summaryrefslogtreecommitdiff
path: root/doc/TODO
blob: bf51ae0c8cdba2b40f09464e6ea68ce41d6c38f5 (plain) 
    

  1. Next-Steps Monkeysphere Projects:
    2. 

  2. ---------------------------------
    3. 

  3. 

  4. Detail advantages of monkeysphere: detail the race conditions in ssh,
    5. 

  5.    and how the monkeysphere can help you reduce these threat vectors:
    6. 

  6.    threat model reduction diagrams 
    7. 

  7. 

  8. Determine how openssh handles multiple processes writing to
    9. 

  9.    known_hosts file (atomic appends?)
    10. 

  10. 

  11. Handle unknown hosts in such a way that they're not always removed
    12. 

  12.    from known_hosts file.  Ask user to lsign the host key?
    13. 

  13. 

  14. Handle multiple multiple hostnames (multiple user IDs?) when
    15. 

  15.    generating host keys with gen-key.
    16. 

  16. 

  17. Make sure alternate ports are handled for known_hosts.
    18. 

  18. 

  19. Add environment variables sections to man pages.
    20. 

  20. 

  21. Script to import private key into ssh agent.
    22. 

  22. 

  23. Provide a friendly interactive UI for marginal or failing client-side
    24. 

  24.    hostkey verifications.  Handle the common cases smoothly, and
    25. 

  25.    provide good debugging info for the unusual cases.
    26. 

  26. 

  27. Make sure onak properly escapes user IDs with colons in them.
    28. 

  28. 

  29. Build a decent, presentable web site for documentation, evangelism,
    30. 

  30.    etc.  Include a mention of how to report trouble or concerns.
    31. 

  31. 

  32. Create ssh2openpgp or convert to full-fledged keytrans.
    33. 

  33. 

  34. Resolve the bugs listed in openpgp2ssh(1):BUGS.
    35. 

  35. 

  36. Understand and document alternate trustdb models.
    37. 

  37. 

  38. Understand and document the output of gpg --check-trustdb:
    39. 

  39.  gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    40. 

  40.  gpg: depth: 0  valid:   2  signed:  20  trust: 0-, 0q, 0n, 0m, 0f, 2u
    41. 

  41.  gpg: depth: 1  valid:  20  signed:  67  trust: 15-, 0q, 1n, 3m, 1f, 0u
    42. 

  42.  gpg: next trustdb check due at 2008-10-09
    43. 

  43. 

  44. Understand and document the numeric values between sig! and the keyid
    45. 

  45.    in "gpg --check-sigs $KEYID" .  Compare with the details found from
    46. 

  46.    "gpg --with-colons --check-sigs $KEYID".  This has to do with trust
    47. 

  47.    signatures.
    48. 

  48. 

  49. Fix gpg's documentation to clarify the difference between validity and
    50. 

  50.    ownertrust.  Include better documentation for trust signatures.
    51. 

  51. 

  52. Make it easier to do domain-relative ssh host trust signatures with
    53. 

  53.    gnupg. (e.g. "i trust Jamie McClelland (keyID 76CC057D) to properly
    54. 

  54.    identify ssh servers in the mayfirst.org domain") See:
    55. 

  55.    http://tools.ietf.org/html/rfc4880#section-5.2.3.21 and grep for
    56. 

  56.    "tsign" in gpg(1).
    57. 

  57. 

  58. Fix the order of questions when user does a tsign in gpg or gpg2.
    59.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-30 15:02:49 +0000