* update the README
* special thanks to Jack Lloyd
* mac universal binary support?
* be sure to turn ALL .pro files (examples, everything) on release mode

* API documentation
  document all the stuff in qca_securemessage.h
  think about documenting the various providers (qcaprovider.h)
  Change Doxyfile config to capture whole API, and to generate Latex manual.

* beta3
  api:
    passive keystoreentry (and related issues)
    make pkeycontext conversion functions non-pure
    make sure there aren't any cases where a Foo::supportsBar()-style function
      reports true, but then when the object is created, it doesn't actually
      support the feature (because the wrong provider was used).
    map doesn't maintain DN order.  use a different container
    cert/key mismatch error for cms (do we want this for TLS also?)
    cert extensions
    remove the quality enum for randomness? (see botan)
    versionize the provider contexts
    move qcatool's prompt code into qca
  code:
    don't create qobjects during init (that means you, keystoremanager)
    functions that don't trip a scan should do so on the first try
    sasl: get it working, lib and cyrus provider
    persistent properties
    dirwatch: thread safety
    dirwatch: test on all platforms
    qca-openssl: ca signing
    synchronizer should lazy-start the thread
    proper parenting of all objects
    qca-gnupg: ignore newlines from passphrase, to avoid advancing command-fd
    race condition(?): keystore id is bad by the time a KeyStore object is
      made. solution: if the id is invalid, queue up an unavailable() signal?
  other:
    Update to latest Botan, and remake the botantools patch as appropriate
    ability to compile plugins in statically (check 'plugins' subdir)

* Considerations
  api:
    Q_DISABLE_COPY on some objects
    give all classes non-default ctors/dtors/copy/op=, and dpointers?
    add more "getters" to the library?
    don't forget to QCA_EXPORT everything
    it's possible we use QSecureArray in some unnecessary places
  other:
    add asserts
    standardize on count() vs size() when iterating?
    printf + latin1()/toLatin1() -> qPrintable() ? (in code/examples/docs/etc)
  alon:
    log facility, with log level and a print destination (maybe file property?)
      figure out overlap with "diagnosticText"
    convertToPublic should return a publickey rather than clone?
    property change notifications
    keybundle should be able to not have intermediates
    ability to complete cert chain from a pool of nonroots
    global provider config files
    forkfixup

* finish code for APIs:
  core: properties
  cert: rfc 2818 hostname validation
  publickey/cert cleanup
  securemessage
  tls
  sasl
  keystore: cleanup
  don't allow smart card providers to be used by default
  qca-openssl: we have email altname but not email DN?

* examples
  create example for BigInteger
  create example for OpenPGP
  create example for CMS
  fix SASL examples (client and server)

* Additional unit tests (using QTestLib):
  - OpenPGP
  - CMS
  - TLS ?
  - SASL ?
  - QPipe
  - FileWatch / DirWatch
  - Complete the pkits tests

* write plugin support
  qca-botan: implement
  qca-egads (or qca-egd): implement for Random support

* possibilities for the future:
  securemessage: algorithm selection for cms/pgp (and use SecurityLevel?)
  tls: SSL_get_client_CA_list
  tls: renegotiation
  Key wrapping - RFC3217 and RFC3394
  quoted-printable TextFilter
  keygen on smart cards
  keystore: symmetric keys, arbitrary app data
  cms: fine-grained control over smime attribs
  providers for:
    Mozilla NSS
    Windows CryptoAPI
    Linux kernel crypto support, if the userspace API ever gets sorted out
    Intel Performance Primatives library

