25 lines
759 B
Markdown
25 lines
759 B
Markdown
|
# TODO
|
||
|
|
||
|
There's lots of things to add.
|
||
|
|
||
|
- TLS
|
||
|
- Autorenew this with an ACME server (eg, Boulder; use the Lego library)
|
||
|
- self-host the Boulder server & add the main CA pubkey to the client
|
||
|
- Work with self-signed stuff for now tho
|
||
|
- Authentication
|
||
|
- Give each client an API key
|
||
|
- Limit decryption keys that client can access?
|
||
|
- Admin UI on the server
|
||
|
- Manage client accounts
|
||
|
- Import public keys
|
||
|
- Add/Remove keys
|
||
|
- Private Key autorotation
|
||
|
- PGP Public Key Server
|
||
|
- a la keys.openpgp.org
|
||
|
- two servers? one public (company pub keys), one internal (customer pub
|
||
|
keys)
|
||
|
- Encryption groups
|
||
|
- Add a number of public keys to a group. When the client encrypts to a
|
||
|
group, use all the keys.
|
||
|
- Auto-remove expired keys from groups
|