Fixed justSeenNode in KTable to update the bucket properly.

[quix0rs-apt-p2p.git] / TODO

diff --git a/TODO b/TODO
index 192670b54e3de79b2d0775c61e470c13ea13da79..2475df8644fe1cd71481d45354eba98b7e9da367 100644 (file)
--- a/TODO
+++ b/TODO
@@ -1,15 +1,3 @@
-Evaluate and fix some errors in the ktable khashmir module.
-
-The KTable implementation has some possible errors in it. insertNode
-does not remove the original and use the new node when updating a node
-already in the table, as claimed by the comments. justSeenNode doesn't
-verify that the found node is the node that was being looked for, nor
-does it move the node to the end of the list of nodes (since they are
-supposed to be sorted by their lastSeen time) or update the bucket's
-last touched time.nodeFailed also doesn't verify the found node is the
-right node.
-
-

 Consider what happens when we are the closest node.
 
 In some of the actions it is unclear what happens when we are one of the
 Consider what happens when we are the closest node.
 
 In some of the actions it is unclear what happens when we are one of the


@@ -61,6 +49,16 @@ first piece, in which case it is downloaded from a 3rd peer, with
 consensus revealing the misbehaving peer.
 
 
 consensus revealing the misbehaving peer.
 
 

+Consider tracking security issues with packages.
+
+Since sharing information with others about what packages you have
+downloaded (and probably installed) is a possible security
+vulnerability, it would be advantageous to not share that information
+for packages that have known security vulnerabilities. This would
+require some way of obtaining a list of which packages (and versions)
+are vulnerable, which is not currently available.
+
+

 Consider adding peer characteristics to the DHT.
 
 Bad peers could be indicated in the DHT by adding a new value that is
 Consider adding peer characteristics to the DHT.
 
 Bad peers could be indicated in the DHT by adding a new value that is