[gnutls-devel] gnutls 3.4.6
nmav at gnutls.org
Tue Oct 20 18:19:30 CEST 2015
I've just released gnutls 3.4.6. This version fixes bugs and adds
minor features to the next stable branch.
* Version 3.4.6 (released 2015-10-20)
** libgnutls: Added new simple verification functions. That avoids the
need to install a callback to perform certificate verification. See
doc/examples/ex-client-x509.c for usage.
** libgnutls: Introduced the security parameter 'future' which is at
the 256-bit level of security, and 'ultra' was aligned to its
documented size at 192-bits.
** libgnutls: When writing a certificate into a PKCS #11 token, ensure
that CKA_SERIAL_NUMBER and CKA_ISSUER are written. Reported by Sumit
** libgnutls: Allow the presence of legacy ciphers and key exchanges in
priority strings and consider them a no-op.
** libgnutls: Handle the extended master secret as a mandatory
extension. That fixes incompatibility issues with Chromium (#45).
Reported by Hubert Kario.
** libgnutls: Added the ability to copy a public key into a PKCS #11
** tools: Added support for LDAP and XMPP negotiation for STARTTLS.
** p11tool: Allow writing a public key into a PKCS #11 token.
** certtool: Key generation security level was switched to HIGH. That
is, by default the tool generates 3072 bit keys for RSA and DSA.
** API and ABI modifications:
Getting the Software
GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>. A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.
Here are the XZ and LZIP compressed sources:
Here are OpenPGP detached signatures signed using key 0x96865171:
Note that it has been signed with my openpgp key:
pub 3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02]
More information about the Gnutls-devel