* Replace --trusted-keys by a local certificate (which does not get
    exported).

  * add some status output put for signing and encryption.
    replace the puc in primegen with some kind of status-fd outputs.

  * Finish the EGD module.

  * Implement 256 bit key Twofish (wait until the 2nd AES conference).

  * Check revocation and expire stuff.	[I'm currently working on this.]

  * Check calculation of key validity. [I'm currently working on this.]

  * See why we always get this "Hmmm public key lost"

  * print a warning when a revoked/expired secret key is used.

  * remove more "Fixmes"

  * Use capabilities if available.  glibc2 does not support it yet?
    What about 2.2 or should we use the system calls directly?

  * when decryptiong multiple key: print a warning only if no usable pubkey
    encrypt package was found.	Extension: display a list of all recipients.

* an ERRSIG argument like
  ERRSIG <keyid>, where <keyid> is the id of the missing public key
    or a new keyword
  PUBLIC_MISSING <keyid>
* a status line complaining about a missing secret key like
  SECRET_MISSING <keyid>, where <keyid> is the id of the missing secret key
* a status line complaining about a bad passphrase like
  BADPASS





Nice to have
------------
  * Do a real fix for bug #7 or document that it is a PGP 5 error.
  * clearsig: Keep lineendings while writing the output of a clearsig
  * preferences of hash algorithms are not yet used.
  * new menu to delete signatures and list signature in menu
  * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
    or use POSIX.4 realtime signals.  Overhaul the interface and the
    test program.  Use it with the test suite?
  * add test cases for invalid data (scrambled armor or other random data)
  * add checking of armor trailers
  * Burn the buffers used by fopen(), or use read(2). Does this
    really make sense?
  * change the fake_data stuff to mpi_set_opaque
  * Stats about used random numbers.