diff --git a/TODO b/TODO
index 439c36b0..928485c0 100644
--- a/TODO
+++ b/TODO
@@ -1,98 +1,98 @@
 distro/packaging:
  - (issue) check why systemd doesn't let me set scheduler priority
            fixed for systemd unit file, LSB init + systemd still fails
            https://bugzilla.redhat.com/show_bug.cgi?id=893015
 
 link/host level:
  - (issue) transports: review all error handling code failures,
            specially on clear_config, to not leak and better clean
            in case of errors
  - (issue) improve test suite to cover for all transports (needs transport list API)
- - (issue) UDP/SCTP support for dynamic links (aka no dst_address)
-           this one needs plumbing inside RX thread
+ - (issue) SCTP support for dynamic links (aka no dst_address)
+           this one needs plumbing inside RX thread and transport.
  - (issue) change knet_bench to allow protocol specification per link
  - (issue) review memory locking across
  - (issue) simplify handling of DATA and HOSTINFO code paths in send/recv code
  - (issue) need bind to interface for dynamic ip local interfaces vs src ip
            address or find a way to autodetect the new ip on that interface
            (listen to kernel netlink?)
  - (issue) must implement link auth via user/passwd. This is necessary
            in case key is leaked.
  - (issue) standardize exit labels (ex out_unlock / exit_unlock) and variable/function
            names.
  - (issue) review how TX onwire pckt info are filled in between inbuf/socket/frags
  - (rfe)   add fd_tracker error exit check and perhaps use it for local sockets too
            to make it easier to identify leaks and fd abuse
  - (rfe)   link status callback notification
  - (rfe)   compress: should only compress user data, we will add a bit in the data
                      header to indicate if the pckt is compressed or not (save time).
                      this approach allow runtime change of compress.
                      open questions are: methods? level? zlib? lzo? bz? lzma? xz?
                                         how much do we save by compressin our header?
            compress must happen before encrypt
            we can express compress data in packet type without adding extra
            flags to the headers. DATA -> BZ/GZDATA and we can change that
            right before encrypting. Using a similar approach to PING_MASK
  - (rfe)   crypto: expand API to support dual key for rekey process
  - (rfe)   link id made optional? right now we need the link id to match
            on both sides of the connection. this is somewhat annoying
            from a user perspective. Evaluate if we can make it optional.
  - (rfe)   make hostid autogenerated in a consistent way?
  - (rfe)   Check IPV6_NEXTHOP for v6 sockets and find equivalent for v4 (Jesper?)
            this would allow using one IP address as destination via multiple links
  - (rfe)   add statistics at different levels (pckt per host/link, bytes, crypto
            overhead, frame overhead, pure data...)
  - (rfe)   link connection access-list
            (chrissie has working generic code for this one, needs merging and API)
  - (rfe)   improve host-to-host communication. Right now I am not satisfied with
            the current implementation, even if it works.
  - (rfe)   implement link switching via scoring system based on:
            1) latency
            2) priority (auto/manual)
            3) usage (over XX% traffic start RR)
            4) flapping of the links (time/sec)
            this requires complex rules setting and a super efficent way to look
            up destination links
 	   5) if links are stable, reduce the number of links in a-a
               min 2
  - (rfe)   benchmark tests for all critical paths in switching threads
  - (rfe)   network convergence protocol (host exchange)
  - (rfe)   reswitching of packets
  - (rfe)   look into UDP+ECN bit set to avoid overloading sockets?
  - (rfe)   add openssl support?
  - (rfe)   consider adding threadpools to process data packets in parallel
 
 libknet:
  - (issue) review logging policy/levels in public api call
            example is scanning for active links in a host that would return
            a half gazzillion useless log entries
  - (issue) add .3 man pages
 
 libtap:
  - (issue) add .3 man pages
  - (issue) improve tests to cover thread safety and better error codes
            specially from the up/down handling.
  - (rfe)   consider adding dhcp support for tap device
            it can be done now via up.d/ scripts, but it's not intuitive
 
 kronostnetd:
  - (issue) beside the code that is as bad as it can possibly be and
            will make you wish to have a tea spoon handy to carve your
            eyeballs out, the vty needs a good clean/rewrite
  - (issue) fix config file format. current one will make you scream
  - (issue) missing output from several command execution failures in vty mode
  - (issue) fix check_param for ip/prefix/crypto
            (this is part of the rewrite as it needs more clever arg parsing
             code/method)
  - (rfe)   add logging config (per subsystem/global)
  - (rfe)   split vty_cmd_files to be smaller. it's just too big to handle
            nicely.
  - (rfe)   add equivalent of "description: ...." to various levels
  - (rfe)   add optional options. right now it's necessary to specify everything
            all the time.
  - (rfe)   implement tab completion on options
 
 general:
  - (issue) missing unit tests on many many bits
  - (issue) missing docs of all kind, devel, users, admin guide.
  - (rfe)   check code with coverity