monkeysphere (0.12-1) UNRELEASED; urgency=low

  * Improved output handling.

 -- Jameson Graef Rollins <jrollins@phys.columbia.edu>  Sun, 24 Aug 2008 23:49:23 -0700

monkeysphere (0.11-1) experimental; urgency=low

  [ Jameson Graef Rollins ]
  * fix bug in trustdb update on add/revoke-hostname.

  [ Daniel Kahn Gillmor ]
  * debian/control: added Build-Depends: git-core for the new packaging
    format
  * new subcommand: monkeysphere subkey-to-ssh-agent (relies on a patched
    GnuTLS to deal with GPG's gnu-dummy S2K extension, but fails cleanly
    if not found).
  
 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Wed, 20 Aug 2008 11:24:35 -0400

monkeysphere (0.10-1) experimental; urgency=low

  [ Jameson Graef Rollins ]
  * brown paper bag release: invert test on calculated validity of keys.

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Mon, 18 Aug 2008 16:22:34 -0400

monkeysphere (0.9-1) experimental; urgency=low

  [ Daniel Kahn Gillmor ]
  * implemented "monkeysphere-server extend-key" to adjust expiration
    date of host key.
  * removed "monkeysphere-server fingerprint".  Use "monkeysphere-server
    show-key" instead.
  
  [ Jameson Graef Rollins ]
  * fixed bug in user id processing that prevented bad primary keys from
    being properly removed.

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Mon, 18 Aug 2008 15:42:12 -0400

monkeysphere (0.8-1) experimental; urgency=low

  [ Daniel Kahn Gillmor ]
  * debian/control: switched Vcs-Git to use "centralized" git repo instead
    of my own.
  * More monkeysphere-server diagnostics
  * monkeysphere --gen-subkey now guesses what KeyID you meant.
  * added Recommends: ssh-askpass to ensure monkeysphere --gen-subkey
    works sensibly under X11

  [ Jameson Graef Rollins ]
  * fix another bug when known_hosts files are missing.
  * sort processed keys so that "good" keys are processed after "bad"
    keys.  This will prevent malicious bad keys from causing good keys to
    be removed from key files.
  * enabled host key publication.
  * added checking of gpg.conf for keyserver
  * new functions to add/revoke host key user IDs
  * improved list-certifiers function (now non-privileged)

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Mon, 18 Aug 2008 12:43:37 -0400

monkeysphere (0.7-1) experimental; urgency=low

  [ Daniel Kahn Gillmor ]
  * Added monkeysphere-server diagnostics subcommand.
  * rebuilding package using Format: 3.0 (git)

  [ Jameson Graef Rollins ]
  * fix how check for file modification is done.
  * rework out user id processing is done to provide more verbose log
    output.
  * fix bug in monkeysphpere update-authorized_keys subcommand where
    disallowed keys failed to be remove from authorized_keys file.

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Mon, 04 Aug 2008 10:47:41 -0400

monkeysphere (0.6-1) experimental; urgency=low
  
  [ Jameson Graef Rollins ]
  * Fix bug in return on error of ssh-proxycommand.
  
  [ Daniel Kahn Gillmor ]
  * try socat if netcat is not available in proxycommand.

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Tue, 29 Jul 2008 10:27:20 -0400

monkeysphere (0.5-1) experimental; urgency=low

  [ Daniel Kahn Gillmor ]
  * updated READMEs to match current state of code
  
  [ Jameson Graef Rollins ]
  * Tweak how empty authorized_user_ids and known_hosts files are handled.
  * Do not fail when authorized_user_ids or known_hosts file is not found.

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Mon, 28 Jul 2008 10:50:02 -0400

monkeysphere (0.4-1) experimental; urgency=low

  [ Daniel Kahn Gillmor ]
  * New version.
  * Fixed return code error in openpgp2ssh

  [ Jameson Graef Rollins ]
  * Privilege separation: use monkeysphere user to handle maintenance of
    the gnupg authentication keychain for server.
  * Improved certifier key management.
  * Fixed variable scoping and config file precedence.
  * Add options for key generation and add-certifier functions.
  * Fix return codes for known_host and authorized_keys updating
    functions.
  * Add write permission check on authorized_keys, known_hosts, and
    authorized_user_ids files.

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Tue, 22 Jul 2008 21:50:17 -0400

monkeysphere (0.3-1) experimental; urgency=low

  [ Daniel Kahn Gillmor ]
  * new version.

  [ Jameson Graef Rollins ]
  * Move files in /var/cache/monkeysphere and GNUPGHOME for server to
    the more appropriate /var/lib/monkeysphere.

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Tue, 24 Jun 2008 00:55:29 -0400

monkeysphere (0.2-2) experimental; urgency=low

  * added lockfile-progs dependency

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Mon, 23 Jun 2008 19:34:05 -0400

monkeysphere (0.2-1) experimental; urgency=low

  [ Daniel Kahn Gillmor ]
  * openpgp2ssh now supports specifying keys by full fingerprint.

  [ Jameson Graef Rollins ]
  * Add AUTHORIZED_USER_IDS config variable for server, which defaults to
    %h/.config/monkeysphere/authorized_user_ids, instead of
    /etc/monkeysphere/authorized_user_ids.
  * Remove {update,remove}-userids functions, since we decided they
    weren't useful enough to be worth maintaining.
  * Better handling of unknown users in server update-users
  * Add file locking when modifying known_hosts or authorized_keys
  * Better failure/prompting for gen-subkey
  * Add ability to set any owner trust level for keys in server keychain.

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Mon, 23 Jun 2008 17:03:19 -0400

monkeysphere (0.1-1) experimental; urgency=low

  * First release of debian package for monkeysphere.
  * This is experimental -- please report bugs!

 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Thu, 19 Jun 2008 00:34:53 -0400