Changes between 0.9.8m (?) and 1.0.0 [xx XXX xxxx]
+ *) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
+ output hashes compatible with older versions of OpenSSL.
+ [Willy Weisz <weisz@vcpc.univie.ac.at>]
+
*) Fix compression algorithm handling: if resuming a session use the
compression algorithm of the resumed session instead of determining
it from client hello again. Don't allow server to change algorithm.
the updated NID creation version. This should correctly handle UTF8.
[Steve Henson]
- *) Implement draft-ietf-tls-renegotiation. Re-enable
+ *) Implement draft-ietf-tls-renegotiation-03. Re-enable
renegotiation but require the extension as needed. Unfortunately,
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION turns out to be a
bad idea. It has been replaced by