Google Git
Sign in
pigweed/third_party/github/Mbed-TLS/mbedtls-framework/9655e4597a2248c881eb9c1828b7169153d3eeb7^!/./ChangeLog
commit
9655e4597a2248c881eb9c1828b7169153d3eeb7
[log]
author
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Fri Apr 11 12:29:49 2014 +0200
committer
Paul Bakker <p.j.bakker@polarssl.org>
Fri Apr 11 13:59:36 2014 +0200
tree
b9938b7bc523b51515c8db0e7ed3ea4b6dda3cf5
parent
0776a437885cc28671c55862ee8e7631d9919476 [diff] [blame]
Reject certificates with times not in UTC

diff --git a/ChangeLog b/ChangeLog
index 0c18ff7..694cfc3 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -17,6 +17,7 @@
    * pk_verify() now returns a specific error code when the signature is valid
      but shorter than the supplied length.
    * Use UTC time to check certificate validity.
+   * Reject certificates with times not in UTC, per RFC 5280.
 
 Security
    * Avoid potential timing leak in ecdsa_sign() by blinding modular division.