luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

changelog++

This commit is contained in:
Jeff Mitchell 2016-06-23 11:01:44 -04:00
parent 40ff280c24
commit 4ef5e960b0
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CHANGELOG.md
View File

@ -1,14 +1,22 @@
## 0.6.1 (Unreleased) ## 0.6.1 (Unreleased)
DEPRECATIONS/BREAKING CHANGES:
* Issued certificates from the `pki` backend against new roles created after upgrading will contain a set of default key usages.
FEATURES: FEATURES:
* **Convergent Encryption in Transit**: The `transit` backend now supports a * **Convergent Encryption in `Transit`**: The `transit` backend now supports a
convergent encryption mode where the same plaintext will produce the same convergent encryption mode where the same plaintext will produce the same
ciphertext. Although very useful in some situations, this has security ciphertext. Although very useful in some situations, this has security
implications, which are mostly mitigated by requiring the use of key implications, which are mostly mitigated by requiring the use of key
derivation when convergent encryption is enabled. See [the `transit` derivation when convergent encryption is enabled. See [the `transit`
documentation](https://www.vaultproject.io/docs/secrets/transit/index.html) documentation](https://www.vaultproject.io/docs/secrets/transit/index.html)
for more details. [GH-1537] for more details. [GH-1537]
* **Key Usage Control in `PKI`**: Issued certificates from roles created or
modified after upgrading contain a set of default key usages for increased
compatibility with OpenVPN and some other software. This set can be changed
when writing a role definition. Existing roles are unaffected. [GH-1552]
IMPROVEMENTS: IMPROVEMENTS:
* cli: Output formatting in the presence of warnings in the response object * cli: Output formatting in the presence of warnings in the response object