From 6abe2bb4eefb224867683152bb204176b68399c9 Mon Sep 17 00:00:00 2001
From: Erik Trauschke <erik.trauschke@gmail.com>
Date: Thu, 19 Nov 2015 10:27:01 -0800
Subject: add tbsCertList and signature interfaces to CRLs

---
 docs/x509/reference.rst | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'docs/x509')

diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index 10ba9ec3..35c00e61 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -504,6 +504,26 @@ X.509 CRL (Certificate Revocation List) Object
 
         The extensions encoded in the CRL.
 
+    .. attribute:: signature
+
+        .. versionadded:: 1.2
+
+        :type: bytes
+
+        The bytes of the CRL's signature.
+
+    .. attribute:: tbs_certlist_bytes
+
+        .. versionadded:: 1.2
+
+        :type: bytes
+
+        The DER encoded bytes payload (as defined by :rfc:`5280`) that is hashed
+        and then signed by the private key of the CRL's issuer. This data may be
+        used to validate a signature, but use extreme caution as CRL validation
+        is a complex problem that involves much more than just signature checks.
+
+
 X.509 Certificate Builder
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
-- 
cgit v1.2.3