[Webfunds-commits] java/webfunds TODO_SCW
Ian Grigg
iang@cypherpunks.ai
Thu, 17 Aug 2000 09:35:27 -0400 (AST)
iang 00/08/17 09:35:27
Modified: webfunds TODO_SCW
Log:
some more updates, more is covered by verify than I thought
Revision Changes Path
1.4 +18 -8 java/webfunds/TODO_SCW
Index: TODO_SCW
===================================================================
RCS file: /home/webfunds/cvsroot/java/webfunds/TODO_SCW,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- TODO_SCW 2000/08/16 19:51:17 1.3
+++ TODO_SCW 2000/08/17 13:35:26 1.4
@@ -1,16 +1,20 @@
Comments on SignContractWizard
-I. Sanity checking is needed:
+I. Sanity checking that is needed:
I.a) Contract - all these can be repaired and saved on the fly
- + no trailing spaces
- + uniform line endings
- + all lines shorter or equal to 80 chars
+ + no trailing spaces (stripped in verify)
+ + uniform line endings. NB, the Contract code _rejects_
+ _mixed_ line endings (for example \n followed by \r\n)
+ + all lines shorter or equal to 80 chars (not currently enforced)
+ Ricardian rules - sections, etc.
n.b. in http://www.systemics.com/docs/ricardo/issuer/contract.html
which may be out of date but can be updated...
+
+ Correct place for this should be in the Contract, but it
+ doesn't provide the support for that yet.
I.b) PKI
@@ -23,8 +27,8 @@
I.c) Secret Key
- + secret key matches contract public key
- + secret key decrypts properly (DONE)
+ * secret key matches contract public key
+ * secret key decrypts properly
+ for the secret key, wouldn't a popup box be better for the passphrase?
(one presumes this signals that the key is quickly decrypted, used,
then the decrypted version is disposed of quickly... may not be the
@@ -33,6 +37,8 @@
I.d) Signed Contract
* signature made is correct and verifiable with contents of contract
+ (DONE by verify, in fact this is the *only* place for it!)
+
+ additional potential sanity check: that the signed contract can
be un-signed and contents compared with original proto-contract to
ensure that no additional chars were introduced during the signing
@@ -67,6 +73,9 @@
and sucking the keys from there. Testing cycle takes too long
otherwise, as have to type in all the info each time.
+ Problem with this is that it is a major new piece of work, so
+ desperation means nothing against lack of resource....
+
d.2 Needs a save button to save out that file to the original
Name or a browsed name. Need to recall the name.
@@ -77,13 +86,14 @@
(Needs more support from Contract to do this checking as Contract.java
can only read a signed Contract.)
- d.4 better yet, it should use these as a starting point for the keys.
+ d.4 better yet, it should use these as a starting point for the keys
+ (see d.1).
e. Keys. C&P box for keys would be nice...
f. Did we agree on a file format naming system? TLA extensions?
- g. Instructions for GPG would also be useful!
+ g. Instructions for GPG would also be nice!
h. instructions: ... specify FILE NAME of where FILE contract is stored...