+### Changes between 1.1.1 and 3.0 [xx XXX xxxx]
+
+ * Add CAdES-BES signature verification support, mostly derived
+ from ESSCertIDv2 TS (RFC 5816) contribution by Marek Klein.
+
+ *Filipe Raimundo da Silva*
+
+ * Add CAdES-BES signature scheme and attributes support (RFC 5126) to CMS API.
+
+ *Antonio Iacono*
+
+ * Deprecated EC_POINT_make_affine() and EC_POINTs_make_affine(). These
+ functions are not widely used and now OpenSSL automatically perform this
+ conversion when needed.
+
+ *Billy Bob Brumley*
+
+ * Deprecated EC_GROUP_precompute_mult(), EC_GROUP_have_precompute_mult(), and
+ EC_KEY_precompute_mult(). These functions are not widely used and
+ applications should instead switch to named curves which OpenSSL has
+ hardcoded lookup tables for.
+
+ *Billy Bob Brumley*
+
+ * Deprecated EC_POINTs_mul(). This function is not widely used and applications
+ should instead use the L<EC_POINT_mul(3)> function.
+
+ *Billy Bob Brumley*
+
+ * Removed FIPS_mode() and FIPS_mode_set(). These functions are legacy API's
+ that are not applicable to the new provider model. Applications should
+ instead use EVP_default_properties_is_fips_enabled() and
+ EVP_default_properties_enable_fips().
+
+ *Shane Lontis*
+
+ * The SSL option SSL_OP_IGNORE_UNEXPECTED_EOF is introduced. If that option
+ is set, an unexpected EOF is ignored, it pretends a close notify was received
+ instead and so the returned error becomes SSL_ERROR_ZERO_RETURN.
+
+ *Dmitry Belyavskiy*
+
+ * Deprecated EC_POINT_set_Jprojective_coordinates_GFp() and
+ EC_POINT_get_Jprojective_coordinates_GFp(). These functions are not widely
+ used and applications should instead use the
+ L<EC_POINT_set_affine_coordinates(3)> and
+ L<EC_POINT_get_affine_coordinates(3)> functions.
+
+ *Billy Bob Brumley*
+
+ * Added OSSL_PARAM_BLD to the public interface. This allows OSSL_PARAM
+ arrays to be more easily constructed via a series of utility functions.
+ Create a parameter builder using OSSL_PARAM_BLD_new(), add parameters using
+ the various push functions and finally convert to a passable OSSL_PARAM
+ array using OSSL_PARAM_BLD_to_param().
+
+ *Paul Dale*
+
+ * EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(), and
+ EVP_PKEY_get0_EC_KEY() can now handle EVP_PKEYs with provider side
+ internal keys, if they correspond to one of those built in types.
+
+ *Richard Levitte*
+
+ * Added EVP_PKEY_set_type_by_keymgmt(), to initialise an EVP_PKEY to
+ contain a provider side internal key.
+
+ *Richard Levitte*
+
+ * ASN1_verify(), ASN1_digest() and ASN1_sign() have been deprecated.
+ They are old functions that we don't use, and that you could disable with
+ the macro NO_ASN1_OLD. This goes all the way back to OpenSSL 0.9.7.
+
+ *Richard Levitte*
+
+ * The main project documents (README, NEWS, CHANGES, INSTALL, SUPPORT)
+ have been converted to Markdown with the goal to produce documents
+ which not only look pretty when viewed online in the browser, but
+ remain well readable inside a plain text editor.
+
+ To achieve this goal, a 'minimalistic' Markdown style has been applied
+ which avoids formatting elements that interfere too much with the
+ reading flow in the text file. For example, it
+
+ * avoids [ATX headings][] and uses [setext headings][] instead
+ (which works for `<h1>` and `<h2>` headings only).
+ * avoids [inline links][] and uses [reference links][] instead.
+ * avoids [fenced code blocks][] and uses [indented code blocks][] instead.
+
+ [ATX headings]: https://github.github.com/gfm/#atx-headings
+ [setext headings]: https://github.github.com/gfm/#setext-headings
+ [inline links]: https://github.github.com/gfm/#inline-link
+ [reference links]: https://github.github.com/gfm/#reference-link
+ [fenced code blocks]: https://github.github.com/gfm/#fenced-code-blocks
+ [indented code blocks]: https://github.github.com/gfm/#indented-code-blocks
+
+ *Matthias St. Pierre*