summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorSimon Josefsson <simon@josefsson.org>2022-10-31 21:24:01 +0100
committerSimon Josefsson <simon@josefsson.org>2022-10-31 21:24:01 +0100
commit97c9d231eb9ba6e6043c603bf400d7f0e92ff7f7 (patch)
tree087ca29855fb9154e6a4ecda0bbe5d2c92d32e38 /doc
parentf5dcbdb46df52458e3756193c2a23bf558a3ecfd (diff)
downloadgnutls-97c9d231eb9ba6e6043c603bf400d7f0e92ff7f7.tar.gz
Drop stale doc/announce.txt.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
Diffstat (limited to 'doc')
-rw-r--r--doc/announce.txt294
1 files changed, 0 insertions, 294 deletions
diff --git a/doc/announce.txt b/doc/announce.txt
deleted file mode 100644
index 942cf20a8b..0000000000
--- a/doc/announce.txt
+++ /dev/null
@@ -1,294 +0,0 @@
-To: gnutls-help@lists.gnutls.org, gnutls-devel@lists.gnutls.org
-Bcc: coordinator@translationproject.org
-Subject: GnuTLS 3.4.0 released
-<#part sign=pgpmime>
-We are proud to announce a new GnuTLS release: Version 3.4.0.
-
-GnuTLS is a modern C library that implements the standard network
-security protocol Transport Layer Security (TLS), for use by network
-applications. GnuTLS is developed for GNU/Linux, but works on many
-Unix-like systems and as well as Windows.
-
-The GnuTLS library is distributed under the terms of the GNU Lesser
-General Public License version 2 (or later). The "extra" GnuTLS
-library (which contains), the OpenSSL compatibility library, the self tests
-and the command line tools are all distributed under the GNU General
-Public License version 3.0 (or later). The manual is distributed
-under the GNU Free Documentation License version 1.3 (or later).
-
-The project page of the library is available at:
- https://www.gnutls.org/
-
-What's New
-==========
-
-Version 3.4.0 is the first stable release on the 3.4.x branch and is
-the result of a year of planning and work [0] on the git master branch.
-The GnuTLS 3.4.x branch is marked as stable-next, meaning it is considered
-of stable quality but will not yet replace the current stable releases
-based on 3.3.0, which will continue to be supported.
-
-[0]. https://gitlab.com/gnutls/gnutls/wikis/Plan3_4
-
-
-* Version 3.4.0
-
-** libgnutls: Added support for AES-CCM and AES-CCM-8 (RFC6655 and RFC7251)
-ciphersuites. The former are enabled by default, the latter need to be
-explicitly enabled, since they reduce the overall security level.
-
-** libgnutls: Added support for Chacha20-Poly1305 ciphersuites following
-draft-mavrogiannopoulos-chacha-tls-05 and draft-irtf-cfrg-chacha20-poly1305-10.
-That is currently provided as technology preview and is not enabled by
-default, since there are no assigned ciphersuite points by IETF and there
-is no guarantee of compatibility between draft versions. The ciphersuite
-priority string to enable it is "+CHACHA20-POLY1305".
-
-** libgnutls: Added support for encrypt-then-authenticate in CBC
-ciphersuites (RFC7366 -taking into account its errata text). This is
-enabled by default and can be disabled using the %NO_ETM priority
-string.
-
-** libgnutls: Added support for the extended master secret
-(triple-handshake fix) following draft-ietf-tls-session-hash-02.
-
-** libgnutls: Added a new simple and hard to misuse AEAD API (crypto.h).
-
-** libgnutls: SSL 3.0 is no longer included in the default priorities
-list. It has to be explicitly enabled, e.g., with a string like
-"NORMAL:+VERS-SSL3.0".
-
-** libgnutls: ARCFOUR (RC4) is no longer included in the default priorities
-list. It has to be explicitly enabled, e.g., with a string like
-"NORMAL:+ARCFOUR-128".
-
-** libgnutls: DSA signatures and DHE-DSS are no longer included in the
-default priorities list. They have to be explicitly enabled, e.g., with
-a string like "NORMAL:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1". The
-DSA ciphersuites were dropped because they had no deployment at all
-on the internet, to justify their inclusion.
-
-** libgnutls: The priority string EXPORT was completely removed. The string
-was already defunc as support for the EXPORT ciphersuites was removed in
-GnuTLS 3.2.0.
-
-** libgnutls: Added API to utilize system specific private keys in
-"gnutls/system-keys.h". It is currently provided as technology preview
-and is restricted to windows CNG keys.
-
-** libgnutls: gnutls_x509_crt_check_hostname() and friends will use
-RFC6125 comparison of hostnames. That introduces a dependency on libidn.
-
-** libgnutls: Depend on p11-kit 0.23.1 to comply with the final
-PKCS #11 URLs draft (draft-pechanec-pkcs11uri-21).
-
-** libgnutls: Depend on nettle 3.1.
-
-** libgnutls: Use getrandom() or getentropy() when available. That
-avoids the complexity of file descriptor handling and issues with
-applications closing all open file descriptors on startup.
-
-** libgnutls: Use pthread_atfork() to detect fork when available.
-
-** libgnutls: The gnutls_handshake() process will enforce a timeout by
-default.
-
-** libgnutls: If a key purpose (extended key usage) is specified for verification,
-it is applied into intermediate certificates. The verification result
-GNUTLS_CERT_PURPOSE_MISMATCH is also introduced.
-
-** libgnutls: When gnutls_certificate_set_x509_key_file2() is used in
-combination with PKCS #11, or TPM URLs, it will utilize the provided
-password as PIN if required. That removes the requirement for the
-application to set a callback for PINs in that case.
-
-** libgnutls: priority strings VERS-TLS-ALL and VERS-DTLS-ALL are
-restricted to the corresponding protocols only, and the VERS-ALL
-string is introduced to catch all possible protocols.
-
-** libgnutls: Added helper functions to obtain information on PKCS #8
-structures.
-
-** libgnutls: Certificate chains which are provided to gnutls_certificate_credentials_t
-will automatically be sorted instead of failing with GNUTLS_E_CERTIFICATE_LIST_UNSORTED.
-
-** libgnutls: Added functions to export and set the record state. That
-allows for gnutls_record_send() and recv() to be offloaded (to kernel,
-hardware or any other subsystem).
-
-** libgnutls: Added the ability to register application specific URL
-types, which express certificates and keys using gnutls_register_custom_url().
-
-** libgnutls: Added API to override existing ciphers, digests and MACs, e.g.,
-to override AES-GCM using a system-specific accelerator. That is, (crypto.h)
-gnutls_crypto_register_cipher(), gnutls_crypto_register_aead_cipher(),
-gnutls_crypto_register_mac(), and gnutls_crypto_register_digest().
-
-** libgnutls: Added gnutls_ext_register() to register custom extensions.
-Contributed by Thierry Quemerais.
-
-** libgnutls: Added gnutls_supplemental_register() to register custom
-supplemental data handshake messages. Contributed by Thierry Quemerais.
-
-** libgnutls-openssl: it is no longer built by default.
-
-** certtool: Added --p8-info option, which will print PKCS #8 information
-even if the password is not available.
-
-** certtool: --key-info option will print PKCS #8 encryption information
-when available.
-
-** certtool: Added the --key-id and --fingerprint options.
-
-** certtool: Added the --verify-hostname, --verify-email and --verify-purpose
-options to be used in certificate chain verification, to simulate verification
-for specific hostname and key purpose (extended key usage).
-
-** certtool: --p12-info option will print PKCS #12 MAC and cipher information
-when available.
-
-** certtool: it will print the A-label (ACE) names in addition to UTF-8.
-
-** p11tool: added options --set-id and --set-label.
-
-** gnutls-cli: added options --priority-list and --save-cert.
-
-** guile: Deprecated priority API has been removed. The old priority API,
-which had been deprecated for some time, is now gone; use 'set-session-priorities!'
-instead.
-
-** guile: Remove RSA parameters and related procedures. This API had been
-deprecated.
-
-** guile: Fix compilation on MinGW. Previously only the static version of the
-'guile-gnutls-v-2' library would be built, preventing dynamic loading from Guile.
-
-** API and ABI modifications:
-gnutls_record_get_state: Added
-gnutls_record_set_state: Added
-gnutls_aead_cipher_init: Added
-gnutls_aead_cipher_decrypt: Added
-gnutls_aead_cipher_encrypt: Added
-gnutls_aead_cipher_deinit: Added
-gnutls_pkcs12_generate_mac2: Added
-gnutls_pkcs12_mac_info: Added
-gnutls_pkcs12_bag_enc_info: Added
-gnutls_pkcs8_info: Added
-gnutls_pkcs_schema_get_name: Added
-gnutls_pkcs_schema_get_oid: Added
-gnutls_pcert_export_x509: Added
-gnutls_pcert_export_openpgp: Added
-gnutls_pcert_import_x509_list: Added
-gnutls_pkcs11_privkey_cpy: Added
-gnutls_x509_crq_get_signature_algorithm: Added
-gnutls_x509_trust_list_iter_get_ca: Added
-gnutls_x509_trust_list_iter_deinit: Added
-gnutls_x509_trust_list_get_issuer_by_dn: Added
-gnutls_pkcs11_get_raw_issuer_by_dn: Added
-gnutls_certificate_get_trust_list: Added
-gnutls_privkey_export_x509: Added
-gnutls_privkey_export_pkcs11: Added
-gnutls_privkey_export_openpgp: Added
-gnutls_privkey_import_ext3: Added
-gnutls_certificate_get_x509_key: Added
-gnutls_certificate_get_x509_crt: Added
-gnutls_certificate_get_openpgp_key: Added
-gnutls_certificate_get_openpgp_crt: Added
-gnutls_record_discard_queued: Added
-gnutls_session_ext_master_secret_status: Added
-gnutls_priority_string_list: Added
-gnutls_dh_params_import_raw2: Added
-gnutls_memset: Added
-gnutls_memcmp: Added
-gnutls_pkcs12_bag_set_privkey: Added
-gnutls_ocsp_resp_get_responder_raw_id: Added
-gnutls_system_key_iter_deinit: Added
-gnutls_system_key_iter_get_info: Added
-gnutls_system_key_delete: Added
-gnutls_system_key_add_x509: Added
-gnutls_system_recv_timeout: Added
-gnutls_register_custom_url: Added
-gnutls_pkcs11_obj_list_import_url3: Added
-gnutls_pkcs11_obj_list_import_url4: Added
-gnutls_pkcs11_obj_set_info: Added
-gnutls_crypto_register_cipher: Added
-gnutls_crypto_register_aead_cipher: Added
-gnutls_crypto_register_mac: Added
-gnutls_crypto_register_digest: Added
-gnutls_ext_register: Added
-gnutls_supplemental_register: Added
-gnutls_supplemental_recv: Added
-gnutls_supplemental_send: Added
-gnutls_openpgp_crt_check_email: Added
-gnutls_x509_crt_check_email: Added
-gnutls_handshake_set_hook_function: Modified
-gnutls_pkcs11_privkey_generate3: Added
-gnutls_pkcs11_copy_x509_crt2: Added
-gnutls_pkcs11_copy_x509_privkey2: Added
-gnutls_pkcs11_obj_list_import_url: Removed
-gnutls_pkcs11_obj_list_import_url2: Removed
-gnutls_certificate_client_set_retrieve_function: Removed
-gnutls_certificate_server_set_retrieve_function: Removed
-gnutls_certificate_set_rsa_export_params: Removed
-gnutls_certificate_type_set_priority: Removed
-gnutls_cipher_set_priority: Removed
-gnutls_compression_set_priority: Removed
-gnutls_kx_set_priority: Removed
-gnutls_mac_set_priority: Removed
-gnutls_protocol_set_priority: Removed
-gnutls_rsa_export_get_modulus_bits: Removed
-gnutls_rsa_export_get_pubkey: Removed
-gnutls_rsa_params_cpy: Removed
-gnutls_rsa_params_deinit: Removed
-gnutls_rsa_params_export_pkcs1: Removed
-gnutls_rsa_params_export_raw: Removed
-gnutls_rsa_params_generate2: Removed
-gnutls_rsa_params_import_pkcs1: Removed
-gnutls_rsa_params_import_raw: Removed
-gnutls_rsa_params_init: Removed
-gnutls_sign_callback_get: Removed
-gnutls_sign_callback_set: Removed
-gnutls_x509_crt_verify_data: Removed
-gnutls_x509_crt_verify_hash: Removed
-gnutls_pubkey_get_verify_algorithm: Removed
-gnutls_x509_crt_get_verify_algorithm: Removed
-gnutls_pubkey_verify_hash: Removed
-gnutls_pubkey_verify_data: Removed
-gnutls_record_set_max_empty_records: Removed
-
-guile:
-set-session-cipher-priority!: Removed
-set-session-mac-priority!: Removed
-set-session-compression-method-priority!: Removed
-set-session-kx-priority!: Removed
-set-session-protocol-priority!: Removed
-set-session-certificate-type-priority!: Removed
-set-session-default-priority!: Removed
-set-session-default-export-priority!: Removed
-make-rsa-parameters: Removed
-rsa-parameters?: Removed
-set-certificate-credentials-rsa-export-parameters!: Removed
-pkcs1-import-rsa-parameters: Removed
-pkcs1-export-rsa-parameters: Removed
-
-
-Community
-=========
-
-If you need help to use GnuTLS, or want to help others, you are invited
-to join our help-gnutls mailing list, see:
-
- https://lists.gnutls.org/mailman/listinfo/gnutls-help
-
-If you wish to participate in the development of GnuTLS, you are invited
-to join our gnutls-dev mailing list, see:
-
- https://lists.gnutls.org/mailman/listinfo/gnutls-dev
-
-Internationalization
-====================
-
-The GnuTLS library messages have been translated into Czech, Dutch,
-French, German, Italian, Malay, Polish, Simplified Chinese, Swedish,
-and Vietnamese. We welcome the addition of more translations.
-