[Webfunds-commits] java/webfunds TODO_SCW

Ian Grigg iang@cypherpunks.ai
Thu, 17 Aug 2000 09:35:27 -0400 (AST) 

iang        00/08/17 09:35:27

  Modified:    webfunds TODO_SCW
  Log:
  some more updates, more is covered by verify than I thought

Revision  Changes    Path
1.4       +18 -8     java/webfunds/TODO_SCW

Index: TODO_SCW
===================================================================
RCS file: /home/webfunds/cvsroot/java/webfunds/TODO_SCW,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- TODO_SCW	2000/08/16 19:51:17	1.3
+++ TODO_SCW	2000/08/17 13:35:26	1.4
@@ -1,16 +1,20 @@
 Comments on SignContractWizard
 
-I.  Sanity checking is needed:
+I.  Sanity checking that is needed:
 
       I.a)  Contract - all these can be repaired and saved on the fly
 
-        + no trailing spaces
-        + uniform line endings
-        + all lines shorter or equal to 80 chars
+        + no trailing spaces (stripped in verify)
+        + uniform line endings.  NB, the Contract code _rejects_
+          _mixed_ line endings (for example \n followed by \r\n)
+        + all lines shorter or equal to 80 chars (not currently enforced)
         + Ricardian rules - sections, etc.
 
         n.b. in http://www.systemics.com/docs/ricardo/issuer/contract.html
         which may be out of date but can be updated...
+
+        Correct place for this should be in the Contract, but it
+        doesn't provide the support for that yet.
     
       I.b)  PKI
     
@@ -23,8 +27,8 @@
     
       I.c) Secret Key
     
-        + secret key matches contract public key
-        + secret key decrypts properly (DONE)
+        * secret key matches contract public key
+        * secret key decrypts properly
         + for the secret key, wouldn't a popup box be better for the passphrase?
           (one presumes this signals that the key is quickly decrypted, used,
           then the decrypted version is disposed of quickly...  may not be the
@@ -33,6 +37,8 @@
       I.d) Signed Contract
     
         * signature made is correct and verifiable with contents of contract
+          (DONE by verify, in fact this is the *only* place for it!)
+
         + additional potential sanity check:  that the signed contract can
           be un-signed and contents compared with original proto-contract to
           ensure that no additional chars were introduced during the signing
@@ -67,6 +73,9 @@
         and sucking the keys from there.  Testing cycle takes too long
         otherwise, as have to type in all the info each time.
 
+        Problem with this is that it is a major new piece of work, so
+        desperation means nothing against lack of resource....
+
     d.2 Needs a save button to save out that file to the original
         Name or a browsed name.  Need to recall the name.
 
@@ -77,13 +86,14 @@
         (Needs more support from Contract to do this checking as Contract.java
         can only read a signed Contract.)
 
-    d.4 better yet, it should use these as a starting point for the keys.
+    d.4 better yet, it should use these as a starting point for the keys
+       (see d.1).
 
     e.  Keys.   C&P box for keys would be nice...
 
     f.  Did we agree on a file format naming system?  TLA extensions?
 
-    g.  Instructions for GPG would also be useful!
+    g.  Instructions for GPG would also be nice!
 
     h.  instructions: ... specify FILE NAME of where FILE contract is stored...