diff options
| author | Simon Josefsson <simon@josefsson.org> | 2007-02-01 11:21:39 +0000 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2007-02-01 11:21:39 +0000 |
| commit | a97f66d618bf35753797e7c2a57f5d2e1084e0bb (patch) | |
| tree | 5cbcb3e27ad4d000e9132b6f2958712aad19e5be | |
| parent | f35c8471d7232346d2cad8a6b154514d5b6229ee (diff) | |
| download | gnutls-a97f66d618bf35753797e7c2a57f5d2e1084e0bb.tar.gz | |
Reorder.
| -rw-r--r-- | NEWS | 28 |
1 files changed, 14 insertions, 14 deletions
@@ -5,6 +5,20 @@ See the end for copying conditions. * Version 1.7.3 (unreleased) +** New option to certtool: --generate-proxy. +This will generate a Proxy Certificate from an end entity certificate. +You will need to specify the proxy certificate's private key with +--load-privkey, the user certificate with --load-certificate and the +private key used to sign the new proxy certificate with +--load-ca-privkey. Certtool will query for proxy path length and the +policy language OID. Currently only OIDs that have an empty policy +are supported (which includes the two OIDs defined by RFC 3820). + +** Certtool --certificate-info now prints information for Proxy Certificates. +Before the proxy extension was just printed as DER encoded data. + +** New APIs to set proxy subject names and get/set proxy cert extension. + ** Fix parsing of pathLenConstraints in BasicConstraints with missing cA. ** Added self-test to test for regressions of pathLenConstraint bug. @@ -22,20 +36,6 @@ Reported and tiny patch provided by Matthias Scheler <tron@NetBSD.org>. ** Fix import of ASCII armored OpenPGP keys. Patch by ludovic.courtes@laas.fr (Ludovic Courtès). -** Certtool --certificate-info now prints information for Proxy Certificates. -Before the proxy extension was just printed as DER encoded data. - -** New option to certtool: --generate-proxy. -This will generate a Proxy Certificate from an end entity certificate. -You will need to specify the proxy certificate's private key with ---load-privkey, the user certificate with --load-certificate and the -private key used to sign the new proxy certificate with ---load-ca-privkey. Certtool will query for proxy path length and the -policy language OID. Currently only OIDs that have an empty policy -are supported (which includes the two OIDs defined by RFC 3820). - -** New APIs to set proxy subject names and get/set proxy cert extension. - ** API and ABI modifications: gnutls_x509_crt_set_proxy_dn: ADD. gnutls_x509_crt_set_proxy: ADD. |