* add some status output put for signing and encryption.
    replace the putc in primegen with some kind of status-fd outputs.

  * Speed up calculation of key validity.

  * See why we always get this "Hmmm, public key not anymore available"
    Rewrite that stuff.

  * print a warning when a revoked/expired _secret_ key is used.

  * remove more "Fixmes"

  * Use capabilities if available.  glibc2 does not support it yet?
    What about 2.2 or should we use the system calls directly?

  * when decryptiong multiple key: print a warning only if no usable pubkey
    encrypt package was found.	Extension: display a list of all recipients.

  * Add NO_PUBKEY and NO_SECKEY status lines.

  * Solaris make has problems with the generated POTFILES - seems to be a
    gettext bug.

  * find a way to allow the import of non-self-signed keys.  This is needed
    for the IN ENCR/SIGN hack.

Nice to have
------------
  * Let take --help an option to select some topics.
  * Offcial test vectors for 3DES-EDE3
  * use DEL and ^H for erasing the previous character (util/ttyio.c).
    or better readline.
  * Print a warning if the directory mode is wrong.
  * replace the keyserver stuff either by a call to a specialized
    utility or SOCKSify the stuff.
  * Do a real fix for bug #7 or document that it is a PGP 5 error.
  * clearsig: Keep lineendings while writing the output of a clearsig
  * preferences of hash algorithms are not yet used.
  * new menu to delete signatures and list signature in menu
  * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
    or use POSIX.4 realtime signals.  Overhaul the interface and the
    test program.  Use it with the test suite?
  * add test cases for invalid data (scrambled armor or other random data)
  * add checking of armor trailers
  * Burn the buffers used by fopen(), or use read(2). Does this
    really make sense?	And while we are at it:  implement a secure deletion
    stuff?
  * Stats about used random numbers.
  * the pubkey encrypt functions should do some sanity checks.
  * dynload: implement the hint stuff.
  * "gpg filename.tar.gz.asc" sollte wie mit --verify funktionieren (-sab).
  * Den Dateinamen aus der message nicht benutzen, sondern nur
    das gpg/asc strippen.