X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=doc%2FTODO;h=e2fce0e8f7a10f45f4cd43751a835d81a13b905c;hb=a5066c3a37a84bf47e1e1d6ff8ad755ad5fa9414;hp=3538fbf6a8c8831b31783cb48bc13304323f987a;hpb=6ee67a218916f6f9c30dfe9787109017c11e8185;p=monkeysphere.git

diff --git a/doc/TODO b/doc/TODO
index 3538fbf..e2fce0e 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -8,12 +8,33 @@ Detail advantages of monkeysphere: detail the race conditions in ssh,
 Determine how openssh handles multiple processes writing to
    known_hosts/authorized_keys files (lockfile, atomic appends?)
 
-Handle unknown hosts in such a way that they're not always removed
-   from known_hosts file.  Ask user to lsign the host key?
+Handle unverified monkeysphere hosts in such a way that they're not
+   always removed from known_hosts file.  Ask user to lsign the host
+   key?
 
 Handle multiple hostnames (multiple user IDs?) when generating host
    keys with gen-key.
 
+Work out the details (and describe a full use case) for assigning a
+   REVOKER during monkeysphere-server gen_key -- how is this set?  How
+   do we export it so it's available when a second-party revocation is
+   needed?
+
+Actually enable server hostkey publication.
+
+Streamline host key generation, publication, verification.  See
+   doc/george/host-key-publication for what dkg went through on
+   2008-06-19
+
+Streamline authorized_user_ids setup (including question of where
+   authorized_user_ids files should go).  See
+   doc/george/user-id-configuration for what dkg went through on
+   2008-06-19
+
+Ensure that authorized_user_ids are under as tight control as ssh
+   expects from authorized_keys: we don't want monkeysphere to be a
+   weak link in the filesystem.
+
 Make sure alternate ports are handled for known_hosts.
 
 Script to import private key into ssh agent.