TODO In SILC Client Library
===========================
- o TODO in commands (lib/silcclient/command.c and
- silc/silclient/command_reply.c):
-
- o RESTART command is not implemented
-
o Client library crashes if for example server timeouts protocol
execution and disconnects the client. The client, on the other hand
may still assume that the connection is active, even after receiving
When implementing this check that all commands handle the
situation correctly when it is called as pending command
(it should most likely check that cmd->pending == TRUE/FALSE).
- o WHOIS and IDENTIFY command reply sending is buggy because
- it may put status to be SILC_STATUS_LIST_START even though
- there is only one valid entry (thus should be SILC_STATUS_OK).
- This happens because it does not check the data.registered == FALSE
- clients before setting the status. Good fix for this would be
- to make sure that the clients table does not include any
- unregistered clients in the first place.
o TODO in notify types (packet_receive.c):
TODO In SILC Libraries
======================
+ o The SKE Start Payload parsing routines are an overkill. Use the
+ SILC_STR_UI16_NSTRING_ALLOC in the parsing and not parsing them
+ one by one like done now.
+
o Implement PFS (Perfect Forward Secrecy) flag in SKE (and in client and
server, actually). If PFS is set, re-key must cause new key exchange.
This is required by the SILC protocol.
that needs to be commited (from Schneier's Yarrow-160 paper). They
should make the RNG even better.
- o Scheduler needs to be analyzed on high load as it might be unfair
- towards select() because it may run timeout tasks before select() and
- after select(). If it is found to be unfair the timeout task running
- before select() should probably be removed.
-
TODO in the protocol before SILC 0.x
====================================
to various security reasons (the server must not trust the
public keys blindly without third party verification; that's
why SENDKEY is not for servers).
- o Define AWAY command to set the indication flag whether the
- client is present or not. Do not save the away message to the
- server though.
- o Define the channel founder property to be permanent locally in
- the server so that channel founder can regain its rights even
- if it disconnects from the server. Thus, define a new command
- or channel user mode that can be used to set the channel founder
- passphrase or public key that can be used in the authentication
- when regaining the founder rights.
-
- o New packets and features in the packets
- (draft-riikonen-silc-pp-xx.txt):
-
- o Define the Private Message packet to include private message
- flags and define the flags. The flags could indicate whether
- the message is, for example autoreply or the receiver should not
- reply to the private messages. What other flags?
- o Define the Channel Message packet to include channel message
- flags and define the flags. Actually the flags should be same
- as for the private message flags. This way we can implement
- for example the CTCP style ACTION (/ME command) messages.
o New features in the KE/auth protocol
(draft-riikonen-silc-ke-auth-xx.txt):