mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
49 lines
1.8 KiB
Plaintext
49 lines
1.8 KiB
Plaintext
|
|
* Implement 256 bit key Twofish.
|
|
|
|
* clearsig: keep lineendings as they are. Remember that trailings
|
|
blanks are not hashed.
|
|
|
|
* Check revocation and expire stuff. [I'm currently working on this.]
|
|
|
|
* Check calculation of key validity. [I'm currently working on this.]
|
|
|
|
* See why we always get this "Hmmm public key lost"
|
|
|
|
* print a warning when a revoked/expired secret key is used.
|
|
|
|
* remove more "Fixmes"
|
|
|
|
* Use capabilities if available. glibc2 does not support it yet?
|
|
What about 2.2 or should we use the system calls directly?
|
|
|
|
* when decryptiong multiple key: print a warning only if no usable pubkey
|
|
encrypte package was found. Extension: display a list of all recipients.
|
|
|
|
* in pkclist.c : display info about the key before saying that
|
|
we have (no) trust info.
|
|
|
|
* for new key: the last keyring specified is used. Order is: default
|
|
keyrings, keyrings from options, keyrings from the command line.
|
|
|
|
* display a kind of message-id from a signature (the timestamp may not
|
|
be suffiecient but DSA signatures are always different). This can
|
|
be used to prevent replay attacks. (something is mentioned in rfc2440).
|
|
|
|
|
|
Nice to have
|
|
------------
|
|
* preferences of hash algorithms are not yet used.
|
|
* new menu to delete signatures and list signature in menu
|
|
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
|
|
or use POSIX.4 realtime signals.
|
|
* add test cases for invalid data (scrambled armor or other random data)
|
|
* add checking of armor trailers
|
|
* Burn the buffers used by fopen(), or use read(2). Does this
|
|
really make sense?
|
|
* change the fake_data stuff to mpi_set_opaque
|
|
* How about letting something like 'gpg --version -v', list the
|
|
effective options. [Too much work.]
|
|
* Stats about used random numbers.
|
|
|