
Legend:
SPEC!!  - Not specified
SPEC    - Spec not finalized
NICK    - nick claims
ARMA    - arma claims
        - Not done
        * Top priority
        . Partially done
        o Done
        D Deferred
        X Abandoned


        . Use a stronger cipher
                o 3des for now
                - aes now, by including the code ourselves
        . Topics / circuits
                o Implement topics
                o Rotate circuits after N minutes?
                X Circuits should expire when circuit->expire triggers
NICK            . Handle half-open connections
                        o Figure out what causes connections to close, standardize
                          when we mark a connection vs when we tear it down
                o Look at what ssl does to keep from mutating data streams
        X On the fly compression of each stream
        o Clean up the event loop (optimize and sanitize)
ARMA    o Remove that awful concept of 'roles'
ARMA    . Exit policies
                o Spec how to write the exit policies
                - Path selection algorithms
                        - Let user request certain nodes
                        - And disallow certain nodes
                        D Choose path by jurisdiction, etc?
                - Rewrite how the AP works
SPEC!!  D Non-clique topologies
        D Implement our own memory management, at least for common structs
        . Appropriate logging
                - Come up with convention for what log level means what
                - Make code follow convention
        o Terminology
                o Circuits, topics, cells stay named that
                o 'Connection' gets divided, or renamed, or something?
        o DNS farm
                o Distribute queries onto the farm, get answers
                o Preemptively grow a new worker before he's needed
                o Prune workers when too many are idle
                o DNS cache   
                        o Clear DNS cache over time  
                        D Honor DNS TTL info (how??)
                o Have strategy when all workers are busy
                o Keep track of which connections are in dns_wait
                o Need to cache positives/negatives on the tor side
                        o Keep track of which queries have been asked
                o Better error handling when
                        o An address doesn't resolve
                        o We have max workers running
                o Consider taking the master out of the loop?
        . Directory servers
                D Automated reputation management
                o Include key in source; sign directories
                        o Signed directory backend
                        o Document
                        o Integrate
                - Add versions to code
                . Have directories list recommended-versions
                        o Include (unused) line in directories
                        o Check for presence of line.
                        - Quit if running the wrong version
                        - Command-line option to override quit
                . Add more information to directory server entries
                        o Exit policies
                        D jurisdiction? others?
SPEC!!          D Figure out how to do threshold directory servers
        . Scrubbing proxies
                - Find an smtp proxy?
                        - Check the old smtp proxy code
                o Find an ftp proxy? wget --passive
                D Wait until there are packet redirectors for Linux
                . Get socks4a support into Mozilla
        . Get tor to act like a socks server
                o socks4, socks4a
                - socks5
SPEC!!          - Handle socks commands other than connect, eg, bind?
        . Develop rendezvous points
                . Spec (still needs step-by-step instructions)
                - Implement
        D Implement reply onions
        D Deploy and manage open source development site.
        . Documentation
                o Discussion of socks, tsocks, etc
                o On-the-network protocol
                        o Onions
                        o Cells
                . Better comments for functions!
        - Tests
                o Testing harness/infrastructure
NICK            . Unit tests
                D System tests (how?)
                - Performance tests, so we know when we've improved
                        . webload infrastructure (Bruce)
                        . httperf infrastructure (easy to set up)
                        . oprofile (installed in RH 8.0)
        D Deploy a widespread network
        . Router twins
                o Choose twin if primary is down, when laying circuit
                D Load balancing between twins
                        - Keep track of load over links/nodes, to
                          know who's hosed
NICK    . Daemonize and package
                o Teach it to fork and background
                - Red Hat spec file
                - Debian spec file equivalent
        . Autoconf
                . Which .h files are we actually using? Port to:
                        o Linux
                        o BSD
                        . Solaris
                        . Windows
                        o OS X
                o openssl randomness
                o inet_ntoa
                - stdint.h
                - Make a script to set up a local network on your machine
        D Move away from openssl
                o Abstract out crypto calls
                D Look at nss, others? Just include code?

        . transition addr to sin_addr (huh?)

        o Clean up the number of places that get to look at prkey
        . Clearer bandwidth management 
        - Total rate limiting
        . Look at OR handshake in more detail
                o Spec it
                o Merge OR and OP handshakes
                . rearrange connection_or so it doesn't suck so much to read
                D Periodic link key rotation. Spec?
        - More flexibility in node addressing
                D Support IPv6 rather than just 4
                - Handle multihomed servers (config variable to set IP)
        . Move from onions to ephemeral DH
                o incremental path building
                o transition circuit-level sendmes to hop-level sendmes
                o implement truncate, truncated
                o move from 192byte DH to 128byte DH, so it isn't so damn slow
                - exiting from not-last hop
                        - OP logic to decide to extend/truncate a path
                        - make sure exiting from the not-last hop works
                        - logic to find last *open* hop, not last hop, in cpath
                        - choose exit nodes by exit policies
        o wrap malloc with something that explodes when it fails

