What's New in SecureZIP® Server
SecureZIP Server contains the following changes and new features, listed by release:
- Updated RAR support. Now includes the latest RAR 5 format.
- Expanded Date support. Added expanded tolerance for date/time format anomalies
- Logging. Resolved an issue logging to Windows event viewer
- Improved HSM interoperabitily. Expanded interoperability to resolve an error that may cause unexpected program termination with some HSM products.
- TAR - Corrected a TAR extract error causing an W34 error when opening a GZIP file within a TAR archive. (on Windows, this version will not install on Window Server 2008, minimum 2008 R2 is required)
Version 14, Maintenance Release 4 (build 0035)
- OpenPGP - Corrected a possible issue with public key processing that may cause a program crash.
- CA key store - Corrected an issue with a ROOT certificate placed into a CA store that may result in a program loop condition.
Version 14, Maintenance Release 4 (build 0027)
- Enhanced Key Maker, including a new graphical interface allowing you to create and manage OpenPGP files.
- More support for McAfee eBusiness Server scripts. New OpenPGP and Legacy PGP modes support your existing "ebs" and "pgp" command switches.
- OpenPGP - Corrected error using +force that may result in the parameter not being used.
- Recipient groups - Corrected a potential issue for groups used as a single recipient that may report a multiple certificate warning.
- LDAP - Improved LDAP search support for UNIX/Linux platforms.
Version 14, Maintenance Release 3
- KeyMaker. This new product provides additional functionality with OpenPGP keys and X.509 certificates, including allows you to generate and sign OpenPGP keys, convert X.509 certificates to OpenPGP keys, and convert OpenPGP keys to X.509 certificates.
- Organize recipients into groups. Create and configure groups of recipients (whether those recipients use OpenPGP or X.509 to identify themselves) to simplify sending encrypted files to such groups.
Version 14, Maintenance Release 2
- Single-file OpenPGP archives. When you create an OpenPGP archive containing only a single file, SecureZIP now creates a *.pgp file without wrapping the file in the TAR format first.
- Specify OpenPGP keyring files. When creating or extracting OpenPGP files, custom keyring locations can now be specified on the command line.
Version 14, Maintenance Release 1
- Improved LDAP authentication support. LDAP connections can now be specified as SSL, and the logged-in user's Windows credentials may be used without specifying the actual user name and password.
- Improved support for long file names in TAR archives. POSIX extensions now used for file names with more than 255 characters.
- Improved support for handling OpenPGP files. Creates ASCII Armor. Supports creating and reading comments included with OpenPGP files. Supports opening OpenPGP files containing multiple user IDs and multiple sub-keys.
- Create and Extract OpenPGP files. Some organizations use encryption tools based on the OpenPGP standard, rather than X.509. SecureZIP extracts and decrypts files that comply with the OpenPGP standard, RFC 4880. SecureZIP can also create and sign OpenPGP-compliant files. You can also use OpenPGP keys to encrypt and decrypt data within ZIP archives.
- Message Digest Display. Display the hash value (also called a "message digest") and CRC checksum for a file using the messagedigest command. This feature will help meet ONC Meaningful Use requirements.
- Digital Time Stamping for signed archives. When you need to establish not only who is responsible for a file or set of files, but also when it was created, digital time stamping is a critical service. With SecureZIP’s support for digital time-stamping, you can add a timestamp to any signed archive. SecureZIP will also verify existing time stamps.
- FastAES. Support for Intel® processors that implement AES-NI. Other processors may also gain from using a more optimized Advanced Encryption Standard algorithm. FastAES is not available when using FIPS 140 mode.
- Extract 7-Zip files and CD/DVD Data Image files. SecureZIP now extracts 7-Zip and three types of files typically associated with CD and DVD data images: CDR, ISO, and IMG.
- Preserving Zone Identifier information in downloaded files. When you download a file from any other computer with Microsoft Internet Explorer, the browser attaches “security zone” information about the computer hosting the file in an alternate data stream. By default, SecureZIP now preserves this information.
Version 12, Maintenance Release 5
- Include open files in ZIP archives. The OpenFile option allows you to include files in memory in archives.
- Extract WavPack files within ZIP archives. Open audio files compressed with this algorithm.
- Extract files from archives created on IBM z/OS using hardware compression tools. PKZIP Server can extract these files without special hardware.
- Changes in FIPS Mode. With FIPS mode selected, files must be signed with the SHA-256 algorithm (or higher). Also will not extract files encrypted with 112-bit (two-key) 3DES. These algorithms are still available outside FIPS mode.
Version 12, Maintenance Release 4
- Support for Windows 7. Windows 7 users enjoy all the benefits and functionality of SecureZIP.
- New installer for 64-bit systems. SecureZIP now comes in a full 64-bit version for users of 64-bit Windows systems, including Windows 7 and Windows 2008 Server.
- Full support for opening and extracting files with the .zipx extension. SecureZIP will work with ZIP archives with the *.zipx extension.
- Improved retrieval of digital certificates from LDAP providers. Re-designed LDAP query dialog makes entering an LDAP query easier; status messages are reported better when a Lightweight Directory Access Protocol (LDAP) query fails to return any certificates. You can now retrieve digital signatures from Korean LDAP providers.
- Version command updated. The version command has a new product suboption and now lists major, minor, and step version numbers of the program and lists major and minor version numbers and the build number of the product.
- .Z archive extraction. SecureZIP Server can now extract .Z archives.
- Extract path substitution. The substitution option can now be used with extract to extract multiple archives each into its own directory.
- LZMA and PPMd compression. New lzma and ppmd options are added to support LZMA and PPMd compression methods.
- New PKCertTool options. New options are added to make it easier to view and select specific types of certificates.
- Options to support application integration. New stream and rename options make it possible to stream data to an archive from STDIN or special files such as named pipes and UNIX sockets. Data can also be streamed to STDOUT or special files on extraction.
- ZDW extraction support. The translate option has new suboptions for EBCDIC line-ending translation to support extraction of mainframe data compressed using the SecureZIP for z/OS Zip Descriptor Word (ZDW) option to preserve variable length records.
- FIPS 140 compliant SFX engines. An SFX (self-extracting) archive created in FIPS mode now remembers that it is a FIPS SFX and applies FIPS-mode constraints when its files are extracted.
- Path performance improvements. The directories option now does pattern-matching on file names in a way that's faster and more consistent with releases prior to version 8.4. When processing a file specification that includes a path component, SecureZIP looks only within the specified folder for the pattern to match. Versions 8.4 - 8.7 look for the entire file specification in all subfolders of the current folder. To perform an 8.4-style search, prefix the file specification with an asterisk "*".
Version 8 Maintenance Release 7
- FIPS mode option. A new fipsmode option causes SecureZIP to use only FIPS-validated algorithms to encrypt or decrypt files or to apply or authenticate signatures. FIPS is an abbreviation for Federal Information Processing Standards, a set of standards for information processing in federal agencies.
- SHA-2 hashing algorithms. SecureZIP adds support for SHA-2 hashing algorithms SHA-256, SHA-384 and SHA-512. Each is stronger than the already supported SHA-1. Federal agencies are to completely phase out use of SHA-1 after 2010 for digital signatures and encryption.
- List hashing algorithms. A new ListHashAlgorithms command lists hashing algorithms that SecureZIP can use on your system to apply or authenticate signatures. Used with the fipsmode option on, the command lists only FIPS-validated algorithms.
Version 8 Maintenance Release 6
- Preserve international characters in file names and comments. A new utf8 option enables UTF-8 characters in file names and file comments to be correctly displayed when an archive's contents are viewed or extracted in compatible non-UTF-8 locales.
Version 8 Maintenance Release 5
- Streaming archive creation/extraction. The add command can write archives to special files such as named pipes and (UNIX) domain sockets. Similarly, the extract, test, and view commands can read archives from these same sources and from STDIN.
- Trusted extraction. A new verifySigner option constrains PKZIP to extract only archives signed using a certificate specified with the option. The option protects against being fooled by a valid signature made using a different certificate from the one that actually belongs to your expected correspondent.
- Embed a timestamp in archive names. A new substitution option works with the add command to embed a timestamp in the name of a new or updated archive. You construct the timestamp using tokens for such elements as day, month, year. The tokens are replaced by values when the command line is run.
- Wipe option renamed shred. The wipe option for securely overwriting deleted files is renamed shred and has a new dod5220 sub-option that overwrites files three times, to the DOD 5220.22-M specification.
Version 8 Maintenance Release 4
- Contingency keys. An administrator can now automatically include contingent recipient keys in the recipient list whenever PKZIP does strong encryption. Such contingency keys ensure that an organization does not lose access to its encrypted data. Note: Users upgrading to the current version of SecureZIP Server must get new license keys to activate the contingency key feature.
- Create archives to STDOUT. The add command can now output archives to STDOUT instead of to a file.
- Translate line endings when adding. The translate option can now be used when adding to an archive as well as when extracting, to translate line endings for a specified platform.
- Create multiple, respective archives. A new archiveeach option creates and names a separate archive for each of multiple files specified in a single command line.
- Behavior change for newer and older. These options now behave as in version 6.0 when using a time unit of days: They now measure the interval (for example, five days) from the beginning of the current day (midnight) instead of from the current time.
- Behavior change for configuring silent option. Configuring the silent option no longer produces an interactive confirmation message. The change makes it easier to configure silent in scripts.
- New silent suboption for configuration command. The configuration command now has a silent suboption to suppress default display of the list of configuration settings when the command is used.
Version 8 Maintenance Release 3
- New crl option. Warns if a certificate appears on an accessible list of revoked certificates.
- New strict option. Uses only certificates that are valid and designated for the purpose at hand (encryption or signing).
- Listcertificates enhanced. The command now lists certificates in a specified store.
- TAR file processing. Several problems with processing TAR files corrected.
Version 8 Maintenance Release 1
- Bug fixes:
- PKZIP could not extract some archives containing encrypted file names
- Problem with display of language strings could result in incorrect message display or crash
- PKZIP tried to create an archive when -preview option used with -add command
- Was possible to create self-extracting (SFX) archives having smaller segments than target platform supported
- On Windows 98, the -log option could crash the program
- SNMP traps. You can use a new snmpTrapHost option to specify an SNMP host to receive SNMP traps. SecureZIP can send traps to report application startup, shutdown, error and warning conditions, or results of normal operations.
- Set execution priority. A new priority option enables you to change the priority of execution of SecureZIP relative to other applications.
- Date/time display format. New sub-options make the locale option easier to configure and use.
- FTP integration. A new ftp option transfers a new or existing archive to another system by FTP.
- E-mail integration. New mail… options transfer a new or existing archive to other people by email.
- New options for self-extracting ZIP files. Several new options—SFXDestination, SFXDirectories, SFXOverwrite, and SFXUIType—give you more control over the type and behavior of self-extracting (SFX) ZIP files you create. (Requires the optional Enhanced Data Processing Module.)
- Antivirus integration. New avscan and avargs options enable you to run an external antivirus program when you extract files to scan for viruses in the destination folder and its subfolders.
- Syslog integration. New options ErrorLog, JobID, Log, and LogOptions enable you to log records of warnings, errors, and normal operations to STDOUT, STDERR, the native system logging facility (syslog) for your platform, or to a file.
- Encrypt file names. A new cd option can be used to encrypt file names in an archive. The option strongly encrypts an archive's central directory, where file names and virtually all other metadata about the archive is stored.
- Alternate configuration file. A new altconfig option enables you to use an alternate configuration file for special purposes. Specify the file in a command line to temporarily apply special default command or option settings for the current command.
- Movearchive option. A new movearchive option deletes unwanted intermediate archives when you encode an archive to a different type—for example, a TAR archive to a GZIP archive—or transfer an archive by FTP.
PKWARE, the PKWARE logo, PKZIP, PKUNZIP, PKSFX, PKLITE, PKLITE Professional, SecureZIP, and PKWARE Data Compression Library are registered trademarks of PKWARE, Inc. PKZFIND, PKZOOM, Deflate64, EasySFX, AutoSFX, RegularSFX and ZIP2EXE are trademarks of PKWARE, Inc. Microsoft, Outlook, Windows and Windows NT are registered trademarks or trademarks of Microsoft Corporation. Trademarks of other companies mentioned appear for identification purposes only and are property of their respective companies.