Add a new page for developers
add link to spoofing email signatrues writeup
|Deletions are marked like this.||Additions are marked like this.|
|Line 11:||Line 11:|
|* 2019-04-30: [[https://www.gpg4win.org/statement-spoofing.html|About detecting spoofed email signatures]] a writeup by Gnu~PG/Gpg4win|
-> Web Key Directory and Service, which makes exchanging crypto mails much easier.
- 2019-04-30: About detecting spoofed email signatures a writeup by GnuPG/Gpg4win
- 2018-05-17: Gpg4win statement on the Efail research
- 2018-02: Project mw2018 to improve Mailvelope by adding a native GnuPG option, better crypto library and webforms.
- 2017-12-31: End of Life for GnuPG 2.0.x. (So you really want to use GnuPG 2.2 or Gpg4win 3.0 .)
- 2017-09-21: Gpg4win 3.0 released, includes MIME capable Outlook-Add-in, GnuPG 2.2, WKD-requests and update notifications.
- 2017-08-28: GnuPG 2.2 released, comes with ECC and does "web key directory" requests by default.
GnuPG for Users
- Documentation Overview
- LargeKeys: How many bits are enough?
- WebOfTrust: Understanding the web of trust
- GnomeKeyring: What to do when Gnome Keyring Hijacks your GPG Agent
- TroubleShooting: What to do when something doesn't work (mainly on Windows for Gpg4win)
- PlatformNotes - what to be aware of when using or administrating GnuPG on different platforms.
- X.509 hints (needed for S/MIME and trusted root certs)
- SmartCard hints
- Wishlist Where to submit feature requests
- Applications using GnuPG
- Tools that may help running or administrating GnuPG or Gpg4win
- LDAPKeyserver: How to configure OpenLDAP as a keyserver.
- Hints for use with NFS
- How to use local secrets on a remote machine
GnuPG for Developers
- Suggestions for common UX practices
- How to use GnuPG from your application (GnuPG's API)
- Building GnuPG 2.1: GnuPG 2.1 is the latest GnuPG version but as with all 2.x versions it has several dependencies, which make building it a bit more difficult. Here are some notes.
- API checker: Upstream-Tracker.org checks ABI/API changes for some libraries like gpgme, libgpg-error, libgcrypt.
Note that the tools can't necessary decide whether something is an ABI or API change. The output should be used as a hint to look for whether there might be a problem. We are not aware of any broken API or ABI contracts for the listed libraries.