mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
124 lines
4.6 KiB
Plaintext
124 lines
4.6 KiB
Plaintext
* From: Nicolas Sierro
|
|
Date: Thu, 17 Jun 2004 12:31:24 +0200
|
|
|
|
I understand your concern regarding the GNU coding standards. In
|
|
zlib-1.2.1, apart from several bug fixes, the inflate code is about
|
|
20% faster and the crc32 code about 50% faster. Some memory leaks were
|
|
also fixed according to the ChangeLog.
|
|
|
|
* Reword the "Not enough entropy" messages.
|
|
|
|
* Do we need a configure test for putenv?
|
|
|
|
* Replace "user id not found" in getkey.c by "no valid user ID found"?
|
|
|
|
* Describe some pitfalls when using EGD. Check that ~/.gnupg/entropy
|
|
really is the default. What about needed permission?
|
|
|
|
* Using an expired key for signing should give an error message
|
|
"expired key" and not "unusable key'. Furthermore the error should
|
|
also be thrown when the default key has expired. Reported by
|
|
Eric.VanBuggenhaut add AdValvas.be.
|
|
|
|
* pause scrolling help in --edit-key and elsewhere.
|
|
|
|
* getkey does not return revoked/expired keys - therefore it is not
|
|
possible to override it.
|
|
|
|
* Selection using +wordlist does not work.
|
|
What about adding a feature -word to the +wordlist search mode.
|
|
|
|
* Check the changes to the gpg random gatherer on all W32 platforms.
|
|
|
|
* Show more info does not work from edit->trust. We should give more
|
|
information on the user ID under question while running
|
|
--update-trustdb.
|
|
|
|
* Check that no secret temporary results are stored in the result parameter
|
|
of the mpi functions. We have already done this for mpi-mul.c
|
|
|
|
* We need another special packet at the end of a clearsign message to mark
|
|
it's end and allow for multiple signature for one message. And
|
|
add a real grammar to the code in mainproc.c
|
|
|
|
* If there is no secure memory, allocate more memory for the secure
|
|
memory block or do it in all cases.
|
|
|
|
* add some minor things vor VMS.
|
|
|
|
* Use DSA keys with the test suite (partly done)
|
|
|
|
* Fix the bug in the mips assembler code
|
|
|
|
* Add a way to show the fingerprint of an key signator's keys
|
|
|
|
* Add an is_valid flag to each user ID.
|
|
|
|
* Replace the printing of the user name by [self-signature] when
|
|
appropriate so that a key listing does not get clobbered.
|
|
|
|
* Concatenated encryption messages don't work corectly - only the
|
|
first one is processed.
|
|
|
|
* Add option to put the list of recipients (from the encryption
|
|
layer) into the signatures notation data.
|
|
|
|
* --disable-asm should still assemble _udiv_qrnnd when needed
|
|
|
|
* Get new assembler stuff from gmp 3.1
|
|
|
|
* add test cases for invalid data (scrambled armor or other random data)
|
|
|
|
* add checking of armor trailers. Try to detect garbled header
|
|
lines. Often one dash is missing due to sloppy cut+paste; so add
|
|
a warning note like the one for QP.
|
|
|
|
* the pubkey encrypt functions should do some sanity checks.
|
|
|
|
* "gpg filename.tar.gz.asc" should work like --verify (-sab).
|
|
|
|
* for messages created with "-t", it might make sense to append the
|
|
verification status of the message to the output (i.e. write something to
|
|
the --output file and not only to stderr. However the problem is
|
|
that we consider the message transpatrent and don't have any
|
|
indication of the used character set. To implement this feature
|
|
we need to make sure that all output is plain 7 bit ascii but
|
|
given that we need to print a user name, this does not make sense
|
|
at all. The only way this can be implemented is by assuming that
|
|
the message is encoded in utf8 and hope tht everyone starts to use
|
|
utf8 instead of latin-1 or whatever RSN. Hmmm, I myself should
|
|
start with this.
|
|
|
|
* keyflags don't distinguish between {certify,signature}-only.
|
|
|
|
* Instead of issuing a "signature packet without keyid" gpg should
|
|
try to get the keyID from a corresponding one-pass signature
|
|
packet (See bug report 817). This is not easy to do as we don't
|
|
store the one-pass packets.
|
|
|
|
* cat foo | gpg --sign | gpg --list-packets
|
|
Does not list the signature packet.
|
|
|
|
* When presenting the result of a verification show the user ID with
|
|
the highest trust level first instead of the primary one.
|
|
|
|
* allow the use of option in gpg.conf.
|
|
|
|
* Add the NEWSIG status.
|
|
|
|
* When generating a key on the card we should try to also set the
|
|
display name or provide the display name as a default in the key
|
|
generation. The problem however is that the display name must be
|
|
given with an indication of the surname and the usable characters
|
|
are also restricted.
|
|
|
|
* We status lines at least for bad PINs. BAD_PASSPHARSE requires a
|
|
keyID though.
|
|
|
|
|
|
Things we won't do
|
|
------------------
|
|
|
|
* New option --file-remove path-to-wipe-program ?
|
|
|