--GetTicket
-* sm, am only
-* sm calls getticket on am and merges resulting tickets into 1 ticket
+Registry
+- Verify that sub authority certificates still work
-- sfa-clean-peer-records
-* modify resolve to support a list of hrns
-* resolve a list of peer hrns instead of each hrn individally
+SM
+- Slice Manager methods should return real result instead of just 1 (Renew
+ Sliver, etc)
-- sfi remove, if removing a site, remove any record that site is an an authority for
+- connect SM to ProtoGeni Aggregates
-- routing sm calls
-* sfi -a option should send request to sm with an extra argument to
- specify which am to contact instead of connecting directly to the am
- (am may not trust client directly)
+Stop invalid users
+ * a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list
-- make registry more generic
-* support interface managers
-* support generic registry records (dont depend on postgres! object db?)
+Component manager
+ * install trusted certs when interface starts (component_manager_pl.init_server())
+ * Redeem ticket - RedeemTicket/AdminTicket not working. Why?
+ ** This may be replaced by sfa + credentials
-- checking support for conventional ssl (creating a shared keypair for the request)
+GUI/Auth Service
+ * develop a simple service where users auth using username/passord and
+ receive their cred
+ * service manages users key/cert,creds
+ * gui requires user's cred (depends on Auth Service above)
+
-- Initscripts on sfa / geniwrapper
-- Geni identification on nodes
-* nodes pk stored in /etc/sfa/nodekey
-* slice's gid and nodes gid stored in all slices (/etc/sfa/slicegid, /etc/sfa/nodegid)
-- Fully integrate SOAP (need to throw either soap or xmlrpc exceptions depending on the client)
-
-- unit tests