+* consider reworking json_build() to imply a top-level JSON_BUILD_OBJECT(),
+ since that's what we want in 99% of cases. Then provide json_build_any() or
+ so that can build other variant types top-level too.
+
+* rework tpm2_parse_pcr_argument_to_mask() to refuse literal hash value
+ specifications. They are currently parsed but ignored. We should refuse them
+ however, to not confuse people.
+
+* use name_to_handle_at() with AT_HANDLE_FID instead of .st_ino (inode
+ number) for identifying inodes, for example in copy.c when finding hard
+ links, or loop-util.c for tracking backing files, and other places.
+
+* cryptenroll/cryptsetup/homed: add unlock mechanism that combines tpm2 and
+ fido2, as well as tpm2 + ssh-agent, inspired by ChromeOS' logic: encrypt the
+ volume key with the TPM, with a policy that insists that a nonce is signed by
+ the fido2 device's key or ssh-agent key. Thus, add unlock/login time the TPM
+ generates a nonce, which is sent as a challenge to the fido2/ssh-agent, which
+ returns a signature which is handed to the tpm, which then reveals the volume
+ key to the PC.
+
+* cryptenroll/cryptsetup/homed: similar to this, implement TOTP backed by TPM.
+
+* expose the handoff timestamp fully via the D-Bus properties that contain
+ ExecStatus information
+
+* properly serialize the ExecStatus data from all ExecCommand objects
+ associated with services, sockets, mounts and swaps. Currently, the data is
+ flushed out on reload, which is quite a limitation.
+
+* Clean up "reboot argument" handling, i.e. set it through some IPC service
+ instead of directly via /run/, so that it can be sensible set remotely.
+
+* userdb: add concept for user "aliases", to cover for cases where you can log
+ in under the name lennart@somenetworkfsserver, and it would automatically
+ generate a local user, and from the one both names can be used to allow
+ logins into the same account.
+
+* systemd-tpm2-support: add a some logic that detects if system is in DA
+ lockout mode, and queries the user for TPM recovery PIN then.
+
+* systemd-repart should probably enable btrfs' "temp_fsid" feature for all file
+ systems it creates, as we have no interest in RAID for repart, and it should
+ make sure that we can mount them trivially everywhere.
+
+* systemd-nspawn should get the same SSH key support that vmspawn now has.
+
+* insert the new pidfs inode number as a third field into PidRef, so that
+ PidRef are reasonably serializable without having to pass around fds.
+
+* move documentation about our common env vars (SYSTEMD_LOG_LEVEL,
+ SYSTEMD_PAGER, …) into a man page of its own, and just link it from our
+ various man pages that so far embed the whole list again and again, in an
+ attempt to reduce clutter and noise a bid.
+