summaryrefslogtreecommitdiffstats
path: root/PROJECTS
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>1998-11-20 18:42:18 +0100
committerWerner Koch <wk@gnupg.org>1998-11-20 18:42:18 +0100
commit47c61bafe3545f17e8244902dca0ff00077d0feb (patch)
tree0867aa7d405a1df94ac360b5cc2814e97dcbe115 /PROJECTS
parentsome bug fixes (diff)
downloadgnupg2-47c61bafe3545f17e8244902dca0ff00077d0feb.tar.xz
gnupg2-47c61bafe3545f17e8244902dca0ff00077d0feb.zip
Expiration time works (I hope so)
Diffstat (limited to 'PROJECTS')
-rw-r--r--PROJECTS21
1 files changed, 13 insertions, 8 deletions
diff --git a/PROJECTS b/PROJECTS
index 842d2a319..763c611c2 100644
--- a/PROJECTS
+++ b/PROJECTS
@@ -1,22 +1,27 @@
- * Urko Lusa <ulusa@lacueva.ddns.org> is working on es.po
-
-
* Check if an object (a message, detached sign, public key, or whatever)
is signed by definite user, i.e. define user
(userid, or any other unique identification) on command line.
+ * Change the internal represention of keyid into a struct which
+ can also hold the localid and extend the localid to hold information
+ of the subkey number because two subkeys may have the same keyid.
+
+ * signature verification is done duplicated on import: in import.c and
+ tehn in trustdb.c too. Maybe we can use a flag to skip the actual
+ verification process (this should work if we use the same keyblock,
+ but I'm not sure how to accomplish that). Another way is to allow
+ the import of bogus data and let trustdb mark these keys as invalid;
+ I see an advantage in this that it may help to prevent a DoS on a
+ keyserver by sending him a lot of bogus signatures which he has
+ to check - Needs further investigation.
* abstraction of the MPI
* Add a way to override the current cipher/md implementations
by others (using extensions)
- * add a fast-import command which does not do the signature checks
- of other keys (processing of the sdir hintlist). The signatures
- may then be verified by a maintainence pass.
-
- * Not GnupG replated: What about option completion in bash?
+ * Not GnuPG replated: What about option completion in bash?
Can "--dump-options" be used for this or should we place the
options in a special ELF segment?