diff --git a/TODO b/TODO
index 7ff3138..193e710 100644
--- a/TODO
+++ b/TODO
@@ -1,3 +1,5 @@
+-   Strip HPKP headers from responses to prevent pinning
+-   Rewrite header munging
 -   Control SSL_OP_SINGLE_ECDH_USE and other de-optimizations by a
     "prefer speed to security" command line option
 -   Optionally add ephemeral RSA key to SSL_CTX to allow export cipher suites