-- Stop invalid users
-* a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list
+RSpecs
+- CreateSlivers should update SliverTags/attributes
+- ProtoGENI rspec integration testing
+- initscripts in the rspec
-- GetTicket
- * must verify_{site,slice,person,keys} on remote aggregate
+Registry
+- Verify that sub authority certificates still work
-- Protogeni
-* agree on standard set of functon calls
-* agree on standard set of privs
-* on permission error, return priv needed to make call
-* cache slice resource states (if aggregate goes down, how do we know what
- slices were on it and recreate them? do we make some sort of transaction log)
+Component manager
+ * install trusted certs when interface starts (component_manager_pl.init_server())
+ * Redeem ticket - RedeemTicket/AdminTicket not working. Why?
+ ** This may be replaced by sfa + credentials
-- Registry
-* sfa.plc.api.SfaAPI.fill_record_pl_info() should add the sites PIs to a slice records researchers list
-* update call should attempt to push updates to federated peers if
- the peer has a record for an object that is updated locally
-* api.update_membership() shoudl behave more like resolve when looking up records (attempt to resolve records at federated registeries) instead of only looking in the local registry
-* support generic registry records (dont depend on postgres!)
+GUI/Auth Service
+ * develop a simple service where users auth using username/passord and
+ receive their cred
+ * service manages users key/cert,creds
+ * gui requires user's cred (depends on Auth Service above)
+
-- Aggregate
-* sfa.plc.slices.verify_site() should check if site['max_slices'] needs to be updated
-* sfa.plc.slices.verify_slice() should check if slice['expires'] needs to be updated
-
-- Component manager
-* install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?)
-
-- SM call routing
-* sfi -a option should send request to sm with an extra argument to
- specify which am to contact instead of connecting directly to the am
- (am may not trust client directly)
-
-- Initscripts on sfa / geniwrapper
-* should sfa have native initscript support or should we piggyback off of myplc?
-
-- Fully integrate SOAP (need to throw either soap or xmlrpc exceptions depending on the client)
-* started but not finished
-
-- error messages
-* error messages should be easier to understand
-* (failing to connect to plcapi shoudl return a helpful message, not a generic internal server error)
-