--test

-- ACKing: http://www.jabber.org/jeps/inbox/ack.html .  does anybody do this?
   if they do, and declare the xmlns in open stream, our reusing parser might eat it.
   we should double-check how we deal with that.

-- add reason codes to type='error' on roster set, else it crashes Pandion it'd seem

-- make "sub send_presence_probes" in Connection/ClientIn a hook so the whole thing can be
   bypassed:  then LiveJournal can do this all in web land, looking up all contacts, looking
   at all presence status/locations in databases, and injecting the presence replies back
   into djabberd at once from webland.  then we bypass all the rosteritem loading and cluster-wide
   probe delivery

-- hook on successfully bound JID / unbound JID to register in database where somebody is

-- RosterLoadItem hook optional:  by default maybe just do LoadRoster and get it from there?
   inefficient, though.

-- before authenticated (and ever after authenticated) only capture data when people XML nodes
   for a fixed amount of bytes/time before disconnecting client as possibly malicious

-- (10:51:43) matt@sergeant.org: I noticed a problem with DJabberd::DNS
   (10:51:49) matt@sergeant.org: you're using a socket per DNS query
   (10:55:08) matt@sergeant.org: it means your responses end up overlapping if you do more than 65k concurrent queries, and sometimes before then.
   (10:55:48) matt@sergeant.org: there's a long protracted discussion of this in the SpamAssassin archives.
   (10:55:58) matt@sergeant.org: no it often happens way before that many queries
   (10:58:12) matt@sergeant.org: anyhow, feel free to steal qpsmtpd's Danga::DNS

-- SIG USR1 to do graceful shutdown, sending </stream:stream> to all clients.

-- speed up XMLElement as_xml ... try to reuse the original scalarref
   read from the network, if
   we can align the boundaries of XML stanzas to network reads, as we do reusing parsers from libxml

-- speed up:  when sending a ton of broadcast packets, only stringify it once (before/after to address)
   and then blast away at everybody.  works well on a single node, at least.

-- TODO: resource binding?

-- TODO: IQ commands to server to get server load info:
    o #/which connected users
    o #/which connected s2s
    o RAM
    o uptime
    o CPU user/system time

-- shouldn't allow auth with no resource

-- should send a 503 error here on bogus/unsupported IQ:

       4 < <iq id='SgSeu-6' type='get'><query xmlns='jabber:iq:anything'/></iq> INFO  DJabberd.Connection.XML.ClientIn         <iq  to='user0@jabber.bradfitz.com/Smack' type='error' id='SgSeu-6'></iq> WARN  DJabberd.IQ                              Unknown IQ packet: get-{jabber:iq:anything}query


-- presence priority

-- allow a fast path when bulk sending tons of messages (like hundreds of unavailable stanzas
   on disconnect):  allow a means to, given a set of full/bare (at least bare) JIDs, filter out
   the ones to be known not available.  (for instance, local/cluster
   ones, where we're the authority on their presence).

-- can we reuse s2s connections in both directions?  Our code doesn't, but worse,
   I don't think it'd even allow other people to try and do it to us.  What does spec say?

-- s2s and client timeouts

-- cleanup/unifiy callbacks.... error vs. fail, on_data vs set vs loaded, etc...
  give them types?

-- debian install guide.

-- debian packaging

-- $stanza->process and $stanza->deliver take a $conn, but
   now that stanzas always know their connection, that
   parameter is kinda useless.  remove them all?
     -- actually, we should also store a non-weak vhost ref
        in stanzas, then use that for delivery/etc, since
        conn as a weakref can go away if client disconnects
        and we may still want to process/deliver.

-- Jingle/Asterisk stuff:

   This Jabber client supports Jingle:
     http://www.kismith.co.uk/wordpress/index.php/2005/12/16/i-say-i-say-i-say-did-you-hear-the-one-about/
     http://psi-im.org/wiki/Jingle_branch
   So think we could do the Jingle stuff Jabber-server-side and get the Psi
   client connecting to Asterisk over SIP or something?

-- <not-authorized/> -- the sender must provide proper credentials
      before being allowed to perform the action, or has provided
      improper credentials; the associated error type SHOULD be "auth".   no error currently gets sent on non AUTH

-- need to write some tests for components

-- need a better API for components so they aren't so ugly. maybe just a nice subclass?

-- make Component subclass that implements JEP-0114

-- privsep for security and scalability

-- network read eval should do something different on xml versus perl errors
        maybe another eval around callbacks that cleans up the callback and then propagates
        separate logfile for our errors versus client errors

-- timer that runs every x seconds cleaning up an array of weakrefs to callbacks that are still active
        and then put the callback start time in the object, so we can force clean up of callbacks

-- SASL doesn't support ANONYMOUS or EXTERNAL
