+monkeysphere (0.27-1~pre1) UNRELEASED; urgency=low
+
+ * New upstream release:
+ - fixed monkeysphere gen-subkey subcommand that was erroneously
+ creating DSA subkeys due to unannounced change in gpg edit-key UI.
+ Now tests for gpg version (closes MS #1536)
+ - add new monkeysphere keys-from-userid subcommand to output all
+ acceptable keys for a given user ID literal
+ * updated debian/copyright to match the latest revision of DEP5.
+ * updated standards version to 3.8.3 (no changes needed)
+ * add cpio to Build-Depends (used in test suite) (Closes: #562444)
+
+ -- Jameson Rollins <jrollins@finestructure.net> Sun, 10 Jan 2010 18:45:37 -0500
+
+monkeysphere (0.26-1) unstable; urgency=low
+
+ * New upstream release:
+ - add 'refresh-keys' subcommand to monkeysphere-authentication
+ - improve marginal UI (closes MS #1141)
+ - add MONKEYSPHERE_STRICT_MODES configuration to avoid
+ permission-checking (closes MS #649)
+ - test scripts use STRICT_MODES to avoid failure when built under /tmp
+ (Closes: #527765)
+ - do permissions checks with a perl script instead of non-portable
+ readlink GNUisms
+ - bail on permissions check if we hit the home directory (helpful on
+ Mac OS and other systems with loose /home or /Users (closes MS #675)
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 01 Aug 2009 17:11:05 -0400
+
+monkeysphere (0.25-1) unstable; urgency=low
+
+ * New upstream release:
+ - update/fix the marginal ui output
+ - use msmktempdir everywhere (avoid unwrapped calls to mktemp for
+ portability)
+ - clean out some redundant "cat"s
+ - fix monkeysphere update-known_hosts for sshd running on non-standard
+ ports
+ - add 'sshfpr' subcommand to output the ssh fingerprint of a gpg key
+ - pem2openpgp now generates self-sigs over SHA-256 instead of SHA-1
+ (changes dependency to libdigest-sha-perl)
+ - some portability improvements
+ - properly handle translation of keys with fingerprints with leading
+ all-zero bytes.
+ - resolve symlinks when checking paths (thanks Silvio Rhatto)
+ (closes MS #917)
+ - explicitly set and use MONKEYSPHERE_GROUP from system "groups"
+ (closes: #534008)
+ - monkeysphere-host now uses keytrans to add and revoke hostname
+ (closes MS #422)
+ * update Standard-Version to 3.8.2 (no changes needed)
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Thu, 16 Jul 2009 22:09:19 -0400
+
+monkeysphere (0.24-1) unstable; urgency=low
+
+ * New upstream release:
+ - fixed how version information is stored/retrieved
+ - now uses perl-based keytrans for both pem2openpgp and openpgp2ssh
+ - no longer needs base64 in PATH
+ - added "test" make target
+ - improved transitions/0.23 script so it no longer fails in common
+ circumstances (Closes: #517779)
+ - RSA only: no longer handles DSA keys
+ - added ability to specify subkeys to add to ssh agent with
+ new MONKEYSPHERE_SUBKEYS_FOR_AGENT environment variable
+ * update/cleanup maintainer scripts
+ * remove GnuTLS dependency
+ * remove versioned coreutils | base64 dependency
+ * added Build-Deps for dh_autotest
+ * switch to Architecture: all
+ * added cron to Recommends
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Tue, 03 Mar 2009 19:38:33 -0500
+
+monkeysphere (0.23.1-1) unstable; urgency=low
+
+ * New Upstrem "Brown Paper Bag" Release:
+ - adjusts internal version numbers
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 21 Feb 2009 18:09:47 -0500
+
+monkeysphere (0.23-1) unstable; urgency=low
+
+ "The Golden Bezoar Release"
+
+ * New upstream release.
+ * rearchitect UI:
+ - replace monkeysphere-server with monkeysphere-{authentication,host}
+ - fold monkeysphere-ssh-proxycommand into /usr/bin/monkeysphere
+
+ * new ability to import existing ssh host key into monkeysphere. So now
+ m-a import-key replaces m-s gen-key.
+ * provide pem2openpgp for translating unencrypted PEM-encoded raw key
+ material into OpenPGP keys (introduces new perl dependencies)
+ * get rid of getopts dependency
+ * added version output option
+ * better checks for the existence of a host private key for
+ monkeysphere-host subcommands that need it.
+ * better checks on validity of existing authentication subkeys when
+ doing monkeysphere gen_subkey.
+ * add transition infrastructure for major changes between releases (see
+ transitions/README.txt)
+ * implement and document two new monkeysphere-host subcommands:
+ revoke-key and add-revoker
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 21 Feb 2009 17:51:06 -0500
+
+monkeysphere (0.22-1) unstable; urgency=low
+
+ * New upstream release:
+ [ Jameson Graef Rollins ]
+
+ - added info log output when a new key is added to known_hosts file.
+ - added some useful output to the ssh-proxycommand for "marginal"
+ cases where keys are found for host but do not have full validity.
+ - force ssh-keygen to read from stdin to get ssh key fingerprint.
+
+ [ Daniel Kahn Gillmor ]
+
+ - automatically output two copies of the host's public key: one
+ standard ssh public key file, and the other a minimal OpenPGP key with
+ just the latest valid self-sig.
+ - debian/control: corrected alternate dependency from procfile to
+ procmail (which provides /usr/bin/lockfile)
+
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Fri, 28 Nov 2008 14:23:31 -0500
+
+monkeysphere (0.21-2) unstable; urgency=low
+
+ * actually rmdir /var/lib/monkeysphere-* during prerm if possible.
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 15 Nov 2008 16:36:57 -0500
+