2022-06-07 14:22:27 +02:00
|
|
|
v0.12 (2022-06-07)
|
|
|
|
* Retry failed log requests. This should make certspotter resilient
|
|
|
|
to rate limiting by logs.
|
|
|
|
* Add -version flag.
|
|
|
|
* Eliminate unnecessary dependency. certspotter now depends only on
|
|
|
|
golang.org/x packages.
|
|
|
|
* Switch to Go modules.
|
|
|
|
|
2021-08-17 21:03:38 +02:00
|
|
|
v0.11 (2021-08-17)
|
|
|
|
* Add support for contacting logs via HTTP proxies;
|
|
|
|
just set the appropriate environment variable as documented at
|
|
|
|
https://golang.org/pkg/net/http/#ProxyFromEnvironment
|
|
|
|
* Work around RFC 6962 ambiguity related to consistency proofs
|
|
|
|
for empty trees.
|
|
|
|
|
2020-04-29 20:15:29 +02:00
|
|
|
v0.10 (2020-04-29)
|
2019-12-03 17:19:07 +01:00
|
|
|
* Improve speed by processing logs in parallel
|
2020-04-29 17:54:29 +02:00
|
|
|
* Add -start_at_end option to begin monitoring new logs at the end,
|
2019-12-03 17:19:07 +01:00
|
|
|
which significantly speeds up Cert Spotter, at the cost of missing
|
|
|
|
certificates that were added to a log before Cert Spotter starts
|
|
|
|
monitoring it
|
|
|
|
* (Behavior change) Scan logs in their entirety the first time Cert
|
|
|
|
Spotter is run, unless -start_at_end specified (behavior change)
|
2020-04-29 17:54:29 +02:00
|
|
|
* The log list is now retrieved from certspotter.org at startup instead
|
|
|
|
of being embedded in the source. This will allow Cert Spotter to react
|
|
|
|
more quickly to the frequent changes in logs.
|
|
|
|
* (Behavior change) the -logs option now expects a JSON file in the v2
|
|
|
|
log list format. See <https://www.certificate-transparency.org/known-logs>
|
|
|
|
and <https://www.gstatic.com/ct/log_list/v2/log_list_schema.json>.
|
|
|
|
* -logs now accepts an HTTPS URL in addition to a file path.
|
|
|
|
* (Behavior change) the -underwater option has been removed. If you want
|
|
|
|
its behavior, specify https://loglist.certspotter.org/underwater.json to
|
|
|
|
the -logs option.
|
2019-12-03 17:19:07 +01:00
|
|
|
|
2018-04-19 21:07:19 +02:00
|
|
|
v0.9 (2018-04-19)
|
|
|
|
* Add Cloudflare Nimbus logs
|
|
|
|
* Remove Google Argon 2017 log
|
|
|
|
* Remove WoSign and StartCom logs due to disqualification by Chromium
|
|
|
|
and extended downtime
|
|
|
|
|
2017-12-08 22:00:50 +01:00
|
|
|
v0.8 (2017-12-08)
|
|
|
|
* Add Symantec Sirius log
|
|
|
|
* Add DigiCert 2 log
|
|
|
|
|
2017-11-14 00:10:30 +01:00
|
|
|
v0.7 (2017-11-13)
|
|
|
|
* Add Google Argon logs
|
|
|
|
* Fix bug that caused crash on 32 bit architectures
|
|
|
|
|
2017-10-19 06:36:38 +02:00
|
|
|
v0.6 (2017-10-19)
|
|
|
|
* Add Comodo Mammoth and Comodo Sabre logs
|
|
|
|
* Minor bug fixes and improvements
|
|
|
|
|
2017-05-18 19:04:18 +02:00
|
|
|
v0.5 (2017-05-18)
|
|
|
|
* Remove PuChuangSiDa 1 log due to excessive downtime and presumptive
|
|
|
|
disqualification from Chrome
|
|
|
|
* Add Venafi Gen2 log
|
|
|
|
* Improve monitoring robustness under certain pathological behavior
|
|
|
|
by logs
|
|
|
|
* Minor documentation improvements
|
|
|
|
|
2017-04-04 00:30:53 +02:00
|
|
|
v0.4 (2017-04-03)
|
|
|
|
* Add PuChuangSiDa 1 log
|
|
|
|
* Remove Venafi log due to fork and disqualification from Chrome
|
|
|
|
|
2017-02-20 22:13:09 +01:00
|
|
|
v0.3 (2017-02-20)
|
2017-01-06 22:36:56 +01:00
|
|
|
* Revise -all_time flag (behavior change):
|
|
|
|
- If -all_time is specified, scan the entirety of all logs, even
|
|
|
|
existing logs
|
|
|
|
- When a new log is added, scan it in its entirety even if -all_time
|
|
|
|
is not specified
|
|
|
|
* Add new logs:
|
|
|
|
- Google Icarus
|
|
|
|
- Google Skydiver
|
|
|
|
- StartCom
|
|
|
|
- WoSign
|
|
|
|
* Overhaul log processing and auditing logic:
|
|
|
|
- STHs are never deleted unless they can be verified
|
|
|
|
- Multiple unverified STHs can be queued per log, laying groundwork
|
|
|
|
for STH pollination support
|
|
|
|
- New state directory layout; current state directories will be
|
|
|
|
migrated, but migration will be removed in a future version
|
|
|
|
- Persist condensed Merkle Tree state between runs, instead of
|
|
|
|
reconstructing it from consistency proof every time
|
2017-01-10 20:25:02 +01:00
|
|
|
* Use a lock file to prevent multiple instances of Cert Spotter from
|
|
|
|
running concurrently (which could clobber the state directory).
|
2017-01-06 22:36:56 +01:00
|
|
|
* Minor bug fixes and improvements
|
|
|
|
|
2016-08-26 02:13:31 +02:00
|
|
|
v0.2 (2016-08-25)
|
|
|
|
* Suppress duplicate identifiers in output.
|
|
|
|
* Fix "EOF" error when running under Go 1.7.
|
|
|
|
* Fix bug where hook script could fail silently.
|
|
|
|
* Fix compilation under Go 1.5.
|
|
|
|
|
|
|
|
v0.1 (2016-07-27)
|
|
|
|
* Initial release.
|