diff options
| -rw-r--r-- | CHANGELOG.rst | 2 | ||||
| -rw-r--r-- | docs/x509/reference.rst | 6 |
2 files changed, 8 insertions, 0 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 7e6b9073..db101a82 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -32,6 +32,8 @@ Changelog :attr:`~cryptography.x509.RFC822Name.value` attribute was deprecated, users should use :attr:`~cryptography.x509.RFC822Name.bytes_value` to access the raw value. +* Added :meth:`~cryptography.x509.CertificateRevocationList.is_signature_valid` + to :class:`~cryptography.x509.CertificateRevocationList`. .. _v2-0-3: diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 47f76254..5e1c95c4 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -567,6 +567,12 @@ X.509 CRL (Certificate Revocation List) Object .. versionadded:: 2.1 + .. warning:: + + Checking the validity of the signature on the CRL is insufficient + to know if the CRL should be trusted. More details are available + in :rfc:`5280`. + Returns True if the CRL signature is correct for given public key, False otherwise. |