update TODO

TODO

@@ -119,14 +119,18 @@ Features:
 
 * seccomp: maybe merge all filters we install into one with that libseccomp API that allows merging.
 
-* per-service credential system. Specifically: add LoadCredential= (for loading
+* credentials system:
-  cred from file), AcquireCredential= (for asking user for cred, via
+  - maybe add AcquireCredential= for querying a cred via ask-password
-  ask-password), PassCredential= (for passing on credential systemd itself
+  - maybe try to acquire creds via keyring?
-  got). Then, place credentials in a per-service, immutable ramfs instance (so
+  - maybe try to pass creds via keyring?
-  that it cannot be swapped out), destroy after use. Also pass via keyring
+  - maybe optionally pass creds via memfd
-  (with graceful fallback to cover for containers). Define CredentialPath= for
+  - maybe add support for decrypting creds via TPM
-  defining subdir of /run/credentials/ where to place it. Set $CREDENTIAL_PATH
+  - maybe add support for decrypting/importing creds via pkcs11
-  env var for services to the result. Also pass via fd passing (optionally).
+  - make systemd-cryptsetup acquire pw via creds logic
+  - make PAMName= acquire pw via creds logic
+  - make macsec/wireguard code in networkd read key via creds logic
+  - make gatwayd/remote read key via creds logic
+  - add sd_notify() command for flushing out creds not needed anymore
 
 * homed: add native recovery key support. use 48 lowercase modhex characters
   (192bit), show qr code of it, include pattern expression in user record.