Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

69 lines (53 sloc) 2.505 kb
0.9.0 - 2012-10-04
==================
* Support for Python 3.
0.8.0 - 2012-08-01
==================
* Correct the pure-python RSA implementation. Unfortunately this
requires a small backwards-incompatible API change on RSKey objects
(the SIZE property is now DIGESTSIZE and it gives the size of the
internal hex digest string in bytes)
0.7.0 - 2012-07-26
==================
* Added a pure-python implementation of the JWT crypto routines, for
use when M2Crypto is not available.
* Added "from_pem_data" and "to_pem_data" methods to Key objects.
Currently these are only available when M2Crypto is installed.
* Added support for delegation of authority; thanks @kylef.
* Use https://verifier.login.persona.org/verify for remote verification
0.6.2 - 2012-07-17
==================
* Add persona.org and related sites to the list of default
trusted secondaries.
0.6.1 - 2012-06-07
==================
* Disable certificate chaining for now. This feature is not used by any
servers in the wild, and the spec for it is going to change soon.
0.6.0 - 2012-31-05
==================
* Remove ability to use a custom JWT parser class, it's not used and
adds needless complexity.
* Add a way to skip the ssl verification when getting certificates with the
CertificateManager.
0.5.0 - 2012-04-18
==================
* add support of requests rather than custom code for ssl checking when
retrieving certificates.
* removed patch utility for secure_urlopen (we are now using requests)
* add more verbose errors when dealing with RSA/DSA Keys.
0.4.0 - 2012-03-13
==================
* Renamed from PyVEP to PyBrowserID, in keeping with Mozilla branding.
* Audience checking now accepts glob-style patterns as well as fixed
audience strings.
* Verifier objects now accept a list of audience patterns as their first
argument. This is designed to encourage doing the right thing rather than,
say, passing in the hostname from the request.
* Allowed LocalVerifier to use of a custom JWT parser.
* Removed browserid.verify_[remote|local|dummy] since they just cause
confusion. You should either accept the defaults provided by the
browserid.verify function, or use a full-blown Verifier object.
* Split certificate loading and caching into a separate class, in
browserid.certificates:CertificatesManager.
* Removed the DummyVerifier class in favour of supporting functions
in browserid.tests.support.
Jump to Line
Something went wrong with that request. Please try again.