diff options
| -rw-r--r-- | COPYING | 1 | ||||
| -rw-r--r-- | debian/copyright | 1 | ||||
| -rw-r--r-- | doc/TODO | 39 |
3 files changed, 41 insertions, 0 deletions
@@ -8,6 +8,7 @@ It is free software, developed by: Micah Anderson <micah@riseup.net> Matthew Goins <mjgoins@openflows.com> Mike Castleman <mlcastle@mlcastle.net> + Elliot Winard <enw@caveteen.com> Greg Lyle <greg@stealthisemail.com> MonkeySphere is distributed in the hope that it will be useful, but diff --git a/debian/copyright b/debian/copyright index b7e823b..040e6c8 100644 --- a/debian/copyright +++ b/debian/copyright @@ -10,6 +10,7 @@ Copyright: 2008 Jameson Rollins <jrollins@fifthhorseman.net>, Micah Anderson <micah@riseup.net>, Matthew Goins <mjgoins@openflows.com>, Mike Castleman <mlcastle@mlcastle.net>, + Elliot Winard <enw@caveteen.com>, Greg Lyle <greg@stealthisemail.com> License: GPL-3+ diff --git a/doc/TODO b/doc/TODO new file mode 100644 index 0000000..6125fea --- /dev/null +++ b/doc/TODO @@ -0,0 +1,39 @@ +Next-Steps Monkeysphere Projects: +--------------------------------- + +Provide a friendly interactive UI for marginal or failing client-side + hostkey verifications. Handle the common cases smoothly, and + provide good debugging info for the unusual cases. + +Make sure onak properly escapes user IDs with colons in them. + +Build a decent, presentable web site for documentation, evangelism, + etc. Include a mention of how to report trouble or concerns. + +Create ssh2openpgp or convert to full-fledged keytrans. + +Resolve the bugs listed in openpgp2ssh(1):BUGS. + +Understand and document alternate trustdb models. + +Understand and document the output of gpg --check-trustdb: + gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model + gpg: depth: 0 valid: 2 signed: 20 trust: 0-, 0q, 0n, 0m, 0f, 2u + gpg: depth: 1 valid: 20 signed: 67 trust: 15-, 0q, 1n, 3m, 1f, 0u + gpg: next trustdb check due at 2008-10-09 + +Understand and document the numeric values between sig! and the keyid + in "gpg --check-sigs $KEYID" . Compare with the details found from + "gpg --with-colons --check-sigs $KEYID". This has to do with trust + signatures. + +Fix gpg's documentation to clarify the difference between validity and + ownertrust. Include better documentation for trust signatures. + +Make it easier to do domain-relative ssh host trust signatures with + gnupg. (e.g. "i trust Jamie McClelland (keyID 76CC057D) to properly + identify ssh servers in the mayfirst.org domain") See: + http://tools.ietf.org/html/rfc4880#section-5.2.3.21 and grep for + "tsign" in gpg(1). + +Fix the order of questions when user does a tsign in gpg or gpg2. |