summaryrefslogtreecommitdiffstats
path: root/TODO
blob: 68d2ec013ed71c987647751e59f70fc20742572e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
    * improve iobuf by reading more than one byte at once,
      this shoud espceially done for the buffer in the chain.
    * add a way to difference between errors and eof in the underflow/flush
      function of iobuf.
    * add checking of armor trailers
    * remove all "Fixmes"
    * speed up the RIPE-MD-160
    * add signal handling
    * enable a SIGSEGV handler while using zlib functions

    * complete cipher/cast.c
    * complete cipher/dsa.c

    * add g10 stuff to Mutt's pgpinvoke.c

    * Burn the buffers used by fopen().

    * bug: g10/trustdb.c#build_sigrecs called to often by do_list_path
      and remove the bad kludge. Maybe we should put all sigs into the trustdb
      and mark them as valid/invalid/nopubkey, and how do we check, that
      we have a self-signature -> put this stuff into a kind of directory
      record, as it does not belong to the pubkey record?

    * add an option to create a new user id and to reorder the sequence of
      them, so that the preferred emal address comes first.  We need to
      add some logic, which guarantees, that only one user-id can be signed by
      others.  This prevents extensive growing of the public key certificate
      due to the bad usage of signing every user id.  You get no extra
      security by key signatures for every user id.  I consider this
      behaviour of PGP a bug, introduced, becaus PGP does't require a
      self-signature. New user ids will only have your self signature to bind
      them to your key and because the user id which is signed by others has
      also be signed by you, all user-ids are bound together.