34
34
<file>notes.xml</file>
37
<section><title>Public_Key 0.11</title>
39
<section><title>Improvements and New Features</title>
43
Allows the public_key module to decode and encode RSA and
44
DSA keys encoded using the SubjectPublicKeyInfo format.
45
When pem_entry_encode is called on an RSA or DSA public
46
key type, the key is wrapped in the SubjectPublicKeyInfo
56
<section><title>Public_Key 0.10</title>
58
<section><title>Improvements and New Features</title>
62
Improved dialyzer specs.</p>
71
<section><title>Public_Key 0.9</title>
73
<section><title>Improvements and New Features</title>
77
Updated ssl to ignore CA certs that violate the asn1-spec
78
for a certificate, and updated public key asn1 spec to
79
handle inherited DSS-params.</p>
85
Changed ssl implementation to retain backwards
86
compatibility for old option {verify, 0} that shall be
87
equivalent to {verify, verify_none}, also separate the
88
cases unknown ca and selfsigned peer cert, and restored
89
return value of deprecated function
90
public_key:pem_to_der/1.</p>
96
Better handling of v1 and v2 certificates. V1 and v2
97
certificates does not have any extensions so then
98
validate_extensions should just accept that there are
99
none and not end up in missing_basic_constraints clause.</p>
105
Changed the verify fun so that it differentiate between
106
the peer certificate and CA certificates by using
107
valid_peer or valid as the second argument to the verify
108
fun. It may not always be trivial or even possible to
109
know when the peer certificate is reached otherwise.</p>
111
*** POTENTIAL INCOMPATIBILITY ***</p>
120
<section><title>Public_Key 0.8</title>
122
<section><title>Fixed Bugs and Malfunctions</title>
126
Handling of unknown CA certificates was changed in ssl
127
and public_key to work as intended.</p>
135
<section><title>Improvements and New Features</title>
139
Revise the public_key API - Cleaned up and documented the
140
public_key API to make it useful for general use, also
141
changed ssl to use the new API.</p>
147
Added the functionality so that the verification fun will
148
be called when a certificate is considered valid by the
149
path validation to allow access to each certificate in
150
the path to the user application. Also try to verify
151
subject-AltName, if unable to verify it let the
152
application verify it.</p>
161
<section><title>Public_Key 0.7</title>
163
<section><title>Fixed Bugs and Malfunctions</title>
167
Certificates without any extensions could not be handled
176
<section><title>Improvements and New Features</title>
180
Code cleanup and minor bugfixes.</p>
189
<section><title>Public_Key 0.6</title>
191
<section><title>Improvements and New Features</title>
195
Support for Diffie-Hellman. ssl-3.11 requires
202
Moved extended key usage test for ssl values to ssl.</p>
204
Own Id: OTP-8553 Aux Id: seq11541, OTP-8554 </p>
211
<section><title>Public_Key 0.5</title>
213
<section><title>Improvements and New Features</title>
216
<p>Added <c>public_key:pkix_transform/2</c> to enable
217
ssl to send CA list during Certificate Request.</p>
218
<p><c>NOTE</c>: SSL (new_ssl) requires public_key-0.5.
220
<p>Own Id: OTP-8372</p>
38
227
<section><title>Public_Key 0.4</title>