Store verify_result with sessions to avoid potential security hole.

[openssl.git] / STATUS

diff --git a/STATUS b/STATUS
index 028abb85abea528dfb048599b77e68ccc4017c42..95d36be435c7866f2de55d6ebb7b172a76a708de 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,9 +1,10 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/09/24 15:42:34 $
+  ______________                           $Date: 2000/11/19 14:11:03 $
 
   DEVELOPMENT STATE
 
+    o  OpenSSL 0.9.7:  Under development...
     o  OpenSSL 0.9.6:  Released on September 24th, 2000
     o  OpenSSL 0.9.5a: Released on April      1st, 2000
     o  OpenSSL 0.9.5:  Released on February  28th, 2000
@@ -24,7 +25,7 @@
     o Steve is currently working on (in no particular order):
         ASN1 code redesign, butchery, replacement.
         EVP cipher enhancement.
-        Proper (or at least usable) certificate chain verification.
+     /* Proper (or at least usable) certificate chain verification. */
        Private key, certificate and CRL API and implementation.
        Developing and bugfixing PKCS#7 (S/MIME code).
         Various X509 issues: character sets, certificate request extensions.
@@ -33,8 +34,10 @@
     o Richard is currently working on:
        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).
-       Dynamic thread-lock support.
        Shared library support for VMS.
+       OCSP
+       Kerberos 5 authentication
+       Constification
 
   NEEDS PATCH
 
@@ -44,9 +47,6 @@
 
   OPEN ISSUES
 
-    o internal_verify doesn't know about X509.v3 (basicConstraints
-      CA flag ...)
-
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
        1. The config vs. Configure scripts