summaryrefslogtreecommitdiffstats
path: root/TODO
blob: da49089d76ffca9114a55b274057e3aabf19cab1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
  * options.skel wird mit umaks von root installiert.

  * See how we can handle the symlinks in ./gcrypt

  * Add SIGSEGV handler to overcome zlib problems with truncated data.

  * Use --output for keylistings too.

  * Never allocate packet memory with a m-alloc, but use a specific function.

  * Should we change names like mpi_write in g10/ so that we don't
    use the prefix mpi here?

  * Implement the AXP syscall to enable bus traps for GLIB 2

  * parse a paramter file to do automatic key generation and to set
    parameters for the keygen menu.  Far easier than to do a dialog for
    each required parameter.

  * With option -i prompt before adding a key to the keyring and show some
    info what we are about to add.

  * Speed up calculation of key validation.

  * --disable-asm should still assemble _udiv_qrnnd when needed

  * Skip RO keyrings when importing a key.

  * Use the newest encryption key if only the main key has been given.

  * replace the keyserver stuff either by a call to a specialized
    utility and SOCKSify this utility.

  * Check the beginning of file to detect already compressed files (gzip,
    bzip2, xdelta and some picture formats)

  * Delay the read of the passphrase-fd afte a NEED_PASSPHRASE.  But this
    may break some scripts.

  * as soon as we have moved to KBX, we can check signatures at all places
  because there is no perfomance drawback as we can store the result of
  a verification in the KBX.  This enable us to better print information on
  revoked user IDs and signatures. Well, caching of non-self-signatures
  will still be complicated.


Nice to have
------------
  * Official test vectors for 3DES-EDE3
  * use DEL and ^H for erasing the previous character (util/ttyio.c).
    or better readline.
  * Print a warning if the directory mode is wrong.
  * Do a real fix for bug #7 or document that it is a PGP 5 error.
  * preferences of hash algorithms are not yet used.
  * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
    or use POSIX.4 realtime signals.  Overhaul the interface and the
    test program.  Use it with the test suite?
  * add test cases for invalid data (scrambled armor or other random data)
  * add checking of armor trailers
  * Burn the buffers used by fopen(), or use read(2). Does this
    really make sense?	And while we are at it:  implement a secure deletion
    stuff?
  * the pubkey encrypt functions should do some sanity checks.
  * dynload: implement the hint stuff.
  * "gpg filename.tar.gz.asc" should work like --verify (-sab).
  * for messages created with "-t", it might make sense to append the
    verification status of the message to the output (i.e. write something to
    the --output file and not only to stderr.
  * configure option where to find zlib
  * Display more validity information about the user IDs at certain places.
    We need a more general function to extract such kind of info from the
    trustdb.
  * Evaluate whether it make sense to replace the namehashs either by
    using the user ID directly or by using pointers into the trustdb.
  * --gen-prime may trigger a log_bug; should be a log_fatal.