From aadb6aae9e39baa55aeff32662bcf22d9462ecfb Mon Sep 17 00:00:00 2001 From: Uwe Gradenegger Date: Fri, 17 Jan 2025 14:17:36 +0100 Subject: [PATCH] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5fa3718..161416c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,7 +15,7 @@ _This version has not yet been released._ - Introducing (verbose) Event IDs 12 and 13 that indicate certificate requests getting issued or put into pending state. - Introduding Event 14 which will contain warnings that occurred during the processing of a certificate request. - Currently, the detection of the "san" request attribute will get logged regardless if the dangerous **EDITF\_ATTRIBUTESUBJECTALTNAME2** flag is enabled or not. - - This new behavior allows to silently [https://github.com/srlabs/Certiception](detect attack attempts) on the certification authority without raising suspicion. + - This new behavior allows to silently [detect attack attempts](https://github.com/srlabs/Certiception) on the certification authority without raising suspicion. - Introducing a _SupplementUnqualifiedNames_ switch to use in combination with supplementing of DNS names (both _SupplementDnsNames_ and _SupplementServicePrincipalNames_). To keep compatibility with the previous behavior, this setting defaults to _true_. If set to false, supplementation logic will not include DNS names that are not fully qualified. - Introducing global settings for TameMyCerts which allows to define behavior that applies globally, regardless of the defined certificate templates (the default behavior stays as before): - Allow to set the default behavior to globally deny a certificate request when no policy configuration file is found for the requested certificate template.