security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-01 22:28:02 +02:00
Code Activity
a45f824150
gnupg/TODO

69 lines
2.2 KiB
Plaintext
Raw Blame History

* Check revocation and expire stuff.
* Check calculation of key validity.
* preferences of hash algorithms are not yet used.
* Check Berkeley BD - it is in glibc - any licensing problems?
* I noticed, that we sometimes have only 3 items in a trustrecord, but
a next pointer ro more records - check wehther the reuse code really
works. Maybe this is the reason for the "Hmmm public key lost"
* use zlib 1.1.13 to avoid a bug with 13 bit windows
but there are more problems with large files
* FreeBSD:
#define USE_DYNAMIC_LINKING
#define HAVE_DL_DLOPEN
and the ld option -export-dynamic.
Why does autoconf not figure that out?
* clearsig: keep lineendings as they are. Remember that trailings
blanks are not hashed.
* OpenBSD: dynamic loading with dlopen works on OpenBSD, but:
OpenBSD binaries are a.out, so every symbol begins with "_"
* should we flush the getkey.c caches while doing an import?
* The critical bit of signature subpackets is not yet supported; i.e.
it is ignored.
* We need a maintainence pass over the trustdb which flags
signatures as expired if the key used to make the signature has
expired. Maybe it is a good idea to store the exiration time
in the key record of the trustdb.
* write a tool to extract selected keys from a file.
* new menu to delete signatures and list signature in menu
* -rdynamic auf Solaris Problem
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
* add test cases for invalid data (scrambled armor or other random data)
* rewrite --list-packets or put it into another tool.
* Burn the buffers used by fopen(), or use read(2). Does this
really make sense?
* Change the buffering to a mbuf like scheme? Need it for PSST anyway;
see Michael's proposal.
* add checking of armor trailers
* remove all "Fixmes" ;-)
* add an option to re-create a public key from a secret key; we
can do this in trustdb.c:verify_own_keys.
(special tool?)
* change the fake_data stuff to mpi_set_opaque
* Add some stuff for DU cc
* Use "user ID", "trustdb", "NOTE" and "WARNING".
View Git Blame Copy Permalink