diff options
author | Nikos Mavrogiannopoulos <nmav@crystal.(none)> | 2009-02-22 18:25:19 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@crystal.(none)> | 2009-02-22 18:25:19 +0200 |
commit | 240eb4548b9cfb90c56cfa78b8506fd4496c225e (patch) | |
tree | 8d7f3b419f70ad153b4b495b41ea8a0949ef39fb | |
parent | a5be463b2ddd5de855a0b0bc4f500748061570bd (diff) | |
download | gnutls-240eb4548b9cfb90c56cfa78b8506fd4496c225e.tar.gz |
removed items that have already been done or solved.
-rw-r--r-- | doc/TODO | 16 |
1 files changed, 1 insertions, 15 deletions
@@ -4,20 +4,11 @@ in order to avoid having people working on the same thing. Current list: + Support PKCS#8 AES and DES-MD5 (tests/enc3pkcs8.pem) encrypted keys. -* Optimize the gnutls_record_recv() code to allow fast small byte - reads. * Implement Datagram-TLS (DTLS). * Correct TLS 1.2 support. * Cleanup pkix.asn and remove unused (by the certificate api) structures. That way memory used will be reduced. * Improve or rewrite libtasn1 to make it easier to maintain. -* Make and use by gnutls a flexible interface for algorithms such - as public key, symmetric, PRNGs to allow for plugins that use other - libraries than libgcrypt or even hardware drivers. Flexible means - that it should allow replacing of some components without harming the - others (i.e. now with libgcrypt there is no way to replace the prng component - with something else since libgcrypt uses it internally.) -* Allow adding multiple subject alternative names (certtool + x509 library). * Verify added CRLs (is it really needed?) * Add support for generating empty CRLs * Document the format for the supported DN attributes. @@ -27,8 +18,6 @@ Current list: - Allow verifying of certificates on their reception. - Add gnutls_certificate_set_openpgp_keyring() function, similar to gnutls_certificate_set_openpgp_key(). -- Use subkeys with the 0x20 flag in openpgp keys (if present), - instead of the main key. - Add function to extract the signers of an openpgp key. Should be similar to gnutls_x509_crt_get_dn_oid(). - Add function to verify an openpgp key against a plain key. @@ -51,15 +40,12 @@ Current list: - Check path length constraints. - Check keyCertSign key usages. - Reject extensions in v1 certificates. -- Update libgnutls-extra.m4 to use modern autoconf constructs. -- Support for hardware SSL accelerators +- Support for cryptodev (and thus hardware accelerators) - Exhaustive test suite, using NIST's PKI Test vectors, see http://csrc.nist.gov/pki/testing/x509paths_old.html and http://csrc.nist.gov/pki/testing/x509paths.html - Clean up certtool. Perhaps separate the different functions into separate tools. Probably a rewrite is necessary. -- Enable certtool's template files to allow arbitrary - OIDs to be specified for x509v3's extended key usage attribute. - Make it possible to extract the internal state of a session, to be able to execve a new process that take over the current living socket (using the fcntl close-on-exec flag) and |