1 Nominet's requirements 2 ---------------------- 3 4 We currently use the PGP APIs to do the following: 5 - Load a key ring into memory. 6 - Find a key in a key ring and store a reference to it. 7 - Use a secure key to sign a message in clear text ascii armour 8 (equiv. of pgp -sta) 9 - Check the signature on a clear text signed message, giving back 10 the contents, the key that signed it and the time at which it was 11 signed. If the check fails, we need to know the reason why e.g. Was 12 the signature corrupt, did it match the text, was the message in 13 the correct format, has the key be revoked etc. 14 - Add an ascii armoured key to a key ring held in memory. 15 - Store a key ring held in memory back to disk. 16 17 We may also want to use standard encryption and decryption in the future. 18 19 Our requirements 20 ---------------- 21 22 - encrypting, signing, decrypting, verifying documents. 23 - creating keys 24 - issuing key certifications and revocations 25 - key signing 26 - user id: add, remove, revoke 27 - keyring handling (on disk storage) 28 - keyserver querying fu 29 - trust handling (a la gpg) 30 - export of <everything> 31 - import of <everything> 32 33 Specific non-requirements 34 ------------------------- 35 36 X We will not use GPG slave processes to do keyserver queries - nor 37 any other slave process, this will be done entirely in-process. 38
Indexes created Sun May 31 00:26:10 UTC 2026