add changelog and a warning for is_signature_valid on crl (#3861)

* add changelog and a warning * document this properly
2026-05-14 20:37:55 +00:00 · 2017-08-12 08:52:55 -05:00 · 2017-08-12 08:52:55 -05:00 · f944c40c86
commit f944c40c86
parent 6c02ee85bc
2 changed files with 8 additions and 0 deletions
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@ -32,6 +32,8 @@ Changelog
  :attr:`~cryptography.x509.RFC822Name.value` attribute was deprecated, users
  should use :attr:`~cryptography.x509.RFC822Name.bytes_value` to access the
  raw value.
+* Added :meth:`~cryptography.x509.CertificateRevocationList.is_signature_valid`
+  to :class:`~cryptography.x509.CertificateRevocationList`.


 .. _v2-0-3:
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@ -567,6 +567,12 @@ X.509 CRL (Certificate Revocation List) Object

        .. versionadded:: 2.1

+        .. warning::
+
+            Checking the validity of the signature on the CRL is insufficient
+            to know if the CRL should be trusted. More details are available
+            in :rfc:`5280`.
+
        Returns True if the CRL signature is correct for given public key,
        False otherwise.