diff --git a/todo/done.txt b/todo/done.txt
index d6ed5690d..ccb0a1ca2 100644
--- a/todo/done.txt
+++ b/todo/done.txt
@@ -1,5 +1,13 @@
 DONE:
 
+o Change Ncat so that it does SSL certificate trust checking by
+  default (even without --ssl-verify) and provides a warning and the key
+  fingerprint if there is no valid trusted chain or the cert is
+  expired, etc.  The warning should happen (to STDERR) even if -v is
+  not specified.  We should add a new option to force Ncat to quit if
+  cert not valid, and --ssl-verify should become an undocumented alias
+  for that. [GH#30]
+
 o Augment the configure script to list unmet dependencies. Currently, configure
   works just fine without a C++ compiler installed, but make generates an
   error.  The configure script should be able to detect this. Also, a list of
diff --git a/todo/nmap.txt b/todo/nmap.txt
index 22310ab4d..9d16a2256 100644
--- a/todo/nmap.txt
+++ b/todo/nmap.txt
@@ -4,14 +4,6 @@ o Deal with our out-of-date CA root certificate bundle by either using
   OS-specific mechanisms and/or updating the latest from Mozilla or
   another source.  See http://seclists.org/nmap-dev/2014/q4/200
 
-o Change Ncat so that it does SSL certificate trust checking by
-  default (even without --ssl-verify) and provides a warning and the key
-  fingerprint if there is no valid trusted chain or the cert is
-  expired, etc.  The warning should happen (to STDERR) even if -v is
-  not specified.  We should add a new option to force Ncat to quit if
-  cert not valid, and --ssl-verify should become an undocumented alias
-  for that.
-
 o Figure out what nmap-update is doing for SSL certificate
   verification (it uses libsvn to our SSL svn server).