[SCM] GNU gnutls branch, master, updated. gnutls_3_1

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-21-g12e1a91

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-21-g12e1a91
Date:	Fri, 24 Aug 2012 16:57:53 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=12e1a91a6b1e743bee721c887c620d9e8421cb27

The branch, master has been updated
       via  12e1a91a6b1e743bee721c887c620d9e8421cb27 (commit)
       via  74412d222920232312d8ceda7a2a6bf91f3058f3 (commit)
       via  8725145e1535b2cbf92c6499bdf3891f6a2e1205 (commit)
      from  cf5828497b58488907bfe900eb760e8701ce9d20 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 12e1a91a6b1e743bee721c887c620d9e8421cb27
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Aug 22 19:08:11 2012 +0200

    added new items

commit 74412d222920232312d8ceda7a2a6bf91f3058f3
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Tue Aug 21 00:01:10 2012 +0200

    updated

commit 8725145e1535b2cbf92c6499bdf3891f6a2e1205
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sun Aug 19 14:07:58 2012 +0200

    heartbeat support is no longer in the todo

-----------------------------------------------------------------------

Summary of changes:
 doc/TODO |   28 +++++++++++++---------------
 1 files changed, 13 insertions(+), 15 deletions(-)

diff --git a/doc/TODO b/doc/TODO
index ce185e2..13764a8 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -3,11 +3,23 @@ anything), contact the developer's mailing list 
(address@hidden),
 in order to avoid having people working on the same thing. 
 
 Current list:
-* Added heartbeat support 
(http://tools.ietf.org/html/draft-ietf-tls-dtls-heartbeat-04)
 * When importing a PKCS #11 certificate, check for its issuers to generate a
   chain (e.g. use the DN to retrieve possible signers).
+* Improve AES assembly. AES in nettle can be improved in x86, arm and
+  x86-64.
+* Add support for RSA-PSS. This signature algorithm is seen in some
+  passport CAs. Should be added in nettle and then in gnutls.
+* Move ECC code to nettle.
 - Add DTLS 1.2 support (RFC6347)
 - Add certificate image support (see RFC3709, RFC6170)
+- RFC 3280 compliant certificate path validation.
+  - Check path length constraints.
+  - Check keyCertSign key usages.
+  - Reject extensions in v1 certificates.
+- Certificate chain validation improvements:
+  - Implement "correct" DN comparison (instead of memcmp).
+  - Support critical key usage KeyCertSign and cRLSign.
+  - Support path length constraints.
 - Perform signature calculation in PKCS #11 using not plain
   RSA but rather the combination of RSA-SHA256, RSA-SHA1 etc.
   That will allow the usage of more secure tokens that do not
@@ -17,7 +29,6 @@ Current list:
 - Add support for generating empty CRLs
 - Document the format for the supported DN attributes.
 - Audit the code
-- Implement TLS-PSK with PKCS #11.
 - Allow setting a PKCS #11 module to gnutls_x509_trust_list_t, to verify 
   against, similarly to NSS way.
 - Support replacing individual algorithms via a PKCS #11 module -
@@ -29,25 +40,12 @@ Current list:
    firstElement, bit_mask, ...) for platforms that libtool's
    -export-symbols-regex doesn't work.
 - Add Kerberos ciphersuites
-- Certificate chain validation improvements:
-  - Implement "correct" DN comparison (instead of memcmp).
-  - Support critical key usage KeyCertSign and cRLSign.
-  - Support path length constraints.
-- RFC 3280 compliant certificate path validation.
-- Add progress handler gnutls_{dh,rsa}_params_generate2, to allow
-  application to give progress feedback to user.
-- Chain verifications.
-  - Check path length constraints.
-  - Check keyCertSign key usages.
-  - Reject extensions in v1 certificates.
 - Exhaustive test suite, using NIST's PKI Test vectors,
   see http://csrc.nist.gov/pki/testing/x509paths_old.html
   and http://csrc.nist.gov/pki/testing/x509paths.html
 - Make gnutls-cli-debug exit with better error messages if the
   handshake fails, rather than saying that the server doesn't support
   TLS.
-- Make gnutls_certificate_get_ours return a zero-terminated array (or
-  add a new API that return the size of the array).
 
 (+) Means high priority 
 (*) Means medium priority


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-21-g12e1a91, Nikos Mavrogiannopoulos <=

Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-18-gcf58284
Next by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-24-gefadaaf
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-18-gcf58284
Next by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_0-24-gefadaaf
Index(es):
- Date
- Thread