File: TODO

package info (click to toggle)
sks 1.1.6-14
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid
  • size: 2,296 kB
  • sloc: ml: 15,228; ansic: 1,069; sh: 358; makefile: 347
file content (137 lines) | stat: -rw-r--r-- 5,186 bytes parent folder | download | duplicates (5)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
--- Feature Requests ----

+ Replace numerix with Big_int
+ Fix primary-UID detection
+ Allow for time-based dump of keys
+ Bind to specific IP address (low priority)

--- Bug Reports ----

+ "sks db" seems to take too long to shut down.  Is it really checkpointing?
+ From Bjoern Burger.  SKS appears to fail on multiprocessor systems.
+ From Ryan Lackey.  Compile bug on FreeBSD

--- Highest Priority ----

+ Unify commands to reduce the number of executables generated

+ Fix build (and verify that fastbuild is fixed) so that it doesn't barf out
  entirely if a deeply bogus key is found in the stream.

+ Fix partial

+ Allow for partial progress: if some elements are recovered, and then
  there's a timeout, add those elements in.

+ if reconcilaition seems to always time-out, perhaps start reconciliation at
  some sub-tree instead of trying to do everything at once.

+ Do a review of all <try...with> clauses to ensure that important exceptions
  are let through.  In particular, Sys.Break should always be let through,
  and Eventloop.SigAlarm should be passed through (or handled specially) by
  every function that could be called in a callback.

+ Add hash and fingerprint lines to verbose index, if selected

+ Change searches so that search strings are broken up into words using same
  word-breaking algorithm.  Optionally, you might want to check if actual
  string appears as a whole.  So typing "eva@kde.org" would pull up all keys
  with "eva", "kde" and "org", and the optional part would be to check that
  some UID actually contains the st ring "eva@kde.org" in its entirety.

--- Lower Priority ----

+ review logging functions to set debug logging level sensibly

+ Ensure idempotence of all DB functions called by reconserver
   - including deletion and insertion of keys

+ add revocation-first sorting when multiple certificates are present

+ Add periodic tester of invariants -- in particular to check that the inmem
  count remains correct.

+ Add node-from-key hashtbl.  Then, provide a node lookup mechanism that
  first tries the hashtable and then tries the database, without ever loading
  a node into the tree structure.

+ change error-handling code so that RunRecovery errors are handled
  differently: namely, logged and then re-raised so the application exits, or
               perhaps simply exiting the program immediatly.

+ Add syslog logging as an option.  (still want file logging for verbose logs
  needed for testing, and maybe for execption logging.)

+ enable limited retry-on-failure for gossip.  That way, a few bum nodes
  won't slow the system down.

-----------Not Going To Do (probably) --------------------

+ implement no-modify tag (turns out this requires cryptography, which I
  would like to avoid for now, at least.)

-----------DONE--------------------

+ Modify eventloop to ensure fairness of sockets versus other events.

+ Disable both incoming and outgoing gossip until fetching of keys is complete.

+ Basic testing of key merging

+ Cut off reconciliation if difference appears too large, and require manual
  intervention for huge updates in any case.  (I think this is taken care of
  by keeping the node threshold at some multiple of mbar.)

+ matching on upper-and-lowercase hex-strings

+ fix index output to be compatible with GPG (and other?) automatic indexing
   (DONE.  Needs testing.)

+ Currently hash requests will be sent to any host specified by gossip
  partner.  They should only be sent to the gossip partner host itself.

+ Add timeouts for ALL rpc calls.  Currently only HTTP times out, and that
  only on the server side. Lame.

+ Add mail interface for interfacing with other servers

+ increase initial timeout period.  If host doesn't respond with config data
  with 30 seconds, give up immediatly.

+ Update build and fastbuild to canonicalize all elements (and discard
  non-canonicalized elements), as well as to mark the key with the
  yminsky.dedup filter, as appropriate.

+ Update clean_keydb to apply canonicalize to all elements.  Also add
  metadata to database that includes the version of SKS, and so that
  automatic updating of the database can be demanded.

+ Make sure that keys are canonicalized on ALL input paths.

+ modify "give-up" threshold so it doesn't depend on real depth of partition
  tree.  Make it configurable.

+ change timeouts on reconciliation so that if config does not come back
  immediatly, you time out, and otherwise the timeout is lengthened
  considerably.

+ improve error message for contact from unknown host. (now seems to raise
  Not_found)

+ Make initiator of reconciliation act as server.  That way, the one who
  makes the requests also has to work harder.

+ Find source of occasional segfault on interrupt of sks_db

+ matching on long keyids and (maybe) fingerprints

+ fix fetch-by-word to allow for larger upper limit on indvidiual word and
  shorter limit on number of keys actually returned.  Turns out returning
  keys is more expensive than lookups by a whole lot.

+ post-reconciliation key fetches seem to fail on occasion for no clear
  reason.  Fix.

+ add option for displaying notation packet

+ display revocation keys