2008 2008 Ericsson AB, All Rights Reserved The contents of this file are subject to the Erlang Public License, Version 1.1, (the "License"); you may not use this file except in compliance with the License. You should have received a copy of the Erlang Public License along with this software. If not, it can be retrieved online at http://www.erlang.org/. Software distributed under the License is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the specific language governing rights and limitations under the License. The Initial Developer of the Original Code is Ericsson AB. public_key Release Notes Ingela Anderton Andin Ingela Anderton Andin 2008-01-22 A notes.xml
Public_Key 0.9
Improvements and New Features

Updated ssl to ignore CA certs that violate the asn1-spec for a certificate, and updated public key asn1 spec to handle inherited DSS-params.

Own Id: OTP-7884

Changed ssl implementation to retain backwards compatibility for old option {verify, 0} that shall be equivalent to {verify, verify_none}, also separate the cases unknown ca and selfsigned peer cert, and restored return value of deprecated function public_key:pem_to_der/1.

Own Id: OTP-8858

Better handling of v1 and v2 certificates. V1 and v2 certificates does not have any extensions so then validate_extensions should just accept that there are none and not end up in missing_basic_constraints clause.

Own Id: OTP-8867

Changed the verify fun so that it differentiate between the peer certificate and CA certificates by using valid_peer or valid as the second argument to the verify fun. It may not always be trivial or even possible to know when the peer certificate is reached otherwise.

*** POTENTIAL INCOMPATIBILITY ***

Own Id: OTP-8873

Public_Key 0.8
Fixed Bugs and Malfunctions

Handling of unknown CA certificates was changed in ssl and public_key to work as intended.

Own Id: OTP-8788

Improvements and New Features

Revise the public_key API - Cleaned up and documented the public_key API to make it useful for general use, also changed ssl to use the new API.

Own Id: OTP-8722

Added the functionality so that the verification fun will be called when a certificate is considered valid by the path validation to allow access to each certificate in the path to the user application. Also try to verify subject-AltName, if unable to verify it let the application verify it.

Own Id: OTP-8825

Public_Key 0.7
Fixed Bugs and Malfunctions

Certificates without any extensions could not be handled by public_key.

Own Id: OTP-8626

Improvements and New Features

Code cleanup and minor bugfixes.

Own Id: OTP-8649

Public_Key 0.6
Improvements and New Features

Support for Diffie-Hellman. ssl-3.11 requires public_key-0.6.

Own Id: OTP-7046

Moved extended key usage test for ssl values to ssl.

Own Id: OTP-8553 Aux Id: seq11541, OTP-8554

Public_Key 0.5
Improvements and New Features

Added public_key:pkix_transform/2 to enable ssl to send CA list during Certificate Request.

NOTE: SSL (new_ssl) requires public_key-0.5. ssl usage.

Own Id: OTP-8372

Public_Key 0.4
Improvements and New Features

The documentation is now built with open source tools (xsltproc and fop) that exists on most platforms. One visible change is that the frames are removed.

Own Id: OTP-8250

Public_Key 0.3
Fixed Bugs and Malfunctions

Unknown attributes in certificates are left encoded instead of crashing. Patch by Will "wglozer" thanks.

Own Id: OTP-8100

Improvements and New Features

Allow public_key:pem_to_der/[1,2] to take a binary as argument in addition to a filename. Patch by Geoff Cant, thanks.

Own Id: OTP-8142

Public_Key 0.2
Improvements and New Features

X509 certificate handling has been extended and improved as a result of more extensive testing of both the ssl and public_key application. Even more extensions of the certificate handling is yet to be implemented.

Own Id: OTP-7860

Public_Key 0.1
Improvements and New Features

First version.

Own Id: OTP-7637