This is not an exhaustive list.

- Implement message decoding using NSS's CMS routines.  For now we'll have to
  at least keep doing the CMS message encoding ourselves because:
  - NSS can't be told to generate messages with definite-length encodings, and
    Windows appears to choke on indefinite-length-encoded messages.
  - Windows tends to use/expect DigestWithEncryption OIDs where the CMS spec
    dictates Digest OIDs, so NSS by itself can't generate a signed-data object
    which looks like what a Windows client would generate.
  Switching to NSS for decoding gives us:
  - A more feature-complete and probably more correct CMS implementation
    (well, hopefully not).
  - Less code to maintain (at some point).
- Implement reading of OpenSSL-style PEM-formatted keys and certificates.
- Implement reading of directories filled with OpenSSL-style PEM-formatted keys
  and certificates.
- Implement reading of client creds directly from a PKCS12 file.
- Implement direct loading and use of PKCS11 modules.
- Implement retrying guided by typed-data returned with CANT_VERIFY_CERTIFICATE
  and INVALID_CERTIFICIATE errors.
  - Report TD-TRUSTED-CERTIFIERS e-data for KDC_ERR_CANT_VERIFY_CERTIFICATE.
  - Report TD-INVALID-CERTIFICATES e-data for KDC_ERR_INVALID_CERTIFICATE.
  - Report TD-DH-PARAMETERS e-data for KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED.
- Implement a Windows-compatible server.
