From: Cameron Dale <camrdale@gmail.com>
Date: Sat, 8 Mar 2008 00:38:33 +0000 (-0800)
Subject: Another TODO item.
X-Git-Url: https://git.mxchange.org/?p=quix0rs-apt-p2p.git;a=commitdiff_plain;h=5e73ae20956e409b7f70ab292af360aa41b49c93

Another TODO item.
---

diff --git a/TODO b/TODO
index 192670b..f726992 100644
--- a/TODO
+++ b/TODO
@@ -61,6 +61,16 @@ first piece, in which case it is downloaded from a 3rd peer, with
 consensus revealing the misbehaving peer.
 
 
+Consider tracking security issues with packages.
+
+Since sharing information with others about what packages you have
+downloaded (and probably installed) is a possible security
+vulnerability, it would be advantageous to not share that information
+for packages that have known security vulnerabilities. This would
+require some way of obtaining a list of which packages (and versions)
+are vulnerable, which is not currently available.
+
+
 Consider adding peer characteristics to the DHT.
 
 Bad peers could be indicated in the DHT by adding a new value that is