    * change ringedit:
	- avoid all copy operations
	- delete for update by changing the packet type to a
	  special unused packet. (export most know about this)
	- do an append instead of an update or insert
	- export may be used to compress a keyring.
	- keep track of all offset in the trustbd and index them
	  by keyid.
	- If the lookup does not find a public key block at the
	  stored offset disable this keyid.
	- If the keyid was not found or is disabled, walk thru
	  the pubring.
	- use ftruncate to recover from keyring errors.
	   maybe a new option to do this or simply mark the
	   wrong part as unused.
      This makes signature checks and imports much faster; only keys
      given by a userid or a fingerprint (RSA only) have to walk tru
      the ring.

    * There is a new memory leak in update-trustdb

    * OpenBSD: dynamic loading with dlopen works on OpenBSD, but:
	OpenBSD binaries are a.out, so every symbol begins with "_"

    * use dld if we don't have dlopen.

    * should we flush the getkey.c caches while doing an import?

    * prefer a type 16 subkey for encryption because pgp cannot handle
      type 20.

    * calculation of marginals never yields a completely trusted key.

    * The critical bit of signature subpackets is not yet supported; i.e.
      it is ignored.

    * Exportable Certification Flag is ignored

    * write a tool to extract selected keys from a file.

    * new menu to delete signatures and list signature in menu

    * commandline controlled --edit-key with assumed save.

    * -rdynamic auf Solaris Problem

    * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.

    * add test cases for invalid data (scrambled armor or other random data)

    * add some sanity checks to read_keyblock, so that we are sure that
     the minimal requirements are met (?)

    * decryption of message with multiple recipients does not work.

    * preferences of hash algorithms are not yet used.

    * rewrite --list-packets or put it into another tool.

    * Burn the buffers used by fopen(), or use read(2). Does this
      really make sense?

    * Change the buffering to a mbuf like scheme? Need it for PSST anyway.
    * add checking of armor trailers
    * remove all "Fixmes"

    * Change the internal represention of keyid into a struct which
      can also hold the localid and extend the localid to hold information
      of the subkey number because two subkeys may have the same keyid.

    * add an option to re-create a public key from a secret key; we
      can do this in trustdb.c:verify_own_keys.

    * OpenBSD has sometimes problems reading from /dev/random.

    * change the fake_data stuff to mpi_set_opaque

    * Is it okay to use gettext for the help system?

    * Add some stuff for DU cc

    * use "passphrase" instead of "pass phrase"
    * Use "user ID", "trustdb" and "WARNING".