From 751c24f73b7798dfde4a563d6bfa944c1282bb5d Mon Sep 17 00:00:00 2001
From: Michael Jerris <mike@jerris.com>
Date: Wed, 11 Feb 2009 16:11:56 +0000
Subject: [PATCH] Mon Jan  5 04:22:01 CST 2009  Pekka Pessi
 <first.last@nokia.com>   * RELEASE: added Jarod's description of TLS
 improvements

git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@11770 d0543943-73ff-0310-b7d9-9358b9ac24b2
---
 libs/sofia-sip/RELEASE | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/libs/sofia-sip/RELEASE b/libs/sofia-sip/RELEASE
index d9e09cdd07..e8d3cdfbf8 100644
--- a/libs/sofia-sip/RELEASE
+++ b/libs/sofia-sip/RELEASE
@@ -48,6 +48,8 @@ libsofia-sip-ua-glib:
 Contributors to this release
 ----------------------------
 
+Jarod Neuner <j dot neuner at networkharbor dot com>
+Michael Jerris <mike at jerris dot com>
 <list of people who contributed to _this_ release
  - update as people's patches are added, or when you commit stuff
  - current development team members (see AUTHORS) may be omitted,
@@ -65,11 +67,18 @@ See the AUTHORS file in the distribution package.
 Notes on new features
 ---------------------
 
-<information about major new features
- - new/changed/removed functionality
- - links to further documentation
- - section may be omitted for minor releases
-/>
+Jarod Neuner has improved certificate validation facilities of TLS
+transport. Significant changes include:
+
+1) The TLS handshake is no longer handled via transparent negotiation.
+Certain static methods from tport.c were exposed to make this possible.
+
+2) Certificate subjects are copied out of the peer certificate before
+the first message is sent.  The next patch will include code that allows
+the stack to reject messages sent to a untrusted peer.
+
+3) The tport module can now report whether a secondary has a verified
+certificate chain and the subjects of the peer certificate.
 
 Bugs fixed in this release
 --------------------------