Document the recent Kerberos SSL changes.

author: Richard Levitte <levitte@openssl.org> 2001-07-12 04:23:57 +0000
committer: Richard Levitte <levitte@openssl.org> 2001-07-12 04:23:57 +0000
commit: 0665dd68524e4b9cb81f946e4ccd74a59b80292d (patch)
tree: 3e59f418d1f8215e5875987b407b53d2726c6773
parent: 98fc09b18a2ecf4e1cff57abdd5b03b031c92c72 (diff)
download: openssl-0665dd68524e4b9cb81f946e4ccd74a59b80292d.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 330954dc6f..6393413e03 100644
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,19 @@
          *) applies to 0.9.6a/0.9.6b and 0.9.7
          +) applies to 0.9.7 only
 
+  +) Changes to Kerberos SSL for RFC 2712 compliance:
+     1.  Implemented real KerberosWrapper, instead of just using
+         KRB5 AP_REQ message.  [Thanks to Simon Wilkinson <sxw@sxw.org.uk>]
+     2.  Implemented optional authenticator field of KerberosWrapper.
+
+     Added openssl-style ASN.1 macros for Kerberos ticket, ap_req,
+     and authenticator structs; see crypto/krb5/.
+
+     Generalized Kerberos calls to support multiple Kerberos libraries.
+     [Vern Staats <staatsvr@asc.hpc.mil>,
+      Jeffrey Altman <jaltman@columbia.edu>
+      via Richard Levitte]
+
   +) Cause 'openssl speed' to use fully hard-coded DSA keys as it
      already does with RSA. testdsa.h now has 'priv_key/pub_key'
      values for each of the key sizes rather than having just
author	Richard Levitte <levitte@openssl.org>	2001-07-12 04:23:57 +0000
committer	Richard Levitte <levitte@openssl.org>	2001-07-12 04:23:57 +0000
commit	0665dd68524e4b9cb81f946e4ccd74a59b80292d (patch)
tree	3e59f418d1f8215e5875987b407b53d2726c6773
parent	98fc09b18a2ecf4e1cff57abdd5b03b031c92c72 (diff)
download	openssl-0665dd68524e4b9cb81f946e4ccd74a59b80292d.tar.gz