- use SHA256 as default_md for all requests - use UTF-8 as mandated by RFC-2459 - bump default key size for CA certificate requests to 4096 bits - remove whitespace at end of line - update change dates