
This is a list of those parts of the reference implemenation that are
still TBD.  No priority or order is implied.  NIST may continue
working on these items.  If anyone wishes to help with this, please
send e-mail to ipsec-dev@antd.nist.gov.

- More robust policy 
- Link-order policy support for inbound "linked" SAs.
- ESP pad check
- User/Session Keying
- Align identifiers with DOI specification
- Better/more fair way to handle the TCP MSS - this will
  probably involve significant modifications to the
  routing table.
- Figure out why NETLINK_DEV still must be configured (even if not
  used) for NETLINK sockets to work.
- Figure out how to get plutoplus to work with NETLINK sockets instead
  of the old style NETLINK Device.
- SADB locking.
