- Consider switching the KDF from salted BLAKE2b. Unfortunately, there's basically nothing except HKDF-SHA-2, which is needlessly inefficient. Could use BLAKE3, but that would require another dependency.
- Reconsider random nonces (e.g. for private key encryption).
- Support more recipients/change the key wrap header approach.
- Remove free space from the file metadata header.
- Consider ASCII armour/Minisign style detached signature files.
- Consider supporting unencrypted private keys for non-interactive use cases.
- Support non-detached signatures?
- Do a progress bar like Docker?
- Consider supporting YubiKeys via the .NET YubiKey SDK. I don't currently have a YubiKey to test anything, I don't want to buy a YubiKey because I have no use for one, and this is not trivial to implement.
- Have a
trustedfolder for public keys, with separate files or folders for encryption/signing? No idea what the UX would be.