update TODO

TODO

@@ -130,6 +130,36 @@ Deprecations and removals:
 
 Features:
 
+* sd-json: before release figure out what to do about
+  SD_JSON_DEBUG+SD_JSON_WARNING. They are probably useless and should be hidden
+  in the public API since we don't expose log_json()
+
+* rough proposed implementation design for remote attestation infra: add a tool
+  that generates a quote of local PCRs and NvPCRs, along with synchronous log
+  snapshot. use "audit session" logic for that, so that we get read-outs and
+  signature in one step. Then turn this into a JSON object. Use the "TCG TSS 2.0
+  JSON Data Types and Policy Language" format to encode the signature. And CEL
+  for the measurement log.
+
+* creds: add a new cred format that reused the JSON structures we use in the
+  LUKS header, so that we get the various newer policies for free.
+
+* drop PCR 7 from default PCR mask in credentials and LUKS2 enrollments
+
+* systemd-analyze: port "pcrs" verb to talk directly to TPM device, instead of
+  using sysfs interface (well, or maybe not, as that would require privileges?)
+
+* pcrextend/tpm2-util: add a concept of "rotation" to event log. i.e. allow
+  trailing parts of the logs if time or disk space limit is hit. Protect the
+  boot-time measurements however (i.e. up to some point where things are
+  settled), since we need those for pcrlock measurements and similar. When
+  deleting entries for rotation, place an event that declares how many items
+  have been dropped, and what the hash before and after that.
+
+* measure information about all DDIs as we activate them to an NvPCR. We
+  probably should measure the dm-verity root hash from the kernel side, but
+  DDI meta info from userspace.
+
 * consider reworking json_build() to imply a top-level JSON_BUILD_OBJECT(),
   since that's what we want in 99% of cases. Then provide json_build_any() or
   so that can build other variant types top-level too.