Some feature requests

Werner Koch wk at isil.d.shuttle.de
Fri May 21 12:52:22 CEST 1999


Jason Gunthorpe <jgg at ualberta.ca> writes:

> behaviour I haven't had time to track properly. (Particularly Debian's
> 0.9.6 version segfaulted instantly, I had to downgrade to 0.9.5)

I think I have to release a new version soon.

BTW, it seems that we have found some consensus at the WG about the
Twofish issue.

> - When using the status-fd the return result for a missing key is the same
>   as the result for a failing algorithm - it would be nice to be able to
>   give more definate error messages

Okay, I add an extra token for missing algorithm.

> - status-fd does not emit the signing time in hours, mins and seconds.
>   Ideally it would print the unix time in seconds since the unix epoch (in
>   utc) This would simplify the calling code, no need to parse dates and

Easy to do.

> - A very usefull status-fd output would be to indicate the version and
>   comment strings from the message - this could be used to detect a remote

You can modify the version and comment strings in the armor - nobody
will detect this - so don't rely on this. 

>   end and compensate (ie enable PGP2.x compatibility mode for an encrypted

There is the RSA_OR_IDEA status token.

> - Being able to decode any arbitary packet with gpg over the status-fd
>   would be very nice. Particularly I would like to process key material,
>   (extract the information from the key so I can decide if I should
>   continue to process it) and I would like to detect revokation

We will certainly have such thinks to support a GUI frontend.  But
this may take a while.

> - Is there an assurance that if I specify the key fingerprint as the
>   destination of an encryption operation it will choose only that key and
>   not a key that happens to have that fingerprint hacked into its email
>   feild? Basically I want to take a signed message, extract the

Use the token VALIDSIG  it calculates the fingerprint from the public
key used to verify the signature.  BTW, all output of user ID and such
is filtered trhough a function which translates all controlcodes to 
C Strings.

> The application I am currently building is an email based gateway into our
> account system. Each user has an attached key fingerprint and by sending
> signed messages to a server they can manipulate their account and do

I have done such a script as a demo for a talk some time ago.  It was
intended to allow uploads of certain files to an FPT site or execute
arbitrary shell commands. I can send you this littel script if you
like (actually this was the reason for the SIG_ID token). 

I would really like to see to repalce smarlists x-command by such a
method - but I don't know when I will find some time for this.


-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013



More information about the Gnupg-devel mailing list