certspotter/NEWS

72 lines
2.5 KiB
Plaintext

v0.10 (not yet released)
* Improve speed by processing logs in parallel
* Add -start_et_end option to begin monitoring new logs at the end,
which significantly speeds up Cert Spotter, at the cost of missing
certificates that were added to a log before Cert Spotter starts
monitoring it
* (Behavior change) Scan logs in their entirety the first time Cert
Spotter is run, unless -start_at_end specified (behavior change)
* Add/remove logs to match latest Chromium/Apple lists
v0.9 (2018-04-19)
* Add Cloudflare Nimbus logs
* Remove Google Argon 2017 log
* Remove WoSign and StartCom logs due to disqualification by Chromium
and extended downtime
v0.8 (2017-12-08)
* Add Symantec Sirius log
* Add DigiCert 2 log
v0.7 (2017-11-13)
* Add Google Argon logs
* Fix bug that caused crash on 32 bit architectures
v0.6 (2017-10-19)
* Add Comodo Mammoth and Comodo Sabre logs
* Minor bug fixes and improvements
v0.5 (2017-05-18)
* Remove PuChuangSiDa 1 log due to excessive downtime and presumptive
disqualification from Chrome
* Add Venafi Gen2 log
* Improve monitoring robustness under certain pathological behavior
by logs
* Minor documentation improvements
v0.4 (2017-04-03)
* Add PuChuangSiDa 1 log
* Remove Venafi log due to fork and disqualification from Chrome
v0.3 (2017-02-20)
* Revise -all_time flag (behavior change):
- If -all_time is specified, scan the entirety of all logs, even
existing logs
- When a new log is added, scan it in its entirety even if -all_time
is not specified
* Add new logs:
- Google Icarus
- Google Skydiver
- StartCom
- WoSign
* Overhaul log processing and auditing logic:
- STHs are never deleted unless they can be verified
- Multiple unverified STHs can be queued per log, laying groundwork
for STH pollination support
- New state directory layout; current state directories will be
migrated, but migration will be removed in a future version
- Persist condensed Merkle Tree state between runs, instead of
reconstructing it from consistency proof every time
* Use a lock file to prevent multiple instances of Cert Spotter from
running concurrently (which could clobber the state directory).
* Minor bug fixes and improvements
v0.2 (2016-08-25)
* Suppress duplicate identifiers in output.
* Fix "EOF" error when running under Go 1.7.
* Fix bug where hook script could fail silently.
* Fix compilation under Go 1.5.
v0.1 (2016-07-27)
* Initial release.