Update certificate hash line format to handle canonical format and avoid MD5 dependency.

commit: c2c99e2860566044b23a5b3fded6f70b7436b9ad [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Thu Jan 15 13:22:39 2009 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Thu Jan 15 13:22:39 2009 +0000
tree: f80b3b69bdec325976f6e6ae8c067afc2cc0ab35
parent: 8125d9f99ceb3fcd81fdd191e85a73b27063383a [diff] [blame]
diff --git a/CHANGES b/CHANGES
index 66e812c..ea5162d 100644
--- a/CHANGES
+++ b/CHANGES

@@ -4,6 +4,13 @@
 
  Changes between 0.9.8j and 0.9.9  [xx XXX xxxx]
 
+  *) Enhance the hash format used for certificate directory links. The new
+     form uses the canonical encoding (meaning equivalent names will work
+     even if they aren't identical) and uses SHA1 instead of MD5. This form
+     is incompatible with the older format and as a result c_rehash should
+     be used to rebuild symbolic links.
+     [Steve Henson]
+
   *) Make PKCS#8 the default write format for private keys, replacing the
      traditional format. This form is standardised, more secure and doesn't
      include an implicit MD5 dependency.
commit	c2c99e2860566044b23a5b3fded6f70b7436b9ad	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Thu Jan 15 13:22:39 2009 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Thu Jan 15 13:22:39 2009 +0000
tree	f80b3b69bdec325976f6e6ae8c067afc2cc0ab35
parent	8125d9f99ceb3fcd81fdd191e85a73b27063383a [diff] [blame]