* Pot the lsign flag into the hashed area. * check whether the "n signatures not checked due to missing keys" from --edit/check can be due to revoked signatures. Chnage the wording in this case. * Remove all references to the local-ID from the docs * What about adding a feture -word to the +wordlist search mode. * getkey does not return revoked/expired keys - therefore it is not possible to override it. * Selection using +wordlist does not work. * add listing of notation data * Check the changes to the gpg random gatherer on all W32 platforms. * Put a note into readme.w32 that there is a man page and a options file; write the registry stuff in regedit format. * Show more info does not work from edit->trust * set default charset from nl_langinfo. * Check that no secret temporary results are stored in the result parameter of the mpi functions. We have already done this for mpi-mul.c * We need another special packet at the end of a clearsign message to mark it's end and allow for multiple signature for one message. And add a real grammar to the code in mainproc.c * option to set the signature expiration time for key sigs. Rework the way we create signature subpackets - the current code is not easy to understand. * Option to warn when a non MDC message is decrypted? * If there is no secure memory, allocate more memory for the secure memory block or do it in all cases. * add some minor things vor VMS. * Use DSA keys with the test suite (partly done) * Fix the bug in the mips assembler code * Add a way to show the fingerprint of an key signator's keys * Add an is_valid flag to each user ID. * Do not create a secring.gpg if it is not needed; I have fixed this sometime ago but it has later reappeared. * Check for consistent spelling of user ID, key ID etc. Replace "user id not found" in getkey.c by "no valid user ID found". * Replace the printing of the user name by [self-signature] when appropriate so that a key listing does not get clobbered. * Using --list-only to check for recipients while decrypting may yield an error about an unknown packet. * Check that the way we select cipher and digest algorithms w/o preferences is okay and make AES the default. * Concatenated encryption messages don't work corectly - only the first one is processed. * Add option to put the list of recipients (from the encryption layer) into the signatures notation data. * Allow to update key signatures. It is also not possible to resign an already revoked key signature. * For FreeBSD only: spit out a message that rndcontrol (8) should be used to enable the use of IRQs for entropy gathering. * --passphrase-fd can't work with -cs: document this or find a way to work around. * export by user-IDs does only export the first matching name which leads to a problem in cases where there are 2 keys with identically user-IDs. --> Check whether this is still true - yes it is. * With option -i prompt before adding a key to the keyring and show some info what we are about to add. * --disable-asm should still assemble _udiv_qrnnd when needed * replace the keyserver stuff either by a call to a specialized utility and SOCKSify this utility. [David is working on this] * Check the beginning of file to detect already compressed files (gzip, bzip2, xdelta and some picture formats) * Get new assembler stuff from gmp 3.1 * Use new-format headers for compressed packets. The advantage is that a garbled zip file can be better detected. Nice to have ------------ * use DEL and ^H for erasing the previous character (util/ttyio.c). or better readline. * Print a warning if the directory mode is wrong. * preferences of hash algorithms are not yet used. * add test cases for invalid data (scrambled armor or other random data) * add checking of armor trailers * the pubkey encrypt functions should do some sanity checks. * "gpg filename.tar.gz.asc" should work like --verify (-sab). * for messages created with "-t", it might make sense to append the verification status of the message to the output (i.e. write something to the --output file and not only to stderr. Things we won't do ------------------ * New option --file-remove path-to-wipe-program ?