diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-06-14 16:35:55 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-06-14 16:35:55 +0200 |
commit | 08bb75574630dc9908850c45e49771f5244f10cf (patch) | |
tree | 761949f0fa25e0b8975a441e81594c54d8b61e64 /NEWS | |
parent | 93ec0d176dedac1afa3bcf398f5f638717cf0a56 (diff) | |
download | gnutls-08bb75574630dc9908850c45e49771f5244f10cf.tar.gz |
doc update
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -16,7 +16,10 @@ See the end for copying conditions. Feature implemented by Tim Kosse. ** libgnutls: More strict OCSP staple verification. That is, no longer - ignore invalid or too old OCSP staples. + ignore invalid or too old OCSP staples. The previous behavior was + to rely on application use gnutls_ocsp_status_request_is_checked(), + while the new behavior is to include OCSP verification by default + and set the GNUTLS_CERT_INVALID_OCSP_STATUS verification flag on error. ** libgnutls: Treat CA certificates with the "Server Gated Cryptography" key purpose OIDs equivalent to having the GNUTLS_KP_TLS_WWW_SERVER OID. This |