reorganize todo to be a bit clearer about what's not done

svn:r2221

doc/TODO

@@ -11,39 +11,11 @@ ARMA    - arma claims
         D Deferred
         X Abandoned
 
-For scalability:
+      misc:
-        - Slightly smarter bandwidth management: use link capacity
-          intelligently.
-        - Handle full buffers without totally borking
-
-For 0.0.8:
-
-      milestone 2:
         . refer to things by key:
-          o extend cells need ip:port:identitykeyhash.
-          o Lookup routers and connections by key digest; accept hex
-            key digest in place of nicknames.
-          o Audit all uses of lookup-by-hostname and lookup-by-addr-port
-            to search by digest when appropriate.
-          o make sure to use addr/port in cpuworker tasks, because
-            OPs don't have keys.
-          o and fix the function comments in rephist
-          o Rep-hist functions need to store info by keyid
           - also use this in intro points and rendezvous points, and
             hidserv descs.  [XXXX This isn't enough.]
           - figure out what to do about ip:port:differentkey
-        o ORs connect on demand. attach circuits to new connections, keep
-          create cells around somewhere, send destroy if fail.
-        o nickname defaults to first piece of hostname
-        o running-routers list refers to nickname if verified, else
-          hash-base64'ed.
-        o Mark routers as verified or unverified based on whether
-          running-routers list includes nickname or id hash.
-        o put OR uptime in descriptor
-        o name the secret-key directory something to discourage people
-          from mailing their identity key to tor-ops
-
-      milestone 3:
         - users can set their bandwidth, or we auto-detect it:
           - advertised bandwidth defaults to 10KB
           o advertised bandwidth is the min of max seen in each direction
@@ -63,50 +35,54 @@ NICK    - Reputation info needs to give better weight to recent events than
         - Have clients and dirservers preserve reputation info over
           reboots.
         - clients choose nodes proportional to advertised bandwidth
-        o authdirserver includes descriptor.
         -  and lists as running iff:
           - he can connect to you
           - he has successfully extended to you
           - you have sufficient mean-time-between-failures
-        - Don't accept ORs with nicknames same as verified ORs' nicknames.
-        - add new "Middleman 1" config variable?
-          o if torrc not found, exitpolicy reject *:*
-        o change if(options.ORPort) to what we really mean.
-        o same with socksport.
-        o get contrib/tor_resolve into the tarball and installed
-          o and working
 
-      post pre1:
+      docs:
-        - Possible to get autoconf to easily install things into ~/.tor?
-        o when we sigint tor, the dns/cpuworkers don't intercept sigint?
-        - "AcceptOnlyVerifiedRouters" config option?
-        - why does common/util.c build-depend on or/or.h ?
-        - ORs use uniquer default nicknames
-        - Tors deal appropriately when a newly-verified router has the
-          same nickname as another router they know about
-        X 007 can't extend to unverified 008. they will never be able to.
-        - if a begin failed due to exit policy, but we believe the IP
-          should have been allowed, switch that router to exitpolicy
-          reject *:* until we get our next directory.
-        - make advertised_server_mode() ORs fetch dirs more often.
-        - should the running-routers list put unverified routers at the
-          end?
-        - tor-resolve needs a man page
-        o tor-resolve should make use of cached answers?
-        - defining an ORPort isn't necessary anymore, if you use
-          ORAddress:port. Same with DirPort, SocksPort.
-        - requiredentrynode vs preferredentrynode
-        - per-month byte allowances
-        o if using not-socks4a then warn, once.
-        o if unverified server then warn, once.
-        - add a listener for a ui
-          - and a basic gui
         - faq and doc-wiki
           - knoppix distro
           - win32 installer using privoxy's installer
 
-        o win32 problems with pre1
+      bug fixes, necessary:
-        o asn.1 issues?
+        - Why is the first entry of kill -USR1 a router with a 0 key?
+        - why does common/util.c build-depend on or/or.h ?
+
+      bug fixes, might be handy:
+        - put expiry date on onion-key, so people don't keep trying
+          old ones that they could know are expired?
+        - should the running-routers list put unverified routers at the
+          end?
+        - make advertised_server_mode() ORs fetch dirs more often.
+        - if a begin failed due to exit policy, but we believe the IP
+          should have been allowed, switch that router to exitpolicy
+          reject *:* until we get our next directory.
+        - Tors deal appropriately when a newly-verified router has the
+          same nickname as another router they know about
+        - ORs use uniquer default nicknames
+        - Handle full buffers without totally borking
+        - Add '[...truncated]' or similar to truncated log entries (like the directory
+          in connection_dir_process_inbuf()).
+
+      more features, easy:
+        - check the date in the http headers, compare for clock skew.
+        - requiredentrynode vs preferredentrynode
+        - per-month byte allowances
+        - tor-resolve needs a man page
+        - "AllowUnverifiedRouters" config option
+          - Parse it into a bitvector
+          - Consider it when picking nodes for your path
+        - have a pool of circuits available, cannibalize them
+          for your purposes (e.g. rendezvous, etc).
+
+      more features, complex:
+        - defining an ORPort isn't necessary anymore, if you use
+          ORAddress:port. Same with DirPort, SocksPort.
+        - compress the directory. client sends http header
+          "accept-transfer-encoding: gzip", server might send http header
+          "transfer-encoding: gzip". ta-da.
+          - grow a zlib dependency. keep a cached compressed directory.
         - Switch dirservers entries to config lines:
           - read in and parse each TrustedDir config line.
           - stop reading dirservers file.
@@ -124,17 +100,11 @@ NICK    - Reputation info needs to give better weight to recent events than
             - which means keeping track of which ones are "up"
           - if you don't need a trusted one, choose from the routerinfo
             list if you have one, else from the trusteddir list.
-        - compress the directory. client sends http header
+        - add a listener for a ui
-          "accept-transfer-encoding: gzip", server might send http header
+          - and a basic gui
-          "transfer-encoding: gzip". ta-da.
-          - grow a zlib dependency. keep a cached compressed directory.
-        - Why is the first entry of kill -USR1 a router with a 0 key?
-        o don't warn about being unverified if you're not in the
-          running-routers list at all.
-        - put expiry date on onion-key, so people don't keep trying
-          old ones that they could know are expired?
-        - check the date in the http headers, compare for clock skew.
 
+      blue sky:
+        - Possible to get autoconf to easily install things into ~/.tor?
 
       ongoing:
         . rename/rearrange functions for what file they're in
@@ -162,7 +132,7 @@ NICK    . Windows port
             - (need to not hardcode dirservers file in config.c)
           . correct, update, polish spec
           - document the exposed function api?
-          - document what we mean by socks.
+          o document what we mean by socks.
 
 NICK    . packages
           . rpm
@@ -174,8 +144,9 @@ NICK    . packages
           o extend socks4 to do resolves?
           o make script to ask tor for resolves
           - tsocks
-            - gather patches, submit to maintainer
+            o gather patches, submit to maintainer
-            - intercept gethostbyname and others, do resolve via tor
+            - intercept gethostbyname and others
+            o do resolve via tor
           - redesign and thorough code revamp, with particular eye toward:
             - support half-open tcp connections
             - conn key rotation
@@ -187,8 +158,6 @@ Other details and small and hard things:
         - tor should be able to have a pool of outgoing IP addresses
           that it is able to rotate through. (maybe)
         - tie into squid
-        - buffer size pool, to let a few buffers grow huge or many buffers
-          grow a bit
         - hidserv offerers shouldn't need to define a SocksPort
         - when the client fails to pick an intro point for a hidserv,
           it should refetch the hidserv desc.
@@ -196,8 +165,6 @@ Other details and small and hard things:
           e.g. clock skew.
         - should retry exitpolicy end streams even if the end cell didn't
           resolve the address for you
-        - Add '[...truncated]' or similar to truncated log entries (like the directory
-          in connection_dir_process_inbuf()).
         . Make logs handle it better when writing to them fails.
         o Dirserver shouldn't put you in running-routers list if you haven't
           uploaded a descriptor recently
@@ -207,7 +174,6 @@ Other details and small and hard things:
         . Scrubbing proxies
                 - Find an smtp proxy?
                 . Get socks4a support into Mozilla
-        - Extend by hostname, not by IP.
         - Need a relay teardown cell, separate from one-way ends.
         - Make it harder to circumvent bandwidth caps: look at number of bytes
           sent across sockets, not number sent inside TLS stream.