1998-09-28 19:25:31 +00:00
|
|
|
|
1998-12-23 12:41:40 +00:00
|
|
|
* Check if an object (a message, detached sign, public key, or whatever)
|
|
|
|
is signed by definite user, i.e. define user
|
|
|
|
(userid, or any other unique identification) on command line.
|
|
|
|
--> NO: Use a script and --status-fd
|
1998-11-10 12:59:59 +00:00
|
|
|
|
1999-01-12 10:20:24 +00:00
|
|
|
* Change the internal representation of keyid into a struct which
|
1998-11-20 17:42:18 +00:00
|
|
|
can also hold the localid and extend the localid to hold information
|
|
|
|
of the subkey number because two subkeys may have the same keyid.
|
|
|
|
|
|
|
|
* signature verification is done duplicated on import: in import.c and
|
1998-12-23 12:41:40 +00:00
|
|
|
then in trustdb.c too. Maybe we can use a flag to skip the actual
|
1998-11-20 17:42:18 +00:00
|
|
|
verification process (this should work if we use the same keyblock,
|
|
|
|
but I'm not sure how to accomplish that). Another way is to allow
|
|
|
|
the import of bogus data and let trustdb mark these keys as invalid;
|
|
|
|
I see an advantage in this that it may help to prevent a DoS on a
|
|
|
|
keyserver by sending him a lot of bogus signatures which he has
|
|
|
|
to check - Needs further investigation.
|
1998-11-10 12:59:59 +00:00
|
|
|
|
1998-12-23 12:41:40 +00:00
|
|
|
* Add a way to override the current cipher/md implementations
|
|
|
|
by others (using extensions)
|
1998-09-28 19:25:31 +00:00
|
|
|
|
1999-01-12 10:20:24 +00:00
|
|
|
* Not GnuPG related: What about option completion in bash?
|
1998-12-23 12:41:40 +00:00
|
|
|
Can "--dump-options" be used for this or should we place the
|
|
|
|
options in a special ELF segment?
|
1998-09-28 19:25:31 +00:00
|
|
|
|
1998-12-23 12:41:40 +00:00
|
|
|
* Split key support (n-out-of-m)
|
1998-12-08 12:20:53 +00:00
|
|
|
|
1998-12-17 17:36:05 +00:00
|
|
|
* Check Berkeley DB - it is in glibc - any licensing problems?
|
1998-12-14 20:22:42 +00:00
|
|
|
|
|
|
|
* add an option to re-create a public key from a secret key; we
|
|
|
|
can do this in trustdb.c:verify_own_keys.
|
|
|
|
(special tool?)
|
|
|
|
|
1998-12-23 12:41:40 +00:00
|
|
|
* rewrite --list-packets or put it into another tool.
|
|
|
|
|
1999-01-12 10:20:24 +00:00
|
|
|
* We need a maintenance pass over the trustdb which flags
|
1998-12-23 12:41:40 +00:00
|
|
|
signatures as expired if the key used to make the signature has
|
1999-01-12 10:20:24 +00:00
|
|
|
expired. Maybe it is a good idea to store the expiration time
|
1998-12-23 12:41:40 +00:00
|
|
|
in the key record of the trustdb.
|
|
|
|
* write a tool to extract selected keys from a file.
|
|
|
|
|
|
|
|
* Change the buffering to a mbuf like scheme? Need it for PSST anyway;
|
|
|
|
see Michael's proposal.
|
|
|
|
|
|
|
|
* Work on the library
|
|
|
|
|
1998-12-29 13:47:31 +00:00
|
|
|
* Keep a list of duplicate, faked or unwanted keyids.
|
|
|
|
|
1999-01-24 17:16:40 +00:00
|
|
|
* use regular C strings for the user ids; this can be done because
|
|
|
|
OpenPGP requires them to be UTF-8 and we can replace a Null by
|
|
|
|
an UTF-8 character (which one?)
|
|
|
|
|
|
|
|
|