summaryrefslogtreecommitdiffstats
path: root/TODO
blob: bd5e43f21947b955e3704b8385015166437b28b4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
    * rmove assert in random.c:160 4096 bit keys need more random.

    * list all matching user ids

    * use zlib 1.1.13 to avoid a bug with 13 bit windows

    * FreeBSD:
#define USE_DYNAMIC_LINKING
#define HAVE_DL_DLOPEN

and the ld option -export-dynamic.

    *
Well, there was one thing extra I needed to do.  While configure found the
gdbm library, it didn't add the path the the include file list.  I had to
re-run configure with CPPFLAGS set:

    env CPPFLAGS='-I/usr/local/include' configure ...


    * clearsig: keep lineendings as they are. Remember that trailings
      blanks are not hashed.

    * Fix ;) revocation and expire stuff.

    * check preferences (cipher and compress)

    * OpenBSD: dynamic loading with dlopen works on OpenBSD, but:
	OpenBSD binaries are a.out, so every symbol begins with "_"

    * should we flush the getkey.c caches while doing an import?

    * prefer a type 16 subkey for encryption because pgp cannot handle
      type 20?

    * The critical bit of signature subpackets is not yet supported; i.e.
      it is ignored.

    * We need a maintainence pass over the trustdb which flags
      signatures as expired if the key used to make the signature has
      expired.	Maybe it is a good idea to store the exiration time
      in the key record of the trustdb.

    * write a tool to extract selected keys from a file.

    * new menu to delete signatures and list signature in menu

    * commandline controlled --edit-key with assumed save.

    * -rdynamic auf Solaris Problem

    * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.

    * add test cases for invalid data (scrambled armor or other random data)

    * add some sanity checks to read_keyblock, so that we are sure that
     the minimal requirements are met (?)

    * decryption of message with multiple recipients does not work.

    * preferences of hash algorithms are not yet used.

    * rewrite --list-packets or put it into another tool.

    * Burn the buffers used by fopen(), or use read(2). Does this
      really make sense?

    * Change the buffering to a mbuf like scheme? Need it for PSST anyway.
    * add checking of armor trailers
    * remove all "Fixmes"

    * Change the internal represention of keyid into a struct which
      can also hold the localid and extend the localid to hold information
      of the subkey number because two subkeys may have the same keyid.

    * add an option to re-create a public key from a secret key; we
      can do this in trustdb.c:verify_own_keys.

    * signature verification is done duplicated on import: in import.c and
      tehn in trustdb.c too.  Maybe we can use a flag to skip the actual
      verification process (this should work if we use the same keyblock,
      but I'm not sure how to accomplish that).  Another way is to allow
      the import of bogus data and let trustdb mark these keys as invalid;
      I see an advantage in this that it may help to prevent a DoS on a
      keyserver by sending him a lot of bogus signatures which he has
      to check - Needs further investigation.

    * change the fake_data stuff to mpi_set_opaque

    * Is it okay to use gettext for the help system?

    * Add some stuff for DU cc

    * use "passphrase" instead of "pass phrase"
    * Use "user ID", "trustdb" and "WARNING".