projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
New OCSP response verify option OCSP_TRUSTOTHER
[openssl.git]
/
CHANGES
diff --git
a/CHANGES
b/CHANGES
index 31f9a6e1fb4d1bdec4b66975452dd2fa3bb7ac7b..4665120efde1e61173dc011db58850b6833d66b2 100644
(file)
--- a/
CHANGES
+++ b/
CHANGES
@@
-3,6
+3,11
@@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
+ *) New OCSP verify flag OCSP_TRUSTOTHER. When set the "other" certificates
+ passed by the function are trusted implicitly. If any of them signed the
+ reponse then it is assumed to be valid and is not verified.
+ [Steve Henson]
+
*) Zero the premaster secret after deriving the master secret in
DH ciphersuites.
[Steve Henson]
*) Zero the premaster secret after deriving the master secret in
DH ciphersuites.
[Steve Henson]