From 33e571a74a7d6153ba65aeecc72539a10f1f0ae4 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 11 Sep 2024 14:24:58 +0200
Subject: gpgsm: New option --assert-signer

* sm/gpgsm.c (oAssertSigner, oNoop): New.
(opts): Add option --assert-signer.
(assert_signer_true): New var.
(main): Set new option.
(gpgsm_exit): Handle assert_signer_true.
* sm/gpgsm.h (opt): Add field assert_signer_list.
* sm/verify.c (is_x509_fingerprint): New.
(check_assert_signer_list): New.
(gpgsm_verify): Handle option.
--

GnuPG-bug-id: 7286
---
 NEWS | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 5180f2ba6..1f2f98cf5 100644
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,13 @@
 Noteworthy changes in version 2.5.1 (unreleased)
 ------------------------------------------------
 
- * gpg: New option --proc-all-sigs.  [T7261]
+  * gpg: The support for composite Kyber+ECC public key algorithms
+    does now use the final FIPS-203 and LibrePGP specifications.  The
+    experimental keys from 2.5.0 are no longer supported.  [T6815]
+
+  * gpg: New option --proc-all-sigs.  [T7261]
+
+  * gpgsm: New option --assert-signer.  [T7286]
 
 
   Release-info: https://dev.gnupg.org/T7191
-- 
cgit v1.2.3