From 47c61bafe3545f17e8244902dca0ff00077d0feb Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 20 Nov 1998 17:42:18 +0000 Subject: Expiration time works (I hope so) --- PROJECTS | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) (limited to 'PROJECTS') diff --git a/PROJECTS b/PROJECTS index 842d2a319..763c611c2 100644 --- a/PROJECTS +++ b/PROJECTS @@ -1,22 +1,27 @@ - * Urko Lusa is working on es.po - - * Check if an object (a message, detached sign, public key, or whatever) is signed by definite user, i.e. define user (userid, or any other unique identification) on command line. + * Change the internal represention of keyid into a struct which + can also hold the localid and extend the localid to hold information + of the subkey number because two subkeys may have the same keyid. + + * signature verification is done duplicated on import: in import.c and + tehn in trustdb.c too. Maybe we can use a flag to skip the actual + verification process (this should work if we use the same keyblock, + but I'm not sure how to accomplish that). Another way is to allow + the import of bogus data and let trustdb mark these keys as invalid; + I see an advantage in this that it may help to prevent a DoS on a + keyserver by sending him a lot of bogus signatures which he has + to check - Needs further investigation. * abstraction of the MPI * Add a way to override the current cipher/md implementations by others (using extensions) - * add a fast-import command which does not do the signature checks - of other keys (processing of the sdir hintlist). The signatures - may then be verified by a maintainence pass. - - * Not GnupG replated: What about option completion in bash? + * Not GnuPG replated: What about option completion in bash? Can "--dump-options" be used for this or should we place the options in a special ELF segment? -- cgit v1.2.3