doc update

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-09-07 08:24:41 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-09-07 15:40:34 +0200
commit: df3fa23fe956a80bb1509ec46f645085003dd1c4 (patch)
tree: fec69f0d79c592150f0c498c7f87bf0088f48241
parent: 3b1e56a98cba9c74ff5b21f58e04dab5d7609635 (diff)
download: gnutls-df3fa23fe956a80bb1509ec46f645085003dd1c4.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 21f568559a..f3ce39455b 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,15 @@ See the end for copying conditions.
 
 * Version 3.6.1 (unreleased)
 
+** libgnutls: gnutls_x509_crl_sign, gnutls_x509_crt_sign,
+   gnutls_x509_crq_sign, were modified to sign with a better algorithm than
+   SHA1. They will now sign with an algorithm that corresponds to the security
+   level of the signer's key.
+
+** libgnutls: gnutls_x509_*_sign2() functions and gnutls_x509_*_privkey_sign()
+   accept GNUTLS_DIG_UNKNOWN (0) as a hash function option. That will signal
+   the function to auto-detect an appropriate hash algorithm to use.
+
 ** p11tool: added options --sign-params and --hash. This allows testing
    signature with multiple algorithms, including RSA-PSS.
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-09-07 08:24:41 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-09-07 15:40:34 +0200
commit	df3fa23fe956a80bb1509ec46f645085003dd1c4 (patch)
tree	fec69f0d79c592150f0c498c7f87bf0088f48241
parent	3b1e56a98cba9c74ff5b21f58e04dab5d7609635 (diff)
download	gnutls-df3fa23fe956a80bb1509ec46f645085003dd1c4.tar.gz