Skip to content

Releases: 18F/identity-pki

RC 10

22 Sep 20:11
2020-09-22T200920
80de14d
Compare
Choose a tag to compare

RC 10]

Improvements/Changes

  • LG-3167: Send is_auth_cert in token for HSDPD-12 (#159)

RC 11

22 Sep 20:15
2020-09-22T201505
80de14d
Compare
Choose a tag to compare
RC 11 Pre-release
Pre-release

Improvements/Changes

  • LG-873 Add x509_issuer to piv/cac response data for OIDC
  • Add updated certs for Treasury and State (LG-3513) (#164)
  • Update .gitignore to allow .pem files (#166)
  • Remove reek (#165)
  • Certificate Chain Service (#167)

RC 9

22 Jul 19:28
2020-07-22T192624
6ac3e37
Compare
Choose a tag to compare

Features

  • None

Bugs and Enhancements

  • Update newrelic to use gov endpoint (#156)

PIV/CAC Issuing Certificates

  • LG-3043: map bridge certs (#154)

RC 8

08 Jun 21:25
2020-06-08T212256
Compare
Choose a tag to compare

Features

None

Bugs and Enhancements

  • Expand bundled certs into repo #144
  • Bump websocket-extensions from 0.1.4 to 0.1.5 #149
  • Bump puma from 3.12.4 to 3.12.6 #150

PIV/CAC Issuing Certificates

  • Add DOD missing certs #151

RC 7

28 Jan 18:07
2019-01-28T175006
Compare
Choose a tag to compare

Features

  • Support OID Chaining #65

Bugs and Enhancements

  • Restore caching of OCSP revocations #63

PIV/CAC Issuing Certificates

None

RC 6

07 Jan 14:52
2019-01-07T144927
Compare
Choose a tag to compare

Features

  • Validate issuing certs only on-demand rather than at startup
  • Cache OCSP responses for a short time

RC 4

03 Dec 15:43
2018-11-26T153732
Compare
Choose a tag to compare

Features

Bugs and Enhancements

  • Support proxies in deployed environments #46, #47
  • Update gems to avoid potential security issues #44, #48

PIV/CAC Issuing Certificates

  • Remove revoked RRB certificate
  • Add additional State certificates

RC 3

03 Dec 15:42
2018-11-08T143617
Compare
Choose a tag to compare

Features

  • Add more policy OIDs
  • Trust Treasury CA Root

RC 2

23 Oct 18:51
2018-10-23T184457
Compare
Choose a tag to compare

Features

  • Check for policy OIDs in PIV/CAC public certs.

New CA Certs

  • /C=US/O=U.S. Government/OU=DoD/OU=PKI/CN=DOD EMAIL CA-49
  • /C=US/O=U.S. Government/OU=DoD/OU=PKI/CN=DOD EMAIL CA-51
  • /C=US/O=U.S. Government/OU=DoD/OU=PKI/CN=DOD EMAIL CA-52

RC 1

11 Oct 13:44
2018-10-11T133937
c523c85
Compare
Choose a tag to compare

Features:

  • More signing certs.
  • Logging of unverifiable certs to an S3 bucket.
  • Authenticate token decryption requests.

Bugs:

  • Gracefully handle unparsable http referrers.