- * The kadmind patch needs to abort kadmind startup if the plugin could
- not be loaded, or at least needs to reject every password.
+ * Feed back modifications to CrackLib to allow a program to use a custom
+ set of rules, which would allow us to stop embedding our own copy of
+ CrackLib customized to add additional rules.
+
+ * Do something useful with errors when parsing numeric arguments from
+ krb5.conf configuration or failing to allocate memory when getting
+ string arguments.
+
+ * Use the realm of the principal changing its password to determine the
+ krb5.conf configuration rather than always using the default realm.
+
+ * Refactor the tests for configuration errors in the heimdal-strength
+ test suite into JSON.