-*- indented-text -*-

$Id: TODO,v 1.47 2000/08/27 05:19:55 assar Exp $

* configure

use more careful checking before starting to use berkeley db.  it only
makes sense to do so if we have the appropriate library and the header
file.

* appl

** appl/popper

Implement RFC1731 and 1734, pop over GSS-API

** appl/rsh

add rcp program

* kdc

* kadmin

is in need of a major cleanup

* lib

** lib/asn1

prepend a prefix on all generated symbols

** lib/auth

PAM

** lib/des

make everything work with openssl

** lib/gssapi

process_context_token, add_cred, inquire_cred_by_mech,
inquire_names_for_mech, and
inquire_mechs_for_name not implemented.

set minor_status in all functions

init_sec_context: `initiator_cred_handle' ignored.

anonymous credentials not implemented

add rc4

** lib/hdb

** lib/kadm5

add policies?

fix to use rpc?

** lib/krb5

rewrite the lookup of KDCs to handle kerberos-<n> and not do any DNS
requests if the information can be found locally.  this requires stop
using krb5_get_krbhst.

the replay cache is, in its current state, not very useful

always generates a new subkey in an authenticator

should the sequence numbers be XORed?

OTP?

make checksum/encryption type configuration more realm-specific.  make
some simple way of handling the w2k situtation

crypto: allow scather/gather creation of checksums

** lib/roken

getifaddrs
