* options.skel wird mit umaks von root installiert. * See how we can handle the symlinks in ./gcrypt * Add SIGSEGV handler to overcome zlib problems with truncated data. * Use --output for keylistings too. * Add to the (EGD) docs that ~/.gnupg/entropy should be a symlink to the real socket. * Add a way to generate keys in batch mode with arbitrary parameters. * Never allocate packet memory with a m-alloc, but use a specific function. * Should we change names like mpi_write in g10/ so that we don't use the prefix mpi here? * Implement the AXP syscall to enable bus traps for GLIB 2 * parse a paramter file to do automatic key generation and to set parameters for the keygen menu. Far easier than to do a dialog for each required parameter. * With option -i prompt before adding a key to the keyring and show some info what we are about to add. * Speed up calculation of key validation. * print a warning when a revoked/expired _secret_ key is used. * --disable-asm should still assemble _udiv_qrnnd when needed * Skip RO keyrings when importing a key. * Use the newest encryption key if only the main key has been given. * replace the keyserver stuff either by a call to a specialized utility and SOCKSify this utility. * Check the beginning of file to detect already compressed files (gzip, bzip2, xdelta and some picture formats) * Delay the read of the passphrase-fd afte a NEED_PASSPHRASE. But this may break some scripts. * as soon as we have moved to KBX, we can check signatures at all places because there is no perfomance drawback as we can store the result of a verification in the KBX. This enable us to better print information on revoked user IDs and signatures. Well, caching of non-self-signatures will still be complicated. Nice to have ------------ * Official test vectors for 3DES-EDE3 * use DEL and ^H for erasing the previous character (util/ttyio.c). or better readline. * Print a warning if the directory mode is wrong. * Do a real fix for bug #7 or document that it is a PGP 5 error. * preferences of hash algorithms are not yet used. * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal. or use POSIX.4 realtime signals. Overhaul the interface and the test program. Use it with the test suite? * add test cases for invalid data (scrambled armor or other random data) * add checking of armor trailers * Burn the buffers used by fopen(), or use read(2). Does this really make sense? And while we are at it: implement a secure deletion stuff? * the pubkey encrypt functions should do some sanity checks. * dynload: implement the hint stuff. * "gpg filename.tar.gz.asc" should work like --verify (-sab). * for messages created with "-t", it might make sense to append the verification status of the message to the output (i.e. write something to the --output file and not only to stderr. * configure option where to find zlib * Display more validity information about the user IDs at certain places. We need a more general function to extract such kind of info from the trustdb. * Evaluate whether it make sense to replace the namehashs either by using the user ID directly or by using pointers into the trustdb. * --gen-prime may trigger a log_bug; should be a log_fatal.