diff --git a/doc/FUTURE b/doc/FUTURE
index b2b8aff131..7fb9d80a83 100644
--- a/doc/FUTURE
+++ b/doc/FUTURE
@@ -1,6 +1,6 @@
 -- Just Ideas (feel free to modify) --
 -- david ulevitch <davidu@everydns.net> --
--- $Id --
+-- $Id: FUTURE,v 1.3 2002-08-20 22:25:04 jfitzell Exp $ --
 
 Mantis rewrite.
 
@@ -8,13 +8,26 @@ Goals:
 -o 	No loss of current functionality
 -o 	No loss of current ease of use
 -o 	No loss of current ease of setup
+-o	Make source files clean, consistent, easy to read,
+	and not unneccesarily long
 
 Primary:
 -o 	Database abstraction via ADODB (http://php.weblogs.com/ADODB)
 -o 	Designed with security in mind
+-o	Every "user operation" API function checks permissions before
+	performing it's operation.  It would be nice if this was done
+	by calling one function that could obtain all the state information
+	(current user, current project, current bug, whatever...) so that
+	more complex and customized rules could be delevoped later.  The
+	basic idea is let something else decide whether the operation is
+	allowed, not the API function itself.
 \-o	Common functions to deal with INPUT, OUTPUT, STORAGE, etc.
 
 Secondary:
 -o	Source documentation via phpdoc (or similar)
+-o	Are there any DB schema cleanups that could be done while we're
+	making major changes anyway?  Might be a good time to justify
+	one big change if necessary (not sure if there is, just throwing
+	it out there to think about)
 
 What else?