$Id: ToDo,v 1.37 2002/12/10 01:47:45 btrott Exp $

Crypt::OpenPGP todo
-------------------
* add note/code for stripping utf8 from passphrase
* more accessor functions
* make handle return plaintext when just a signed message
* add test for uncompressed decrypted packets
* KeyRing support multiple keyrings so that lookups occur over multiple
  rings.
* support for ElGamal signing
* smart detection and description of arbitrary files, eg. pass in some
  data and give back 'RSA signed message, Version 3, probably PGP2'
* subkey generation
* keyblock merging keys, signatures, user IDs
  1. read keyblock
  2. look up public key by key ID in existing keyring(s)
  3. if key does not exist, append it to the keyring
  4. compare keys (need a new Key::equal method)
  5. load original keyblock
  6. compare signatures
  7. add the signatures
  8. add the user IDs
  9. add the subkeys
  10. add the subkey certificates
* test suite: tests for: compressed signatures, compressed encrypted data
  packets, more versions of PGP, more pkalgs, subpackets
* improve subpacket system: constants for types, better integration into
  signatures, etc.
* use key flags to determine key capabilities (signing, encryption, etc.)
* add some example scripts
* caching in find_keyblock. let caller pass in 'marker' code-ref that, given
  a packet, returns a unique 'marker' to point to that keyblock. eg. lookup
  by keyid returns the certificate keyid, lookup by userid returns the
  userid, etc. then, two levels of caching: 1) store offsets of keyblocks
  by marker; 2) store already-parsed keyblocks by marker. we could let the
  calling function do the latter, of course, ie. find_keyblock_by_keyid
  would manage a hash of keyids => keyblocks. also: when reading a keyblock
  (after already finding the start offset), maybe don't parse SECRET_KEY
  and PUBLIC_KEY packets? since we already have the start cert there is
  no use in parsing the next one we come to, because that indicates the
  start of a new keyblock.
* improve CRC24 implementation by using C implementation. problem:
  String::CRC does not work for me (doesn't accept init, for one thing).

Done
----
xx * support for CAST5
xx * bug in Key::Public::ElGamal::_gen_k? naked block?
xx * Crypt::OpenPGP main USAGE docs
xx * docs (for other classes)
xx * PassphraseCallback param for sign and decrypt. give callback function the
     Certificate object (anything else?), let it ask the user for a passphrase.
xx * RecipientCallback for encrypt
xx * clear text signatures; need to make text into canonical text for
     signing
xx * more support for looking up keys in keyring (eg. look up userid, etc.)
xx * encrypt and sign/decrypt and verify
xx * add KeyRing::find_keyblock_by_index; given index, return that keyblock.
     also allow negative indices. create map of keyring on KeyRing::init.
xx * KeyBlock needs some methods to "do stuff" with the keyblock contents;
     for example, there should be a method to return: 1) the master key;
     2) a key given a key ID; 3) the key to be used for encryption, and the
     key to be used for signing.
xx * KeyRing::find_keyblock_by_keyid should no longer return certificate if
     called in list context. Instead it should just return a list of all
     matching keys if called in list context, first match otherwise. Caller
     should use KeyBlock methods to get actual certificate.
xx * compatibility param to encrypt and sign (and keygen, maybe), eg.
     Compat => 'PGP2' turns on Version => 3 and Cipher => 'IDEA'
xx * read existing PGPx/GnuPG config files into Config object
xx * compressed packets
xx * symmetrically-encrypted encrypted data packets
xx * add PGPWords from Mike Dillon; probably should add an interface to this
    through Certificate? ie. $cert->word_fingerprint, which would take
    $cert->fingerprint and run it through the Words module.
xx * encrypted MDC packets
xx * make find_keyblock_by_keyid work with subkeys
xx * key generation, secret certificate saving and encrypting
xx * Crypt::OpenPGP high-level DWIM interface
xx * support for armouring
xx * support for writing packets (v4 fingerprints/key IDs will come with this)
xx * implement a KeyRing::find method that looks only for specific key IDs, etc.
xx * generate fingerprint on cert while reading in (in 'parse'); that way we
     don't have to reserialize
xx * better installation: determine prereqs based on answers to prompts
     about preferred ciphers, pk systems, etc.
xx * support writing v4 packet headers