aboutsummaryrefslogtreecommitdiffstats
path: root/CHANGELOG.rst
diff options
context:
space:
mode:
Diffstat (limited to 'CHANGELOG.rst')
-rw-r--r--CHANGELOG.rst11
1 files changed, 8 insertions, 3 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 8935285c..8332b8be 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -15,6 +15,11 @@ Changelog
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify`
has always been to check whether or not
:class:`~cryptography.exceptions.InvalidSignature` was raised.
+* Accessing an unrecognized extension marked critical on an X.509 object will
+ no longer raise an ``UnsupportedExtension`` exception, instead an
+ :class:`~cryptography.x509.UnrecognizedExtension` object will be returned.
+ This behavior was based on a poor reading of the RFC, unknown critical
+ extensions only need to be rejected on certificate verification.
1.8.1 - 2017-03-10
@@ -488,9 +493,9 @@ Changelog
* :class:`~cryptography.x509.CertificatePolicies`
Note that unsupported extensions with the critical flag raise
- :class:`~cryptography.x509.UnsupportedExtension` while unsupported extensions
- set to non-critical are silently ignored. Read the
- :doc:`X.509 documentation</x509/index>` for more information.
+ ``UnsupportedExtension`` while unsupported extensions set to non-critical are
+ silently ignored. Read the :doc:`X.509 documentation</x509/index>` for more
+ information.
0.8.2 - 2015-04-10
~~~~~~~~~~~~~~~~~~
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-03 22:27:40 +0000