doc update

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-09-07 08:24:41 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-09-08 08:55:55 +0200
commit: 813110ed345f2771586c63c13f9bbded34047e90 (patch)
tree: c685272e552423d4cbd0024411e4b7e2f60256db
parent: a2a7e382cfbd86ab2aadf0e97e26fa0aaa69a704 (diff)
download: gnutls-813110ed345f2771586c63c13f9bbded34047e90.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 9afc2062b8..b3fb4a361c 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,15 @@ See the end for copying conditions.
 ** libgnutls: Fixed interoperability issue with openssl when safe renegotiation was
    used. Resolves gitlab issue #259.
 
+** libgnutls: gnutls_x509_crl_sign, gnutls_x509_crt_sign,
+   gnutls_x509_crq_sign, were modified to sign with a better algorithm than
+   SHA1. They will now sign with an algorithm that corresponds to the security
+   level of the signer's key.
+
+** libgnutls: gnutls_x509_*_sign2() functions and gnutls_x509_*_privkey_sign()
+   accept GNUTLS_DIG_UNKNOWN (0) as a hash function option. That will signal
+   the function to auto-detect an appropriate hash algorithm to use.
+
 ** p11tool: added options --sign-params and --hash. This allows testing
    signature with multiple algorithms, including RSA-PSS.
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-09-07 08:24:41 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-09-08 08:55:55 +0200
commit	813110ed345f2771586c63c13f9bbded34047e90 (patch)
tree	c685272e552423d4cbd0024411e4b7e2f60256db
parent	a2a7e382cfbd86ab2aadf0e97e26fa0aaa69a704 (diff)
download	gnutls-813110ed345f2771586c63c13f9bbded34047e90.tar.gz