$Id: TODO,v 1.1.2.5.2.14 1998/09/14 22:25:43 sakane Exp $

Sorry that `racoon' is not stable yet. But she can exchange the key
in limited environment.  Try to run with racoon.conf in the case
which IPsec-SA required.  Please tell me, sakane@ydc.co.jp, bug report
except following items.  I do modify continuously until she will be stable.

TODO list

UGENT
o To be handled port of SA.
o Valid ID payload.
o Must completely support other algorithm for IPsec-SA.
  Currently only DES and none-authentication.
o To be handled HARD lifetime. But How should I do when key had been exchanged
  by expiration of SOFT lifetime. Now, SADB_EXPIRE HARD is ingnored.

MUST
o authentication methods besides pre-shared-key. e.g. RSA, PGP.
o New group mode must be supported.
o Notation payload of Informational Exchange.
o Delete payload of Informational Exchange.
o Proxy mode, i.e. IPsec tunnel mode for Security Gateway, must be supported.
  ID payload...
o In both phase, check SAs proposed and select a SA to use.
  In Currnet version, first SA in proposal is applied.
o IPv6...
o aggressive mode.
o Certificate authentication and certificate request payloads
o Selectors (filters) to the IPaddress, IP Subnet, and port
o AND proposal
o SA delete payload
o 512bit DH or explicit p & g
o IKE commit bit
o ID payload should be checked in phase 2.
o To be review parser routine. It's strange slightly.
o To be supported bytes lifetimes.

SHOULD
o to consider the use with certificate infrastructure.
o More cool parser.
o random message-ID.
o retry x resend <= expire time ?
o kmstat should run.
o weak keys check

TO BE TESTED.
o How is SKEYID_d treated ? Do re-make in phase 2 when KE exchanged ?
o Is the length of lifetime 4 byte align ?
o IKE retransmit behavior
o Reboot recovery (peer reboot losing it's security associations)
o Scenarios
	- End-to-End transport long lived security associations
	  (over night, data transfer >1Gb) with frequent dynamic rekey
	- End-to-GW tunnel long lived security associations
	  (over night, data transfer >1Gb) with frequent dynamic rekey
	- Policy change events while under SA load
	- End-to-End SA through IPSec tunnels, initiation both ways
	- Client End-to-End through client-to-GW tunnel SA, initiate from
	  client for tunnel, then initiation both ways for end-to-end
	- Client-to-GW transport SA for secure management
o behavior to receive multiple auth method proposals and AND proposal

HOW DO I DO ?
o Where is Soft lifetime from ? Now Both SOFT and HARD are same.
o AH tunnel mode.
o SADB_ACQUIRE processing in kernel. Now, to re-send is left to the upper-layer.
o replay prevention
	limited number of session
	limited session per peer
	number of proposal
	....
o how to support multi interfaces ?
	connect to dummy, like ping6.
	bind multi address, like named.
  now is former.

and to be written many many :-p

