diff --git a/TODO b/TODO
index 23092799e2..1d155910d0 100644
--- a/TODO
+++ b/TODO
@@ -117,6 +117,12 @@ Features:
   the seed from there already, if EFI_RNG_PROTOCOL is not implemented by
   firmware.
 
+* sd-boot: include domain specific hash string in hash function for random seed
+  plus sizes of everything. also include DMI/SMBIOS blob
+
+* accept a random seed via DMI/SMBIOS vendor string that is credited to the
+  kernel RNG, as cheap alternative to virtio-rng
+
 * sd-stub: invoke random seed logic the same way as in sd-boot, except if
   random seed EFI variable is already set. That way, the variable set will be
   set in all cases: if you just use sd-stub, or just sd-boot, or both.