clarification

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 9884a479db6c495d8d60d71a0187c3fb12181418..ffe039bf5b7e409c9aa4ae4222f190d243ed8354 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,22 @@
 
  Changes between 0.9.8a and 0.9.9  [xx XXX xxxx]
 
+  *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
+     for the psk identity [hint] and the psk callback functions to the
+     SSL_SESSION, SSL and SSL_CTX structure.
+     
+     New ciphersuites:
+         PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
+         PSK-AES256-CBC-SHA
+ 
+     New functions:
+         SSL_CTX_use_psk_identity_hint
+         SSL_get_psk_identity_hint
+         SSL_get_psk_identity
+         SSL_use_psk_identity_hint
+
+     [Mika Kousa and Pasi Eronen of Nokia Corporation]
+
   *) Add RFC 3161 compliant time stamp request creation, response generation
      and response verification functionality.
      [Zoltán Glózik <zglozik@opentsa.org>, The OpenTSA Project]
@@ -125,7 +141,9 @@
      [Austin Ziegler <halostatue@gmail.com>]
 
   *) Update support for ECC-based TLS ciphersuites according to
-     draft-ietf-tls-ecc-12.txt with proposed changes.
+     draft-ietf-tls-ecc-12.txt with proposed changes (but without
+     TLS extensions, which are supported starting with the 0.9.9
+     branch, not in the OpenSSL 0.9.8 branch).
      [Douglas Stebila]
 
   *) New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() to support