Library
~~~~~~~
) Better/FASTER random numbers (init time is pretty miserable)
) Test suite
) configure stuff: static libs, etc.
) Use libltdl---probably much better portability
) better support for including missing routines
) atomic updates of passwords (we can crash and leave the user with 
  different passwords for different mechanisms)
) should be able use TLS's RC4 implementation
) should be able to call _sasl_log without a conn

Documentation
~~~~~~~~~~~~~
) so much to do here
) how to write an application using sasl (programmer's guide)
) man pages (saslpasswd, individual functions, etc.)
) how to configure sasl (sysadmin guide)

Mechs to write
~~~~~~~~~~~~~~
) PASSDSS-3DES-1 (draft-newman-sasl-passdss-01.txt)
) OTP
) LOGIN, if it's documented?!?

Digest-MD5
~~~~~~~~~~
) Layers
) Checking wacko cases or even not so wacko cases
) Testing
) correct deletion of user account
) support use of other RC4 libraries
) allow sending multiple realms or no realm from server to client

Kerberos_V4
~~~~~~~~~~~
) client-side should set realm

GSSAPI
~~~~~~
) Allow specification of alternate keytab file?
) check cross-realm functioning

Plain
~~~~~
) any way to handle realms?
) correct deletion of user account
) evaluate pwcheck patch

Cram-MD5
~~~~~~~~
) needs snprintf support
) any way to handle realms?
) correct deletion of user account
) zero out stuff in setpass()
) client should set user correctly

Database stuff
~~~~~~~~~~~~~~
) Berkeley DB?
) Flat text file?
) realms?
) transactions?

ABI
~~~
) Consider IRIX ABI issues for plugins
	- /usr/lib32/sasl?
	- /usr/lib/sasl/{ABI}?
) Standardize the plugin ABI
