Add support for CRLs partitioned by reason code.

Tidy CRL scoring system.

Add new CRL path validation error.

1 files changed, 13 insertions, 1 deletions

diff --git a/CHANGES b/CHANGES
index 654537ee3e..6e1bf9c0a4 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,18 @@
 
  Changes between 0.9.8i and 0.9.9  [xx XXX xxxx]
 
+  *) Support for CRLs partitioned by reason code. Reorganise CRL processing
+     code and add additional score elements. Validate alternate CRL paths
+     as part of the CRL checking and indicate a new error "CRL path validation
+     error" in this case. Applications wanting additional details can use
+     the verify callback and check the new "parent" field. If this is not
+     NULL CRL path validation is taking place. Existing applications wont
+     see this because it requires extended CRL support which is off by
+     default.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
   *) Support for freshest CRL extension.
 
      This work was sponsored by Google.
@@ -12,7 +24,7 @@
   *) Initial indirect CRL support. Currently only supported in the CRLs
      passed directly and not via lookup. Process certificate issuer
      CRL entry extension and lookup CRL entries by bother issuer name
-     and serial number. Check and proces CRL issuer entry in IDP extension.
+     and serial number. Check and process CRL issuer entry in IDP extension.
 
      This work was sponsored by Google.
      [Steve Henson]