+* Sat Jan 7 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.0-9
+- bugfix: 'geni_api' should be in the top level struct, not the code struct
+- bugfix: Display the correct host and port in 'geni_api_versions' field of the GetVersion
+ output returned by the Aggregate Manager.
+- bugfix: sfa.util.sfatime now handles numeric string inputs correctly.
+- bugfix: sfa.util.sfatime.datetime_to_epoch() returns integers instead of doubles.
+- bugfix: Fixed bug that prevented the rspec parser from identifying an rspec's schema when
+ there is extra whitespace in the schemaLocation field.
+- bugfix: Fixed bug that caused PlanetLab initscripts from showing up in the PGv2 and GENIv3
+ advertisement rspecs.
+- bugfix: <login> RSpec element should contain the 'username' attribute.
+- bugfix: Use sfa.util.plxrn.PlXrn to parse the login_base (authority) out of a urn.
+
+* Wed Jan 4 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.0-8
+- bugfix: Fixed a bug in the sfa-import-plc.py script that caused the script to
+ exit when it encountered a user with an invalid public key.
+- server: imporved logging in sfa-import-plc.py
+
+* Tue Jan 3 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.0-7
+- bugfix: Fixed appending public keys in CreateSliver
+- bugfix: Fixed various bugs in the PGv2/GENIv3 request, advertisement and manifest rspecs.
+- client: -c --current option allows users to request the current/uncached rspec.
+- server: Added 'geni_api_versions' field to GetVersion() output.
+- server: Moved PLC specific code from sfa.importer.sfaImport to sfa.importer.sfa-import-plc.
+
+* Fri Dec 16 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.0-6
+- bugfix: sfi was not sending call_id with ListResources to v2 servers
+- SFA_API_DEBUG replaced with SFA_API_LOGLEVEL
+- PlDriver / PlShell : PLCAPI methods now explicitly go to the shell
+
+* Wed Dec 14 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.0-5
+- client: sfi -a / -p deprecated (use -s instead)
+- client: sfi cleaned up
+- client: sfi has backward support for APIv1 aggregates again
+- server: only APIv2 is supported and should be rather strict
+- server: settings for turning on/off caching in sm or am
+- server: plc-dependant code has moved from aggregate to pldriver
+- server: driver interface extended accordingly
+
+* Fri Dec 09 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.0-4
+- screwed up previous tag
+
+* Fri Dec 09 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.0-3
+- client side revisited with a bootstrap library
+- client side has a new source layout
+- various (nasty) bug fixes wrt options and call_id
+
+* Tue Dec 06 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.0-2
+- various fixes in rspecs for sfav1&slice tags
+- uses 'geni_rspec_version' and not just 'rspec_version'
+- example flavour for the max testbed
+- embryo for an sfa client library
+- topology.py moved into plc
+- sql: table is named records; record_types are enforced
+- sql: table creation cleaned up
+
+* Wed Nov 30 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.0-1
+- cleaned up all references to SFA_*_TYPE in config
+- enable cache at the aggregate by default
+- registry now uses the driver in a sensible way (see managers/driver.py)
+- slice manager supports sfav1/pgv2 neighbours
+- get_key renamed into get_key_from_incoming_ip
+- new sfa.storage module for record/table and all db-related stuff
+- db schema in sfa.storage.sfa.sql
+- init.d and cron.d move one step up
+- cleaned up rspec/ directory
+- add deps to pyopenssl and myplc-config
+- start support for new API (return value)
+- plc.remoteshell removed, use plshell instead
+- plshell uses a 'capability' auth method whenever possible
+- various tweaks in rspec elements
+- made dependency on sfatables softer
+
+* Thu Nov 24 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.1-5
+- sfa should now be started *before* the initial import
+- sfa to use its own database (default sfa) - can run without myplc
+- server calls support optional 'options'
+- client sends options in argument when needed
+- fix infinite getattr recursion in elements/element.py
+- error codes in line with geni
+
+* Fri Nov 18 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.1-4
+- fixed links and attributes in rspecs
+- minor cleanup in the API methods, and more consistent names in manager methods
+
+* Thu Nov 17 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.1-3
+- ongoing refoactoring towards more genericity
+- passes tests again although known issues remain with attributes/tags
+
+* Mon Nov 07 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.1-2
+- checkpoint tag: use SFA_GENERIC_FLAVOUR instead of SFA_*_TYPE
+- improvements in the pgv2 rspecs
+- driver separated from api
+- code starts moving around where it belongs
+- sfascan caches getversion across invokations
+- vini topology extracted as a config file
+
+* Fri Oct 28 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.1-1
+- first support for protogeni rspecs is working
+- vini no longer needs a specific manager
+- refactoring underway towards more flexible/generic architecture
+
+* Thu Sep 15 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-36
+- Unicode-friendliness for user names with accents/special chars.
+- Fix bug that could cause create the client to fail when calling CreateSliver for a slice that has the same hrn as a user.
+- CreaetSliver no longer fails for users that have a capital letter in their URN.
+- Fix bug in CreateSliver that generated incorrect login bases and email addresses for ProtoGENI requests.
+- Allow files with .gid, .pem or .crt extension to be loaded into the server's list of trusted certs.
+- Fix bugs and missing imports
+
+
+* Tue Aug 30 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-35
+- new method record.get_field for sface
+
+* Mon Aug 29 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-34
+- new option -c to sfa-nuke-plc.py
+- CreateSliver fixed for admin-only slice tags
+
+* Wed Aug 24 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-32
+- Fixed exploit that allowed an authorities to issue certs for objects that dont belong to them.
+- Fixed holes in certificate verification logic.
+- Aggregates no longer try to lookup slice and person records when processing CreateSliver requests. Clients are now required to specify this info in the 'users' argument.
+- Added 'boot_state' as an attribute of the node element in SFA rspec.
+- Non authority certificates are marked as CA:FALSE.
+
+* Tue Aug 16 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-32
+- fix typo in sfa-1.0-31 tag.
+- added CreateGid() Registry interface method.
+
+* Tue Aug 16 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-31
+- fix typo in sfa-1.0-30 tag
+
+* Tue Aug 16 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-30
+- Declare namespace and schema location in the credential.
+- Fix bug that prevetend connections from timing out.
+- Fix slice delegation.
+- Add statistics to slicemaanger listresources/createsliver rspec.
+- Added SFA_MAX_SLICE_RENEW which allows operators to configure the max ammout
+ of days a user can extend their slice expiration.
+- CA certs are only issued to objects of type authority
+
+* Fri Aug 05 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-29
+- tag 1.0-28 was broken due to typo in the changelog
+- new class sfa/util/httpsProtocol.py that supports timeouts
+
+* Thu Aug 4 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-28