X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=NEWS;h=9735d131d410cd5c8433e58bc8a0901f16cf5726;hb=caf3e07bab2e42bd10fe7966542a37b41f336a0a;hp=c6de053b6a849159f0ef11f9cbc2b17ecfad5829;hpb=a26aa4bee33206158ef9796880c8aad423936956;p=tlsproxy%2Ftlsproxy.git

diff --git a/NEWS b/NEWS
index c6de053..9735d13 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,40 @@
 NEWS
 ====
 
+0.X
+---
+
+- Important: The file proxy-dh.pem is now required. tlsproxy-setup creates it,
+  but running it will overwrite the existing proxy-*.pem files (which will
+  invalidate all certificate-*-proxy.pem files). To create only proxy-dh.pem
+  use:
+
+    certtool --generate-dh-params --sec-param high --outfile proxy-dh.pem
+
+- Use "SECURE" as GnuTLS priority string which disallows insecure algorithms.
+- Add -a option, authentication for tlsproxy via basic digest authentication.
+- Add new debug level (-d 3) for even more debug output, including information
+  about the current TLS session.
+- Use pre-generated Diffie-Hellman parameters in proxy-dh.pem.
+- Code cleanup.
+- Better error handling.
+- Fix compile with recent GnuTLS (e.g. 3.2.3).
+- Improve (error) logging; log to stderr.
+- Add (basic) man pages.
+- Improve test suite.
+- tlsproxy-setup: Increase expiry-date and use larger private key, generate
+                  proxy-dh.pem.
+
+
+0.2
+---
+
+- Add -u option, passthrough TLS connections to unknown hostnames.
+- Add ./configure --disable-ipv6 for IPv4 only machines.
+- Send HTML with error messages (not only headers).
+
+
 0.1
 ---
-- first release
+
+- First release.