$Id: TODO,v 1.10 2000/07/15 12:38:05 sakane Exp $

Sorry that `racoon' is not stable yet.  But she can exchange the key
in limited environment.  Try to run with racoon.conf in the case
which IPsec-SA required.  Please tell me, sakane@ydc.co.jp, bug report
except following items.  I do modify continuously until she will be stable.

TODO list

UGENT
o The documents for users convenience.
o split log file based on client.  printf-like config directive, i.e.
  "logfile racoon.%s.log", should be useful here.
o DSA signature authentication method.

MUST
o Certificate type handling.  e.g. CRL, CR, PGP...
o To be checked signer of certificate.
o To consider the use with certificate infrastructure.  PXIX ???
o Support scoped (link-local and site-local) IPv6 addresses.
  It needs pfkey modification for scope IDs, and advanced API (RFC2292)
  related mods in racoon itself.
o kmstat should be improved.
o aggressive mode DH group checks/handling on responder side.
o Informational Exchange processing properly.
o support RESPONDER-LIFETIME and rekeying

SHOULD
o To be supported bytes lifetimes for ISAKMP-SA.
o fix flag for logging
o more acceptable check.
o New group mode should be considered.
o Dynamically retry to exchange and resend the packet per nodes.
o Remote maintenance with secure connection.
o To make the list of supported algorithm by sadb_supported payload
  in the SADB_REGISTER message which happens asynchronously.
o fix the structure of ph2handle.
  We can handle the below case.

  node A                            node B
    +--------------SA1----------------+
    +--------------SA2----------------+

  at node A:
  kernel
    acquire(A-B) ------> ph2handle(A=B) -----> ph1handle
                              |
                            policy
                             A=B
                             A=B

  But we can not handle the below case because there is no x?handle.

  node A                            node B                           node C
    +--------------SA1----------------+
    +------------------------------------------------SA2---------------+

  at node A:
  kernel
    acquire(A-C) ---+---> x?handle ---+---> ph2handle(A=B) -------> ph1handle
                    |        |        |
    acquire(A-B) ---+      policy     +---> ph2handle(A=C) -------> ph1handle
                            A=B
                            A=C

o mandatory configuration check.
o consistency of function name.
o deep copy configuration entry to hander.  It's easy to reload configuration.
o don't keep to hold keymat values, do it ?
o local address's field in isakmpsa handler must be kicked out to rmconf.

MAY
o Effective code.
o more fix strnames.c.

TO BE TESTED.
o IKE retransmit behavior
	see, draft-*-ipsec-rekeying*.txt
o Reboot recovery (peer reboot losing it's security associations)
	see, draft-*-ipsec-rekeying*.txt
o Scenarios
	- End-to-End transport long lived security associations
	  (over night, data transfer >1Gb) with frequent dynamic rekey
	- End-to-GW tunnel long lived security associations
	  (over night, data transfer >1Gb) with frequent dynamic rekey
	- Policy change events while under SA load
	- End-to-End SA through IPSec tunnels, initiation both ways
	- Client End-to-End through client-to-GW tunnel SA, initiate from
	  client for tunnel, then initiation both ways for end-to-end
	- Client-to-GW transport SA for secure management
o behavior to receive multiple auth method proposals and AND proposal

and to be written many many :-p

----------------------------------------------------------------------
to be negotiate SA peer's addresses per policy ?.

config:
policy {
	# Specification of a remote IP address of SA.
	association remote 172.168.2.2 ;

	# local address can(may or should?) be omited.
	# NOTE: If you specify "local" address, you must take care of "listen"
	# directive.  If the IP address you specify here doesn't exist in the
	# directive, it causes your negotiation failure happened.
	association local 172.168.1.1 ;

	# "negotiation" specifies address(es) which is used to negotiated SAs.
	# They are omited usually because of the same addresses that are
	# specifyed by "association" directive.  MobileIP may use them ?
	negotiation remote 172.168.2.2 ;

	# NOTE: See above "association" directive.
	negotiation local 172.168.1.1 ;
}

o configuration should be made easier. 
  one idea is to allow user to "define" certain set of directives, like:
	TRANS_3DES = protocol esp {
			level require;
			mode transport;
			encryption_algorithm 3des;
			authentication_algorithm hmac_sha1;
		};
	TRANS_SHA1 = protocol ah {
			level require;
			mode transport;
			authentication_algorithm hmac_sha1;
		};

	policy foo baa
	{
		pfs_group modp1024;
		proposal {
			TRANS_3DES;
		}
	}
	policy foo baz
	{
		pfs_group modp1024;
		proposal {
			TRANS_3DES;
			TRANS_SHA1;
		}
	}
  may be too complex, use pre-processor like cpp?

o responder policy and initiator policy should be separated.
o for lifetime and key length, something like this should be useful.
  - propose N
  - accept between X and Y
o wildcard "accept any proposal" policy should be allowed.
