summaryrefslogtreecommitdiffstats
path: root/PROJECTS
blob: 2d89d918d84f53d01cde873a9a97b02248b77cdd (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

    * Check if an object (a message, detached sign, public key, or whatever)
      is signed by definite user, i.e. define user
      (userid, or any other unique identification) on command line.
      --> NO: Use a script and --status-fd

    * Change the internal representation of keyid into a struct which
      can also hold the localid and extend the localid to hold information
      of the subkey number because two subkeys may have the same keyid.

    * signature verification is done duplicated on import: in import.c and
      then in trustdb.c too.  Maybe we can use a flag to skip the actual
      verification process (this should work if we use the same keyblock,
      but I'm not sure how to accomplish that).  Another way is to allow
      the import of bogus data and let trustdb mark these keys as invalid;
      I see an advantage in this that it may help to prevent a DoS on a
      keyserver by sending him a lot of bogus signatures which he has
      to check - Needs further investigation.

    * Add a way to override the current cipher/md implementations
      by others (using extensions)

    * Not GnuPG related:  What about option completion in bash?
      Can "--dump-options" be used for this or should we place the
      options in a special ELF segment?

    * Split key support (n-out-of-m)

    * add an option to re-create a public key from a secret key; we
      can do this in trustdb.c:verify_own_keys.
      (special tool?)

    * rewrite --list-packets or put it into another tool.

    * We need a maintenance pass over the trustdb which flags
      signatures as expired if the key used to make the signature has
      expired.	Maybe it is a good idea to store the expiration time
      in the key record of the trustdb.
    * write a tool to extract selected keys from a file.

    * Change the buffering to a mbuf like scheme? Need it for PSST anyway;
      see Michael's proposal.

    * Work on the library

    * Keep a list of duplicate, faked or unwanted keyids.

    * The current code has knowledge about the structure of a keyblock.
      We should add an abstraction layer so that adding support for
      different certificate structures will become easier.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 05:28:50 +0100