diff options
Diffstat (limited to 'TODO')
| -rw-r--r-- | TODO | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -1,4 +1,3 @@ -* Typing "top" causes only "to" to be accepted. * Improve JSON, removing use of "tag" * potential DOS where developer sends Activity Entered that all refer back to the first Activity Seen. This requires the user @@ -17,6 +16,9 @@ unlikely that a Activity Entered will legitimately refer to an old backlog item. * Encryption! +* Add random nonce to start message, to avoid replay issues. + (Or perhaps the encryption derives a RSA key in a way that avoids + replay..) * Network! * Server! * gpg key downloading, web of trust checking, prompting |