$Id: feedback.txt,v 1.1.1.1 2008/09/10 09:32:57 agcrooks Exp $

Feedback
========

This document will store the ideas and references given or extracted
by tech-security@NetBSD.org mailing list or anywhere.


Making BPG secure by default - Thor Lancelot Simon
----------------------------

"""
[...]design the system so that there is a reasonable 'right way' as
the default, while the 'wrong way' requires expert knowledge to do, if
it's even possible at all.

In the specific example I gave above, that means that if you generate a
signing key, you should by default generate an encryption subkey of the
same type and length.
"""


Support for Exmh and Psi - Steve Bellovin
------------------------

Make BPG's interface as compatible as possible with external programs
such as Exmh MUA and Psi IM client. If not possible (or too
expensive), study how should these and other GnuPG-compatible programs
be modified to use BPG.


Man pages and documentation assistence - Jeremy C. Reed
--------------------------------------

Jeremy offered his kindly help to assist with man pages and other
docs.


Key indexing - Jason Harris
------------

"""
One problem with GPG is that it uses non-indexed binary files for key
storage.  Indexing the keys would really help.  BerkeleyDB is way over-
kill, but it is what several keyservers use.  SQLite is another option,
but I think both these embeddable DBs are too much.  Looking at
http://www.freebsd.org/ports/databases.html , qdbm-1.8.31, rdb-2.6d,
and tinycdb-0.74 may be worth checking out.

OpenSSL stores certs in individual files and that actually isn't a bad
idea.  The Maildir method of storing email messages is supposed to be
quite robust.
"""


Keyrings interchangeability - Jason Harris
---------------------------

"""
[...]it would be nice if bpg and GPG keyrings were interchangeable.
Note that GPG uses trust packets to cache the status of signature
checks, but that shouldn't be a problem.  bpg could write an index
file for each .pgp/.gpg keyring, storing the keyring's modtime, inode
number, and size and updating the index if any of these properties
change for the keyring.  (ETags in Apache use all these by default.)
"""
