gnupg/TODO

  * Update the manual pages (David's new features)

  * update GPH

  * pause scrolling help in --edit-key and elsewhere.

  * getkey does not return revoked/expired keys - therefore it is not
    possible to override it.

  * Selection using +wordlist does not work.
    What about adding a feature -word to the +wordlist search mode.

  * add listing of notation data

  * Check the changes to the gpg random gatherer on all W32 platforms.

  * Put a note into readme.w32 that there is a man page and a options
    file;  write the registry stuff in regedit format.

  * Show more info does not work from edit->trust

  * set default charset from nl_langinfo.

  * Check that no secret temporary results are stored in the result parameter
    of the mpi functions.  We have already done this for mpi-mul.c 

  * We need another special packet at the end of a clearsign message to mark
    it's end and allow for multiple signature for one message.  And
    add a real grammar to the code in mainproc.c

  * option to set the signature expiration time for key sigs.
    Rework the way we create signature subpackets - the current code
    is not easy to understand.

  * Option to warn when a non MDC message is decrypted?

  * If there is no secure memory, allocate more memory for the secure
    memory block or do it in all cases.

  * add some minor things vor VMS.

  * Use DSA keys with the test suite (partly done)

  * Fix the bug in the mips assembler code

  * Add a way to show the fingerprint of an key signator's keys

  * Add an is_valid flag to each user ID.

  * Do not create a secring.gpg if it is not needed; I have fixed this
    sometime ago but it has later reappeared.

  * Check for consistent spelling of user ID, key ID etc.
    Replace "user id not found" in getkey.c by "no valid user ID found".
 
  * Replace the printing of the user name by [self-signature] when
    appropriate so that a key listing does not get clobbered.

  * Using --list-only to check for recipients while decrypting may
    yield an error about an unknown packet.

  * Check that the way we select cipher and digest algorithms w/o
    preferences is okay and make AES the default.

  * Concatenated encryption messages don't work corectly - only the
    first one is processed.

  * Add option to put the list of recipients (from the encryption
    layer) into the signatures notation data.

  * Allow to update key signatures.  It is also not possible to resign
    an already revoked key signature.

  * For FreeBSD only: spit out a message that rndcontrol (8) should be
    used to enable the use of IRQs for entropy gathering.

  * --passphrase-fd  can't work with -cs: document this or find a way
    to work around.

  * With option -i prompt before adding a key to the keyring and show some
    info what we are about to add.

  * --disable-asm should still assemble _udiv_qrnnd when needed

  * replace the keyserver stuff either by a call to a specialized
    utility and SOCKSify this utility.
    [David is working on this]

  * Check the beginning of file to detect already compressed files (gzip,
    bzip2, xdelta and some picture formats)  [Timo has some code for this]

  * Get new assembler stuff from gmp 3.1

  * Use new-format headers for compressed packets.
    The advantage is that a garbled zip files can be better detected.
 
  * use DEL and ^H for erasing the previous character (util/ttyio.c).
    or better readline.

  * Print a warning if the directory mode is wrong.

  * preferences of hash algorithms are not yet used.

  * add test cases for invalid data (scrambled armor or other random data)

  * add checking of armor trailers

  * the pubkey encrypt functions should do some sanity checks.

  * "gpg filename.tar.gz.asc" should work like --verify (-sab).

  * for messages created with "-t", it might make sense to append the
    verification status of the message to the output (i.e. write something to
    the --output file and not only to stderr.

  * The user is asked for a revocation reasons even if this one can't
    be used with v3 keys.

  * keyflags don't distinguish between {certify,signature}-only.

Things we won't do
------------------

  * New option --file-remove path-to-wipe-program ?