length )
     return a;
 }
 
+void
+iobuf_enable_special_filenames ( int yes )
+{
+    special_names_enabled = yes;
+}
+
+/*
+ * see whether the filename has the for "-&nnnn", where n is a
+ * non-zero number.
+ * Returns this number or -1 if it is not the case.
+ */
+static int
+check_special_filename ( const char *fname )
+{
+    if ( special_names_enabled
+         && fname && *fname == '-' && fname[1] == '&' ) {
+        int i;
+
+        fname += 2;
+        for (i=0; isdigit (fname[i]); i++ )
+            ;
+        if ( !fname[i] ) 
+            return atoi (fname);
+    }
+    return -1;
+}
 
 /****************
  * Create a head iobuf for reading from a file
@@ -585,35 +1045,38 @@ IOBUF
 iobuf_open( const char *fname )
 {
     IOBUF a;
-    FILE *fp;
+    FILEP_OR_FD fp;
     file_filter_ctx_t *fcx;
     size_t len;
     int print_only = 0;
+    int fd;
 
     if( !fname || (*fname=='-' && !fname[1])  ) {
-	fp = stdin;
-      #ifdef HAVE_DOSISH_SYSTEM
-	setmode ( fileno(fp) , O_BINARY );
+	fp = FILEP_OR_FD_FOR_STDIN;
+      #ifdef USE_SETMODE
+	setmode ( my_fileno(fp) , O_BINARY );
       #endif
 	fname = "[stdin]";
 	print_only = 1;
     }
-    else if( !(fp = fopen(fname, "rb")) )
+    else if ( (fd = check_special_filename ( fname )) != -1 )
+        return iobuf_fdopen ( translate_file_handle (fd,0), "rb" );
+    else if( (fp = my_fopen_ro(fname, "rb")) == INVALID_FP )
 	return NULL;
     a = iobuf_alloc(1, 8192 );
-    fcx = gcry_xmalloc( sizeof *fcx + strlen(fname) );
+    fcx = m_alloc( sizeof *fcx + strlen(fname) );
     fcx->fp = fp;
     fcx->print_only_name = print_only;
     strcpy(fcx->fname, fname );
     if( !print_only )
-	a->real_fname = gcry_xstrdup( fname );
+	a->real_fname = m_strdup( fname );
     a->filter = file_filter;
     a->filter_ov = fcx;
     file_filter( fcx, IOBUFCTRL_DESC, NULL, (byte*)&a->desc, &len );
     file_filter( fcx, IOBUFCTRL_INIT, NULL, NULL, &len );
     if( DBG_IOBUF )
 	log_debug("iobuf-%d.%d: open `%s' fd=%d\n",
-		   a->no, a->subno, fname, fileno(fcx->fp) );
+		   a->no, a->subno, fname, (int)my_fileno(fcx->fp) );
 
     return a;
 }
@@ -626,14 +1089,18 @@ IOBUF
 iobuf_fdopen( int fd, const char *mode )
 {
     IOBUF a;
-    FILE *fp;
+    FILEP_OR_FD fp;
     file_filter_ctx_t *fcx;
     size_t len;
 
+#ifdef FILE_FILTER_USES_STDIO
     if( !(fp = fdopen(fd, mode)) )
 	return NULL;
+#else
+    fp = (FILEP_OR_FD)fd;
+#endif
     a = iobuf_alloc( strchr( mode, 'w')? 2:1, 8192 );
-    fcx = gcry_xmalloc( sizeof *fcx + 20 );
+    fcx = m_alloc( sizeof *fcx + 20 );
     fcx->fp = fp;
     fcx->print_only_name = 1;
     sprintf(fcx->fname, "[fd %d]", fd );
@@ -643,7 +1110,34 @@ iobuf_fdopen( int fd, const char *mode )
     file_filter( fcx, IOBUFCTRL_INIT, NULL, NULL, &len );
     if( DBG_IOBUF )
 	log_debug("iobuf-%d.%d: fdopen `%s'\n", a->no, a->subno, fcx->fname );
+    iobuf_ioctl (a,3,1,NULL); /* disable fd caching */
+    return a;
+}
+
 
+IOBUF
+iobuf_sockopen ( int fd, const char *mode )
+{
+    IOBUF a;
+#ifdef __MINGW32__
+    sock_filter_ctx_t *scx;
+    size_t len;
+
+    a = iobuf_alloc( strchr( mode, 'w')? 2:1, 8192 );
+    scx = m_alloc( sizeof *scx + 25 );
+    scx->sock = fd;
+    scx->print_only_name = 1;
+    sprintf(scx->fname, "[sock %d]", fd );
+    a->filter = sock_filter;
+    a->filter_ov = scx;
+    sock_filter( scx, IOBUFCTRL_DESC, NULL, (byte*)&a->desc, &len );
+    sock_filter( scx, IOBUFCTRL_INIT, NULL, NULL, &len );
+    if( DBG_IOBUF )
+	log_debug("iobuf-%d.%d: sockopen `%s'\n", a->no, a->subno, scx->fname);
+    iobuf_ioctl (a,3,1,NULL); /* disable fd caching */ 
+#else
+    a = iobuf_fdopen (fd, mode);
+#endif
     return a;
 }
 
@@ -654,28 +1148,31 @@ IOBUF
 iobuf_create( const char *fname )
 {
     IOBUF a;
-    FILE *fp;
+    FILEP_OR_FD fp;
     file_filter_ctx_t *fcx;
     size_t len;
     int print_only = 0;
+    int fd;
 
     if( !fname || (*fname=='-' && !fname[1]) ) {
-	fp = stdout;
-      #ifdef HAVE_DOSISH_SYSTEM
-	setmode ( fileno(fp) , O_BINARY );
+	fp = FILEP_OR_FD_FOR_STDOUT;
+      #ifdef USE_SETMODE
+	setmode ( my_fileno(fp) , O_BINARY );
       #endif
 	fname = "[stdout]";
 	print_only = 1;
     }
-    else if( !(fp = fopen(fname, "wb")) )
+    else if ( (fd = check_special_filename ( fname )) != -1 )
+        return iobuf_fdopen ( translate_file_handle (fd, 1), "wb" );
+    else if( (fp = my_fopen(fname, "wb")) == INVALID_FP )
 	return NULL;
     a = iobuf_alloc(2, 8192 );
-    fcx = gcry_xmalloc( sizeof *fcx + strlen(fname) );
+    fcx = m_alloc( sizeof *fcx + strlen(fname) );
     fcx->fp = fp;
     fcx->print_only_name = print_only;
     strcpy(fcx->fname, fname );
     if( !print_only )
-	a->real_fname = gcry_xstrdup( fname );
+	a->real_fname = m_strdup( fname );
     a->filter = file_filter;
     a->filter_ov = fcx;
     file_filter( fcx, IOBUFCTRL_DESC, NULL, (byte*)&a->desc, &len );
@@ -689,7 +1186,9 @@ iobuf_create( const char *fname )
 /****************
  * append to an iobuf; if the file does not exist, create it.
  * cannot be used for stdout.
+ * Note: This is not used.
  */
+#if 0 /* not used */
 IOBUF
 iobuf_append( const char *fname )
 {
@@ -700,13 +1199,13 @@ iobuf_append( const char *fname )
 
     if( !fname )
 	return NULL;
-    else if( !(fp = fopen(fname, "ab")) )
+    else if( !(fp = my_fopen(fname, "ab")) )
 	return NULL;
     a = iobuf_alloc(2, 8192 );
-    fcx = gcry_xmalloc( sizeof *fcx + strlen(fname) );
+    fcx = m_alloc( sizeof *fcx + strlen(fname) );
     fcx->fp = fp;
     strcpy(fcx->fname, fname );
-    a->real_fname = gcry_xstrdup( fname );
+    a->real_fname = m_strdup( fname );
     a->filter = file_filter;
     a->filter_ov = fcx;
     file_filter( fcx, IOBUFCTRL_DESC, NULL, (byte*)&a->desc, &len );
@@ -716,24 +1215,25 @@ iobuf_append( const char *fname )
 
     return a;
 }
+#endif
 
 IOBUF
 iobuf_openrw( const char *fname )
 {
     IOBUF a;
-    FILE *fp;
+    FILEP_OR_FD fp;
     file_filter_ctx_t *fcx;
     size_t len;
 
     if( !fname )
 	return NULL;
-    else if( !(fp = fopen(fname, "r+b")) )
+    else if( (fp = my_fopen(fname, "r+b")) == INVALID_FP )
 	return NULL;
     a = iobuf_alloc(2, 8192 );
-    fcx = gcry_xmalloc( sizeof *fcx + strlen(fname) );
+    fcx = m_alloc( sizeof *fcx + strlen(fname) );
     fcx->fp = fp;
     strcpy(fcx->fname, fname );
-    a->real_fname = gcry_xstrdup( fname );
+    a->real_fname = m_strdup( fname );
     a->filter = file_filter;
     a->filter_ov = fcx;
     file_filter( fcx, IOBUFCTRL_DESC, NULL, (byte*)&a->desc, &len );
@@ -745,41 +1245,61 @@ iobuf_openrw( const char *fname )
 }
 
 
-
-/****************
- * You can overwrite the normal iobuf behaviour by using this function.
- * If used the iobuf is a simple wrapper around stdio.
- * NULL if an error occures and sets errno
- */
-IOBUF
-iobuf_fopen( const char *fname, const char *mode )
+int
+iobuf_ioctl ( IOBUF a, int cmd, int intval, void *ptrval )
 {
-    IOBUF a;
-    FILE *fp;
-    int print_only = 0;
-
-    if( !fname || (*fname=='-' && !fname[1])  ) {
-	fp = stdin;
-      #ifdef HAVE_DOSISH_SYSTEM
-	setmode ( fileno(fp) , O_BINARY );
-      #endif
-	fname = "[stdin]";
-	print_only = 1;
+    if ( cmd == 1 ) {  /* keep system filepointer/descriptor open */
+        if( DBG_IOBUF )
+            log_debug("iobuf-%d.%d: ioctl `%s' keep=%d\n",
+                      a? a->no:-1, a?a->subno:-1, a?a->desc:"?", intval );
+        for( ; a; a = a->chain )
+            if( !a->chain && a->filter == file_filter ) {
+                file_filter_ctx_t *b = a->filter_ov;
+                b->keep_open = intval;
+                return 0;
+            }
+          #ifdef __MINGW32__
+            else if( !a->chain && a->filter == sock_filter ) {
+                sock_filter_ctx_t *b = a->filter_ov;
+                b->keep_open = intval;
+                return 0;
+            }
+          #endif
+    }
+    else if ( cmd == 2 ) {  /* invalidate cache */
+        if( DBG_IOBUF )
+            log_debug("iobuf-*.*: ioctl `%s' invalidate\n",
+                      ptrval? (char*)ptrval:"?");
+        if ( !a && !intval && ptrval ) {
+          #ifndef FILE_FILTER_USES_STDIO
+            fd_cache_invalidate (ptrval);
+          #endif
+            return 0;
+        }
+    }
+    else if ( cmd == 3 ) {  /* disallow/allow caching */
+        if( DBG_IOBUF )
+            log_debug("iobuf-%d.%d: ioctl `%s' no_cache=%d\n",
+                      a? a->no:-1, a?a->subno:-1, a?a->desc:"?", intval );
+        for( ; a; a = a->chain )
+            if( !a->chain && a->filter == file_filter ) {
+                file_filter_ctx_t *b = a->filter_ov;
+                b->no_cache = intval;
+                return 0;
+            }
+          #ifdef __MINGW32__
+            else if( !a->chain && a->filter == sock_filter ) {
+                sock_filter_ctx_t *b = a->filter_ov;
+                b->no_cache = intval;
+                return 0;
+            }
+          #endif
     }
-    else if( !(fp = fopen(fname, mode) ) )
-	return NULL;
-    a = iobuf_alloc(1, 8192 );
-    a->directfp = fp;
-    a->real_fname = gcry_xstrdup( fname );
-
-    if( DBG_IOBUF )
-	log_debug("iobuf_fopen -> %p\n", a->directfp );
 
-    return a;
+    return -1;
 }
 
 
-
 /****************
  * Register an i/o filter.
  */
@@ -811,12 +1331,12 @@ iobuf_push_filter2( IOBUF a,
      * The contents of the buffers are transferred to the
      * new stream.
      */
-    b = gcry_xmalloc(sizeof *b);
+    b = m_alloc(sizeof *b);
     memcpy(b, a, sizeof *b );
     /* fixme: it is stupid to keep a copy of the name at every level
      * but we need the name somewhere because the name known by file_filter
      * may have been released when we need the name of the file */
-    b->real_fname = a->real_fname? gcry_xstrdup(a->real_fname):NULL;
+    b->real_fname = a->real_fname? m_strdup(a->real_fname):NULL;
     /* remove the filter stuff from the new stream */
     a->filter = NULL;
     a->filter_ov = NULL;
@@ -826,12 +1346,12 @@ iobuf_push_filter2( IOBUF a,
 	a->use = 2;  /* make a write stream from a temp stream */
 
     if( a->use == 2 ) { /* allocate a fresh buffer for the original stream */
-	b->d.buf = gcry_xmalloc( a->d.size );
+	b->d.buf = m_alloc( a->d.size );
 	b->d.len = 0;
 	b->d.start = 0;
     }
     else { /* allocate a fresh buffer for the new stream */
-	a->d.buf = gcry_xmalloc( a->d.size );
+	a->d.buf = m_alloc( a->d.size );
 	a->d.len = 0;
 	a->d.start = 0;
     }
@@ -859,7 +1379,7 @@ iobuf_push_filter2( IOBUF a,
     /* now we can initialize the new function if we have one */
     if( a->filter && (rc = a->filter(a->filter_ov, IOBUFCTRL_INIT, a->chain,
 		       NULL, &dummy_len)) )
-	log_error("IOBUFCTRL_INIT failed: %s\n", gpg_errstr(rc) );
+	log_error("IOBUFCTRL_INIT failed: %s\n", g10_errstr(rc) );
     return rc;
 }
 
@@ -882,10 +1402,10 @@ pop_filter( IOBUF a, int (*f)(void *opaque, int control,
     if( !a->filter ) { /* this is simple */
 	b = a->chain;
 	assert(b);
-	gcry_free(a->d.buf);
-	gcry_free(a->real_fname);
+	m_free(a->d.buf);
+	m_free(a->real_fname);
 	memcpy(a,b, sizeof *a);
-	gcry_free(b);
+	m_free(b);
 	return 0;
     }
     for(b=a ; b; b = b->chain )
@@ -896,17 +1416,17 @@ pop_filter( IOBUF a, int (*f)(void *opaque, int control,
 
     /* flush this stream if it is an output stream */
     if( a->use == 2 && (rc=iobuf_flush(b)) ) {
-	log_error("iobuf_flush failed in pop_filter: %s\n", gpg_errstr(rc));
+	log_error("iobuf_flush failed in pop_filter: %s\n", g10_errstr(rc));
 	return rc;
     }
     /* and tell the filter to free it self */
     if( b->filter && (rc = b->filter(b->filter_ov, IOBUFCTRL_FREE, b->chain,
 		       NULL, &dummy_len)) ) {
-	log_error("IOBUFCTRL_FREE failed: %s\n", gpg_errstr(rc) );
+	log_error("IOBUFCTRL_FREE failed: %s\n", g10_errstr(rc) );
 	return rc;
     }
     if( b->filter_ov && b->filter_ov_owner ) {
-	gcry_free( b->filter_ov );
+	m_free( b->filter_ov );
 	b->filter_ov = NULL;
     }
 
@@ -919,10 +1439,10 @@ pop_filter( IOBUF a, int (*f)(void *opaque, int control,
 	 * a flush has been done on the to be removed entry
 	 */
 	b = a->chain;
-	gcry_free(a->d.buf);
-	gcry_free(a->real_fname);
+	m_free(a->d.buf);
+	m_free(a->real_fname);
 	memcpy(a,b, sizeof *a);
-	gcry_free(b);
+	m_free(b);
 	if( DBG_IOBUF )
 	   log_debug("iobuf-%d.%d: popped filter\n", a->no, a->subno );
     }
@@ -957,10 +1477,10 @@ underflow(IOBUF a)
 	    if( DBG_IOBUF )
 		log_debug("iobuf-%d.%d: pop `%s' in underflow\n",
 					a->no, a->subno, a->desc );
-	    gcry_free(a->d.buf);
-	    gcry_free(a->real_fname);
+	    m_free(a->d.buf);
+	    m_free(a->real_fname);
 	    memcpy(a, b, sizeof *a);
-	    gcry_free(b);
+	    m_free(b);
 	    print_chain(a);
 	}
 	else
@@ -1011,9 +1531,9 @@ underflow(IOBUF a)
 	    /* and tell the filter to free itself */
 	    if( (rc = a->filter(a->filter_ov, IOBUFCTRL_FREE, a->chain,
 			       NULL, &dummy_len)) )
-		log_error("IOBUFCTRL_FREE failed: %s\n", gpg_errstr(rc) );
+		log_error("IOBUFCTRL_FREE failed: %s\n", g10_errstr(rc) );
 	    if( a->filter_ov && a->filter_ov_owner ) {
-		gcry_free( a->filter_ov );
+		m_free( a->filter_ov );
 		a->filter_ov = NULL;
 	    }
 	    a->filter = NULL;
@@ -1026,10 +1546,10 @@ underflow(IOBUF a)
 		    log_debug("iobuf-%d.%d: pop `%s' in underflow (!len)\n",
 					       a->no, a->subno, a->desc );
 		print_chain(a);
-		gcry_free(a->d.buf);
-		gcry_free(a->real_fname);
+		m_free(a->d.buf);
+		m_free(a->real_fname);
 		memcpy(a,b, sizeof *a);
-		gcry_free(b);
+		m_free(b);
 		print_chain(a);
 	    }
 	}
@@ -1063,16 +1583,15 @@ iobuf_flush(IOBUF a)
     if( a->directfp )
 	return 0;
 
-    /*log_debug("iobuf-%d.%d: flush\n", a->no, a->subno );*/
     if( a->use == 3 ) { /* increase the temp buffer */
 	char *newbuf;
 	size_t newsize = a->d.size + 8192;
 
 	log_debug("increasing temp iobuf from %lu to %lu\n",
 		    (ulong)a->d.size, (ulong)newsize );
-	newbuf = gcry_xmalloc( newsize );
+	newbuf = m_alloc( newsize );
 	memcpy( newbuf, a->d.buf, a->d.len );
-	gcry_free(a->d.buf);
+	m_free(a->d.buf);
 	a->d.buf = newbuf;
 	a->d.size = newsize;
 	return 0;
@@ -1085,7 +1604,7 @@ iobuf_flush(IOBUF a)
     rc = a->filter( a->filter_ov, IOBUFCTRL_FLUSH, a->chain, a->d.buf, &len );
     if( !rc && len != a->d.len ) {
 	log_info("iobuf_flush did not write all!\n");
-	rc = GPGERR_WRITE_FILE;
+	rc = G10ERR_WRITE_FILE;
     }
     else if( rc )
 	a->error = 1;
@@ -1108,7 +1627,7 @@ iobuf_readbyte(IOBUF a)
     if( a->unget.buf ) {
 	if( a->unget.start < a->unget.len )
 	    return a->unget.buf[a->unget.start++];
-	gcry_free(a->unget.buf);
+	m_free(a->unget.buf);
 	a->unget.buf = NULL;
 	a->nofast &= ~2;
     }
@@ -1301,7 +1820,7 @@ iobuf_flush_temp( IOBUF temp )
  * Setting the limit to 0 disables this feature.
  */
 void
-iobuf_set_limit( IOBUF a, unsigned long nlimit )
+iobuf_set_limit( IOBUF a, off_t nlimit )
 {
     if( nlimit )
 	a->nofast |= 1;
@@ -1317,44 +1836,38 @@ iobuf_set_limit( IOBUF a, unsigned long nlimit )
 /****************
  * Return the length of an open file
  */
-u32
+off_t
 iobuf_get_filelength( IOBUF a )
 {
-#if defined (HAVE_FOPEN64) && defined (HAVE_FSTAT64)
-    struct stat64 st;
-#else
     struct stat st;
-#endif
 
     if( a->directfp )  {
 	FILE *fp = a->directfp;
 
-	if( !fstat(fileno(fp), &st) ) {
-          #if defined (HAVE_FOPEN64) && defined (HAVE_FSTAT64)
-            if( st.st_size >= IOBUF_FILELENGTH_LIMIT )
-                return IOBUF_FILELENGTH_LIMIT;
-          #endif
-	    return (u32)st.st_size;
-        }
+       if( !fstat(fileno(fp), &st) )
+           return st.st_size;
 	log_error("fstat() failed: %s\n", strerror(errno) );
 	return 0;
     }
 
-
     /* Hmmm: file_filter may have already been removed */
     for( ; a; a = a->chain )
 	if( !a->chain && a->filter == file_filter ) {
 	    file_filter_ctx_t *b = a->filter_ov;
-	    FILE *fp = b->fp;
+	    FILEP_OR_FD fp = b->fp;
+
+          #if defined(HAVE_DOSISH_SYSTEM) && !defined(FILE_FILTER_USES_STDIO)
+            ulong size;
 
-	    if( !fstat(fileno(fp), &st) ) {
-              #if defined (HAVE_FOPEN64) && defined (HAVE_FSTAT64)
-                if( st.st_size >= IOBUF_FILELENGTH_LIMIT )
-                    return IOBUF_FILELENGTH_LIMIT;
-              #endif
+            if ( (size=GetFileSize (fp, NULL)) != 0xffffffff ) 
+                return size;
+            log_error ("GetFileSize for handle %p failed: ec=%d\n",
+                       fp, (int)GetLastError () );
+          #else
+            if( !fstat(my_fileno(fp), &st) )
 		return st.st_size;
-            }
 	    log_error("fstat() failed: %s\n", strerror(errno) );
+          #endif
 	    break;
 	}
 
@@ -1364,27 +1877,55 @@ iobuf_get_filelength( IOBUF a )
 /****************
  * Tell the file position, where the next read will take place
  */
-ulong
+off_t
 iobuf_tell( IOBUF a )
 {
     return a->ntotal + a->nbytes;
 }
 
 
+#if !defined(HAVE_FSEEKO) && !defined(fseeko)
+
+#ifdef HAVE_LIMITS_H
+# include <limits.h>
+#endif
+#ifndef LONG_MAX
+# define LONG_MAX ((long) ((unsigned long) -1 >> 1))
+#endif
+#ifndef LONG_MIN
+# define LONG_MIN (-1 - LONG_MAX)
+#endif
+
+/****************
+ * A substitute for fseeko, for hosts that don't have it.
+ */
+static int
+fseeko( FILE *stream, off_t newpos, int whence )
+{
+    while( newpos != (long) newpos ) {
+       long pos = newpos < 0 ? LONG_MIN : LONG_MAX;
+       if( fseek( stream, pos, whence ) != 0 )
+           return -1;
+       newpos -= pos;
+       whence = SEEK_CUR;
+    }
+    return fseek( stream, (long)newpos, whence );
+}
+#endif
 
 /****************
  * This is a very limited implementation. It simply discards all internal
  * buffering and removes all filters but the first one.
  */
 int
-iobuf_seek( IOBUF a, ulong newpos )
+iobuf_seek( IOBUF a, off_t newpos )
 {
     file_filter_ctx_t *b = NULL;
 
     if( a->directfp ) {
 	FILE *fp = a->directfp;
-	if( fseek( fp, newpos, SEEK_SET ) ) {
-	    log_error("can't seek to %lu: %s\n", newpos, strerror(errno) );
+        if( fseeko( fp, newpos, SEEK_SET ) ) {
+            log_error("can't seek: %s\n", strerror(errno) );
 	    return -1;
 	}
 	clearerr(fp);
@@ -1398,10 +1939,25 @@ iobuf_seek( IOBUF a, ulong newpos )
 	}
 	if( !a )
 	    return -1;
-	if( fseek( b->fp, newpos, SEEK_SET ) ) {
-	    log_error("can't seek to %lu: %s\n", newpos, strerror(errno) );
-	    return -1;
-	}
+#ifdef FILE_FILTER_USES_STDIO
+       if( fseeko( b->fp, newpos, SEEK_SET ) ) {
+           log_error("can't fseek: %s\n", strerror(errno) );
+           return -1;
+       }
+#else
+    #ifdef HAVE_DOSISH_SYSTEM
+       if (SetFilePointer (b->fp, newpos, NULL, FILE_BEGIN) == 0xffffffff ) {
+           log_error ("SetFilePointer failed on handle %p: ec=%d\n",
+                      b->fp, (int)GetLastError () );
+           return -1;
+       }
+    #else
+       if ( lseek (b->fp, newpos, SEEK_SET) == (off_t)-1 ) {
+           log_error("can't lseek: %s\n", strerror(errno) );
+           return -1;
+       }
+    #endif
+#endif
     }
     a->d.len = 0;   /* discard buffer */
     a->d.start = 0;
@@ -1467,7 +2023,7 @@ iobuf_get_fname( IOBUF a )
 void
 iobuf_set_block_mode( IOBUF a, size_t n )
 {
-    block_filter_ctx_t *ctx = gcry_xcalloc( 1, sizeof *ctx );
+    block_filter_ctx_t *ctx = m_alloc_clear( sizeof *ctx );
 
     assert( a->use == 1 || a->use == 2 );
     ctx->use = a->use;
@@ -1489,7 +2045,7 @@ iobuf_set_block_mode( IOBUF a, size_t n )
 void
 iobuf_set_partial_block_mode( IOBUF a, size_t len )
 {
-    block_filter_ctx_t *ctx = gcry_xcalloc( 1, sizeof *ctx );
+    block_filter_ctx_t *ctx = m_alloc_clear( sizeof *ctx );
 
     assert( a->use == 1 || a->use == 2 );
     ctx->use = a->use;
@@ -1544,7 +2100,7 @@ iobuf_read_line( IOBUF a, byte **addr_of_buffer,
 
     if( !buffer ) { /* must allocate a new buffer */
 	length = 256;
-	buffer = gcry_xmalloc( length );
+	buffer = m_alloc( length );
 	*addr_of_buffer = buffer;
 	*length_of_buffer = length;
     }
@@ -1564,7 +2120,7 @@ iobuf_read_line( IOBUF a, byte **addr_of_buffer,
 	    }
 	    length += 3; /* correct for the reserved byte */
 	    length += length < 1024? 256 : 1024;
-	    buffer = gcry_xrealloc( buffer, length );
+	    buffer = m_realloc( buffer, length );
 	    *addr_of_buffer = buffer;
 	    *length_of_buffer = length;
 	    length -= 3; /* and reserve again */
@@ -1580,3 +2136,58 @@ iobuf_read_line( IOBUF a, byte **addr_of_buffer,
     return nbytes;
 }
 
+/* This is the non iobuf specific function */
+int
+iobuf_translate_file_handle ( int fd, int for_write )
+{
+  #ifdef __MINGW32__
+    {
+        int x;
+            
+        if  ( fd <= 2 )
+            return fd; /* do not do this for error, stdin, stdout, stderr */
+
+        x = _open_osfhandle ( fd, for_write? 1:0 );
+        if (x==-1 )
+            log_error ("failed to translate osfhandle %p\n", (void*)fd );
+        else {
+            /*log_info ("_open_osfhandle %p yields %d%s\n",
+              (void*)fd, x, for_write? " for writing":"" );*/
+            fd = x;
+        }
+    }
+  #endif
+    return fd;
+}
+
+static int
+translate_file_handle ( int fd, int for_write )
+{
+  #ifdef __MINGW32__
+   #ifdef FILE_FILTER_USES_STDIO  
+    fd = iobuf_translate_file_handle (fd, for_write);
+   #else
+    {
+        int x;
+
+        if  ( fd == 0 ) 
+            x = (int)GetStdHandle (STD_INPUT_HANDLE);
+        else if (fd == 1)    
+            x = (int)GetStdHandle (STD_OUTPUT_HANDLE);
+        else if (fd == 2)    
+            x = (int)GetStdHandle (STD_ERROR_HANDLE);
+        else
+            x = fd;
+
+        if (x == -1)
+            log_debug ("GetStdHandle(%d) failed: ec=%d\n",
+                       fd, (int)GetLastError () );
+
+        fd = x;
+    }
+   #endif
+  #endif
+    return fd;
+}
+
+
diff --git a/util/logger.c b/util/logger.c
index ccf049f0c..a51455798 100644
--- a/util/logger.c
+++ b/util/logger.c
@@ -1,5 +1,5 @@
 /* logger.c  -	log functions
- *	Copyright (C) 1998, 2000 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -24,7 +24,6 @@
 #include <stdarg.h>
 #include <string.h>
 #include <errno.h>
-#include <gcrypt.h>
 
 #include "util.h"
 #include "i18n.h"
@@ -41,19 +40,17 @@ static FILE *logfp;
 void
 log_set_logfile( const char *name, int fd )
 {
+    if( name )
+	BUG();
+
     if( logfp && logfp != stderr && logfp != stdout )
-        fclose( logfp );
-    if( name ) {
-        logfp = fopen ( name, "a" );
-    }
-    else {
-        if( fd == 1 )
-            logfp = stdout;
-        else if( fd == 2 )
-            logfp = stderr;
-        else
-            logfp = fdopen( fd, "a" );
-    }
+	fclose( logfp );
+    if( fd == 1 )
+	logfp = stdout;
+    else if( fd == 2 )
+	logfp = stderr;
+    else
+	logfp = fdopen( fd, "a" );
     if( !logfp ) {
 	logfp = stderr;
 	log_fatal("can't open fd %d for logging: %s\n", fd, strerror(errno));
@@ -72,9 +69,9 @@ log_stream()
 void
 log_set_name( const char *name )
 {
-    gcry_free(pgm_name);
+    m_free(pgm_name);
     if( name )
-	pgm_name = gcry_xstrdup(name);
+	pgm_name = m_strdup(name);
     else
 	pgm_name = NULL;
 }
@@ -112,7 +109,7 @@ log_inc_errorcount()
 
 
 void
-gpg_log_print_prefix(const char *text)
+g10_log_print_prefix(const char *text)
 {
     if( !logfp )
 	logfp = stderr;
@@ -120,6 +117,9 @@ gpg_log_print_prefix(const char *text)
 	fprintf(logfp, "%s%s: %s", pgm_name, pidstring, text );
     else
 	fprintf(logfp, "?%s: %s", pidstring, text );
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 static void
@@ -131,21 +131,27 @@ print_prefix_f(const char *text, const char *fname)
 	fprintf(logfp, "%s%s:%s: %s", pgm_name, pidstring, fname, text );
     else
 	fprintf(logfp, "?%s:%s: %s", pidstring, fname, text );
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 void
-gpg_log_info( const char *fmt, ... )
+g10_log_info( const char *fmt, ... )
 {
     va_list arg_ptr ;
 
-    gpg_log_print_prefix("");
+    g10_log_print_prefix("");
     va_start( arg_ptr, fmt ) ;
     vfprintf(logfp,fmt,arg_ptr) ;
     va_end(arg_ptr);
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 void
-gpg_log_info_f( const char *fname, const char *fmt, ... )
+g10_log_info_f( const char *fname, const char *fmt, ... )
 {
     va_list arg_ptr ;
 
@@ -153,22 +159,28 @@ gpg_log_info_f( const char *fname, const char *fmt, ... )
     va_start( arg_ptr, fmt ) ;
     vfprintf(logfp,fmt,arg_ptr) ;
     va_end(arg_ptr);
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 void
-gpg_log_error( const char *fmt, ... )
+g10_log_error( const char *fmt, ... )
 {
     va_list arg_ptr ;
 
-    gpg_log_print_prefix("");
+    g10_log_print_prefix("");
     va_start( arg_ptr, fmt ) ;
     vfprintf(logfp,fmt,arg_ptr) ;
     va_end(arg_ptr);
     errorcount++;
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 void
-gpg_log_error_f( const char *fname, const char *fmt, ... )
+g10_log_error_f( const char *fname, const char *fmt, ... )
 {
     va_list arg_ptr ;
 
@@ -177,23 +189,29 @@ gpg_log_error_f( const char *fname, const char *fmt, ... )
     vfprintf(logfp,fmt,arg_ptr) ;
     va_end(arg_ptr);
     errorcount++;
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 void
-gpg_log_fatal( const char *fmt, ... )
+g10_log_fatal( const char *fmt, ... )
 {
     va_list arg_ptr ;
 
-    gpg_log_print_prefix("fatal: ");
+    g10_log_print_prefix("fatal: ");
     va_start( arg_ptr, fmt ) ;
     vfprintf(logfp,fmt,arg_ptr) ;
     va_end(arg_ptr);
     secmem_dump_stats();
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
     exit(2);
 }
 
 void
-gpg_log_fatal_f( const char *fname, const char *fmt, ... )
+g10_log_fatal_f( const char *fname, const char *fmt, ... )
 {
     va_list arg_ptr ;
 
@@ -202,16 +220,19 @@ gpg_log_fatal_f( const char *fname, const char *fmt, ... )
     vfprintf(logfp,fmt,arg_ptr) ;
     va_end(arg_ptr);
     secmem_dump_stats();
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
     exit(2);
 }
 
 void
-gpg_log_bug( const char *fmt, ... )
+g10_log_bug( const char *fmt, ... )
 {
     va_list arg_ptr ;
 
     putc('\n', stderr );
-    gpg_log_print_prefix("Ohhhh jeeee: ");
+    g10_log_print_prefix("Ohhhh jeeee: ");
     va_start( arg_ptr, fmt ) ;
     vfprintf(stderr,fmt,arg_ptr) ;
     va_end(arg_ptr);
@@ -220,33 +241,37 @@ gpg_log_bug( const char *fmt, ... )
     abort();
 }
 
-#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
+#if defined (__riscos__) \
+    || ( __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 ))
 void
-gpg_log_bug0( const char *file, int line, const char *func )
+g10_log_bug0( const char *file, int line, const char *func )
 {
     log_bug(_("... this is a bug (%s:%d:%s)\n"), file, line, func );
 }
 #else
 void
-gpg_log_bug0( const char *file, int line )
+g10_log_bug0( const char *file, int line )
 {
     log_bug(_("you found a bug ... (%s:%d)\n"), file, line);
 }
 #endif
 
 void
-gpg_log_debug( const char *fmt, ... )
+g10_log_debug( const char *fmt, ... )
 {
     va_list arg_ptr ;
 
-    gpg_log_print_prefix("DBG: ");
+    g10_log_print_prefix("DBG: ");
     va_start( arg_ptr, fmt ) ;
     vfprintf(logfp,fmt,arg_ptr) ;
     va_end(arg_ptr);
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 void
-gpg_log_debug_f( const char *fname, const char *fmt, ... )
+g10_log_debug_f( const char *fname, const char *fmt, ... )
 {
     va_list arg_ptr ;
 
@@ -254,19 +279,25 @@ gpg_log_debug_f( const char *fname, const char *fmt, ... )
     va_start( arg_ptr, fmt ) ;
     vfprintf(logfp,fmt,arg_ptr) ;
     va_end(arg_ptr);
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 
 
 void
-gpg_log_hexdump( const char *text, const char *buf, size_t len )
+g10_log_hexdump( const char *text, const char *buf, size_t len )
 {
     int i;
 
-    gpg_log_print_prefix(text);
+    g10_log_print_prefix(text);
     for(i=0; i < len; i++ )
 	fprintf(logfp, " %02X", ((const byte*)buf)[i] );
     fputc('\n', logfp);
+#ifdef __riscos__
+    fflush( logfp );
+#endif /* __riscos__ */
 }
 
 
diff --git a/util/memory.c b/util/memory.c
new file mode 100644
index 000000000..9fab9ea3b
--- /dev/null
+++ b/util/memory.c
@@ -0,0 +1,634 @@
+/* memory.c  -	memory allocation
+ *	Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ *
+ *
+ * We use our own memory allocation functions instead of plain malloc(),
+ * so that we can provide some special enhancements:
+ *  a) functions to provide memory from a secure memory.
+ *  b) by looking at the requested allocation size we
+ *     can reuse memory very quickly (e.g. MPI storage)
+ *     (really needed?)
+ *  c) memory usage reporting if compiled with M_DEBUG
+ *  d) memory checking if compiled with M_GUARD
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+
+#include "types.h"
+#include "memory.h"
+#include "util.h"
+
+
+#define MAGIC_NOR_BYTE 0x55
+#define MAGIC_SEC_BYTE 0xcc
+#define MAGIC_END_BYTE 0xaa
+
+/* This is a very crude alignment check which does not work on all CPUs
+ * IIRC, I once introduced it for testing on an Alpha.  We should better
+ * replace this guard stuff with one provided by a modern malloc library
+ */
+#if SIZEOF_UNSIGNED_LONG == 8
+  #define EXTRA_ALIGN 4
+#else
+  #define EXTRA_ALIGN 0
+#endif
+
+#if defined(M_DEBUG) || defined(M_GUARD)
+  static void membug( const char *fmt, ... );
+#endif
+
+#ifdef M_DEBUG
+
+  #ifndef M_GUARD
+    #define M_GUARD 1
+  #endif
+  #undef m_alloc
+  #undef m_alloc_clear
+  #undef m_alloc_secure
+  #undef m_alloc_secure_clear
+  #undef m_realloc
+  #undef m_free
+  #undef m_check
+  #undef m_strdup
+  #define FNAME(a)  m_debug_ ##a
+  #define FNAMEPRT  , const char *info
+  #define FNAMEARG  , info
+  #ifndef __riscos__
+    #define store_len(p,n,m) do { add_entry(p,n,m, \
+					info, __FUNCTION__);  } while(0)
+  #else
+    #define store_len(p,n,m) do { add_entry(p,n,m, \
+	          info, __func__ );  } while(0)
+  #endif
+#else
+  #define FNAME(a)  m_ ##a
+  #define FNAMEPRT
+  #define FNAMEARG
+  #define store_len(p,n,m) do { ((byte*)p)[EXTRA_ALIGN+0] = n;		      \
+				((byte*)p)[EXTRA_ALIGN+1] = n >> 8 ;	      \
+				((byte*)p)[EXTRA_ALIGN+2] = n >> 16 ;	      \
+				((byte*)p)[EXTRA_ALIGN+3] = m? MAGIC_SEC_BYTE \
+						 : MAGIC_NOR_BYTE;  \
+			      } while(0)
+#endif
+
+
+#ifdef M_GUARD
+static long used_memory;
+#endif
+
+#ifdef M_DEBUG	/* stuff used for memory debuging */
+
+struct info_entry {
+    struct info_entry *next;
+    unsigned count;	/* call count */
+    const char *info;	/* the reference to the info string */
+};
+
+struct memtbl_entry {
+    const void *user_p;  /* for reference: the pointer given to the user */
+    size_t	user_n;  /* length requested by the user */
+    struct memtbl_entry *next; /* to build a list of unused entries */
+    const struct info_entry *info; /* points into the table with */
+				   /* the info strings */
+    unsigned inuse:1; /* this entry is in use */
+    unsigned count:31;
+};
+
+
+#define INFO_BUCKETS 53
+#define info_hash(p)  ( *(u32*)((p)) % INFO_BUCKETS )
+static struct info_entry *info_strings[INFO_BUCKETS]; /* hash table */
+
+static struct memtbl_entry *memtbl;  /* the table with the memory info */
+static unsigned memtbl_size;	/* number of allocated entries */
+static unsigned memtbl_len;	/* number of used entries */
+static struct memtbl_entry *memtbl_unused;/* to keep track of unused entries */
+
+static void dump_table_at_exit(void);
+static void dump_table(void);
+static void check_allmem( const char *info );
+
+/****************
+ * Put the new P into the debug table and return a pointer to the table entry.
+ * mode is true for security. BY is the name of the function which called us.
+ */
+static void
+add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
+{
+    unsigned index;
+    struct memtbl_entry *e;
+    struct info_entry *ie;
+
+    if( memtbl_len < memtbl_size  )
+	index = memtbl_len++;
+    else {
+	struct memtbl_entry *e;
+	/* look for a used entry in the table.	We take the first one,
+	 * so that freed entries remain as long as possible in the table
+	 * (free appends a new one)
+	 */
+	if( (e = memtbl_unused) ) {
+	    index = e - memtbl;
+	    memtbl_unused = e->next;
+	    e->next = NULL;
+	}
+	else { /* no free entries in the table: extend the table */
+	    if( !memtbl_size ) { /* first time */
+		memtbl_size = 100;
+		if( !(memtbl = calloc( memtbl_size, sizeof *memtbl )) )
+		    membug("memory debug table malloc failed\n");
+		index = 0;
+		memtbl_len = 1;
+		atexit( dump_table_at_exit );
+	    }
+	    else { /* realloc */
+		unsigned n = memtbl_size / 4; /* enlarge by 25% */
+		if(!(memtbl = realloc(memtbl, (memtbl_size+n)*sizeof *memtbl)))
+		    membug("memory debug table realloc failed\n");
+		memset(memtbl+memtbl_size, 0, n*sizeof *memtbl );
+		memtbl_size += n;
+		index = memtbl_len++;
+	    }
+	}
+    }
+    e = memtbl+index;
+    if( e->inuse )
+	membug("Ooops: entry %u is flagged as in use\n", index);
+    e->user_p = p + EXTRA_ALIGN + 4;
+    e->user_n = n;
+    e->count++;
+    if( e->next )
+	membug("Ooops: entry is in free entry list\n");
+    /* do we already have this info string */
+    for( ie = info_strings[info_hash(info)]; ie; ie = ie->next )
+	if( ie->info == info )
+	    break;
+    if( !ie ) { /* no: make a new entry */
+	if( !(ie = malloc( sizeof *ie )) )
+	    membug("can't allocate info entry\n");
+	ie->next = info_strings[info_hash(info)];
+	info_strings[info_hash(info)] = ie;
+	ie->info = info;
+	ie->count = 0;
+    }
+    ie->count++;
+    e->info = ie;
+    e->inuse = 1;
+
+    /* put the index at the start of the memory */
+    p[EXTRA_ALIGN+0] = index;
+    p[EXTRA_ALIGN+1] = index >> 8 ;
+    p[EXTRA_ALIGN+2] = index >> 16 ;
+    p[EXTRA_ALIGN+3] = mode? MAGIC_SEC_BYTE : MAGIC_NOR_BYTE  ;
+    if( DBG_MEMORY )
+	log_debug( "%s allocates %u bytes using %s\n", info, e->user_n, by );
+}
+
+
+
+/****************
+ * Check that the memory block is correct. The magic byte has already been
+ * checked. Checks which are done here:
+ *    - see whether the index points into our memory table
+ *    - see whether P is the same as the one stored in the table
+ *    - see whether we have already freed this block.
+ */
+struct memtbl_entry *
+check_mem( const byte *p, const char *info )
+{
+    unsigned n;
+    struct memtbl_entry *e;
+
+    n  = p[EXTRA_ALIGN+0];
+    n |= p[EXTRA_ALIGN+1] << 8;
+    n |= p[EXTRA_ALIGN+2] << 16;
+
+    if( n >= memtbl_len )
+	membug("memory at %p corrupted: index=%u table_len=%u (%s)\n",
+				      p+EXTRA_ALIGN+4, n, memtbl_len, info );
+    e = memtbl+n;
+
+    if( e->user_p != p+EXTRA_ALIGN+4 )
+	membug("memory at %p corrupted: reference mismatch (%s)\n",
+							p+EXTRA_ALIGN+4, info );
+    if( !e->inuse )
+	membug("memory at %p corrupted: marked as free (%s)\n",
+							p+EXTRA_ALIGN+4, info );
+
+    if( !(p[EXTRA_ALIGN+3] == MAGIC_NOR_BYTE
+	|| p[EXTRA_ALIGN+3] == MAGIC_SEC_BYTE) )
+	membug("memory at %p corrupted: underflow=%02x (%s)\n",
+				 p+EXTRA_ALIGN+4, p[EXTRA_ALIGN+3], info );
+    if( p[EXTRA_ALIGN+4+e->user_n] != MAGIC_END_BYTE )
+	membug("memory at %p corrupted: overflow=%02x (%s)\n",
+		     p+EXTRA_ALIGN+4, p[EXTRA_ALIGN+4+e->user_n], info );
+    return e;
+}
+
+
+/****************
+ * free the entry and the memory (replaces free)
+ */
+static void
+free_entry( byte *p, const char *info )
+{
+    struct memtbl_entry *e, *e2;
+
+    check_allmem("add_entry");
+
+    e = check_mem(p, info);
+    if( DBG_MEMORY )
+	log_debug( "%s frees %u bytes alloced by %s\n",
+				info, e->user_n, e->info->info );
+    if( !e->inuse ) {
+	if( e->user_p == p + EXTRA_ALIGN+ 4 )
+	    membug("freeing an already freed pointer at %p\n", p+EXTRA_ALIGN+4 );
+	else
+	    membug("freeing pointer %p which is flagged as freed\n", p+EXTRA_ALIGN+4 );
+    }
+
+    e->inuse = 0;
+    e->next = NULL;
+    if( !memtbl_unused )
+	memtbl_unused = e;
+    else {
+	for(e2=memtbl_unused; e2->next; e2 = e2->next )
+	    ;
+	e2->next = e;
+    }
+    if( m_is_secure(p+EXTRA_ALIGN+4) )
+	secmem_free(p);
+    else {
+        memset(p,'f', e->user_n+5);
+	free(p);
+    }
+}
+
+static void
+dump_entry(struct memtbl_entry *e )
+{
+    unsigned n = e - memtbl;
+
+    fprintf(stderr, "mem %4u%c %5u %p %5u %s (%u)\n",
+	 n, e->inuse?'a':'u', e->count,  e->user_p, e->user_n,
+			      e->info->info, e->info->count );
+
+
+}
+
+
+static void
+dump_table_at_exit( void)
+{
+    if( DBG_MEMSTAT )
+	dump_table();
+}
+
+static void
+dump_table( void)
+{
+    unsigned n;
+    struct memtbl_entry *e;
+    ulong sum = 0, chunks =0;
+
+    for( e = memtbl, n = 0; n < memtbl_len; n++, e++ ) {
+	if(e->inuse) {
+	    dump_entry(e);
+	    sum += e->user_n;
+	    chunks++;
+	}
+    }
+    fprintf(stderr, "          memory used: %8lu bytes in %ld chunks\n",
+							   sum, chunks );
+}
+
+
+static void
+check_allmem( const char *info )
+{
+    unsigned n;
+    struct memtbl_entry *e;
+
+    for( e = memtbl, n = 0; n < memtbl_len; n++, e++ ) {
+	if( e->inuse ) {
+          #ifndef __riscos__
+	    check_mem(e->user_p-4-EXTRA_ALIGN, info);
+          #else 
+	    check_mem((const byte *) e->user_p-4-EXTRA_ALIGN, info);
+          #endif
+        }
+    }
+}
+
+#endif /* M_DEBUG */
+
+#if defined(M_DEBUG) || defined(M_GUARD)
+static void
+membug( const char *fmt, ... )
+{
+    va_list arg_ptr ;
+
+    fprintf(stderr, "\nMemory Error: " ) ;
+    va_start( arg_ptr, fmt ) ;
+    vfprintf(stderr,fmt,arg_ptr) ;
+    va_end(arg_ptr);
+    fflush(stderr);
+  #ifdef M_DEBUG
+    if( DBG_MEMSTAT )
+	dump_table();
+  #endif
+    abort();
+}
+#endif
+
+void
+m_print_stats( const char *prefix )
+{
+  #ifdef M_DEBUG
+    unsigned n;
+    struct memtbl_entry *e;
+    ulong sum = 0, chunks =0;
+
+    for( e = memtbl, n = 0; n < memtbl_len; n++, e++ ) {
+	if(e->inuse) {
+	    sum += e->user_n;
+	    chunks++;
+	}
+    }
+
+    log_debug( "%s%smemstat: %8lu bytes in %ld chunks used\n",
+		prefix? prefix:"", prefix? ": ":"", sum, chunks );
+  #elif defined(M_GUARD)
+    log_debug( "%s%smemstat: %8ld bytes\n",
+		prefix? prefix:"", prefix? ": ":"", used_memory );
+  #endif
+}
+
+void
+m_dump_table( const char *prefix )
+{
+  #ifdef M_DEBUG
+    fprintf(stderr,"Memory-Table-Dump: %s\n", prefix);
+    dump_table();
+  #endif
+    m_print_stats( prefix );
+}
+
+
+static void
+out_of_core(size_t n, int secure)
+{
+    log_error ("out of %s memory while allocating %u bytes\n",
+               secure? "secure":"" ,(unsigned)n );
+    if (secure) {
+        /*secmem_dump_stats ();*/
+        log_info ("(this may be caused by too many secret keys used "
+                  "simultaneously or due to excessive large key sizes)\n");
+    }
+    exit (2);
+}
+
+/****************
+ * Allocate memory of size n.
+ * This function gives up if we do not have enough memory
+ */
+void *
+FNAME(alloc)( size_t n FNAMEPRT )
+{
+    char *p;
+
+  #ifdef M_GUARD
+    if(!n)
+      out_of_core(n,0); /* should never happen */
+    if( !(p = malloc( n + EXTRA_ALIGN+5 )) )
+	out_of_core(n,0);
+    store_len(p,n,0);
+    used_memory += n;
+    p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
+    return p+EXTRA_ALIGN+4;
+  #else
+    /* mallocing zero bytes is undefined by ISO-C, so we better make
+       sure that it won't happen */
+    if (!n)
+      n = 1;
+    if( !(p = malloc( n )) )
+	out_of_core(n,0);
+    return p;
+  #endif
+}
+
+/****************
+ * Allocate memory of size n from the secure memory pool.
+ * This function gives up if we do not have enough memory
+ */
+void *
+FNAME(alloc_secure)( size_t n FNAMEPRT )
+{
+    char *p;
+
+  #ifdef M_GUARD
+    if(!n)
+      out_of_core(n,1); /* should never happen */
+    if( !(p = secmem_malloc( n +EXTRA_ALIGN+ 5 )) )
+	out_of_core(n,1);
+    store_len(p,n,1);
+    p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
+    return p+EXTRA_ALIGN+4;
+  #else
+    /* mallocing zero bytes is undefined by ISO-C, so we better make
+       sure that it won't happen */
+    if (!n)
+      n = 1;
+    if( !(p = secmem_malloc( n )) )
+	out_of_core(n,1);
+    return p;
+  #endif
+}
+
+void *
+FNAME(alloc_clear)( size_t n FNAMEPRT )
+{
+    void *p;
+    p = FNAME(alloc)( n FNAMEARG );
+    memset(p, 0, n );
+    return p;
+}
+
+void *
+FNAME(alloc_secure_clear)( size_t n FNAMEPRT)
+{
+    void *p;
+    p = FNAME(alloc_secure)( n FNAMEARG );
+    memset(p, 0, n );
+    return p;
+}
+
+
+/****************
+ * realloc and clear the old space
+ */
+void *
+FNAME(realloc)( void *a, size_t n FNAMEPRT )
+{
+    void *b;
+
+  #ifdef M_GUARD
+    if( a ) {
+        unsigned char *p = a;
+        size_t len = m_size(a);
+
+        if( len >= n ) /* we don't shrink for now */
+            return a;
+        if( p[-1] == MAGIC_SEC_BYTE )
+            b = FNAME(alloc_secure_clear)(n FNAMEARG);
+        else
+            b = FNAME(alloc_clear)(n FNAMEARG);
+        FNAME(check)(NULL FNAMEARG);
+        memcpy(b, a, len );
+        FNAME(free)(p FNAMEARG);
+    }
+    else
+        b = FNAME(alloc)(n FNAMEARG);
+  #else
+    if( m_is_secure(a) ) {
+	if( !(b = secmem_realloc( a, n )) )
+	    out_of_core(n,1);
+    }
+    else {
+	if( !(b = realloc( a, n )) )
+	    out_of_core(n,0);
+    }
+  #endif
+
+    return b;
+}
+
+
+
+/****************
+ * Free a pointer
+ */
+void
+FNAME(free)( void *a FNAMEPRT )
+{
+    byte *p = a;
+
+    if( !p )
+	return;
+  #ifdef M_DEBUG
+    free_entry(p-EXTRA_ALIGN-4, info);
+  #elif defined M_GUARD
+    m_check(p);
+    if( m_is_secure(a) )
+	secmem_free(p-EXTRA_ALIGN-4);
+    else {
+	used_memory -= m_size(a);
+	free(p-EXTRA_ALIGN-4);
+    }
+  #else
+    if( m_is_secure(a) )
+	secmem_free(p);
+    else
+	free(p);
+  #endif
+}
+
+
+void
+FNAME(check)( const void *a FNAMEPRT )
+{
+  #ifdef M_GUARD
+    const byte *p = a;
+
+  #ifdef M_DEBUG
+    if( p )
+	check_mem(p-EXTRA_ALIGN-4, info);
+    else
+	check_allmem(info);
+  #else
+    if( !p )
+	return;
+    if( !(p[-1] == MAGIC_NOR_BYTE || p[-1] == MAGIC_SEC_BYTE) )
+	membug("memory at %p corrupted (underflow=%02x)\n", p, p[-1] );
+    else if( p[m_size(p)] != MAGIC_END_BYTE )
+	membug("memory at %p corrupted (overflow=%02x)\n", p, p[-1] );
+  #endif
+  #endif
+}
+
+
+size_t
+m_size( const void *a )
+{
+  #ifndef M_GUARD
+    log_debug("dummy m_size called\n");
+    return 0;
+  #else
+    const byte *p = a;
+    size_t n;
+
+  #ifdef M_DEBUG
+    n = check_mem(p-EXTRA_ALIGN-4, "m_size")->user_n;
+  #else
+    n  = ((byte*)p)[-4];
+    n |= ((byte*)p)[-3] << 8;
+    n |= ((byte*)p)[-2] << 16;
+  #endif
+    return n;
+  #endif
+}
+
+
+#if 0 /* not used */
+/****************
+ * Make a copy of the memory block at a
+ */
+void *
+FNAME(copy)( const void *a FNAMEPRT )
+{
+    void *b;
+    size_t n;
+
+    if( !a )
+	return NULL;
+
+    n = m_size(a); Aiiiih woher nehmen
+    if( m_is_secure(a) )
+	b = FNAME(alloc_secure)(n FNAMEARG);
+    else
+	b = FNAME(alloc)(n FNAMEARG);
+    memcpy(b, a, n );
+    return b;
+}
+#endif
+
+char *
+FNAME(strdup)( const char *a FNAMEPRT )
+{
+    size_t n = strlen(a);
+    char *p = FNAME(alloc)(n+1 FNAMEARG);
+    strcpy(p, a);
+    return p;
+}
+
diff --git a/util/miscutil.c b/util/miscutil.c
index 9b4a8379f..e1735cd59 100644
--- a/util/miscutil.c
+++ b/util/miscutil.c
@@ -1,5 +1,5 @@
 /* miscutil.c -  miscellaneous utilities
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -27,7 +27,6 @@
 #ifdef HAVE_LANGINFO_H
   #include <langinfo.h>
 #endif
-#include <gcrypt.h>
 #include "types.h"
 #include "util.h"
 #include "i18n.h"
@@ -125,10 +124,15 @@ strtimestamp( u32 stamp )
     static char buffer[11+5];
     struct tm *tp;
     time_t atime = stamp;
-
-    tp = gmtime( &atime );
-    sprintf(buffer,"%04d-%02d-%02d",
-		    1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
+    
+    if (atime < 0) {
+        strcpy (buffer, "????" "-??" "-??");
+    }
+    else {
+        tp = gmtime( &atime );
+        sprintf(buffer,"%04d-%02d-%02d",
+                1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
+    }
     return buffer;
 }
 
@@ -145,6 +149,11 @@ asctimestamp( u32 stamp )
     struct tm *tp;
     time_t atime = stamp;
 
+    if (atime < 0) {
+        strcpy (buffer, "????" "-??" "-??");
+        return buffer;
+    }
+
     tp = localtime( &atime );
   #ifdef HAVE_STRFTIME
     #if defined(HAVE_NL_LANGINFO)
@@ -173,7 +182,8 @@ void
 print_string( FILE *fp, const byte *p, size_t n, int delim )
 {
     for( ; n; n--, p++ )
-	if( iscntrl( *p ) || *p == delim ) {
+	if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ||
+	    (delim && *p=='\\')) {
 	    putc('\\', fp);
 	    if( *p == '\n' )
 		putc('n', fp);
@@ -198,7 +208,7 @@ print_string( FILE *fp, const byte *p, size_t n, int delim )
  * Print an UTF8 string to FP and filter all control characters out.
  */
 void
-print_utf8_string( FILE *fp, const byte *p, size_t n )
+print_utf8_string2 ( FILE *fp, const byte *p, size_t n, int delim )
 {
     size_t i;
     char *buf;
@@ -209,17 +219,24 @@ print_utf8_string( FILE *fp, const byte *p, size_t n )
 	    break;
     }
     if( i < n ) {
-	buf = utf8_to_native( p, n );
+	buf = utf8_to_native ( p, n, delim );
+	/*(utf8 conversion already does the control character quoting)*/
 	fputs( buf, fp );
-	gcry_free( buf );
+	m_free( buf );
     }
     else
-	print_string( fp, p, n, 0 );
+	print_string( fp, p, n, delim );
+}
+
+void
+print_utf8_string( FILE *fp, const byte *p, size_t n )
+{
+    print_utf8_string2 (fp, p, n, 0);
 }
 
 /****************
  * This function returns a string which is suitable for printing
- * Caller must release it with gcry_free()
+ * Caller must release it with m_free()
  */
 char *
 make_printable_string( const byte *p, size_t n, int delim )
@@ -230,7 +247,8 @@ make_printable_string( const byte *p, size_t n, int delim )
 
     /* first count length */
     for(save_n = n, save_p = p, buflen=1 ; n; n--, p++ ) {
-	if( iscntrl( *p ) || *p == delim ) {
+	if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ||
+	    (delim && *p=='\\')) {
 	    if( *p=='\n' || *p=='\r' || *p=='\f'
 		|| *p=='\v' || *p=='\b' || !*p )
 		buflen += 2;
@@ -243,9 +261,10 @@ make_printable_string( const byte *p, size_t n, int delim )
     p = save_p;
     n = save_n;
     /* and now make the string */
-    d = buffer = gcry_xmalloc( buflen );
+    d = buffer = m_alloc( buflen );
     for( ; n; n--, p++ ) {
-	if( iscntrl( *p ) || *p == delim ) {
+	if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ||
+	    (delim && *p=='\\')) {
 	    *d++ = '\\';
 	    if( *p == '\n' )
 		*d++ = 'n';
@@ -271,32 +290,37 @@ make_printable_string( const byte *p, size_t n, int delim )
     return buffer;
 }
 
-
 int
-answer_is_yes( const char *s )
+answer_is_yes_no_default( const char *s, int def_answer )
 {
-    char *long_yes = _("yes");
-    char *short_yes = _("yY");
-    char *long_no = _("no");
-    char *short_no = _("nN");
+    const char *long_yes = _("yes");
+    const char *short_yes = _("yY");
+    const char *long_no = _("no");
+    const char *short_no = _("nN");
 
-    if( !stricmp(s, long_yes ) )
+    /* Note: we have to use the local dependent strcasecmp here */
+    if( !strcasecmp(s, long_yes ) )
 	return 1;
-    if( strchr( short_yes, *s ) && !s[1] )
+    if( *s && strchr( short_yes, *s ) && !s[1] )
 	return 1;
     /* test for no strings to catch ambiguities for the next test */
-    if( !stricmp(s, long_no ) )
+    if( !strcasecmp(s, long_no ) )
 	return 0;
-    if( strchr( short_no, *s ) && !s[1] )
+    if( *s && strchr( short_no, *s ) && !s[1] )
 	return 0;
     /* test for the english version (for those who are used to type yes) */
-    if( !stricmp(s, "yes" ) )
+    if( !ascii_strcasecmp(s, "yes" ) )
 	return 1;
-    if( strchr( "yY", *s ) && !s[1] )
+    if( *s && strchr( "yY", *s ) && !s[1] )
 	return 1;
-    return 0;
+    return def_answer;
 }
 
+int
+answer_is_yes( const char *s )
+{
+  return answer_is_yes_no_default(s,0);
+}
 
 /****************
  * Return 1 for yes, -1 for quit, or 0 for no
@@ -304,34 +328,34 @@ answer_is_yes( const char *s )
 int
 answer_is_yes_no_quit( const char *s )
 {
-    char *long_yes = _("yes");
-    char *long_no = _("no");
-    char *long_quit = _("quit");
-    char *short_yes = _("yY");
-    char *short_no = _("nN");
-    char *short_quit = _("qQ");
+    const char *long_yes = _("yes");
+    const char *long_no = _("no");
+    const char *long_quit = _("quit");
+    const char *short_yes = _("yY");
+    const char *short_no = _("nN");
+    const char *short_quit = _("qQ");
 
-    if( !stricmp(s, long_no ) )
+    /* Note: We have to use the locale dependent strcasecmp */
+    if( !strcasecmp(s, long_no ) )
 	return 0;
-    if( !stricmp(s, long_yes ) )
+    if( !strcasecmp(s, long_yes ) )
 	return 1;
-    if( !stricmp(s, long_quit ) )
+    if( !strcasecmp(s, long_quit ) )
 	return -1;
-    if( strchr( short_no, *s ) && !s[1] )
+    if( *s && strchr( short_no, *s ) && !s[1] )
 	return 0;
-    if( strchr( short_yes, *s ) && !s[1] )
+    if( *s && strchr( short_yes, *s ) && !s[1] )
 	return 1;
-    if( strchr( short_quit, *s ) && !s[1] )
+    if( *s && strchr( short_quit, *s ) && !s[1] )
 	return -1;
-    if( !stricmp(s, "yes" ) )
+    /* but not here */
+    if( !ascii_strcasecmp(s, "yes" ) )
 	return 1;
-    if( !stricmp(s, "quit" ) )
+    if( !ascii_strcasecmp(s, "quit" ) )
 	return -1;
-    if( strchr( "yY", *s ) && !s[1] )
+    if( *s && strchr( "yY", *s ) && !s[1] )
 	return 1;
-    if( strchr( "qQ", *s ) && !s[1] )
+    if( *s && strchr( "qQ", *s ) && !s[1] )
 	return -1;
     return 0;
 }
-
-
diff --git a/util/riscos.c b/util/riscos.c
new file mode 100644
index 000000000..e0844a205
--- /dev/null
+++ b/util/riscos.c
@@ -0,0 +1,327 @@
+/* riscos.c -  RISC OS stuff
+ *	Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG for RISC OS.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#ifndef __RISCOS__C__
+#define __RISCOS__C__
+
+#include <config.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+#include <kernel.h>
+#include <swis.h>
+#include "util.h"
+#include "memory.h"
+
+#define __UNIXLIB_INTERNALS
+#include <unixlib/unix.h>
+#undef __UNIXLIB_INTERNALS
+
+/* RISC OS specific defines that are not yet in UnixLib */
+
+#define MimeMap_Translate      0x50B00
+#define MMM_TYPE_RISCOS        0
+#define MMM_TYPE_RISCOS_STRING 1
+#define MMM_TYPE_MIME          2
+#define MMM_TYPE_DOT_EXTN      3
+
+/* RISC OS file open descriptor control list */
+
+struct fds_item {
+    int fd;
+    struct fds_item *next;
+};
+static struct fds_item *fds_list = NULL;
+static int initialized = 0;
+
+
+/* local RISC OS functions */
+
+static int
+is_read_only(const char *filename)
+{
+    _kernel_swi_regs r;
+    
+    r.r[0] = 17;
+    r.r[1] = (int) filename;
+    
+    if (_kernel_swi(OS_File, &r, &r))
+        log_fatal("Can't get file attributes for %s!\n", filename);
+    
+    if (r.r[0] == 0)
+        log_fatal("Can't find file %s!\n", filename);
+
+    r.r[0] = 4;
+    if (_kernel_swi(OS_File, &r, &r))
+        return 1;
+
+    return 0;
+}
+
+static void
+riscos_set_filetype_by_number(const char *filename, int type)
+{
+    _kernel_swi_regs r;
+
+    r.r[0] = 18;
+    r.r[1] = (int) filename;
+    r.r[2] = type;
+    
+    if (_kernel_swi(OS_File, &r, &r))
+        log_fatal("Can't set filetype for file %s!\n"
+                  "Is the file on a read-only file system?\n", filename);
+}        
+
+/* exported RISC OS functions */
+
+void
+riscos_global_defaults()
+{
+    __riscosify_control = __RISCOSIFY_NO_PROCESS;
+    __feature_imagefs_is_file = 1;
+}
+
+void
+riscos_set_filetype(const char *filename, const char *mimetype)
+{
+    _kernel_swi_regs r;
+
+    r.r[0] = MMM_TYPE_MIME;
+    r.r[1] = (int) mimetype;
+    r.r[2] = MMM_TYPE_RISCOS;
+    
+    if (_kernel_swi(MimeMap_Translate, &r, &r))
+        log_fatal("Can't translate MIME type %s!\n", mimetype);
+
+    riscos_set_filetype_by_number(filename, r.r[3]);
+}        
+
+pid_t
+riscos_getpid(void)
+{
+    _kernel_swi_regs r;
+
+    r.r[0] = 3;
+    if (_kernel_swi(Wimp_ReadSysInfo, &r, &r))
+        log_fatal("Wimp_ReadSysInfo failed: Can't get WimpState (R0=3)!\n");
+
+    if (!r.r[0])
+        return (pid_t) 0;
+
+    r.r[0] = 5;
+    if (_kernel_swi(Wimp_ReadSysInfo, &r, &r))
+        log_fatal("Wimp_ReadSysInfo failed: Can't get task handle (R0=5)!\n");
+
+    return (pid_t) r.r[0];
+}
+
+int
+riscos_kill(pid_t pid, int sig)
+{
+    _kernel_swi_regs r;
+    int buf[4];
+
+    if (sig)
+        kill(pid, sig);
+
+    r.r[0] = 0;
+    do {
+        r.r[1] = (int) buf;
+        r.r[2] = 16;
+        if (_kernel_swi(TaskManager_EnumerateTasks, &r, &r))
+            log_fatal("TaskManager_EnumerateTasks failed!\n");
+        if (buf[0] == pid)
+            return 0;
+    } while (r.r[0] >= 0);
+
+    return __set_errno(ESRCH);
+}
+
+int
+riscos_access(const char *path, int amode)
+{
+    /* Do additional check, i.e. whether path is on write-protected floppy */
+    if ((amode & W_OK) && is_read_only(path))
+        return 1;
+    return access(path, amode);
+}
+
+#ifdef DEBUG
+void
+dump_fdlist(void)
+{
+    struct fds_item *iter = fds_list;
+    printf("List of open file descriptors:\n");
+    while (iter) {
+        printf("  %i\n", iter->fd);
+        iter = iter->next;
+    }
+}
+#endif /* DEBUG */
+
+int
+fdopenfile(const char *filename, const int allow_write)
+{
+    struct fds_item *h;
+    int fd;
+    if (allow_write)
+        fd = open(filename, O_CREAT | O_TRUNC | O_RDWR, S_IRUSR | S_IWUSR);
+    else
+        fd = open(filename, O_RDONLY);
+    if (fd == -1)
+        log_error("Can't open file %s: %i, %s!\n", filename, errno, strerror(errno));
+
+    if (!initialized) {
+        atexit (close_fds);
+        initialized = 1;
+    }
+
+    h = fds_list;
+    fds_list = (struct fds_item *) m_alloc(sizeof(struct fds_item));
+    fds_list->fd = fd;
+    fds_list->next = h;
+
+    return fd;
+}
+
+void
+close_fds(void)
+{
+    FILE *fp;
+    struct fds_item *h = fds_list;
+    while( fds_list ) {
+        h = fds_list->next;
+        fp = fdopen (fds_list->fd, "a");
+        if (fp)
+            fflush(fp);
+        close(fds_list->fd);
+        m_free(fds_list);
+        fds_list = h;
+    }
+}
+
+int
+renamefile(const char *old, const char *new)
+{
+    _kernel_swi_regs r;
+    _kernel_oserror *e;
+
+    r.r[0] = 25;
+    r.r[1] = (int) old;
+    r.r[2] = (int) new;
+    if (e = _kernel_swi(OS_FSControl, &r, &r)) {
+        if (e->errnum == 214)
+            return __set_errno(ENOENT);
+        if (e->errnum == 176)
+            return __set_errno(EEXIST);
+        printf("Error during renaming: %i, %s!\n", e->errnum, e->errmess);
+        return __set_errno(EOPSYS);
+    }
+    return 0;
+}
+
+char *
+gstrans(const char *old)
+{
+    _kernel_swi_regs r;
+    int c = 0;
+    int size = 256;
+    char *buf, *tmp;
+
+    buf = (char *) m_alloc(size);
+    if (!buf)
+        log_fatal("Can't claim memory for OS_GSTrans buffer!\n");
+    do {
+        r.r[0] = (int) old;
+        r.r[1] = (int) buf;
+        r.r[2] = size;
+        _kernel_swi_c(OS_GSTrans, &r, &r, &c);
+        if (c) {
+            size += 256;
+            tmp = (char *) m_realloc(buf, size);
+            if (!tmp)
+                 log_fatal("Can't claim memory for OS_GSTrans buffer!\n");
+            buf = tmp;
+        }
+    } while (c);
+
+    buf[r.r[2]] = '\0';
+    tmp = (char *) m_realloc(buf, r.r[2] + 1);
+    if (!tmp)
+        log_fatal("Can't realloc memory after OS_GSTrans!\n");
+
+    return tmp;
+}
+
+#ifdef DEBUG
+void
+list_openfiles(void)
+{
+    _kernel_swi_regs r;
+    char *name;
+    int i;
+    
+    for (i = 255; i >= 0; --i) {
+        r.r[0] = 7;
+        r.r[1] = i;
+        r.r[2] = 0;
+        r.r[5] = 0;
+        if (_kernel_swi(OS_Args, &r, &r))
+            continue;
+
+        name = (char *) m_alloc(1-r.r[5]);
+        if (!name)
+            log_fatal("Can't claim memory for OS_Args buffer!\n");
+
+        r.r[0] = 7;
+        r.r[1] = i;
+        r.r[2] = (int) name;
+        r.r[5] = 1-r.r[5];
+        if (_kernel_swi(OS_Args, &r, &r)) {
+            m_free(name);
+            log_fatal("Error when calling OS_Args(7)!\n");
+        }
+        
+        r.r[0] = 254;
+        r.r[1] = i;
+        if (_kernel_swi(OS_Args, &r, &r)) {
+            m_free(name);
+            log_fatal("Error when calling OS_Args(254)!\n");
+        }
+        
+        printf("%3i: %s (%c%c)\n", i, name,
+                                   (r.r[0] & 0x40) ? 'R' : 0,
+                                   (r.r[0] & 0x80) ? 'W' : 0);
+        m_free(name);
+    }
+}
+#endif
+
+void
+not_implemented(const char *feature)
+{
+    log_info("%s is not implemented in the RISC OS version!\n", feature);
+}
+
+#endif /* !__RISCOS__C__ */
diff --git a/util/secmem.c b/util/secmem.c
new file mode 100644
index 000000000..c808dfeea
--- /dev/null
+++ b/util/secmem.c
@@ -0,0 +1,468 @@
+/* secmem.c  -	memory allocation from a secure heap
+ *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <stdarg.h>
+#include <unistd.h>
+#if defined(HAVE_MLOCK) || defined(HAVE_MMAP)
+  #include <sys/mman.h>
+  #include <sys/types.h>
+  #include <fcntl.h>
+  #ifdef USE_CAPABILITIES
+    #include <sys/capability.h>
+  #endif
+  #ifdef HAVE_PLOCK
+    #include <sys/lock.h>
+  #endif
+#endif
+
+#include "types.h"
+#include "memory.h"
+#include "util.h"
+#include "i18n.h"
+
+#if defined(MAP_ANON) && !defined(MAP_ANONYMOUS)
+  #define MAP_ANONYMOUS MAP_ANON
+#endif
+/* It seems that Slackware 7.1 does not know about EPERM */
+#if !defined(EPERM) && defined(ENOMEM)
+  #define EPERM  ENOMEM
+#endif
+
+
+#define DEFAULT_POOLSIZE 16384
+
+typedef struct memblock_struct MEMBLOCK;
+struct memblock_struct {
+    unsigned size;
+    union {
+	MEMBLOCK *next;
+	PROPERLY_ALIGNED_TYPE aligned;
+    } u;
+};
+
+
+
+static void  *pool;
+static volatile int pool_okay; /* may be checked in an atexit function */
+static volatile int pool_is_mmapped;
+static size_t poolsize; /* allocated length */
+static size_t poollen;	/* used length */
+static MEMBLOCK *unused_blocks;
+static unsigned max_alloced;
+static unsigned cur_alloced;
+static unsigned max_blocks;
+static unsigned cur_blocks;
+static int disable_secmem;
+static int show_warning;
+static int no_warning;
+static int suspend_warning;
+
+
+static void
+print_warn(void)
+{
+  if (!no_warning)
+    {
+      log_info(_("Warning: using insecure memory!\n"));
+      log_info(_("please see http://www.gnupg.org/faq.html "
+		 "for more information\n"));
+    }
+}
+
+
+static void
+lock_pool( void *p, size_t n )
+{
+  #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
+    int err;
+
+    cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
+    err = mlock( p, n );
+    if( err && errno )
+	err = errno;
+    cap_set_proc( cap_from_text("cap_ipc_lock+p") );
+
+    if( err ) {
+	if( errno != EPERM
+	  #ifdef EAGAIN  /* OpenBSD returns this */
+	    && errno != EAGAIN
+	  #endif
+	  #ifdef ENOSYS  /* Some SCOs return this (function not implemented) */
+	    && errno != ENOSYS
+	  #endif
+          #ifdef ENOMEM  /* Linux can return this */
+            && errno != ENOMEM
+          #endif
+	  )
+	    log_error("can't lock memory: %s\n", strerror(err));
+	show_warning = 1;
+    }
+
+  #elif defined(HAVE_MLOCK)
+    uid_t uid;
+    int err;
+
+    uid = getuid();
+
+  #ifdef HAVE_BROKEN_MLOCK
+    /* ick. but at least we get secured memory. about to lock
+       entire data segment. */
+  #ifdef HAVE_PLOCK
+    err = plock( DATLOCK );
+    if( err && errno )
+        err = errno;
+#else /*!HAVE_PLOCK*/
+    if( uid ) {
+	errno = EPERM;
+	err = errno;
+    }
+    else {
+	err = mlock( p, n );
+	if( err && errno )
+	    err = errno;
+    }
+  #endif /*!HAVE_PLOCK*/
+  #else
+    err = mlock( p, n );
+    if( err && errno )
+	err = errno;
+  #endif
+
+    if( uid && !geteuid() ) {
+	/* check that we really dropped the privs.
+	 * Note: setuid(0) should always fail */
+	if( setuid( uid ) || getuid() != geteuid() || !setuid(0) )
+	    log_fatal("failed to reset uid: %s\n", strerror(errno));
+    }
+
+    if( err ) {
+	if( errno != EPERM
+	  #ifdef EAGAIN  /* OpenBSD returns this */
+	    && errno != EAGAIN
+	  #endif
+	  #ifdef ENOSYS  /* Some SCOs return this (function not implemented) */
+	    && errno != ENOSYS
+	  #endif
+          #ifdef ENOMEM  /* Linux can return this */
+            && errno != ENOMEM
+          #endif
+	  )
+	    log_error("can't lock memory: %s\n", strerror(err));
+	show_warning = 1;
+    }
+
+  #elif defined ( __QNX__ )
+    /* QNX does not page at all, so the whole secure memory stuff does
+     * not make much sense.  However it is still of use because it
+     * wipes out the memory on a free().
+     * Therefore it is sufficient to suppress the warning
+     */
+  #elif defined (HAVE_DOSISH_SYSTEM)
+    /* It does not make sense to print such a warning, given the fact that 
+     * this whole Windows !@#$% and their user base are inherently insecure
+     */
+  #elif defined (__riscos__)
+    /* no virtual memory on RISC OS, so no pages are swapped to disc,
+     * besides we don't have mmap, so we don't use it! ;-)
+     * But don't complain, as explained above.
+     */
+  #else
+    log_info("Please note that you don't have secure memory on this system\n");
+  #endif
+}
+
+
+static void
+init_pool( size_t n)
+{
+    size_t pgsize;
+
+    poolsize = n;
+
+    if( disable_secmem )
+	log_bug("secure memory is disabled");
+
+  #ifdef HAVE_GETPAGESIZE
+    pgsize = getpagesize();
+  #else
+    pgsize = 4096;
+  #endif
+
+  #if HAVE_MMAP
+    poolsize = (poolsize + pgsize -1 ) & ~(pgsize-1);
+    #ifdef MAP_ANONYMOUS
+       pool = mmap( 0, poolsize, PROT_READ|PROT_WRITE,
+				 MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+    #else /* map /dev/zero instead */
+    {	int fd;
+
+	fd = open("/dev/zero", O_RDWR);
+	if( fd == -1 ) {
+	    log_error("can't open /dev/zero: %s\n", strerror(errno) );
+	    pool = (void*)-1;
+	}
+	else {
+	    pool = mmap( 0, poolsize, PROT_READ|PROT_WRITE,
+				      MAP_PRIVATE, fd, 0);
+	}
+    }
+    #endif
+    if( pool == (void*)-1 )
+	log_info("can't mmap pool of %u bytes: %s - using malloc\n",
+			    (unsigned)poolsize, strerror(errno));
+    else {
+	pool_is_mmapped = 1;
+	pool_okay = 1;
+    }
+
+  #endif
+    if( !pool_okay ) {
+	pool = malloc( poolsize );
+	if( !pool )
+	    log_fatal("can't allocate memory pool of %u bytes\n",
+						       (unsigned)poolsize);
+	else
+	    pool_okay = 1;
+    }
+    lock_pool( pool, poolsize );
+    poollen = 0;
+}
+
+
+/* concatenate unused blocks */
+static void
+compress_pool(void)
+{
+    /* fixme: we really should do this */
+}
+
+void
+secmem_set_flags( unsigned flags )
+{
+    int was_susp = suspend_warning;
+
+    no_warning = flags & 1;
+    suspend_warning = flags & 2;
+
+    /* and now issue the warning if it is not longer suspended */
+    if( was_susp && !suspend_warning && show_warning ) {
+	show_warning = 0;
+	print_warn();
+    }
+}
+
+unsigned
+secmem_get_flags(void)
+{
+    unsigned flags;
+
+    flags  = no_warning      ? 1:0;
+    flags |= suspend_warning ? 2:0;
+    return flags;
+}
+
+void
+secmem_init( size_t n )
+{
+    if( !n ) {
+#ifndef __riscos__
+      #ifdef USE_CAPABILITIES
+	/* drop all capabilities */
+	cap_set_proc( cap_from_text("all-eip") );
+
+      #elif !defined(HAVE_DOSISH_SYSTEM)
+	uid_t uid;
+
+	disable_secmem=1;
+	uid = getuid();
+	if( uid != geteuid() ) {
+	    if( setuid( uid ) || getuid() != geteuid() || !setuid(0) )
+		log_fatal("failed to drop setuid\n" );
+	}
+      #endif
+#endif /* !__riscos__ */
+    }
+    else {
+	if( n < DEFAULT_POOLSIZE )
+	    n = DEFAULT_POOLSIZE;
+	if( !pool_okay )
+	    init_pool(n);
+	else
+	    log_error("Oops, secure memory pool already initialized\n");
+    }
+}
+
+
+void *
+secmem_malloc( size_t size )
+{
+    MEMBLOCK *mb, *mb2;
+    int compressed=0;
+
+    if( !pool_okay ) {
+	log_info(
+	 _("operation is not possible without initialized secure memory\n"));
+	log_info(_("(you may have used the wrong program for this task)\n"));
+	exit(2);
+    }
+    if( show_warning && !suspend_warning ) {
+	show_warning = 0;
+	print_warn();
+    }
+
+    /* blocks are always a multiple of 32 */
+    size += sizeof(MEMBLOCK);
+    size = ((size + 31) / 32) * 32;
+
+  retry:
+    /* try to get it from the used blocks */
+    for(mb = unused_blocks,mb2=NULL; mb; mb2=mb, mb = mb->u.next )
+	if( mb->size >= size ) {
+	    if( mb2 )
+		mb2->u.next = mb->u.next;
+	    else
+		unused_blocks = mb->u.next;
+	    goto leave;
+	}
+    /* allocate a new block */
+    if( (poollen + size <= poolsize) ) {
+	mb = (void*)((char*)pool + poollen);
+	poollen += size;
+	mb->size = size;
+    }
+    else if( !compressed ) {
+	compressed=1;
+	compress_pool();
+	goto retry;
+    }
+    else
+	return NULL;
+
+  leave:
+    cur_alloced += mb->size;
+    cur_blocks++;
+    if( cur_alloced > max_alloced )
+	max_alloced = cur_alloced;
+    if( cur_blocks > max_blocks )
+	max_blocks = cur_blocks;
+
+    return &mb->u.aligned.c;
+}
+
+
+void *
+secmem_realloc( void *p, size_t newsize )
+{
+    MEMBLOCK *mb;
+    size_t size;
+    void *a;
+
+    mb = (MEMBLOCK*)((char*)p - ((size_t) &((MEMBLOCK*)0)->u.aligned.c));
+    size = mb->size;
+    if( newsize < size )
+	return p; /* it is easier not to shrink the memory */
+    a = secmem_malloc( newsize );
+    if ( a ) {
+        memcpy(a, p, size);
+        memset((char*)a+size, 0, newsize-size);
+        secmem_free(p);
+    }
+    return a;
+}
+
+
+void
+secmem_free( void *a )
+{
+    MEMBLOCK *mb;
+    size_t size;
+
+    if( !a )
+	return;
+
+    mb = (MEMBLOCK*)((char*)a - ((size_t) &((MEMBLOCK*)0)->u.aligned.c));
+    size = mb->size;
+    /* This does not make much sense: probably this memory is held in the
+     * cache. We do it anyway: */
+    memset(mb, 0xff, size );
+    memset(mb, 0xaa, size );
+    memset(mb, 0x55, size );
+    memset(mb, 0x00, size );
+    mb->size = size;
+    mb->u.next = unused_blocks;
+    unused_blocks = mb;
+    cur_blocks--;
+    cur_alloced -= size;
+}
+
+int
+m_is_secure( const void *p )
+{
+    return p >= pool && p < (void*)((char*)pool+poolsize);
+}
+
+
+
+/****************
+ * Warning:  This code might be called by an interrupt handler
+ *	     and frankly, there should really be such a handler,
+ *	     to make sure that the memory is wiped out.
+ *	     We hope that the OS wipes out mlocked memory after
+ *	     receiving a SIGKILL - it really should do so, otherwise
+ *	     there is no chance to get the secure memory cleaned.
+ */
+void
+secmem_term()
+{
+    if( !pool_okay )
+	return;
+
+    memset( pool, 0xff, poolsize);
+    memset( pool, 0xaa, poolsize);
+    memset( pool, 0x55, poolsize);
+    memset( pool, 0x00, poolsize);
+  #if HAVE_MMAP
+    if( pool_is_mmapped )
+	munmap( pool, poolsize );
+  #endif
+    pool = NULL;
+    pool_okay = 0;
+    poolsize=0;
+    poollen=0;
+    unused_blocks=NULL;
+}
+
+
+void
+secmem_dump_stats()
+{
+    if( disable_secmem )
+	return;
+    fprintf(stderr,
+		"secmem usage: %u/%u bytes in %u/%u blocks of pool %lu/%lu\n",
+		cur_alloced, max_alloced, cur_blocks, max_blocks,
+		(ulong)poollen, (ulong)poolsize );
+}
+
diff --git a/util/simple-gettext.c b/util/simple-gettext.c
index 80dbbfe0e..db229437d 100644
--- a/util/simple-gettext.c
+++ b/util/simple-gettext.c
@@ -1,5 +1,5 @@
 /* simple-gettext.c  - a simplified version of gettext.
- * Copyright (C) 1995, 1996, 1997, 1998, 1999 Free Software Foundation, Inc.
+ * Copyright (C) 1995, 1996, 1997, 1999 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -19,7 +19,7 @@
  */
 
 /* This is a simplified version of gettext written by Ulrich Drepper.
- * It is used for the Win32 version of GnuPG becuase all the overhead
+ * It is used for the Win32 version of GnuPG beucase all the overhead
  * of gettext is not needed and we have to do some special Win32 stuff.
  * I decided that this is far easier than to tweak gettext for the special
  * cases (I tried it but it is a lot of code).	wk 15.09.99
@@ -27,8 +27,8 @@
 
 #include <config.h>
 #ifdef USE_SIMPLE_GETTEXT
-#ifndef __MINGW32__
-  #error This file can only be used with MinGW32
+#if !defined (__MINGW32__) && !defined (__CYGWIN32__)
+  #error This file can only be used with MingW32 or Cygwin32
 #endif
 
 #include <stdio.h>
@@ -244,7 +244,7 @@ set_gettext_file( const char *filename )
 	    /* absolute path - use it as is */
 	    domain = load_domain( filename );
 	}
-	else { /* relative path - append ".mo" and get DIR from the Registry */
+	else { /* relative path - append ".mo" and get dir from the environment */
 	    char *buf = NULL;
 	    char *dir;
 
diff --git a/util/strgutil.c b/util/strgutil.c
index 89722f8e4..ff1ff5126 100644
--- a/util/strgutil.c
+++ b/util/strgutil.c
@@ -1,5 +1,5 @@
 /* strgutil.c -  string utilities
- *	Copyright (C) 1998, 2000 Free Software Foundation, Inc.
+ * Copyright (C) 1994, 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -22,7 +22,6 @@
 #include <stdlib.h>
 #include <string.h>
 #include <ctype.h>
-#include <gcrypt.h>
 #include "types.h"
 #include "util.h"
 #include "memory.h"
@@ -66,29 +65,10 @@ static ushort latin2_unicode[128] = {
     0x0159,0x016F,0x00FA,0x0171,0x00FC,0x00FD,0x0163,0x02D9
 };
 
-static ushort ibm850_unicode[128] = {
-    0x00c7,0x00fc,0x00e9,0x00e2,0x00e4,0x00e0,0x00e5,0x00e7,
-    0x00ea,0x00eb,0x00e8,0x00ef,0x00ee,0x00ec,0x00c4,0x00c5,
-    0x00c9,0x00e6,0x00c6,0x00f4,0x00f6,0x00f2,0x00fb,0x00f9,
-    0x00ff,0x00d6,0x00dc,0x00f8,0x00a3,0x00d8,0x00d7,0x0192,
-    0x00e1,0x00ed,0x00f3,0x00fa,0x00f1,0x00d1,0x00aa,0x00ba,
-    0x00bf,0x00ae,0x00ac,0x00bd,0x00bc,0x00a1,0x00ab,0x00bb,
-    0x2591,0x2592,0x2593,0x2502,0x2524,0x00c1,0x00c2,0x00c0,
-    0x00a9,0x2563,0x2551,0x2557,0x255d,0x00a2,0x00a5,0x2510,
-    0x2514,0x2534,0x252c,0x251c,0x2500,0x253c,0x00e3,0x00c3,
-    0x255a,0x2554,0x2569,0x2566,0x2560,0x2550,0x256c,0x00a4,
-    0x00f0,0x00d0,0x00ca,0x00cb,0x00c8,0x0131,0x00cd,0x00ce,
-    0x00cf,0x2518,0x250c,0x2588,0x2584,0x00a6,0x00cc,0x2580,
-    0x00d3,0x00df,0x00d4,0x00d2,0x00f5,0x00d5,0x00b5,0x00fe,
-    0x00de,0x00da,0x00db,0x00d9,0x00fd,0x00dd,0x00af,0x00b4,
-    0x00ad,0x00b1,0x2017,0x00be,0x00b6,0x00a7,0x00f7,0x00b8,
-    0x00b0,0x00a8,0x00b7,0x00b9,0x00b3,0x00b2,0x25a0,0x00a0,
-};
 
-static int query_native_charset_done = 0;
 static const char *active_charset_name = "iso-8859-1";
 static ushort *active_charset = NULL;
-
+static int no_translation = 0;
 
 void
 free_strlist( STRLIST sl )
@@ -97,7 +77,7 @@ free_strlist( STRLIST sl )
 
     for(; sl; sl = sl2 ) {
 	sl2 = sl->next;
-	gcry_free(sl);
+	m_free(sl);
     }
 }
 
@@ -107,7 +87,7 @@ add_to_strlist( STRLIST *list, const char *string )
 {
     STRLIST sl;
 
-    sl = gcry_xmalloc( sizeof *sl + strlen(string));
+    sl = m_alloc( sizeof *sl + strlen(string));
     sl->flags = 0;
     strcpy(sl->d, string);
     sl->next = *list;
@@ -129,7 +109,7 @@ add_to_strlist2( STRLIST *list, const char *string, int is_utf8 )
     else {
 	char *p = native_to_utf8( string );
 	sl = add_to_strlist( list, p );
-	gcry_free( p );
+	m_free( p );
     }
     return sl;
 }
@@ -139,7 +119,7 @@ append_to_strlist( STRLIST *list, const char *string )
 {
     STRLIST r, sl;
 
-    sl = gcry_xmalloc( sizeof *sl + strlen(string));
+    sl = m_alloc( sizeof *sl + strlen(string));
     sl->flags = 0;
     strcpy(sl->d, string);
     sl->next = NULL;
@@ -163,7 +143,7 @@ append_to_strlist2( STRLIST *list, const char *string, int is_utf8 )
     else {
 	char *p = native_to_utf8( string );
 	sl = append_to_strlist( list, p );
-	gcry_free( p );
+	m_free( p );
     }
     return sl;
 }
@@ -188,99 +168,230 @@ strlist_last( STRLIST node )
     return node;
 }
 
+char *
+pop_strlist( STRLIST *list )
+{
+  char *str=NULL;
+  STRLIST sl=*list;
 
+  if(sl)
+    {
+      str=m_alloc(strlen(sl->d)+1);
+      strcpy(str,sl->d);
 
-int
-string_count_chr( const char *string, int c )
-{
-    int count;
-    for(count=0; *string; string++ )
-	if( *string == c )
-	    count++;
-    return count;
+      *list=sl->next;
+      m_free(sl);
+    }
+
+  return str;
 }
 
+/****************
+ * look for the substring SUB in buffer and return a pointer to that
+ * substring in BUF or NULL if not found.
+ * Comparison is case-insensitive.
+ */
+const char *
+memistr( const char *buf, size_t buflen, const char *sub )
+{
+    const byte *t, *s ;
+    size_t n;
+
+    for( t=buf, n=buflen, s=sub ; n ; t++, n-- )
+	if( toupper(*t) == toupper(*s) ) {
+	    for( buf=t++, buflen = n--, s++;
+		 n && toupper(*t) == toupper(*s); t++, s++, n-- )
+		;
+	    if( !*s )
+		return buf;
+	    t = buf; n = buflen; s = sub ;
+	}
+
+    return NULL ;
+}
 
-static const char*
-query_native_charset(void)
+const char *
+ascii_memistr( const char *buf, size_t buflen, const char *sub )
 {
-  #ifdef __MINGW32__
-    unsigned int cp;
+    const byte *t, *s ;
+    size_t n;
+
+    for( t=buf, n=buflen, s=sub ; n ; t++, n-- )
+	if( ascii_toupper(*t) == ascii_toupper(*s) ) {
+	    for( buf=t++, buflen = n--, s++;
+		 n && ascii_toupper(*t) == ascii_toupper(*s); t++, s++, n-- )
+		;
+	    if( !*s )
+		return buf;
+	    t = buf; n = buflen; s = sub ;
+	}
+
+    return NULL ;
+}
 
-    cp = GetConsoleOutputCP();
-    if( cp != GetConsoleCP() ) {
-	/* The input cgarset is not equal to the output charset
-	 * our system depends on it and therefore we will set
-	 * same the same (this won't work on Windows 95) */
-	if( !SetConsoleCP( cp ) )
-	    log_info("can't set Input-CP to Output-CP: %d\n",
-						    (int)GetLastError() );
+/****************
+ * Wie strncpy(), aber es werden maximal n-1 zeichen kopiert und ein
+ * '\0' angeh�ngt. Ist n = 0, so geschieht nichts, ist Destination
+ * gleich NULL, so wird via m_alloc Speicher besorgt, ist dann nicht
+ * gen�gend Speicher vorhanden, so bricht die funktion ab.
+ */
+char *
+mem2str( char *dest , const void *src , size_t n )
+{
+    char *d;
+    const char *s;
+
+    if( n ) {
+	if( !dest )
+	    dest = m_alloc( n ) ;
+	d = dest;
+	s = src ;
+	for(n--; n && *s; n-- )
+	    *d++ = *s++;
+	*d = '\0' ;
     }
-    /* we could read the registry, but this seems to be too much work */
-    switch( cp ) {
-      case 850:  return "ibm850";
-      case 437:  return "ibm437";
-      case 1252: return "iso-8859-1";
-      default:
-	log_info("unknown MS-Windows CodePage %u "
-		 "- trying to switch to Latin-1\n", cp );
-	/* try to set latin-1 */
-	if( !SetConsoleOutputCP( 1252 ) ) {
-	    if( !SetConsoleCP( 1252 ) )
-		return "iso-8859-1";
-	    else /* back off */
-		SetConsoleOutputCP( cp );
+
+    return dest ;
+}
+
+
+/****************
+ * remove leading and trailing white spaces
+ */
+char *
+trim_spaces( char *str )
+{
+    char *string, *p, *mark;
+
+    string = str;
+    /* find first non space character */
+    for( p=string; *p && isspace( *(byte*)p ) ; p++ )
+	;
+    /* move characters */
+    for( (mark = NULL); (*string = *p); string++, p++ )
+	if( isspace( *(byte*)p ) ) {
+	    if( !mark )
+		mark = string ;
+	}
+	else
+	    mark = NULL ;
+    if( mark )
+	*mark = '\0' ;  /* remove trailing spaces */
+
+    return str ;
+}
+
+
+
+unsigned int
+trim_trailing_chars( byte *line, unsigned len, const char *trimchars )
+{
+    byte *p, *mark;
+    unsigned n;
+
+    for(mark=NULL, p=line, n=0; n < len; n++, p++ ) {
+	if( strchr(trimchars, *p ) ) {
+	    if( !mark )
+		mark = p;
 	}
-	log_info("no information about MS-Windows CodePage %u\n", cp );
-	return NULL;
+	else
+	    mark = NULL;
     }
-  #else
-    return NULL; /* unknown */
-  #endif
+
+    if( mark ) {
+	*mark = 0;
+	return mark - line;
+    }
+    return len;
 }
 
+/****************
+ * remove trailing white spaces and return the length of the buffer
+ */
+unsigned
+trim_trailing_ws( byte *line, unsigned len )
+{
+    return trim_trailing_chars( line, len, " \t\r\n" );
+}
 
-const char*
-get_native_charset()
+unsigned int
+check_trailing_chars( const byte *line, unsigned int len,
+                      const char *trimchars )
 {
-    if( !query_native_charset_done ) {
-	const char *s;
+    const byte *p, *mark;
+    unsigned int n;
 
-	query_native_charset_done = 1;
-	s = query_native_charset();
-	if( s )
-	    set_native_charset(s);
+    for(mark=NULL, p=line, n=0; n < len; n++, p++ ) {
+	if( strchr(trimchars, *p ) ) {
+	    if( !mark )
+		mark = p;
+	}
+	else
+	    mark = NULL;
     }
 
-    return active_charset_name;
+    if( mark ) {
+	return mark - line;
+    }
+    return len;
+}
+
+/****************
+ * remove trailing white spaces and return the length of the buffer
+ */
+unsigned int
+check_trailing_ws( const byte *line, unsigned int len )
+{
+    return check_trailing_chars( line, len, " \t\r\n" );
+}
+
+
+
+int
+string_count_chr( const char *string, int c )
+{
+    int count;
+    for(count=0; *string; string++ )
+	if( *string == c )
+	    count++;
+    return count;
 }
 
 
 int
 set_native_charset( const char *newset )
 {
-    query_native_charset_done = 1; /* don't do this when we want to set one*/
-    if( !stricmp( newset, "iso-8859-1" ) ) {
+    if( !ascii_strcasecmp( newset, "iso-8859-1" ) ) {
 	active_charset_name = "iso-8859-1";
+        no_translation = 0;
 	active_charset = NULL;
     }
-    else if( !stricmp( newset, "iso-8859-2" ) ) {
+    else if( !ascii_strcasecmp( newset, "iso-8859-2" ) ) {
 	active_charset_name = "iso-8859-2";
+        no_translation = 0;
 	active_charset = latin2_unicode;
     }
-    else if( !stricmp( newset, "koi8-r" ) ) {
+    else if( !ascii_strcasecmp( newset, "koi8-r" ) ) {
 	active_charset_name = "koi8-r";
+        no_translation = 0;
 	active_charset = koi8_unicode;
     }
-    else if( !stricmp( newset, "ibm850" ) || !stricmp( newset, "ibm437" ) ) {
-	active_charset_name = "ibm850";
-	active_charset = ibm850_unicode;
+    else if( !ascii_strcasecmp (newset, "utf8" )
+             || !ascii_strcasecmp(newset, "utf-8") ) {
+	active_charset_name = "utf-8";
+        no_translation = 1;
+	active_charset = NULL;
     }
     else
-	return GPGERR_GENERAL;
+	return G10ERR_GENERAL;
     return 0;
 }
 
+const char*
+get_native_charset()
+{
+    return active_charset_name;
+}
 
 /****************
  * Convert string, which is in native encoding to UTF8 and return the
@@ -294,13 +405,16 @@ native_to_utf8( const char *string )
     byte *p;
     size_t length=0;
 
-    if( active_charset ) {
+    if (no_translation) {
+        buffer = m_strdup (string);
+    }
+    else if( active_charset ) {
 	for(s=string; *s; s++ ) {
 	    length++;
 	    if( *s & 0x80 )
 		length += 2; /* we may need 3 bytes */
 	}
-	buffer = gcry_xmalloc( length + 1 );
+	buffer = m_alloc( length + 1 );
 	for(p=buffer, s=string; *s; s++ ) {
 	    if( *s & 0x80 ) {
 		ushort val = active_charset[ *s & 0x7f ];
@@ -325,7 +439,7 @@ native_to_utf8( const char *string )
 	    if( *s & 0x80 )
 		length++;
 	}
-	buffer = gcry_xmalloc( length + 1 );
+	buffer = m_alloc( length + 1 );
 	for(p=buffer, s=string; *s; s++ ) {
 	    if( *s & 0x80 ) {
 		*p++ = 0xc0 | ((*s >> 6) & 3);
@@ -341,15 +455,17 @@ native_to_utf8( const char *string )
 
 
 /****************
- * Convert string, which is in UTF8 to native encoding.
- * illegal encodings by some "\xnn" and quote all control characters
- */
+ * Convert string, which is in UTF8 to native encoding.  illegal
+ * encodings by some "\xnn" and quote all control characters. A
+ * character with value DELIM will always be quoted, it must be a
+ * vanilla ASCII character.  
+  */
 char *
-utf8_to_native( const char *string, size_t length )
+utf8_to_native( const char *string, size_t length, int delim )
 {
     int nleft;
     int i;
-    byte encbuf[7];
+    byte encbuf[8];
     int encidx;
     const byte *s;
     size_t n;
@@ -376,7 +492,8 @@ utf8_to_native( const char *string, size_t length )
 	    }
 	    if( !nleft ) {
 		if( !(*s & 0x80) ) { /* plain ascii */
-		    if( iscntrl( *s ) ) {
+		    if( *s < 0x20 || *s == 0x7f || *s == delim ||
+			(delim && *s=='\\')) {
 			n++;
 			if( p )
 			    *p++ = '\\';
@@ -387,11 +504,13 @@ utf8_to_native( const char *string, size_t length )
 			  case '\v': n++; if( p ) *p++ = 'v'; break;
 			  case '\b': n++; if( p ) *p++ = 'b'; break;
 			  case	 0 : n++; if( p ) *p++ = '0'; break;
-			  default: n += 3;
-				   sprintf( p, "x%02x", *s );
-                                   if ( p )
-                                       p += 3;
-				   break;
+			  default:
+                            n += 3;
+                            if ( p ) {
+                                sprintf( p, "x%02x", *s );
+                                p += 3;
+                            }
+                            break;
 			}
 		    }
 		    else {
@@ -402,27 +521,32 @@ utf8_to_native( const char *string, size_t length )
 		else if( (*s & 0xe0) == 0xc0 ) { /* 110x xxxx */
 		    val = *s & 0x1f;
 		    nleft = 1;
-		    encbuf[encidx=0] = *s;
+                    encidx = 0;
+		    encbuf[encidx++] = *s;
 		}
 		else if( (*s & 0xf0) == 0xe0 ) { /* 1110 xxxx */
 		    val = *s & 0x0f;
 		    nleft = 2;
-		    encbuf[encidx=0] = *s;
+                    encidx = 0;
+		    encbuf[encidx++] = *s;
 		}
 		else if( (*s & 0xf8) == 0xf0 ) { /* 1111 0xxx */
 		    val = *s & 0x07;
 		    nleft = 3;
-		    encbuf[encidx=0] = *s;
+                    encidx = 0;
+		    encbuf[encidx++] = *s;
 		}
 		else if( (*s & 0xfc) == 0xf8 ) { /* 1111 10xx */
 		    val = *s & 0x03;
 		    nleft = 4;
-		    encbuf[encidx=0] = *s;
+                    encidx = 0;
+		    encbuf[encidx++] = *s;
 		}
 		else if( (*s & 0xfe) == 0xfc ) { /* 1111 110x */
 		    val = *s & 0x01;
 		    nleft = 5;
-		    encbuf[encidx=0] = *s;
+                    encidx = 0;
+		    encbuf[encidx++] = *s;
 		}
 		else {	/* invalid encoding: print as \xnn */
 		    if( p ) {
@@ -435,19 +559,32 @@ utf8_to_native( const char *string, size_t length )
 	    }
 	    else if( *s < 0x80 || *s >= 0xc0 ) { /* invalid */
 		if( p ) {
+                    for(i=0; i < encidx; i++ ) {
+                        sprintf(p, "\\x%02x", encbuf[i] );
+                        p += 4;
+                    }
 		    sprintf(p, "\\x%02x", *s );
 		    p += 4;
 		}
-		n += 4;
+		n += 4 + 4*encidx;
 		nleft = 0;
+                encidx = 0;
 		resync = 1;
 	    }
 	    else {
-		encbuf[++encidx] = *s;
+		encbuf[encidx++] = *s;
 		val <<= 6;
 		val |= *s & 0x3f;
 		if( !--nleft ) { /* ready */
-		    if( active_charset ) { /* table lookup */
+                    if (no_translation) {
+                        if( p ) {
+                            for(i=0; i < encidx; i++ )
+                                *p++ = encbuf[i];
+                        }
+                        n += encidx;
+                        encidx = 0;
+                    }
+		    else if( active_charset ) { /* table lookup */
 			for(i=0; i < 128; i++ ) {
 			    if( active_charset[i] == val )
 				break;
@@ -464,6 +601,7 @@ utf8_to_native( const char *string, size_t length )
 				}
 			    }
 			    n += encidx*4;
+                            encidx = 0;
 			}
 		    }
 		    else { /* native set */
@@ -479,15 +617,15 @@ utf8_to_native( const char *string, size_t length )
 				}
 			    }
 			    n += encidx*4;
+                            encidx = 0;
 			}
 		    }
-
 		}
 
 	    }
 	}
 	if( !buffer ) { /* allocate the buffer after the first pass */
-	    buffer = p = gcry_xmalloc( n + 1 );
+	    buffer = p = m_alloc( n + 1 );
 	}
 	else {
 	    *p = 0; /* make a string */
@@ -496,8 +634,262 @@ utf8_to_native( const char *string, size_t length )
     }
 }
 
+/****************************************************
+ ******** locale insensitive ctype functions ********
+ ****************************************************/
+/* FIXME: replace them by a table lookup and macros */
+int
+ascii_isupper (int c)
+{
+    return c >= 'A' && c <= 'Z';
+}
+
+int
+ascii_islower (int c)
+{
+    return c >= 'a' && c <= 'z';
+}
+
+int 
+ascii_toupper (int c)
+{
+    if (c >= 'a' && c <= 'z')
+        c &= ~0x20;
+    return c;
+}
+
+int 
+ascii_tolower (int c)
+{
+    if (c >= 'A' && c <= 'Z')
+        c |= 0x20;
+    return c;
+}
+
+
+int
+ascii_strcasecmp( const char *a, const char *b )
+{
+    if (a == b)
+        return 0;
+
+    for (; *a && *b; a++, b++) {
+	if (*a != *b && ascii_toupper(*a) != ascii_toupper(*b))
+	    break;
+    }
+    return *a == *b? 0 : (ascii_toupper (*a) - ascii_toupper (*b));
+}
+
+int
+ascii_memcasecmp( const char *a, const char *b, size_t n )
+{
+    if (a == b)
+        return 0;
+    for ( ; n; n--, a++, b++ ) {
+	if( *a != *b  && ascii_toupper (*a) != ascii_toupper (*b) )
+            return *a == *b? 0 : (ascii_toupper (*a) - ascii_toupper (*b));
+    }
+    return 0;
+}
+
 
+/*********************************************
+ ********** missing string functions *********
+ *********************************************/
 
+#ifndef HAVE_STPCPY
+char *
+stpcpy(char *a,const char *b)
+{
+    while( *b )
+	*a++ = *b++;
+    *a = 0;
 
+    return (char*)a;
+}
+#endif
+
+
+#ifndef HAVE_STRSEP
+/* code taken from glibc-2.2.1/sysdeps/generic/strsep.c */
+char *
+strsep (char **stringp, const char *delim)
+{
+  char *begin, *end;
+
+  begin = *stringp;
+  if (begin == NULL)
+    return NULL;
+
+  /* A frequent case is when the delimiter string contains only one
+     character.  Here we don't need to call the expensive `strpbrk'
+     function and instead work using `strchr'.  */
+  if (delim[0] == '\0' || delim[1] == '\0')
+    {
+      char ch = delim[0];
+
+      if (ch == '\0')
+        end = NULL;
+      else
+        {
+          if (*begin == ch)
+            end = begin;
+          else if (*begin == '\0')
+            end = NULL;
+          else
+            end = strchr (begin + 1, ch);
+        }
+    }
+  else
+    /* Find the end of the token.  */
+    end = strpbrk (begin, delim);
+
+  if (end)
+    {
+      /* Terminate the token and set *STRINGP past NUL character.  */
+      *end++ = '\0';
+      *stringp = end;
+    }
+  else
+    /* No more delimiters; this is the last token.  */
+    *stringp = NULL;
+
+  return begin;
+}
+#endif /*HAVE_STRSEP*/
+
+
+#ifndef HAVE_STRLWR
+char *
+strlwr(char *s)
+{
+    char *p;
+    for(p=s; *p; p++ )
+	*p = tolower(*p);
+    return s;
+}
+#endif
+
+#ifndef HAVE_STRCASECMP
+int
+strcasecmp( const char *a, const char *b )
+{
+    for( ; *a && *b; a++, b++ ) {
+	if( *a != *b && toupper(*a) != toupper(*b) )
+	    break;
+    }
+    return *(const byte*)a - *(const byte*)b;
+}
+#endif
+
+#ifndef HAVE_STRNCASECMP
+int
+strncasecmp( const char *a, const char *b, size_t n )
+{
+    for( ; n && *a && *b; a++, b++, n--) {
+	if( *a != *b && toupper(*a) != toupper(*b) )
+	    break;
+    }
+    if (!n)
+      return 0;
+    return *(const byte*)a - *(const byte*)b;
+}
+#endif
+
+
+#ifdef __MINGW32__
+/* 
+ * Like vsprintf but provides a pointer to malloc'd storage, which
+ * must be freed by the caller (m_free).  Taken from libiberty as
+ * found in gcc-2.95.2 and a little bit modernized.
+ * FIXME: Write a new CRT for W32.
+ */
+int
+vasprintf ( char **result, const char *format, va_list args)
+{
+  const char *p = format;
+  /* Add one to make sure that it is never zero, which might cause malloc
+     to return NULL.  */
+  int total_width = strlen (format) + 1;
+  va_list ap;
+
+  /* this is not really portable but works under Windows */
+  memcpy ( &ap, &args, sizeof (va_list));
+
+  while (*p != '\0')
+    {
+      if (*p++ == '%')
+	{
+	  while (strchr ("-+ #0", *p))
+	    ++p;
+	  if (*p == '*')
+	    {
+	      ++p;
+	      total_width += abs (va_arg (ap, int));
+	    }
+	  else
+            {
+              char *endp;  
+              total_width += strtoul (p, &endp, 10);
+              p = endp;
+            }
+	  if (*p == '.')
+	    {
+	      ++p;
+	      if (*p == '*')
+		{
+		  ++p;
+		  total_width += abs (va_arg (ap, int));
+		}
+	      else
+                {
+                  char *endp;
+                  total_width += strtoul (p, &endp, 10);
+                  p = endp;
+                }
+	    }
+	  while (strchr ("hlL", *p))
+	    ++p;
+	  /* Should be big enough for any format specifier except %s
+             and floats.  */
+	  total_width += 30;
+	  switch (*p)
+	    {
+	    case 'd':
+	    case 'i':
+	    case 'o':
+	    case 'u':
+	    case 'x':
+	    case 'X':
+	    case 'c':
+	      (void) va_arg (ap, int);
+	      break;
+	    case 'f':
+	    case 'e':
+	    case 'E':
+	    case 'g':
+	    case 'G':
+	      (void) va_arg (ap, double);
+	      /* Since an ieee double can have an exponent of 307, we'll
+		 make the buffer wide enough to cover the gross case. */
+	      total_width += 307;
+	    
+	    case 's':
+	      total_width += strlen (va_arg (ap, char *));
+	      break;
+	    case 'p':
+	    case 'n':
+	      (void) va_arg (ap, char *);
+	      break;
+	    }
+	}
+    }
+  *result = m_alloc (total_width);
+  if (*result != NULL)
+    return vsprintf (*result, format, args);
+  else
+    return 0;
+}
 
+#endif /*__MINGW32__*/
 
diff --git a/util/ttyio.c b/util/ttyio.c
index 6aaff000c..0a5df6099 100644
--- a/util/ttyio.c
+++ b/util/ttyio.c
@@ -1,5 +1,5 @@
 /* ttyio.c -  tty i/O functions
- *	Copyright (C) 1998, 2000 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -26,6 +26,11 @@
 #include <unistd.h>
 #ifdef HAVE_TCGETATTR
   #include <termios.h>
+  #ifdef __riscos__
+    #include <kernel.h>
+    #include <swis.h>
+    #undef HAVE_TCGETATTR
+  #endif /* __riscos__ */
 #else
   #ifdef HAVE_TERMIO_H
     /* simulate termios with termio */
@@ -45,13 +50,16 @@
 #endif
 #include <errno.h>
 #include <ctype.h>
-#include <gcrypt.h>
 #include "util.h"
 #include "memory.h"
 #include "ttyio.h"
 
 #define CONTROL_D ('D' - 'A' + 1)
-
+#ifdef __VMS
+  #define TERMDEVICE "/dev/tty"
+#else
+  #define TERMDEVICE "/dev/tty"
+#endif
 
 #ifdef __MINGW32__ /* use the odd Win32 functions */
 static struct {
@@ -72,10 +80,16 @@ static int batchmode;
 static int no_terminal;
 
 #ifdef HAVE_TCGETATTR
-static struct termios termsave;
-static int restore_termios;
+ #ifdef __riscos__
+   struct termios termsave;
+   int restore_termios;
+ #else
+    static struct termios termsave;
+    static int restore_termios;
+ #endif
 #endif
 
+
 #ifdef HAVE_TCGETATTR
 static void
 cleanup(void)
@@ -121,7 +135,7 @@ init_ttyfp(void)
   #elif defined(__EMX__)
     ttyfp = stdout; /* Fixme: replace by the real functions: see wklib */
   #else
-    ttyfp = batchmode? stderr : fopen("/dev/tty", "r+");
+    ttyfp = batchmode? stderr : fopen(TERMDEVICE, "r+");
     if( !ttyfp ) {
 	log_error("cannot open /dev/tty: %s\n", strerror(errno) );
 	exit(2);
@@ -163,39 +177,21 @@ tty_printf( const char *fmt, ... )
 
     va_start( arg_ptr, fmt ) ;
   #ifdef __MINGW32__
-    { static char *buf;
-      static size_t bufsize;
-	int n;
+    {   
+        char *buf = NULL;
+        int n;
 	DWORD nwritten;
 
-      #if 0 /* the dox say, that there is a snprintf, but I didn't found
-	     * it, so we use a static buffer for now */
-	do {
-	    if( n == -1 || !buf ) {
-		gcry_free(buf);
-		bufsize += 200;
-		/* better check the new size; (we use M$ functions) */
-		if( bufsize > 50000 )
-		    log_bug("vsnprintf probably failed\n");
-		buf = gcry_xmalloc( bufsize );
-	    }
-	    n = _vsnprintf(buf, bufsize-1, fmt, arg_ptr);
-	} while( n == -1 );
-      #else
-	if( !buf ) {
-	    bufsize += 1000;
-	    buf = gcry_xmalloc( bufsize );
-	}
-	n = vsprintf(buf, fmt, arg_ptr);
-	if( n == -1 )
-	    log_bug("vsprintf() failed\n");
-      #endif
-
+	n = vasprintf(&buf, fmt, arg_ptr);
+	if( !buf )
+	    log_bug("vasprintf() failed\n");
+        
 	if( !WriteConsoleA( con.out, buf, n, &nwritten, NULL ) )
 	    log_fatal("WriteConsole failed: rc=%d", (int)GetLastError() );
 	if( n != nwritten )
-	    log_fatal("WriteConsole failed: %d != %ld\n", n, nwritten );
+	    log_fatal("WriteConsole failed: %d != %d\n", n, (int)nwritten );
 	last_prompt_len += n;
+        m_free (buf);
     }
   #else
     last_prompt_len += vfprintf(ttyfp,fmt,arg_ptr) ;
@@ -261,13 +257,13 @@ tty_print_utf8_string2( byte *p, size_t n, size_t max_n )
 	    break;
     }
     if( i < n ) {
-	buf = utf8_to_native( p, n );
+	buf = utf8_to_native( p, n, 0 );
 	if( strlen( buf ) > max_n ) {
 	    buf[max_n] = 0;
 	}
 	/*(utf8 conversion already does the control character quoting)*/
 	tty_printf("%s", buf );
-	gcry_free( buf );
+	m_free( buf );
     }
     else {
 	if( n > max_n ) {
@@ -277,7 +273,6 @@ tty_print_utf8_string2( byte *p, size_t n, size_t max_n )
     }
 }
 
-
 void
 tty_print_utf8_string( byte *p, size_t n )
 {
@@ -285,13 +280,16 @@ tty_print_utf8_string( byte *p, size_t n )
 }
 
 
-
-
 static char *
 do_get( const char *prompt, int hidden )
 {
     char *buf;
+  #ifndef __riscos__
     byte cbuf[1];
+  #else 
+    int carry;
+    _kernel_swi_regs r;
+  #endif 
     int c, n, i;
 
     if( batchmode ) {
@@ -308,8 +306,8 @@ do_get( const char *prompt, int hidden )
 	init_ttyfp();
 
     last_prompt_len = 0;
-    tty_printf( prompt );
-    buf = gcry_xmalloc(n=50);
+    tty_printf( "%s", prompt );
+    buf = m_alloc(n=50);
     i = 0;
 
   #ifdef __MINGW32__ /* windoze version */
@@ -338,7 +336,7 @@ do_get( const char *prompt, int hidden )
 	    continue;
 	if( !(i < n-1) ) {
 	    n += 50;
-	    buf = gcry_xrealloc( buf, n );
+	    buf = m_realloc( buf, n );
 	}
 	buf[i++] = c;
     }
@@ -346,6 +344,50 @@ do_get( const char *prompt, int hidden )
     if( hidden )
 	SetConsoleMode(con.in, DEF_INPMODE );
 
+  #elif defined(__riscos__)
+    do {
+        if (_kernel_swi_c(OS_ReadC, &r, &r, &carry))
+            log_fatal("OS_ReadC failed: Couldn't read from keyboard!\n");
+        c = r.r[0];
+        if (carry != 0)
+            log_fatal("OS_ReadC failed: Return Code = %i!\n", c);
+        if (c == 0xa || c == 0xd) { /* Return || Enter */
+            c = (int) '\n';
+        } else if (c == 0x8 || c == 0x7f) { /* Backspace || Delete */
+            if (i>0) {
+                i--;
+                if (!hidden) {
+                    last_prompt_len--;
+                    fputc(8, ttyfp);
+                    fputc(32, ttyfp);
+                    fputc(8, ttyfp);
+                    fflush(ttyfp);
+                }
+            } else {
+                fputc(7, ttyfp);
+                fflush(ttyfp);
+            }
+            continue;
+        } else if (c == (int) '\t') { /* Tab */
+            c = ' ';
+        } else if (c > 0xa0) {
+            ; /* we don't allow 0xa0, as this is a protected blank which may
+               * confuse the user */
+        } else if (iscntrl(c)) {
+            continue;
+        }
+        if(!(i < n-1)) {
+            n += 50;
+            buf = m_realloc(buf, n);
+        }
+        buf[i++] = c;
+        if (!hidden) {
+	    last_prompt_len++;
+            fputc(c, ttyfp);
+            fflush(ttyfp);
+        }
+    } while (c != '\n');
+    i = (i>0) ? i-1 : 0;
   #else /* unix version */
     if( hidden ) {
       #ifdef HAVE_TCGETATTR
@@ -378,7 +420,7 @@ do_get( const char *prompt, int hidden )
 	    continue;
 	if( !(i < n-1) ) {
 	    n += 50;
-	    buf = gcry_xrealloc( buf, n );
+	    buf = m_realloc( buf, n );
 	}
 	buf[i++] = c;
     }
@@ -450,7 +492,7 @@ tty_get_answer_is_yes( const char *prompt )
     char *p = tty_get( prompt );
     tty_kill_prompt();
     yes = answer_is_yes(p);
-    gcry_free(p);
+    m_free(p);
     return yes;
 }
 
diff --git a/util/w32reg.c b/util/w32reg.c
index 362bcab8f..000ae07b7 100644
--- a/util/w32reg.c
+++ b/util/w32reg.c
@@ -19,7 +19,8 @@
  */
 
 #include <config.h>
-#ifdef __MINGW32__  /* This module is only used in this environment */
+#if defined (__MINGW32__) || defined (__CYGWIN32__)
+ /* This module is only used in this environment */
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -29,23 +30,13 @@
 #include "util.h"
 #include "memory.h"
 
-
-/****************
- * Return a string from the Win32 Registry or NULL in case of
- * error.  Caller must release the return value.   A NUKK for root
- * is an alias fro HKEY_CURRENT_USER
- * NOTE: The value is allocated with a plain malloc() - use free() and not
- * the usual gcry_free()!!!
- */
-char *
-read_w32_registry_string( const char *root, const char *dir, const char *name )
+static HKEY
+get_root_key(const char *root)
 {
-    HKEY root_key, key_handle;
-    DWORD n1, nbytes;
-    char *result = NULL;
-
+    HKEY root_key;
+	
     if( !root )
-	root_key = HKEY_CURRENT_USER;
+        root_key = HKEY_CURRENT_USER;
     else if( !strcmp( root, "HKEY_CLASSES_ROOT" ) )
 	root_key = HKEY_CLASSES_ROOT;
     else if( !strcmp( root, "HKEY_CURRENT_USER" ) )
@@ -59,6 +50,27 @@ read_w32_registry_string( const char *root, const char *dir, const char *name )
     else if( !strcmp( root, "HKEY_CURRENT_CONFIG" ) )
 	root_key = HKEY_CURRENT_CONFIG;
     else
+        return NULL;
+	
+    return root_key;
+}
+
+
+/****************
+ * Return a string from the Win32 Registry or NULL in case of
+ * error.  Caller must release the return value.   A NUKK for root
+ * is an alias fro HKEY_CURRENT_USER
+ * NOTE: The value is allocated with a plain malloc() - use free() and not
+ * the usual m_free()!!!
+ */
+char *
+read_w32_registry_string( const char *root, const char *dir, const char *name )
+{
+    HKEY root_key, key_handle;
+    DWORD n1, nbytes;
+    char *result = NULL;
+
+    if ( !(root_key = get_root_key(root) ) )
 	return NULL;
 
     if( RegOpenKeyEx( root_key, dir, 0, KEY_READ, &key_handle ) )
@@ -82,7 +94,35 @@ read_w32_registry_string( const char *root, const char *dir, const char *name )
 }
 
 
+int
+write_w32_registry_string(const char *root, const char *dir, 
+                          const char *name, const char *value)
+{
+    HKEY root_key, reg_key;
+	
+    if ( !(root_key = get_root_key(root) ) )
+	return -1;
 
+    if ( RegOpenKeyEx( root_key, dir, 0, KEY_WRITE, &reg_key ) 
+         != ERROR_SUCCESS )
+	return -1;
+	
+    if ( RegSetValueEx( reg_key, name, 0, REG_SZ, (BYTE *)value, 
+                        strlen( value ) ) != ERROR_SUCCESS ) {
+        if ( RegCreateKey( root_key, name, &reg_key ) != ERROR_SUCCESS ) {
+            RegCloseKey(reg_key);
+            return -1;
+        }
+        if ( RegSetValueEx( reg_key, name, 0, REG_SZ, (BYTE *)value,
+                            strlen( value ) ) != ERROR_SUCCESS ) {
+            RegCloseKey(reg_key);
+            return -1;
+        }
+    }
 
+    RegCloseKey( reg_key );
+	
+    return 0;
+}
 
-#endif /* __MINGW32__ */
+#endif /* __MINGW32__ || __CYGWIN32__ */