Commit a9c801e0 authored by Vincent Pelletier's avatar Vincent Pelletier

CHANGES.txt: Catch up.

parent d2f4fc9b
...@@ -4,6 +4,7 @@ ...@@ -4,6 +4,7 @@
* Accept user certificates signed by non-current CA. * Accept user certificates signed by non-current CA.
* Name CA certificates after their AuthorityKeyIdentifier keyid extension instead of their serial. * Name CA certificates after their AuthorityKeyIdentifier keyid extension instead of their serial.
* Produce one CRL per CA certificate, as some ssl-using services fail when there is no CRL signed by the same CA as the certificate being validated. * Produce one CRL per CA certificate, as some ssl-using services fail when there is no CRL signed by the same CA as the certificate being validated.
* Fix trust anchor distribution during CA renewal period: the correct trust anchor is the oldest still-valid CA.
0.9.8 (2020-06-29) 0.9.8 (2020-06-29)
================== ==================
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment