0.14.0 - 2018-01-12
===================

  * Silence warnings about assertion format changes,
    since there's now no risk of this.

0.13.0 - 2017-12-20
===================

  * Use LocalVerifier by default, now that the hosted
    verifier has shut down.

0.12.0 - 2017-05-29
===================

  * Add support for extra "idpClaims" and "userClaims"
    when using the LocalVerifier class.

0.11.0 - 2016-05-11
===================

  * Have the local verifier validate that the email
    address is well-formed, to avoid passing e.g.
    null bytes through to code that doesn't properly
    handle them.

0.10.0 - 2016-03-09
===================

  * Add support for "idpClaims" and "userClaims" when
    generating test assertions.  This helps when using
    this library to interact with Firefox Accounts.

0.9.2 - 2014-04-13
==================

  * Remove tuple paramter unpacking for python3.
  * Add "description" attribute to Error objects.

0.9.1 - 2012-11-26
==================

  * Fix data-decoding bug in fallback crypto routines.

0.9.0 - 2012-10-04
==================

  * Support for Python 3.

0.8.0 - 2012-08-01
==================

  * Correct the pure-python RSA implementation.  Unfortunately this
    requires a small backwards-incompatible API change on RSKey objects
    (the SIZE property is now DIGESTSIZE and it gives the size of the
    internal hex digest string in bytes)

0.7.0 - 2012-07-26
==================

  * Added a pure-python implementation of the JWT crypto routines, for
    use when M2Crypto is not available.
  * Added "from_pem_data" and "to_pem_data" methods to Key objects.
    Currently these are only available when M2Crypto is installed.
  * Added support for delegation of authority; thanks @kylef.
  * Use https://verifier.login.persona.org/verify for remote verification

0.6.2 - 2012-07-17
==================

  * Add persona.org and related sites to the list of default
    trusted secondaries.

0.6.1 - 2012-06-07
==================

  * Disable certificate chaining for now.  This feature is not used by any
    servers in the wild, and the spec for it is going to change soon.

0.6.0 - 2012-31-05
==================

  * Remove ability to use a custom JWT parser class, it's not used and
    adds needless complexity.
  * Add a way to skip the ssl verification when getting certificates with the
    CertificateManager.

0.5.0 - 2012-04-18
==================

  * add support of requests rather than custom code for ssl checking when
    retrieving certificates.
  * removed patch utility for secure_urlopen (we are now using requests)
  * add more verbose errors when dealing with RSA/DSA Keys.

0.4.0 - 2012-03-13
==================

  * Renamed from PyVEP to PyBrowserID, in keeping with Mozilla branding.
  * Audience checking now accepts glob-style patterns as well as fixed
    audience strings.
  * Verifier objects now accept a list of audience patterns as their first
    argument.  This is designed to encourage doing the right thing rather than,
    say, passing in the hostname from the request.
  * Allowed LocalVerifier to use of a custom JWT parser.
  * Removed browserid.verify_[remote|local|dummy] since they just cause
    confusion.  You should either accept the defaults provided by the
    browserid.verify function, or use a full-blown Verifier object.
  * Split certificate loading and caching into a separate class, in
    browserid.certificates:CertificatesManager.
  * Removed the DummyVerifier class in favour of supporting functions
    in browserid.tests.support.
