* Documentation

* Hybrid SSL pull (fetch refs over SSL, content via plain HTTP)

* ostree-commit: multithreaded/async (basically compute sha256 in parallel)

* GPG signatures on commits, and more generally, extensible metadata
  associatible with commits.  So for example, commit objects could
  also contain secondary checksums of the *entire* content, which
  would allow for stronger verification.

* Investigate pack files and HTTP range requests

* Efficient delta format between commit objects, somewhat like
  Chromium autoupdate: set of operations to perform given previous
  object set to create new objects.

* Tests of corrupted repositories, more error conditions

* ostree admin install: Pull in host data, such as uids and /etc/fstab

* ostree admin undeploy <osname> <tree>

* ostree admin uninstall <osname>

* Possibly move all of the "regular" commands to be "ostree repo" ?  Then
  we'd have: "ostree repo pull", "ostree repo ls", etc.