diff --git a/todo.md b/todo.md
new file mode 100644
index 0000000..ae8f414
--- /dev/null
+++ b/todo.md
@@ -0,0 +1,24 @@
+# TODO
+
+There's lots of things to add.
+
+- TLS
+  - Autorenew this with an ACME server (eg, Boulder; use the Lego library)
+  - self-host the Boulder server & add the main CA pubkey to the client
+  - Work with self-signed stuff for now tho
+- Authentication
+  - Give each client an API key
+  - Limit decryption keys that client can access?
+- Admin UI on the server
+  - Manage client accounts
+  - Import public keys
+  - Add/Remove keys
+- Private Key autorotation
+- PGP Public Key Server
+  - a la keys.openpgp.org
+  - two servers?  one public (company pub keys), one internal (customer pub
+    keys)
+- Encryption groups
+  - Add a number of public keys to a group.  When the client encrypts to a
+    group, use all the keys.
+  - Auto-remove expired keys from groups