ROADMAP: updates and cleanups

Fix the HSTS PR

Remove DoT, thread-safe init and hard-coded localhost. I feel very
little interest for these with users so I downgrade them to plain "TODO"
entries again.

docs/ROADMAP.md

@@ -8,36 +8,12 @@ participation.
 HSTS
 ----
 
- Complete and merge [the existing PR](https://github.com/curl/curl/pull/2682).
+ Merge [the existing PR](https://github.com/curl/curl/pull/5896).
 
- Loading a huge preload file is probably not too interesting to most people,
- but using a custom file and reacting to HSTS response header probably are
- good features.
-
-DNS-over-TLS
-------------
-
- Similar to DNS-over-HTTPS. Could share quite a lot of generic code.
-
-ESNI (Encrypted SNI)
---------------------
+ECH (Encrypted Client Hello - formerly known as ESNI)
+-----------------------------------------------------
 
  See Daniel's post on [Support of Encrypted
  SNI](https://curl.haxx.se/mail/lib-2019-03/0000.html) on the mailing list.
 
  Initial work exists in https://github.com/curl/curl/pull/4011
-
-thread-safe `curl_global_init()`
---------------------------------
-
- Fix the libcurl specific parts of the function to be thread-safe. Make sure
- it can be thread-safe if built with thread-safe 3rd party libraries.
- (probably can't include `curl_global_init_mem()` for obvious reasons)
-
-Hardcode “localhost”
---------------------
-
- No need to resolve it. Avoid a risk where this is resolved over the network
- and actually responds with something else than a local address. Some
- operating systems already do this. Also:
- https://tools.ietf.org/html/draft-ietf-dnsop-let-localhost-be-localhost-02