X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=doc%2FTODO;h=b41d2be4b906d0116e8ab359b2a1fbf2e1ab4f55;hb=d076f454cf6c576681749ae7f31dec1bc2b52833;hp=8be02b93811ea2a23fa324ef10f942429e84690f;hpb=e2cb90d3bbb4246a4fa27d49f55fd02c32336f47;p=monkeysphere.git diff --git a/doc/TODO b/doc/TODO index 8be02b9..b41d2be 100644 --- a/doc/TODO +++ b/doc/TODO @@ -9,20 +9,11 @@ Handle unverified monkeysphere hosts in such a way that they're not always removed from known_hosts file. Ask user to lsign the host key? -Handle multiple hostnames (multiple user IDs?) when generating host - keys with gen-key. - Work out the details (and describe a full use case) for assigning a REVOKER during monkeysphere-server gen_key -- how is this set? How do we export it so it's available when a second-party revocation is needed? -Actually enable server hostkey publication. - -Streamline host key generation, publication, verification. See - doc/george/host-key-publication for what dkg went through on - 2008-06-19 - Ensure that authorized_user_ids are under as tight control as ssh expects from authorized_keys: we don't want monkeysphere to be a weak link in the filesystem. @@ -50,7 +41,7 @@ Create ssh2openpgp or convert to full-fledged keytrans. Resolve the bugs listed in openpgp2ssh(1):BUGS. -Understand and document alternate trustdb models. +Document alternate trustdb models. Understand and document the output of gpg --check-trustdb: gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model @@ -105,5 +96,6 @@ Fix behavior when add-identity-certifier fails to fetch a key from the Allow server administrators to add-identity-certifier from a key in the filesystem (or on stdin, etc) -Add "monkeysphere-server diagnostics" subcommand to identify missing - pieces of monkeysphere server administration setup. +Think about packaging monkeysphere for other (non-apt-based) operating + systems. RPM-based linux systems, FreeBSD ports, and Mac OS X seem + like the most likely candidates.