1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00
gnupg/TODO

106 lines
3.9 KiB
Plaintext
Raw Normal View History

1998-10-18 15:21:22 +00:00
2001-03-24 16:29:31 +00:00
* Check that no secret temporary results are stored in the result parameter
of the mpi functions. We have already done this for mpi-mul.c
* Dlopen does not yet work under W32.
2001-03-03 16:17:55 +00:00
* check whether we can remove all the expire stuff in trustdb because this
is now done in getkey.
2001-03-03 16:17:55 +00:00
* ask for alternate filename?
2000-12-19 12:38:53 +00:00
* Can we output things like the preferences?
* We need another special packet at the end of a clearsign message to mark
it's end and allow for multiple signature for one message.
* option to set the signature expiration time for key sigs.
* Option to warn when a non MDC message is decrypted?
* If there is no secure memory, allocate more memory for the secure
2000-10-17 13:30:26 +00:00
memory block or do it in all cases.
* add a way to set expiration time for key signatures.
* add some minor things vor VMS.
* Don't get the ultimately trusted keys from the secring but store
it permanently in the trustdb. This way we don't need a secring at all.
[ currently solved by re-introducing --trusted-key ] Eventually we
will have commands --{add,remove}-trusted-key which keeps them in
special trustdb records.
* Use DSA keys with the test suite.
* g10/trustdb.c (make_sig_records): fix the fixme.
* Replace Valid/Invalid by Known/Unknown?
* Fix the bug in the mips assembler code
2001-02-08 16:28:28 +00:00
* Add a way to show the fingerprint of an key signator's keys
2001-03-03 16:17:55 +00:00
* New option --file-remove path-to-wipe-program ?
2001-02-08 16:28:28 +00:00
2001-03-14 06:56:11 +00:00
* Add an is_valid flag to each user ID.
2001-03-24 16:29:31 +00:00
* Make --pipemode work.
Scheduled for 1.1
-----------------
* David C Niemi pointed out that the code for --no-default-keyring does not
work as expected, because in g10/g10.c sec_nring will be set in the option
switch but later checked to see whether there are any keyrings.
* export by user-IDs does only export the first matching name which leads
to a problem in cases where there are 2 keys with identically user-IDs.
* With option -i prompt before adding a key to the keyring and show some
info what we are about to add.
* Speed up calculation of key validation.
* print a warning when a revoked/expired _secret_ key is used.
* --disable-asm should still assemble _udiv_qrnnd when needed
* Skip RO keyrings when importing a key.
* replace the keyserver stuff either by a call to a specialized
utility and SOCKSify this utility.
* Check the beginning of file to detect already compressed files (gzip,
bzip2, xdelta and some picture formats)
2000-12-19 12:38:53 +00:00
* Get new assembler stuff from gmp 3.1
Nice to have
------------
* use DEL and ^H for erasing the previous character (util/ttyio.c).
or better readline.
* Print a warning if the directory mode is wrong.
* Do a real fix for bug #7 or document that it is a PGP 5 error.
* preferences of hash algorithms are not yet used.
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
or use POSIX.4 realtime signals. Overhaul the interface and the
test program. Use it with the test suite?
* add test cases for invalid data (scrambled armor or other random data)
* add checking of armor trailers
* Burn the buffers used by fopen(), or use read(2). Does this
really make sense? And while we are at it: implement a secure deletion
stuff?
* the pubkey encrypt functions should do some sanity checks.
* dynload: implement the hint stuff.
* "gpg filename.tar.gz.asc" should work like --verify (-sab).
* for messages created with "-t", it might make sense to append the
verification status of the message to the output (i.e. write something to
the --output file and not only to stderr.
* configure option where to find zlib
* Display more validity information about the user IDs at certain places.
We need a more general function to extract such kind of info from the
trustdb.
* Evaluate whether it make sense to replace the namehashs either by
using the user ID directly or by using pointers into the trustdb.