strongswan-6.0.0rc2
-------------------

- cert-enroll script supports three generations of CA certificates

- Use SHA-256 as default hash/signature algorithm for attribute certificates

- Remove RSA/ECDSA schemes with weak hash algorithms (MD5/SHA-1) from unit tests 


strongswan-6.0.0rc1
-------------------

- Support of multiple post-quantum (and classic) key exchanges using the
  IKE_INTERMEDIATE exchange (RFC 9242) and the Additional Key Exchange
  transform types 1..7 (RFC 9370).

- ML-KEM is provided by the botan, wolfssl, openssl (only via AWS-LC) and the
  new ml plugins.