Changeset af29d6a in mod_gnutls


Ignore:
Timestamp:
Jun 7, 2020, 9:46:37 AM (4 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
master
Children:
e6bdae8
Parents:
a4e3b2c
Message:

Update Changelog

File:
1 edited

Legend:

Unmodified
Added
Removed
  • CHANGELOG

    ra4e3b2c raf29d6a  
     1** Version 0.11.0 (UNRELEASED)
     2
     3- Change default for GnuTLSOCSPCheckNonce to "off", and send OCSP
     4  nonces only if it has been enabled. The reason for this change is
     5  that in practice most public CAs do not support OCSP nonces, which
     6  is permitted by both RFC 6960 and the CA/Browser Forum baseline
     7  requirements (as of version 1.6.9). In this situation enforcing
     8  correct nonces by default makes the automatic OCSP stapling support
     9  mostly useless.
     10
     11- Add a test for correct nonce handling with "GnuTLSOCSPCheckNonce
     12  on", thanks to Krista Karppinen for that and a rewrite of the OCSP
     13  responder script in Python!
     14
     15- Support session resumption using session tickets for proxy
     16  connections (TLS 1.3 connections only).
     17
     18- Add ./configure option to disable building PDF documentation
     19
    120** Version 0.10.0 (2020-02-03)
    221
Note: See TracChangeset for help on using the changeset viewer.