From de7eccea0d6cc70726f89ae30f8f8b7b5775c6a4 Mon Sep 17 00:00:00 2001 From: Steffan Karger Date: Fri, 5 May 2017 22:14:46 +0200 Subject: [PATCH] Fix Changes.rst layout The extra space before each line made the 2.4.1 section stand out from the other sections. Signed-off-by: Steffan Karger Acked-by: David Sommerseth Message-Id: <1494015286-20368-1-git-send-email-steffan.karger@fox-it.com> URL: http://www.mail-archive.com/search?l=mid&q=1494015286-20368-1-git-send-email-steffan.karger@fox-it.com Signed-off-by: David Sommerseth (cherry picked from commit 7ad917760136807298c39d9260ff6bb074db03a4) --- Changes.rst | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/Changes.rst b/Changes.rst index 2a94990e5..c1583b396 100644 --- a/Changes.rst +++ b/Changes.rst @@ -306,15 +306,15 @@ Maintainer-visible changes Version 2.4.1 ============= - - ``--remote-cert-ku`` now only requires the certificate to have at least the - bits set of one of the values in the supplied list, instead of requiring an - exact match to one of the values in the list. - - ``--remote-cert-tls`` now only requires that a keyUsage is present in the - certificate, and leaves the verification of the value up to the crypto - library, which has more information (i.e. the key exchange method in use) - to verify that the keyUsage is correct. - - ``--ns-cert-type`` is deprecated. Use ``--remote-cert-tls`` instead. - The nsCertType x509 extension is very old, and barely used. - ``--remote-cert-tls`` uses the far more common keyUsage and extendedKeyUsage - extension instead. Make sure your certificates carry these to be able to - use ``--remote-cert-tls``. +- ``--remote-cert-ku`` now only requires the certificate to have at least the + bits set of one of the values in the supplied list, instead of requiring an + exact match to one of the values in the list. +- ``--remote-cert-tls`` now only requires that a keyUsage is present in the + certificate, and leaves the verification of the value up to the crypto + library, which has more information (i.e. the key exchange method in use) + to verify that the keyUsage is correct. +- ``--ns-cert-type`` is deprecated. Use ``--remote-cert-tls`` instead. + The nsCertType x509 extension is very old, and barely used. + ``--remote-cert-tls`` uses the far more common keyUsage and extendedKeyUsage + extension instead. Make sure your certificates carry these to be able to + use ``--remote-cert-tls``. -- 2.47.2