Version 1.8

 - Compatibility to Apache 2.2.29

Version 1.7

 - Fixed: forward proxy support.

Version 1.6

 - SSLCRL_DISABLE_DEBUG may be used to disabled verbose
   debug messages (dumping the content of the key material
   stores).

Version 1.5

 - Offline mode: verifies client certifiate even no 
   SSLCRL_Url directive has been configured.

Version 1.4

 - Debug messages showing the content of the loaded key
   material files (CA and CRL stores).

 - Adds the "crlcheck" tool to the distribution archive.

Version 1.3

 - Code refactoring:
   * adds lock in sslcrl_verify_crl_sig()
   * exp. uses conf pool to store CA chains in table
   * apr_pool_cleanup_register(): use sub-pool

Version 1.2

 - Pre-configuration hook calls OpenSSL_add_all_algorithms()
   independently of mod_ssl if compiled with SSLCRL_ADD_ALGORITHMS.

 - Typo in error message.

Version 1.1

 - Increases default max. CRL size to 5MB.

 - New directive SSLCRL_FailClose.

Version 1.0

 - New directive SSLCRL_ProxyEnable to enable CRL verification
   of outgoing connections (e.g. mod_proxy or mod_auth_oid).

 - Warning message for missing CRL (either specific CRL or
   empty/missing store).

Version 0.14

 - Supports Apache 2.4.

Version 0.13

 - Warning #040 message if downloaded CRL expires before mod_sslcrl
   downloads the next update.

Version 0.11

 - 'verify' option of the SSLCRL_Url directive prevents cache file
   update if the signature of a downloaded CRL can't be verified.

 - More detailed error message #023.

Version 0.10

 - Warning message if signature check for downloaded CRL fails.

Version 0.9

 - Implement test configuration hook.

 - Forward proxy support (HTTP only).

 - Supports custom HTTP request header while downloading
   a CRL, e.g., to set a static basic authentication header.

Version 0.8

 - Validates downloaded PEM files.

 - Fixed: show status information in mod_status even no cache
          is available (bootstrap).

 - Status: production/stable

Version 0.7

 - Add status viewer (using mod_status).

Version 0.6

 - Directive SSLCRL_ContentType may be used to specify if
   a downloaded CRL is either DER or PEM encoded.

 - Load CRL a the very first connection if no cache file is
   available (ignoring the update interval settings).

 - Use DER for content-type "*/x-pkcs7-crl".

Version 0.5

 - Loads certificate chain according to SSLCACertificateFile
   and SSLCACertificatePath settings.

 - Verifies CA certificates and CRL signature.

Version 0.4

 - Fixed: memory leak.

Version 0.3

 - New directive prefix.

Version 0.2

 - Add directive SSL_CrlEnable.

 - Retry, if download of CRL fails.

Version 0.1

 - Changed status to beta.

Version 0.0

 - Alpha release for testing purposes only.

