Imported Upstream version 0.12

1 files changed, 16 insertions, 5 deletions

diff --git a/TODO b/TODO
index 8370210..20b75fd 100644
--- a/TODO
+++ b/TODO
@@ -18,11 +18,6 @@ Client:
  * Add readline support to the wallet client to make it easier to issue
    multiple commands.
 
- * Add support for rekeying in the wallet client.  Need to resolve how to
-   get a list of principals to rekey and which keytabs to work on.  This
-   possibly should be a separate binary from the regular wallet client
-   binary.
-
  * Support authenticating with a keytab.
 
  * Allow store data to contain nuls.  Requires rewriting the command
@@ -87,6 +82,9 @@ ACLs:
  * Provide an API for verifiers to syntax-check the values before an ACL
    is set and implement syntax checking for the Krb5 verifier.
 
+ * Investigate how best to support client authentication using anonymous
+   PKINIT for things like initial system keying.
+
 Database:
 
  * Fix case-insensitivity bug in unique keys with MySQL for objects.
@@ -130,6 +128,19 @@ Objects:
 
 Reports:
 
+ * Add audit for references to unknown ACLs, possibly introduced by
+   previous versions before ACL deletion was checked with database
+   backends that don't do referential integrity.
+
+ * Add report for all objects that have never been stored.
+
+ * Add report of all ACLs with identical contents.
+
+ * For objects tied to hostnames, report on objects referring to hosts
+   which do not exist.  For the initial pass, this is probably only keytab
+   objects with names containing a slash where the part after the slash
+   looks like a hostname.  This may need some configuration help.
+
  * Make contrib/wallet-summary generic and include it in wallet-report,
    with additional configuration in Wallet::Config.  Enhance it to report
    on any sort of object, not just on keytabs, and to give numbers on