===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/64.html,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- www/64.html	2018/10/14 15:51:00	1.48
+++ www/64.html	2018/10/14 15:53:25	1.49
@@ -322,9 +322,32 @@
 
 <li>OpenSSH 7.8
     <ul>
-    <li>New/changed features:
+    <li>New features:
       <ul>
-      <li>
+      <li>In most places in <a href="http://man.openbsd.org/ssh.1">ssh(1)</a>
+         and <a href="http://man.openbsd.org/sshd.8">sshd(8)</a> where port
+         numbers are used, service names (from /etc/services) can now be used.
+      <li>The <a href="http://man.openbsd.org/ssh.1">ssh(1)</a> IdentityAgent
+         configuration directive now accepts environment variable names. This
+         supports the use of multiple agent sockets without needing to use
+         fixed paths.
+      <li>Support signalling sessions via the SSH protocol in
+         <a href="http://man.openbsd.org/sshd.8">sshd(8)</a>.
+      <li>"ssh -Q sig" can be used to list supported signature options.
+         Also "ssh -Q help" will show the full set of supported queries.
+      <li>The new CASignatureAlgorithms option in <a
+         href="http://man.openbsd.org/ssh.1">ssh(1)</a> and <a
+         href="http://man.openbsd.org/sshd.8">sshd(8)</a> controlls the allowed
+         signature formats for CAs to sign certificates with. For example, this
+         allows banning CAs that sign certificates using the RSA-SHA1 signature
+         algorithm.
+      <li>Key revocation lists (KRLs) can now contain keys specified by SHA256
+         hash. These lists are managed by <a
+         href="http://man.openbsd.org/ssh-keygen.8">ssh-keygen(8)</a>. In
+         addition, KRLs can now be created from base64-encoded SHA256
+         fingerprints, i.e. from only the information contained in <a
+         href="http://man.openbsd.org/sshd.8">sshd(8)</a> authentication log
+         messages.
       </ul>
     </ul>
 <p>