maemo-security-certman (0.2.2) unstable; urgency=low

  Added the two wrongly issued intermediate certficates from TÜRKTRUST
  see http://googleonlinesecurity.blogspot.co.at/2013/01/enhancing-digital-certificate-security.html

 -- Christian Ratzenhofer <christian.ratzenhofer@cdnm.at>  Sun,  6 Jan 2013 22:19:22 +0100

maemo-security-certman (0.2.1) unstable; urgency=low

  Added the two compromised Malaysian signing certs to the
  blacklist.

 -- Juhani Mäkelä <juhani.makela@asiaa.fi>  Thu, 17 Nov 2011 14:57:50 +0200

maemo-security-certman (0.2.0) unstable; urgency=low

  Added explicit blacklisting of compromised or rogue
  certificates following the Mozilla model. A new shared
  cert domain "blacklist" now contains all blocker certs from
  Mozilla's built-in certdata.txt as in changeset 76451:cf1ba8f0dbf7
  Sep 02. See Mozilla bug 683261 for further information.
    The downside is that the blacklisted certificates appear
  in the settings applet as if they were valid since it shows the
  contents of all domains regardless of their type the same way.
  This must be fixed in the maemo-security-certificates-applet.

 -- Juhani Mäkelä <juhani.makela@asiaa.fi>  Wed, 07 Sep 2011 16:21:41 +0300

maemo-security-certman (0.1.9) unstable; urgency=low

  Updated the root certificate set. Removed the compromised
  DigiNotar CA and a bunch of expired roots and added the new
  roots. Common-ca now matches NSS 3.13 changeset 76201:04a58ba1ce1e
  of Aug 31, 2011 from  http://hg.mozilla.org/mozilla-central/.
    Also backported from Harmattan the handling of several certificates
  with the same public key, which is needed for Verisign roots
  00d85a4c25c... and f3a27298eeb...

 -- Juhani Mäkelä <juhani.makela@asiaa.fi>  Fri, 02 Sep 2011 14:54:13 +0300

maemo-security-certman (0.1.8) unstable; urgency=low

  * Backported fix of NB#172389 from Harmattan: cryptoki_module causes
    a crash if not all certificates can be fetched from the store.
    This can be caused by a broken store or similar causes.
      Fixes: MB#10423
  * Updated the root certificate set.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Fri, 09 Jul 2010 14:18:36 +0300

maemo-security-certman (0.1.7) unstable; urgency=low

  * Added '-e' command line switch to cmcli to echo the
    key id of installed certificates.
      Fixes: NB#154963

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Wed, 17 Feb 2010 18:00:00 +0300

maemo-security-certman (0.1.6) unstable; urgency=low

  * Updated the root certificate set as in Mozilla trunk.
      Fixes: NB#148509
  * Removed the "bool" definition from maemosec_common.h, as
    it collides easily with other sources (libcurl, for instance)

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Wed, 09 Dec 2009 17:10:00 +0300

maemo-security-certman (0.1.5) unstable; urgency=low

  * Fixed the mozilla libnssckbi-diversion.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Fri, 20 Nov 2009 19:10:00 +0300

maemo-security-certman (0.1.4) unstable; urgency=low

  * Enabled using empty passwords with client certs in cryptoki.
  * Prevented creation of private certificate stores as root.
      Fixes: NB#135144

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Thu, 03 Sep 2009 15:28:18 +0300

maemo-security-certman (0.1.3) unstable; urgency=low

  * Corrected the searching of a private key in the cryptoki module
      Fixes: NB#131107
      Fixes: NB#107774
  * Corrected jamming when cryptoki module was loaded multiple times
    by the same application, and errors in releasing cryptoki memory
    found in code review.
      Fixes: NB#123365
  * Implemented hash files for OpenSSL compatibility. No solution for
    global SSL_CERT_DIR setting yet, though.
      Fixes: NB#132669
  * Added initialization of modest secmod configuration also in /etc/skel.
      Fixes: NB#118432

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Wed, 18 Aug 2009 19:10:00 +0300

maemo-security-certman (0.1.2) unstable; urgency=low

  * Changed the include path to pkcs11-headers from mozilla-nss once more.
      Fixes: NB#127046

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Wed, 29 Jul 2009 14:37:09 +0300

maemo-security-certman (0.1.1) unstable; urgency=low

  * Restored nsscfg and calling it in maemosec-certman-tools.postinstall
    for modest mail.
      Fixes: NB#118432
  * Implemented verification of certificate chains longer than one
    certificate in "cmcli -v".
  * Removed libbb5.so library and included the functionality inside
    libmaemosec.so.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Fri, 26 Jun 2009 15:05:31 +0300

maemo-security-certman (0.1.0) unstable; urgency=low

  * Fixed an error with base64_decode which left the last byte away
    from the data in some cases. 
      Fixes: NB#115790	
  * Added a check for using the root certificate before the module
    is initialized.
      Fixes: NB#112831

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Fri, 18 May 2009 17:00:00 +0300

maemo-security-certman (0.0.9) unstable; urgency=low

  * Do not erase keyfiles but certificate file in stead when
    removing a certificate.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Fri, 28 Apr 2009 19:30:00 +0200

maemo-security-certman (0.0.8) unstable; urgency=low

  * Updated the cryptoki configuration file to comply with the
    store names in the maemo-security-certman-applet package.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Tue, 31 Mar 2009 16:40:00 +0200

maemo-security-certman (0.0.7) unstable; urgency=low

  * Removed redundant pkcs11-headers from the package and used
    the ones from NSS in stead. Defined dependencies so that the
    package can be built in Debian desktop distro in addition of
    maemo scratchbox. Added function maemosec_certman_get_nickname,
    added the ability to check TLS/SSL servers over network to cmcli, and
    fixed some minor bugs here and there. Fixes: NB#100963

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Mon, 27 Feb 2009 16:40:00 +0200

maemo-security-certman (0.0.6) unstable; urgency=low

  * Implemented support for WLAN/EAP.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Mon, 02 Feb 2009 11:00:00 +0200

maemo-security-certman (0.0.5) unstable; urgency=low

  * Added support for NSS trust flags. This version should work with the browser
    and email.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Thu, 21 Jan 2009 14:21:24 +0200

maemo-security-certman (0.0.4) unstable; urgency=low

  * Added the autoconfiguration of microb and modest to use certman

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Thu, 08 Jan 2009 17:18:35 +0200

maemo-security-certman (0.0.3) unstable; urgency=low

  * This version works together with the GUI.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Tue, 12 Dec 2008 16:08:35 +0200

maemo-security-certman (0.0.2) unstable; urgency=low
	
  * Renamed all functions and constants not to refer to NG or NGSW
    but maemo in stead.

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Tue, 21 Oct 2008 17:04:44 +0300

maemo-security-certman (0.0.1) unstable; urgency=low
	
  * First release

 -- Juhani Mäkelä <ext-juhani.3.makela@nokia.com>  Wed, 01 Oct 2008 15:46:33 +0300
