security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity
gnupg/TODO
Werner Koch 86f261dbc5 cipher reorganisiert
1998-04-07 18:16:10 +00:00

61 lines
2.5 KiB
Plaintext
Raw Blame History

* improve iobuf by reading more than one byte at once,
this shoud espceially done for the buffer in the chain.
Change the buffering to a mbuf like scheme? Need it for PSST anyway.
* add a way to distinguish between errors and eof in the underflow/flush
function of iobuf.
* add checking of armor trailers
* remove all "Fixmes"
* enable a SIGSEGV handler while using zlib functions
* complete cipher/cast.c -- have to use the PGP CFBug
* key generation for dsa and subpacket support.
* Burn the buffers used by fopen(), or use read(2).
* bug: g10/trustdb.c#build_sigrecs called to often by do_list_path
and remove the bad kludge. Maybe we should put all sigs into the trustdb
and mark them as valid/invalid/nopubkey, and how do we check, that
we have a self-signature -> put this stuff into a kind of directory
record, as it does not belong to the pubkey record?
* add an option to create a new user id and to reorder the sequence of
them, so that the preferred emal address comes first. We need to
add some logic, which guarantees, that only one user-id can be signed by
others. This prevents extensive growing of the public key certificate
due to the bad usage of signing every user id. You get no extra
security by key signatures for every user id. I consider this
behaviour of PGP a bug, introduced, becaus PGP does't require a
self-signature. New user ids will only have your self signature to bind
them to your key and because the user id which is signed by others has
also be signed by you, all user-ids are bound together.
* add an option to re-create a public key from a secret key
* cleanup mainproc.c, much stuff is duplicated.
* remove key management stuff from sign.c.
* add fingerprint/keyid hashing. We need a new field in PKC to
flag that we may have a cached signature for this (and use the address
of PKC to lookup the hash).
* change the misleading usage of public key certificate to public key data
or something like this.
* seckey_cert.c: merge all the check funtions into one.
* fix the problems with "\v" in gettext
* calculation of cechksums for secret keys is wrong. We used a
the complete chunk length instead of the real number of bits.
The problme ist that it is how to stay compatible to old
keys? - Do wee need a kludge to calculate both versions of
checksums???? (keygen.c, seckey-cert.c)
View Git Blame Copy Permalink