1NSCA-ng Task List
2=================
3
4The to-do items are listed in no particular order.
5
6Wish List Items for NSCA-ng
7---------------------------
8
9- Let the server support command authorization based on host and service
10  groups.  This requires the server to actually parse the submitted
11  commands, as oppposed to simply matching them against the user-supplied
12  regular expressions.
13
14- Let the server support a `clients` or `sources` directive that allows the
15  user to specify one or more subnets (globally and/or per-client).
16  Connections from source addresses outside these subnets should be
17  rejected.
18
19- Let the server support proxying of (selected or all) data (with `forward`
20  blocks in the configuration, for example).
21
22- Support requests for status and configuration data in order to provide a
23  full-blown remote API.
24
25- Let the client execute standard Nagios plugins directly (as an alternative
26  to using a script such as `contrib/invoke_check`), and maybe provide a
27  daemon mode with poor man's check scheduling (i.e., add `check_interval`
28  and `retry_interval` directives to the client configuration).
29
30- If the server is not available, let the client queue commands and results
31  using local storage and submit them as soon as the server comes up again.
32
33- Let the client talk to multiple servers.
34
35- Port the client to Microsoft Windows.
36
37- Create a client library with Perl (and maybe Python) bindings.
38
39Wish List Items for OpenSSL
40---------------------------
41
42- Add IPv6 support to OpenSSL's `BIO_s_connect(3)` API, so that the client
43  can use IPv6.  (The server supports IPv6 already.)  There's a [ticket][1]
44  with a patch in OpenSSL's tracker, and a related [discussion][2] on the
45  OpenSSL development mailing list.
46
47- Support NULL encryption TLS-PSK cipher suites as defined in [RFC 4785][3].
48  This should make it easier to use tools such as `tcpdump(8)` for debugging
49  NSCA-ng sessions.  There's an [older][4] and a [newer][5] patch in
50  OpenSSL's tracker.
51
52- Support SHA-256/384 (and GCM) TLS-PSK cipher suites as per [RFC 5487][6].
53  Someone [played around with this][7] already.
54
55[1]: http://rt.openssl.org/Ticket/Display.html?id=1365
56[2]: http://thread.gmane.org/gmane.comp.encryption.openssl.devel/11207
57[3]: http://tools.ietf.org/html/rfc4785
58[4]: http://rt.openssl.org/Ticket/Display.html?id=1886
59[5]: http://rt.openssl.org/Ticket/Display.html?id=2299
60[6]: http://tools.ietf.org/html/rfc5487
61[7]: http://permalink.gmane.org/gmane.comp.encryption.openssl.user/44388
62
63<!-- vim:set filetype=markdown textwidth=76 joinspaces: -->
64