blob: 0a13e83bd200b59c0b85ee19f51cf9cd27dc7bac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
Soon:
* Implement the different categories of servers in the server list.
* Get some keysafe servers set up.
* Run --uploadqueued periodically (systemd timer or desktop autostart?)
Later:
* improve restore progress bar points (update after every hash try)
* If we retrieved enough shares successfully, but decrypt failed, must
be a wrong password, so prompt for re-entry and retry with those shares.
* Don't require --totalshares and --neededshares on restore when unusual
values were used for backup. Instead, probe until enough shares are found
to restore.
* --no-jargon which makes the UI avoid terms like "secret key" and "crack
password". Do usability testing!
* --key-value=$N which eliminates the question about password value,
and rejects passwords that would cost less than $N to crack at current
rates. This should add a combo box to the password entry form in the
GUI to let the user adjust the $N there.
* Add some random padding to http requests and responses, to make it
harder for traffic analysis to tell that it's keysafe traffic.
Wishlist:
* Keep secret keys in locked memory until they're encrypted.
(Raaz makes this possible to do.)
Would be nice, but not super-important, since gpg secret keys
are passphrase protected anyway..
|