2.3

The release brings a new feature to allow system administrators to issue mount/umount commands to client computers via key server.

2.2

This release introduces several enhancements:

• System administrator may now optionally turn off TLS certificate verification on KMIP server. Note that, certificate verification is enforced by default.
• Improve handling of boolean answers from interactive command line.
• Improve error handling in KMIP client.

2.1

This is a feature enhancement release:

• Improve KMIP compatibility with key prefix names and proper serialisation of authentication header.
• Fail over KMIP connection using a server list.
• Destroy key on KMIP after its tracking record is erased from DB.
• Improve outgoing email's header to work with sendgrid and gmail.

2.0

This version brings a protocol evolution together with several new features:

• Optionally utilise an external KMIP-v1.3 compatible service to store actual encryption key.
• Optionally verify client identity before serving its key requests.
• Password is hashed before transmitting over TLS-secured channel.
• Fix an issue that previously allowed a malicious administrator to craft RPC request to overwrite files outside of key database.

1.99

This pre-release introduces a library for decoding, encoding, and serialisation operations of KMIP v1.3:

http://docs.oasis-open.org/kmip/spec/v1.3/kmip-spec-v1.3.html

The library is not yet integrated with transportation, hence cryptctl software features and usage remain identical to prior version.

1.2.6

• Upgrade to 1.2.6 for accumulated bug fixes
  • Prevent user from attempting to encrypt a disk with mounted
    partitions, or an existing encrypted+opened disk.
  • Ensure CA path input is an absolute path.
  • Fix two mistakes in handling of timeout input.
  • Fix minor formatting issue in manual page.
  • Suppress consecutive failure messages in the journal of
    ReportAlive and AutoOnlineUnlockFS routines.