TODO

Performance

• 0-RTT CONNECT tunnel (Done)
• Throughput vs CPU benchmarks (Done: https://github.com/klzgrad/naiveproxy/issues/122#issuecomment-687730792)
• AutoFDO build (Done)
• CPU/memory Profiling (There is a stock afdo.prof)

Usability

• Upstream HAProxy bug fixes (Done)
• Network change notifier (properly report errors and disconnect when the underlying network doesn't work. How does it perform when Naive client restarts or Naive server restarts?)
• Documentation (Done)
• Minimize checkout/build time (Done)

Security

• HTTP/2 padding (Done)
• TLS signature verification (Check ClientHello with Wireshark. Chromium-shell browsers?) (Done)
• Traffic pattern verification (Log packet lengths with Wireshark. Chromium sends stuff to fixed addresses at *.google.com before doing anything - generates predictable patterns.) (Packet lengths are more or less audited.)
• Network stack parameters verification (Does Naive use the same parameters as Chromium? What parameters are there?) (TLS fingerprints are more or less audited.)
• Connection rotation? (How long is a typical h2 connection? Ensure Naive connections are not significantly longer.) (It does close connections appropriately.)
• PKI management
• OpenSSL vs BoringSSL ciphers

Additional Features

• Naive server (to replace Squid) (Done)
• QUIC mode (proxy client code, reverse proxy server code) (Done, no implementing a server in Chromium)
• Cross-platform builds (Done)
• Naive client: route with gfwlist (This always necessitates a UI, which is better located in the browser.)
• Naive client: status server (like chrome://net-internals/#sockets, for debugging)
• HPACK compression for TLS headers (infeasible)