* g10/trustdb.c (make_sig_records): fix the fixme.

  * at least an option to prefer DSA keys over RSA when selecting the key to
    use.  Depending on creation time would be nice too.  I think this is
    already done for the subkeys - check it.

  * Fix localtime() in W32.

  * INFO Kommand um z.B. default-recipients herauszufinden.

  * export sollte exit(1) machen bei einem Fehler - testen! Es wird ein
    leerer File erzeugt.


Scheduled for 1.1
-----------------
  * Rework the whole key selection stuff: Compile a list of valid
    candidates for a keyblock first and the select one from it.
    The current code is too ugly (getkey.c).

  * With option -i prompt before adding a key to the keyring and show some
    info what we are about to add.

  * Speed up calculation of key validation.

  * Allow a replacement for the progress functions in ./cipher

  * print a warning when a revoked/expired _secret_ key is used.

  * --disable-asm should still assemble _udiv_qrnnd when needed

  * Skip RO keyrings when importing a key.

  * Use the newest encryption key if only the main key has been given.

  * replace the keyserver stuff either by a call to a specialized
    utility and SOCKSify this utility.

  * Check the beginning of file to detect already compressed files (gzip,
    bzip2, xdelta and some picture formats)

  * Delay the read of the passphrase-fd after a NEED_PASSPHRASE.  But this
    may break some scripts.


Nice to have
------------
  * Official test vectors for 3DES-EDE3
  * use DEL and ^H for erasing the previous character (util/ttyio.c).
    or better readline.
  * Print a warning if the directory mode is wrong.
  * Do a real fix for bug #7 or document that it is a PGP 5 error.
  * preferences of hash algorithms are not yet used.
  * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
    or use POSIX.4 realtime signals.  Overhaul the interface and the
    test program.  Use it with the test suite?
  * add test cases for invalid data (scrambled armor or other random data)
  * add checking of armor trailers
  * Burn the buffers used by fopen(), or use read(2). Does this
    really make sense?	And while we are at it:  implement a secure deletion
    stuff?
  * the pubkey encrypt functions should do some sanity checks.
  * dynload: implement the hint stuff.
  * "gpg filename.tar.gz.asc" should work like --verify (-sab).
  * for messages created with "-t", it might make sense to append the
    verification status of the message to the output (i.e. write something to
    the --output file and not only to stderr.
  * configure option where to find zlib
  * Display more validity information about the user IDs at certain places.
    We need a more general function to extract such kind of info from the
    trustdb.
  * Evaluate whether it make sense to replace the namehashs either by
    using the user ID directly or by using pointers into the trustdb.