todo.txt    25 October 1992

The following items remain on the "To-do" list after the release
of the RIPEM Beta-3 distribution.  I'm not promising to do any
of them...

=== Code Changes ===

-- Allow "-" as an argument to -K for changing passwords from
data supplied by stdin.

-- Implement "---" as a delimiter in key files.

-- Provide a program that checks that a key and its MD5 verify OK.

-- When scanning a user key record, check to make sure that the
user doesn't have more than one public key (an error).

-- Automate the updating of a slave key server.

-- Don't open -o output file until we know for sure that there
will be output (i.e., no errors occurred).

-- Consider some progress indication for key generation, or at
least a warning message.

-- Add a more comprehensive test suite.

-- Interpret ~ (signifying a user's home directory) in all file names.

-- When decrypting MIC-ONLY messages, manually decode them if the
signature doesn't check out so the recipient can at least read them.

-- Check sender-supplied public key when decrypting
and complain if it doesn't match the key obtained from other sources.

-- Don't open the private key file if it's not needed (as in
verifying signatures).

-- Fix bug in which ripem -T m -Y fs aborts if it can't find
a recipient.  (It should prompt the user.)  Note:  -Y sf does
work correctly.  Reported by Carl Ellison.

=== Documentation ===

-- Explain that keys are not interchangeable with RPEM and PGP.  Talk
briefly about PGP and RPEM.