updated

TODO

@@ -1,8 +1,25 @@
-* Add a simple username/password back-end
-* Certificate authentication to the main process (can it be done without
-  moving all the TLS handshake over the main thread?)
+* Add a simple username/password back-end in addition to PAM
+
+* Fix SIGHUP handling on the main server.
+
 * Keep the TLS key and certificates into the privileged process and use IPC
   for operations (this will make the privileged process a bottleneck).
-* Add path MTU discovery
-* Allow the usage of PSK ciphersuites instead of the non-standard cisco 
-  resumption mode for DTLS. 
+
+* Add path MTU discovery.
+
+* Think how the DTLS part can use better negotiation of algorithms and DTLS
+  versions than the current openssl string approach (using PSK ciphersuites
+  seem to be like a solution, but then we could not use the session ID to
+  forward the UDP connection to the proper worker).
+
+* Certificate authentication to the main process. Possibly that is just
+  wishful thinking. To verify the TLS client certificate verify signature one
+  needs instead of the signature, the contents of all the handshake messages, 
+  and knowledge of the negotiated TLS version, in addition to being able to
+  select the server hello random. That could be done sanely only if gnutls 
+  provided facilities to set the server hello random, and override the client
+  signature verification. Even in that case the handshake data need to be
+  transferred to the main thread.
+
+* Try adding salsa20-12 and UMAC as encryption algorithms for DTLS to reduce 
+  CPU load.