diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-08-12 08:52:55 -0500 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-08-12 09:52:55 -0400 |
| commit | f944c40c86c8af9917a596bfb7704a6f0af36acb (patch) | |
| tree | 47c0b219483137b04f4adb8014599a5dccc27352 | |
| parent | 6c02ee85bcd68e1e4fc6770421699fbd07c9b3e9 (diff) | |
| download | cryptography-f944c40c86c8af9917a596bfb7704a6f0af36acb.tar.gz cryptography-f944c40c86c8af9917a596bfb7704a6f0af36acb.tar.bz2 cryptography-f944c40c86c8af9917a596bfb7704a6f0af36acb.zip | |
add changelog and a warning for is_signature_valid on crl (#3861)
* add changelog and a warning
* document this properly
| -rw-r--r-- | CHANGELOG.rst | 2 | ||||
| -rw-r--r-- | docs/x509/reference.rst | 6 |
2 files changed, 8 insertions, 0 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 7e6b9073..db101a82 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -32,6 +32,8 @@ Changelog :attr:`~cryptography.x509.RFC822Name.value` attribute was deprecated, users should use :attr:`~cryptography.x509.RFC822Name.bytes_value` to access the raw value. +* Added :meth:`~cryptography.x509.CertificateRevocationList.is_signature_valid` + to :class:`~cryptography.x509.CertificateRevocationList`. .. _v2-0-3: diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 47f76254..5e1c95c4 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -567,6 +567,12 @@ X.509 CRL (Certificate Revocation List) Object .. versionadded:: 2.1 + .. warning:: + + Checking the validity of the signature on the CRL is insufficient + to know if the CRL should be trusted. More details are available + in :rfc:`5280`. + Returns True if the CRL signature is correct for given public key, False otherwise. |