diff --git a/lab-outline-and-ideas.txt b/lab-outline-and-ideas.txt
index 47d7000..365a32e 100644
--- a/lab-outline-and-ideas.txt
+++ b/lab-outline-and-ideas.txt
@@ -70,7 +70,7 @@
 	so you can copy stuff manually from there if need be.
 	
 	(I assume that students will automatically get a ~/.aliases.d..??)
-
+tc
 
 Note that nss trust store is used by the standard system browsers (but not Java).
 
@@ -96,8 +96,47 @@
 		
 Note that NSS (https://en.wikipedia.org/wiki/Network_Security_Services) != NSS as in nsswitch.conf
 
+
+
+
+
+
+[Y] 
+
+
+https://whynohttps.com
+
+and further interesting data and analysis here
+https://scotthelme.co.uk/tag/crawl/
+
+
+
+
+[ ] 
+TODO: use tcpflow to examine insecure content. Will need instructions on setting up a Tomcat server instance. Might also want to provide a simple form submission application. At least some static HTML pages...
+
+TODO: separate tiddler on security certificates, CAs, signing, chains, HTTPS.
+
+
+	[ ]  Install net-tools package to provide `route` and `netstat` commands
+		although we can use `ss -plunt` for socket status
+
+
+
+
+
+
+
+
+
+
 Lab 2 (Semester Week 3): 
 
+	- Tomcat (simple deployment of a static Web page, perhaps provide a trivial form + response)
+	
+	- tcpflow (check insecurity of visit to the local Tomcat)
+	
+	- mkcert (enable HTTPS on local Tomcat, verify secure)
 
 
 
@@ -112,3 +151,6 @@
 
 	 - Credential-stuffing
 		https://www.cloudflare.com/en-gb/learning/bots/what-is-credential-stuffing/
+
+	- Filter-based countermeasures: delays, checks on user agent, check for session cookies (should be present on all but the first transaction)
+