options someone much longer working with OpenSSL/SSLeay is needed.

file http://www.nrca-ds.de/ftp/pkd.ttp, which contains a total of 288
certificates issued by the RegPT so far)

(similar to how arguments such as -inform/-outform specifications
are treated)

Fix CRL printing to correctly show when there are no revoked certificates.

Make ca.c correctly initialize the revocation date.

Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() set the
string type: so they can initialize ASN1_TIME structures properly.

the clients choice; in SSLv2 the client uses the server's preferences.

Fix warning in apps/engine.c

Remove definitions of deleted functions.

Add missing definition of X509_VAL.

and ASN1 code.

Denis Beauchemin <Denis.Beauchemin@Courrier.USherb.ca>)

OCSP responses.

Documentation to follow...

Urgh.. this conflicted with the -VAfile patch I hope I haven't
broken it.

inversed.  Corrected.  Hopefully, this will make it work without
dumping core.

client code certificates to use to only check response signatures.
I'm not entirely sure if the way I just implemented the verification
is the right way to do it, and would be happy if someone would like to
review this.

entropy devices or sockets.

for range = 11000000... or range = 100000...)

never exceeds 1.333...).

Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)

during connect() and other calls. First seen on Unixware-7.

Unify access to EGD-socket for all RAND_egd_*() methods.

Fix AES code.

Update Rijndael source to v3.0

Add AES OIDs.

Change most references of Rijndael to AES.

Add new draft AES ciphersuites.

reasonable selection.