home.md

@@ -200,7 +200,27 @@ Security Releases
     * what could be a reasonable timeline?
      * by the end of the year have a client (milestones B and C completed)
        * MILESTONE B: Secure minimal client
+         * Guard nodes  <--- first thing to work on
+         * Correct path selection <-- important but current restrictions have issues
+         * Timeouts      
+           * Circuit timeout logic
+           * Connection timeout logic.
+           * What other kinds of timeouts?  
+         * Connection padding  <-- not necessary
+         * Circuit padding (with padding machines)
+         * Build preemptive circuits  <-- very important
+         * Change behavior depending on network parameters
+         * CBT logic?
+         * Pathbias logic  <-- it can be dropped
+         * Figure out where to put a specific async executor and/or TLS     implementation in our stack.
        * MILESTONE C: Client feature parity
+         * V3 onion services
+         * Fairness on circuits/streams?
+         * Support for using bridges
+         * Pluggable transport support
+         * Controller API?
+         * Dormant mode?
+         * Transparent proxy mode(s)
  * Technical debt
    * Tooling: CI
    * Transition to arti is the best way to tackle technical debt right now.