1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
PGP::Sign To-Do List
Here's a list of things that have occurred to me that I'd like to see
added to PGP::Sign at some point, in no particular order. The amount of
development time I have for PGP::Sign is extremely limited, and therefore
most of these are unlikely to ever be done without help. Pull requests or
mailed patches are welcome.
* PGP::Sign currently hard-codes --textmode processing. This should be
configurable via the object constructor to allow use with binary data.
* All of the information about a signature should be available, not just
the user ID and whether or not it verified. The most important
additional information to provide is the full key ID (fingerprint).
This probably implies there should be a separate method call alongside
verify() that returns a rich object.
* Information about why a signature verification failed isn't provided to
the caller, and the additional parsable error tokens returned by GnuPG
aren't taken advantage of. The caller should be able to get
information about exactly why a signature verification failed (no
public key found, bad signature, malformed data, etc.).
* PGP::Sign throws text exceptions on errors, which doesn't allow the
caller to cleanly separate the type of failure, the exit status of
GnuPG, and GnuPG's standard output and standard error. It should
instead throw a rich object that supports accessor methods for those
details.
|
