1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
|
<!--#set var="pyca_subtitle" value="Roadmap"-->
<!--#set var="pyca_pagedescription" value="Plans for future releases"-->
<!--#include file="ssi/head.html"-->
<!--#include file="ssi/navigation.html"-->
<p>
There are still a lot things to do in pyCA.
</p>
<table width="100%">
<tr>
<th>
Topic
</th>
<th>
Status
</th>
</tr>
<tr>
<td>
Clean up the code and remove all special features to
make it usable in a more common way.
</td>
<td>
released (0.4.1)
</td>
</tr>
<tr>
<td>Consequent use of the openssl.cnf throughout the whole package.
</td>
<td>released (0.4.1)
</td>
</tr>
<tr>
<td>Make certificate enrollment process more comfortable to users,
e.g. check parameters against openssl.cnf and give more
detailed feedback about input errors.
</td>
<td>released (0.4.2)
</td>
</tr>
<tr>
<td>Show clickable structure of openssl.cnf for downloading
CA certificates and CRLs.
</td>
<td>released (0.4.2)
</td>
</tr>
<tr>
<td>Documentation of configuration parameters
</td>
<td>released (0.4.3)
</td>
</tr>
<tr>
<td>Script for generating of CA certificate hierarchies and initial CRLs
</td>
<td>
released (0.4.5)
</td>
</tr>
<tr>
<td>Speed up certificate loading by handling DER certificates
</td>
<td>
released (0.4.5)
</td>
</tr>
<tr>
<td>Documentation of all configuration parameters
</td>
<td>
released (0.5.0)
</td>
</tr>
<tr>
<td>Scripts <EM>ca-cycle-pub.py</EM> for cyclic CA tasks
on the public server
</td>
<td>
most done and released (0.5.0)
</td>
</tr>
<tr>
<td>Update cnf-parsing to reflect the recent changes which
were made in OpenSSL (complete rewrite).
</td>
<td>
released (0.5.1)
</td>
</tr>
<tr>
<td>Support for Microsoft Internet Explorer
</td>
<td>
released (0.6.0)
</td>
</tr>
<tr>
<td>Improve LDAP support.
</td>
<td>
released (0.6.0)
</td>
</tr>
<tr>
<td>
Store initial master secrets in a database during registration
process involving RA or user itself. Printing of registration
info for postal shipment, automatic checking of initial master
secret.
</td>
<td>
to do
</td>
</tr>
<tr>
<td>Scripts <EM>ca-cycle-priv.py</EM> for daily/hourly CA
tasks on the system holding the private keys
</td>
<td>
to do
</td>
</tr>
<tr>
<td>English help texts.
</td>
<td>
to do
</td>
</tr>
<tr>
<td>Enrollment script <EM>server-enroll.py</EM> for server
certificate requests.
</td>
<td>
to do
</td>
</tr>
<tr>
<td>Speed up access to bigger certificate databases by using the
GDBM package for holding a copy of the certificate database
</td>
<td>
to do
</td>
</tr>
<tr>
<td>
PKIX compliance (e.g. keyUsage etc.)
</td>
<td>
to do
</td>
</tr>
<tr>
<td>Flexible logging support for CGI-BINs
</td>
<td>
to do
</td>
</tr>
<tr>
<td>Documentation of the certification process
</td>
<td>
to do
</td>
</tr>
<tr>
<td>Script <EM>cert-renewal.py</EM> for certificate renewal requests
</td>
<td>
to do
</td>
</tr>
<tr>
<td>Script <EM>cert-revoke.py</EM> for certificate revocation requests
</td>
<td>
to do
</td>
</tr>
<tr>
<td>Instant certificate issueing (what some CAs call "Class 0")
without admin interaction</td>
<td>
to do
</td>
</tr>
<tr>
<td>Improving privacy of certified objects by
implementing access control scheme to cert database
(maybe just rely on LDAP bind)</td>
<td>
to do
</td>
</tr>
<tr>
<td>Support for anonymized certificates for better privacy</td>
<td>
to do
</td>
</tr>
<tr>
<td>Signing stored data and e-mails if possible (depends on further S/MIME support in OpenSSL)</td>
<td>
to do
</td>
</tr>
<tr>
<td>Better localizing, multiple languages.</td>
<td>
to do
</td>
</tr>
</table>
<!--#include file="ssi/footer.html"-->
|
