1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
gnupg/TODO

78 lines
3.1 KiB
Plaintext
Raw Normal View History

1998-10-18 15:21:22 +00:00
* options.skel wird mit umaks von root installiert.
* See how we can handle the symlinks in ./gcrypt
* Add SIGSEGV handler to overcome zlib problems with truncated data.
* Use --output for keylistings too.
* Never allocate packet memory with a m-alloc, but use a specific function.
* Should we change names like mpi_write in g10/ so that we don't
use the prefix mpi here?
* Implement the AXP syscall to enable bus traps for GLIB 2
* parse a paramter file to do automatic key generation and to set
parameters for the keygen menu. Far easier than to do a dialog for
each required parameter.
* With option -i prompt before adding a key to the keyring and show some
info what we are about to add.
* Speed up calculation of key validation.
* --disable-asm should still assemble _udiv_qrnnd when needed
* Skip RO keyrings when importing a key.
* Use the newest encryption key if only the main key has been given.
* replace the keyserver stuff either by a call to a specialized
utility and SOCKSify this utility.
* Check the beginning of file to detect already compressed files (gzip,
bzip2, xdelta and some picture formats)
* Delay the read of the passphrase-fd afte a NEED_PASSPHRASE. But this
may break some scripts.
* as soon as we have moved to KBX, we can check signatures at all places
because there is no perfomance drawback as we can store the result of
a verification in the KBX. This enable us to better print information on
revoked user IDs and signatures. Well, caching of non-self-signatures
will still be complicated.
Nice to have
------------
* Official test vectors for 3DES-EDE3
* use DEL and ^H for erasing the previous character (util/ttyio.c).
or better readline.
* Print a warning if the directory mode is wrong.
* Do a real fix for bug #7 or document that it is a PGP 5 error.
* preferences of hash algorithms are not yet used.
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
or use POSIX.4 realtime signals. Overhaul the interface and the
test program. Use it with the test suite?
* add test cases for invalid data (scrambled armor or other random data)
* add checking of armor trailers
* Burn the buffers used by fopen(), or use read(2). Does this
really make sense? And while we are at it: implement a secure deletion
stuff?
* the pubkey encrypt functions should do some sanity checks.
* dynload: implement the hint stuff.
* "gpg filename.tar.gz.asc" should work like --verify (-sab).
* for messages created with "-t", it might make sense to append the
verification status of the message to the output (i.e. write something to
the --output file and not only to stderr.
* configure option where to find zlib
* Display more validity information about the user IDs at certain places.
We need a more general function to extract such kind of info from the
trustdb.
* Evaluate whether it make sense to replace the namehashs either by
using the user ID directly or by using pointers into the trustdb.
* --gen-prime may trigger a log_bug; should be a log_fatal.