* If there is no secure memory, allocate more memory for the secure
     memory block or do it in all cases.

  * for detached signatures:  Allow to specify a filedescriptor (maybe
    we can use a generic way to specify filedescriptors - "-" is already
    used to specify 0/1).

  * List all UserID with GOODSIG?

  * add a way to set expiration time for key signatures.

  * add some minor things vor VMS.

  * Don't get the ultimately trusted keys from the secring but store
    it permanently in the trustdb.  This way we don't need a secring at all.
    [ Solved by re-introducing --trusted-key ]

  * Use DSA keys with the test suite.

  * g10/trustdb.c (make_sig_records): fix the fixme.

  * at least an option to prefer DSA keys over RSA when selecting the key to
    use.  Depending on creation time would be nice too.  I think this is
    already done for the subkeys - check it.

  * Fix localtime() in W32.

  * No TCP support yet for W32? arggg - should go into a separate program
    anyway.

  * Replace Valid/Invalid by Known/Unknown?

  * Fix the bug in the mips assembler code

Scheduled for 1.1
-----------------
  * export by user-IDs does only export the first matching name which leads
    to a problem in cases where there are 2 keys with identically user-IDs.

  * Rework the whole key selection stuff: Compile a list of valid
    candidates for a keyblock first and the select one from it.
    The current code is too ugly (getkey.c).

  * With option -i prompt before adding a key to the keyring and show some
    info what we are about to add.

  * Speed up calculation of key validation.

  * print a warning when a revoked/expired _secret_ key is used.

  * --disable-asm should still assemble _udiv_qrnnd when needed

  * Skip RO keyrings when importing a key.

  * Use the newest encryption key if only the main key has been given.
    [already in the gpg 1.1 codebase]

  * replace the keyserver stuff either by a call to a specialized
    utility and SOCKSify this utility.

  * Check the beginning of file to detect already compressed files (gzip,
    bzip2, xdelta and some picture formats)

  * Delay the read of the passphrase-fd after a NEED_PASSPHRASE.  But this
    may break some scripts.

  * Get new assembler stuff from gmgp 3.1


Nice to have
------------
  * use DEL and ^H for erasing the previous character (util/ttyio.c).
    or better readline.
  * Print a warning if the directory mode is wrong.
  * Do a real fix for bug #7 or document that it is a PGP 5 error.
  * preferences of hash algorithms are not yet used.
  * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
    or use POSIX.4 realtime signals.  Overhaul the interface and the
    test program.  Use it with the test suite?
  * add test cases for invalid data (scrambled armor or other random data)
  * add checking of armor trailers
  * Burn the buffers used by fopen(), or use read(2). Does this
    really make sense?	And while we are at it:  implement a secure deletion
    stuff?
  * the pubkey encrypt functions should do some sanity checks.
  * dynload: implement the hint stuff.
  * "gpg filename.tar.gz.asc" should work like --verify (-sab).
  * for messages created with "-t", it might make sense to append the
    verification status of the message to the output (i.e. write something to
    the --output file and not only to stderr.
  * configure option where to find zlib
  * Display more validity information about the user IDs at certain places.
    We need a more general function to extract such kind of info from the
    trustdb.
  * Evaluate whether it make sense to replace the namehashs either by
    using the user ID directly or by using pointers into the trustdb.