There are many ways in which the current TLS Pool can be improved: - Graylist callbacks, preferrably by the application, with generic fallback - Support for UDP and SCTP and not just TCP - Application-specific support, with things like mod_tlspool and HTTP proxy + Support for all of X.509, OpenPGP and SRP schemes (undecided on PSK) + Extension of GnuTLS' PKCS #11 support to OpenPGP, PSK and SRP - TOFU callbacks and storage of (signed?) acceptance - Incorporate session resumption (on both ends) (store creds in memcache?) + Key derivation API with the PRF functionality of TLS 1.2 (RFC 5705) + RFC 5705: repeated seeding labels? overlap proto-fixed ones? session revival? + Error translation from GnuTLS and BerkeleyDB to errno (with detail report) + Transactions for an entire thread X Thread cleanup with pthread_setcanceltype(), pthread_cleanup_push() + Free memory as assumed by GnuTLS and BerkeleyDB API's + Setup server credentials for searching databases as is done in the client - Regularly refresh DH parameters ; find out how to apply refcnt and/or locks - Introduce (at least a basic form of) certificate validation + Support X.509 certificate chains + Derive GnuTLS priority string automatically from credentials for localid + Migrate from fprintf (stderr, ...) to syslog() - Migrate from file-based SRP to SRP #11 when GnuTLS offers it - Add support for TLS-KDH when GnuTLS offers it + Move database environment and names into configuration parameters + Move DH params file to a configuration parameter + Explain how to generate X.509 and GnuPG certificates with PKCS #11 + Recognise callbacks with a "same" file handle as session access requests + Move PID file handling to daemon.c; make -k switch after new initialisation + Add autotools support with bootstrap.sh and subsequent ./configure + Port to the FreeBSD platform + Port to the Windows platform - Port to the Mac OS X platform + Consider a thread pool for session passthrough (the current copycat function) + Support asynchronous access to the TLS Pool in starttls_xxx() functions