From aeb77204553fc5244341536c243cd96e3fe4e42c Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Wed, 13 May 2015 11:52:38 -0500
Subject: add changelog entry for supporting x509 extensions

---
 CHANGELOG.rst | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 5947b051..ced53d75 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -36,6 +36,23 @@ Changelog
   :class:`cryptography.hazmat.primitives.twofactor.InvalidToken` and deprecated
   the old location. This was moved to minimize confusion between this exception
   and :class:`cryptography.fernet.InvalidToken`.
+* Added support for X.509 extensions in :class:`~cryptography.x509.Certificate`
+  objects. The following extensions are supported as of this release:
+
+  * :class:`~cryptography.x509.BasicConstraints`
+  * :class:`~cryptography.x509.AuthorityKeyIdentifier`
+  * :class:`~cryptography.x509.SubjectKeyIdentifier`
+  * :class:`~cryptography.x509.KeyUsage`
+  * :class:`~cryptography.x509.SubjectAlternativeName`
+  * :class:`~cryptography.x509.ExtendedKeyUsage`
+  * :class:`~cryptography.x509.CRLDistributionPoints`
+  * :class:`~cryptography.x509.AuthorityInformationAccess`
+  * :class:`~cryptography.x509.CertificatePolicies`
+
+  Note that unsupported extensions with the critical flag raise
+  :class:`~cryptography.x509.UnsupportedExtension` while unsupported extensions
+  set to non-critical are silently ignored. Read the
+  :doc:`X.509 documentation</x509>` for more information.
 
 0.8.2 - 2015-04-10
 ~~~~~~~~~~~~~~~~~~
-- 
cgit v1.2.3