* Replace --trusted-keys by a local certificate (which does not get exported). * Finish the EGD module. * Implement 256 bit key Twofish (wait until the 2nd AES conference). * Check revocation and expire stuff. [I'm currently working on this.] * Check calculation of key validity. [I'm currently working on this.] * See why we always get this "Hmmm public key lost" * print a warning when a revoked/expired secret key is used. * remove more "Fixmes" * Use capabilities if available. glibc2 does not support it yet? What about 2.2 or should we use the system calls directly? * when decryptiong multiple key: print a warning only if no usable pubkey encrypt package was found. Extension: display a list of all recipients. Nice to have ------------ * Do a real fix for bug #7 or document that it is a PGP 5 error. * clearsig: Keep lineendings while writing the output of a clearsig * preferences of hash algorithms are not yet used. * new menu to delete signatures and list signature in menu * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal. or use POSIX.4 realtime signals. Overhaul the interface and the test program. Use it with the test suite? * add test cases for invalid data (scrambled armor or other random data) * add checking of armor trailers * Burn the buffers used by fopen(), or use read(2). Does this really make sense? * change the fake_data stuff to mpi_set_opaque * Stats about used random numbers.