From 1d8288977316750e97b706ee537abe15bf94bd2b Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun, 1 Nov 2009 18:06:07 +0200
Subject: Documented change for certificate retrieval callbacks.

---
 NEWS | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index a57f1049dc..c19845b577 100644
--- a/NEWS
+++ b/NEWS
@@ -9,7 +9,11 @@ See the end for copying conditions.
 by Tang Tong.
 
 ** libgnutls: addition of support for TLS 1.2 signature algorithms
-extension and certificate verify field.
+extension and certificate verify field. This requires changes for
+TLS 1.2 servers and clients that use callbacks for certificate retrieval.
+They are now required to check with gnutls_session_sign_algorithm_get_requested()
+whether the certificate they send complies with the peer's preferences in
+signature algorithms.
 
 ** libgnutls: In server side when resuming a session do not overwrite the 
 initial session data with the resumed session data.
-- 
cgit v1.2.1