doc update

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 75 insertions, 38 deletions

diff --git a/NEWS b/NEWS
index 8f789a34c5..494ae159aa 100644
--- a/NEWS
+++ b/NEWS
@@ -7,75 +7,94 @@ See the end for copying conditions.
 
 * Version 3.6.0 (unreleased)
 
-** libgnutls: Added support for RFC7919 group negotiation. That makes the
-   Diffie-Hellman parameters negotiation more robust and less prone to errors
-   due to insecure parameters.
+** libgnutls: tlsfuzzer is part of the CI testsuite. This is a TLS testing and
+   fuzzying toolkit, allowing for corner case testing, and ensuring that the
+   behavior of the library will not change across releases.
+   https://github.com/tomato42/tlsfuzzer
+
+** libgnutls: Introduced a lock-free random generator which operates per-thread
+   and eliminates random-generator related bottlenecks in multi-threaded operation.
+   Resolves gitlab issue #141.
+   http://nmav.gnutls.org/2017/03/improving-by-simplifying-gnutls-prng.html
+
+** libgnutls: Added support for RSA-PSS key type as well as signatures in
+   certificates, and TLS key exchange. Contributed by Daiki Ueno.
+   RSA-PSS signatures can be generated by RSA-PSS keys and normal RSA keys,
+   but not vice-versa.  A TLS server which supports both RSA and RSA-PSS keys
+   will prefer the RSA-PSS key for RSA-PSS signatures to contain risks of
+   cross-protocol attacks between the algorithms.
+
+** libgnutls: Added support for Ed25519 signing in certificates and TLS key
+   exchange following draft-ietf-tls-rfc4492bis-17.
+
+** libgnutls: Enabled X25519 key exchange by default, following draft-ietf-tls-rfc4492bis-17.
+
+** libgnutls: Added support for Diffie-Hellman group negotiation following RFC7919.
+   That makes the DH parameters negotiation more robust and less prone to errors
+   due to insecure parameters. Servers are no longer required to specific explicit
+   DH parameters, though if they do these parameters will be used. Group
+   selection can be done via priority strings. The introduced strings are
+   GROUP-ALL, GROUP-FFDHE2048, GROUP-FFDHE3072, GROUP-FFDHE4096 and
+   GROUP-FFDHE8192, as well as the corresponding to curves groups.
 
 ** libgnutls: Introduced various sanity checks on certificate import. Refuse
    to import certificates which have fractional seconds in Time fields, X.509v1
    certificates which have the unique identifiers set, and certificates with illegal
    version numbers. All of these are prohibited by RFC5280.
 
-** libgnutls: Added support for RSA-PSS signing in certificates, and TLS key
-   exchange. Patches by Daiki Ueno.
-
-** libgnutls: Added support for Ed25519 signing in certificates and TLS key
-   exchange.
-
 ** libgnutls: Introduced gnutls_x509_crt_set_flags(). This function can set flags
    in the crt structure. The only flag supported at the moment is
    GNUTLS_X509_CRT_FLAG_IGNORE_SANITY which skips the certificate sanity
    checks on import.
 
-** libgnutls: Refuse gnutls_record_send() and gnutls_record_recv()
-   calls prior to handshake being complete. Addresses gitlab issue #158.
-
-** libgnutls: 3DES-CBC is no longer included in the default priorities
-   list. It has to be explicitly enabled, e.g., with a string like
-   "NORMAL:+3DES-CBC".
-
-** libgnutls: Introduced a lock-free random generator which operates per-thread
-   and eliminates random-generator related bottlenecks in multi-threaded operation.
-   Resolves gitlab issue #141.
-
 ** libgnutls: PKIX certificates with unknown critical extensions are rejected
    on verification with status GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS. This
    behavior can be overriden by providing the flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS
    to verification functions. Resolves gitlab issue #177.
 
-** libgnutls: OpenPGP authentication was removed; the resulting library is ABI
-   compatible, with the openpgp related functions being stubs that fail
-   on invocation.
-
 ** libgnutls: Refuse to generate a certificate with an illegal version, or an
    illegal serial number. That is, gnutls_x509_crt_set_version() and
    gnutls_x509_crt_set_serial(), will fail on input considered to be invalid
    in RFC5280.
 
-** libgnutls: No longer enable SECP192R1 and SECP224R1 by default on TLS handshakes.
-   These curves were rarely used for that purpose, provide no advantage over
-   x25519 and were deprecated by TLS 1.3.
+** libgnutls: Calls to gnutls_record_send() and gnutls_record_recv()
+   prior to handshake being complete are now refused. Addresses gitlab issue #158.
 
-** libgnutls: SHA1 was marked as insecure for certificate signatures. Verification
+** libgnutls: Added support for PKCS#12 files with no salt (zero length) in their
+   password encoding, and PKCS#12 files using SHA384 and SHA512 as MAC.
+
+** libgnutls: Exported functions to encode and decode DSA and ECDSA r,s values.
+
+** libgnutls: Introduced the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1
+   priority string options. These allows enabling all broken and SHA1-based signature
+   algorithms in certificate verification, respectively.
+
+** libgnutls: 3DES-CBC is no longer included in the default priorities
+   list. It has to be explicitly enabled, e.g., with a string like
+   "NORMAL:+3DES-CBC".
+
+** libgnutls: SHA1 was marked as insecure for signing certificates. Verification
    of certificates signed with SHA1 is now considered insecure and will
-   fail, unless flags intended to enable broken algorithms are set. This
-   can be reverted on compile time with the configure flag --enable-sha1-support.
+   fail, unless flags intended to enable broken algorithms are set. Other uses
+   of SHA1 are still allowed. This can be reverted on compile time with the configure
+   flag --enable-sha1-support.
 
 ** libgnutls: RIPEMD160 was marked as insecure for certificate signatures. Verification
    of certificates signed with RIPEMD160 hash algorithm is now considered insecure and
    will fail, unless flags intended to enable broken algorithms are set.
 
-** libgnutls: Added support for PKCS#12 files with no (zero length) salt used in their
-   password encoding, and PKCS#12 files using SHA384 and SHA512 as MAC.
+** libgnutls: No longer enable SECP192R1 and SECP224R1 by default on TLS handshakes.
+   These curves were rarely used for that purpose, provide no advantage over
+   x25519 and were deprecated by TLS 1.3.
 
-** libgnutls: Introduced the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1
-   priority string options. These allows enabling all broken and SHA1-based signature
-   algorithms in certificate verification, respectively.
+** libgnutls: Removed support for DEFLATE, or any other compression method.
 
-** libgnutls: Removed support for libidn; gnutls can now be compiled only with
-   libidn2.
+** libgnutls: OpenPGP authentication was removed; the resulting library is ABI
+   compatible, with the openpgp related functions being stubs that fail
+   on invocation.
 
-** libgnutls: Removed support for DEFLATE, or any other compression method.
+** libgnutls: Removed support for libidn (i.e., IDNA2003); gnutls can now be compiled
+   only with libidn2 which provides IDNA2008.
 
 ** certtool: The option '--load-ca-certificate' can now accept PKCS#11
    URLs in addition to files.
@@ -83,9 +102,27 @@ See the end for copying conditions.
 ** certtool: The option '--load-crl' can now be used when generating PKCS#12
    files (i.e., in conjunction with '--to-p12' option).
 
+** certtool: Keys with provable RSA and DSA parameters are now only read and
+   exported from PKCS#8 form, following draft-mavrogiannopoulos-pkcs8-validated-parameters-00.txt.
+   This removes support for the previous a non-standard key format.
+
+** certtool: Added support for generating, printing and handling RSA-PSS and
+   Ed25519 keys and certificates.
+
+** certtool: the parameters --rsa, --dsa and --ecdsa to --generate-privkey are now
+   deprecated, replaced by the --key-type option.
+
+** p11tool: The --generate-rsa, --generate-ecc and --generate-dsa options were
+   replaced by the --generate-privkey option.
+
 ** psktool: Generate 256-bit keys by default.
 
+** gnutls-server: Increase request buffer size to 16kb, and added the --alpn and
+   --alpn-fatal options, allowing testing of ALPN negotiation.
+
 ** API and ABI modifications:
+gnutls_encode_rs_value: Added
+gnutls_decode_rs_value: Added
 gnutls_base64_encode2: Added
 gnutls_base64_decode2: Added
 gnutls_x509_crt_set_flags: Added