GPG Suite Changelog

What's new in GPG Suite 2023.3

Jul 23, 2023

Adapts GPG Mail 7 to changes of Mail in macOS 13.5:
A method of macOS Mail that was previously used by GPG Mail to create outgoing messages has been removed and replaced by a new one
GPG Mail 7.2 addresses that change and calls the new method if available
GPG Mail 7.2 (macOS Ventura):
Fixes:
Fixes a problem where macOS Mail would crash as GPG Mail is calling a method that no longer exists in Mail for macOS 13.5 [#1148]
Makes sure to suppress macOS Mail's "public key not available"-dialog when the user is trying to reply to an encrypted message in plain, as GPG Mail's warning is already shown [#1144]

New in GPG Suite 2023.2 (Mar 27, 2023)

New in GPG Suite 2023.1 (Mar 27, 2023)

New in GPG Suite 2022.2 (Oct 25, 2022)

New in GPG Suite 2022.1 (Mar 8, 2022)

New in GPG Suite 2021.3 (Dec 14, 2021)

New in GPG Suite 2021.1 (May 23, 2021)

Support for Apple Silicon completed:
The previous release of GPG Suite included optimized versions of all our Apps and Services for Apple Silicon
This release includes a MacGPG version optimized for Apple Silicon as well
Rosetta 2 is no longer required to use GPG Suite
GPGMail 5.1 (macOS Big Sur, Catalina & Mojave):
Improvements:
Introduces flattened colors for the OpenPGP and S/MIME security method picker to better fit the look of macOS Catalina and Big Sur
Shows the security method picker as a toolbar icon if the window is too narrow
Automatically change security method based on senders OpenPGP keys or S/MIME certificates [#1087]
Fixes:
Sending a signed email with an empty body could lead to a crash [#1079]
The security method picker now properly pre-selects the configured default security method [#1078]
Fixes a problem where custom wildcard based key mappings were not properly applied [#1080]
Workaround a problem where users running Antidote Mail plugin did not see GPG Mail loader and could not load GPG Mail [#1077]
Fixes keyboard shortcuts to toggle between S/MIME and OpenPGP [#1085]
Fixes a problem where under rare circumstances remote content would be loaded [#1086]
GPG Keychain 1.8:
Improvements:
Centered toolbar icons in preferences window on Big Sur [#520]
Fixes:
Fixes a problem where custom column order was not saved [#518]
GPG Services 2.2:
Improvements:
The password dialog necessary for encrypting messages or files with a password is now integrated into the main GPG Services window rendering the two separate dialogs previously used obsolete [#270]
Fixes:
Fixes a problem where the main window was not shown when Do Not Disturb (DND) was active [#272]
Fixes the scrolling performance of key lists [#275]
Fixes a rare problem where too many lines were shown on key import, resulting in the dialog growing too large to fit on the screen [#274]
MacGPG 2.2.27:
New
Full support for Apple Silicon [#751]
Improvements:
Integrate GnuPG 2.2.27 [#754]
Integrate Pinentry 1.1.1 [#756]
Fixes:
Properly fetches certificates from macOS keychain to establish SSL/TLS connections [#752]
Fixes broken key auto-retrieve mechanism [#752]

New in GPG Suite 2020.2 (Nov 30, 2020)

New in GPG Suite 2020.1 (Jun 9, 2020)

Native system notifications for GPG Services:
GPG Services is now using system notifications to alert users when an operation has been completed.
By default notifications will remain on the screen until the user has reacted to them. They can be configured to automatically disappear however by switching to 'Banner Style' in 'System Preferences › Notifications › GPG Services'
System notifications greatly improve the experience of GPG Services and we hope you take advantage of the possibilities to tailor the notifications to your specific needs.
Alert dialogs are used as a fallback if system notifications are in "Do Not Disturb"-mode
Notifications for GPG Services are only available on macOS 10.14 and later.
GPGMail 4.1 (macOS Catalina, Mojave & High Sierra):
Improvements:
Display a tooltip when no signing key is available - it’s now much easier to find out why signing is not possible. While previously the encrypt and sign buttons would disappear, they now remain visible and when you hover over the sign button a tooltip with details why you can't sign, appears [#1060]
Adds a space between the security header title and the signature icon when viewing signed messages [#1068]
Fixes:
Includes a workaround for a bug in macOS Catalina which resulted in message content for partly signed / encrypted messages being cut off (scrolling was disabled) [#1057]
Fixes a problem where switching security method had no effect on the security method used to protect messages that were sent. Instead outgoing messages were always protected using the default encryption method configured. [#1058]
Fixes a bug where the Mail plug-in manager would not open if other bundles were installed alongside GPG Mail [#1056]
Re-ordered keyboard shortcuts for the encrypt and sign buttons: use ⌥⌘Y to toggle the encrypt button and ⌥⌘X to toggle the sign button [#1067]
The security method chosen to be used while composing a draft is properly restored when the users continues to edit the draft [#1061]
Picks up GnuPG key ring changes again on macOS Catalina, so it is not necessary to re-start Mail if a new key is imported [#1059]
Fixes a problem where GPG Mail 3 was not installed when the user customized their installation [#1069]
Adds the option to switch support plan in Mail › Preferences › GPG Mail [#1064]
Shows a better error message when a user tries to activate GPG Mail with a support plan that has been previously disabled [#1071]
GPG Keychain 1.6:
Improvements:
When creating a new key, GPG Keychain now checks if a valid secret key already exists for that email and will warn users, before creating a second key for the same email [#476]
Search results for sks key servers show long key ID [#496]
Passphrase verification is now mandatory during key creation or when changing the passphrase of an existing key [#441]
Customized sorting options for signatures and subkeys tabs are now properly restored after restart [#505]
When checking for key updates on the keys.openpgp.org key server, key updates are also fetched from the sks key servers when the fallback option is enabled [#507]
Fixes:
Always open key details on the same screen where the main app is displayed [#506]
Fixes a bug where scrolling search results from the sks key servers could be laggy [#495]
Fixes a bug on Catalina where exported keys could end up with the wrong file name and located in the folder above the actual destination folder [#502]
Reduces the number of keys displayed in the success dialog for large key imports in order to make sure that the dialog is not cut off [#504]
In search results from sks key servers the first valid key is now pre-selected, independently from the creation date. Before the first result would be pre-selected regardless of its validity [#480]
GPG Services 2.0:
New:
Alert users of compeleted operations using macOS system notifications [#258]
Improvements:
Improves the error message for signatures using a public key, which has been revoked [#260]
Limits the width of dialogs to prevent the window to grow too large when keys with very long emails or names are involved [#259]
GPG Suite Preferences 2.3:
Improvements:
Remembers information entered in "Send Report" in case System Preferences is closed before a report was submitted [#109]
Name in the "Send Report" form is pre-filled to make submitting a problem even easier [#112]
MacGPG 2.2.20:
Improvements:
Integrate GnuPG 2.2.20 [#742]
Fixes:
Fixes a problem where pinentry would store an empty passphrase which then resulted in decrypt operations being aborted immediately without asking the user for the passphrase [#740]
Fixes a bug where pinentry would show two overlapping password fields instead of just a single one [#741]
Fixes the key server check for ldap key servers in Libmacgpg [#178]

New in GPG Suite 2019.2 (Nov 24, 2019)

New in GPG Suite 2019.1 (Aug 23, 2019)

New in GPG Suite 2018.5 (Oct 24, 2018)

GPGMail 3.0.1 (macOS High Sierra & macOS Mojave):
Improvements:
Various improvements concerning the activation of GPG Mail Support Plan
Fixes:
Inline PGP signatures are verified again
Message from PGP Desktop or gpg4o were in some cases not decrypted [#1012]
Changes introduced by Apple in 10.14.1b3 to mitigate efail lead to crashes – reminder: if you rely on GPG Mail, please stay on the stable release channel of macOS [#1013]
Under certain conditions Mail could crash if a message was already being force fetched [#1014]
The button to "Load Remote Content" would sometimes disappear [#1016]
GPGMail 2.8.1 (macOS Sierra):
Fixes:
Mail could crash when trying to verify a PGP signed message [#1003]
Fixes a crash in GPG Mail which was caused by an empty subject [#1005]
GPG Keychain 1.4.6:
Improvements:
Dark Mode support on macOS Mojave [#468]
More detailed validity ownertrust indicators [#314]
Added specific dialog when removing a local signature from a key [#467]
Fixes:
Using brackets in name field during key creation, resulted in that portion being moved to the comment field [#457]
Increased contrast of explanatory text in signing dialog on macOS Mojave [#466]
GPG Services 1.11.6:
Improvements:
Refined details like window title [#248]
Added a headline for the recipient selection [#248]
Same names for columns as in GPG Keychain [#248]
Default columns now include the fingerprint [#248]
GPG Services now checks the content instead of the extension to decide which operation to apply. Key data will be imported, encrypted content will be decrypted and signed content will be verified [#201]
Fixes:
GPG Keychain and GPG Services now share the same design for the validity column [#238]
GPG Suite Preferences 2.1.4:
Improvements:
Set cache time of SSH in addition to "normal" cache time [#98]
Dark Mode support on macOS Mojave
Fixes:
Potential crash due to KVO loop in connection with password cache [#103]
Libmacgpg 0.8.7:
Fixes:
Custom key servers were not added to key server list [#167]
Do not return wrong error code when pinentry is cancelled [#168]
"Decrypting" a clear-signed message did not work [#170]
Makes sure Paddle (paddle.com) is only contacted for support plan activation

New in GPG Suite 2018.4 (Sep 25, 2018)

Introducing GPG Mail 3 for macOS Mojave and High Sierra:
macOS Mojave is just around the corner and we couldn't be more stoked about telling you, that GPG Mail is ready.
For the best user experience, it is advised to install this release before upgrading to macOS Mojave. Otherwise you will have to manually enable GPG Mail after the upgrade.
For those of you who have been following us for a long time it might not come as much of a surprise, that after almost ten years of developing GPG Suite, we have decided to start charging a fee for continued use of GPG Mail.
After the installation of this update you will be able to test GPG Mail for another 30 days. After the trial period is over, you will still be able to decrypt incoming messages, but in order to verify and encrypt new messages, a GPG Mail Support Plan is required.
We hope you understand our decision and keep supporting us.
macOS 10.14 Mojave Support:
GPG Mail 3 supports macOS 10.14 Mojave from day one. Enjoy secure communication on Apple's latest and greatest (remains to be seen) macOS.
Never have one of them pesky keys expire on you again:
GPG Keychain and GPG Mail will warn you four weeks before your key is about to expire. Never worry about expiring keys again, we've got you covered! Extending your key with one simple click has never been easier.
GPG Mail 3.0:
Improvements:
Introduces proper support for PGP-Partitioned messages from PGP Desktop [#991]
Fixes:
Messages that went through MS exchange servers could trigger Mail to crash. This was - by far - our number one crasher and it is now a thing of the past [#977]
Messages containing only encrypted attachments but not encrypted text were falsely displayed as partly encrypted [#986]
In some cases, PGP/MIME encrypted and signed message recognized as partly encrypted did not show a signature [#987]
PGP/MIME messages within a message/rfc822 mime part (inline) were not decrypted [#992]
Re-added support for embedded filenames [#990]
Inline PGP messages from Mailvelope were displayed as partly encrypted / partly signed [#989]
A message's subject line could be manipulated to look like the message was signed when it was not. Credit for this finding goes to Hanno Böck (@hanno) [#1001]
GPG Mail 2.8 (Sierra only):
Fixes:
All fixes from GPG Mail 3 were back ported for version 2.8
GPG Keychain 1.4.5:
Improvements:
Inform users of keys about to expire and provide simple option to extend them [#59]
New password strength indicator - color codes and smarter indicator for password strength [#442]
Updated message during key generation [#455]
In order to prevent users from leaking their secret key, if a key pair is exported, the secret key is always listed first. That makes it easier to catch that mistake [#452]
Fixes:
During key creation, only active email addresses are suggested [#446]
German umlaute were not properly encoded in key searches [#460]
GPG Services 1.11.5:
Improvements:
Remember status of "Sign", "Add to Recipients" and "Encrypt with Password" options [#128]
When a message or file can not be decrypted due to a missing secret key, the error message now shows the key ID of the required key. That makes it much easier to understand why decryption would not work and to determine wether the correct key was used for encryption [#195]
When a message or file can not be verified because the required public key does not exist, the error message now shows the key ID of the required key [#246]
MacGPG 2.2.10:
Improvements:
Updated to GnuPG 2.2.10 [#718]
Fixes:
Using 127.0.0.1 in resolv.conf could prevent dirmngr from resolving the IP addresses of keyservers [#717]

New in GPG Suite 2018.3 (Jun 14, 2018)

New in GPG Suite 2018.2 (Jun 5, 2018)

New in GPG Suite 2018.1 (Feb 13, 2018)

New in GPG Suite 2017.3 (Dec 22, 2017)

New in GPG Suite 2017.2 (Dec 7, 2017)

New in GPG Suite 2017.1 (Sep 24, 2017)

HIGHLIGHTS:
First Beta of GPGMail 3.0 for macOS High Sierra:
We are happy to announce beta support for macOS High Sierra from day one. Find more details below.
With the release of GPGMail 3.0 stable, we will start charging a small fee for GPGMail to deliver more timely updates and even better user support in the future.
This beta will expire once GPGMail 3.0 stable is released.
Stable version of GPGMail for macOS Sierra:
All major blockers have been resolved and GPGMail for macOS Sierra is now considered stable.
Upgrade GnuPG from 2.0 to the new version 2.2:
On first use, your keys will be upgraded to the new format used in GnuPG 2.2. As a safety measure a backup of your keys will be created prior to migrating to GnuPG 2.2.0. Based on the size of your keyring the installation may take longer.
Smartcard users, please have a look at 2.2 migration for smartcard users.
Crash Reporter for GPGMail:
When GPGMail crashes you will be asked whether or not you want to send us the crash report. These crash reports will help us to quickly identify and fix issues in GPGMail.
If you add an email address in GPG Suite Preferences we will even be able to contact you to ask for further details and you can disable the crash reporter at any time.
GPG Keychain no longer allows to upload public keys that are not yet available on the key servers:
This change was introduced in order to avoid leaking public keys for users that might actively choose to not have their gpg keys published on key servers
GPGMAIL (10.13 ONLY) 3.0B1:
macOS 10.13 High Sierra beta:
Since this is a beta, crashes or unreliable behavior are expected.
Known Issues:
Messages may not always be decrypted automatically. De-select and re-select as a workaround
Mail might crash when trying to decrypt specific messages
Some PGP signed messages might fail to verify.
If an error happens while trying to send a PGP signed or encrypted message, no error alert will be shown. This is related to a bug in Mail for High Sierra which we have filed with Apple (rdar://22828028)
If an address is entered into the Reply-To field for which no public key is available, it's not possible to encrypt a message. This is related to a bug in Mail for High Sierra which we have filed with Apple (rdar://33886415)
GPGMAIL (10.12 ONLY) 2.7:
Stable version of GPGMail for macOS 10.12 Sierra:
All major blockers have been resolved and GPGMail for macOS Sierra is considered stable.
Improvements:
When attempting to forward the decrypted version of an encrypted message, the user will see a warning. [#870]
Detection of PGP/MIME encrypted messages is more lenient towards Avast modifications. [#921]
Properly handles PGP attachments with mime type text/plain and application/pgp (Mailvelope). [#939]
Display pseudo-PGP/MIME messages from iPGMail as proper PGP/MIME messages. [#929, #938]
Properly detects PGP data now where the PGP marker has whitespace after -----BEGIN PGP MESSAGE-----. [#924]
Forces Mail.app to re-download the complete message a signed PGP/MIME message is detected in order to fix verification issues. [#914]
Fixes:
The selected key is now used for signing when more than one key is available for the sender address. In previous betas a random key was used. [#895]
In gpg.conf group option now works as expected on macOS Sierra. [#903]
Properly detect MS Exchange modified PGP/MIME encrypted messages again. [#915]
Canceling the pinentry request for signing upon sending a message may have lead to unexpected behavior. [#873, #902]
Pinentry now only asks a single time when re-opening an encrypted draft and canceling the dialog. [#893]
If Mail Act-On was active, messages would not be encrypted. Mail Act-On and GPGMail once again peacefully co-exist. [#888]
Drafts could be encrypted twice resulting in drafts showing an encrypted.asc file when re-visited. [#866]
Tooltips for sign and encrypt buttons are working again on macOS Sierra. [#916]
Keyboard shortcuts for encrypt and sign buttons are working again on macOS Sierra. [#917]
GPGMAIL (10.9 - 10.11) 2.6.3:
Improvements:
Detection of PGP/MIME encrypted messages is more lenient towards Avast modifications. [#921]
Properly detects PGP data now where the PGP marker has whitespace after -----BEGIN PGP MESSAGE-----. [#924]
Drafts could be encrypted twice resulting in drafts showing an encrypted.asc file when re-visited. [#866]
GPG KEYCHAIN 1.4:
Improvements:
Since the short ID has been deemed insecure for a long time, new installations of GPG Keychain now show the fingerprint column instead of the short ID. [#376]
GPG Keychain no longer allows uploading a public key, if the key in question does not reside on the key servers. So if you signed a key which does not exist on the key servers yet, consider mailing the updated public key to the key owner if you want to share your signature. [#186]
Improves the support of different languages in GPG Keychain preferences. [#382]
The subkey tab has received a clean-up. [#387]
Display the fingerprint of a subkey in the key details view. [#386]
Key details clean-up: Tabs have been simplified. It's now easier to add a photo to a key. [#269]
Whenever keys are changed, created or updated, an informative key upload dialog is shown. [#277, #417, #418]
It's now possible to display additional information for a key signature by right-clicking on a signature in the key details > user IDs tab and downloading the key which created the signature. [#235]
Key details > user ID tab: the signature section now has a + button allowing to sign the selected user ID. [#421]
Adds VoiceOver support for key creation dialog. [#351]
Adds a confirmation dialog to key uploads. [#61, #405]
Key uploads are limited to a single key at a time. [#419]
When exporting a key, the filename now suggests what type of key your are exporting (Public or Secret key). [#396]
After importing a key it is highlighted in the key list. [#369, #404]
Improves subkey generation dialog to better support different languages. [403]
When no match is found for a search of your keys, an informative message instead of an empty key list is shown. [#371]
The dialog for adding a user ID or subkey is now consistent with the dialog for new keys. [#254]
Key creation dialog was cleaned up. [#412]
Removes restrictions for the name field in the key creation dialog. [#399, #402, #415]
The comment field is generally considered to be harmful. This version removes it from the dialog to add a user ID. [#416]
Adds support for png image files. [#278]
Key server search results window is resizable. [#267]
When selecting more than one key and opening the key details view, an informative message instead of an empty window is now shown. [#328]
When GPG Keychain is opened by double-clicking on an encrypted file instead of a file containing a gpg key, it automatically opens GPGServices to handle the file instead. [#384]
Fixes:
Disabling or re-enabling a key in key details no longer triggers lags of the UI. [#385]
The escape key now consistenly closes key details. [#407]
When updating the expiry date, that information now is instantly updated. [#231]
Type any letter or an entire name on your keyboard while in the key list to get to that place in the list. This has been behaving strangely for a long time and we are really happy it now works as expected. [#342]
Signing keys is only available for single keys. When more than one key is selected the signing option is greyed out. [#391]
Fixes a rare hang which could occur during key upload. [#409]
Fixes a crash when opening key server preferences with no key server selected at the time. [#398]
Fixes a problem where the dialog to add a user ID could get stuck when the user attempted to abort. [#401]
The fingerprint no longer changes font-size when being marked. [#374]
Adds proper text to the dialog which is shown, when users try to import encrypted data. [#383]
GPG SUITE PREFERENCES (WAS GPGPREFERENCES) 2.1:
Crash Reporter for GPGMail:
When GPGMail crashes you will be asked whether or not you want to send us the crash report.
These crash reports will help us to quickly identify and fix issues in GPGMail.
If you add an email address in GPG Suite Preferences we will even be able to contact you to ask for further details. [#89]
You can disable the crash reporter at any time.
Improvements:
Field for caching time limited to 5 digits so that all numbers entered are visible. [#87]
Keys in the "Default Key" dropdown are listed in alphabetical order. [#64]
A confirmation dialog is shown, when stored passwords are about to be deleted or the password cache is about to be cleared. [#81]
Renames GPGPreferences to GPG Suite. [#94]
Removes the option to edit the gnupg.conf comment from GPG Suite Preferences. If a custom comment is detected, a one time dialog is displayed for users, that allows them to easily remove it. [#88]
MACGPG 2.2.0:
Migration from gnupg 2.0 to 2.2:
MacGPG now includes GnuPG 2.2. Learn more about the changes.
Fixes:
Libgcrypt 1.8.1, including fix for CVE-2017-7526 and CVE-2017-0379. [#695, #696]
pinentry dialog is no longer shown twice when canceled during subkey generation. [#693]
Fixes a crash in scdaemon when using a Yubikey. [#689]
LIBMACGPG 0.8:
Improvements:
Instead of using a custom implementation of NSTask with support for multiple pipes, adjust the code to use NSTask and reduce number of necessary pipes. [#155]
Fixes:
Make sure that the gpg operation is aborted when a pinentry passphrase request is cancelled while signing and encrypting a file. [#156]
Transform gpg 2.1 error codes. [#154]
Use Security and CommonCrypto for installer certificate validation instead of OpenSSL. [#152]

New in GPG Suite 2017.1b3-v2 Beta (Mar 23, 2017)

GPGMAIL 2.7B3:
Much improved macOS 10.12 Sierra support:
Third public beta version of GPGMail for macOS Sierra. [GPGMail #874]
Improvements:
When attempting to forward the decrypted version of an encrypted message, the user is now shown a warning. [#870]
Fixes:
The top priority bug which affected many users has been fixed. The bug caused messages to display "Loading..." but never finish that process. Encrypted replies in threaded view would show an encrypted.asc attachement instead of the decrypted reply. Another side effect of the bug lead to attachments that could not be opened on macOS Sierra. [#901, #907]
Under some circumstances the error "Decryption failed due to unknown error" was shown, even though the message or attachment could be decrypted. [#912]
Canceling the pinentry request for signing upon sending a message may have lead to unexpected behavior. [#873, #902]
pinentry now only asks a single time when re-opening an encrypted draft and canceling the dialog. [#893]
If Mail Act-On was active, messages would not be encrypted. Mail Act-On and GPGMail once again peacefully co-exist. [#888]
The warning for unencrypted replies to encrypted mails was not shown. [#890]
Mail on Sierra crashed under certain circumstances when trying to find a certificate matching the sender. [#897]
Ensure all drafts are encrypted when that option is enabled. No matter if a recipient was entered or not. [#908]
GPGMail no longer triggers an error when starting to compose a new message in cases where only a single account with more than one key was used. [#900]
Problems with the brazilian translations have been fixed. [#899]
Known Issues:
If multiple private keys are available for the same email address, GPGMail currently picks one at random to sign the message. [#895]
Inline PGP is currently not supported at all, PGP/MIME will be used instead. [#894]
"BCC" recpients are currently not treated differently from "TO" or "CC" recipients (gnupg --hidden-recipients option not currently in use). [#896]
Mail rules for signed or encrypted messages will not work for PGP/MIME signed/encryted messages.
Keys that are imported using gnupg cli or GPG Keychain might require a restart of Mail in order to be picked up by GPGMail.
GPG KEYCHAIN 1.3.3B2:
Improvements:
Since the short ID has been deemed insecure for a long time, new installations of GPG Keychain now show the fingerprint column instead of the short ID. To adjust your existing installation of GPG Keychain, right click the top column and tick the fingerprint option to show that column. [#376]
Added fingerprint info to the subkey tab in the key details view. [#386]
The subkey tab received a clean-up, dust was wiped off and it now looks more shiny. [#387]
Fixes:
Type any letter or an entire name on your keyboard while in the key list to get to that place in the list. This has been behaving strangely for a long time and we are really happy it now works as expected. [#342]
Signing keys is only available for single keys. When more than one key is selected the signing option is greyed out. [#391]
GPGPREFERENCES 2.0.2B3:
Improvements:
Version info is now correctly displayed on macOS Sierra. [#93]
When users install GPG Suite beta, they will receive beta updates. [#92]

New in GPG Suite 2017.1b2 Beta (Jan 24, 2017)

New in GPG Suite 2016.10 v2 (Oct 14, 2016)

New in GPG Suite 2016.08 v2 (Aug 16, 2016)

New in GPG Suite 2016.07 (Jul 4, 2016)

New in GPG Suite 2015.09 (Sep 27, 2015)

New in GPG Suite 2015.08 (Aug 16, 2015)

New in GPG Suite 2015.06 (Jun 15, 2015)

HIGHLIGHTS:
OS X Yosemite support for GPGMail:
This has been a long beta phase – we know. But we are very happy to announce GPGMail is now fully compatible with OS X Yosemite.
Encrypt drafts by default:
All drafts will be encrypted with your public key by default, preventing plain text drafts from ending up on your mail server.
A revocation certificate for every new key:
Up to now, when you lost a secret key or forgot the passphrase for it, you had to make sure to have a revocation certificate, to at least inform others that this key is no longer to be used. From our experience however we know, that not many people are creating a revocation certificate in time. And you shouldn't have to. That's why we now create a revocation certificate for you whenever you create a new key in GPG Keychain!
Update management for all tools:
Check for updates of any of our tools right within GPG Preferences. It's never been easier to stay up-to-date with all of our components of GPG Suite. To test not yet released changes, we've also added a pre-release and nightly channel.
Omit GPG version info to protect your security:
By default, we will no longer display any version information along with your signed or encrypted content, since this information could help an attacker to better target your specific version. For existing installations we recommend to make sure that the "Display version in messages" option in GPG Preferences is disabled.
Warning signal before sending an unencrypted reply to an encrypted message:
Sending an unencrypted reply to an encrypted message can pose a serious security threat since information might be leaked. To mitigate that problem, we now display an informative warning message which explains the situation and gives you the chance to revise the message you are about to send.
Warning about drafts stored on server:
Should you choose to disable the "Encrypt drafts by default" option and the "Store draft messages on the server" option is enabled for any of your Mail accounts, you'll now see a warning message, explaining why this is dangerous.
Send public key by mail:
GPG Keychain makes it easy now, to send your public key to friends or colleagues via email right from the context menu. Simply select a key, bring up the context menu and choose "Mail public key" (⇧⌘M). The mail will also include an explanation of what a public key is and where your friends or colleagues can find a suitable PGP software for their operating system.
Connect to key servers via SSL:
We've added a new default key server which uses SSL for all our key server queries. If you've never touched the default key server of previous installation, we're migrating to the new one automatically. Otherwise, you can easily change it in GPG Keychain → Preferences by selecting "hkps.pool.sks-keyservers.net".
GPGMAIL 2.5:
10.10 Yosemite support:
This has been a long beta phase – we know. But we are very happy to announce 10.10 support is now ready for a stable release and hope you'll enjoy GPGMail 2.5 as much as we do.
Encrypt drafts by default:
All drafts will be encrypted with your public key by default, giving you better security and preventing bad situations from the get go. This concerns all your accounts in mail.app, even if you do not have an OpenPGP key for all of them. Encrypt drafts can still be disabled in GPGMail preferences (which we do not recommend). [#648]
Show warning before sending an unencrypted reply to an encrypted message:
Your security is important and sending an unencrypted reply to an encrypted message can pose a serious security threat since information might be leaked.
We now display an informative warning message which explains the situation and gives you the chance to revise the draft you are about to send.
Intuitive security indicator for encrypted mails:
Until now we showed an open lock to indicate that the mail has been decrypted. But actually there are only two states: successful decryption (which now shows a closed lock) or no decryption at all due to an error (which results in an error message). We think the new behavior is much more intuitive. The open lock for decrypted messages was irritating and did worry quite a few users who believed the messages weren't encrypted at all. [#777]
Auto-Updates:
We think it's a good idea to keep our users up to date with the latest fixes and improvements. So now, the automatic check for updates is enabled by default. While working on this, we discovered a bug in the way auto-updates were implemented, so that is now fixed and updates for GPGMail should be much smoother in the future. [#774, #785, #822]
Warning about drafts stored on server:
This warning serves a very specific case, but it is very important to understand the consequences, so we are happy to now provide the user with an informative message. If drafts are stored on server and the GPGMail option to "Encrypt drafts" is being disabled, you'll see a message warning you that your drafts will be stored on those server as plain text, once you start typing a new message. [#819]
Bugfixes:
GPGMail on 10.10 no longer crashes when new message creation is invoked via AppleScript. We heard you - this is a much used feature and we're glad this bug is fixed! [#768, #799, #804]
Mail.app crash on 10.7: Crash on creation of a new message. [#783]
Drafts: Sign and encrypt status for drafts were not always saved. [#761]
Drafts: Signed drafts were displayed as empty messages on Mavericks. [#695]
Drafts: A nasty bug was squashed which prevented drafts from being stored on OS X 10.8 and 10.7. [#776]
Drafts: In some occasions, encrypted drafts or sent messages had missing header parts, which resulted in incorrectly rendered mails.[#782]
GPGMail believed that for certain addresses S/MIME encryption was not available while it actually was. [#673]
Updates: the installer no longer stays open when Mail.app was quit during the update. [#742]
Displaying revoked UIDs when two keys for the same email address exist and one is revoked is a bad idea. We no longer do that. [#656]
Coexist peacefully: No more duplicate headers when using GPGMail and MailTags plugins together. [#747]
A broken signature was falsely shown as "Signed". [#714]
Remove trailing white-spaces so that signatures no longer get invalidated. [#686]
On 10.10 GPGMail failed to properly load messages with winmail.dat attachments. [#771]
Correctly detect inline PGP in text/html messages. [#787]
10.10: ensure selecting a specific key in the "From:" menu when composing a new message is possible when more than one secret key is available for the same email address. [#809]
GPGMail no longer clutters Console.app with "error CFBundle RegexKit.framework Data couldn't be read" messages. [#796]
Attachments of weird inline PGP encrypted messages from Windows are now properly displayed. [#677]
When selecting an email from the sent folder and using "Send again" from the menubar, the resent mail did not respect your default setting to encrypt / sign mails. [#813]
Minor typo in an error messages about signature that cannot be verified fixed. [#816]
There was an infinite loop (scnr) error when spell check on send was enabled and the user clicked "Send anyway". [#829]
GPG KEYCHAIN 1.2:
Create revocation certificate for every new key:
Before when you lost a secret key or forgot the passphrase for it, you had to make sure to have a revocation certificate, to at least inform others that this key is no longer to be used. From our experience however we know, that not many people are creating a revocation certificate in time. And you shouldn't have to. That's why we now create a revocation certificate for you whenever you create a new key in GPG Keychain! [#244]
Send public key by mail:
This is one of the more popular feature requests we had in the pipe: You can now send your public key by mail by selecting "Key > Mail pub key" from the menu bar (⇧⌘M). This is possible for your own public keys or also for other public keys in your keychain. A new mail in Mail.app will open and we've added a nice template text to explain what a public key acutally is and how to get started using OpenPGP if your friends are not familiar with it. [#86]
Sanity check for new key servers:
When entering a new key server in the key server preferences, we now run a check to see if the key server is properly working, so users don't end up with a broken key server. [#150]
Warning message before revoking a key:
Revocation certificates should never be imported without informing the user about the consequences. So before you can revoke your key we now show a message that explains any implications. [#165]
Removed option to create 1024bit keys:
1024bit keys are no longer considered secure, so we removed that option. [#264]
Bugfixes:
Selecting many keys for cleaning operation could result in crash. [#193]
Canceling the progress indicator caused a crash. [#191]
Potential crash on key import from key server. [#227]
10.7: Crash on opening GPG Keychain. [#279]
Potential crash when adding a User ID. [#274]
Endless loop when revoking a key. [#273]
Crash on key creation. [#240]
Crash when changing ownertrust. [#212]
Crash on several occasions in NSKeyValueCoding. [#340]
Key on smartcard wasn't detected by GPG Keychain. [#216]
Instead of crashing an error message is displayed when SSH keys are imported (which are not supported). [#210, #255]
Allow creation of subkeys with specific capabilities and honor RSA sign only key. [#148]
Show keyIDs of own keys when signing. [#192]
Malloc error when entering ldap key server URL. [#228]
Double entry for GPG Keychain under System Preferences > Security > Privacy > Contacts due to change in identifier. [#196]
Export of pub key does not show suffix although option to hide suffix is inactive. [#225]
Search for german umlaute was broken. [#217]
Creating sign-only keys didn't work. [#152]
Display details when showing an unknown error. [#341]
Key servers entered by users where not stored in the key server list. [#292]
Entering an invalid keyserver value with newlines caused a crash. [#299]
When trying to delete all keys, only secret keys were deleted but public keys remained. [#283]
Revoking a signature was broken. [#285]
If you are a gamer and had high APM, toggeling the filters fast enough would not change sorting but open the selected key. [#294]
No longer gets stuck after a users removes all algorithms except "none". [321]
Better error message when opening encrypted files with GPG Keychain instead of GPGServices. [#224]
Better default naming for exported keys: If more than one key is exported, GPG Keychain now uses "YEAR-MM-DD" and shows the number of exported keys. [#300]
Keep primary UserID after adding new UserID. [#172]
Better info message in Key > Sign dialog. [#207]
Display warning before deleting last self-signature. [#102]
When creating a new key, we auto-fill the fields with data from your address book entry. [#70]
Key inspector window should not stay visible when GPG Keychain is in the background. [#215]
Allow drag and dropping a .jpg into the Key Inspector > Photo tab... [#182]
Show spinner if loading photos takes more than 2 seconds. [#181]
Allow searching for fingerprints using human readable format (i.e. with spaces). [#204]
Add a toolbar button for key search/retrieval. [#221]
Keep position of key list after deleting a key and don't jump back to the top. [#177]
Removed Undo / Redo from Edit Menu until this feature is properly implemented. [#309]
Show validity column in default view for main window. Many users where wondering why keys where unusable. This will help indicating what is going on. [#122]
Column sorting using the validity column now follows validity status instead of the alphabet of the validity state. [#241]
Fingerprint was displayed with too many spaces. [#208]
Key Inspector User ID tab: the signature column and created date were too narrow. [#97, #201]
Show warning if pinentry crashes during key creating instead of just sitting idle. [#200]
New warning: when the only subkey of a key is about to be deleted, we now display an informative warning. [#103]
No longer display the comment column in the key list. [#271]
Limit long error messages so they don't go offscreen. [#170, #252]
Button too narrow for german translation in new key dialog. [#253]
Key inspector for UI improvements for german translation. [#114]
Resize text-fields to fit content. Really long names where not properly shortened. [#220]
Better error message if damaged gpg.conf is detected. [#149]
Don't show revoked keys in search results from key servers. If you want to see revoked keys for your key search you can enable that option under Preferences > Key server. [#262]
Improve naming of key search options to clarify where the search is done (local search vs search on key servers). [#265]
When updating keys, progress sheet listed User IDs without line breaks. [#226]
Incorrect progress sheet message when changing expiration date of a key. [#214]
When main window is maximized, instead of expanding the key inspector (key details) to the side, they now show in a separate window on top. [#236]
Hide "Algorithm Preferences" by default. They still exists but are now an expert setting. [#311]
Improved naming and reordered a few menu bar items.
New keys did not appear in key list when one tried to signed another key. [#303]
Proper sorting ignoring capitalization: why did we differentiate between capitalization and small letters in the first place? [#302]
When changing the primary UserID the key list no longer loses focus of the selected key. [#304]
Properly display important dialog windows on small screens, which might have previously been hidden by the key details window. [#307]
Properly display UTF-8 characters when looking at UserIDs. [#320]
Minor fix in german translation for Key ID. [#275]
GPGSERVICES 1.10:
Clearly indicate which keys are selected:
Below the key list you'll now find an indicator showing if any keys are selected. Keys which are already selected will always be shown on top of the key list, so you will not accidentally encrypt to the wrong recpipient. If you want to unselect all keys we now provide a simple checkbox for that. [#183]
Bugfixes:
Crash when using columns to sort keys. [#178]
Signing files broken. GPGServices main window not showing up, only a progress indicator. [#176]
Progress indicator not closed when GPGServices main window closed. [#166]
Be more tolerant towards deformed encrypted messages. Missing linebreaks at the end of an encrypted message no longer cause a "Decryption failed" error. [#197]
Be even more tolerant: Encrypted messages sent via facebook couldn't be decrypted. [#196]
Decryption of encrypted empty text file failed. [#172]
Processing of large files (>4GB) lead to errors. [#217]
OK button became inactive when encrypting to public keys without encrypting to own key. [#214]
Key count of selected keys is now always correct. There were glitches in some rare occasions. [#216]
10.6: Leaking NSString objects when GPGServices was launched. [#212]
Filename wasn't correctly saved in the encrypted file, so that renamed encrypted files produced wrongly named decrypted files. [#161]
Show verification results when decrypting text. [#179]
Files with spaces in the filename that were encrypted and later decrypted, contained " " instead of spaces in the output filename. [#202]
Verify results now also show the Key ID in addition to Name and mail address. [#177]
Minor improvements in "Sign / Add to recipients" section in main window. [#188]
GPGPREFERENCES 1.5:
Update management for all tools:
Add "Check Now" buttons for all the tools: it's never been easier to stay up-to-date with all components of GPG Suite. We now offer stable, pre-release and nightly channels for every single component of GPG Suite. [#58]
Key server sanity check:
GPGPreferences now checks if a key server is valid and working, when a new one is entered. [#71]
Copy version info into the clipboard:
By clicking on any version info in the Updates tab, all version info is copied into the clipboard. This makes it easier than ever to provide the complete version information along with your support requests. [#53]
Bugfixes:
Respect the "display no version info" setting. When exporting a key, "MacGPG v2" was still added. This is no longer the case. [#66]
Crash on 10.6 caused by "Check Now" button. [#54]
Nightly channel didn't stick. The channel setting was not stored. [#59]
Crash due to invalid value on "remember the passphrase for" setting. [#69]
OS X 10.6: "delete stored passphrases" option didn't work properly. [#72]
Display "Select a key..." instead of an empty combo box when no default key is selected. [#70]
OS X 10.10: Text of component names in Updates tab cut off. [#65]
Visually distinguish installed and not installed tools in update listing. [#52]
MACGPG 2 2.0.27:
Support for hkps key servers and new key server default:
The default gpg.conf uses the hkps.pool.sks-keyservers.net key server by default. [#119]
Tries to migrate old default configurations to connect to key servers via hkps.
hkps sks key server pool is now new default.
No version info to protect your security:
The new default will not show any version info in the comment field. For existing installations, you can disable showing version info using GPGPreferences. That way it's no longer possible to determine for an attacker which gnupg someone is using and can't abuse that information. [#131]
Integrate gpg 2.0.27:
Includes a fix for a DoS based on bogus and overlong key packets.
Adds better error reporting for keyserver problems.
Includes other bug fixes related to bogus keyrings.
Bugfixes:
Passphrase in pinentry wasn't display properly when 'Show typing' enabled. [#145]
Import filter rejected some keys on auto-import. [#134]
gpg-agent timout when signing Mails. [#128]
OS X 10.6: pinentry program entry not added to gpg-agent.conf in some rare occasions. [#125]
scdaemon was misbehaving badly on OS X 10.10 leading to big problems for smartcard users. Happy to announce this is fixed. [#140]
gpgkeys errors included in output destroying attachments. [#150]
When installing GPG Suite or MacGPG2 the gpg.conf is no longer cluttered with superfulous entries of key server addresses. [#152]
Creation of keys bigger than 4096bit was broken. After discussion on the gnupg mailing list we came to a mutual agreement and decided to remove this option.

New in GPG Suite 2015.03 Beta 6 (Mar 20, 2015)

New in GPG Suite 2015.02 Beta 5 (Feb 9, 2015)

New in GPG Suite 2014.12 Beta 4 (Jan 3, 2015)

New in GPG Suite 2014.11 Beta 3 (Dec 5, 2014)

New in GPG Suite 2014.11 Beta 1 (Nov 6, 2014)

New in GPG Suite 2013.05.20 (May 21, 2013)

New in GPG Suite 2013.03.30 (Apr 1, 2013)

New in GPG Suite 2012.03.18 (Mar 18, 2012)

New in GPG Suite 2012.03.17 (Mar 17, 2012)

New in GPG Suite 2011.12.24 (Dec 27, 2011)

New in GPG Suite 2011.11.27 (Nov 27, 2011)

New in GPG Suite 2011.11.17 (Nov 17, 2011)

New in GPG Suite 2011.11.14 (Nov 14, 2011)

New in GPG Suite 2011.11.10 (Nov 11, 2011)

New in GPG Suite 20111108 Pre (Nov 9, 2011)

New in GPG Suite 20110822 Pre (Aug 23, 2011)

New in GPG Suite 2011.07.11 (Jul 13, 2011)

New in GPG Suite 20110711 Beta (Jul 12, 2011)

New in GPG Suite 20110629 Beta (Jun 30, 2011)

New in GPG Suite 20110628 Beta (Jun 29, 2011)

New in GPG Suite 20110322 (Mar 22, 2011)

New in GPG Suite 2011.03.02 (Mar 8, 2011)

New in GPG Suite 2011.02.14 (Feb 14, 2011)

New in GPG Suite 2011.01.25 (Jan 25, 2011)

New in GPG Suite 2011.01.05_1 (Jan 19, 2011)