Update to OAEP support.

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 89dfaf08855b409cdb51206188ff9f864add61b8..08d2fbe5704f4ec71a9af31f60e6b047d1e472e2 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,24 @@
 
  Changes between 1.0.x and 1.1.0  [xx XXX xxxx]
 
+  *) Extended RSA OAEP support via EVP_PKEY API. Options to specify digest,
+     MGF1 digest and OAEP label.
+     [Steve Henson]
+
+  *) Add callbacks for arbitrary TLS extensions.
+     [Trevor Perrin <trevp@trevp.net> and Ben Laurie]
+
+  *) Support for DTLS 1.2. This adds two sets of DTLS methods: DTLS_*_method()
+     supports both DTLS 1.2 and 1.0 and should use whatever version the peer
+     supports and DTLSv1_2_*_method() which supports DTLS 1.2 only.
+     [Steve Henson]
+
+  *) Make openssl verify return errors.
+     [Chris Palmer <palmer@google.com> and Ben Laurie]
+
+  *) Fix OCSP checking.
+     [Rob Stradling <rob.stradling@comodo.com> and Ben Laurie]
+
   *) New option -crl_download in several openssl utilities to download CRLs
      from CRLDP extension in certificates.
      [Steve Henson]
@@ -45,8 +63,8 @@
      [Steve Henson]
 
   *) New functions to check a hostname email or IP address against a
-     certificate. Add options to s_client, s_server and x509 utilities
-     to print results of checks against a certificate.
+     certificate. Add options x509 utility to print results of checks against
+     a certificate.
      [Steve Henson]
 
   *) Add -rev test option to s_server to just reverse order of characters