diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-02-08 17:42:10 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-02-08 17:42:10 +0000 |
commit | 810758516a79ce42e9d8ed3ec6dcdb1696a58bb3 (patch) | |
tree | 5077c72452fd438daf3f24a13b331fbfc1c35d2b /NEWS | |
parent | aa33d738ec96f86671c2d4bb254d8e30a57213cc (diff) | |
parent | 3ccc01f8383e28ac9819fec5530926f7484400e7 (diff) | |
download | gnutls-810758516a79ce42e9d8ed3ec6dcdb1696a58bb3.tar.gz |
Merge branch 'tmp-key-usage' into 'master'
When negotiating TLS1.3 enforce certificate key usage
Closes #690
See merge request gnutls/gnutls!902
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -5,6 +5,18 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2017 Nikos Mavrogiannopoulos See the end for copying conditions. +* Version 3.6.7 (unreleased) + +** libgnutls: enforce key usage limitations on certificates more actively. + Previously we would enforce it for TLS1.2 protocol, now we enforce it + even when TLS1.3 is negotiated, or on client certificates as well. When + an inappropriate for TLS1.3 certificate is seen on the credentials structure + GnuTLS will disable TLS1.3 support for that session (#690). + +** API and ABI modifications: +No changes since last version. + + * Version 3.6.6 (released 2019-01-25) ** libgnutls: gnutls_pubkey_import_ecc_raw() was fixed to set the number bits |